commit 24a7246f86dc84d1a75d8ce36184cd1a171cf4af
parent e335d3264f654ada1e588ae7d67f5fccb7b45d28
Author: Christian Grothoff <christian@grothoff.org>
Date: Mon, 8 May 2023 22:29:03 +0200
redirect_uri, not redirect_url
Diffstat:
13 files changed, 44 insertions(+), 43 deletions(-)
diff --git a/src/challenger/challenger-httpd_common.c b/src/challenger/challenger-httpd_common.c
@@ -60,7 +60,7 @@ CH_compute_code (const struct CHALLENGER_ValidationNonceP *nonce,
const char *client_secret,
const char *client_scope,
const char *address,
- const char *client_redirect_url)
+ const char *client_redirect_uri)
{
char *code;
char *ns;
@@ -78,8 +78,8 @@ CH_compute_code (const struct CHALLENGER_ValidationNonceP *nonce,
strlen (client_scope),
address,
strlen (address),
- client_redirect_url,
- strlen (client_redirect_url),
+ client_redirect_uri,
+ strlen (client_redirect_uri),
NULL,
0));
ns = GNUNET_STRINGS_data_to_string_alloc (nonce,
diff --git a/src/challenger/challenger-httpd_common.h b/src/challenger/challenger-httpd_common.h
@@ -35,15 +35,16 @@ CH_get_client_secret (struct MHD_Connection *connection);
/**
- * Compute code that would authorize access to the
- * given challenge address. NOTE: We may not want
+ * Compute code that would grant access to the ``/token``
+ * endpoint to obtain an access token for a particular
+ * challenge address. NOTE: We may not want
* to include all of these when hashing...
*
* @param nonce nonce of the challenge process
* @param client_secret secret of the client that should receive access
* @param client_scope scope of the grant
* @param address address that access is being granted to
- * @param client_redirect_url redirect URL of the client
+ * @param client_redirect_uri redirect URI of the client
* @return code that grants access
*/
char *
@@ -51,7 +52,7 @@ CH_compute_code (const struct CHALLENGER_ValidationNonceP *nonce,
const char *client_secret,
const char *client_scope,
const char *address,
- const char *client_redirect_url);
+ const char *client_redirect_uri);
/**
diff --git a/src/challenger/challenger-httpd_solve.c b/src/challenger/challenger-httpd_solve.c
@@ -237,7 +237,7 @@ CH_handler_solve (struct CH_HandlerContext *hc,
char *address;
char *client_scope;
char *client_state;
- char *client_redirect_url;
+ char *client_redirect_uri;
enum GNUNET_DB_QueryStatus qs;
qs = CH_db->validation_get (CH_db->cls,
@@ -246,7 +246,7 @@ CH_handler_solve (struct CH_HandlerContext *hc,
&address,
&client_scope,
&client_state,
- &client_redirect_url);
+ &client_redirect_uri);
switch (qs)
{
case GNUNET_DB_STATUS_HARD_ERROR:
@@ -276,11 +276,11 @@ CH_handler_solve (struct CH_HandlerContext *hc,
client_secret,
client_scope,
address,
- client_redirect_url);
+ client_redirect_uri);
ue = TALER_urlencode (client_state);
GNUNET_asprintf (&url,
"%s?code=%s&state=%s",
- client_redirect_url,
+ client_redirect_uri,
code,
ue);
GNUNET_free (ue);
@@ -289,7 +289,7 @@ CH_handler_solve (struct CH_HandlerContext *hc,
GNUNET_free (address);
GNUNET_free (client_scope);
GNUNET_free (client_secret);
- GNUNET_free (client_redirect_url);
+ GNUNET_free (client_redirect_uri);
GNUNET_free (client_state);
}
diff --git a/src/challenger/challenger-httpd_token.c b/src/challenger/challenger-httpd_token.c
@@ -356,7 +356,7 @@ CH_handler_token (struct CH_HandlerContext *hc,
char *address;
char *client_scope;
char *client_state;
- char *client_redirect_url;
+ char *client_redirect_uri;
enum GNUNET_DB_QueryStatus qs;
char *code;
@@ -366,7 +366,7 @@ CH_handler_token (struct CH_HandlerContext *hc,
&address,
&client_scope,
&client_state,
- &client_redirect_url);
+ &client_redirect_uri);
switch (qs)
{
case GNUNET_DB_STATUS_HARD_ERROR:
@@ -394,11 +394,11 @@ CH_handler_token (struct CH_HandlerContext *hc,
client_secret,
client_scope,
address,
- client_redirect_url);
+ client_redirect_uri);
GNUNET_free (address);
GNUNET_free (client_scope);
GNUNET_free (client_secret);
- GNUNET_free (client_redirect_url);
+ GNUNET_free (client_redirect_uri);
GNUNET_free (client_state);
if (0 != strcmp (code,
bc->code))
diff --git a/src/challengerdb/challenger-0001.sql b/src/challengerdb/challenger-0001.sql
@@ -58,7 +58,7 @@ CREATE TABLE IF NOT EXISTS validations
,address VARCHAR
,client_scope VARCHAR
,client_state VARCHAR
- ,client_redirect_url VARCHAR
+ ,client_redirect_uri VARCHAR
);
COMMENT ON TABLE validations
@@ -71,7 +71,7 @@ COMMENT ON COLUMN validations.client_scope
IS 'Client-specific scope value identifying the requested scope';
COMMENT ON COLUMN validations.client_state
IS 'Client-specific state value identifying the purpose of the validation';
-COMMENT ON COLUMN validations.client_redirect_url
+COMMENT ON COLUMN validations.client_redirect_uri
IS 'Client-specific URI where to redirect the user-agent back once access is granted (or denied)';
COMMENT ON COLUMN validations.address
IS 'Address we are validating; provided by the user-agent; usually a phone number or e-mail address (depends on the client_scope)';
diff --git a/src/challengerdb/pg_authorize_start.c b/src/challengerdb/pg_authorize_start.c
@@ -32,7 +32,7 @@ CH_PG_authorize_start (void *cls,
uint64_t client_id,
const char *client_scope,
const char *client_state,
- const char *client_redirect_url,
+ const char *client_redirect_uri,
char **last_address,
uint32_t *address_attempts_left)
{
@@ -42,8 +42,8 @@ CH_PG_authorize_start (void *cls,
GNUNET_PQ_query_param_uint64 (&client_id),
GNUNET_PQ_query_param_string (client_scope),
GNUNET_PQ_query_param_string (client_state),
- NULL != client_redirect_url
- ? GNUNET_PQ_query_param_string (client_redirect_url)
+ NULL != client_redirect_uri
+ ? GNUNET_PQ_query_param_string (client_redirect_uri)
: GNUNET_PQ_query_param_null (),
GNUNET_PQ_query_param_end
};
@@ -63,10 +63,10 @@ CH_PG_authorize_start (void *cls,
"UPDATE validations SET"
" client_scope=$3"
" ,client_state=$4"
- " ,client_redirect_url=$5::VARCHAR"
+ " ,client_redirect_uri=$5::VARCHAR"
" WHERE nonce=$1"
" AND client_serial_id=$2"
- " AND ($5::VARCHAR=COALESCE(client_redirect_url,$5::VARCHAR))"
+ " AND ($5::VARCHAR=COALESCE(client_redirect_uri,$5::VARCHAR))"
" RETURNING"
" address"
" ,address_attempts_left;");
diff --git a/src/challengerdb/pg_authorize_start.h b/src/challengerdb/pg_authorize_start.h
@@ -37,7 +37,7 @@
* @param client_id client that initiated the validation
* @param client_scope scope of the validation
* @param client_state state of the client
- * @param client_redirect_url where to redirect at the end, NULL to use a unique one registered for the client
+ * @param client_redirect_uri where to redirect at the end, NULL to use a unique one registered for the client
* @param[out] last_address set to the last address used
* @param[out] address_attempts_left set to number of address changing attempts left for this address
* @return transaction status:
@@ -51,7 +51,7 @@ CH_PG_authorize_start (void *cls,
uint64_t client_id,
const char *client_scope,
const char *client_state,
- const char *client_redirect_url,
+ const char *client_redirect_uri,
char **last_address,
uint32_t *address_attempts_left);
diff --git a/src/challengerdb/pg_setup_nonce.c b/src/challengerdb/pg_setup_nonce.c
@@ -46,7 +46,7 @@ CH_PG_setup_nonce (void *cls,
" (client_serial_id"
" ,nonce"
" ,expiration_time"
- " ,client_redirect_url"
+ " ,client_redirect_uri"
") SELECT $1, $2, $3, url"
" FROM CLIENTS"
" WHERE client_serial_id=$1;");
diff --git a/src/challengerdb/pg_validate_login_address.c b/src/challengerdb/pg_validate_login_address.c
@@ -32,7 +32,7 @@ CH_PG_validate_login_address (void *cls,
const char *address,
const char *client_scope,
const char *client_state,
- const char *client_redirect_url,
+ const char *client_redirect_uri,
struct GNUNET_TIME_Absolute *last_tx_time,
uint32_t *last_pin,
uint32_t *pin_attempts_left)
@@ -43,8 +43,8 @@ CH_PG_validate_login_address (void *cls,
GNUNET_PQ_query_param_string (address),
GNUNET_PQ_query_param_string (client_scope),
GNUNET_PQ_query_param_string (client_state),
- NULL != client_redirect_url
- ? GNUNET_PQ_query_param_string (client_redirect_url)
+ NULL != client_redirect_uri
+ ? GNUNET_PQ_query_param_string (client_redirect_uri)
: GNUNET_PQ_query_param_null (),
GNUNET_PQ_query_param_end
};
@@ -69,7 +69,7 @@ CH_PG_validate_login_address (void *cls,
" ,address=$2"
" ,client_scope=$3"
" ,client_state=$4"
- " ,client_redirect_url=$5"
+ " ,client_redirect_uri=$5"
" WHERE nonce=$1"
" AND (address_attempts_left > 0"
" OR address == $2)"
diff --git a/src/challengerdb/pg_validate_login_address.h b/src/challengerdb/pg_validate_login_address.h
@@ -37,7 +37,7 @@
* @param address the new address to validate
* @param client_scope scope of the validation
* @param client_state state of the client
- * @param client_redirect_url where to redirect at the end, NULL to use a unique one registered for the client
+ * @param client_redirect_uri where to redirect at the end, NULL to use a unique one registered for the client
* @param[out] last_tx_time set to the last time when we (presumably) send a PIN to @a address; 0 if never sent
* @param[out] last_pin set to the PIN last send to @a address, 0 if never sent
* @param[in,out] pin_attempts_left set to number of PIN transmission attempts left for this address; input is value to be used if address is new, output is possibly different if address was not new
@@ -52,7 +52,7 @@ CH_PG_validate_login_address (void *cls,
const char *address,
const char *client_scope,
const char *client_state,
- const char *client_redirect_url,
+ const char *client_redirect_uri,
struct GNUNET_TIME_Absolute *last_tx_time,
uint32_t *last_pin,
uint32_t *pin_attempts_left);
diff --git a/src/challengerdb/pg_validation_get.c b/src/challengerdb/pg_validation_get.c
@@ -32,7 +32,7 @@ CH_PG_validation_get (void *cls,
char **address,
char **client_scope,
char **client_state,
- char **client_redirect_url)
+ char **client_redirect_uri)
{
struct PostgresClosure *pg = cls;
struct GNUNET_PQ_QueryParam params[] = {
@@ -54,8 +54,8 @@ CH_PG_validation_get (void *cls,
GNUNET_PQ_result_spec_string ("client_state",
client_state),
NULL),
- GNUNET_PQ_result_spec_string ("redirect_url",
- client_redirect_url),
+ GNUNET_PQ_result_spec_string ("redirect_uri",
+ client_redirect_uri),
GNUNET_PQ_result_spec_end
};
@@ -69,7 +69,7 @@ CH_PG_validation_get (void *cls,
" ,address"
" ,client_scope"
" ,client_state"
- " ,COALESCE(client_redirect_url,url) AS redirect_url"
+ " ,COALESCE(client_redirect_uri,url) AS redirect_uri"
" FROM validations"
" JOIN clients "
" USING (client_serial_id)"
diff --git a/src/challengerdb/pg_validation_get.h b/src/challengerdb/pg_validation_get.h
@@ -37,7 +37,7 @@
* @param[out] address set to client-provided address
* @param[out] client_scope set to OAuth2 scope
* @param[out] client_state set to client state
- * @param[out] client_redirect_url set to client redirect URL
+ * @param[out] client_redirect_uri set to client redirect URL
* @return transaction status:
* #GNUNET_DB_STATUS_SUCCESS_ONE_RESULT if the nonce was found
* #GNUNET_DB_STATUS_SUCCESS_NO_RESULTS if we do not know the nonce
@@ -50,6 +50,6 @@ CH_PG_validation_get (void *cls,
char **address,
char **client_scope,
char **client_state,
- char **client_redirect_url);
+ char **client_redirect_uri);
#endif
diff --git a/src/include/challenger_database_plugin.h b/src/include/challenger_database_plugin.h
@@ -40,7 +40,7 @@ struct CHALLENGER_ValidationNonceP
/**
- * Nonce to uniquely (and unpredictably) identify grants.
+ * Nonce to uniquely (and unpredictably) identify access tokens.
*/
struct CHALLENGER_AccessTokenP
{
@@ -228,7 +228,7 @@ struct CHALLENGER_DatabasePlugin
* @param client_id client that initiated the validation
* @param client_scope scope of the validation
* @param client_state state of the client
- * @param client_redirect_url where to redirect at the end, NULL to use a unique one registered for the client
+ * @param client_redirect_uri where to redirect at the end, NULL to use a unique one registered for the client
* @param[out] last_address set to the last address used
* @param[out] address_attempts_left set to number change address operations left for this @a nonce
* @return transaction status:
@@ -242,7 +242,7 @@ struct CHALLENGER_DatabasePlugin
uint64_t client_id,
const char *client_scope,
const char *client_state,
- const char *client_redirect_url,
+ const char *client_redirect_uri,
char **last_address,
uint32_t *address_attempts_left);
@@ -308,7 +308,7 @@ struct CHALLENGER_DatabasePlugin
* @param[out] address set to client-provided address
* @param[out] client_scope set to OAuth2 scope
* @param[out] client_state set to client state
- * @param[out] client_redirect_url set to client redirect URL
+ * @param[out] client_redirect_uri set to client redirect URL
* @return transaction status:
* #GNUNET_DB_STATUS_SUCCESS_ONE_RESULT if the nonce was found
* #GNUNET_DB_STATUS_SUCCESS_NO_RESULTS if we do not know the nonce
@@ -321,7 +321,7 @@ struct CHALLENGER_DatabasePlugin
char **address,
char **client_scope,
char **client_state,
- char **client_redirect_url);
+ char **client_redirect_uri);
/**
