Iddawc
Handle the flow of OAuth2 and OpenID Connect authentication process from the client side.
Data Structures | Macros | Enumerations | Functions
iddawc.h File Reference
#include <jansson.h>
#include <orcania.h>
#include <ulfius.h>
#include <rhonabwy.h>
#include "iddawc-cfg.h"

Go to the source code of this file.

Data Structures

struct  _i_session
 

Macros

#define I_OK   0
 Success. More...
 
#define I_ERROR   1
 Error. More...
 
#define I_ERROR_PARAM   2
 Error in parameters. More...
 
#define I_ERROR_MEMORY   3
 Memory error. More...
 
#define I_ERROR_UNAUTHORIZED   4
 Request unauthorized. More...
 
#define I_ERROR_SERVER   5
 Server error. More...
 
#define I_RESPONSE_TYPE_NONE   0x00000000
 No response type. More...
 
#define I_RESPONSE_TYPE_CODE   0x00000001
 Response type code. More...
 
#define I_RESPONSE_TYPE_TOKEN   0x00000010
 Response type token. More...
 
#define I_RESPONSE_TYPE_ID_TOKEN   0x00000100
 Response type id_token. More...
 
#define I_RESPONSE_TYPE_PASSWORD   0x00001000
 Grant type password. More...
 
#define I_RESPONSE_TYPE_CLIENT_CREDENTIALS   0x00010000
 Grant type client_credentials. More...
 
#define I_RESPONSE_TYPE_REFRESH_TOKEN   0x00100000
 Grant type refresh_token. More...
 
#define I_RESPONSE_TYPE_DEVICE_CODE   0x01000000
 Grant type urn:ietf:params:oauth:grant-type:device_code. More...
 
#define I_AUTH_METHOD_GET   0x00000001
 access auth endpoint using GET method More...
 
#define I_AUTH_METHOD_POST   0x00000010
 access auth endpoint using POST method More...
 
#define I_AUTH_METHOD_JWT_SIGN_SECRET   0x00000100
 access auth endpoint using a JWT signed with the client secret More...
 
#define I_AUTH_METHOD_JWT_SIGN_PRIVKEY   0x00001000
 access auth endpoint using a JWT signed with the client private key More...
 
#define I_AUTH_METHOD_JWT_ENCRYPT_SECRET   0x00010000
 access auth endpoint using a JWT encrypted with the client secret More...
 
#define I_AUTH_METHOD_JWT_ENCRYPT_PUBKEY   0x00100000
 access auth endpoint using a JWT encrypted with the client private key More...
 
#define I_TOKEN_AUTH_METHOD_SECRET_BASIC   0
 access token endpoint using HTTP basic auth with client_id and client password More...
 
#define I_TOKEN_AUTH_METHOD_SECRET_POST   1
 access token endpoint using secret send in POST parameters More...
 
#define I_TOKEN_AUTH_METHOD_SECRET_JWT   2
 access token endpoint using a JWT signed with the client secret More...
 
#define I_TOKEN_AUTH_METHOD_PRIVATE_JWT   3
 access token endpoint using a JWT signed with the client private key More...
 
#define I_TOKEN_AUTH_METHOD_NONE   4
 access token endpoint using no authentication More...
 
#define I_STRICT_NO   0
 Do not stricly conform to openid config result. More...
 
#define I_STRICT_YES   1
 Stricly conform to openid config result. More...
 
#define I_AUTH_SIGN_ALG_MAX_LENGTH   8
 Max length of a sign algorithm name. More...
 
#define I_BEARER_TYPE_HEADER   0
 Bearer type header, the token will be available in the header. More...
 
#define I_BEARER_TYPE_BODY   1
 Bearer type body, the token will be available as a body url-encoded parameter. More...
 
#define I_BEARER_TYPE_URL   2
 Bearer type url, the token will be available as a url query parameter. More...
 
#define I_HEADER_PREFIX_BEARER   "Bearer "
 
#define I_HEADER_AUTHORIZATION   "Authorization"
 
#define I_BODY_URL_PARAMETER   "access_token"
 
#define I_HEADER_DPOP   "DPoP"
 

Enumerations

enum  i_option {
  I_OPT_NONE = 0 , I_OPT_RESPONSE_TYPE = 1 , I_OPT_SCOPE = 2 , I_OPT_SCOPE_APPEND = 3 ,
  I_OPT_STATE = 4 , I_OPT_NONCE = 5 , I_OPT_REDIRECT_URI = 6 , I_OPT_REDIRECT_TO = 7 ,
  I_OPT_CLIENT_ID = 8 , I_OPT_CLIENT_SECRET = 9 , I_OPT_ADDITIONAL_PARAMETER = 10 , I_OPT_ADDITIONAL_RESPONSE = 11 ,
  I_OPT_AUTH_ENDPOINT = 12 , I_OPT_TOKEN_ENDPOINT = 13 , I_OPT_OPENID_CONFIG_ENDPOINT = 14 , I_OPT_OPENID_CONFIG = 15 ,
  I_OPT_OPENID_CONFIG_STRICT = 16 , I_OPT_USERINFO_ENDPOINT = 17 , I_OPT_RESULT = 18 , I_OPT_ERROR = 19 ,
  I_OPT_ERROR_DESCRIPTION = 20 , I_OPT_ERROR_URI = 21 , I_OPT_CODE = 22 , I_OPT_REFRESH_TOKEN = 23 ,
  I_OPT_ACCESS_TOKEN = 24 , I_OPT_ID_TOKEN = 25 , I_OPT_AUTH_METHOD = 28 , I_OPT_TOKEN_METHOD = 29 ,
  I_OPT_TOKEN_TYPE = 30 , I_OPT_EXPIRES_IN = 31 , I_OPT_EXPIRES_AT = 32 , I_OPT_USERNAME = 33 ,
  I_OPT_USER_PASSWORD = 34 , I_OPT_ISSUER = 35 , I_OPT_USERINFO = 36 , I_OPT_NONCE_GENERATE = 37 ,
  I_OPT_STATE_GENERATE = 38 , I_OPT_X5U_FLAGS = 39 , I_OPT_SERVER_KID = 40 , I_OPT_CLIENT_KID = 41 ,
  I_OPT_CLIENT_SIGN_ALG = 42 , I_OPT_CLIENT_ENC_ALG = 43 , I_OPT_CLIENT_ENC = 44 , I_OPT_TOKEN_JTI = 45 ,
  I_OPT_TOKEN_JTI_GENERATE = 46 , I_OPT_TOKEN_EXP = 47 , I_OPT_TOKEN_TARGET = 48 , I_OPT_TOKEN_TARGET_TYPE_HINT = 49 ,
  I_OPT_REVOCATION_ENDPOINT = 50 , I_OPT_INTROSPECTION_ENDPOINT = 51 , I_OPT_REGISTRATION_ENDPOINT = 52 , I_OPT_DEVICE_AUTHORIZATION_ENDPOINT = 53 ,
  I_OPT_DEVICE_AUTH_CODE = 54 , I_OPT_DEVICE_AUTH_USER_CODE = 55 , I_OPT_DEVICE_AUTH_VERIFICATION_URI = 56 , I_OPT_DEVICE_AUTH_VERIFICATION_URI_COMPLETE = 57 ,
  I_OPT_DEVICE_AUTH_EXPIRES_IN = 58 , I_OPT_DEVICE_AUTH_INTERVAL = 59 , I_OPT_END_SESSION_ENDPOINT = 60 , I_OPT_CHECK_SESSION_IRAME = 61 ,
  I_OPT_PUSHED_AUTH_REQ_ENDPOINT = 62 , I_OPT_PUSHED_AUTH_REQ_REQUIRED = 63 , I_OPT_PUSHED_AUTH_REQ_EXPIRES_IN = 64 , I_OPT_PUSHED_AUTH_REQ_URI = 65
}
 

Functions

int i_global_init ()
 
void i_global_close ()
 
void i_free (void *data)
 
int i_init_session (struct _i_session *i_session)
 
void i_clean_session (struct _i_session *i_session)
 
int i_set_response_type (struct _i_session *i_session, uint i_value)
 
int i_set_result (struct _i_session *i_session, uint i_value)
 
int i_set_int_parameter (struct _i_session *i_session, i_option option, uint i_value)
 
int i_set_str_parameter (struct _i_session *i_session, i_option option, const char *s_value)
 
int i_set_additional_parameter (struct _i_session *i_session, const char *s_key, const char *s_value)
 
int i_set_additional_response (struct _i_session *i_session, const char *s_key, const char *s_value)
 
int i_set_rich_authorization_request (struct _i_session *i_session, const char *type, const char *value)
 
int i_remove_rich_authorization_request (struct _i_session *i_session, const char *type)
 
char * i_get_rich_authorization_request (struct _i_session *i_session, const char *type)
 
uint i_get_response_type (struct _i_session *i_session)
 
uint i_get_result (struct _i_session *i_session)
 
uint i_get_int_parameter (struct _i_session *i_session, i_option option)
 
const char * i_get_str_parameter (struct _i_session *i_session, i_option option)
 
const char * i_get_additional_parameter (struct _i_session *i_session, const char *s_key)
 
const char * i_get_additional_response (struct _i_session *i_session, const char *s_key)
 
int i_set_parameter_list (struct _i_session *i_session,...)
 
json_t * i_export_session_json_t (struct _i_session *i_session)
 
int i_import_session_json_t (struct _i_session *i_session, json_t *j_import)
 
char * i_export_session_str (struct _i_session *i_session)
 
int i_import_session_str (struct _i_session *i_session, const char *str_import)
 
int i_load_openid_config (struct _i_session *i_session)
 
int i_build_auth_url_get (struct _i_session *i_session)
 
int i_run_auth_request (struct _i_session *i_session)
 
int i_parse_redirect_to (struct _i_session *i_session)
 
int i_run_token_request (struct _i_session *i_session)
 
int i_verify_id_token (struct _i_session *i_session)
 
int i_load_userinfo (struct _i_session *i_session)
 
int i_load_userinfo_custom (struct _i_session *i_session, const char *http_method, struct _u_map *additional_query, struct _u_map *additional_headers)
 
int i_introspect_token (struct _i_session *i_session, json_t **j_result)
 
int i_revoke_token (struct _i_session *i_session)
 
int i_register_client (struct _i_session *i_session, json_t *j_parameters, int update_session, json_t **j_result)
 
char * i_generate_dpop_token (struct _i_session *i_session, const char *htm, const char *htu, time_t iat)
 
int i_perform_api_request (struct _i_session *i_session, struct _u_request *http_request, struct _u_response *http_response, int refresh_if_expired, int bearer_type, int use_dpop, time_t dpop_iat)
 
int i_run_par_request (struct _i_session *i_session)
 
int i_run_device_auth_request (struct _i_session *i_session)