Age | Commit message (Collapse) | Author | Files | Lines |
|
Validation of token is now linked to backend permission
database.
Bug-AGL: SPEC-2968
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Change-Id: I30b049f92b8324740abecbb9539f7413ad55f7ec
|
|
The split between context and credentials
in requests was somehow artificial and awkward.
This change move the credentials to the context
and removes as many references to credentials
as possible in favor of working on contexts.
Change the value returned by afb_auth_check to be 1
if validated, 0 or less than zero if not validated.
Bug-AGL: SPEC-2968
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Change-Id: I979dc841e03247e126e3fa8433a1cc0d4108adf0
|
|
The previous policy for websocket was to enforce them
to present a valid token when establishing. This policy
is removed because the Websocket API of javascript doesn't
provide a way to set the Bearer token in the HTTP header
of the negociation (a big miss in my opinion).
But because the new policy of token logic is to check
the token at each request, it is not more needed to check
it at establishment.
Bug-AGL: SPEC-2968
Change-Id: I2941757492a27a2eed14e26fbb411330ab4aa8bc
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
This change factorize code for version V1 of bindings
and centralizes management of authorisations in a
single place.
Bug-AGL: SPEC-2968
Change-Id: I6ad95d5bfa0d85dbb6d2060fc9ebca08b68eb4e9
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
The standard error text are used to return standard
HTTP error codes.
Bug-AGL: SPEC-2968
Change-Id: Ic70e7982b1e05a1830cfa4e54813227621192ae2
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
Change internals of the protocol WSAPI for the following
rationale:
1. Enforce specific declaration and transmission of session
identifiers and of access tokens.
2. Lower the size of identifiers to be 16 bits.
3. Introduce protocol versionning through a mechanism of offer/set.
The main purpose of that change is to optimize the count of data
transmitted. It manages as best as possible the transmission of
access tokens the less possible times. Same for sessions that
the chage was transmitted at each call.
Bug-AGL: SPEC-2968
Change-Id: If0a22b86627ead35a410e51c1028025c5b02c38f
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
Because remote apis describe themselves asynchronousely,
it is better to have asynchronous describe api.
Bug-AGL: SPEC-2968
Change-Id: I52b4dab697f229ad01ea2b73d6b8dee22d507912
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
16 bits are enough
Bug-AGL: SPEC-2968
Change-Id: I0e8708c1d6a3934a342721a6ce5edb4676df6d1b
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
These maps will shortly be used by protocol to handle
tokens/sessions/events.
Bug-AGL: SPEC-2968
Change-Id: Iadef7d6e01c8ef021516749524b10ccc1abec340
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
Tokens are no more managed by the binder.
Bug-AGL: SPEC-2968
Change-Id: Idf1c38105f8ede82cd0ed43aeae3e8e69b9845a3
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
Also, improve readability and memory footprint
Bug-AGL: SPEC-2968
Change-Id: I90104fb19a44e2810b92bef51d774acf734fd90f
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
Tokens are now object used in the context.
Bug-AGL: SPEC-2968
Change-Id: I107d31732202b7b1172afaf09f3a52470f050d7c
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
Tokens are no more related to sessions.
Each request provides a token. In the case of websockets or
connected link, the context can record the token.
Bug-AGL: SPEC-2968
Change-Id: I1442b0422584c5a5b860ddb826518b0e673612f9
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
uuid is available in cookies and through
a call to monitor/session
Bug-AGL: SPEC-2968
Change-Id: I72912f3dc7985cca09e77c952e416b608711abbe
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
The token is no more generated by the binder
Bug-AGL: SPEC-2968
Change-Id: I43f66c7613b42d33058e167b831a93b2112d3b9e
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
The token is no more generated by the binder
but by some external component.
Bug-AGL: SPEC-2968
Change-Id: I2c6221034272ab097e21e7727e4840b6b47bd0dc
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
As specified by OAuth2 protocols, the access token can be
passed as a POST/GET parameter of name 'access_token'.
Bug-AGL: SPEC-2968
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Change-Id: I0e02e6fd0d53dad6de994d4482350fe42ecfce48
|
|
When the connection can't occur, the output is not correct.
Bug-AGL: SPEC-2975
Change-Id: I9cc185329ddccb00f2544dd7b17841b108cc2c81
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
The coverage test was broken. This restores it.
Also add a simple build script that covers most
of the code by default.
Bug-AGL: SPEC-2974
Change-Id: I4fc5a0ba54195738405460a04f985bb67b81b5df
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
For further optimizations, the token is represented
by a specific structure.
Bug-AGL: SPEC-2968
Change-Id: I3d46a12c8c16809c6cc1d543fa2e6309927ed84d
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
Allows the client to pass its authorization
token using the standard RFC 6750 method.
Bug-AGL: SPEC-2968
Change-Id: Ie9428f4b63554af121b091282ae2c126b4d0c020
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
There was a race condition that made the binder
crashing when reporting event to a client that was
disconnecting.
Bug-AGL: SPEC-2967
Change-Id: I37a654960b42fbce5548ace9d3fb50cf2b375090
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
Probably because of conditional compiling,
afb-api-dbus was broken since introduction
of uuid and hops in broadcats. This change
fixes this issue.
Bug-AGL: SPEC-2969
Change-Id: I9a0fd8552f5f61d6eafa1ed83f6e09e6474378ff
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
Bug-AGL: SPEC-2714
Change-Id: I913a836d8b762771d4a966870569b48e4c06804c
Signed-off-by: Li Xiaoming <lixm.fnst@cn.fujitsu.com>
|
|
The function implementing jobs_enter, used by
implementations of synchronous calls, was not
taking care of waking up a thread. This had the
effect of blocking calls made by an external thread.
Bug-AGL: SPEC-2937
Change-Id: I4bf0265b4c029fb619ef7128824ee9d46a45996e
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
Calling exit in signal interrupts wasn't correctly handling
the case where the signal interrupts a thread waiting in the
main loop. This can lead to the binder error report:
CRITICAL: Can't enter dispatch while in dispatch!
This patch defers the call to exit in a job.
Bug-AGL: SPEC-2907
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Change-Id: I49c7cca1d229ae957d9ea9bfb8838161ce73a53e
|
|
The symbol 'afbBindingV3root' may be defined
in shared libraries that are not bindings.
Using it to detect bindings v3 can lead to
false detection and errors.
Bug-AGL: SPEC-2841
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Change-Id: Ib2bc77d95e3306e7b4a883136ce27c92f8524a8d
|
|
This reverts commit 45a4e69d4ef15c70d2b74ea4d0d2e4cd22e3adea.
Revert looks good because the issue has to be adressed by
the build environment.
Bug-AGL: SPEC-2801
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Change-Id: Id2f1f3890b5965e0a28f189834c758be5bd08d55
|
|
A queued job must be treated. It was not the case
when the job was queued from a foreign thread.
This change detect that a potential hang exists
and wake up an event loop to avoid it.
Bug-AGL: SPEC-2809
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Change-Id: Id12d32771ea37df5f5f2e208ec9645a6c4b0d0ab
|
|
It is intended to enhance reproducibility
of produced binaries as unmeaning prefixes
are removed.
Bug-AGL: SPEC-2801
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Change-Id: I6a7ee9fa2ce4a744f7a5ef8a3c9886cd6a9f15e9
|
|
Bug-AGL: SPEC-2714
Change-Id: I78aee6b3d96728a7eb394ddd94000c516fbc63ba
Signed-off-by: Li Xiaoming <lixm.fnst@cn.fujitsu.com>
|
|
Before that change, the client disconection made a loop
on read but wasn't closing the link.
Bug-AGL: SPEC-2759
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Change-Id: Iecfbb95cb1b7079e695ff5c08155b2310bf4b8d8
|
|
Also improve naming of variables.
Bug-AGL: SPEC-2720
Change-Id: I8efa74e27256425df18f57b3de257c234ff60e69
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
afb-daemon can not recognize arg "sessiondir" now, it will report
"Error: Bad option detected".Use "workdir" instead.
Bug-AGL: SPEC-2714
Change-Id: I0a194efa7a37ce3e6624c44e48d3e98dcfdda4c2
Signed-off-by: Li Xiaoming <lixm.fnst@cn.fujitsu.com>
|
|
Interaction between pthread_cond_wait, pthread_broadcast
and signal may lead to lock when the child of afb-daemon dies.
To avoid that sad behavior, this commit defers the call to
"job_exit" using lazy job queueing.
Bug-AGL: SPEC-2720
Change-Id: Ifd1a56f4a439e1704f79a1291fa01f39b1640f29
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
Bug-AGL: SPEC-2714
Change-Id: I198f93184a0389f017c9da5b64e800b6faec8cac
Signed-off-by: Li Xiaoming <lixm.fnst@cn.fujitsu.com>
|
|
There fixes a bug with an inversion between info
and error in implementation of synchronous calls,
leading to bad detection of errors.
Bug-AGL: SPEC-2697
Change-Id: I30a8cd9c45a91b442f6c501dd3b0c32cd3ea632d
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
The supervisor only allowed external accesses.
This was wrong, it must also allow local access
through standard API. This commit fix it.
Bug-AGL: SPEC-2660
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Change-Id: Ifa1119a6b2f22c87b1dbe087206d9f51c4005a57
|
|
The example script AFB.js should look int the URLs
of the page if the token is set or not and then use it.
Bug-AGL: SPEC-2661
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
Change-Id: I4adba8eac214130b425b6cd3c56fc1dc63543011
|
|
This is needed if we want to replace json-c with jsonfast.
Bug-AGL: SPEC-2659
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
Change-Id: I32da71bd05bfe3538596cbf751d55ff45b4fe7f9
|
|
This simplifies the flow that now has only one
case: the callbacks subscribe/unsubscribe of
struct afb_xreq_query_itf.
Bug-AGL: SPEC-2658
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
Change-Id: Ia49f3ce7aaa4d8603014fe163f311eadfcbf68e4
|
|
The management of structures handling a client
connection to a exported --ws-server was accessing
freed memory. Tha commit fixes that issue.
Bug-AGL: SPEC-2651
Change-Id: I511218afc907308347bc422a8aead32ca00bdae6
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
When API have mutual dependencies, leading to
loops in dependecies, broadcasting an event
never ends because of the loop (see SPEC-2625).
To avoid that weird flood of events, a unic
identifier (UUID) is attached to broadcasted
event and a tiny memory records previously
broadcasted events to avoid re-sending an
already sent event.
The size of the memory can be set using the
macro variable EVENT_BROADCAST_MEMORY_COUNT
whose default value is 8. It can be reduced
to 0.
An other mecanism is added to limit the count
of hops that a broadcasted event can do. That
count can be set using the macro variable
EVENT_BROADCAST_HOP_MAX whose default value
is 10.
Bug-AGL: SPEC-2625
Change-Id: I29550a8a5c8f5e2ffb20edc3330357a1e870c0e2
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
Solving the bug SPEC-2625 needs to rework the broadcasting
of events. It appeared that the numerical event identifier
passed for broadcast wasn't used by called function except
for hooking. Suppressing it introduces a clear distinction
between the push and the broadcast paths.
The file afb-ws-json1 is changed to avoid casting of
functions.
Bug-AGL: SPEC-2625
Change-Id: I9fe75adc8086812b21b70ce28baffcf77bd5e1cf
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
This commit allow modules of afb-daemon to request UUID.
This introduce an abstraction above libuuid for 3 reasons:
1. Using uuid had bad side effect inthe past because it
required enought entropy at start time, leading to hanging
initialisations in wait for enough entropy.
2. Solving bug SPEC-2625 will require use of UUID.
3. Porting to systems that haven't libuuid is made more
easy after that.
Bug-AGL: SPEC-2625
Change-Id: I27d8b611946686dea6fab250697afe9b89aac869
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
|
|
The tool afb-client-demo implements a synchronous
mode (option -s) that allows to wait for a reply
before to send the next request.
It is interesting for the purpose of testing to allow
afb-client-demo it to send a controlled count of
requests, ensuring that there is a controlled count
of pending requests.
Bug-AGL: SPEC-2638
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
Change-Id: Ic854d68aaeb82c17b4640c5c9de46181ad3a7e5e
|
|
Allowing to subscribe to a request that was replied
was possible and lead to problem revealed by issues
SPEC-2542 and SPEC-2599 (these issues are more related
to processing unordered incoming messages).
The choice was
- fix the bug and authorize (un)subscribe after reply
- forbids to (un)subscribe after reply
Second solution was chosen for its simplicity and
its networking efficiency.
Bug-AGL: SPEC-2542
Bug-AGL: SPEC-2599
Change-Id: I09f48b760b1fd6f70d42b80df3c8053696c45966
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
This reverts commit 5425e054fbf87fe6d024103f46e53f2a28e074f2.
The change introduced in the reverted commit
is no more necessary since events are sent asynchronousely.
Bug-AGL: SPEC-2215
Bug-AGL: SPEC-2219
Bug-AGL: SPEC-2542
Bug-AGL: SPEC-2599
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
Change-Id: I4fd8d1516c97e2f95caaa244e28491f71b15bba7
|
|
Sending events in the context of the calling process
had the consequence that the ordering of the messages
had to be removed (see SPEC-2215 & SPEC-2219). This
was not good by nature and lead to issues SPEC-2542
and SPEC-2599.
Sending events in the context of the calling process
also implies to delay the calling process.
For this reasons, sending events is now done in an
other jobs. For that reason, the count of allowed
pending jobs is increased to 100 (was 50).
Bug-AGL: SPEC-2215
Bug-AGL: SPEC-2219
Bug-AGL: SPEC-2542
Bug-AGL: SPEC-2599
Change-Id: I5b56d952cc187b65ad6eb9344ad74e5e8d3b7540
Signed-off-by: Jose Bollo <jose.bollo@iot.bzh>
|
|
The commit "a2cf84e: hooks: Allow to remove hooking"
re-order fragment of code. But this is an issue when
backporting changes to guppy.
That commit improve the situation for the file
afb-evt.c in the process of fixing the issue
SPEC-2599
Bug-AGL: SPEC-2599
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Change-Id: I4e56cbeee7d3a89770e37a3045f652f39fc07410
|