[gnunet] branch master updated: -fix userinfo sub claim

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[gnunet] branch master updated: -fix userinfo sub claim

From:	gnunet
Subject:	[gnunet] branch master updated: -fix userinfo sub claim
Date:	Mon, 03 Aug 2020 21:49:27 +0200

This is an automated email from the git hooks/post-receive script.

martin-schanzenbach pushed a commit to branch master
in repository gnunet.

The following commit(s) were added to refs/heads/master by this push:
     new ba2050750 -fix userinfo sub claim
ba2050750 is described below

commit ba2050750fcb0b5c7919fda98bca4f7c13a36d14
Author: Martin Schanzenbach <mschanzenbach@posteo.de>
AuthorDate: Mon Aug 3 21:43:21 2020 +0200

    -fix userinfo sub claim
---
 src/reclaim/plugin_rest_openid_connect.c | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/src/reclaim/plugin_rest_openid_connect.c 
b/src/reclaim/plugin_rest_openid_connect.c
index e54473162..3db881244 100644
--- a/src/reclaim/plugin_rest_openid_connect.c
+++ b/src/reclaim/plugin_rest_openid_connect.c
@@ -2279,7 +2279,8 @@ userinfo_endpoint (struct GNUNET_REST_RequestHandle 
*con_handle,
   char *authorization_type;
   char *authorization_access_token;
   struct GNUNET_RECLAIM_Ticket *ticket;
-  const struct EgoEntry *ego_entry;
+  const struct EgoEntry *aud_ego;
+  const struct EgoEntry *iss_ego;
   const struct GNUNET_CRYPTO_EcdsaPrivateKey *privkey;
 
   GNUNET_CRYPTO_hash (OIDC_AUTHORIZATION_HEADER_KEY,
@@ -2340,8 +2341,9 @@ userinfo_endpoint (struct GNUNET_REST_RequestHandle 
*con_handle,
   ticket =
     GNUNET_CONTAINER_multihashmap_get (OIDC_access_token_map, &cache_key);
   GNUNET_assert (NULL != ticket);
-  ego_entry = find_ego (handle, &ticket->audience);
-  if (NULL == ego_entry)
+  aud_ego = find_ego (handle, &ticket->audience);
+  iss_ego = find_ego (handle, &ticket->identity);
+  if ((NULL == aud_ego) || (NULL == iss_ego))
   {
     handle->emsg = GNUNET_strdup (OIDC_ERROR_KEY_INVALID_TOKEN);
     handle->edesc = GNUNET_strdup ("The access token expired");
@@ -2355,8 +2357,9 @@ userinfo_endpoint (struct GNUNET_REST_RequestHandle 
*con_handle,
   handle->oidc->response = json_object ();
   json_object_set_new (handle->oidc->response,
                        "sub",
-                       json_string (ego_entry->keystring));
-  privkey = GNUNET_IDENTITY_ego_get_private_key (ego_entry->ego);
+                       json_string (iss_ego->keystring));
+  privkey = GNUNET_IDENTITY_ego_get_private_key (aud_ego->ego);
+
   handle->idp_op = GNUNET_RECLAIM_ticket_consume (handle->idp,
                                                   privkey,
                                                   ticket,

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.

[Prev in Thread]

Current Thread

[Next in Thread]

[gnunet] branch master updated: -fix userinfo sub claim, gnunet <=

Prev by Date: [taler-wallet-kotlin] branch master updated: Implement beginning of public API for iOS test
Next by Date: [taler-wallet-kotlin] branch master updated: add seperate def file for libsodium static (needed for ios only)
Previous by thread: [taler-wallet-kotlin] branch master updated: Implement beginning of public API for iOS test
Next by thread: [taler-wallet-kotlin] branch master updated: add seperate def file for libsodium static (needed for ios only)
Index(es):
- Date
- Thread