Core processor module implementation file. More...
#include "core_processor.h"
#include "http_definitions.h"
#include "json_util.h"
#include "list.h"
#include "definitions.h"
#include "jwt.h"
#include "security.h"
#include "random.h"
#include "string_util.h"
#include "time_util.h"
#include "mcl_core/mcl_assert.h"
#include "mcl_core/mcl_core_common.h"
#include "mcl_core/mcl_file_util.h"
#include "mcl_core/mcl_memory.h"
Go to the source code of this file.
Macros | |
#define | JSON_NAME_CLIENT_ID "client_id" |
#define | JSON_NAME_TOKEN_ENDPOINT_AUTH_METHOD "token_endpoint_auth_method" |
#define | JSON_NAME_GRANT_TYPES "grant_types" |
#define | JSON_NAME_CLIENT_SECRET "client_secret" |
#define | JSON_NAME_CLIENT_SECRET_EXPIRES_AT "client_secret_expires_at" |
#define | JSON_NAME_REGISTRATION_ACCESS_TOKEN "registration_access_token" |
#define | JSON_NAME_REGISTRATION_CLIENT_URI "registration_client_uri" |
#define | JSON_NAME_JWKS "jwks" |
#define | JSON_NAME_KEYS "keys" |
#define | JSON_NAME_E "e" |
#define | JSON_NAME_N "n" |
#define | JSON_NAME_KTY "kty" |
#define | JSON_NAME_KID "kid" |
#define | JSON_NAME_ACCESS_TOKEN "access_token" |
#define | REGISTER_URI_PATH "/register" |
#define | ACCESS_TOKEN_URI_PATH "/token" |
#define | CORRELATION_ID_BYTE_LENGTH 16 |
Variables | |
static const char | _bearer_format [] = "Bearer %s" |
static const char | _client_id_format [] = "{\"client_id\":\"%s\"}" |
static const char | _string_identifier [] = "%s" |
static const char * | endpoint_uri [ENDPOINT_URI_END] |
static const char * | _content_type_values [CONTENT_TYPE_VALUES_END] |
Core processor module implementation file.
Definition in file core_processor.c.
#define ACCESS_TOKEN_URI_PATH "/token" |
Definition at line 40 of file core_processor.c.
#define CORRELATION_ID_BYTE_LENGTH 16 |
Definition at line 42 of file core_processor.c.
Referenced by _generate_correlation_id_string().
#define JSON_NAME_ACCESS_TOKEN "access_token" |
Definition at line 37 of file core_processor.c.
Referenced by core_processor_get_access_token().
#define JSON_NAME_CLIENT_ID "client_id" |
Definition at line 24 of file core_processor.c.
Referenced by _compose_rsa_key_rotation_json(), _process_registration_response_rsa_3072(), and _process_registration_response_shared_secret().
#define JSON_NAME_CLIENT_SECRET "client_secret" |
Definition at line 27 of file core_processor.c.
Referenced by _process_registration_response_shared_secret().
#define JSON_NAME_CLIENT_SECRET_EXPIRES_AT "client_secret_expires_at" |
Definition at line 28 of file core_processor.c.
#define JSON_NAME_E "e" |
Definition at line 33 of file core_processor.c.
Referenced by _add_jwks().
#define JSON_NAME_GRANT_TYPES "grant_types" |
Definition at line 26 of file core_processor.c.
#define JSON_NAME_JWKS "jwks" |
Definition at line 31 of file core_processor.c.
Referenced by _add_jwks().
#define JSON_NAME_KEYS "keys" |
Definition at line 32 of file core_processor.c.
Referenced by _add_jwks().
#define JSON_NAME_KID "kid" |
Definition at line 36 of file core_processor.c.
Referenced by _add_jwks().
#define JSON_NAME_KTY "kty" |
Definition at line 35 of file core_processor.c.
Referenced by _add_jwks().
#define JSON_NAME_N "n" |
Definition at line 34 of file core_processor.c.
Referenced by _add_jwks().
#define JSON_NAME_REGISTRATION_ACCESS_TOKEN "registration_access_token" |
Definition at line 29 of file core_processor.c.
Referenced by _process_registration_response_rsa_3072(), and _process_registration_response_shared_secret().
#define JSON_NAME_REGISTRATION_CLIENT_URI "registration_client_uri" |
Definition at line 30 of file core_processor.c.
Referenced by _process_registration_response_rsa_3072(), and _process_registration_response_shared_secret().
#define JSON_NAME_TOKEN_ENDPOINT_AUTH_METHOD "token_endpoint_auth_method" |
Definition at line 25 of file core_processor.c.
#define REGISTER_URI_PATH "/register" |
Definition at line 39 of file core_processor.c.
Content types.
This is used with http_header_values[E_HTTP_HEADER_VALUES] to get the related string. ex: http_header_values[HTTP_HEADER_CONTENT_TYPE_APPLICATION_OCTET_STREAM] returns the string of "application/octet-stream".
Definition at line 64 of file core_processor.c.
enum E_ENDPOINT_URI |
Type of URIs for different endpoints.
Enumerator | |
---|---|
ENDPOINT_URI_ACCESS_TOKEN |
Uri for access token endpoint. |
ENDPOINT_URI_REGISTER |
Uri for registration endpoint. |
ENDPOINT_URI_END |
End of uri endpoint. |
Definition at line 51 of file core_processor.c.
|
static |
Definition at line 1008 of file core_processor.c.
References _add_key_to_keys_array(), JSON_NAME_E, JSON_NAME_JWKS, JSON_NAME_KEYS, JSON_NAME_KID, JSON_NAME_KTY, JSON_NAME_N, json_util_add_string(), json_util_start_array(), json_util_start_object(), MCL_DEBUG_ENTRY, MCL_DEBUG_LEAVE, MCL_FREE, MCL_NULL, MCL_OK, rsa_t::public_key, random_generate_guid(), security_handler_t::rsa, and security_rsa_get_modulus_and_exponent().
Referenced by _compose_rsa_key_rotation_json(), and _compose_rsa_onboarding_json().
|
static |
Definition at line 1070 of file core_processor.c.
References json_util_add_item_to_array(), json_util_initialize(), MCL_DEBUG_ENTRY, MCL_DEBUG_LEAVE, MCL_JSON_OBJECT, and MCL_OK.
Referenced by _add_jwks().
|
static |
Definition at line 573 of file core_processor.c.
References security_handler_t::client_secret, MCL_DEBUG_ENTRY, MCL_DEBUG_LEAVE, MCL_FAIL, MCL_OK, security_handler_t::registration_access_token, core_processor_t::security_handler, string_util_strlen(), and string_util_strncmp().
Referenced by core_processor_update_credentials().
|
static |
Definition at line 604 of file core_processor.c.
References MCL_DEBUG_ENTRY, MCL_DEBUG_LEAVE, MCL_FAIL, rsa_t::private_key, security_handler_t::rsa, core_processor_t::security_handler, string_util_strlen(), and string_util_strncmp().
Referenced by core_processor_update_credentials().
|
static |
Definition at line 1188 of file core_processor.c.
References core_processor_t::configuration, jwt_destroy(), jwt_get_token(), jwt_initialize(), MCL_DEBUG_ENTRY, MCL_DEBUG_LEAVE, MCL_FAIL, MCL_FREE, MCL_NULL, MCL_OK, core_processor_t::security_handler, core_configuration_t::security_profile, string_util_concatenate(), and core_configuration_t::tenant.
Referenced by core_processor_get_access_token().
|
static |
Definition at line 966 of file core_processor.c.
References _add_jwks(), security_handler_t::client_id, JSON_NAME_CLIENT_ID, json_util_add_string(), json_util_destroy(), json_util_initialize(), json_util_to_string(), MCL_DEBUG_ENTRY, MCL_DEBUG_LEAVE, MCL_FREE, MCL_JSON_OBJECT, MCL_NULL, MCL_OK, rsa_t::private_key, rsa_t::public_key, security_handler_t::rsa, and security_handler_generate_rsa_key().
Referenced by core_processor_register().
|
static |
Definition at line 936 of file core_processor.c.
References _add_jwks(), json_util_destroy(), json_util_initialize(), json_util_to_string(), MCL_DEBUG_ENTRY, MCL_DEBUG_LEAVE, MCL_FREE, MCL_JSON_OBJECT, MCL_NULL, and MCL_OK.
Referenced by core_processor_register().
|
static |
Definition at line 1087 of file core_processor.c.
References security_handler_t::client_id, security_handler_t::client_secret, core_processor_t::configuration, core_configuration_t::credentials_load_callback, MCL_DEBUG_ENTRY, MCL_DEBUG_LEAVE, MCL_SECURITY_SHARED_SECRET, rsa_t::private_key, rsa_t::public_key, security_handler_t::registration_access_token, security_handler_t::registration_uri, security_handler_t::rsa, mcl_credentials_load_callback_t::rsa, core_processor_t::security_handler, core_configuration_t::security_profile, and mcl_credentials_load_callback_t::shared_secret.
Referenced by core_processor_initialize().
|
static |
Definition at line 1115 of file core_processor.c.
References CORRELATION_ID_BYTE_LENGTH, MCL_DEBUG_ENTRY, MCL_DEBUG_LEAVE, MCL_FREE, MCL_MALLOC, MCL_NULL, MCL_NULL_CHAR_SIZE, MCL_OK, MCL_OUT_OF_MEMORY, security_generate_random_bytes(), and string_util_snprintf().
Referenced by core_processor_get_access_token(), and core_processor_register().
|
static |
Definition at line 224 of file core_processor.c.
References core_processor_t::configuration, core_configuration_t::initial_access_token, MCL_ASSERT_CODE_MESSAGE, MCL_DEBUG, MCL_DEBUG_ENTRY, MCL_DEBUG_LEAVE, MCL_ERROR, MCL_INFO, MCL_NO_ACCESS_TOKEN_PROVIDED, MCL_NULL, MCL_OK, MCL_SECURITY_RSA_3072, core_processor_t::security_handler, security_handler_generate_rsa_key(), and core_configuration_t::security_profile.
Referenced by core_processor_initialize().
|
static |
Definition at line 415 of file core_processor.c.
References _process_registration_response_rsa_3072(), _process_registration_response_shared_secret(), _save_credentials(), core_processor_t::configuration, MCL_CREATED, MCL_DEBUG_ENTRY, MCL_DEBUG_LEAVE, MCL_ERROR, MCL_FALSE, mcl_http_response_get_status(), MCL_INFO, MCL_NULL, MCL_OK, MCL_SECURITY_SHARED_SECRET, MCL_TRUE, MCL_UNEXPECTED_RESULT_CODE, mcl_http_response_t::payload, mcl_http_response_t::payload_size, security_handler_t::registration_access_token, core_processor_t::security_handler, core_configuration_t::security_profile, and mcl_http_response_t::status_code.
Referenced by core_processor_register().
|
static |
Definition at line 865 of file core_processor.c.
References security_handler_t::client_id, JSON_NAME_CLIENT_ID, JSON_NAME_REGISTRATION_ACCESS_TOKEN, JSON_NAME_REGISTRATION_CLIENT_URI, json_util_destroy(), json_util_get_object_item(), json_util_get_string(), json_util_parse(), MCL_DEBUG_ENTRY, MCL_DEBUG_LEAVE, MCL_FREE, MCL_NULL, MCL_OK, mcl_http_response_t::payload, mcl_http_response_t::payload_size, security_handler_t::registration_access_token, security_handler_t::registration_uri, and core_processor_t::security_handler.
Referenced by _process_registration_response().
|
static |
Definition at line 780 of file core_processor.c.
References security_handler_t::client_id, security_handler_t::client_secret, JSON_NAME_CLIENT_ID, JSON_NAME_CLIENT_SECRET, JSON_NAME_REGISTRATION_ACCESS_TOKEN, JSON_NAME_REGISTRATION_CLIENT_URI, json_util_destroy(), json_util_get_object_item(), json_util_get_string(), json_util_parse(), MCL_DEBUG_ENTRY, MCL_DEBUG_LEAVE, MCL_FREE, MCL_NULL, MCL_OK, mcl_http_response_t::payload, mcl_http_response_t::payload_size, security_handler_t::registration_access_token, security_handler_t::registration_uri, and core_processor_t::security_handler.
Referenced by _process_registration_response().
|
static |
Definition at line 1150 of file core_processor.c.
References security_handler_t::client_id, security_handler_t::client_secret, core_processor_t::configuration, core_configuration_t::credentials_load_callback, core_configuration_t::credentials_save_callback, MCL_DEBUG_ENTRY, MCL_DEBUG_LEAVE, MCL_NULL, MCL_OK, MCL_SECURITY_SHARED_SECRET, MCL_WARN, rsa_t::private_key, rsa_t::public_key, security_handler_t::registration_access_token, security_handler_t::registration_uri, security_handler_t::rsa, mcl_credentials_load_callback_t::rsa, mcl_credentials_save_callback_t::rsa, core_processor_t::security_handler, core_configuration_t::security_profile, and mcl_credentials_save_callback_t::shared_secret.
Referenced by _process_registration_response().
void core_processor_destroy | ( | core_processor_t ** | core_processor | ) |
This function destroys the core processor handle.
[in] | core_processor | Core processor handle to be destroyed. |
Definition at line 752 of file core_processor.c.
References MCL_DEBUG, MCL_DEBUG_ENTRY, MCL_DEBUG_LEAVE, MCL_FREE, mcl_http_client_destroy(), MCL_NULL, and security_handler_destroy().
Referenced by core_processor_initialize(), and mcl_core_destroy().
mcl_error_t core_processor_get_access_token | ( | core_processor_t * | core_processor | ) |
This function is called by mcl_core_get_access_token.
[in] | core_processor | Core processor handle to be used. |
Definition at line 622 of file core_processor.c.
References _compose_access_token_request_payload(), _content_type_values, _generate_correlation_id_string(), security_handler_t::access_token, core_processor_t::configuration, CONTENT_TYPE_URL_ENCODED, core_processor_t::http_client, HTTP_HEADER_CONTENT_TYPE, HTTP_HEADER_CORRELATION_ID, http_header_names, HTTP_HEADER_SERVER_TIME, JSON_NAME_ACCESS_TOKEN, json_util_destroy(), json_util_get_object_item(), json_util_get_string(), json_util_parse(), security_handler_t::last_token_time, MCL_DEBUG_ENTRY, MCL_DEBUG_LEAVE, MCL_ERROR, MCL_FREE, mcl_http_client_send(), MCL_HTTP_POST, mcl_http_request_add_header(), mcl_http_request_destroy(), mcl_http_request_initialize(), MCL_HTTP_REQUEST_PARAMETER_BODY, MCL_HTTP_REQUEST_PARAMETER_BODY_SIZE, MCL_HTTP_REQUEST_PARAMETER_METHOD, MCL_HTTP_REQUEST_PARAMETER_URL, mcl_http_request_set_parameter(), mcl_http_response_destroy(), mcl_http_response_get_header(), mcl_http_response_get_status(), MCL_INFO, MCL_NULL, MCL_OK, mcl_http_response_t::payload, mcl_http_response_t::payload_size, core_processor_t::security_handler, mcl_http_response_t::status_code, string_util_strlen(), and core_configuration_t::token_endpoint.
Referenced by mcl_core_get_access_token().
mcl_error_t core_processor_initialize | ( | core_configuration_t * | configuration, |
core_processor_t ** | core_processor | ||
) |
This function initializes core processor.
[in] | configuration | The configuration parameters to be used for initialization. |
[out] | core_processor | The newly initialized core processor. |
Definition at line 125 of file core_processor.c.
References _custom_load_register_info(), _load_initial_credentials(), mcl_http_client_configuration_t::certificate, core_configuration_t::certificate_is_file, mcl_http_client_configuration_t::certificate_is_file, core_processor_destroy(), endpoint_uri, ENDPOINT_URI_ACCESS_TOKEN, ENDPOINT_URI_REGISTER, core_configuration_t::http_request_timeout, mcl_http_client_configuration_t::http_request_timeout, json_util_initialize_json_library(), MCL_ASSERT_CODE_MESSAGE, MCL_ASSERT_STATEMENT_CODE_MESSAGE, MCL_CREDENTIALS_NOT_LOADED, MCL_DEBUG, MCL_DEBUG_ENTRY, MCL_DEBUG_LEAVE, mcl_http_client_initialize(), MCL_INFO, MCL_NEW, MCL_NULL, MCL_OK, MCL_OUT_OF_MEMORY, core_configuration_t::mindsphere_certificate, core_configuration_t::mindsphere_port, mcl_http_client_configuration_t::port, core_configuration_t::proxy_domain, mcl_http_client_configuration_t::proxy_domain, core_configuration_t::proxy_hostname, mcl_http_client_configuration_t::proxy_hostname, core_configuration_t::proxy_password, mcl_http_client_configuration_t::proxy_password, core_configuration_t::proxy_port, mcl_http_client_configuration_t::proxy_port, core_configuration_t::proxy_type, mcl_http_client_configuration_t::proxy_type, core_configuration_t::proxy_username, mcl_http_client_configuration_t::proxy_username, security_handler_initialize(), security_initialize(), string_util_concatenate(), core_configuration_t::user_agent, and mcl_http_client_configuration_t::user_agent.
Referenced by mcl_core_initialize().
mcl_error_t core_processor_register | ( | core_processor_t * | core_processor | ) |
This function is called by mcl_core_onboard and mcl_core_rotate_key.
[in] | core_processor | Core processor handle to be used. |
Definition at line 252 of file core_processor.c.
References _bearer_format, _client_id_format, _compose_rsa_key_rotation_json(), _compose_rsa_onboarding_json(), _content_type_values, _generate_correlation_id_string(), _process_registration_response(), _string_identifier, security_handler_t::client_id, core_processor_t::configuration, CONTENT_TYPE_APPLICATION_JSON, core_processor_t::http_client, HTTP_HEADER_ACCEPT, HTTP_HEADER_AUTHORIZATION, HTTP_HEADER_CONTENT_TYPE, HTTP_HEADER_CORRELATION_ID, http_header_names, core_configuration_t::initial_access_token, MCL_ASSERT_STATEMENT_CODE_MESSAGE, MCL_DEBUG_ENTRY, MCL_DEBUG_LEAVE, MCL_ERROR, MCL_FAIL, MCL_FREE, mcl_http_client_send(), MCL_HTTP_POST, MCL_HTTP_PUT, mcl_http_request_add_header(), mcl_http_request_destroy(), mcl_http_request_initialize(), MCL_HTTP_REQUEST_PARAMETER_BODY, MCL_HTTP_REQUEST_PARAMETER_BODY_SIZE, MCL_HTTP_REQUEST_PARAMETER_METHOD, MCL_HTTP_REQUEST_PARAMETER_URL, mcl_http_request_set_parameter(), mcl_http_response_destroy(), MCL_MALLOC, MCL_NULL, MCL_NULL_CHAR_SIZE, MCL_OK, MCL_OUT_OF_MEMORY, MCL_SECURITY_RSA_3072, MCL_SECURITY_SHARED_SECRET, core_configuration_t::register_endpoint, security_handler_t::registration_access_token, security_handler_t::registration_uri, core_processor_t::security_handler, core_configuration_t::security_profile, string_util_snprintf(), and string_util_strlen().
Referenced by mcl_core_onboard(), and mcl_core_rotate_key().
mcl_error_t core_processor_update_credentials | ( | core_processor_t * | core_processor | ) |
This function is called by mcl_core_update_credentials.
[in] | core_processor | Core processor handle to be used. |
Definition at line 480 of file core_processor.c.
References _check_client_secret(), _check_rsa_private_key(), security_handler_t::client_id, security_handler_t::client_secret, core_processor_t::configuration, core_configuration_t::credentials_load_callback, core_configuration_t::credentials_save_callback, MCL_ASSERT_CODE_MESSAGE, MCL_CREDENTIALS_UP_TO_DATE, MCL_DEBUG_ENTRY, MCL_DEBUG_LEAVE, MCL_FAIL, MCL_FREE, MCL_NULL, MCL_OK, MCL_SECURITY_SHARED_SECRET, MCL_TRUE, rsa_t::private_key, rsa_t::public_key, security_handler_t::registration_access_token, security_handler_t::rsa, mcl_credentials_load_callback_t::rsa, core_processor_t::security_handler, core_configuration_t::security_profile, mcl_credentials_load_callback_t::shared_secret, mcl_credentials_save_callback_t::shared_secret, string_util_strlen(), and string_util_strncmp().
Referenced by mcl_core_update_credentials().
|
static |
Definition at line 44 of file core_processor.c.
Referenced by core_processor_register().
|
static |
Definition at line 45 of file core_processor.c.
Referenced by core_processor_register().
|
static |
Definition at line 85 of file core_processor.c.
Referenced by core_processor_get_access_token(), and core_processor_register().
|
static |
Definition at line 46 of file core_processor.c.
Referenced by core_processor_register().
|
static |
Definition at line 78 of file core_processor.c.
Referenced by core_processor_initialize().