aboutsummaryrefslogtreecommitdiffhomepage
path: root/src/core/lib/security
diff options
context:
space:
mode:
authorGravatar Craig Tiller <ctiller@google.com>2016-05-12 16:01:58 -0700
committerGravatar Craig Tiller <ctiller@google.com>2016-05-12 16:01:58 -0700
commit65279fe4e3efea5c474c1ccc5c7bb232bbffbee6 (patch)
treec344896f76e8d7f2896dc6b0235c0d5655c73fb8 /src/core/lib/security
parentbe0d7fe60d9ad3ce2361720abc8a725781631e8f (diff)
Fix jwt_verifier_test
Diffstat (limited to 'src/core/lib/security')
-rw-r--r--src/core/lib/security/credentials/jwt/jwt_verifier.c18
1 files changed, 13 insertions, 5 deletions
diff --git a/src/core/lib/security/credentials/jwt/jwt_verifier.c b/src/core/lib/security/credentials/jwt/jwt_verifier.c
index 66aaae2c5a..bdee6c85f7 100644
--- a/src/core/lib/security/credentials/jwt/jwt_verifier.c
+++ b/src/core/lib/security/credentials/jwt/jwt_verifier.c
@@ -44,6 +44,7 @@
#include <grpc/support/log.h>
#include <grpc/support/string_util.h>
#include <grpc/support/sync.h>
+#include <grpc/support/useful.h>
#include <openssl/pem.h>
/* --- Utils. --- */
@@ -329,7 +330,7 @@ typedef struct {
gpr_slice signed_data;
void *user_data;
grpc_jwt_verification_done_cb user_cb;
- grpc_http_response response;
+ grpc_http_response responses[2];
} verifier_cb_ctx;
/* Takes ownership of the header, claims and signature. */
@@ -358,6 +359,9 @@ void verifier_cb_ctx_destroy(verifier_cb_ctx *ctx) {
gpr_slice_unref(ctx->signature);
gpr_slice_unref(ctx->signed_data);
jose_header_destroy(ctx->header);
+ for (size_t i = 0; i < GPR_ARRAY_SIZE(ctx->responses); i++) {
+ grpc_http_response_destroy(&ctx->responses[i]);
+ }
/* TODO: see what to do with claims... */
gpr_free(ctx);
}
@@ -574,7 +578,7 @@ end:
static void on_keys_retrieved(grpc_exec_ctx *exec_ctx, void *user_data,
grpc_error *error) {
verifier_cb_ctx *ctx = (verifier_cb_ctx *)user_data;
- grpc_json *json = json_from_http(&ctx->response);
+ grpc_json *json = json_from_http(&ctx->responses[1]);
EVP_PKEY *verification_key = NULL;
grpc_jwt_verifier_status status = GRPC_JWT_VERIFIER_GENERIC_ERROR;
grpc_jwt_claims *claims = NULL;
@@ -616,7 +620,7 @@ static void on_openid_config_retrieved(grpc_exec_ctx *exec_ctx, void *user_data,
grpc_error *error) {
const grpc_json *cur;
verifier_cb_ctx *ctx = (verifier_cb_ctx *)user_data;
- const grpc_http_response *response = &ctx->response;
+ const grpc_http_response *response = &ctx->responses[0];
grpc_json *json = json_from_http(response);
grpc_httpcli_request req;
const char *jwks_uri;
@@ -643,10 +647,11 @@ static void on_openid_config_retrieved(grpc_exec_ctx *exec_ctx, void *user_data,
} else {
*(req.host + (req.http.path - jwks_uri)) = '\0';
}
+
grpc_httpcli_get(
exec_ctx, &ctx->verifier->http_ctx, ctx->pollset, &req,
gpr_time_add(gpr_now(GPR_CLOCK_REALTIME), grpc_jwt_verifier_max_delay),
- grpc_closure_create(on_keys_retrieved, ctx), &ctx->response);
+ grpc_closure_create(on_keys_retrieved, ctx), &ctx->responses[1]);
grpc_json_destroy(json);
gpr_free(req.host);
return;
@@ -694,6 +699,7 @@ static void retrieve_key_and_verify(grpc_exec_ctx *exec_ctx,
grpc_httpcli_request req;
memset(&req, 0, sizeof(grpc_httpcli_request));
req.handshaker = &grpc_httpcli_ssl;
+ int rsp_idx;
GPR_ASSERT(ctx != NULL && ctx->header != NULL && ctx->claims != NULL);
iss = ctx->claims->iss;
@@ -733,6 +739,7 @@ static void retrieve_key_and_verify(grpc_exec_ctx *exec_ctx,
gpr_asprintf(&req.http.path, "/%s/%s", path_prefix, iss);
}
http_cb = grpc_closure_create(on_keys_retrieved, ctx);
+ rsp_idx = 1;
} else {
req.host = gpr_strdup(strstr(iss, "https://") == iss ? iss + 8 : iss);
path_prefix = strchr(req.host, '/');
@@ -744,12 +751,13 @@ static void retrieve_key_and_verify(grpc_exec_ctx *exec_ctx,
GRPC_OPENID_CONFIG_URL_SUFFIX);
}
http_cb = grpc_closure_create(on_openid_config_retrieved, ctx);
+ rsp_idx = 0;
}
grpc_httpcli_get(
exec_ctx, &ctx->verifier->http_ctx, ctx->pollset, &req,
gpr_time_add(gpr_now(GPR_CLOCK_REALTIME), grpc_jwt_verifier_max_delay),
- http_cb, &ctx->response);
+ http_cb, &ctx->responses[rsp_idx]);
gpr_free(req.host);
gpr_free(req.http.path);
return;