geos_one/CASA
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Continued development of AuthenticationToken Validation Service.

Browse Source
This commit is contained in:
Juan Carlos Luciani
2006-09-07 23:33:33 +00:00
parent 307ed2444c
commit 6ab8fe3080
14 changed files with 386 additions and 131 deletions
Download Patch File Download Diff File Expand all files Collapse all files

127
CASA-auth-token/non-java/server/AuthTokenValidate/validate.c
View File

@@ -41,6 +41,10 @@ int DebugLevel = 0;
static
bool g_moduleInitialized = false;
//
// IPC Client Sub-system variables
//
uint32_t atvsEndPointHandle; // Authentication Token Validation Service endpoint handle
//++=======================================================================
CasaStatus SSCS_CALL
@@ -126,8 +130,37 @@ ValidateAuthToken(
retStatus = IdenTokenInit();
if (CASA_SUCCESS(retStatus))
{
// Success
g_moduleInitialized = true;
// Initialize the Client Ipc Subsystem
if (IpcClientInit("CASA_AuthTokenValidate",
true,
DebugLevel,
false) == 0)
{
// Open endpoint for the Authentication Token Validation Service
if (IpcClientOpenInetRemoteEndPoint(5000,
0x7F000001,
0,
&atvsEndPointHandle) == 0)
{
// Success
g_moduleInitialized = true;
}
else
{
DbgTrace(0, "-ValidateAuthToken- Failed to open remote endpoint\n", 0);
IpcClientShutdown();
IdenTokenUninit();
PrincipalIfUninit();
ConfigIfUninit();
}
}
else
{
DbgTrace(0, "-ValidateAuthToken- Ipc subsystem initialization failed\n", 0);
IdenTokenUninit();
PrincipalIfUninit();
ConfigIfUninit();
}
}
else
{
@@ -157,71 +190,87 @@ ValidateAuthToken(
&decodedTokenBufLen);
if (CASA_SUCCESS(retStatus))
{
AuthToken *pAuthToken;
char *pIdenTokenData;
int idenTokenDataLen;
// Token was decoded successfully, now create an authentication token object with it.
retStatus = CreateAuthToken(pDecodedTokenBuf, decodedTokenBufLen, &pAuthToken);
if (CASA_SUCCESS(retStatus))
// Token was decoded successfully, now submit the authentication token to the
// authentication token validation service.
if (IpcClientSubmitReq(atvsEndPointHandle,
pDecodedTokenBuf,
decodedTokenBufLen,
&pIdenTokenData,
&idenTokenDataLen) == 0)
{
// Now check the validity of the token
retStatus = CheckAuthToken(pAuthToken, pServiceName);
if (CASA_SUCCESS(retStatus))
// The submit succeeded, make sure that we got some identity data back.
if (pIdenTokenData)
{
IdenTokenProviderIf *pIdenTokenProviderIf;
// The token was validated, now
// Obtain Identity Token Provider interface
retStatus = GetIdenTokenProviderInterface(pAuthToken->pIdenTokenType,
&pIdenTokenProviderIf);
if (CASA_SUCCESS(retStatus))
if (idenTokenDataLen != 0)
{
IdenTokenIf *pIdenTokenIf;
IdenTokenProviderIf *pIdenTokenProviderIf;
// Use the Identity Token Provider to get an Identity Token Interface instance
retStatus = pIdenTokenProviderIf->getIdentityTokenIf(pIdenTokenProviderIf,
pAuthToken->pIdenToken,
pAuthToken->idenTokenLen,
&pIdenTokenIf);
// The authentication token was validated, now obtain
// Identity Token Provider interface.
retStatus = GetIdenTokenProviderInterface("CasaIdentityToken", // tbd - Hard code until we enhance the protocol with the atvs to also return this information.
&pIdenTokenProviderIf);
if (CASA_SUCCESS(retStatus))
{
// Now create a principal interface instance with the identity information present in
// the identity token.
retStatus = GetPrincipalInterface(pIdenTokenIf, &pPrincipalIf);
IdenTokenIf *pIdenTokenIf;
// Use the Identity Token Provider to get an Identity Token Interface instance
retStatus = pIdenTokenProviderIf->getIdentityTokenIf(pIdenTokenProviderIf,
pIdenTokenData,
idenTokenDataLen,
&pIdenTokenIf);
if (CASA_SUCCESS(retStatus))
{
// Success, return the principal interface to the caller.
*ppPrincipalIf = pPrincipalIf;
// Now create a principal interface instance with the identity information present in
// the identity token.
retStatus = GetPrincipalInterface(pIdenTokenIf, &pPrincipalIf);
if (CASA_SUCCESS(retStatus))
{
// Success, return the principal interface to the caller.
*ppPrincipalIf = pPrincipalIf;
}
else
{
DbgTrace(0, "-ValidateAuthToken- Failed to instantiate principal interface\n", 0);
}
// Release identity token interface
pIdenTokenIf->releaseReference(pIdenTokenIf);
}
else
{
DbgTrace(0, "-ValidateAuthToken- Failed to instantiate principal interface\n", 0);
DbgTrace(0, "-ValidateAuthToken- Failed to instantiate identity token\n", 0);
}
// Release identity token interface
pIdenTokenIf->releaseReference(pIdenTokenIf);
// Release identity token provider interface
pIdenTokenProviderIf->releaseReference(pIdenTokenProviderIf);
}
else
{
DbgTrace(0, "-ValidateAuthToken- Failed to instantiate identity token\n", 0);
DbgTrace(0, "-ValidateAuthToken- Failed to obtain identity token provider interface\n", 0);
}
// Release identity token provider interface
pIdenTokenProviderIf->releaseReference(pIdenTokenProviderIf);
}
else
{
DbgTrace(0, "-ValidateAuthToken- Failed to obtain identity token provider interface\n", 0);
DbgTrace(0, "-ValidateAuthToken- ValidateAuthToken submit did not return identity token data\n", 0);
}
}
// Free the AuthToken object
RelAuthToken(pAuthToken);
// Free the buffer containing the identity token data
free(pIdenTokenData);
}
else
{
DbgTrace(0, "-ValidateAuthToken- ValidateAuthToken submit did not return identity token data buffer\n", 0);
}
}
else
{
DbgTrace(0, "-ValidateAuthToken- Failed to create authentication token object\n", 0);
DbgTrace(1, "-ValidateAuthToken- ValidateAuthToken submit failed\n", 0);
}
// Free the decoded token buffer
free(pDecodedTokenBuf);
}