Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
IRMA
Github mirrors
irmago
Commits
5e82e425
Commit
5e82e425
authored
Sep 01, 2018
by
Sietse Ringers
Browse files
Renaming variables and urls in server
Co-authored-by:
Confiks
<
confiks@scriptbase.org
>
parent
12dbf5a9
Changes
6
Hide whitespace changes
Inline
Side-by-side
internal/sessiontest/server_test.go
View file @
5e82e425
...
...
@@ -62,9 +62,9 @@ var JwtServerConfiguration = &irmaserver.Configuration{
AuthenticationKey
:
filepath
.
Join
(
testdata
,
"jwtkeys"
,
"requestor1.pem"
),
},
"requestor2"
:
{
AuthenticationMethod
:
irmaserver
.
AuthenticationMethod
PSK
,
AuthenticationMethod
:
irmaserver
.
AuthenticationMethod
Token
,
AuthenticationKey
:
"xa6=*&9?8jeUu5>.f-%rVg`f63pHim"
,
},
},
PrivateKey
:
filepath
.
Join
(
testdata
,
"jwtkeys"
,
"sk.pem"
),
Jwt
PrivateKey
:
filepath
.
Join
(
testdata
,
"jwtkeys"
,
"sk.pem"
),
}
internal/sessiontest/session_test.go
View file @
5e82e425
...
...
@@ -123,12 +123,12 @@ func startSession(t *testing.T, request irma.SessionRequest, sessiontype string)
qr
.
URL
=
url
+
"/"
+
qr
.
URL
case
"irmaserver-jwt"
:
url
:=
"http://localhost:48682"
err
=
irma
.
NewHTTPTransport
(
url
)
.
Post
(
"
create
"
,
&
qr
,
getJwt
(
t
,
request
,
sessiontype
,
true
))
err
=
irma
.
NewHTTPTransport
(
url
)
.
Post
(
"
session
"
,
&
qr
,
getJwt
(
t
,
request
,
sessiontype
,
true
))
token
=
qr
.
URL
qr
.
URL
=
url
+
"/irma/"
+
qr
.
URL
case
"irmaserver"
:
url
:=
"http://localhost:48682"
err
=
irma
.
NewHTTPTransport
(
url
)
.
Post
(
"
create
"
,
&
qr
,
request
)
err
=
irma
.
NewHTTPTransport
(
url
)
.
Post
(
"
session
"
,
&
qr
,
request
)
token
=
qr
.
URL
qr
.
URL
=
url
+
"/irma/"
+
qr
.
URL
default
:
...
...
server/backend/api.go
View file @
5e82e425
...
...
@@ -136,7 +136,7 @@ func HandleProtocolMessage(
// Fetch the session
token
:=
matches
[
1
]
verb
:=
matches
[
2
]
noun
:=
matches
[
2
]
session
:=
sessions
.
get
(
token
)
if
session
==
nil
{
conf
.
Logger
.
Warnf
(
"Session not found: %s"
,
token
)
...
...
@@ -158,7 +158,7 @@ func HandleProtocolMessage(
}()
// Route to handler
switch
len
(
verb
)
{
switch
len
(
noun
)
{
case
0
:
if
method
==
http
.
MethodDelete
{
session
.
handleDelete
()
...
...
@@ -188,7 +188,7 @@ func HandleProtocolMessage(
return
}
if
verb
==
"commitments"
&&
session
.
action
==
irma
.
ActionIssuing
{
if
noun
==
"commitments"
&&
session
.
action
==
irma
.
ActionIssuing
{
commitments
:=
&
gabi
.
IssueCommitmentMessage
{}
if
err
:=
irma
.
UnmarshalValidate
(
message
,
commitments
);
err
!=
nil
{
status
,
output
=
server
.
JsonResponse
(
nil
,
session
.
fail
(
server
.
ErrorMalformedInput
,
""
))
...
...
@@ -197,7 +197,7 @@ func HandleProtocolMessage(
status
,
output
=
server
.
JsonResponse
(
session
.
handlePostCommitments
(
commitments
))
return
}
if
verb
==
"proofs"
&&
session
.
action
==
irma
.
ActionDisclosing
{
if
noun
==
"proofs"
&&
session
.
action
==
irma
.
ActionDisclosing
{
proofs
:=
gabi
.
ProofList
{}
if
err
:=
irma
.
UnmarshalValidate
(
message
,
&
proofs
);
err
!=
nil
{
status
,
output
=
server
.
JsonResponse
(
nil
,
session
.
fail
(
server
.
ErrorMalformedInput
,
""
))
...
...
@@ -206,7 +206,7 @@ func HandleProtocolMessage(
status
,
output
=
server
.
JsonResponse
(
session
.
handlePostProofs
(
proofs
))
return
}
if
verb
==
"proofs"
&&
session
.
action
==
irma
.
ActionSigning
{
if
noun
==
"proofs"
&&
session
.
action
==
irma
.
ActionSigning
{
signature
:=
&
irma
.
SignedMessage
{}
if
err
:=
irma
.
UnmarshalValidate
(
message
,
signature
);
err
!=
nil
{
status
,
output
=
server
.
JsonResponse
(
nil
,
session
.
fail
(
server
.
ErrorMalformedInput
,
""
))
...
...
server/irmaserver/auth.go
View file @
5e82e425
...
...
@@ -37,7 +37,7 @@ type AuthenticationMethod string
// Currently supported requestor authentication methods
const
(
AuthenticationMethodPublicKey
=
"publickey"
AuthenticationMethod
PSK
=
"
psk
"
AuthenticationMethod
Token
=
"
token
"
AuthenticationMethodNone
=
"none"
)
...
...
server/irmaserver/conf.go
View file @
5e82e425
...
...
@@ -24,10 +24,10 @@ type Configuration struct {
Requestors
map
[
string
]
Requestor
// Requestor-specific permission and authentication configuration
GlobalPermissions
Permissions
// Disclosing, signing or issuance permissions that apply to all requestors
JwtIssuer
string
// Used in the "iss" field of result JWTs from /result-jwt and /getproof
PrivateKey
string
// Private key to sign result JWTs with. If absent, /result-jwt and /getproof are disabled.
JwtIssuer
string
// Used in the "iss" field of result JWTs from /result-jwt and /getproof
Jwt
PrivateKey
string
// Private key to sign result JWTs with. If absent, /result-jwt and /getproof are disabled.
p
rivateKey
*
rsa
.
PrivateKey
jwtP
rivateKey
*
rsa
.
PrivateKey
}
// Permissions specify which attributes or credential a requestor may verify or issue.
...
...
@@ -131,7 +131,7 @@ func (conf *Configuration) initialize() error {
authenticators
=
map
[
AuthenticationMethod
]
Authenticator
{
AuthenticationMethodPublicKey
:
&
PublicKeyAuthenticator
{
publickeys
:
map
[
string
]
*
rsa
.
PublicKey
{}},
AuthenticationMethod
PSK
:
&
PresharedKeyAuthenticator
{
presharedkeys
:
map
[
string
]
string
{}},
AuthenticationMethod
Token
:
&
PresharedKeyAuthenticator
{
presharedkeys
:
map
[
string
]
string
{}},
}
// Initialize authenticators
...
...
@@ -149,24 +149,24 @@ func (conf *Configuration) initialize() error {
}
func
(
conf
*
Configuration
)
readPrivateKey
()
error
{
if
conf
.
PrivateKey
==
""
{
if
conf
.
Jwt
PrivateKey
==
""
{
return
nil
}
var
keybytes
[]
byte
var
err
error
if
strings
.
HasPrefix
(
conf
.
PrivateKey
,
"-----BEGIN"
)
{
keybytes
=
[]
byte
(
conf
.
PrivateKey
)
if
strings
.
HasPrefix
(
conf
.
Jwt
PrivateKey
,
"-----BEGIN"
)
{
keybytes
=
[]
byte
(
conf
.
Jwt
PrivateKey
)
}
else
{
if
err
=
fs
.
AssertPathExists
(
conf
.
PrivateKey
);
err
!=
nil
{
if
err
=
fs
.
AssertPathExists
(
conf
.
Jwt
PrivateKey
);
err
!=
nil
{
return
err
}
if
keybytes
,
err
=
ioutil
.
ReadFile
(
conf
.
PrivateKey
);
err
!=
nil
{
if
keybytes
,
err
=
ioutil
.
ReadFile
(
conf
.
Jwt
PrivateKey
);
err
!=
nil
{
return
err
}
}
conf
.
p
rivateKey
,
err
=
jwt
.
ParseRSAPrivateKeyFromPEM
(
keybytes
)
conf
.
jwtP
rivateKey
,
err
=
jwt
.
ParseRSAPrivateKeyFromPEM
(
keybytes
)
return
err
}
...
...
server/irmaserver/server.go
View file @
5e82e425
...
...
@@ -56,13 +56,13 @@ func Handler(config *Configuration) (http.Handler, error) {
router
.
Mount
(
"/irma/"
,
irmarequestor
.
HttpHandlerFunc
(
"/irma/"
))
// Server routes
router
.
Post
(
"/
create
"
,
handleCreate
)
router
.
Get
(
"/s
tatus
/{token}"
,
handleStatus
)
router
.
Get
(
"/
r
es
ult
/{token}"
,
handleResult
)
router
.
Post
(
"/
session
"
,
handleCreate
)
router
.
Get
(
"/s
ession
/{token}
/status
"
,
handleStatus
)
router
.
Get
(
"/
s
es
sion
/{token}
/result
"
,
handleResult
)
// Routes for getting signed JWTs containing the session result. Only work if configuration has a private key
router
.
Get
(
"/
r
es
ult-jwt
/{token}"
,
handleJwtResult
)
router
.
Get
(
"/getproof
/{token}
"
,
handleJwtProofs
)
// irma_api_server-compatible JWT
router
.
Get
(
"/
s
es
sion
/{token}
/result-jwt
"
,
handleJwtResult
)
router
.
Get
(
"/
session/{token}/
getproof"
,
handleJwtProofs
)
// irma_api_server-compatible JWT
return
router
,
nil
}
...
...
@@ -145,7 +145,7 @@ func handleResult(w http.ResponseWriter, r *http.Request) {
}
func
handleJwtResult
(
w
http
.
ResponseWriter
,
r
*
http
.
Request
)
{
if
conf
.
p
rivateKey
==
nil
{
if
conf
.
jwtP
rivateKey
==
nil
{
server
.
WriteError
(
w
,
server
.
ErrorUnknown
,
"JWT signing not supported"
)
return
}
...
...
@@ -168,7 +168,7 @@ func handleJwtResult(w http.ResponseWriter, r *http.Request) {
// Sign the jwt and return it
token
:=
jwt
.
NewWithClaims
(
jwt
.
SigningMethodRS256
,
claims
)
resultJwt
,
err
:=
token
.
SignedString
(
conf
.
p
rivateKey
)
resultJwt
,
err
:=
token
.
SignedString
(
conf
.
jwtP
rivateKey
)
if
err
!=
nil
{
server
.
WriteError
(
w
,
server
.
ErrorUnknown
,
err
.
Error
())
return
...
...
@@ -177,7 +177,7 @@ func handleJwtResult(w http.ResponseWriter, r *http.Request) {
}
func
handleJwtProofs
(
w
http
.
ResponseWriter
,
r
*
http
.
Request
)
{
if
conf
.
p
rivateKey
==
nil
{
if
conf
.
jwtP
rivateKey
==
nil
{
server
.
WriteError
(
w
,
server
.
ErrorUnknown
,
"JWT signing not supported"
)
return
}
...
...
@@ -220,7 +220,7 @@ func handleJwtProofs(w http.ResponseWriter, r *http.Request) {
// Sign the jwt and return it
token
:=
jwt
.
NewWithClaims
(
jwt
.
SigningMethodRS256
,
claims
)
resultJwt
,
err
:=
token
.
SignedString
(
conf
.
p
rivateKey
)
resultJwt
,
err
:=
token
.
SignedString
(
conf
.
jwtP
rivateKey
)
if
err
!=
nil
{
server
.
WriteError
(
w
,
server
.
ErrorUnknown
,
err
.
Error
())
return
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment