/*
- * Copyright (C) 2017, 2018 "IoT.bzh"
+ * Copyright (C) 2015-2020 "IoT.bzh"
* Author José Bollo <jose.bollo@iot.bzh>
*
* Licensed under the Apache License, Version 2.0 (the "License");
#include "afb-hook.h"
#include "afb-msg-json.h"
#include "afb-xreq.h"
+#include "afb-error-text.h"
#include "jobs.h"
#include "verbose.h"
static void xreq_finalize(struct afb_xreq *xreq)
{
if (!xreq->replied)
- afb_xreq_reply(xreq, NULL, "error", "no reply");
+ afb_xreq_reply(xreq, NULL, afb_error_text_not_replied, NULL);
+#if WITH_AFB_HOOK
if (xreq->hookflags)
afb_hook_xreq_end(xreq);
+#endif
if (xreq->caller)
afb_xreq_unhooked_unref(xreq->caller);
xreq->queryitf->unref(xreq);
int afb_xreq_subscribe(struct afb_xreq *xreq, struct afb_event_x2 *event)
{
- if (xreq->listener)
- return afb_evt_event_x2_add_watch(xreq->listener, event);
- if (xreq->queryitf->subscribe)
- return xreq->queryitf->subscribe(xreq, event);
- ERROR("no event listener, subscription impossible");
- errno = EINVAL;
+ if (xreq->replied) {
+ ERROR("request replied, subscription impossible");
+ errno = EINVAL;
+ } else {
+ if (xreq->queryitf->subscribe)
+ return xreq->queryitf->subscribe(xreq, event);
+ ERROR("no event listener, subscription impossible");
+ errno = ENOTSUP;
+ }
return -1;
}
int afb_xreq_unsubscribe(struct afb_xreq *xreq, struct afb_event_x2 *event)
{
- if (xreq->listener)
- return afb_evt_event_x2_remove_watch(xreq->listener, event);
- if (xreq->queryitf->unsubscribe)
- return xreq->queryitf->unsubscribe(xreq, event);
- ERROR("no event listener, unsubscription impossible");
- errno = EINVAL;
+ if (xreq->replied) {
+ ERROR("request replied, unsubscription impossible");
+ errno = EINVAL;
+ } else {
+ if (xreq->queryitf->unsubscribe)
+ return xreq->queryitf->unsubscribe(xreq, event);
+ ERROR("no event listener, unsubscription impossible");
+ errno = ENOTSUP;
+ }
return -1;
}
static int xreq_has_permission_cb(struct afb_req_x2 *closure, const char *permission)
{
struct afb_xreq *xreq = xreq_from_req_x2(closure);
- return afb_auth_has_permission(xreq, permission);
+ return afb_context_has_permission(&xreq->context, permission);
}
static char *xreq_get_application_id_cb(struct afb_req_x2 *closure)
{
struct afb_xreq *xreq = xreq_from_req_x2(closure);
- return xreq->cred && xreq->cred->id ? strdup(xreq->cred->id) : NULL;
+ struct afb_cred *cred = xreq->context.credentials;
+ return cred && cred->id ? strdup(cred->id) : NULL;
}
static void *xreq_context_make_cb(struct afb_req_x2 *closure, int replace, void *(*create_value)(void*), void (*free_value)(void*), void *create_closure)
static int xreq_get_uid_cb(struct afb_req_x2 *closure)
{
struct afb_xreq *xreq = xreq_from_req_x2(closure);
- return xreq->cred && xreq->cred->id ? (int)xreq->cred->uid : -1;
+ struct afb_cred *cred = xreq->context.credentials;
+ return cred && cred->id ? (int)cred->uid : -1;
}
static struct json_object *xreq_get_client_info_cb(struct afb_req_x2 *closure)
{
struct afb_xreq *xreq = xreq_from_req_x2(closure);
+ struct afb_cred *cred = xreq->context.credentials;
struct json_object *r = json_object_new_object();
- if (xreq->cred && xreq->cred->id) {
- json_object_object_add(r, "uid", json_object_new_int(xreq->cred->uid));
- json_object_object_add(r, "gid", json_object_new_int(xreq->cred->gid));
- json_object_object_add(r, "pid", json_object_new_int(xreq->cred->pid));
- json_object_object_add(r, "user", json_object_new_string(xreq->cred->user));
- json_object_object_add(r, "label", json_object_new_string(xreq->cred->label));
- json_object_object_add(r, "id", json_object_new_string(xreq->cred->id));
+ if (cred && cred->id) {
+ json_object_object_add(r, "uid", json_object_new_int(cred->uid));
+ json_object_object_add(r, "gid", json_object_new_int(cred->gid));
+ json_object_object_add(r, "pid", json_object_new_int(cred->pid));
+ json_object_object_add(r, "user", json_object_new_string(cred->user));
+ json_object_object_add(r, "label", json_object_new_string(cred->label));
+ json_object_object_add(r, "id", json_object_new_string(cred->id));
}
if (xreq->context.session) {
- json_object_object_add(r, "uuid", json_object_new_string(afb_context_uuid(&xreq->context)));
+ json_object_object_add(r, "uuid", json_object_new_string(afb_context_uuid(&xreq->context)?:""));
json_object_object_add(r, "LOA", json_object_new_int(afb_context_get_loa(&xreq->context)));
}
return r;
/******************************************************************************/
+const struct afb_req_x2_itf xreq_itf = {
+ .json = xreq_json_cb,
+ .get = xreq_get_cb,
+ .legacy_success = xreq_legacy_success_cb,
+ .legacy_fail = xreq_legacy_fail_cb,
+ .legacy_vsuccess = xreq_legacy_vsuccess_cb,
+ .legacy_vfail = xreq_legacy_vfail_cb,
+ .legacy_context_get = xreq_legacy_context_get_cb,
+ .legacy_context_set = xreq_legacy_context_set_cb,
+ .addref = xreq_addref_cb,
+ .unref = xreq_unref_cb,
+ .session_close = xreq_session_close_cb,
+ .session_set_LOA = xreq_session_set_LOA_cb,
+ .legacy_subscribe_event_x1 = xreq_legacy_subscribe_event_x1_cb,
+ .legacy_unsubscribe_event_x1 = xreq_legacy_unsubscribe_event_x1_cb,
+ .legacy_subcall = xreq_legacy_subcall_cb,
+ .legacy_subcallsync = xreq_legacy_subcallsync_cb,
+ .vverbose = xreq_vverbose_cb,
+ .legacy_store_req = xreq_legacy_store_cb,
+ .legacy_subcall_req = xreq_legacy_subcall_req_cb,
+ .has_permission = xreq_has_permission_cb,
+ .get_application_id = xreq_get_application_id_cb,
+ .context_make = xreq_context_make_cb,
+ .subscribe_event_x2 = xreq_subscribe_event_x2_cb,
+ .unsubscribe_event_x2 = xreq_unsubscribe_event_x2_cb,
+ .legacy_subcall_request = xreq_legacy_subcall_request_cb,
+ .get_uid = xreq_get_uid_cb,
+ .reply = xreq_reply_cb,
+ .vreply = xreq_vreply_cb,
+ .get_client_info = xreq_get_client_info_cb,
+ .subcall = xreq_subcall_cb,
+ .subcallsync = xreq_subcallsync_cb,
+};
+/******************************************************************************/
+#if WITH_AFB_HOOK
+
static struct json_object *xreq_hooked_json_cb(struct afb_req_x2 *closure)
{
struct json_object *r = xreq_json_cb(closure);
/******************************************************************************/
-const struct afb_req_x2_itf xreq_itf = {
- .json = xreq_json_cb,
- .get = xreq_get_cb,
- .legacy_success = xreq_legacy_success_cb,
- .legacy_fail = xreq_legacy_fail_cb,
- .legacy_vsuccess = xreq_legacy_vsuccess_cb,
- .legacy_vfail = xreq_legacy_vfail_cb,
- .legacy_context_get = xreq_legacy_context_get_cb,
- .legacy_context_set = xreq_legacy_context_set_cb,
- .addref = xreq_addref_cb,
- .unref = xreq_unref_cb,
- .session_close = xreq_session_close_cb,
- .session_set_LOA = xreq_session_set_LOA_cb,
- .legacy_subscribe_event_x1 = xreq_legacy_subscribe_event_x1_cb,
- .legacy_unsubscribe_event_x1 = xreq_legacy_unsubscribe_event_x1_cb,
- .legacy_subcall = xreq_legacy_subcall_cb,
- .legacy_subcallsync = xreq_legacy_subcallsync_cb,
- .vverbose = xreq_vverbose_cb,
- .legacy_store_req = xreq_legacy_store_cb,
- .legacy_subcall_req = xreq_legacy_subcall_req_cb,
- .has_permission = xreq_has_permission_cb,
- .get_application_id = xreq_get_application_id_cb,
- .context_make = xreq_context_make_cb,
- .subscribe_event_x2 = xreq_subscribe_event_x2_cb,
- .unsubscribe_event_x2 = xreq_unsubscribe_event_x2_cb,
- .legacy_subcall_request = xreq_legacy_subcall_request_cb,
- .get_uid = xreq_get_uid_cb,
- .reply = xreq_reply_cb,
- .vreply = xreq_vreply_cb,
- .get_client_info = xreq_get_client_info_cb,
- .subcall = xreq_subcall_cb,
- .subcallsync = xreq_subcallsync_cb,
-};
-
const struct afb_req_x2_itf xreq_hooked_itf = {
.json = xreq_hooked_json_cb,
.get = xreq_hooked_get_cb,
.subcall = xreq_hooked_subcall_cb,
.subcallsync = xreq_hooked_subcallsync_cb,
};
+#endif
/******************************************************************************/
struct afb_req_x1 afb_xreq_unstore(struct afb_stored_req *sreq)
{
struct afb_xreq *xreq = (struct afb_xreq *)sreq;
+#if WITH_AFB_HOOK
if (xreq->hookflags)
afb_hook_xreq_legacy_unstore(xreq);
+#endif
return xreq_to_req_x1(xreq);
}
return result;
}
-void afb_xreq_addref(struct afb_xreq *xreq)
+void afb_xreq_unhooked_legacy_subcall(struct afb_xreq *xreq, const char *api, const char *verb, struct json_object *args, void (*callback)(void*, int, struct json_object*, struct afb_req_x2 *), void *cb_closure)
{
- afb_req_x2_addref(xreq_to_req_x2(xreq));
+ xreq_legacy_subcall_request_cb(xreq_to_req_x2(xreq), api, verb, args, callback, cb_closure);
}
-void afb_xreq_unref(struct afb_xreq *xreq)
+void afb_xreq_unhooked_subcall(struct afb_xreq *xreq, const char *api, const char *verb, struct json_object *args, int flags, void (*callback)(void*, struct json_object*, const char*, const char*, struct afb_req_x2 *), void *closure)
{
- afb_req_x2_unref(xreq_to_req_x2(xreq));
+ xreq_subcall_cb(xreq_to_req_x2(xreq), api, verb, args, flags, callback, closure);
}
-void afb_xreq_unhooked_legacy_subcall(struct afb_xreq *xreq, const char *api, const char *verb, struct json_object *args, void (*callback)(void*, int, struct json_object*, struct afb_req_x2 *), void *cb_closure)
+int afb_xreq_unhooked_legacy_subcall_sync(struct afb_xreq *xreq, const char *api, const char *verb, struct json_object *args, struct json_object **result)
{
- xreq_legacy_subcall_request_cb(xreq_to_req_x2(xreq), api, verb, args, callback, cb_closure);
+ return xreq_legacy_subcallsync_cb(xreq_to_req_x2(xreq), api, verb, args, result);
}
-void afb_xreq_legacy_subcall(struct afb_xreq *xreq, const char *api, const char *verb, struct json_object *args, void (*callback)(void*, int, struct json_object*, struct afb_req_x2 *), void *cb_closure)
+void afb_xreq_addref(struct afb_xreq *xreq)
{
- afb_req_x2_subcall_legacy(xreq_to_req_x2(xreq), api, verb, args, callback, cb_closure);
+ afb_req_x2_addref(xreq_to_req_x2(xreq));
}
-void afb_xreq_unhooked_subcall(struct afb_xreq *xreq, const char *api, const char *verb, struct json_object *args, int flags, void (*callback)(void*, struct json_object*, const char*, const char*, struct afb_req_x2 *), void *closure)
+void afb_xreq_unref(struct afb_xreq *xreq)
{
- xreq_subcall_cb(xreq_to_req_x2(xreq), api, verb, args, flags, callback, closure);
+ afb_req_x2_unref(xreq_to_req_x2(xreq));
}
-void afb_xreq_subcall(struct afb_xreq *xreq, const char *api, const char *verb, struct json_object *args, int flags, void (*callback)(void*, struct json_object*, const char*, const char*, struct afb_req_x2 *), void *closure)
+void afb_xreq_legacy_subcall(struct afb_xreq *xreq, const char *api, const char *verb, struct json_object *args, void (*callback)(void*, int, struct json_object*, struct afb_req_x2 *), void *cb_closure)
{
- afb_req_x2_subcall(xreq_to_req_x2(xreq), api, verb, args, flags, callback, closure);
+ afb_req_x2_subcall_legacy(xreq_to_req_x2(xreq), api, verb, args, callback, cb_closure);
}
-int afb_xreq_unhooked_legacy_subcall_sync(struct afb_xreq *xreq, const char *api, const char *verb, struct json_object *args, struct json_object **result)
+void afb_xreq_subcall(struct afb_xreq *xreq, const char *api, const char *verb, struct json_object *args, int flags, void (*callback)(void*, struct json_object*, const char*, const char*, struct afb_req_x2 *), void *closure)
{
- return xreq_legacy_subcallsync_cb(xreq_to_req_x2(xreq), api, verb, args, result);
+ afb_req_x2_subcall(xreq_to_req_x2(xreq), api, verb, args, flags, callback, closure);
}
int afb_xreq_legacy_subcall_sync(struct afb_xreq *xreq, const char *api, const char *verb, struct json_object *args, struct json_object **result)
return afb_req_x2_subcall_sync_legacy(xreq_to_req_x2(xreq), api, verb, args, result);
}
-static int xreq_session_check_apply_v1(struct afb_xreq *xreq, int sessionflags)
+int afb_xreq_reply_unknown_api(struct afb_xreq *xreq)
{
- int loa;
-
- if ((sessionflags & (AFB_SESSION_CLOSE_X1|AFB_SESSION_RENEW_X1|AFB_SESSION_CHECK_X1|AFB_SESSION_LOA_EQ_X1)) != 0) {
- if (!afb_context_check(&xreq->context)) {
- afb_context_close(&xreq->context);
- afb_xreq_reply_f(xreq, NULL, "denied", "invalid token's identity");
- errno = EINVAL;
- return -1;
- }
- }
-
- if ((sessionflags & AFB_SESSION_LOA_GE_X1) != 0) {
- loa = (sessionflags >> AFB_SESSION_LOA_SHIFT_X1) & AFB_SESSION_LOA_MASK_X1;
- if (!afb_context_check_loa(&xreq->context, loa)) {
- afb_xreq_reply_f(xreq, NULL, "denied", "invalid LOA");
- errno = EPERM;
- return -1;
- }
- }
-
- if ((sessionflags & AFB_SESSION_LOA_LE_X1) != 0) {
- loa = (sessionflags >> AFB_SESSION_LOA_SHIFT_X1) & AFB_SESSION_LOA_MASK_X1;
- if (afb_context_check_loa(&xreq->context, loa + 1)) {
- afb_xreq_reply_f(xreq, NULL, "denied", "invalid LOA");
- errno = EPERM;
- return -1;
- }
- }
-
- if ((sessionflags & AFB_SESSION_RENEW_X1) != 0) {
- afb_context_refresh(&xreq->context);
- }
- if ((sessionflags & AFB_SESSION_CLOSE_X1) != 0) {
- afb_context_change_loa(&xreq->context, 0);
- afb_context_close(&xreq->context);
- }
-
- return 0;
+ afb_xreq_reply_f(xreq, NULL, afb_error_text_unknown_api, "api %s not found (for verb %s)", xreq->request.called_api, xreq->request.called_verb);
+ errno = EINVAL;
+ return -1;
}
-static int xreq_session_check_apply_v2(struct afb_xreq *xreq, uint32_t sessionflags, const struct afb_auth *auth)
+int afb_xreq_reply_unknown_verb(struct afb_xreq *xreq)
{
- int loa;
-
- if (sessionflags != 0) {
- if (!afb_context_check(&xreq->context)) {
- afb_context_close(&xreq->context);
- afb_xreq_reply_f(xreq, NULL, "denied", "invalid token's identity");
- errno = EINVAL;
- return -1;
- }
- }
-
- loa = (int)(sessionflags & AFB_SESSION_LOA_MASK_X2);
- if (loa && !afb_context_check_loa(&xreq->context, loa)) {
- afb_xreq_reply_f(xreq, NULL, "denied", "invalid LOA");
- errno = EPERM;
- return -1;
- }
-
- if (auth && !afb_auth_check(xreq, auth)) {
- afb_xreq_reply_f(xreq, NULL, "denied", "authorisation refused");
- errno = EPERM;
- return -1;
- }
+ afb_xreq_reply_f(xreq, NULL, afb_error_text_unknown_verb, "verb %s unknown within api %s", xreq->request.called_verb, xreq->request.called_api);
+ errno = EINVAL;
+ return -1;
+}
- if ((sessionflags & AFB_SESSION_REFRESH_X2) != 0) {
- afb_context_refresh(&xreq->context);
- }
- if ((sessionflags & AFB_SESSION_CLOSE_X2) != 0) {
- afb_context_close(&xreq->context);
- }
+int afb_xreq_reply_invalid_token(struct afb_xreq *xreq)
+{
+ afb_xreq_reply(xreq, NULL, afb_error_text_invalid_token, "invalid token"); /* TODO: or "no token" */
+ errno = EINVAL;
+ return -1;
+}
- return 0;
+int afb_xreq_reply_insufficient_scope(struct afb_xreq *xreq, const char *scope)
+{
+ afb_xreq_reply(xreq, NULL, afb_error_text_insufficient_scope, scope ?: "insufficient scope");
+ errno = EPERM;
+ return -1;
}
+#if WITH_LEGACY_BINDING_V1
void afb_xreq_call_verb_v1(struct afb_xreq *xreq, const struct afb_verb_desc_v1 *verb)
{
if (!verb)
afb_xreq_reply_unknown_verb(xreq);
else
- if (!xreq_session_check_apply_v1(xreq, verb->session))
+ if (afb_auth_check_and_set_session_x1(xreq, verb->session) >= 0)
verb->callback(xreq_to_req_x1(xreq));
}
+#endif
+#if WITH_LEGACY_BINDING_V2
void afb_xreq_call_verb_v2(struct afb_xreq *xreq, const struct afb_verb_v2 *verb)
{
if (!verb)
afb_xreq_reply_unknown_verb(xreq);
else
- if (!xreq_session_check_apply_v2(xreq, verb->session, verb->auth))
+ if (afb_auth_check_and_set_session_x2(xreq, verb->auth, verb->session) > 0)
verb->callback(xreq_to_req_x1(xreq));
}
+#endif
void afb_xreq_call_verb_v3(struct afb_xreq *xreq, const struct afb_verb_v3 *verb)
{
if (!verb)
afb_xreq_reply_unknown_verb(xreq);
else
- if (xreq_session_check_apply_v2(xreq, verb->session, verb->auth) >= 0)
+ if (afb_auth_check_and_set_session_x2(xreq, verb->auth, verb->session) > 0)
verb->callback(xreq_to_req_x2(xreq));
}
xreq->queryitf = queryitf;
}
-void afb_xreq_reply_unknown_api(struct afb_xreq *xreq)
-{
- afb_xreq_reply_f(xreq, NULL, "unknown-api", "api %s not found (for verb %s)", xreq->request.called_api, xreq->request.called_verb);
-}
-
-void afb_xreq_reply_unknown_verb(struct afb_xreq *xreq)
-{
- afb_xreq_reply_f(xreq, NULL, "unknown-verb", "verb %s unknown within api %s", xreq->request.called_verb, xreq->request.called_api);
-}
-
+#if WITH_AFB_HOOK
static void init_hooking(struct afb_xreq *xreq)
{
afb_hook_init_xreq(xreq);
afb_hook_xreq_begin(xreq);
}
}
+#endif
/**
* job callback for asynchronous and secured processing of the request.
if (signum != 0) {
/* emit the error (assumes that hooking is initialised) */
- afb_xreq_reply_f(xreq, NULL, "aborted", "signal %s(%d) caught", strsignal(signum), signum);
+ afb_xreq_reply_f(xreq, NULL, afb_error_text_aborted, "signal %s(%d) caught", strsignal(signum), signum);
} else {
+#if WITH_AFB_HOOK
/* init hooking */
init_hooking(xreq);
+#endif
/* invoke api call method to process the request */
api = (const struct afb_api_item*)xreq->context.api_key;
api->itf->call(api->closure, xreq);
{
va_list args;
+#if WITH_AFB_HOOK
/* init hooking */
init_hooking(xreq);
+#endif
/* send error */
va_start(args, info);
const char *xreq_on_behalf_cred_export(struct afb_xreq *xreq)
{
- return xreq->caller ? afb_cred_export(xreq->cred) : NULL;
+ return afb_context_on_behalf_export(&xreq->context);
}
Code Review / src / app-framework-binder.git / blobdiff