X-Git-Url: https://gerrit.automotivelinux.org/gerrit/gitweb?a=blobdiff_plain;f=src%2Fafb-context.c;h=899baa646c32dc17cbf881c21d53070256f62d5a;hb=65353dce81a629e042800bb7b86fcd869a76727e;hp=ba093c375b189fc26a64c11646a2366a971f5d1c;hpb=26bca5f8a8c6f9403a84945a5cd914b6da948efd;p=src%2Fapp-framework-binder.git diff --git a/src/afb-context.c b/src/afb-context.c index ba093c37..899baa64 100644 --- a/src/afb-context.c +++ b/src/afb-context.c @@ -1,6 +1,7 @@ /* - * Copyright (C) 2015, 2016 "IoT.bzh" + * Copyright (C) 2015-2020 "IoT.bzh" * Author "Fulup Ar Foll" + * Author José Bollo * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -19,102 +20,181 @@ #include #include +#include +#include -#include "session.h" +#include "afb-session.h" #include "afb-context.h" +#include "afb-token.h" +#include "afb-cred.h" +#include "afb-perm.h" +#include "afb-permission-text.h" +#include "verbose.h" -static void init_context(struct afb_context *context, struct AFB_clientCtx *session, const char *token) +static void init_context(struct afb_context *context, struct afb_session *session, struct afb_token *token, struct afb_cred *cred) { assert(session != NULL); /* reset the context for the session */ context->session = session; context->flags = 0; - context->api_index = -1; - context->loa_in = ctxClientGetLOA(session) & 7; + context->super = NULL; + context->api_key = NULL; + context->token = afb_token_addref(token); + context->credentials = afb_cred_addref(cred); +} - /* check the token */ - if (token != NULL) { - if (ctxTokenCheck(session, token)) - context->validated = 1; - else - context->invalidated = 1; - } +void afb_context_subinit(struct afb_context *context, struct afb_context *super) +{ + context->session = afb_session_addref(super->session); + context->flags = 0; + context->super = super; + context->api_key = NULL; + context->token = afb_token_addref(super->token); + context->credentials = afb_cred_addref(super->credentials); } -void afb_context_init(struct afb_context *context, struct AFB_clientCtx *session, const char *token) +void afb_context_init(struct afb_context *context, struct afb_session *session, struct afb_token *token, struct afb_cred *cred) { - init_context(context, ctxClientAddRef(session), token); + init_context(context, afb_session_addref(session), token, cred); } -int afb_context_connect(struct afb_context *context, const char *uuid, const char *token) +int afb_context_connect(struct afb_context *context, const char *uuid, struct afb_token *token, struct afb_cred *cred) { int created; - struct AFB_clientCtx *session; + struct afb_session *session; - session = ctxClientGetSession (uuid, &created); + session = afb_session_get (uuid, AFB_SESSION_TIMEOUT_DEFAULT, &created); if (session == NULL) return -1; - init_context(context, session, token); + init_context(context, session, token, cred); if (created) { context->created = 1; - /* context->refreshing = 1; */ } return 0; } +int afb_context_connect_validated(struct afb_context *context, const char *uuid, struct afb_token *token, struct afb_cred *cred) +{ + int rc = afb_context_connect(context, uuid, token, cred); + if (!rc) + context->validated = 1; + return rc; +} + +void afb_context_init_validated(struct afb_context *context, struct afb_session *session, struct afb_token *token, struct afb_cred *cred) +{ + afb_context_init(context, session, token, cred); + context->validated = 1; +} + void afb_context_disconnect(struct afb_context *context) { - if (context->session != NULL) { - if (context->refreshing && !context->refreshed) { - ctxTokenNew (context->session); - context->refreshed = 1; - } - if (context->loa_changing && !context->loa_changed) { - ctxClientSetLOA (context->session, context->loa_out); - context->loa_changed = 1; - } - if (context->closing && !context->closed) { - ctxClientClose(context->session); - context->closed = 1; - } - ctxClientUnref(context->session); - context->session = NULL; + if (context->session && !context->super && context->closing && !context->closed) { + afb_context_change_loa(context, 0); + afb_context_set(context, NULL, NULL); + context->closed = 1; + } + afb_session_unref(context->session); + context->session = NULL; + afb_cred_unref(context->credentials); + context->credentials = NULL; + afb_token_unref(context->token); + context->token = NULL; +} + +void afb_context_change_cred(struct afb_context *context, struct afb_cred *cred) +{ + struct afb_cred *ocred = context->credentials; + if (ocred != cred) { + context->credentials = afb_cred_addref(cred); + afb_cred_unref(ocred); } } -const char *afb_context_sent_token(struct afb_context *context) +void afb_context_change_token(struct afb_context *context, struct afb_token *token) { - if (context->session == NULL || context->closing) - return NULL; - if (!context->refreshing) - return NULL; - if (!context->refreshed) { - ctxTokenNew (context->session); - context->refreshed = 1; + struct afb_token *otoken = context->token; + if (otoken != token) { + context->token = afb_token_addref(token); + afb_token_unref(otoken); } - return ctxClientGetToken(context->session); } -const char *afb_context_sent_uuid(struct afb_context *context) +const char *afb_context_on_behalf_export(struct afb_context *context) { - if (context->session == NULL || context->closing) - return NULL; - if (!context->created) - return NULL; - return ctxClientGetUuid(context->session); + return context->credentials ? afb_cred_export(context->credentials) : NULL; +} + +int afb_context_on_behalf_import(struct afb_context *context, const char *exported) +{ + int rc; + struct afb_cred *imported, *ocred; + + if (!exported || !*exported) + rc = 0; + else { + if (afb_context_has_permission(context, afb_permission_on_behalf_credential)) { + imported = afb_cred_import(exported); + if (!imported) { + ERROR("Can't import on behalf credentials: %m"); + rc = -1; + } else { + ocred = context->credentials; + context->credentials = imported; + afb_cred_unref(ocred); + rc = 0; + } + } else { + ERROR("On behalf credentials refused"); + rc = -1; + } + } + return rc; +} + +void afb_context_on_behalf_other_context(struct afb_context *context, struct afb_context *other) +{ + afb_context_change_cred(context, other->credentials); + afb_context_change_token(context, other->token); +} + +int afb_context_has_permission(struct afb_context *context, const char *permission) +{ + return afb_perm_check(context, permission); +} + +void afb_context_has_permission_async( + struct afb_context *context, + const char *permission, + void (*callback)(void *_closure, int _status), + void *closure +) +{ + return afb_perm_check_async(context, permission, callback, closure); +} + +const char *afb_context_uuid(struct afb_context *context) +{ + return context->session ? afb_session_uuid(context->session) : NULL; +} + +void *afb_context_make(struct afb_context *context, int replace, void *(*make_value)(void *closure), void (*free_value)(void *item), void *closure) +{ + assert(context->session != NULL); + return afb_session_cookie(context->session, context->api_key, make_value, free_value, closure, replace); } void *afb_context_get(struct afb_context *context) { assert(context->session != NULL); - return ctxClientValueGet(context->session, context->api_index); + return afb_session_get_cookie(context->session, context->api_key); } -void afb_context_set(struct afb_context *context, void *value, void (*free_value)(void*)) +int afb_context_set(struct afb_context *context, void *value, void (*free_value)(void*)) { assert(context->session != NULL); - return ctxClientValueSet(context->session, context->api_index, value, free_value); + return afb_session_set_cookie(context->session, context->api_key, value, free_value); } void afb_context_close(struct afb_context *context) @@ -122,35 +202,115 @@ void afb_context_close(struct afb_context *context) context->closing = 1; } -void afb_context_refresh(struct afb_context *context) +struct chkctx { + struct afb_context *context; + void (*callback)(void *_closure, int _status); + void *closure; +}; + +static void check_context_cb(void *closure_chkctx, int status) { - assert(context->validated); - context->refreshing = 1; + struct chkctx *cc = closure_chkctx; + struct afb_context *context = cc->context; + void (*callback)(void*,int) = cc->callback; + void *closure = cc->closure; + + free(cc); + if (status) + context->validated = 1; + else + context->invalidated = 1; + callback(closure, status); +} + +static int check_context( + struct afb_context *context, + void (*callback)(void *_closure, int _status), + void *closure +) { + int r; + struct chkctx *cc; + + if (context->validated) + r = 1; + else if (context->invalidated) + r = 0; + else { + if (context->super) + r = check_context(context->super, callback, closure); + else if (!callback) + r = afb_context_has_permission(context, afb_permission_token_valid); + else { + cc = malloc(sizeof *cc); + if (cc) { + cc->context = context; + cc->callback = callback; + cc->closure = closure; + afb_context_has_permission_async(context, afb_permission_token_valid, check_context_cb, cc); + return -1; + } + ERROR("out-of-memory"); + r = 0; + } + if (r) + context->validated = 1; + else + context->invalidated = 1; + } + return r; } int afb_context_check(struct afb_context *context) { - return context->validated; + return check_context(context, 0, 0); } -int afb_context_check_loa(struct afb_context *context, unsigned loa) +void afb_context_check_async( + struct afb_context *context, + void (*callback)(void *_closure, int _status), + void *closure +) { + int r = check_context(context, callback, closure); + if (r >= 0) + callback(closure, r); +} + +static inline const void *loa_key(struct afb_context *context) { - return context->loa_in >= loa; + return (const void*)(1+(intptr_t)(context->api_key)); } -int afb_context_change_loa(struct afb_context *context, unsigned loa) +static inline void *loa2ptr(unsigned loa) { - if (!context->validated || loa > 7) - return 0; + return (void*)(intptr_t)loa; +} - if (loa == context->loa_in && !context->loa_changed) - context->loa_changing = 0; - else { - context->loa_out = loa & 7; - context->loa_changing = 1; - context->loa_changed = 0; +static inline unsigned ptr2loa(void *ptr) +{ + return (unsigned)(intptr_t)ptr; +} + +int afb_context_change_loa(struct afb_context *context, unsigned loa) +{ + if (loa > 7) { + errno = EINVAL; + return -1; } - return 1; + if (!afb_context_check(context)) { + errno = EPERM; + return -1; + } + + return afb_session_set_cookie(context->session, loa_key(context), loa2ptr(loa), NULL); } +unsigned afb_context_get_loa(struct afb_context *context) +{ + assert(context->session != NULL); + return ptr2loa(afb_session_get_cookie(context->session, loa_key(context))); +} +int afb_context_check_loa(struct afb_context *context, unsigned loa) +{ + return afb_context_get_loa(context) >= loa; +}