+static struct json_object *addperm_key_val(struct json_object *o, const char *key, struct json_object *val)
+{
+ struct json_object *x = json_object_new_object();
+ json_object_object_add(x, key, val);
+ return addperm(o, x);
+}
+
+static struct json_object *addperm_key_valstr(struct json_object *o, const char *key, const char *val)
+{
+ return addperm_key_val(o, key, json_object_new_string(val));
+}
+
+static struct json_object *addperm_key_valint(struct json_object *o, const char *key, int val)
+{
+ return addperm_key_val(o, key, json_object_new_int(val));
+}
+
+static struct json_object *addauth_or_array(struct json_object *o, const struct afb_auth *auth);
+
+static struct json_object *addauth(struct json_object *o, const struct afb_auth *auth)
+{
+ switch(auth->type) {
+ case afb_auth_No: return addperm(o, json_object_new_boolean(0));
+ case afb_auth_Token: return addperm_key_valstr(o, "session", "check");
+ case afb_auth_LOA: return addperm_key_valint(o, "LOA", auth->loa);
+ case afb_auth_Permission: return addperm_key_valstr(o, "permission", auth->text);
+ case afb_auth_Or: return addperm_key_val(o, "anyOf", addauth_or_array(json_object_new_array(), auth));
+ case afb_auth_And: return addauth(addauth(o, auth->first), auth->next);
+ case afb_auth_Not: return addperm_key_val(o, "not", addauth(NULL, auth->first));
+ case afb_auth_Yes: return addperm(o, json_object_new_boolean(1));
+ }
+ return o;
+}
+
+static struct json_object *addauth_or_array(struct json_object *o, const struct afb_auth *auth)
+{
+ if (auth->type != afb_auth_Or)
+ json_object_array_add(o, addauth(NULL, auth));
+ else {
+ addauth_or_array(o, auth->first);
+ addauth_or_array(o, auth->next);
+ }
+
+ return o;
+}
+
+struct json_object *afb_auth_json_x2(const struct afb_auth *auth, uint32_t session)
+{
+ struct json_object *result = NULL;
+
+ if (session & AFB_SESSION_CLOSE_X2)
+ result = addperm_key_valstr(result, "session", "close");
+
+ if (session & AFB_SESSION_CHECK_X2)
+ result = addperm_key_valstr(result, "session", "check");
+
+ if (session & AFB_SESSION_REFRESH_X2)
+ result = addperm_key_valstr(result, "token", "refresh");
+
+ if (session & AFB_SESSION_LOA_MASK_X2)
+ result = addperm_key_valint(result, "LOA", session & AFB_SESSION_LOA_MASK_X2);
+
+ if (auth)
+ result = addauth(result, auth);
+
+ return result;
+}
+
+
+#if WITH_LEGACY_BINDING_V1
+struct json_object *afb_auth_json_x1(int session)
+{
+ struct json_object *result = NULL;
+
+ if (session & AFB_SESSION_CLOSE_X1)
+ result = addperm_key_valstr(result, "session", "close");
+ if (session & AFB_SESSION_CHECK_X1)
+ result = addperm_key_valstr(result, "session", "check");
+ if (session & AFB_SESSION_RENEW_X1)
+ result = addperm_key_valstr(result, "token", "refresh");
+ if (session & AFB_SESSION_LOA_MASK_X1)
+ result = addperm_key_valint(result, "LOA", (session >> AFB_SESSION_LOA_SHIFT_X1) & AFB_SESSION_LOA_MASK_X1);
+
+ return result;
+}
+#endif