From ec3cf34917060de3ab30bf27d8aa89ddd71fa77a Mon Sep 17 00:00:00 2001 From: jobol Date: Thu, 9 Nov 2017 10:29:20 +0100 Subject: Make forgerock stuff separate Signed-off-by: jobol --- agl-identity-service/src/CMakeLists.txt | 1 + agl-identity-service/src/agl-forgerock.c | 172 ++++++++++++++++++++++++ agl-identity-service/src/agl-forgerock.h | 24 ++++ agl-identity-service/src/agl-identity-binding.c | 103 ++------------ 4 files changed, 207 insertions(+), 93 deletions(-) create mode 100644 agl-identity-service/src/agl-forgerock.c create mode 100644 agl-identity-service/src/agl-forgerock.h diff --git a/agl-identity-service/src/CMakeLists.txt b/agl-identity-service/src/CMakeLists.txt index 380c024..1c69cb7 100644 --- a/agl-identity-service/src/CMakeLists.txt +++ b/agl-identity-service/src/CMakeLists.txt @@ -21,6 +21,7 @@ PROJECT_TARGET_ADD(afb-identity-binding) add_library(afb-identity-binding MODULE agl-identity-binding.c + agl-forgerock.c aia-get.c authorization.c base64.c diff --git a/agl-identity-service/src/agl-forgerock.c b/agl-identity-service/src/agl-forgerock.c new file mode 100644 index 0000000..13308ea --- /dev/null +++ b/agl-identity-service/src/agl-forgerock.c @@ -0,0 +1,172 @@ +/* + * Copyright (C) 2015, 2016, 2017 "IoT.bzh" + * Author: José Bollo + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#define _GNU_SOURCE + +/* +#include +#include +#include +#include +#include +#include +#include +#include +*/ +#include + +#include + +#define AFB_BINDING_VERSION 2 +#include + +#include "oidc-agent.h" +#include "aia-get.h" + +static int expiration_delay = 5; + +static const char default_endpoint[] = "https://agl-graphapi.forgerocklabs.org/getuserprofilefromtoken"; +static const char *oidc_name; + +static char *endpoint; + +static void (*onloaded)(struct json_object *data, const char *error); + +/***** configuration ********************************************/ + +static void confsetstr(struct json_object *conf, const char *name, char **value, const char *def) +{ + struct json_object *v; + const char *s; + char *p; + + s = conf && json_object_object_get_ex(conf, name, &v) ? json_object_get_string(v) : def; + p = *value; + if (s && p != s) { + *value = strdup(s); + free(p); + } +} + +static void confsetint(struct json_object *conf, const char *name, int *value, int def) +{ + struct json_object *v; + + *value = conf && json_object_object_get_ex(conf, name, &v) ? json_object_get_int(v) : def; +} + +static void confsetoidc(struct json_object *conf, const char *name) +{ + struct json_object *idp, *appli; + + if (conf + && json_object_object_get_ex(conf, "idp", &idp) + && json_object_object_get_ex(conf, "appli", &appli)) { + if (oidc_idp_set(name, idp) && oidc_appli_set(name, name, appli, 1)) { + oidc_name = name; + } + } +} + +/****************************************************************/ + +static void loaded(struct json_object *data, const char *error) +{ + if (onloaded) + onloaded(data, error); +} + +static void downloaded(void *closure, int status, const void *buffer, size_t size) +{ + struct json_object *object, *subobj; + char *url = closure; + + /* checks whether discarded */ + if (status == 0 && !buffer) { + AFB_ERROR("discarded"); + loaded(NULL, "discarded"); + goto end; /* discarded */ + } + + /* scan for the status */ + if (status == 0 || !buffer) { + AFB_ERROR("uploading %s failed %s", url ? : "?", (const char*)buffer ? : ""); + loaded(NULL, "failed"); + goto end; + } + + /* get the object */ + AFB_DEBUG("received data: %.*s", (int)size, (char*)buffer); + object = json_tokener_parse(buffer); /* okay because 0 appended */ + + /* extract useful part */ + subobj = NULL; + if (object && !json_object_object_get_ex(object, "results", &subobj)) + subobj = NULL; + if (subobj) + subobj = json_object_array_get_idx(subobj, 0); + if (subobj && !json_object_object_get_ex(subobj, "data", &subobj)) + subobj = NULL; + if (subobj) + subobj = json_object_array_get_idx(subobj, 0); + if (subobj && !json_object_object_get_ex(subobj, "row", &subobj)) + subobj = NULL; + if (subobj) + subobj = json_object_array_get_idx(subobj, 0); + + /* is it a recognized user ? */ + if (!subobj) { + /* not recognized!! */ + AFB_INFO("unrecognized key for %s", url ? : "?"); + json_object_put(object); + loaded(NULL, "malformed"); + goto end; + } + + loaded(subobj, NULL); + json_object_put(object); +end: + free(url); +} + +/** public **************************************************************/ + +void agl_forgerock_setconfig(struct json_object *conf) +{ + confsetstr(conf, "endpoint", &endpoint, endpoint ? : default_endpoint); + confsetint(conf, "delay", &expiration_delay, expiration_delay); + confsetoidc(conf, "oidc-aia"); +} + +void agl_forgerock_setcb(void (*callback)(struct json_object *data, const char *error)) +{ + onloaded = callback; +} + +void agl_forgerock_download_request(const char *vin, const char *kind, const char *key) +{ + int rc; + char *url; + + rc = asprintf(&result, "%s?vin=%s&kind=%s&keytoken=%s", endpoint, vin, kind, key); + if (rc >= 0) + aia_get(url, expiration_delay, oidc_name, oidc_name, downloaded, url); + else + AFB_ERROR("out of memory"); +} + +/* vim: set colorcolumn=80: */ + diff --git a/agl-identity-service/src/agl-forgerock.h b/agl-identity-service/src/agl-forgerock.h new file mode 100644 index 0000000..1aee680 --- /dev/null +++ b/agl-identity-service/src/agl-forgerock.h @@ -0,0 +1,24 @@ +/* + * Copyright (C) 2017 "IoT.bzh" + * Author: José Bollo + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#pragma once + +struct json_object; + +extern void agl_forgerock_setconfig(struct json_object *conf); +extern void agl_forgerock_setcb(void (*callback)(struct json_object *data, const char *error)); +extern void agl_forgerock_download_request(const char *vin, const char *kind, const char *key); diff --git a/agl-identity-service/src/agl-identity-binding.c b/agl-identity-service/src/agl-identity-binding.c index 7920fd8..34dfb79 100644 --- a/agl-identity-service/src/agl-identity-binding.c +++ b/agl-identity-service/src/agl-identity-binding.c @@ -30,10 +30,7 @@ #define AFB_BINDING_VERSION 2 #include -#include "oidc-agent.h" -#include "aia-get.h" - -static int expiration_delay = 5; +#include "agl-forgerock.h" static struct afb_event event; @@ -93,32 +90,12 @@ static void confsetstr(struct json_object *conf, const char *name, char **value, } } -static void confsetint(struct json_object *conf, const char *name, int *value, int def) -{ - struct json_object *v; - - *value = conf && json_object_object_get_ex(conf, name, &v) ? json_object_get_int(v) : def; -} - -static void confsetoidc(struct json_object *conf, const char *name) -{ - struct json_object *idp, *appli; - - if (conf - && json_object_object_get_ex(conf, "idp", &idp) - && json_object_object_get_ex(conf, "appli", &appli)) { - if (oidc_idp_set(name, idp) && oidc_appli_set(name, name, appli, 1)) { - oidc_name = name; - } - } -} - static void setconfig(struct json_object *conf) { - confsetstr(conf, "endpoint", &endpoint, endpoint ? : default_endpoint); - confsetstr(conf, "vin", &vin, vin ? : default_vin); - confsetint(conf, "delay", &expiration_delay, expiration_delay); - confsetoidc(conf, "oidc-aia"); + if (conf) { + confsetstr(conf, "vin", &vin, vin ? : default_vin); + aglfr_setconfig(conf); + } } static void readconfig() @@ -174,75 +151,14 @@ static void do_logout() send_event_object("logout", "null", 0); } -/****************************************************************/ - -static char *get_download_url(const char *key) +static void on_forgerock_data(struct json_object *data, const char *error) { - int rc; - char *result; - - rc = asprintf(&result, "%s?vin=%s&keytoken=%s", endpoint, vin, key); - return rc >= 0 ? result : NULL; -} - -static void downloaded(void *closure, int status, const void *buffer, size_t size) -{ - struct json_object *object, *subobj; - char *url = closure; - - /* checks whether discarded */ - if (status == 0 && !buffer) - goto end; /* discarded */ - - /* scan for the status */ - if (status == 0 || !buffer) { - AFB_ERROR("uploading %s failed %s", url ? : "?", (const char*)buffer ? : ""); - goto end; - } - - /* get the object */ - AFB_DEBUG("received data: %.*s", (int)size, (char*)buffer); - object = json_tokener_parse(buffer); /* okay because 0 appended */ - - /* extract useful part */ - subobj = NULL; - if (object && !json_object_object_get_ex(object, "results", &subobj)) - subobj = NULL; - if (subobj) - subobj = json_object_array_get_idx(subobj, 0); - if (subobj && !json_object_object_get_ex(subobj, "data", &subobj)) - subobj = NULL; - if (subobj) - subobj = json_object_array_get_idx(subobj, 0); - if (subobj && !json_object_object_get_ex(subobj, "row", &subobj)) - subobj = NULL; - if (subobj) - subobj = json_object_array_get_idx(subobj, 0); - - /* is it a recognized user ? */ - if (!subobj) { - /* not recognized!! */ - AFB_INFO("unrecognized key for %s", url ? : "?"); - json_object_put(object); - goto end; + if (error) { + } else { } - - // TODO: save the object into the database - - do_login(subobj); - json_object_put(object); -end: - free(url); } -static void download_request(const char *address) -{ - char *url = get_download_url(address); - if (url) - aia_get(url, expiration_delay, oidc_name, oidc_name, downloaded, url); - else - AFB_ERROR("out of memory"); -} +/****************************************************************/ static void subscribe (struct afb_req request) { @@ -286,6 +202,7 @@ static int service_init() { int rc; + agl_forgerock_setcb(on_forgerock_data); event = afb_daemon_make_event("event"); if (!afb_event_is_valid(event)) return -1; -- cgit 1.2.3-korg