diff options
author | Craig Tiller <ctiller@google.com> | 2016-05-12 16:01:58 -0700 |
---|---|---|
committer | Craig Tiller <ctiller@google.com> | 2016-05-12 16:01:58 -0700 |
commit | 65279fe4e3efea5c474c1ccc5c7bb232bbffbee6 (patch) | |
tree | c344896f76e8d7f2896dc6b0235c0d5655c73fb8 /src/core/lib/security | |
parent | be0d7fe60d9ad3ce2361720abc8a725781631e8f (diff) |
Fix jwt_verifier_test
Diffstat (limited to 'src/core/lib/security')
-rw-r--r-- | src/core/lib/security/credentials/jwt/jwt_verifier.c | 18 |
1 files changed, 13 insertions, 5 deletions
diff --git a/src/core/lib/security/credentials/jwt/jwt_verifier.c b/src/core/lib/security/credentials/jwt/jwt_verifier.c index 66aaae2c5a..bdee6c85f7 100644 --- a/src/core/lib/security/credentials/jwt/jwt_verifier.c +++ b/src/core/lib/security/credentials/jwt/jwt_verifier.c @@ -44,6 +44,7 @@ #include <grpc/support/log.h> #include <grpc/support/string_util.h> #include <grpc/support/sync.h> +#include <grpc/support/useful.h> #include <openssl/pem.h> /* --- Utils. --- */ @@ -329,7 +330,7 @@ typedef struct { gpr_slice signed_data; void *user_data; grpc_jwt_verification_done_cb user_cb; - grpc_http_response response; + grpc_http_response responses[2]; } verifier_cb_ctx; /* Takes ownership of the header, claims and signature. */ @@ -358,6 +359,9 @@ void verifier_cb_ctx_destroy(verifier_cb_ctx *ctx) { gpr_slice_unref(ctx->signature); gpr_slice_unref(ctx->signed_data); jose_header_destroy(ctx->header); + for (size_t i = 0; i < GPR_ARRAY_SIZE(ctx->responses); i++) { + grpc_http_response_destroy(&ctx->responses[i]); + } /* TODO: see what to do with claims... */ gpr_free(ctx); } @@ -574,7 +578,7 @@ end: static void on_keys_retrieved(grpc_exec_ctx *exec_ctx, void *user_data, grpc_error *error) { verifier_cb_ctx *ctx = (verifier_cb_ctx *)user_data; - grpc_json *json = json_from_http(&ctx->response); + grpc_json *json = json_from_http(&ctx->responses[1]); EVP_PKEY *verification_key = NULL; grpc_jwt_verifier_status status = GRPC_JWT_VERIFIER_GENERIC_ERROR; grpc_jwt_claims *claims = NULL; @@ -616,7 +620,7 @@ static void on_openid_config_retrieved(grpc_exec_ctx *exec_ctx, void *user_data, grpc_error *error) { const grpc_json *cur; verifier_cb_ctx *ctx = (verifier_cb_ctx *)user_data; - const grpc_http_response *response = &ctx->response; + const grpc_http_response *response = &ctx->responses[0]; grpc_json *json = json_from_http(response); grpc_httpcli_request req; const char *jwks_uri; @@ -643,10 +647,11 @@ static void on_openid_config_retrieved(grpc_exec_ctx *exec_ctx, void *user_data, } else { *(req.host + (req.http.path - jwks_uri)) = '\0'; } + grpc_httpcli_get( exec_ctx, &ctx->verifier->http_ctx, ctx->pollset, &req, gpr_time_add(gpr_now(GPR_CLOCK_REALTIME), grpc_jwt_verifier_max_delay), - grpc_closure_create(on_keys_retrieved, ctx), &ctx->response); + grpc_closure_create(on_keys_retrieved, ctx), &ctx->responses[1]); grpc_json_destroy(json); gpr_free(req.host); return; @@ -694,6 +699,7 @@ static void retrieve_key_and_verify(grpc_exec_ctx *exec_ctx, grpc_httpcli_request req; memset(&req, 0, sizeof(grpc_httpcli_request)); req.handshaker = &grpc_httpcli_ssl; + int rsp_idx; GPR_ASSERT(ctx != NULL && ctx->header != NULL && ctx->claims != NULL); iss = ctx->claims->iss; @@ -733,6 +739,7 @@ static void retrieve_key_and_verify(grpc_exec_ctx *exec_ctx, gpr_asprintf(&req.http.path, "/%s/%s", path_prefix, iss); } http_cb = grpc_closure_create(on_keys_retrieved, ctx); + rsp_idx = 1; } else { req.host = gpr_strdup(strstr(iss, "https://") == iss ? iss + 8 : iss); path_prefix = strchr(req.host, '/'); @@ -744,12 +751,13 @@ static void retrieve_key_and_verify(grpc_exec_ctx *exec_ctx, GRPC_OPENID_CONFIG_URL_SUFFIX); } http_cb = grpc_closure_create(on_openid_config_retrieved, ctx); + rsp_idx = 0; } grpc_httpcli_get( exec_ctx, &ctx->verifier->http_ctx, ctx->pollset, &req, gpr_time_add(gpr_now(GPR_CLOCK_REALTIME), grpc_jwt_verifier_max_delay), - http_cb, &ctx->response); + http_cb, &ctx->responses[rsp_idx]); gpr_free(req.host); gpr_free(req.http.path); return; |