diff options
| author | Christian Grothoff <christian@grothoff.org> | 2022-08-05 16:32:03 +0200 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2022-08-05 16:32:03 +0200 |
| commit | c362023d1b3867e478bb6bad619652eccae0dcef (patch) | |
| tree | 4952527bae5cc1e2a4119de262161287b893b40a /src | |
| parent | b533026632963efcb01b9a193aa45806e02aafa1 (diff) | |
| download | exchange-c362023d1b3867e478bb6bad619652eccae0dcef.tar.gz exchange-c362023d1b3867e478bb6bad619652eccae0dcef.tar.bz2 exchange-c362023d1b3867e478bb6bad619652eccae0dcef.zip | |
-add oauth config parsing logic
Diffstat (limited to 'src')
| -rw-r--r-- | src/kyclogic/plugin_kyclogic_oauth2.c | 200 |
1 files changed, 188 insertions, 12 deletions
diff --git a/src/kyclogic/plugin_kyclogic_oauth2.c b/src/kyclogic/plugin_kyclogic_oauth2.c index c17e9f8a5..e95b86219 100644 --- a/src/kyclogic/plugin_kyclogic_oauth2.c +++ b/src/kyclogic/plugin_kyclogic_oauth2.c @@ -32,6 +32,38 @@ struct TALER_KYCLOGIC_ProviderDetails { + /** + * URL of the OAuth2.0 endpoint for KYC checks. + * (token/auth) + */ + char *auth_url; + + /** + * URL of the OAuth2.0 endpoint for KYC checks. + */ + char *login_url; + + /** + * URL of the user info access endpoint. + */ + char *info_url; + + /** + * Our client ID for OAuth2.0. + */ + char *client_id; + + /** + * Our client secret for OAuth2.0. + */ + char *client_secret; + + /** + * Where to redirect clients after the + * Web-based KYC process is done? + */ + char *post_kyc_redirect_url; + }; @@ -74,28 +106,172 @@ struct PluginState /** - * Load the configuration of the KYC provider. + * Release configuration resources previously loaded * - * @param cls closure - * @param provider_section_name configuration section to parse - * @return NULL if configuration is invalid + * @param[in] pd configuration to release */ -static struct TALER_KYCLOGIC_ProviderDetails * -oauth2_load_configuration (void *cls, - const char *provider_section_name) +static void +oauth2_unload_configuration (struct TALER_KYCLOGIC_ProviderDetails *pd) { - return NULL; + GNUNET_free (pd->auth_url); + GNUNET_free (pd->login_url); + GNUNET_free (pd->info_url); + GNUNET_free (pd->client_id); + GNUNET_free (pd->client_secret); + GNUNET_free (pd->post_kyc_redirect_url); + GNUNET_free (pd); } /** - * Release configuration resources previously loaded + * Load the configuration of the KYC provider. * - * @param[in] pd configuration to release + * @param cls closure + * @param provider_section_name configuration section to parse + * @return NULL if configuration is invalid */ -static void -oauth2_unload_configuration (struct TALER_KYCLOGIC_ProviderDetails *pd) +static struct TALER_KYCLOGIC_ProviderDetails * +oauth2_load_configuration (void *cls, + const char *provider_section_name) { + struct PluginState *ps = cls; + struct TALER_KYCLOGIC_ProviderDetails *pd; + char *s; + + pd = GNUNET_new (struct TALER_KYCLOGIC_ProviderDetails); + if (GNUNET_OK != + GNUNET_CONFIGURATION_get_value_string (ps->cfg, + provider_section_name, + "KYC_OAUTH2_AUTH_URL", + &s)) + { + GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, + provider_section_name, + "KYC_OAUTH2_AUTH_URL"); + oauth2_unload_configuration (pd); + return NULL; + } + if ( (! TALER_url_valid_charset (s)) || + ( (0 != strncasecmp (s, + "http://", + strlen ("http://"))) && + (0 != strncasecmp (s, + "https://", + strlen ("https://"))) ) ) + { + GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, + provider_section_name, + "KYC_OAUTH2_AUTH_URL", + "not a valid URL"); + GNUNET_free (s); + oauth2_unload_configuration (pd); + return NULL; + } + pd->auth_url = s; + + if (GNUNET_OK != + GNUNET_CONFIGURATION_get_value_string (ps->cfg, + provider_section_name, + "KYC_OAUTH2_LOGIN_URL", + &s)) + { + GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, + provider_section_name, + "KYC_OAUTH2_LOGIN_URL"); + oauth2_unload_configuration (pd); + return NULL; + } + if ( (! TALER_url_valid_charset (s)) || + ( (0 != strncasecmp (s, + "http://", + strlen ("http://"))) && + (0 != strncasecmp (s, + "https://", + strlen ("https://"))) ) ) + { + GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, + provider_section_name, + "KYC_OAUTH2_LOGIN_URL", + "not a valid URL"); + oauth2_unload_configuration (pd); + GNUNET_free (s); + return NULL; + } + pd->login_url = s; + + if (GNUNET_OK != + GNUNET_CONFIGURATION_get_value_string (ps->cfg, + provider_section_name, + "KYC_INFO_URL", + &s)) + { + GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, + provider_section_name, + "KYC_INFO_URL"); + oauth2_unload_configuration (pd); + return NULL; + } + if ( (! TALER_url_valid_charset (s)) || + ( (0 != strncasecmp (s, + "http://", + strlen ("http://"))) && + (0 != strncasecmp (s, + "https://", + strlen ("https://"))) ) ) + { + GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, + provider_section_name, + "KYC_INFO_URL", + "not a valid URL"); + GNUNET_free (s); + oauth2_unload_configuration (pd); + return NULL; + } + pd->info_url = s; + + if (GNUNET_OK != + GNUNET_CONFIGURATION_get_value_string (ps->cfg, + provider_section_name, + "KYC_OAUTH2_CLIENT_ID", + &s)) + { + GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, + provider_section_name, + "KYC_OAUTH2_CLIENT_ID"); + oauth2_unload_configuration (pd); + return NULL; + } + pd->client_id = s; + + if (GNUNET_OK != + GNUNET_CONFIGURATION_get_value_string (ps->cfg, + provider_section_name, + "KYC_OAUTH2_CLIENT_SECRET", + &s)) + { + GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, + provider_section_name, + "KYC_OAUTH2_CLIENT_SECRET"); + oauth2_unload_configuration (pd); + return NULL; + } + pd->client_secret = s; + + if (GNUNET_OK != + GNUNET_CONFIGURATION_get_value_string (ps->cfg, + provider_section_name, + "KYC_OAUTH2_POST_URL", + &s)) + { + GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, + provider_section_name, + "KYC_OAUTH2_POST_URL"); + oauth2_unload_configuration (pd); + return NULL; + } + pd->post_kyc_redirect_url = s; + + return pd; } |