From 991fc01c87b61d8a74469341b37a860c284d6117 Mon Sep 17 00:00:00 2001 From: Micah Moore Date: Mon, 5 Dec 2022 20:24:32 -0500 Subject: [PATCH] get_handle_login; token field in http_transaction --- src/http.c | 31 +++++++++++++++++++++++++++++++ src/http.h | 1 + 2 files changed, 32 insertions(+) diff --git a/src/http.c b/src/http.c index ce76933..20b9184 100644 --- a/src/http.c +++ b/src/http.c @@ -327,6 +327,36 @@ out: } +static bool get_handle_login(struct http_transaction *ta) { + http_add_header(&ta->resp_headers, "Content-Type", "application/json"); + + if (ta->token == NULL) { + return send_error(ta, HTTP_OK, "{}"); + } + + jwt_t *cookie; + int rc = jwt_decode(&cookie, ta->token, (unsigned char *) "key", 3); + if (rc) { + return send_error(ta, HTTP_OK, "{}\n"); + } + /* Send claims */ + char *grants = jwt_get_grants_json(cookie, NULL); + if (grants == NULL) { + return send_error(ta, HTTP_OK, "{}\n"); + } + + // check expiration, still implementing + if (1) { + return send_error(ta, HTTP_PERMISSION_DENIED,"Forbidden.\n"); + } + + // Still implementing + + return send_response(ta); + + +} + static int val_api_url(struct http_transaction *ta) { char *req_path = bufio_offset2ptr(ta->client->bufio, ta->req_path); if (!strcmp(req_path, "/api/login")) { @@ -355,6 +385,7 @@ handle_api(struct http_transaction *ta) else if (ta->req_method == HTTP_GET){ // Handle login get + return get_handle_login(ta); } else{ diff --git a/src/http.h b/src/http.h index fae6024..8443d86 100644 --- a/src/http.h +++ b/src/http.h @@ -40,6 +40,7 @@ struct http_transaction { size_t req_body; // ditto int req_content_len; // content length of request body + char *token; // authentication token /* response related fields */ enum http_response_status resp_status;