|
adam@1
|
1 #include <string.h>
|
|
adam@1
|
2
|
|
adam@6
|
3 #include <openssl/bio.h>
|
|
adam@6
|
4 #include <openssl/evp.h>
|
|
adam@6
|
5 #include <openssl/buffer.h>
|
|
adam@0
|
6 #include <openssl/sha.h>
|
|
adam@7
|
7 #include <openssl/hmac.h>
|
|
adam@0
|
8 #include <curl/curl.h>
|
|
adam@1
|
9 #include <expat.h>
|
|
adam@0
|
10
|
|
adam@1
|
11 #include <openid.h>
|
|
adam@0
|
12
|
|
adam@3
|
13 #define BUF_MAX 10240
|
|
adam@3
|
14 #define BUF_INIT 1024
|
|
adam@3
|
15
|
|
adam@2
|
16 struct uw_OpenidFfi_discovery {
|
|
adam@2
|
17 uw_Basis_string endpoint, localId;
|
|
adam@2
|
18 };
|
|
adam@2
|
19
|
|
adam@2
|
20 uw_Basis_string uw_OpenidFfi_endpoint(uw_context ctx, uw_OpenidFfi_discovery d) {
|
|
adam@2
|
21 return d->endpoint;
|
|
adam@2
|
22 }
|
|
adam@2
|
23
|
|
adam@2
|
24 uw_Basis_string uw_OpenidFfi_localId(uw_context ctx, uw_OpenidFfi_discovery d) {
|
|
adam@2
|
25 return d->localId;
|
|
adam@2
|
26 }
|
|
adam@2
|
27
|
|
adam@0
|
28 uw_unit uw_OpenidFfi_init(uw_context ctx) {
|
|
adam@0
|
29 curl_global_init(CURL_GLOBAL_ALL);
|
|
adam@0
|
30
|
|
adam@0
|
31 return uw_unit_v;
|
|
adam@0
|
32 }
|
|
adam@1
|
33
|
|
adam@1
|
34 static CURL *curl(uw_context ctx) {
|
|
adam@1
|
35 CURL *r;
|
|
adam@1
|
36
|
|
adam@1
|
37 if (!(r = uw_get_global(ctx, "curl"))) {
|
|
adam@1
|
38 r = curl_easy_init();
|
|
adam@1
|
39 if (r)
|
|
adam@1
|
40 uw_set_global(ctx, "curl", r, curl_easy_cleanup);
|
|
adam@1
|
41 }
|
|
adam@1
|
42
|
|
adam@1
|
43 return r;
|
|
adam@1
|
44 }
|
|
adam@1
|
45
|
|
adam@1
|
46 typedef struct {
|
|
adam@1
|
47 uw_context ctx;
|
|
adam@2
|
48 uw_OpenidFfi_discovery d;
|
|
adam@1
|
49 } endpoint;
|
|
adam@1
|
50
|
|
adam@1
|
51 static void XMLCALL startElement(void *userData, const XML_Char *name, const XML_Char **atts) {
|
|
adam@1
|
52 endpoint *ep = userData;
|
|
adam@1
|
53
|
|
adam@1
|
54 if (!strcmp(name, "link")) {
|
|
adam@1
|
55 const XML_Char **attp;
|
|
adam@1
|
56 int found = 0;
|
|
adam@1
|
57
|
|
adam@1
|
58 for (attp = atts; *attp; attp += 2) {
|
|
adam@1
|
59 if (!strcmp(attp[0], "rel") && !strcmp(attp[1], "openid2.provider")) {
|
|
adam@1
|
60 found = 1;
|
|
adam@1
|
61 break;
|
|
adam@1
|
62 }
|
|
adam@1
|
63 }
|
|
adam@1
|
64
|
|
adam@1
|
65 if (found) {
|
|
adam@1
|
66 for (attp = atts; *attp; attp += 2) {
|
|
adam@1
|
67 if (!strcmp(attp[0], "href")) {
|
|
adam@2
|
68 ep->d->endpoint = uw_strdup(ep->ctx, attp[1]);
|
|
adam@1
|
69 return;
|
|
adam@1
|
70 }
|
|
adam@1
|
71 }
|
|
adam@1
|
72 }
|
|
adam@1
|
73 }
|
|
adam@1
|
74 }
|
|
adam@1
|
75
|
|
adam@1
|
76 typedef struct {
|
|
adam@1
|
77 XML_Parser parser;
|
|
adam@1
|
78 int any_errors;
|
|
adam@3
|
79 } curl_discovery_data;
|
|
adam@1
|
80
|
|
adam@3
|
81 static size_t write_discovery_data(void *buffer, size_t size, size_t nmemb, void *userp) {
|
|
adam@3
|
82 curl_discovery_data *d = userp;
|
|
adam@1
|
83
|
|
adam@1
|
84 if (!XML_Parse(d->parser, buffer, size * nmemb, 0))
|
|
adam@1
|
85 d->any_errors = 1;
|
|
adam@1
|
86
|
|
adam@1
|
87 return size * nmemb;
|
|
adam@1
|
88 }
|
|
adam@1
|
89
|
|
adam@2
|
90 uw_OpenidFfi_discovery *uw_OpenidFfi_discover(uw_context ctx, uw_Basis_string id) {
|
|
adam@1
|
91 char *s;
|
|
adam@1
|
92 CURL *c = curl(ctx);
|
|
adam@3
|
93 curl_discovery_data cd = {};
|
|
adam@2
|
94 uw_OpenidFfi_discovery dy = uw_malloc(ctx, sizeof(struct uw_OpenidFfi_discovery));
|
|
adam@2
|
95 endpoint ep = {ctx, dy};
|
|
adam@1
|
96 CURLcode code;
|
|
adam@1
|
97
|
|
adam@2
|
98 dy->endpoint = dy->localId = NULL;
|
|
adam@2
|
99
|
|
adam@1
|
100 if (!strchr(id, ':')) {
|
|
adam@1
|
101 id = uw_Basis_strcat(ctx, "http://", id);
|
|
adam@1
|
102 if ((s = strchr(id, '#')) != NULL)
|
|
adam@1
|
103 *s = 0;
|
|
adam@1
|
104 } else if ((s = strchr(id, '#')) != NULL) {
|
|
adam@1
|
105 char *id2 = uw_malloc(ctx, s - id + 1);
|
|
adam@1
|
106 memcpy(id2, s, s - id);
|
|
adam@1
|
107 id2[s - id] = 0;
|
|
adam@1
|
108 id = id2;
|
|
adam@1
|
109 }
|
|
adam@1
|
110
|
|
adam@1
|
111 cd.parser = XML_ParserCreate(NULL);
|
|
adam@1
|
112 XML_SetUserData(cd.parser, &ep);
|
|
adam@1
|
113 uw_push_cleanup(ctx, (void (*)(void *))XML_ParserFree, cd.parser);
|
|
adam@7
|
114 XML_SetStartElementHandler(cd.parser, startElement);
|
|
adam@1
|
115
|
|
adam@1
|
116 curl_easy_setopt(c, CURLOPT_URL, id);
|
|
adam@3
|
117 curl_easy_setopt(c, CURLOPT_WRITEFUNCTION, write_discovery_data);
|
|
adam@1
|
118 curl_easy_setopt(c, CURLOPT_WRITEDATA, &cd);
|
|
adam@1
|
119
|
|
adam@1
|
120 code = curl_easy_perform(c);
|
|
adam@1
|
121 uw_pop_cleanup(ctx);
|
|
adam@1
|
122
|
|
adam@2
|
123 if (code || !ep.d->endpoint)
|
|
adam@1
|
124 return NULL;
|
|
adam@2
|
125 else {
|
|
adam@2
|
126 uw_OpenidFfi_discovery *dyp = malloc(sizeof(uw_OpenidFfi_discovery));
|
|
adam@2
|
127 *dyp = ep.d;
|
|
adam@2
|
128 return dyp;
|
|
adam@2
|
129 }
|
|
adam@1
|
130 }
|
|
adam@3
|
131
|
|
adam@3
|
132 uw_OpenidFfi_inputs uw_OpenidFfi_createInputs(uw_context ctx) {
|
|
adam@3
|
133 uw_buffer *r = uw_malloc(ctx, sizeof(uw_buffer));
|
|
adam@3
|
134 uw_buffer_init(BUF_MAX, r, BUF_INIT);
|
|
adam@3
|
135 return r;
|
|
adam@3
|
136 }
|
|
adam@3
|
137
|
|
adam@3
|
138 static int okForPost(const char *s) {
|
|
adam@3
|
139 for (; *s; ++s)
|
|
adam@3
|
140 if (*s == '=' || *s == '&')
|
|
adam@3
|
141 return 0;
|
|
adam@3
|
142 return 1;
|
|
adam@3
|
143 }
|
|
adam@3
|
144
|
|
adam@3
|
145 uw_unit uw_OpenidFfi_addInput(uw_context ctx, uw_OpenidFfi_inputs buf, uw_Basis_string key, uw_Basis_string value) {
|
|
adam@3
|
146 if (!okForPost(key))
|
|
adam@3
|
147 uw_error(ctx, FATAL, "Invalid key for OpenID inputs");
|
|
adam@3
|
148 if (!okForPost(value))
|
|
adam@3
|
149 uw_error(ctx, FATAL, "Invalid value for OpenID inputs");
|
|
adam@3
|
150
|
|
adam@3
|
151 if (uw_buffer_used(buf) > 0)
|
|
adam@3
|
152 uw_buffer_append(buf, "&", 1);
|
|
adam@3
|
153
|
|
adam@3
|
154 uw_buffer_append(buf, key, strlen(key));
|
|
adam@3
|
155 uw_buffer_append(buf, "=", 1);
|
|
adam@3
|
156 uw_buffer_append(buf, value, strlen(value));
|
|
adam@3
|
157
|
|
adam@3
|
158 return uw_unit_v;
|
|
adam@3
|
159 }
|
|
adam@3
|
160
|
|
adam@3
|
161 uw_Basis_string uw_OpenidFfi_getOutput(uw_context ctx, uw_OpenidFfi_outputs buf, uw_Basis_string key) {
|
|
adam@3
|
162 char *s = buf->start;
|
|
adam@3
|
163
|
|
adam@3
|
164 for (; *s; s = strchr(strchr(s, 0)+1, 0)+1)
|
|
adam@3
|
165 if (!strcmp(key, s))
|
|
adam@3
|
166 return strchr(s, 0)+1;
|
|
adam@3
|
167
|
|
adam@3
|
168 return NULL;
|
|
adam@3
|
169 }
|
|
adam@3
|
170
|
|
adam@3
|
171 static size_t write_buffer_data(void *buffer, size_t size, size_t nmemb, void *userp) {
|
|
adam@3
|
172 uw_buffer *buf = userp;
|
|
adam@3
|
173
|
|
adam@3
|
174 uw_buffer_append(buf, buffer, size * nmemb);
|
|
adam@3
|
175
|
|
adam@3
|
176 return size * nmemb;
|
|
adam@3
|
177 }
|
|
adam@3
|
178
|
|
adam@3
|
179 const char curl_failure[] = "error\0Error fetching URL";
|
|
adam@3
|
180
|
|
adam@4
|
181 uw_OpenidFfi_outputs uw_OpenidFfi_direct(uw_context ctx, uw_Basis_string url, uw_OpenidFfi_inputs inps) {
|
|
adam@3
|
182 uw_buffer *buf = uw_malloc(ctx, sizeof(uw_buffer));
|
|
adam@3
|
183 CURL *c = curl(ctx);
|
|
adam@3
|
184 CURLcode code;
|
|
adam@3
|
185
|
|
adam@3
|
186 uw_buffer_init(BUF_MAX, buf, BUF_INIT);
|
|
adam@3
|
187
|
|
adam@3
|
188 uw_buffer_append(inps, "", 1);
|
|
adam@3
|
189
|
|
adam@3
|
190 curl_easy_setopt(c, CURLOPT_URL, url);
|
|
adam@3
|
191 curl_easy_setopt(c, CURLOPT_POSTFIELDS, inps->start);
|
|
adam@3
|
192 curl_easy_setopt(c, CURLOPT_WRITEFUNCTION, write_buffer_data);
|
|
adam@3
|
193 curl_easy_setopt(c, CURLOPT_WRITEDATA, buf);
|
|
adam@3
|
194
|
|
adam@3
|
195 code = curl_easy_perform(c);
|
|
adam@3
|
196
|
|
adam@3
|
197 uw_buffer_append(buf, "", 1);
|
|
adam@3
|
198
|
|
adam@3
|
199 if (code) {
|
|
adam@3
|
200 uw_buffer_reset(buf);
|
|
adam@3
|
201 uw_buffer_append(buf, curl_failure, sizeof curl_failure);
|
|
adam@3
|
202 } else {
|
|
adam@3
|
203 char *s;
|
|
adam@3
|
204
|
|
adam@3
|
205 s = buf->start;
|
|
adam@3
|
206 while (*s) {
|
|
adam@3
|
207 char *colon = strchr(s, ':'), *newline;
|
|
adam@3
|
208
|
|
adam@3
|
209 if (!colon) {
|
|
adam@3
|
210 *s = 0;
|
|
adam@3
|
211 break;
|
|
adam@3
|
212 }
|
|
adam@3
|
213
|
|
adam@7
|
214 *colon = 0;
|
|
adam@7
|
215
|
|
adam@3
|
216 newline = strchr(colon+1, '\n');
|
|
adam@3
|
217
|
|
adam@7
|
218 if (!newline)
|
|
adam@3
|
219 break;
|
|
adam@3
|
220
|
|
adam@3
|
221 *newline = 0;
|
|
adam@3
|
222 s = newline+1;
|
|
adam@3
|
223 }
|
|
adam@3
|
224 }
|
|
adam@3
|
225
|
|
adam@3
|
226 return buf;
|
|
adam@3
|
227 }
|
|
adam@4
|
228
|
|
adam@4
|
229 static uw_Basis_string deurl(uw_context ctx, uw_Basis_string s) {
|
|
adam@4
|
230 uw_Basis_string r = uw_malloc(ctx, strlen(s)), s2 = r;
|
|
adam@4
|
231
|
|
adam@4
|
232 for (; *s; ++s) {
|
|
adam@4
|
233 if (s[0] == '%' && s[1] && s[2]) {
|
|
adam@4
|
234 unsigned u;
|
|
adam@4
|
235
|
|
adam@4
|
236 sscanf(s+1, "%02x", &u);
|
|
adam@4
|
237 *s2++ = u;
|
|
adam@4
|
238 s += 2;
|
|
adam@4
|
239 } else
|
|
adam@4
|
240 *s2++ = *s;
|
|
adam@4
|
241 }
|
|
adam@4
|
242
|
|
adam@4
|
243 *s2 = 0;
|
|
adam@4
|
244 return r;
|
|
adam@4
|
245 }
|
|
adam@4
|
246
|
|
adam@4
|
247 uw_OpenidFfi_outputs uw_OpenidFfi_indirect(uw_context ctx, uw_Basis_string fields) {
|
|
adam@4
|
248 uw_OpenidFfi_outputs b = malloc(sizeof(uw_buffer));
|
|
adam@4
|
249
|
|
adam@4
|
250 uw_buffer_init(BUF_MAX, b, BUF_INIT);
|
|
adam@4
|
251
|
|
adam@6
|
252 fields = uw_strdup(ctx, fields);
|
|
adam@6
|
253
|
|
adam@4
|
254 while (*fields) {
|
|
adam@4
|
255 char *equal = strchr(fields, '='), *and, *s;
|
|
adam@4
|
256
|
|
adam@4
|
257 if (!equal)
|
|
adam@4
|
258 break;
|
|
adam@4
|
259
|
|
adam@4
|
260 *equal = 0;
|
|
adam@4
|
261 s = deurl(ctx, fields);
|
|
adam@4
|
262 uw_buffer_append(b, s, strlen(s));
|
|
adam@4
|
263 uw_buffer_append(b, "", 1);
|
|
adam@4
|
264
|
|
adam@4
|
265 and = strchr(equal+1, '&');
|
|
adam@4
|
266 if (and) {
|
|
adam@4
|
267 *and = 0;
|
|
adam@4
|
268 fields = and+1;
|
|
adam@4
|
269 } else
|
|
adam@4
|
270 fields = and = strchr(equal+1, 0);
|
|
adam@4
|
271 s = deurl(ctx, equal+1);
|
|
adam@4
|
272 uw_buffer_append(b, s, strlen(s));
|
|
adam@4
|
273 uw_buffer_append(b, "", 1);
|
|
adam@4
|
274 }
|
|
adam@4
|
275
|
|
adam@4
|
276 uw_buffer_append(b, "", 1);
|
|
adam@4
|
277 return b;
|
|
adam@4
|
278 }
|
|
adam@6
|
279
|
|
adam@6
|
280 static uw_Basis_string base64(uw_context ctx, unsigned char *input, int length) {
|
|
adam@6
|
281 BIO *bmem, *b64;
|
|
adam@6
|
282
|
|
adam@6
|
283 b64 = BIO_new(BIO_f_base64());
|
|
adam@7
|
284 BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
|
|
adam@6
|
285 bmem = BIO_new(BIO_s_mem());
|
|
adam@7
|
286 BIO_push(b64, bmem);
|
|
adam@6
|
287 BIO_write(b64, input, length);
|
|
adam@6
|
288 (void)BIO_flush(b64);
|
|
adam@6
|
289
|
|
adam@7
|
290 int len = BIO_ctrl_pending(bmem);
|
|
adam@7
|
291 char *buff = uw_malloc(ctx, len+1);
|
|
adam@7
|
292 BIO_read(bmem, buff, len);
|
|
adam@7
|
293 buff[len] = 0;
|
|
adam@6
|
294
|
|
adam@6
|
295 BIO_free_all(b64);
|
|
adam@6
|
296
|
|
adam@6
|
297 return buff;
|
|
adam@6
|
298 }
|
|
adam@6
|
299
|
|
adam@7
|
300 static void unbase64(unsigned char *input, int length, unsigned char *buffer, int bufferLength)
|
|
adam@7
|
301 {
|
|
adam@7
|
302 BIO *b64, *bmem;
|
|
adam@6
|
303
|
|
adam@7
|
304 b64 = BIO_new(BIO_f_base64());
|
|
adam@7
|
305 BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
|
|
adam@7
|
306 bmem = BIO_new_mem_buf(input, length);
|
|
adam@7
|
307 BIO_push(b64, bmem);
|
|
adam@7
|
308 BIO_read(b64, buffer, bufferLength);
|
|
adam@6
|
309
|
|
adam@7
|
310 BIO_free_all(bmem);
|
|
adam@6
|
311 }
|
|
adam@7
|
312
|
|
adam@7
|
313 uw_Basis_string uw_OpenidFfi_sha256(uw_context ctx, uw_Basis_string key, uw_Basis_string data) {
|
|
adam@7
|
314 unsigned char keyBin[SHA256_DIGEST_LENGTH], out[EVP_MAX_MD_SIZE];
|
|
adam@7
|
315 unsigned outLen;
|
|
adam@7
|
316
|
|
adam@7
|
317 unbase64((unsigned char *)key, strlen(key), keyBin, sizeof keyBin);
|
|
adam@7
|
318 memset(key, sizeof key, 0);
|
|
adam@7
|
319
|
|
adam@7
|
320 HMAC(EVP_sha256(), keyBin, sizeof keyBin, (unsigned char *)data, strlen(data), out, &outLen);
|
|
adam@7
|
321 return base64(ctx, out, outLen);
|
|
adam@7
|
322 }
|
