Iddawc
Handle the flow of OAuth2 and OpenID Connect authentication process from the client side.
Macros | Enumerations
Constants and properties

Constant values used as input or output. More...

Macros

#define I_OK   0
 Success. More...
 
#define I_ERROR   1
 Error. More...
 
#define I_ERROR_PARAM   2
 Error in parameters. More...
 
#define I_ERROR_MEMORY   3
 Memory error. More...
 
#define I_ERROR_UNAUTHORIZED   4
 Request unauthorized. More...
 
#define I_ERROR_SERVER   5
 Server error. More...
 
#define I_RESPONSE_TYPE_NONE   0x00000000
 No response type. More...
 
#define I_RESPONSE_TYPE_CODE   0x00000001
 Response type code. More...
 
#define I_RESPONSE_TYPE_TOKEN   0x00000010
 Response type token. More...
 
#define I_RESPONSE_TYPE_ID_TOKEN   0x00000100
 Response type id_token. More...
 
#define I_RESPONSE_TYPE_PASSWORD   0x00001000
 Response type password. More...
 
#define I_RESPONSE_TYPE_CLIENT_CREDENTIALS   0x00010000
 Response type client_credentials. More...
 
#define I_RESPONSE_TYPE_REFRESH_TOKEN   0x00100000
 Response type refresh_token. More...
 
#define I_AUTH_METHOD_GET   0x00000001
 access auth endpoint using GET method More...
 
#define I_AUTH_METHOD_POST   0x00000010
 access auth endpoint using POST method More...
 
#define I_AUTH_METHOD_JWT_SIGN_SECRET   0x00000100
 access auth endpoint using a JWT signed with the client secret More...
 
#define I_AUTH_METHOD_JWT_SIGN_PRIVKEY   0x00001000
 access auth endpoint using a JWT signed with the client private key More...
 
#define I_AUTH_METHOD_JWT_ENCRYPT_SECRET   0x00010000
 access auth endpoint using a JWT encrypted with the client secret More...
 
#define I_AUTH_METHOD_JWT_ENCRYPT_PUBKEY   0x00100000
 access auth endpoint using a JWT encrypted with the client private key More...
 
#define I_TOKEN_AUTH_METHOD_SECRET_BASIC   0
 access token endpoint using HTTP basic auth with client_id and client password More...
 
#define I_TOKEN_AUTH_METHOD_SECRET_POST   1
 access token endpoint using secret send in POST parameters More...
 
#define I_TOKEN_AUTH_METHOD_SECRET_JWT   2
 access token endpoint using a JWT signed with the client secret More...
 
#define I_TOKEN_AUTH_METHOD_PRIVATE_JWT   3
 access token endpoint using a JWT signed with the client private key More...
 
#define I_TOKEN_AUTH_METHOD_NONE   4
 access token endpoint using no authentication More...
 
#define I_STRICT_NO   0
 Do not stricly conform to openid config result. More...
 
#define I_STRICT_YES   1
 Stricly conform to openid config result. More...
 
#define I_AUTH_SIGN_ALG_MAX_LENGTH   8
 Max length of a sign algorithm name. More...
 

Enumerations

enum  i_option {
  I_OPT_NONE = 0, I_OPT_RESPONSE_TYPE = 1, I_OPT_SCOPE = 2, I_OPT_SCOPE_APPEND = 3,
  I_OPT_STATE = 4, I_OPT_NONCE = 5, I_OPT_REDIRECT_URI = 6, I_OPT_REDIRECT_TO = 7,
  I_OPT_CLIENT_ID = 8, I_OPT_CLIENT_SECRET = 9, I_OPT_ADDITIONAL_PARAMETER = 10, I_OPT_ADDITIONAL_RESPONSE = 11,
  I_OPT_AUTH_ENDPOINT = 12, I_OPT_TOKEN_ENDPOINT = 13, I_OPT_OPENID_CONFIG_ENDPOINT = 14, I_OPT_OPENID_CONFIG = 15,
  I_OPT_OPENID_CONFIG_STRICT = 16, I_OPT_USERINFO_ENDPOINT = 17, I_OPT_RESULT = 18, I_OPT_ERROR = 19,
  I_OPT_ERROR_DESCRIPTION = 20, I_OPT_ERROR_URI = 21, I_OPT_CODE = 22, I_OPT_REFRESH_TOKEN = 23,
  I_OPT_ACCESS_TOKEN = 24, I_OPT_ID_TOKEN = 25, I_OPT_AUTH_METHOD = 28, I_OPT_TOKEN_METHOD = 29,
  I_OPT_TOKEN_TYPE = 30, I_OPT_EXPIRES_IN = 31, I_OPT_USERNAME = 32, I_OPT_USER_PASSWORD = 33,
  I_OPT_ISSUER = 34, I_OPT_USERINFO = 35, I_OPT_NONCE_GENERATE = 36, I_OPT_STATE_GENERATE = 37,
  I_OPT_X5U_FLAGS = 38, I_OPT_SERVER_KID = 39, I_OPT_CLIENT_KID = 40, I_OPT_CLIENT_SIGN_ALG = 41,
  I_OPT_CLIENT_ENC_ALG = 42, I_OPT_CLIENT_ENC = 43, I_OPT_TOKEN_JTI = 44, I_OPT_TOKEN_JTI_GENERATE = 45,
  I_OPT_TOKEN_EXP = 46, I_OPT_TOKEN_TARGET = 47, I_OPT_TOKEN_TARGET_TYPE_HINT = 48, I_OPT_REVOCATION_ENDPOINT = 49,
  I_OPT_INTROSPECTION_ENDPOINT = 50, I_OPT_REGISTRATION_ENDPOINT = 51
}
 

Detailed Description

Constant values used as input or output.

Iddawc OAuth2 client library

iddawc.h: structures and functions declarations

Copyright 2019-2020 Nicolas Mora mail@.nosp@m.babe.nosp@m.loues.nosp@m.t.or.nosp@m.g

This program is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; version 2.1 of the License.

This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU GENERAL PUBLIC LICENSE for more details.

You should have received a copy of the GNU General Public License along with this library. If not, see http://www.gnu.org/licenses/.

Macro Definition Documentation

◆ I_OK

#define I_OK   0

Success.

◆ I_ERROR

#define I_ERROR   1

Error.

◆ I_ERROR_PARAM

#define I_ERROR_PARAM   2

Error in parameters.

◆ I_ERROR_MEMORY

#define I_ERROR_MEMORY   3

Memory error.

◆ I_ERROR_UNAUTHORIZED

#define I_ERROR_UNAUTHORIZED   4

Request unauthorized.

◆ I_ERROR_SERVER

#define I_ERROR_SERVER   5

Server error.

◆ I_RESPONSE_TYPE_NONE

#define I_RESPONSE_TYPE_NONE   0x00000000

No response type.

◆ I_RESPONSE_TYPE_CODE

#define I_RESPONSE_TYPE_CODE   0x00000001

Response type code.

◆ I_RESPONSE_TYPE_TOKEN

#define I_RESPONSE_TYPE_TOKEN   0x00000010

Response type token.

◆ I_RESPONSE_TYPE_ID_TOKEN

#define I_RESPONSE_TYPE_ID_TOKEN   0x00000100

Response type id_token.

◆ I_RESPONSE_TYPE_PASSWORD

#define I_RESPONSE_TYPE_PASSWORD   0x00001000

Response type password.

◆ I_RESPONSE_TYPE_CLIENT_CREDENTIALS

#define I_RESPONSE_TYPE_CLIENT_CREDENTIALS   0x00010000

Response type client_credentials.

◆ I_RESPONSE_TYPE_REFRESH_TOKEN

#define I_RESPONSE_TYPE_REFRESH_TOKEN   0x00100000

Response type refresh_token.

◆ I_AUTH_METHOD_GET

#define I_AUTH_METHOD_GET   0x00000001

access auth endpoint using GET method

◆ I_AUTH_METHOD_POST

#define I_AUTH_METHOD_POST   0x00000010

access auth endpoint using POST method

◆ I_AUTH_METHOD_JWT_SIGN_SECRET

#define I_AUTH_METHOD_JWT_SIGN_SECRET   0x00000100

access auth endpoint using a JWT signed with the client secret

◆ I_AUTH_METHOD_JWT_SIGN_PRIVKEY

#define I_AUTH_METHOD_JWT_SIGN_PRIVKEY   0x00001000

access auth endpoint using a JWT signed with the client private key

◆ I_AUTH_METHOD_JWT_ENCRYPT_SECRET

#define I_AUTH_METHOD_JWT_ENCRYPT_SECRET   0x00010000

access auth endpoint using a JWT encrypted with the client secret

◆ I_AUTH_METHOD_JWT_ENCRYPT_PUBKEY

#define I_AUTH_METHOD_JWT_ENCRYPT_PUBKEY   0x00100000

access auth endpoint using a JWT encrypted with the client private key

◆ I_TOKEN_AUTH_METHOD_SECRET_BASIC

#define I_TOKEN_AUTH_METHOD_SECRET_BASIC   0

access token endpoint using HTTP basic auth with client_id and client password

◆ I_TOKEN_AUTH_METHOD_SECRET_POST

#define I_TOKEN_AUTH_METHOD_SECRET_POST   1

access token endpoint using secret send in POST parameters

◆ I_TOKEN_AUTH_METHOD_SECRET_JWT

#define I_TOKEN_AUTH_METHOD_SECRET_JWT   2

access token endpoint using a JWT signed with the client secret

◆ I_TOKEN_AUTH_METHOD_PRIVATE_JWT

#define I_TOKEN_AUTH_METHOD_PRIVATE_JWT   3

access token endpoint using a JWT signed with the client private key

◆ I_TOKEN_AUTH_METHOD_NONE

#define I_TOKEN_AUTH_METHOD_NONE   4

access token endpoint using no authentication

◆ I_STRICT_NO

#define I_STRICT_NO   0

Do not stricly conform to openid config result.

◆ I_STRICT_YES

#define I_STRICT_YES   1

Stricly conform to openid config result.

◆ I_AUTH_SIGN_ALG_MAX_LENGTH

#define I_AUTH_SIGN_ALG_MAX_LENGTH   8

Max length of a sign algorithm name.

Enumeration Type Documentation

◆ i_option

enum i_option

Options available to set or get properties using i_set_int_parameter, i_set_str_parameter, i_get_int_parameter or i_get_str_parameter

Enumerator
I_OPT_NONE 

Empty option to complete a i_set_parameter_list.

I_OPT_RESPONSE_TYPE 

response_type, values available are I_RESPONSE_TYPE_CODE, I_RESPONSE_TYPE_TOKEN, I_RESPONSE_TYPE_ID_TOKEN, I_RESPONSE_TYPE_PASSWORD, I_RESPONSE_TYPE_CLIENT_CREDENTIALS and I_RESPONSE_TYPE_REFRESH_TOKEN

I_OPT_SCOPE 

scope values, string, multiple scopes must be separated by a space character: "scope1 openid"

I_OPT_SCOPE_APPEND 

append another scope value to the scope list, string

I_OPT_STATE 

state value, string

I_OPT_NONCE 

nonce value, string

I_OPT_REDIRECT_URI 

redirect_uri, string

I_OPT_REDIRECT_TO 

url where the oauth2 is redirected to after a /auth request

I_OPT_CLIENT_ID 

client_id, string

I_OPT_CLIENT_SECRET 

client secret, string

I_OPT_ADDITIONAL_PARAMETER 

use this option to pass any additional parameter value in the /auth request

I_OPT_ADDITIONAL_RESPONSE 
I_OPT_AUTH_ENDPOINT 

absolute url for the auth endpoint, string

I_OPT_TOKEN_ENDPOINT 

absolute url for the token endpoint, string

I_OPT_OPENID_CONFIG_ENDPOINT 

absolute url for the .well-known/openid-configuration endpoint, string

I_OPT_OPENID_CONFIG 

result of the .well-known/openid-configuration

I_OPT_OPENID_CONFIG_STRICT 

must the .well-known/openid-configuration parameters be strictly

I_OPT_USERINFO_ENDPOINT 

absolute url for the userinfo endpoint or equivalent, string

I_OPT_RESULT 

result of a request

I_OPT_ERROR 

error value of a failed request, string

I_OPT_ERROR_DESCRIPTION 

error description of a failed request, string

I_OPT_ERROR_URI 

error uri of a failed request, string

I_OPT_CODE 

code given after a succesfull auth request using the response_type I_RESPONSE_TYPE_CODE

I_OPT_REFRESH_TOKEN 

refresh token given after a succesfull token request using the proper response_type

I_OPT_ACCESS_TOKEN 

access token given after a succesfull auth or token request using the proper response_type

I_OPT_ID_TOKEN 

id_token given after a succesfull auth or token request using the proper response_type

I_OPT_AUTH_METHOD 

Authentication method to use with the auth endpoint, values available are I_AUTH_METHOD_GET, I_AUTH_METHOD_POST, I_AUTH_METHOD_JWT_SIGN_SECRET, I_AUTH_METHOD_JWT_SIGN_PRIVKEY, I_AUTH_METHOD_JWT_ENCRYPT_SECRET or I_AUTH_METHOD_JWT_ENCRYPT_PUBKEY, values I_AUTH_METHOD_JWT_SIGN_SECRET, I_AUTH_METHOD_JWT_SIGN_PRIVKEY, I_AUTH_METHOD_JWT_ENCRYPT_SECRET or I_AUTH_METHOD_JWT_ENCRYPT_PUBKEY can be combined with I_AUTH_METHOD_GET or I_AUTH_METHOD_POST.

I_OPT_TOKEN_METHOD 

Authentication method to use with the token endpoint, values available are I_TOKEN_AUTH_METHOD_SECRET_BASIC, I_TOKEN_AUTH_METHOD_SECRET_POST, I_TOKEN_AUTH_METHOD_SECRET_JWT, I_TOKEN_AUTH_METHOD_PRIVATE_JWT, I_TOKEN_AUTH_METHOD_NONE.

I_OPT_TOKEN_TYPE 

token_type value after a succesfull auth or token request, string

I_OPT_EXPIRES_IN 

expires_in value after a succesfull auth or token request, integer

I_OPT_USERNAME 

username for password response_types, string

I_OPT_USER_PASSWORD 

password for password response_types, string

I_OPT_ISSUER 

issuer value, string

I_OPT_USERINFO 

userinfo result, string

I_OPT_NONCE_GENERATE 

generate a random nonce value

I_OPT_STATE_GENERATE 

generate a random state value

I_OPT_X5U_FLAGS 

x5u flage to apply when JWK used have a x5u property, values available are R_FLAG_IGNORE_SERVER_CERTIFICATE: ignrore if web server certificate is invalid, R_FLAG_FOLLOW_REDIRECT: follow redirections if necessary, R_FLAG_IGNORE_REMOTE: do not download remote key

I_OPT_SERVER_KID 

key id to use if multiple jwk are available on the server, string

I_OPT_CLIENT_KID 

key id to use if multiple jwk are available on the client, string

I_OPT_CLIENT_SIGN_ALG 

signature algorithm to use when the client signs a request in a JWT, values available are 'none', 'HS256', 'HS384', 'HS512', 'RS256', 'RS384', 'RS512', 'ES256', 'ES384', 'ES512', 'PS256', 'PS384', 'PS512', 'EDDSA'

I_OPT_CLIENT_ENC_ALG 

key encryption algorithm to use when the client encrypts a request in a JWT, values available are 'RSA1_5', 'RSA_OAEP', 'RSA_OAEP_256', 'A128KW', 'A192KW', 'A256KW', 'DIR', 'ECDH_ES', 'ECDH_ES_A128KW', 'ECDH_ES_A192KW', 'ECDH_ES_A256KW', 'A128GCMKW', 'A192GCMKW', 'A256GCMKW', 'PBES2_H256', 'PBES2_H384 or 'PBES2_H512', warning: some algorithm may be unavailable depending on Rhonabwy version used

I_OPT_CLIENT_ENC 

data encryption algorithm to use when the client encrypts a request in a JWT, values available are 'A128CBC,' 'A192CBC,' 'A256CBC,' 'A128GCM,' 'A192GCM,' 'A256GCM,' warning: some algorithm may be unavailable depending on Rhonabwy version used

I_OPT_TOKEN_JTI 

jti value, string

I_OPT_TOKEN_JTI_GENERATE 

generate a random jti value

I_OPT_TOKEN_EXP 

JWT token request expiration time in seconds.

I_OPT_TOKEN_TARGET 

access_token which is the target of a revocation or an introspection, string

I_OPT_TOKEN_TARGET_TYPE_HINT 

access_token which is the target of a revocation or an introspection, string

I_OPT_REVOCATION_ENDPOINT 

absolute url for the revocation endpoint, string

I_OPT_INTROSPECTION_ENDPOINT 

absolute url for the introspection endpoint, string

I_OPT_REGISTRATION_ENDPOINT 

absolute url for the client registration endpoint, string