X-Git-Url: https://gerrit.automotivelinux.org/gerrit/gitweb?a=blobdiff_plain;f=src%2Fafb-xreq.c;h=e6e47d6bfb2aad29f76dd638bea0acb084747266;hb=65353dce81a629e042800bb7b86fcd869a76727e;hp=8f246b3c84efd460226685a9d6907fdac22aab2d;hpb=4521c1e7ae5371ab9d639adc617d17fb4e8ded0c;p=src%2Fapp-framework-binder.git diff --git a/src/afb-xreq.c b/src/afb-xreq.c index 8f246b3c..e6e47d6b 100644 --- a/src/afb-xreq.c +++ b/src/afb-xreq.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2017, 2018 "IoT.bzh" + * Copyright (C) 2015-2020 "IoT.bzh" * Author José Bollo * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -24,6 +24,9 @@ #include #include +#if !defined(JSON_C_TO_STRING_NOSLASHESCAPE) +#define JSON_C_TO_STRING_NOSLASHESCAPE 0 +#endif #include #include @@ -40,6 +43,7 @@ #include "afb-hook.h" #include "afb-msg-json.h" #include "afb-xreq.h" +#include "afb-error-text.h" #include "jobs.h" #include "verbose.h" @@ -49,9 +53,11 @@ static void xreq_finalize(struct afb_xreq *xreq) { if (!xreq->replied) - afb_xreq_reply(xreq, NULL, "error", "no reply"); + afb_xreq_reply(xreq, NULL, afb_error_text_not_replied, NULL); +#if WITH_AFB_HOOK if (xreq->hookflags) afb_hook_xreq_end(xreq); +#endif if (xreq->caller) afb_xreq_unhooked_unref(xreq->caller); xreq->queryitf->unref(xreq); @@ -197,12 +203,15 @@ static int xreq_legacy_subscribe_event_x1_cb(struct afb_req_x2 *closure, struct int afb_xreq_subscribe(struct afb_xreq *xreq, struct afb_event_x2 *event) { - if (xreq->listener) - return afb_evt_event_x2_add_watch(xreq->listener, event); - if (xreq->queryitf->subscribe) - return xreq->queryitf->subscribe(xreq, event); - ERROR("no event listener, subscription impossible"); - errno = EINVAL; + if (xreq->replied) { + ERROR("request replied, subscription impossible"); + errno = EINVAL; + } else { + if (xreq->queryitf->subscribe) + return xreq->queryitf->subscribe(xreq, event); + ERROR("no event listener, subscription impossible"); + errno = ENOTSUP; + } return -1; } @@ -219,12 +228,15 @@ static int xreq_legacy_unsubscribe_event_x1_cb(struct afb_req_x2 *closure, struc int afb_xreq_unsubscribe(struct afb_xreq *xreq, struct afb_event_x2 *event) { - if (xreq->listener) - return afb_evt_event_x2_remove_watch(xreq->listener, event); - if (xreq->queryitf->unsubscribe) - return xreq->queryitf->unsubscribe(xreq, event); - ERROR("no event listener, unsubscription impossible"); - errno = EINVAL; + if (xreq->replied) { + ERROR("request replied, unsubscription impossible"); + errno = EINVAL; + } else { + if (xreq->queryitf->unsubscribe) + return xreq->queryitf->unsubscribe(xreq, event); + ERROR("no event listener, unsubscription impossible"); + errno = ENOTSUP; + } return -1; } @@ -275,13 +287,14 @@ static struct afb_stored_req *xreq_legacy_store_cb(struct afb_req_x2 *closure) static int xreq_has_permission_cb(struct afb_req_x2 *closure, const char *permission) { struct afb_xreq *xreq = xreq_from_req_x2(closure); - return afb_auth_has_permission(xreq, permission); + return afb_context_has_permission(&xreq->context, permission); } static char *xreq_get_application_id_cb(struct afb_req_x2 *closure) { struct afb_xreq *xreq = xreq_from_req_x2(closure); - return xreq->cred && xreq->cred->id ? strdup(xreq->cred->id) : NULL; + struct afb_cred *cred = xreq->context.credentials; + return cred && cred->id ? strdup(cred->id) : NULL; } static void *xreq_context_make_cb(struct afb_req_x2 *closure, int replace, void *(*create_value)(void*), void (*free_value)(void*), void *create_closure) @@ -293,23 +306,25 @@ static void *xreq_context_make_cb(struct afb_req_x2 *closure, int replace, void static int xreq_get_uid_cb(struct afb_req_x2 *closure) { struct afb_xreq *xreq = xreq_from_req_x2(closure); - return xreq->cred && xreq->cred->id ? (int)xreq->cred->uid : -1; + struct afb_cred *cred = xreq->context.credentials; + return cred && cred->id ? (int)cred->uid : -1; } static struct json_object *xreq_get_client_info_cb(struct afb_req_x2 *closure) { struct afb_xreq *xreq = xreq_from_req_x2(closure); + struct afb_cred *cred = xreq->context.credentials; struct json_object *r = json_object_new_object(); - if (xreq->cred && xreq->cred->id) { - json_object_object_add(r, "uid", json_object_new_int(xreq->cred->uid)); - json_object_object_add(r, "gid", json_object_new_int(xreq->cred->gid)); - json_object_object_add(r, "pid", json_object_new_int(xreq->cred->pid)); - json_object_object_add(r, "user", json_object_new_string(xreq->cred->user)); - json_object_object_add(r, "label", json_object_new_string(xreq->cred->label)); - json_object_object_add(r, "id", json_object_new_string(xreq->cred->id)); + if (cred && cred->id) { + json_object_object_add(r, "uid", json_object_new_int(cred->uid)); + json_object_object_add(r, "gid", json_object_new_int(cred->gid)); + json_object_object_add(r, "pid", json_object_new_int(cred->pid)); + json_object_object_add(r, "user", json_object_new_string(cred->user)); + json_object_object_add(r, "label", json_object_new_string(cred->label)); + json_object_object_add(r, "id", json_object_new_string(cred->id)); } if (xreq->context.session) { - json_object_object_add(r, "uuid", json_object_new_string(afb_context_uuid(&xreq->context))); + json_object_object_add(r, "uuid", json_object_new_string(afb_context_uuid(&xreq->context)?:"")); json_object_object_add(r, "LOA", json_object_new_int(afb_context_get_loa(&xreq->context))); } return r; @@ -344,6 +359,42 @@ static int xreq_subcallsync_cb( /******************************************************************************/ +const struct afb_req_x2_itf xreq_itf = { + .json = xreq_json_cb, + .get = xreq_get_cb, + .legacy_success = xreq_legacy_success_cb, + .legacy_fail = xreq_legacy_fail_cb, + .legacy_vsuccess = xreq_legacy_vsuccess_cb, + .legacy_vfail = xreq_legacy_vfail_cb, + .legacy_context_get = xreq_legacy_context_get_cb, + .legacy_context_set = xreq_legacy_context_set_cb, + .addref = xreq_addref_cb, + .unref = xreq_unref_cb, + .session_close = xreq_session_close_cb, + .session_set_LOA = xreq_session_set_LOA_cb, + .legacy_subscribe_event_x1 = xreq_legacy_subscribe_event_x1_cb, + .legacy_unsubscribe_event_x1 = xreq_legacy_unsubscribe_event_x1_cb, + .legacy_subcall = xreq_legacy_subcall_cb, + .legacy_subcallsync = xreq_legacy_subcallsync_cb, + .vverbose = xreq_vverbose_cb, + .legacy_store_req = xreq_legacy_store_cb, + .legacy_subcall_req = xreq_legacy_subcall_req_cb, + .has_permission = xreq_has_permission_cb, + .get_application_id = xreq_get_application_id_cb, + .context_make = xreq_context_make_cb, + .subscribe_event_x2 = xreq_subscribe_event_x2_cb, + .unsubscribe_event_x2 = xreq_unsubscribe_event_x2_cb, + .legacy_subcall_request = xreq_legacy_subcall_request_cb, + .get_uid = xreq_get_uid_cb, + .reply = xreq_reply_cb, + .vreply = xreq_vreply_cb, + .get_client_info = xreq_get_client_info_cb, + .subcall = xreq_subcall_cb, + .subcallsync = xreq_subcallsync_cb, +}; +/******************************************************************************/ +#if WITH_AFB_HOOK + static struct json_object *xreq_hooked_json_cb(struct afb_req_x2 *closure) { struct json_object *r = xreq_json_cb(closure); @@ -566,40 +617,6 @@ static int xreq_hooked_subcallsync_cb( /******************************************************************************/ -const struct afb_req_x2_itf xreq_itf = { - .json = xreq_json_cb, - .get = xreq_get_cb, - .legacy_success = xreq_legacy_success_cb, - .legacy_fail = xreq_legacy_fail_cb, - .legacy_vsuccess = xreq_legacy_vsuccess_cb, - .legacy_vfail = xreq_legacy_vfail_cb, - .legacy_context_get = xreq_legacy_context_get_cb, - .legacy_context_set = xreq_legacy_context_set_cb, - .addref = xreq_addref_cb, - .unref = xreq_unref_cb, - .session_close = xreq_session_close_cb, - .session_set_LOA = xreq_session_set_LOA_cb, - .legacy_subscribe_event_x1 = xreq_legacy_subscribe_event_x1_cb, - .legacy_unsubscribe_event_x1 = xreq_legacy_unsubscribe_event_x1_cb, - .legacy_subcall = xreq_legacy_subcall_cb, - .legacy_subcallsync = xreq_legacy_subcallsync_cb, - .vverbose = xreq_vverbose_cb, - .legacy_store_req = xreq_legacy_store_cb, - .legacy_subcall_req = xreq_legacy_subcall_req_cb, - .has_permission = xreq_has_permission_cb, - .get_application_id = xreq_get_application_id_cb, - .context_make = xreq_context_make_cb, - .subscribe_event_x2 = xreq_subscribe_event_x2_cb, - .unsubscribe_event_x2 = xreq_unsubscribe_event_x2_cb, - .legacy_subcall_request = xreq_legacy_subcall_request_cb, - .get_uid = xreq_get_uid_cb, - .reply = xreq_reply_cb, - .vreply = xreq_vreply_cb, - .get_client_info = xreq_get_client_info_cb, - .subcall = xreq_subcall_cb, - .subcallsync = xreq_subcallsync_cb, -}; - const struct afb_req_x2_itf xreq_hooked_itf = { .json = xreq_hooked_json_cb, .get = xreq_hooked_get_cb, @@ -633,14 +650,17 @@ const struct afb_req_x2_itf xreq_hooked_itf = { .subcall = xreq_hooked_subcall_cb, .subcallsync = xreq_hooked_subcallsync_cb, }; +#endif /******************************************************************************/ struct afb_req_x1 afb_xreq_unstore(struct afb_stored_req *sreq) { struct afb_xreq *xreq = (struct afb_xreq *)sreq; +#if WITH_AFB_HOOK if (xreq->hookflags) afb_hook_xreq_legacy_unstore(xreq); +#endif return xreq_to_req_x1(xreq); } @@ -666,45 +686,45 @@ void afb_xreq_reply_f(struct afb_xreq *xreq, struct json_object *obj, const char const char *afb_xreq_raw(struct afb_xreq *xreq, size_t *size) { struct json_object *obj = xreq_json_cb(xreq_to_req_x2(xreq)); - const char *result = json_object_to_json_string(obj); + const char *result = json_object_to_json_string_ext(obj, JSON_C_TO_STRING_NOSLASHESCAPE); if (size != NULL) *size = strlen(result); return result; } -void afb_xreq_addref(struct afb_xreq *xreq) +void afb_xreq_unhooked_legacy_subcall(struct afb_xreq *xreq, const char *api, const char *verb, struct json_object *args, void (*callback)(void*, int, struct json_object*, struct afb_req_x2 *), void *cb_closure) { - afb_req_x2_addref(xreq_to_req_x2(xreq)); + xreq_legacy_subcall_request_cb(xreq_to_req_x2(xreq), api, verb, args, callback, cb_closure); } -void afb_xreq_unref(struct afb_xreq *xreq) +void afb_xreq_unhooked_subcall(struct afb_xreq *xreq, const char *api, const char *verb, struct json_object *args, int flags, void (*callback)(void*, struct json_object*, const char*, const char*, struct afb_req_x2 *), void *closure) { - afb_req_x2_unref(xreq_to_req_x2(xreq)); + xreq_subcall_cb(xreq_to_req_x2(xreq), api, verb, args, flags, callback, closure); } -void afb_xreq_unhooked_legacy_subcall(struct afb_xreq *xreq, const char *api, const char *verb, struct json_object *args, void (*callback)(void*, int, struct json_object*, struct afb_req_x2 *), void *cb_closure) +int afb_xreq_unhooked_legacy_subcall_sync(struct afb_xreq *xreq, const char *api, const char *verb, struct json_object *args, struct json_object **result) { - xreq_legacy_subcall_request_cb(xreq_to_req_x2(xreq), api, verb, args, callback, cb_closure); + return xreq_legacy_subcallsync_cb(xreq_to_req_x2(xreq), api, verb, args, result); } -void afb_xreq_legacy_subcall(struct afb_xreq *xreq, const char *api, const char *verb, struct json_object *args, void (*callback)(void*, int, struct json_object*, struct afb_req_x2 *), void *cb_closure) +void afb_xreq_addref(struct afb_xreq *xreq) { - afb_req_x2_subcall_legacy(xreq_to_req_x2(xreq), api, verb, args, callback, cb_closure); + afb_req_x2_addref(xreq_to_req_x2(xreq)); } -void afb_xreq_unhooked_subcall(struct afb_xreq *xreq, const char *api, const char *verb, struct json_object *args, int flags, void (*callback)(void*, struct json_object*, const char*, const char*, struct afb_req_x2 *), void *closure) +void afb_xreq_unref(struct afb_xreq *xreq) { - xreq_subcall_cb(xreq_to_req_x2(xreq), api, verb, args, flags, callback, closure); + afb_req_x2_unref(xreq_to_req_x2(xreq)); } -void afb_xreq_subcall(struct afb_xreq *xreq, const char *api, const char *verb, struct json_object *args, int flags, void (*callback)(void*, struct json_object*, const char*, const char*, struct afb_req_x2 *), void *closure) +void afb_xreq_legacy_subcall(struct afb_xreq *xreq, const char *api, const char *verb, struct json_object *args, void (*callback)(void*, int, struct json_object*, struct afb_req_x2 *), void *cb_closure) { - afb_req_x2_subcall(xreq_to_req_x2(xreq), api, verb, args, flags, callback, closure); + afb_req_x2_subcall_legacy(xreq_to_req_x2(xreq), api, verb, args, callback, cb_closure); } -int afb_xreq_unhooked_legacy_subcall_sync(struct afb_xreq *xreq, const char *api, const char *verb, struct json_object *args, struct json_object **result) +void afb_xreq_subcall(struct afb_xreq *xreq, const char *api, const char *verb, struct json_object *args, int flags, void (*callback)(void*, struct json_object*, const char*, const char*, struct afb_req_x2 *), void *closure) { - return xreq_legacy_subcallsync_cb(xreq_to_req_x2(xreq), api, verb, args, result); + afb_req_x2_subcall(xreq_to_req_x2(xreq), api, verb, args, flags, callback, closure); } int afb_xreq_legacy_subcall_sync(struct afb_xreq *xreq, const char *api, const char *verb, struct json_object *args, struct json_object **result) @@ -712,108 +732,62 @@ int afb_xreq_legacy_subcall_sync(struct afb_xreq *xreq, const char *api, const c return afb_req_x2_subcall_sync_legacy(xreq_to_req_x2(xreq), api, verb, args, result); } -static int xreq_session_check_apply_v1(struct afb_xreq *xreq, int sessionflags) +int afb_xreq_reply_unknown_api(struct afb_xreq *xreq) { - int loa; - - if ((sessionflags & (AFB_SESSION_CLOSE_X1|AFB_SESSION_RENEW_X1|AFB_SESSION_CHECK_X1|AFB_SESSION_LOA_EQ_X1)) != 0) { - if (!afb_context_check(&xreq->context)) { - afb_context_close(&xreq->context); - afb_xreq_reply_f(xreq, NULL, "denied", "invalid token's identity"); - errno = EINVAL; - return -1; - } - } - - if ((sessionflags & AFB_SESSION_LOA_GE_X1) != 0) { - loa = (sessionflags >> AFB_SESSION_LOA_SHIFT_X1) & AFB_SESSION_LOA_MASK_X1; - if (!afb_context_check_loa(&xreq->context, loa)) { - afb_xreq_reply_f(xreq, NULL, "denied", "invalid LOA"); - errno = EPERM; - return -1; - } - } - - if ((sessionflags & AFB_SESSION_LOA_LE_X1) != 0) { - loa = (sessionflags >> AFB_SESSION_LOA_SHIFT_X1) & AFB_SESSION_LOA_MASK_X1; - if (afb_context_check_loa(&xreq->context, loa + 1)) { - afb_xreq_reply_f(xreq, NULL, "denied", "invalid LOA"); - errno = EPERM; - return -1; - } - } - - if ((sessionflags & AFB_SESSION_RENEW_X1) != 0) { - afb_context_refresh(&xreq->context); - } - if ((sessionflags & AFB_SESSION_CLOSE_X1) != 0) { - afb_context_change_loa(&xreq->context, 0); - afb_context_close(&xreq->context); - } - - return 0; + afb_xreq_reply_f(xreq, NULL, afb_error_text_unknown_api, "api %s not found (for verb %s)", xreq->request.called_api, xreq->request.called_verb); + errno = EINVAL; + return -1; } -static int xreq_session_check_apply_v2(struct afb_xreq *xreq, uint32_t sessionflags, const struct afb_auth *auth) +int afb_xreq_reply_unknown_verb(struct afb_xreq *xreq) { - int loa; - - if (sessionflags != 0) { - if (!afb_context_check(&xreq->context)) { - afb_context_close(&xreq->context); - afb_xreq_reply_f(xreq, NULL, "denied", "invalid token's identity"); - errno = EINVAL; - return -1; - } - } - - loa = (int)(sessionflags & AFB_SESSION_LOA_MASK_X2); - if (loa && !afb_context_check_loa(&xreq->context, loa)) { - afb_xreq_reply_f(xreq, NULL, "denied", "invalid LOA"); - errno = EPERM; - return -1; - } - - if (auth && !afb_auth_check(xreq, auth)) { - afb_xreq_reply_f(xreq, NULL, "denied", "authorisation refused"); - errno = EPERM; - return -1; - } + afb_xreq_reply_f(xreq, NULL, afb_error_text_unknown_verb, "verb %s unknown within api %s", xreq->request.called_verb, xreq->request.called_api); + errno = EINVAL; + return -1; +} - if ((sessionflags & AFB_SESSION_REFRESH_X2) != 0) { - afb_context_refresh(&xreq->context); - } - if ((sessionflags & AFB_SESSION_CLOSE_X2) != 0) { - afb_context_close(&xreq->context); - } +int afb_xreq_reply_invalid_token(struct afb_xreq *xreq) +{ + afb_xreq_reply(xreq, NULL, afb_error_text_invalid_token, "invalid token"); /* TODO: or "no token" */ + errno = EINVAL; + return -1; +} - return 0; +int afb_xreq_reply_insufficient_scope(struct afb_xreq *xreq, const char *scope) +{ + afb_xreq_reply(xreq, NULL, afb_error_text_insufficient_scope, scope ?: "insufficient scope"); + errno = EPERM; + return -1; } +#if WITH_LEGACY_BINDING_V1 void afb_xreq_call_verb_v1(struct afb_xreq *xreq, const struct afb_verb_desc_v1 *verb) { if (!verb) afb_xreq_reply_unknown_verb(xreq); else - if (!xreq_session_check_apply_v1(xreq, verb->session)) + if (afb_auth_check_and_set_session_x1(xreq, verb->session) >= 0) verb->callback(xreq_to_req_x1(xreq)); } +#endif +#if WITH_LEGACY_BINDING_V2 void afb_xreq_call_verb_v2(struct afb_xreq *xreq, const struct afb_verb_v2 *verb) { if (!verb) afb_xreq_reply_unknown_verb(xreq); else - if (!xreq_session_check_apply_v2(xreq, verb->session, verb->auth)) + if (afb_auth_check_and_set_session_x2(xreq, verb->auth, verb->session) > 0) verb->callback(xreq_to_req_x1(xreq)); } +#endif void afb_xreq_call_verb_v3(struct afb_xreq *xreq, const struct afb_verb_v3 *verb) { if (!verb) afb_xreq_reply_unknown_verb(xreq); else - if (xreq_session_check_apply_v2(xreq, verb->session, verb->auth) >= 0) + if (afb_auth_check_and_set_session_x2(xreq, verb->auth, verb->session) > 0) verb->callback(xreq_to_req_x2(xreq)); } @@ -825,16 +799,7 @@ void afb_xreq_init(struct afb_xreq *xreq, const struct afb_xreq_query_itf *query xreq->queryitf = queryitf; } -void afb_xreq_reply_unknown_api(struct afb_xreq *xreq) -{ - afb_xreq_reply_f(xreq, NULL, "unknown-api", "api %s not found (for verb %s)", xreq->request.called_api, xreq->request.called_verb); -} - -void afb_xreq_reply_unknown_verb(struct afb_xreq *xreq) -{ - afb_xreq_reply_f(xreq, NULL, "unknown-verb", "verb %s unknown within api %s", xreq->request.called_verb, xreq->request.called_api); -} - +#if WITH_AFB_HOOK static void init_hooking(struct afb_xreq *xreq) { afb_hook_init_xreq(xreq); @@ -843,6 +808,7 @@ static void init_hooking(struct afb_xreq *xreq) afb_hook_xreq_begin(xreq); } } +#endif /** * job callback for asynchronous and secured processing of the request. @@ -854,10 +820,12 @@ static void process_async(int signum, void *arg) if (signum != 0) { /* emit the error (assumes that hooking is initialised) */ - afb_xreq_reply_f(xreq, NULL, "aborted", "signal %s(%d) caught", strsignal(signum), signum); + afb_xreq_reply_f(xreq, NULL, afb_error_text_aborted, "signal %s(%d) caught", strsignal(signum), signum); } else { +#if WITH_AFB_HOOK /* init hooking */ init_hooking(xreq); +#endif /* invoke api call method to process the request */ api = (const struct afb_api_item*)xreq->context.api_key; api->itf->call(api->closure, xreq); @@ -876,8 +844,10 @@ static void early_failure(struct afb_xreq *xreq, const char *status, const char { va_list args; +#if WITH_AFB_HOOK /* init hooking */ init_hooking(xreq); +#endif /* send error */ va_start(args, info); @@ -934,6 +904,6 @@ end: const char *xreq_on_behalf_cred_export(struct afb_xreq *xreq) { - return xreq->caller ? afb_cred_export(xreq->cred) : NULL; + return afb_context_on_behalf_export(&xreq->context); }