Iddawc
Handle the flow of OAuth2 and OpenID Connect authentication process from the client side.
Functions
Run OAuth2 or OIDC requests

Run auth, token, userinfo, introspect, revoke or register requests. More...

Functions

int i_load_openid_config (struct _i_session *i_session)
 
int i_build_auth_url_get (struct _i_session *i_session)
 
int i_run_auth_request (struct _i_session *i_session)
 
int i_parse_redirect_to (struct _i_session *i_session)
 
int i_run_token_request (struct _i_session *i_session)
 
int i_verify_id_token (struct _i_session *i_session)
 
int i_load_userinfo (struct _i_session *i_session)
 
int i_load_userinfo_custom (struct _i_session *i_session, const char *http_method, struct _u_map *additional_query, struct _u_map *additional_headers)
 
int i_introspect_token (struct _i_session *i_session, json_t **j_result)
 
int i_revoke_token (struct _i_session *i_session)
 
int i_register_client (struct _i_session *i_session, json_t *j_parameters, int update_session, json_t **j_result)
 

Detailed Description

Run auth, token, userinfo, introspect, revoke or register requests.

Function Documentation

◆ i_load_openid_config()

int i_load_openid_config ( struct _i_session i_session)

Loads and parse the openid_config endpoint, and sets the parameter values accordingly

Parameters
i_sessiona reference to a struct _i_session *
Returns
I_OK on success, an error value on error

◆ i_build_auth_url_get()

int i_build_auth_url_get ( struct _i_session i_session)

Builds the url to GET the auth endpoint sets the result to parameter I_OPT_REDIRECT_TO

Parameters
i_sessiona reference to a struct _i_session *
Returns
I_OK on success, an error value on error

◆ i_run_auth_request()

int i_run_auth_request ( struct _i_session i_session)

Executes an auth request using the implicit endpoint and sets the result values in the session variables

Parameters
i_sessiona reference to a struct _i_session *
Returns
I_OK on success, an error value on error

◆ i_parse_redirect_to()

int i_parse_redirect_to ( struct _i_session i_session)

Parses the redirect_uri given by the oauth2 server in the implicit flow The redirect_uri may contain a code, a token, an id_token, or an error Fills the session parameters with the values given in the redirect_uri

Parameters
i_sessiona reference to a struct _i_session *
Returns
I_OK on success, an error value on error

◆ i_run_token_request()

int i_run_token_request ( struct _i_session i_session)

Executes a token request using the implicit endpoint and sets the result values in the session variables

Parameters
i_sessiona reference to a struct _i_session *
Returns
I_OK on success, an error value on error

◆ i_verify_id_token()

int i_verify_id_token ( struct _i_session i_session)

Validates the id_token signature and content if necessary

Parameters
i_sessiona reference to a struct _i_session *
Returns
I_OK on success, an error value on error

◆ i_load_userinfo()

int i_load_userinfo ( struct _i_session i_session)

Loads the userinfo endpoint using the access_token if the result is a JWT, validate the signature and/or decrypt the token sets the result to i_session->userinfo as char * and i_session->j_userinfo as json_t * if the result is in JSON format

Parameters
i_sessiona reference to a struct _i_session *
Returns
I_OK on success, an error value on error

◆ i_load_userinfo_custom()

int i_load_userinfo_custom ( struct _i_session i_session,
const char *  http_method,
struct _u_map *  additional_query,
struct _u_map *  additional_headers 
)

Loads the userinfo endpoint using the access_token with custom parameters if the result is a JWT, validate the signature and/or decrypt the token sets the result to i_session->userinfo as char * and i_session->j_userinfo as json_t * if the result is in JSON format

Parameters
i_sessiona reference to a struct _i_session *
http_methodhttp method to use, values available are 'GET' or 'POST'
additional_queryset of additional parameters to add to the url query
additional_headersset of additional parameters to add to the request header
Returns
I_OK on success, an error value on error

◆ i_introspect_token()

int i_introspect_token ( struct _i_session i_session,
json_t **  j_result 
)

Loads the introspection endpoint for the access_token_target Using the access_token for authentication

Parameters
i_sessiona reference to a struct _i_session *
j_resultif not NULL, set an allocated json_t * object with the endpoint result
Returns
I_OK on success and if the access_token_target is valid, I_ERROR_UNAUTHORIZED if the access_token_target is invalid, another error value on error

◆ i_revoke_token()

int i_revoke_token ( struct _i_session i_session)

Loads the revocation endpoint for the access_token_target Using the access_token for authentication

Parameters
i_sessiona reference to a struct _i_session *
Returns
I_OK on success, an error value on error

◆ i_register_client()

int i_register_client ( struct _i_session i_session,
json_t *  j_parameters,
int  update_session,
json_t **  j_result 
)

Register a new client using the dynamic registration endpoint Using the access_token for authentication

Parameters
i_sessiona reference to a struct _i_session *
j_parametersa json_t * object containing the client metadata The metadata content depends on the registration endpoint but at least the parameter redirect_uris (array of string) is required to register a new client
update_sessionif the registration is succesfull, update the session with the new client_id and client_secret
j_resultif not NULL, set an allocated json_t * object with the endpoint result
Returns
I_OK on success, an error value on error