Setting and checking LOA

Change-Id: I02c3795c6e212491605861228eb60b731be78537
Signed-off-by: José Bollo <jose.bollo@iot.bzh>

1 files changed, 18 insertions, 2 deletions

diff --git a/src/afb-api-so.c b/src/afb-api-so.c
index 320834f7..9ab3e621 100644
--- a/src/afb-api-so.c
+++ b/src/afb-api-so.c
@@ -97,9 +97,9 @@ static void call_check(struct afb_req req, struct afb_context *context, const st
 {
 	struct monitoring data;
 
-	int stag = (int)(verb->session & AFB_SESSION_MASK);
+	int stag = (int)verb->session;
 
-	if (stag != AFB_SESSION_NONE) {
+	if (stag != (AFB_SESSION_CREATE|AFB_SESSION_CLOSE|AFB_SESSION_RENEW|AFB_SESSION_CHECK|AFB_SESSION_LOA_EQ)) {
 		if (!afb_context_check(context)) {
 			afb_context_close(context);
 			afb_req_fail(req, "failed", "invalid token's identity");
@@ -124,6 +124,22 @@ static void call_check(struct afb_req req, struct afb_context *context, const st
 		afb_context_close(context);
 	}
 
+	if ((stag & AFB_SESSION_LOA_GE) != 0) {
+		int loa = (stag >> AFB_SESSION_LOA_SHIFT) & AFB_SESSION_LOA_MASK;
+		if (!afb_context_check_loa(context, loa)) {
+			afb_req_fail(req, "failed", "invalid LOA");
+			return;
+		}
+	}
+
+	if ((stag & AFB_SESSION_LOA_LE) != 0) {
+		int loa = (stag >> AFB_SESSION_LOA_SHIFT) & AFB_SESSION_LOA_MASK;
+		if (afb_context_check_loa(context, loa + 1)) {
+			afb_req_fail(req, "failed", "invalid LOA");
+			return;
+		}
+	}
+
 	data.req = req;
 	data.action = verb->callback;
 	afb_sig_monitor((void*)monitored_call, &data, api_timeout);