From b4da3b7f3db2211e7ecca74301e26b3089fda5a2 Mon Sep 17 00:00:00 2001 From: Jose Bollo Date: Fri, 15 Nov 2019 16:21:03 +0100 Subject: Move tokens from sessions to requests Tokens are no more related to sessions. Each request provides a token. In the case of websockets or connected link, the context can record the token. Bug-AGL: SPEC-2968 Change-Id: I1442b0422584c5a5b860ddb826518b0e673612f9 Signed-off-by: Jose Bollo --- src/afb-context.c | 13 ++++++++----- src/afb-context.h | 4 ++-- src/afb-hreq.c | 7 ++++++- src/afb-session.c | 25 ++----------------------- src/afb-session.h | 1 - src/afb-ws-json1.c | 22 +++++++++++++++++++++- src/tests/session/test-session.c | 3 --- 7 files changed, 39 insertions(+), 36 deletions(-) diff --git a/src/afb-context.c b/src/afb-context.c index 8a1938a1..4cc2e551 100644 --- a/src/afb-context.c +++ b/src/afb-context.c @@ -25,8 +25,9 @@ #include "afb-session.h" #include "afb-context.h" +#include "afb-token.h" -static void init_context(struct afb_context *context, struct afb_session *session, const char *token) +static void init_context(struct afb_context *context, struct afb_session *session, struct afb_token *token) { assert(session != NULL); @@ -35,17 +36,18 @@ static void init_context(struct afb_context *context, struct afb_session *sessio context->flags = 0; context->super = NULL; context->api_key = NULL; + context->token = afb_token_addref(token); /* check the token */ if (token != NULL) { - if (afb_session_check_token(session, token)) + if (afb_token_check(token)) context->validated = 1; else context->invalidated = 1; } } -void afb_context_init(struct afb_context *context, struct afb_session *session, const char *token) +void afb_context_init(struct afb_context *context, struct afb_session *session, struct afb_token *token) { init_context(context, afb_session_addref(session), token); } @@ -62,11 +64,11 @@ void afb_context_subinit(struct afb_context *context, struct afb_context *super) context->flags = 0; context->super = super; context->api_key = NULL; - context->token = NULL; + context->token = super->token; context->validated = super->validated; } -int afb_context_connect(struct afb_context *context, const char *uuid, const char *token) +int afb_context_connect(struct afb_context *context, const char *uuid, struct afb_token *token) { int created; struct afb_session *session; @@ -97,6 +99,7 @@ void afb_context_disconnect(struct afb_context *context) afb_context_set(context, NULL, NULL); context->closed = 1; } + afb_token_unref(context->token); afb_session_unref(context->session); context->session = NULL; } diff --git a/src/afb-context.h b/src/afb-context.h index 126987a1..83df1bbf 100644 --- a/src/afb-context.h +++ b/src/afb-context.h @@ -38,10 +38,10 @@ struct afb_context }; }; -extern void afb_context_init(struct afb_context *context, struct afb_session *session, const char *token); +extern void afb_context_init(struct afb_context *context, struct afb_session *session, struct afb_token *token); extern void afb_context_init_validated(struct afb_context *context, struct afb_session *session); extern void afb_context_subinit(struct afb_context *context, struct afb_context *super); -extern int afb_context_connect(struct afb_context *context, const char *uuid, const char *token); +extern int afb_context_connect(struct afb_context *context, const char *uuid, struct afb_token *token); extern int afb_context_connect_validated(struct afb_context *context, const char *uuid); extern void afb_context_disconnect(struct afb_context *context); extern const char *afb_context_uuid(struct afb_context *context); diff --git a/src/afb-hreq.c b/src/afb-hreq.c index a9010b88..4d5f659c 100644 --- a/src/afb-hreq.c +++ b/src/afb-hreq.c @@ -43,6 +43,7 @@ #include "afb-hsrv.h" #include "afb-session.h" #include "afb-cred.h" +#include "afb-token.h" #include "verbose.h" #include "locale-root.h" @@ -966,6 +967,7 @@ int afb_hreq_init_context(struct afb_hreq *hreq) { const char *uuid; const char *token; + struct afb_token *tok; if (hreq->xreq.context.session != NULL) return 0; @@ -994,8 +996,11 @@ int afb_hreq_init_context(struct afb_hreq *hreq) } } } + tok = NULL; + if (token) + afb_token_get(&tok, token); - return afb_context_connect(&hreq->xreq.context, uuid, token); + return afb_context_connect(&hreq->xreq.context, uuid, tok); } int afb_hreq_init_cookie(int port, const char *path, int maxage) diff --git a/src/afb-session.c b/src/afb-session.c index bb10c2cb..3e267fd2 100644 --- a/src/afb-session.c +++ b/src/afb-session.c @@ -61,15 +61,14 @@ struct afb_session struct afb_session *next; /**< link to the next */ unsigned refcount; /**< count of reference to the session */ int timeout; /**< timeout of the session */ - time_t expiration; /**< expiration time of the token */ + time_t expiration; /**< expiration time of the session */ pthread_mutex_t mutex; /**< mutex of the session */ struct cookie *cookies[COOKIECOUNT]; /**< cookies of the session */ char *lang; /**< current language setting for the session */ uint8_t closed: 1; /**< is the session closed ? */ uint8_t autoclose: 1; /**< close the session when unreferenced */ uint8_t notinset: 1; /**< session removed from the set of sessions */ - uuid_stringz_t uuid; /**< long term authentication of remote client */ - struct afb_token *token;/**< short term authentication of remote client */ + uuid_stringz_t uuid; /**< indentification of client seesion */ }; /** @@ -204,7 +203,6 @@ static void session_destroy (struct afb_session *session) afb_hook_session_destroy(session); #endif pthread_mutex_destroy(&session->mutex); - afb_token_unref(session->token); free(session->lang); free(session); } @@ -251,13 +249,11 @@ static struct afb_session *session_add(const char *uuid, int timeout, time_t now pthread_mutex_init(&session->mutex, NULL); session->refcount = 1; strcpy(session->uuid, uuid); - session->token = afb_token_addref(sessions.initok); session->timeout = timeout; session_update_expiration(session, now); /* add */ if (sessionset_add(session, hashidx)) { - afb_token_unref(session->token); free(session); return NULL; } @@ -308,7 +304,6 @@ static time_t sessionset_cleanup (int force) * @param max_session_count maximum allowed session count in the same time * @param timeout the initial default timeout of sessions * @param initok the initial default token of sessions - * */ int afb_session_init (int max_session_count, int timeout, const char *initok) { @@ -529,22 +524,6 @@ int afb_session_is_closed (struct afb_session *session) return session->closed; } -/* - * check whether the token of 'session' is 'token' - * return 1 if true or 0 otherwise - */ -int afb_session_check_token (struct afb_session *session, const char *token) -{ - int r; - - session_lock(session); - r = !session->closed - && session->expiration >= NOW - && !(session->token && strcmp(token, afb_token_string(session->token))); - session_unlock(session); - return r; -} - /* Returns the uuid of 'session' */ const char *afb_session_uuid (struct afb_session *session) { diff --git a/src/afb-session.h b/src/afb-session.h index 6d17f87f..f5a28b75 100644 --- a/src/afb-session.h +++ b/src/afb-session.h @@ -40,7 +40,6 @@ extern void afb_session_set_autoclose(struct afb_session *session, int autoclose extern void afb_session_close(struct afb_session *session); extern int afb_session_is_closed (struct afb_session *session); -extern int afb_session_check_token(struct afb_session *session, const char *token); extern int afb_session_timeout(struct afb_session *session); extern int afb_session_what_remains(struct afb_session *session); diff --git a/src/afb-ws-json1.c b/src/afb-ws-json1.c index fd132197..a8461707 100644 --- a/src/afb-ws-json1.c +++ b/src/afb-ws-json1.c @@ -177,13 +177,33 @@ static void aws_on_hangup_cb(void *closure, struct afb_wsj1 *wsj1) afb_ws_json1_unref(ws); } +static int aws_new_token(struct afb_ws_json1 *ws, const char *new_token_string) +{ + int rc; + struct afb_token *newtok, *oldtok; + + rc = afb_token_get(&newtok, new_token_string); + if (rc >= 0) { + oldtok = ws->token; + ws->token = newtok; + afb_token_unref(oldtok); + } + return rc; +} + static void aws_on_call_cb(void *closure, const char *api, const char *verb, struct afb_wsj1_msg *msg) { struct afb_ws_json1 *ws = closure; struct afb_wsreq *wsreq; + const char *tok; DEBUG("received websocket request for %s/%s: %s", api, verb, afb_wsj1_msg_object_s(msg)); + /* handle new tokens */ + tok = afb_wsj1_msg_token(msg); + if (tok) + aws_new_token(ws, tok); + /* allocate */ wsreq = calloc(1, sizeof *wsreq); if (wsreq == NULL) { @@ -193,7 +213,7 @@ static void aws_on_call_cb(void *closure, const char *api, const char *verb, str /* init the context */ afb_xreq_init(&wsreq->xreq, &afb_ws_json1_xreq_itf); - afb_context_init(&wsreq->xreq.context, ws->session, afb_wsj1_msg_token(msg)); + afb_context_init(&wsreq->xreq.context, ws->session, ws->token); if (!wsreq->xreq.context.invalidated) wsreq->xreq.context.validated = 1; diff --git a/src/tests/session/test-session.c b/src/tests/session/test-session.c index acdfcef4..5352c6ee 100644 --- a/src/tests/session/test-session.c +++ b/src/tests/session/test-session.c @@ -55,9 +55,6 @@ START_TEST (check_creation) ck_assert(afb_session_uuid(s) != NULL); ck_assert(!afb_session_is_closed(s)); - /* token is the initial one */ - ck_assert(afb_session_check_token(s, GOOD_UUID)); - /* query the session */ uuid = strdup(afb_session_uuid(s)); x = afb_session_search(uuid); -- cgit 1.2.3-korg