Iddawc
Handle the flow of OAuth2 and OpenID Connect authentication process from the client side.
|
Go to the documentation of this file.
36 #include "iddawc-cfg.h"
46 #define I_ERROR_PARAM 2
47 #define I_ERROR_MEMORY 3
48 #define I_ERROR_UNAUTHORIZED 4
49 #define I_ERROR_SERVER 5
51 #define I_RESPONSE_TYPE_NONE 0x00000000
52 #define I_RESPONSE_TYPE_CODE 0x00000001
53 #define I_RESPONSE_TYPE_TOKEN 0x00000010
54 #define I_RESPONSE_TYPE_ID_TOKEN 0x00000100
55 #define I_RESPONSE_TYPE_PASSWORD 0x00001000
56 #define I_RESPONSE_TYPE_CLIENT_CREDENTIALS 0x00010000
57 #define I_RESPONSE_TYPE_REFRESH_TOKEN 0x00100000
59 #define I_AUTH_METHOD_GET 0x00000001
60 #define I_AUTH_METHOD_POST 0x00000010
61 #define I_AUTH_METHOD_JWT_SIGN_SECRET 0x00000100
62 #define I_AUTH_METHOD_JWT_SIGN_PRIVKEY 0x00001000
63 #define I_AUTH_METHOD_JWT_ENCRYPT_SECRET 0x00010000
64 #define I_AUTH_METHOD_JWT_ENCRYPT_PUBKEY 0x00100000
66 #define I_TOKEN_AUTH_METHOD_SECRET_BASIC 0
67 #define I_TOKEN_AUTH_METHOD_SECRET_POST 1
68 #define I_TOKEN_AUTH_METHOD_SECRET_JWT 2
69 #define I_TOKEN_AUTH_METHOD_PRIVATE_JWT 3
70 #define I_TOKEN_AUTH_METHOD_NONE 4
73 #define I_STRICT_YES 1
75 #define I_AUTH_SIGN_ALG_MAX_LENGTH 8
531 #endif // __IDDAWC_H_
int i_load_userinfo(struct _i_session *i_session)
Definition: iddawc.c:1535
@ I_OPT_INTROSPECTION_ENDPOINT
absolute url for the introspection endpoint, string
Definition: iddawc.h:131
int i_import_session_json_t(struct _i_session *i_session, json_t *j_import)
Definition: iddawc.c:2691
@ I_OPT_SCOPE_APPEND
append another scope value to the scope list, string
Definition: iddawc.h:86
char * revocation_endpoint
Definition: iddawc.h:162
uint i_get_result(struct _i_session *i_session)
Definition: iddawc.c:1667
int i_parse_redirect_to(struct _i_session *i_session)
Definition: iddawc.c:1706
uint token_exp
Definition: iddawc.h:194
struct _u_map additional_response
Definition: iddawc.h:157
@ I_OPT_USER_PASSWORD
password for password response_types, string
Definition: iddawc.h:114
@ I_OPT_ERROR
error value of a failed request, string
Definition: iddawc.h:102
int i_build_auth_url_get(struct _i_session *i_session)
Definition: iddawc.c:1908
@ I_OPT_USERNAME
username for password response_types, string
Definition: iddawc.h:113
char * user_password
Definition: iddawc.h:155
@ I_OPT_REFRESH_TOKEN
refresh token given after a succesfull token request using the proper response_type
Definition: iddawc.h:106
@ I_OPT_AUTH_METHOD
Authentication method to use with the auth endpoint, values available are I_AUTH_METHOD_GET,...
Definition: iddawc.h:109
@ I_OPT_SCOPE
scope values, string, multiple scopes must be separated by a space character: "scope1 openid"
Definition: iddawc.h:85
jwa_enc client_enc
Definition: iddawc.h:186
@ I_OPT_TOKEN_METHOD
Authentication method to use with the token endpoint, values available are I_TOKEN_AUTH_METHOD_SECRET...
Definition: iddawc.h:110
@ I_OPT_NONCE_GENERATE
generate a random nonce value
Definition: iddawc.h:117
char * error_uri
Definition: iddawc.h:168
char * redirect_uri
Definition: iddawc.h:150
char * registration_endpoint
Definition: iddawc.h:164
@ I_OPT_TOKEN_ENDPOINT
absolute url for the token endpoint, string
Definition: iddawc.h:96
int i_introspect_token(struct _i_session *i_session, json_t **j_result)
Definition: iddawc.c:2509
char * scope
Definition: iddawc.h:147
uint response_type
Definition: iddawc.h:146
json_t * openid_config
Definition: iddawc.h:188
@ I_OPT_ERROR_URI
error uri of a failed request, string
Definition: iddawc.h:104
@ I_OPT_ADDITIONAL_RESPONSE
Definition: iddawc.h:94
@ I_OPT_NONCE
nonce value, string
Definition: iddawc.h:88
int i_verify_id_token(struct _i_session *i_session)
Definition: iddawc.c:2314
char * token_endpoint
Definition: iddawc.h:159
char * openid_config_endpoint
Definition: iddawc.h:160
char * redirect_to
Definition: iddawc.h:151
json_t * i_export_session_json_t(struct _i_session *i_session)
Definition: iddawc.c:2627
@ I_OPT_ADDITIONAL_PARAMETER
use this option to pass any additional parameter value in the /auth request
Definition: iddawc.h:93
char * authorization_endpoint
Definition: iddawc.h:158
int openid_config_strict
Definition: iddawc.h:189
char * username
Definition: iddawc.h:154
jwks_t * client_jwks
Definition: iddawc.h:182
@ I_OPT_USERINFO_ENDPOINT
absolute url for the userinfo endpoint or equivalent, string
Definition: iddawc.h:100
uint i_get_int_parameter(struct _i_session *i_session, i_option option)
Definition: iddawc.c:1671
@ I_OPT_CODE
code given after a succesfull auth request using the response_type I_RESPONSE_TYPE_CODE
Definition: iddawc.h:105
@ I_OPT_TOKEN_TARGET
access_token which is the target of a revocation or an introspection, string
Definition: iddawc.h:128
char * userinfo
Definition: iddawc.h:191
int i_register_client(struct _i_session *i_session, json_t *j_parameters, int update_session, json_t **j_result)
Definition: iddawc.c:2566
@ I_OPT_OPENID_CONFIG
result of the .well-known/openid-configuration
Definition: iddawc.h:98
@ I_OPT_ERROR_DESCRIPTION
error description of a failed request, string
Definition: iddawc.h:103
@ I_OPT_CLIENT_ENC_ALG
key encryption algorithm to use when the client encrypts a request in a JWT, values available are 'RS...
Definition: iddawc.h:123
int i_set_str_parameter(struct _i_session *i_session, i_option option, const char *s_value)
Definition: iddawc.c:1070
void i_clean_session(struct _i_session *i_session)
Definition: iddawc.c:910
int i_run_auth_request(struct _i_session *i_session)
Definition: iddawc.c:1990
uint i_get_response_type(struct _i_session *i_session)
Definition: iddawc.c:1663
char * client_kid
Definition: iddawc.h:183
char * refresh_token
Definition: iddawc.h:170
char * userinfo_endpoint
Definition: iddawc.h:161
jwa_alg client_sign_alg
Definition: iddawc.h:184
char * issuer
Definition: iddawc.h:190
const char * i_get_additional_parameter(struct _i_session *i_session, const char *s_key)
Definition: iddawc.c:1892
char * id_token
Definition: iddawc.h:176
int i_set_response_type(struct _i_session *i_session, uint i_value)
Definition: iddawc.c:953
char * error_description
Definition: iddawc.h:167
char * client_secret
Definition: iddawc.h:153
@ I_OPT_STATE_GENERATE
generate a random state value
Definition: iddawc.h:118
int i_run_token_request(struct _i_session *i_session)
Definition: iddawc.c:2094
char * token_target_type_hint
Definition: iddawc.h:173
@ I_OPT_RESPONSE_TYPE
response_type, values available are I_RESPONSE_TYPE_CODE, I_RESPONSE_TYPE_TOKEN, I_RESPONSE_TYPE_ID_T...
Definition: iddawc.h:84
int i_load_userinfo_custom(struct _i_session *i_session, const char *http_method, struct _u_map *additional_query, struct _u_map *additional_headers)
Definition: iddawc.c:1547
int i_revoke_token(struct _i_session *i_session)
Definition: iddawc.c:2454
@ I_OPT_REDIRECT_TO
url where the oauth2 is redirected to after a /auth request
Definition: iddawc.h:90
char * token_type
Definition: iddawc.h:174
@ I_OPT_REGISTRATION_ENDPOINT
absolute url for the client registration endpoint, string
Definition: iddawc.h:132
@ I_OPT_EXPIRES_IN
expires_in value after a succesfull auth or token request, integer
Definition: iddawc.h:112
int x5u_flags
Definition: iddawc.h:187
@ I_OPT_SERVER_KID
key id to use if multiple jwk are available on the server, string
Definition: iddawc.h:120
int i_set_additional_parameter(struct _i_session *i_session, const char *s_key, const char *s_value)
Definition: iddawc.c:1384
json_t * j_userinfo
Definition: iddawc.h:192
@ I_OPT_CLIENT_SECRET
client secret, string
Definition: iddawc.h:92
char * error
Definition: iddawc.h:166
uint result
Definition: iddawc.h:165
@ I_OPT_CLIENT_KID
key id to use if multiple jwk are available on the client, string
Definition: iddawc.h:121
i_option
Definition: iddawc.h:82
@ I_OPT_STATE
state value, string
Definition: iddawc.h:87
int i_init_session(struct _i_session *i_session)
Definition: iddawc.c:831
uint expires_in
Definition: iddawc.h:175
@ I_OPT_OPENID_CONFIG_ENDPOINT
absolute url for the .well-known/openid-configuration endpoint, string
Definition: iddawc.h:97
char * server_kid
Definition: iddawc.h:181
const char * i_get_additional_response(struct _i_session *i_session, const char *s_key)
Definition: iddawc.c:1900
@ I_OPT_X5U_FLAGS
x5u flage to apply when JWK used have a x5u property, values available are R_FLAG_IGNORE_SERVER_CERTI...
Definition: iddawc.h:119
char * nonce
Definition: iddawc.h:149
const char * i_get_str_parameter(struct _i_session *i_session, i_option option)
Definition: iddawc.c:1778
int i_load_openid_config(struct _i_session *i_session)
Definition: iddawc.c:1494
@ I_OPT_CLIENT_SIGN_ALG
signature algorithm to use when the client signs a request in a JWT, values available are 'none',...
Definition: iddawc.h:122
@ I_OPT_USERINFO
userinfo result, string
Definition: iddawc.h:116
@ I_OPT_CLIENT_ENC
data encryption algorithm to use when the client encrypts a request in a JWT, values available are 'A...
Definition: iddawc.h:124
struct _u_map additional_parameters
Definition: iddawc.h:156
@ I_OPT_REVOCATION_ENDPOINT
absolute url for the revocation endpoint, string
Definition: iddawc.h:130
jwa_alg client_enc_alg
Definition: iddawc.h:185
@ I_OPT_TOKEN_JTI_GENERATE
generate a random jti value
Definition: iddawc.h:126
@ I_OPT_TOKEN_EXP
JWT token request expiration time in seconds.
Definition: iddawc.h:127
int i_set_additional_response(struct _i_session *i_session, const char *s_key, const char *s_value)
Definition: iddawc.c:1396
@ I_OPT_NONE
Empty option to complete a i_set_parameter_list.
Definition: iddawc.h:83
@ I_OPT_ISSUER
issuer value, string
Definition: iddawc.h:115
@ I_OPT_TOKEN_TYPE
token_type value after a succesfull auth or token request, string
Definition: iddawc.h:111
@ I_OPT_AUTH_ENDPOINT
absolute url for the auth endpoint, string
Definition: iddawc.h:95
@ I_OPT_ACCESS_TOKEN
access token given after a succesfull auth or token request using the proper response_type
Definition: iddawc.h:107
uint token_method
Definition: iddawc.h:179
char * introspection_endpoint
Definition: iddawc.h:163
char * code
Definition: iddawc.h:169
char * i_export_session_str(struct _i_session *i_session)
Definition: iddawc.c:2773
char * state
Definition: iddawc.h:148
@ I_OPT_REDIRECT_URI
redirect_uri, string
Definition: iddawc.h:89
int i_set_parameter_list(struct _i_session *i_session,...)
Definition: iddawc.c:1408
int i_import_session_str(struct _i_session *i_session, const char *str_import)
Definition: iddawc.c:2784
char * client_id
Definition: iddawc.h:152
@ I_OPT_ID_TOKEN
id_token given after a succesfull auth or token request using the proper response_type
Definition: iddawc.h:108
json_t * id_token_payload
Definition: iddawc.h:177
@ I_OPT_TOKEN_TARGET_TYPE_HINT
access_token which is the target of a revocation or an introspection, string
Definition: iddawc.h:129
@ I_OPT_RESULT
result of a request
Definition: iddawc.h:101
@ I_OPT_OPENID_CONFIG_STRICT
must the .well-known/openid-configuration parameters be strictly
Definition: iddawc.h:99
char * token_jti
Definition: iddawc.h:193
char * access_token
Definition: iddawc.h:171
char * token_target
Definition: iddawc.h:172
int i_set_int_parameter(struct _i_session *i_session, i_option option, uint i_value)
Definition: iddawc.c:961
int i_set_result(struct _i_session *i_session, uint i_value)
Definition: iddawc.c:957
@ I_OPT_TOKEN_JTI
jti value, string
Definition: iddawc.h:125
@ I_OPT_CLIENT_ID
client_id, string
Definition: iddawc.h:91
jwks_t * server_jwks
Definition: iddawc.h:180
uint auth_method
Definition: iddawc.h:178