*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * Reference:
- * https://github.com/json-c/json-c/blob/master/linkhash.c
- * https://github.com/json-c/json-c/blob/master/linkhash.h
+ *
+ * Reference:
+ * http://stackoverflow.com/questions/25971505/how-to-delete-element-from-hsearch
+ *
*/
#include <time.h>
#include <sys/stat.h>
#include <sys/types.h>
+#include <pthread.h>
+#include <search.h>
-#define AFB_SESSION_JTYPE "AFB_session"
-#define AFB_SESSION_JLIST "AFB_sessions"
-#define AFB_SESSION_JINFO "AFB_infos"
-
-
-#define AFB_CURRENT_SESSION "active-session" // file link name within sndcard dir
-#define AFB_DEFAULT_SESSION "current-session" // should be in sync with UI
-
-
-static struct lh_table *clientCtxs=NULL; // let's use JsonObject Hashtable to Store Sessions
-
-
-// verify we can read/write in session dir
-PUBLIC AFB_error sessionCheckdir (AFB_session *session) {
-
- int err;
-
- // in case session dir would not exist create one
- if (verbose) fprintf (stderr, "AFB:notice checking session dir [%s]\n", session->config->sessiondir);
- mkdir(session->config->sessiondir, S_IRWXU | S_IRWXG | S_IROTH | S_IXOTH);
+#include "afb-apis.h"
- // change for session directory
- err = chdir(session->config->sessiondir);
- if (err) {
- fprintf(stderr,"AFB: Fail to chdir to %s error=%s\n", session->config->sessiondir, strerror(err));
- return err;
- }
+// Session UUID are store in a simple array [for 10 sessions this should be enough]
+static struct {
+ pthread_mutex_t mutex; // declare a mutex to protect hash table
+ AFB_clientCtx **store; // sessions store
+ int count; // current number of sessions
+ int max;
+} sessions;
- // verify we can write session in directory
- json_object *dummy= json_object_new_object();
- json_object_object_add (dummy, "checked" , json_object_new_int (getppid()));
- err = json_object_to_file ("./AFB-probe.json", dummy);
- if (err < 0) return err;
+static const char key_uuid[] = "uuid";
+static const char key_token[] = "token";
- return AFB_SUCCESS;
-}
-
-// let's return only sessions files
-STATIC int fileSelect (const struct dirent *entry) {
- return (strstr (entry->d_name, ".afb") != NULL);
-}
-
-STATIC json_object *checkCardDirExit (AFB_session *session, AFB_request *request ) {
- int sessionDir, cardDir;
-
- // card name should be more than 3 character long !!!!
- if (strlen (request->plugin) < 3) {
- return (jsonNewMessage (AFB_FAIL,"Fail invalid plugin=%s", request->plugin));
- }
+// Free context [XXXX Should be protected again memory abort XXXX]
+static void ctxUuidFreeCB (AFB_clientCtx *client)
+{
+ int idx, cnt;
- // open session directory
- sessionDir = open (session->config->sessiondir, O_DIRECTORY);
- if (sessionDir < 0) {
- return (jsonNewMessage (AFB_FAIL,"Fail to open directory [%s] error=%s", session->config->sessiondir, strerror(sessionDir)));
- }
+ // If application add a handle let's free it now
+ if (client->contexts != NULL) {
- // create session sndcard directory if it does not exit
- cardDir = openat (sessionDir, request->plugin, O_DIRECTORY);
- if (cardDir < 0) {
- cardDir = mkdirat (sessionDir, request->plugin, O_RDWR | S_IRWXU | S_IRGRP);
- if (cardDir < 0) {
- return (jsonNewMessage (AFB_FAIL,"Fail to create directory [%s/%s] error=%s", session->config->sessiondir, request->plugin, strerror(cardDir)));
- }
+ cnt = afb_apis_count();
+ // Free client handle with a standard Free function, with app callback or ignore it
+ for (idx=0; idx < cnt; idx ++) {
+ if (client->contexts[idx] != NULL) {
+ afb_apis_free_context(idx, client->contexts[idx]);
+ }
+ }
}
- close (sessionDir);
- return NULL;
}
-// create a session in current directory
-PUBLIC json_object *sessionList (AFB_session *session, AFB_request *request) {
- json_object *sessionsJ, *ajgResponse;
- struct stat fstat;
- struct dirent **namelist;
- int count, sessionDir;
-
- // if directory for card's sessions does not exist create it
- ajgResponse = checkCardDirExit (session, request);
- if (ajgResponse != NULL) return ajgResponse;
-
- // open session directory
- sessionDir = open (session->config->sessiondir, O_DIRECTORY);
- if (sessionDir < 0) {
- return (jsonNewMessage (AFB_FAIL,"Fail to open directory [%s] error=%s", session->config->sessiondir, strerror(sessionDir)));
- }
-
- count = scandirat (sessionDir, request->plugin, &namelist, fileSelect, alphasort);
- close (sessionDir);
-
- if (count < 0) {
- return (jsonNewMessage (AFB_FAIL,"Fail to scan sessions directory [%s/%s] error=%s", session->config->sessiondir, request->plugin, strerror(sessionDir)));
- }
- if (count == 0) return (jsonNewMessage (AFB_EMPTY,"[%s] no session at [%s]", request->plugin, session->config->sessiondir));
-
- // loop on each session file, retrieve its date and push it into json response object
- sessionsJ = json_object_new_array();
- while (count--) {
- json_object *sessioninfo;
- char timestamp [64];
- char *filename;
-
- // extract file name and last modification date
- filename = namelist[count]->d_name;
- printf("%s\n", filename);
- stat(filename,&fstat);
- strftime (timestamp, sizeof(timestamp), "%c", localtime (&fstat.st_mtime));
- filename[strlen(filename)-4] = '\0'; // remove .afb extension from filename
-
- // create an object by session with last update date
- sessioninfo = json_object_new_object();
- json_object_object_add (sessioninfo, "date" , json_object_new_string (timestamp));
- json_object_object_add (sessioninfo, "session" , json_object_new_string (filename));
- json_object_array_add (sessionsJ, sessioninfo);
-
- free(namelist[count]);
- }
-
- // free scandir structure
- free(namelist);
-
- // everything is OK let's build final response
- ajgResponse = json_object_new_object();
- json_object_object_add (ajgResponse, "jtype" , json_object_new_string (AFB_SESSION_JLIST));
- json_object_object_add (ajgResponse, "status" , jsonNewStatus(AFB_SUCCESS));
- json_object_object_add (ajgResponse, "data" , sessionsJ);
+// Create a new store in RAM, not that is too small it will be automatically extended
+void ctxStoreInit (int nbSession)
+{
- return (ajgResponse);
+ // let's create as store as hashtable does not have any
+ sessions.store = calloc (1 + (unsigned)nbSession, sizeof(AFB_clientCtx));
+ sessions.max = nbSession;
}
-// Create a link toward last used sessionname within sndcard directory
-STATIC void makeSessionLink (const char *cardname, const char *sessionname) {
- char linkname [256], filename [256];
- int err;
- // create a link to keep track of last uploaded sessionname for this card
- strncpy (filename, sessionname, sizeof(filename));
- strncat (filename, ".afb", sizeof(filename));
-
- strncpy (linkname, cardname, sizeof(linkname));
- strncat (linkname, "/", sizeof(filename));
- strncat (linkname, AFB_CURRENT_SESSION, sizeof(linkname));
- strncat (linkname, ".afb", sizeof(filename));
- unlink (linkname); // remove previous link if any
- err = symlink (filename, linkname);
- if (err < 0) fprintf (stderr, "Fail to create link %s->%s error=%s\n", linkname, filename, strerror(errno));
-}
+static AFB_clientCtx *ctxStoreSearch (const char* uuid)
+{
+ int idx;
+ AFB_clientCtx *client;
-// Load Json session object from disk
-PUBLIC json_object *sessionFromDisk (AFB_session *session, AFB_request *request, char *name) {
- json_object *jsonSession, *jtype, *response;
- const char *ajglabel;
- char filename [256];
- int defsession;
+ if (uuid == NULL)
+ return NULL;
- if (name == NULL) {
- return (jsonNewMessage (AFB_FATAL,"session name missing &session=MySessionName"));
+ pthread_mutex_lock(&sessions.mutex);
+
+ for (idx=0; idx < sessions.max; idx++) {
+ if (sessions.store[idx] && (0 == strcmp (uuid, sessions.store[idx]->uuid))) break;
}
- // check for current session request
- defsession = (strcmp (name, AFB_DEFAULT_SESSION) ==0);
+ if (idx == sessions.max) client=NULL;
+ else client= sessions.store[idx];
+ pthread_mutex_unlock(&sessions.mutex);
- // if directory for card's sessions does not exist create it
- response = checkCardDirExit (session, request);
- if (response != NULL) return response;
+ return client;
+}
- // add name and file extension to session name
- strncpy (filename, request->plugin, sizeof(filename));
- strncat (filename, "/", sizeof(filename));
- if (defsession) strncat (filename, AFB_CURRENT_SESSION, sizeof(filename)-1);
- else strncat (filename, name, sizeof(filename)-1);
- strncat (filename, ".afb", sizeof(filename));
+static AFB_error ctxStoreDel (AFB_clientCtx *client)
+{
+ int idx;
+ int status;
- // just upload json object and return without any further processing
- jsonSession = json_object_from_file (filename);
+ if (client == NULL)
+ return AFB_FAIL;
- if (jsonSession == NULL) return (jsonNewMessage (AFB_EMPTY,"File [%s] not found", filename));
+ pthread_mutex_lock(&sessions.mutex);
- // verify that file is a JSON ALSA session type
- if (!json_object_object_get_ex (jsonSession, "jtype", &jtype)) {
- json_object_put (jsonSession);
- return (jsonNewMessage (AFB_EMPTY,"File [%s] 'jtype' descriptor not found", filename));
+ for (idx=0; idx < sessions.max; idx++) {
+ if (sessions.store[idx] && (0 == strcmp (client->uuid, sessions.store[idx]->uuid))) break;
}
- // check type value is AFB_SESSION_JTYPE
- ajglabel = json_object_get_string (jtype);
- if (strcmp (AFB_SESSION_JTYPE, ajglabel)) {
- json_object_put (jsonSession);
- return (jsonNewMessage (AFB_FATAL,"File [%s] jtype=[%s] != [%s]", filename, ajglabel, AFB_SESSION_JTYPE));
+ if (idx == sessions.max)
+ status = AFB_FAIL;
+ else {
+ sessions.count--;
+ ctxUuidFreeCB (sessions.store[idx]);
+ sessions.store[idx]=NULL;
+ status = AFB_SUCCESS;
}
- // create a link to keep track of last uploaded session for this card
- if (!defsession) makeSessionLink (request->plugin, name);
-
- return (jsonSession);
+ pthread_mutex_unlock(&sessions.mutex);
+ return status;
}
-// push Json session object to disk
-PUBLIC json_object * sessionToDisk (AFB_session *session, AFB_request *request, char *name, json_object *jsonSession) {
- char filename [256];
- time_t rawtime;
- struct tm * timeinfo;
- int err, defsession;
- static json_object *response;
-
- // we should have a session name
- if (name == NULL) return (jsonNewMessage (AFB_FATAL,"session name missing &session=MySessionName"));
-
- // check for current session request
- defsession = (strcmp (name, AFB_DEFAULT_SESSION) ==0);
-
- // if directory for card's sessions does not exist create it
- response = checkCardDirExit (session, request);
- if (response != NULL) return response;
-
- // add cardname and file extension to session name
- strncpy (filename, request->plugin, sizeof(filename));
- strncat (filename, "/", sizeof(filename));
- if (defsession) strncat (filename, AFB_CURRENT_SESSION, sizeof(filename)-1);
- else strncat (filename, name, sizeof(filename)-1);
- strncat (filename, ".afb", sizeof(filename)-1);
-
-
- json_object_object_add(jsonSession, "jtype", json_object_new_string (AFB_SESSION_JTYPE));
-
- // add a timestamp and store session on disk
- time ( &rawtime ); timeinfo = localtime ( &rawtime );
- // A copy of the string is made and the memory is managed by the json_object
- json_object_object_add (jsonSession, "timestamp", json_object_new_string (asctime (timeinfo)));
-
-
- // do we have extra session info ?
- if (request->post) {
- static json_object *info, *jtype;
- const char *ajglabel;
-
- // extract session info from args
- info = json_tokener_parse (request->post);
- if (!info) {
- response = jsonNewMessage (AFB_FATAL,"sndcard=%s session=%s invalid json args=%s", request->plugin, name, request->post);
- goto OnErrorExit;
- }
-
- // info is a valid AFB_info type
- if (!json_object_object_get_ex (info, "jtype", &jtype)) {
- response = jsonNewMessage (AFB_EMPTY,"sndcard=%s session=%s No 'AFB_pluginT' args=%s", request->plugin, name, request->post);
- goto OnErrorExit;
- }
-
- // check type value is AFB_INFO_JTYPE
- ajglabel = json_object_get_string (jtype);
- if (strcmp (AFB_SESSION_JINFO, ajglabel)) {
- json_object_put (info); // release info json object
- response = jsonNewMessage (AFB_FATAL,"File [%s] jtype=[%s] != [%s] data=%s", filename, ajglabel, AFB_SESSION_JTYPE, request->post);
- goto OnErrorExit;
- }
-
- // this is valid info data for our session
- json_object_object_add (jsonSession, "info", info);
- }
-
- // Finally save session on disk
- err = json_object_to_file (filename, jsonSession);
- if (err < 0) {
- response = jsonNewMessage (AFB_FATAL,"Fail save session = [%s] to disk", filename);
- goto OnErrorExit;
- }
-
-
- // create a link to keep track of last uploaded session for this card
- if (!defsession) makeSessionLink (request->plugin, name);
-
- // we're donne let's return status message
- response = jsonNewMessage (AFB_SUCCESS,"Session= [%s] saved on disk", filename);
- json_object_put (jsonSession);
- return (response);
-
-OnErrorExit:
- json_object_put (jsonSession);
- return response;
-}
+static AFB_error ctxStoreAdd (AFB_clientCtx *client)
+{
+ int idx;
+ int status;
+ if (client == NULL)
+ return AFB_FAIL;
+ //fprintf (stderr, "ctxStoreAdd request uuid=%s count=%d\n", client->uuid, sessions.count);
-// Function to handle Cookies and Client session context it relies on json low level
-// linked list functionalities https://github.com/json-c/json-c/blob/master/linkhash.c
-
-// Hash client UUID before storing in table
-STATIC unsigned long ctxUuidHashCB (const void *k1) {
- unsigned long hash;
-
- AFB_clientCtx *ctx = (AFB_clientCtx*) k1;
- hash = lh_char_hash(ctx->uuid);
- return (hash);
-}
-
-// Compare client UUIDs within table
-STATIC int ctxUuidCompCB (const void *k1, const void *k2) {
- int res;
- AFB_clientCtx *ctx1 = (AFB_clientCtx*) k1;
- AFB_clientCtx *ctx2 = (AFB_clientCtx*) k2;
-
- res = lh_char_equal(ctx1->uuid, ctx2->uuid);
- return (res);
-}
+ pthread_mutex_lock(&sessions.mutex);
-// Free context [XXXX Should be protected again memory abort XXXX]
-STATIC void ctxUuidFreeCB (struct lh_entry *entry) {
- AFB_clientCtx *ctx = (AFB_clientCtx*) entry->v;
+ for (idx=0; idx < sessions.max; idx++) {
+ if (NULL == sessions.store[idx]) break;
+ }
- // If application add a handle let's free it now
- if (ctx->handle != NULL) {
-
- // Free client handle with a standard Free function, with app callback or ignore it
- if (ctx->freeHandleCB == NULL) free (ctx->handle);
- else if (ctx->freeHandleCB != (void*)-1) ctx->freeHandleCB(ctx->handle);
+ if (idx == sessions.max) status=AFB_FAIL;
+ else {
+ status=AFB_SUCCESS;
+ sessions.count ++;
+ sessions.store[idx]= client;
}
- free ((void*)entry->v);
-}
-// Create a new store in RAM, not that is too small it will be automatically extended
-STATIC struct lh_table *ctxStoreCreate (int nbSession) {
- lh_table *table;
-
- // function will exit process in case of error !!!
- table=lh_table_new (nbSession, "CtxClient", ctxUuidFreeCB, ctxUuidHashCB, ctxUuidCompCB);
- return (table);
+ pthread_mutex_unlock(&sessions.mutex);
+ return status;
}
// Check if context timeout or not
-STATIC int ctxStoreToOld (const void *k1, int timeout) {
- int res;
- AFB_clientCtx *ctx = (AFB_clientCtx*) k1;
-
- res = ((ctx->timeStamp + timeout) < time(NULL));
- return (res);
+static int ctxStoreTooOld (AFB_clientCtx *ctx, int timeout)
+{
+ int res;
+ time_t now = time(NULL);
+ res = (ctx->timeStamp + timeout) <= now;
+ return res;
}
-// Loop on every entry and remove old context sessions
-PUBLIC int ctxStoreGarbage (struct lh_table *lht, const int timeout) {
- struct lh_entry *c;
-
- // Loop on every entry within table
- for(c = lht->head; c != NULL; c = c->next) {
- if(lht->free_fn) {
- if(c->k == LH_EMPTY) return lht->count;
- if(c->k != LH_FREED && ctxStoreToOld(c->v, timeout)) lh_table_delete_entry (lht, c);
- }
+// Loop on every entry and remove old context sessions.hash
+void ctxStoreGarbage (const int timeout)
+{
+ AFB_clientCtx *ctx;
+ long idx;
+
+ // Loop on Sessions Table and remove anything that is older than timeout
+ for (idx=0; idx < sessions.max; idx++) {
+ ctx = sessions.store[idx];
+ if ((ctx != NULL) && (ctxStoreTooOld(ctx, timeout))) {
+ ctxStoreDel (ctx);
+ }
}
-
- // return current size after cleanup
- return (lht->count);
}
// This function will return exiting client context or newly created client context
-PUBLIC AFB_error ctxClientGet (AFB_request *request) {
- static int cid=0;
+AFB_clientCtx *ctxClientGet (AFB_request *request, int apiidx)
+{
AFB_clientCtx *clientCtx=NULL;
const char *uuid;
uuid_t newuuid;
- int ret;
-
- if (request->config->token == NULL) return AFB_EMPTY;
-
- // if client session store is null create it
- if (clientCtxs == NULL) {
- clientCtxs= ctxStoreCreate(CTX_NBCLIENTS);
- }
+
+ if (request->config->token == NULL) return NULL;
// Check if client as a context or not inside the URL
- uuid = MHD_lookup_connection_value(request->connection, MHD_GET_ARGUMENT_KIND, "uuid");
-
+ uuid = MHD_lookup_connection_value(request->connection, MHD_GET_ARGUMENT_KIND, key_uuid);
+
// if UUID in query we're restfull with no cookies otherwise check for cookie
- if (uuid != NULL) request->restfull = TRUE;
+ if (uuid != NULL)
+ request->restfull = TRUE;
else {
+ char cookie[64];
request->restfull = FALSE;
- uuid = MHD_lookup_connection_value (request->connection, MHD_COOKIE_KIND, COOKIE_NAME);
+ snprintf(cookie, sizeof cookie, "%s-%d", COOKIE_NAME, request->config->httpdPort);
+ uuid = MHD_lookup_connection_value (request->connection, MHD_COOKIE_KIND, cookie);
};
-
-
- if (uuid != NULL) {
+
+ // Warning when no cookie defined MHD_lookup_connection_value may return something !!!
+ if ((uuid != NULL) && (strnlen (uuid, 10) >= 10)) {
// search if client context exist and it not timeout let's use it
- if ((lh_table_lookup_ex (clientCtxs, uuid, (void**) &clientCtx))
- && ! ctxStoreToOld (clientCtx, request->config->cntxTimeout)) {
- request->client=clientCtx;
- if (verbose) fprintf (stderr, "ctxClientGet Old uuid=[%s] token=[%s] timestamp=%d\n"
- ,request->client->uuid, request->client->token, request->client->timeStamp);
- return;
+ clientCtx = ctxStoreSearch (uuid);
+
+ if (clientCtx) {
+ if (ctxStoreTooOld (clientCtx, request->config->cntxTimeout)) {
+ // this session is too old let's delete it
+ ctxStoreDel (clientCtx);
+ clientCtx = NULL;
+ } else {
+ request->context = clientCtx->contexts[apiidx];
+ request->uuid = uuid;
+ return clientCtx;
+ }
}
}
-
// we have no session let's create one otherwise let's clean any exiting values
- if (clientCtx == NULL) clientCtx = calloc(1, sizeof(AFB_clientCtx)); // init NULL clientContext
+ if (clientCtx == NULL) {
+ clientCtx = calloc(1, sizeof(AFB_clientCtx)); // init NULL clientContext
+ clientCtx->contexts = calloc ((unsigned)afb_apis_count(), sizeof (void*));
+ }
+
uuid_generate(newuuid); // create a new UUID
uuid_unparse_lower(newuuid, clientCtx->uuid);
- clientCtx->cid=cid++;
-
+
// if table is full at 50% let's clean it up
- if(clientCtxs->count > (clientCtxs->size*0.5)) ctxStoreGarbage(clientCtxs, request->config->cntxTimeout);
-
+ if(sessions.count > (sessions.max / 2)) ctxStoreGarbage(request->config->cntxTimeout);
+
// finally add uuid into hashtable
- ret=lh_table_insert (clientCtxs, (void*)clientCtx->uuid, clientCtx);
- if (ret < 0) return (AFB_FAIL);
-
- if (verbose) fprintf (stderr, "ctxClientGet New uuid=[%s] token=[%s] timestamp=%d\n", clientCtx->uuid, clientCtx->token, clientCtx->timeStamp);
- request->client = clientCtx;
+ if (AFB_SUCCESS != ctxStoreAdd (clientCtx)) {
+ free (clientCtx);
+ return NULL;
+ }
- return (AFB_SUCCESS);
+ // if (verbose) fprintf (stderr, "ctxClientGet New uuid=[%s] token=[%s] timestamp=%d\n", clientCtx->uuid, clientCtx->token, clientCtx->timeStamp);
+ request->context = clientCtx->contexts[apiidx];
+ request->uuid = clientCtx->uuid;
+ return clientCtx;
}
// Sample Generic Ping Debug API
-PUBLIC AFB_error ctxTokenCheck (AFB_request *request) {
+AFB_error ctxTokenCheck (AFB_clientCtx *clientCtx, AFB_request *request)
+{
const char *token;
-
- if (request->client == NULL) return AFB_EMPTY;
-
+
+ if (clientCtx->contexts == NULL)
+ return AFB_EMPTY;
+
// this time have to extract token from query list
- token = MHD_lookup_connection_value(request->connection, MHD_GET_ARGUMENT_KIND, "token");
-
+ token = MHD_lookup_connection_value(request->connection, MHD_GET_ARGUMENT_KIND, key_token);
+
// if not token is providing we refuse the exchange
- if ((token == NULL) || (request->client->token == NULL)) return (AFB_FALSE);
-
+ if ((token == NULL) || (clientCtx->token == NULL))
+ return AFB_FALSE;
+
// compare current token with previous one
- if ((0 == strcmp (token, request->client->token)) && (!ctxStoreToOld (request->client, request->config->cntxTimeout))) {
- return (AFB_SUCCESS);
+ if ((0 == strcmp (token, clientCtx->token)) && (!ctxStoreTooOld (clientCtx, request->config->cntxTimeout))) {
+ return AFB_SUCCESS;
}
-
+
// Token is not valid let move level of assurance to zero and free attached client handle
- return (AFB_FAIL);
+ return AFB_FAIL;
}
// Free Client Session Context
-PUBLIC AFB_error ctxTokenReset (AFB_request *request) {
- struct lh_entry* entry;
- int ret;
-
- if (request->client == NULL) return AFB_EMPTY;
-
- entry = lh_table_lookup_entry (clientCtxs, request->client->uuid);
- if (entry == NULL) return AFB_FALSE;
-
- lh_table_delete_entry (clientCtxs, entry);
-
- return (AFB_SUCCESS);
+AFB_error ctxTokenReset (AFB_clientCtx *clientCtx, AFB_request *request)
+{
+ if (clientCtx == NULL)
+ return AFB_EMPTY;
+ //if (verbose) fprintf (stderr, "ctxClientReset New uuid=[%s] token=[%s] timestamp=%d\n", clientCtx->uuid, clientCtx->token, clientCtx->timeStamp);
+
+ // Search for an existing client with the same UUID
+ clientCtx = ctxStoreSearch (clientCtx->uuid);
+ if (clientCtx == NULL)
+ return AFB_FALSE;
+
+ // Remove client from table
+ ctxStoreDel (clientCtx);
+
+ return AFB_SUCCESS;
}
// generate a new token
-PUBLIC AFB_error ctxTokenCreate (AFB_request *request) {
- int oldTnkValid;
- const char *ornew;
+AFB_error ctxTokenCreate (AFB_clientCtx *clientCtx, AFB_request *request)
+{
uuid_t newuuid;
+ const char *token;
+
+ if (clientCtx == NULL)
+ return AFB_EMPTY;
- if (request->client == NULL) return AFB_EMPTY;
+ // if config->token!="" then verify that we have the right initial share secret
+ if (request->config->token[0] != '\0') {
+
+ // check for initial token secret and return if not presented
+ token = MHD_lookup_connection_value(request->connection, MHD_GET_ARGUMENT_KIND, key_token);
+ if (token == NULL)
+ return AFB_UNAUTH;
+
+ // verify that it fits with initial tokens fit
+ if (strcmp(request->config->token, token))
+ return AFB_UNAUTH;
+ }
// create a UUID as token value
- uuid_generate(newuuid);
- uuid_unparse_lower(newuuid, request->client->token);
-
+ uuid_generate(newuuid);
+ uuid_unparse_lower(newuuid, clientCtx->token);
+
// keep track of time for session timeout and further clean up
- request->client->timeStamp=time(NULL);
-
+ clientCtx->timeStamp=time(NULL);
+
// Token is also store in context but it might be convenient for plugin to access it directly
- return (AFB_SUCCESS);
+ return AFB_SUCCESS;
}
// generate a new token and update client context
-PUBLIC AFB_error ctxTokenRefresh (AFB_request *request) {
- int oldTnkValid;
- const char *oldornew;
+AFB_error ctxTokenRefresh (AFB_clientCtx *clientCtx, AFB_request *request)
+{
uuid_t newuuid;
- if (request->client == NULL) return AFB_EMPTY;
-
+ if (clientCtx == NULL)
+ return AFB_EMPTY;
+
// Check if the old token is valid
- oldTnkValid= ctxTokenCheck (request);
-
- // if token is not valid let check for query argument "oldornew"
- if (!oldTnkValid) {
- oldornew = MHD_lookup_connection_value(request->connection, MHD_GET_ARGUMENT_KIND, "oldornew");
- if (oldornew != NULL) oldTnkValid= TRUE;
- }
-
- // No existing token and no request to create one
- if (oldTnkValid != TRUE) return AFB_WARNING;
+ if (ctxTokenCheck (clientCtx, request) != AFB_SUCCESS)
+ return AFB_FAIL;
+
+ // Old token was valid let's regenerate a new one
+ uuid_generate(newuuid); // create a new UUID
+ uuid_unparse_lower(newuuid, clientCtx->token);
+
+ // keep track of time for session timeout and further clean up
+ clientCtx->timeStamp=time(NULL);
- return (ctxTokenCreate (request));
+ return AFB_SUCCESS;
}
Code Review / src / app-framework-binder.git / blobdiff