micahmoore/pserv
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

changed header parsing to avoid cutting up space-contained values

Browse Source 
- also fixes and updates to JWT examples
This commit is contained in:
Godmar Back 2021-04-23 13:16:31 -04:00
parent beffc8ad32
commit f6389fb4b6
3 changed files with 80 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/http.c
View File

@ -98,17 +98,23 @@ http_process_headers(struct http_transaction *ta)
*/
char *endptr;
char *field_name = strtok_r(header, ":", &endptr);
char *field_value = strtok_r(NULL, " \t", &endptr); // skip leading & trailing OWS
if (field_name == NULL || field_value == NULL)
if (field_name == NULL)
return false;
// skip white space
char *field_value = endptr;
while (*field_value == ' ' || *field_value == '\t')
field_value++;
// you may print the header like so
// printf("Header: %s: %s\n", field_name, field_value);
if (!strcasecmp(field_name, "Content-Length")) {
ta->req_content_len = atoi(field_value);
}
/* Handle other headers here. */
/* Handle other headers here. Both field_value and field_name
* are zero-terminated strings.
*/
}
}

55
src/jwt_demo_hs256.c
View File

@ -1,56 +1,73 @@
/*
* Quick demo of how to use libjwt using a HS256.
*
* @author gback, CS 3214, Spring 2018
* @author gback, CS 3214, Spring 2018, updated Spring 2021
*/
#include <jwt.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <time.h>
#include <errno.h>
static const char * NEVER_EMBED_A_SECRET_IN_CODE = "supa secret";
static void
die(const char *msg, int error)
{
fprintf(stderr, "%s: %s\n", msg, strerror(error));
exit(EXIT_FAILURE);
}
int
main()
{
jwt_t *mytoken;
if (jwt_new(&mytoken))
perror("jwt_new"), exit(-1);
int rc = jwt_new(&mytoken);
if (rc)
die("jwt_new", rc);
if (jwt_add_grant(mytoken, "sub", "user0"))
perror("jwt_add_grant sub"), exit(-1);
rc = jwt_add_grant(mytoken, "sub", "user0");
if (rc)
die("jwt_add_grant sub", rc);
time_t now = time(NULL);
if (jwt_add_grant_int(mytoken, "iat", now))
perror("jwt_add_grant iat"), exit(-1);
rc = jwt_add_grant_int(mytoken, "iat", now);
if (rc)
die("jwt_add_grant iat", rc);
if (jwt_add_grant_int(mytoken, "exp", now + 3600 * 24))
perror("jwt_add_grant exp"), exit(-1);
rc = jwt_add_grant_int(mytoken, "exp", now + 3600 * 24);
if (rc)
die("jwt_add_grant exp", rc);
if (jwt_set_alg(mytoken, JWT_ALG_HS256,
(unsigned char *)NEVER_EMBED_A_SECRET_IN_CODE, strlen(NEVER_EMBED_A_SECRET_IN_CODE)))
perror("jwt_set_alg"), exit(-1);
rc = jwt_set_alg(mytoken, JWT_ALG_HS256,
(unsigned char *)NEVER_EMBED_A_SECRET_IN_CODE,
strlen(NEVER_EMBED_A_SECRET_IN_CODE));
if (rc)
die("jwt_set_alg", rc);
printf("dump:\n");
if (jwt_dump_fp(mytoken, stdout, 1))
perror("jwt_dump_fp"), exit(-1);
rc = jwt_dump_fp(mytoken, stdout, 1);
if (rc)
die("jwt_dump_fp", rc);
char *encoded = jwt_encode_str(mytoken);
if (encoded == NULL)
perror("jwt_encode_str"), exit(-1);
die("jwt_encode_str", ENOMEM);
printf("encoded as %s\nTry entering this at jwt.io\n", encoded);
jwt_t *ymtoken;
if (jwt_decode(&ymtoken, encoded,
(unsigned char *)NEVER_EMBED_A_SECRET_IN_CODE, strlen(NEVER_EMBED_A_SECRET_IN_CODE)))
perror("jwt_decode"), exit(-1);
rc = jwt_decode(&ymtoken, encoded,
(unsigned char *)NEVER_EMBED_A_SECRET_IN_CODE,
strlen(NEVER_EMBED_A_SECRET_IN_CODE));
if (rc)
die("jwt_decode", rc);
char *grants = jwt_get_grants_json(ymtoken, NULL); // NULL means all
if (grants == NULL)
perror("jwt_get_grants_json"), exit(-1);
die("jwt_get_grants_json", ENOMEM);
printf("redecoded: %s\n", grants);
}

52
src/jwt_demo_rs256.c
View File

@ -5,17 +5,25 @@
* openssl genpkey -algorithm RSA -out myprivatekey.pem -pkeyopt rsa_keygen_bits:2048
* openssl rsa -in myprivatekey.pem -pubout > mykey.pub
*
* @author gback, CS 3214, Spring 2018
* @author gback, CS 3214, Spring 2018, updated Spring 2021
*/
#include <jwt.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <time.h>
#include <errno.h>
unsigned char private_key[16384];
unsigned char public_key[16384];
static void
die(const char *msg, int error)
{
fprintf(stderr, "%s: %s\n", msg, strerror(error));
exit(EXIT_FAILURE);
}
static void
read_key(unsigned char *key, const char *name)
{
@ -33,42 +41,50 @@ main()
read_key(private_key, "myprivatekey.pem");
read_key(public_key, "mykey.pub");
int rc;
jwt_t *mytoken;
if (jwt_new(&mytoken))
perror("jwt_new"), exit(-1);
rc = jwt_new(&mytoken);
if (rc)
die("jwt_new", rc);
if (jwt_add_grant(mytoken, "sub", "user0"))
perror("jwt_add_grant sub"), exit(-1);
rc = jwt_add_grant(mytoken, "sub", "user0");
if (rc)
die("jwt_add_grant sub", rc);
time_t now = time(NULL);
if (jwt_add_grant_int(mytoken, "iat", now))
perror("jwt_add_grant iat"), exit(-1);
rc = jwt_add_grant_int(mytoken, "iat", now);
if (rc)
die("jwt_add_grant iat", rc);
if (jwt_add_grant_int(mytoken, "exp", now + 3600 * 24))
perror("jwt_add_grant exp"), exit(-1);
rc = jwt_add_grant_int(mytoken, "exp", now + 3600 * 24);
if (rc)
die("jwt_add_grant exp", rc);
if (jwt_set_alg(mytoken, JWT_ALG_RS256,
private_key, strlen((char *)private_key)))
perror("jwt_set_alg"), exit(-1);
rc = jwt_set_alg(mytoken, JWT_ALG_RS256,
private_key, strlen((char *)private_key));
if (rc)
die("jwt_set_alg", rc);
printf("dump:\n");
if (jwt_dump_fp(mytoken, stdout, 1))
perror("jwt_dump_fp"), exit(-1);
rc = jwt_dump_fp(mytoken, stdout, 1);
if (rc)
die("jwt_dump_fp", rc);
char *encoded = jwt_encode_str(mytoken);
if (encoded == NULL)
perror("jwt_encode_str"), exit(-1);
die("jwt_encode_str", ENOMEM);
printf("encoded as %s\nTry entering this at jwt.io\n", encoded);
jwt_t *ymtoken;
if (jwt_decode(&ymtoken, encoded, public_key, strlen((char *)public_key)))
perror("jwt_decode"), exit(-1);
rc = jwt_decode(&ymtoken, encoded, public_key, strlen((char *)public_key));
if (rc)
die("jwt_decode", rc);
char *grants = jwt_get_grants_json(ymtoken, NULL); // NULL means all
if (grants == NULL)
perror("jwt_get_grants_json"), exit(-1);
die("jwt_get_grants_json", ENOMEM);
printf("redecoded: %s\n", grants);
}