24 #define JSON_NAME_CLIENT_ID "client_id" 25 #define JSON_NAME_TOKEN_ENDPOINT_AUTH_METHOD "token_endpoint_auth_method" 26 #define JSON_NAME_GRANT_TYPES "grant_types" 27 #define JSON_NAME_CLIENT_SECRET "client_secret" 28 #define JSON_NAME_CLIENT_SECRET_EXPIRES_AT "client_secret_expires_at" 29 #define JSON_NAME_REGISTRATION_ACCESS_TOKEN "registration_access_token" 30 #define JSON_NAME_REGISTRATION_CLIENT_URI "registration_client_uri" 31 #define JSON_NAME_JWKS "jwks" 32 #define JSON_NAME_KEYS "keys" 33 #define JSON_NAME_E "e" 34 #define JSON_NAME_N "n" 35 #define JSON_NAME_KTY "kty" 36 #define JSON_NAME_KID "kid" 37 #define JSON_NAME_ACCESS_TOKEN "access_token" 39 #define REGISTER_URI_PATH "/register" 40 #define ACCESS_TOKEN_URI_PATH "/token" 42 #define CORRELATION_ID_BYTE_LENGTH 16 80 "/api/agentmanagement/v3/oauth/token",
81 "/api/agentmanagement/v3/register" 88 "application/x-www-form-urlencoded" 133 MCL_DEBUG_ENTRY(
"core_configuration_t *configuration = <%p>, core_processor_t **core_processor = <%p>", configuration, core_processor);
148 (*core_processor)->http_client =
MCL_NULL;
149 (*core_processor)->security_handler =
MCL_NULL;
152 (*core_processor)->configuration = configuration;
170 MCL_DEBUG(
"Http client is successfully initialized.");
175 MCL_DEBUG(
"Security handler is successfully initialized.");
178 if ((
MCL_NULL != (*core_processor)->configuration->credentials_load_callback.rsa) &&
179 (
MCL_NULL != (*core_processor)->configuration->credentials_save_callback.rsa))
183 if (
MCL_OK == return_code)
185 MCL_INFO(
"MCL is initialized with the credentials provided by the callback function.");
193 MCL_INFO(
"Credentials could not be loaded.");
203 if (
MCL_OK == return_code)
206 &(*core_processor)->configuration->register_endpoint);
209 if (
MCL_OK == return_code)
212 &(*core_processor)->configuration->token_endpoint);
215 if (
MCL_OK != return_code)
228 MCL_DEBUG_ENTRY(
"core_processor_t *core_processor = <%p>", core_processor);
244 MCL_INFO(
"MCL is initialized to onboard with initial access token.");
266 MCL_DEBUG_ENTRY(
"core_processor_t *core_processor = <%p>", core_processor);
326 auth_header_value =
MCL_MALLOC(auth_header_value_length);
396 MCL_ERROR(
"HTTP client error when accessing /register endpoint.");
421 MCL_DEBUG_ENTRY(
"core_processor_t *core_processor = <%p>, mcl_http_response_t *http_response = <%p>, char *correlation_id = <%p> ",
422 core_processor, http_response, correlation_id);
429 if (
MCL_OK == server_response)
440 code = server_response;
445 code = server_response;
450 MCL_INFO(
"Correlation-ID = \"%s\"", correlation_id);
468 MCL_ERROR(
"HTTP <%d> received from server for the request with correlation-id = \"%s\".", http_response->
status_code, correlation_id);
488 char *registration_access_token =
MCL_NULL;
498 MCL_DEBUG_ENTRY(
"core_processor_t *core_processor = <%p>", core_processor);
507 ®istration_access_token, ®istration_uri);
512 ®istration_access_token, ®istration_uri);
563 MCL_FREE(registration_access_token);
578 MCL_DEBUG_ENTRY(
"core_processor_t *core_processor = <%p>, char *registration_access_token = <%p>, char *client_secret = <%p>",
579 core_processor, registration_access_token, client_secret);
609 MCL_DEBUG_ENTRY(
"core_processor_t *core_processor = <%p>, char *private_key = <%p>", core_processor, private_key);
629 char *server_time_header =
MCL_NULL;
634 MCL_DEBUG_ENTRY(
"core_processor_t *core_processor = <%p>", core_processor);
697 if (
MCL_OK == optional_field_code)
707 MCL_INFO(
"Correlation-ID = \"%s\"", correlation_id);
711 MCL_ERROR(
"HTTP <%d> received from server for the request with correlation-id = \"%s\".", response->
status_code, correlation_id);
721 MCL_ERROR(
"Http client error when accessing /token endpoint.");
754 MCL_DEBUG_ENTRY(
"core_processor_t **core_processor = <%p>", core_processor);
764 MCL_FREE((*core_processor)->configuration->token_endpoint);
765 MCL_FREE((*core_processor)->configuration->register_endpoint);
770 MCL_DEBUG(
"Core processor handle is destroyed.");
774 MCL_DEBUG(
"Core processor handle is already NULL.");
789 MCL_DEBUG_ENTRY(
"core_processor_t *core_processor = <%p>, mcl_http_response_t *http_response = <%p>", core_processor, http_response);
816 char *temp_client_secret =
MCL_NULL;
817 char *temp_registration_access_token =
MCL_NULL;
818 char *temp_registration_uri =
MCL_NULL;
854 MCL_FREE(temp_registration_access_token);
873 MCL_DEBUG_ENTRY(
"core_processor_t *core_processor = <%p>, mcl_http_response_t *http_response = <%p>", core_processor, http_response);
895 char *temp_registration_access_token =
MCL_NULL;
896 char *temp_registration_uri =
MCL_NULL;
924 MCL_FREE(temp_registration_access_token);
941 MCL_DEBUG_ENTRY(
"security_handler_t *security_handler = <%p>, char **payload = <%p>", security_handler, payload);
947 code =
_add_jwks(root, security_handler);
971 MCL_DEBUG_ENTRY(
"security_handler_t *security_handler = <%p>, char **payload = <%p>", security_handler, payload);
989 code =
_add_jwks(root, security_handler);
1018 MCL_DEBUG_ENTRY(
"mcl_json_t *root = <%p>, security_handler_t *security_handler = <%p>", root, security_handler);
1074 MCL_DEBUG_ENTRY(
"json_t *root = <%p>, mcl_json_t **json_object = <%p>", root, json_object);
1091 MCL_DEBUG_ENTRY(
"core_processor_t *core_processor = <%p>", core_processor);
1155 MCL_DEBUG_ENTRY(
"core_processor_t *core_processor = <%p>", core_processor);
1181 MCL_WARN(
"Credentials will not be saved because callback functions to load/save credentials are not provided.");
1193 const char *head =
"grant_type=client_credentials&client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer&client_assertion=";
1195 MCL_DEBUG_ENTRY(
"core_processor_t *core_processor = <%p>", core_processor);
HTTP definitions module header file.
MCL_CORE_EXPORT mcl_error_t mcl_http_request_initialize(mcl_http_request_t **http_request)
mcl_credentials_save_rsa_callback_t rsa
Callback type to save RSA key.
mcl_error_t json_util_get_string(mcl_json_t *json, char **string_value)
static mcl_error_t _process_registration_response(core_processor_t *core_processor, mcl_http_response_t *http_response, char *correlation_id)
char * client_id
Client id.
char * proxy_hostname
Proxy hostname. Optional.
Credentials of the mcl_core are already up to date.
Credentials are not loaded.
E_MCL_HTTP_STATUS_CODE status_code
Status code of http response.
#define JSON_NAME_ACCESS_TOKEN
void json_util_add_item_to_array(mcl_json_t *root, mcl_json_t *object)
Assert module header file.
mcl_size_t payload_size
Payload size of http response.
mcl_uint16_t proxy_port
Proxy port number. Mandatory if proxy host name is set, ineffective otherwise.
#define JSON_NAME_CLIENT_SECRET
Size of the body of the http request in bytes as mcl_size_t.
Json utility module header file.
MCL_CORE_EXPORT mcl_error_t mcl_http_request_set_parameter(mcl_http_request_t *http_request, E_MCL_HTTP_REQUEST_PARAMETER parameter, const void *value)
MCL_CORE_EXPORT void mcl_http_client_destroy(mcl_http_client_t **http_client)
If the response of server is unexpected.
#define JSON_NAME_REGISTRATION_CLIENT_URI
mcl_uint16_t mindsphere_port
Mindsphere port number.
MCL_CORE_EXPORT mcl_error_t mcl_http_client_initialize(mcl_http_client_configuration_t *configuration, mcl_http_client_t **http_client)
static mcl_error_t _compose_rsa_key_rotation_json(security_handler_t *security_handler, char **payload)
static const char _string_identifier[]
mcl_error_t security_generate_random_bytes(unsigned char *buffer, mcl_size_t size)
mcl_credentials_load_callback_t credentials_load_callback
Custom function for loading credentials. If both credentials_load_callback and credentials_save_callb...
char * jwt_get_token(jwt_t *jwt)
#define MCL_DEBUG_ENTRY(...)
static mcl_error_t _generate_correlation_id_string(char **correlation_id)
mcl_credentials_save_callback_t credentials_save_callback
Custom function for saving credentials. If both credentials_load_callback and credentials_save_callba...
mcl_http_client_t * http_client
Http client handle.
const char * user_agent
User agent.
Http Correlation-ID header name.
mcl_error_t json_util_parse(const char *json_string, mcl_size_t size, mcl_json_t **root)
const char * proxy_username
Proxy username. Optional if proxy host name is set, ineffective otherwise.
E_MCL_PROXY proxy_type
Proxy type E_MCL_PROXY. Mandatory if proxy host name is set, ineffective otherwise.
String utility module header file.
const char * http_header_names[HTTP_HEADER_NAMES_END]
Content type is application json.
mcl_credentials_load_rsa_callback_t rsa
Callback type to load RSA key.
MCL_CORE_EXPORT mcl_error_t mcl_http_request_add_header(mcl_http_request_t *http_request, const char *header_name, const char *header_value)
mcl_error_t json_util_to_string(mcl_json_t *root, char **json_string)
static const char _client_id_format[]
#define MCL_ASSERT_CODE_MESSAGE(condition, return_code,...)
char * tenant
Tenant name.
static mcl_error_t _compose_rsa_onboarding_json(security_handler_t *security_handler, char **payload)
static mcl_error_t _add_jwks(mcl_json_t *root, security_handler_t *security_handler)
mcl_bool_t certificate_is_file
Flag to check if certificate is given as file or string.
mcl_uint16_t proxy_port
Proxy port number. Mandatory if proxy host name is set, ineffective otherwise.
Url of the http request as char*.
Neither initial access token nor loading/saving credentials callback functions are provided...
void json_util_destroy(mcl_json_t **root)
char * user_agent
User agent.
void security_handler_destroy(security_handler_t **security_handler)
static mcl_error_t _add_key_to_keys_array(mcl_json_t *root, mcl_json_t **json_object)
char * public_key
Public key.
mcl_error_t string_util_concatenate(const char *string_1, const char *string_2, char **result)
const char * certificate
Certificate. If it is NULL, default CA certificate store will be used (if available).
E_MCL_SECURITY_PROFILE security_profile
Security profile E_MCL_SECURITY_PROFILE.
mcl_error_t json_util_start_object(mcl_json_t *root, const char *object_name, mcl_json_t **json_object)
If the response of server is HTTP 201.
mcl_error_t jwt_initialize(security_handler_t *security_handler, E_MCL_SECURITY_PROFILE security_profile, char *tenant, jwt_t **jwt)
static mcl_error_t _process_registration_response_shared_secret(core_processor_t *core_processor, mcl_http_response_t *http_response)
Http authorization header.
char * last_token_time
The time at which the last access token is generated by MindSphere.
static mcl_error_t _custom_load_register_info(core_processor_t *core_processor)
mcl_error_t security_handler_initialize(security_handler_t **security_handler)
mcl_uint32_t http_request_timeout
Timeout value (in seconds) for HTTP requests. Default timeout is 300 seconds.
MCL_CORE_EXPORT void mcl_http_request_destroy(mcl_http_request_t **http_request)
Content type is application/x-www-form-urlencoded.
char * private_key
Private key.
static mcl_error_t _process_registration_response_rsa_3072(core_processor_t *core_processor, mcl_http_response_t *http_response)
mcl_uint8_t * payload
Payload of http response.
Definitions module header file.
static const char * _content_type_values[CONTENT_TYPE_VALUES_END]
core_configuration_t * configuration
Configuration parameters.
Http content type header.
#define MCL_ASSERT_STATEMENT_CODE_MESSAGE(condition, statement, return_code,...)
End of content type values.
char * proxy_username
Proxy username. Optional if proxy host name is set, ineffective otherwise.
security_handler_t * security_handler
Security handler.
static mcl_error_t _check_rsa_private_key(core_processor_t *core_processor, char *private_key)
E_MCL_PROXY proxy_type
Proxy type E_MCL_PROXY. Mandatory if proxy host name is set, ineffective otherwise.
Body of the http request as char*. HTTP Request neither copies the buffer, nor takes ownership...
mcl_error_t json_util_start_array(mcl_json_t *root, const char *array_name, mcl_json_t **json_array)
mcl_bool_t certificate_is_file
Flag to check if certificate is given as file or string.
void jwt_destroy(jwt_t **jwt)
Core processor module header file.
static mcl_error_t _compose_access_token_request_payload(core_processor_t *core_processor, char **request_payload)
MCL_CORE_EXPORT mcl_error_t mcl_http_response_get_status(mcl_http_response_t *http_response)
mcl_error_t security_initialize(void)
MCL_CORE_EXPORT mcl_error_t mcl_http_client_send(mcl_http_client_t *http_client, mcl_http_request_t *http_request, mcl_http_response_t **http_response)
mcl_error_t string_util_snprintf(char *string, mcl_size_t length, const char *format,...)
mcl_uint32_t http_request_timeout
Timeout value (in seconds) for HTTP requests. Default timeout is 300 seconds.
mcl_error_t core_processor_initialize(core_configuration_t *configuration, core_processor_t **core_processor)
char * proxy_domain
Proxy domain. Optional if proxy host name and proxy username are set, ineffective otherwise...
void core_processor_destroy(core_processor_t **core_processor)
mcl_credentials_save_shared_secret_callback_t shared_secret
Callback type to save shared secret.
mcl_error_t json_util_get_object_item(mcl_json_t *json_parent, const char *child_name, mcl_json_t **json_child)
char * register_endpoint
Uri for register endpoint.
#define JSON_NAME_REGISTRATION_ACCESS_TOKEN
Uri for registration endpoint.
char * client_secret
Client secret.
static const char * endpoint_uri[ENDPOINT_URI_END]
const char * proxy_domain
Proxy domain. Optional if proxy host name and proxy username are set, ineffective otherwise...
static mcl_error_t _check_client_secret(core_processor_t *core_processor, char *registration_access_token, char *client_secret)
const char * proxy_password
Proxy password. Mandatory if proxy host name and proxy username are set, ineffective otherwise...
#define JSON_NAME_CLIENT_ID
mcl_uint16_t port
Port number.
mcl_error_t security_rsa_get_modulus_and_exponent(char *public_key, char **modulus, char **exponent)
mcl_error_t core_processor_get_access_token(core_processor_t *core_processor)
Security interface header file.
char * registration_uri
Registration URI.
static mcl_error_t _save_credentials(core_processor_t *core_processor)
MCL_CORE_EXPORT void mcl_http_response_destroy(mcl_http_response_t **http_response)
char * registration_access_token
Registration access token.
File utility module header file.
#define MCL_NULL_CHAR_SIZE
mcl_error_t json_util_add_string(mcl_json_t *root, const char *object_name, const char *object_value)
MCL_CORE_EXPORT mcl_error_t mcl_http_response_get_header(mcl_http_response_t *http_response, const char *header_name, char **header_value)
#define MCL_MALLOC(bytes)
void json_util_initialize_json_library(void)
Random module header file.
mcl_error_t json_util_initialize(E_MCL_JSON_TYPE mcl_json_type, mcl_json_t **root)
static mcl_error_t _load_initial_credentials(core_processor_t *core_processor)
char * access_token
Access token.
char * initial_access_token
Initial access token.
mcl_error_t core_processor_update_credentials(core_processor_t *core_processor)
mcl_error_t string_util_strncmp(const char *string_1, const char *string_2, mcl_size_t count)
const char * proxy_hostname
Proxy hostname. Optional.
mcl_credentials_load_shared_secret_callback_t shared_secret
Callback type to load shared secret.
Uri for access token endpoint.
#define MCL_DEBUG_LEAVE(...)
char * mindsphere_certificate
Mindsphere certificate. Optional. If NULL, MCL will use default CA certificate store (if provided at ...
static const char _bearer_format[]
char * token_endpoint
Uri for token endpoint.
Method of the http request as E_MCL_HTTP_METHOD.
mcl_error_t random_generate_guid(char **guid)
Common module interface header file.
char * proxy_password
Proxy password. Mandatory if proxy host name and proxy username are set, ineffective otherwise...
mcl_size_t string_util_strlen(const char *buffer)
#define CORRELATION_ID_BYTE_LENGTH
Time utility module header file.
mcl_error_t core_processor_register(core_processor_t *core_processor)
mcl_error_t security_handler_generate_rsa_key(security_handler_t *security_handler)
Memory module interface header file.