Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 1 | /* |
| 2 | * |
Jan Tattermusch | 7897ae9 | 2017-06-07 22:57:36 +0200 | [diff] [blame] | 3 | * Copyright 2015 gRPC authors. |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 4 | * |
Jan Tattermusch | 7897ae9 | 2017-06-07 22:57:36 +0200 | [diff] [blame] | 5 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 6 | * you may not use this file except in compliance with the License. |
| 7 | * You may obtain a copy of the License at |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 8 | * |
Jan Tattermusch | 7897ae9 | 2017-06-07 22:57:36 +0200 | [diff] [blame] | 9 | * http://www.apache.org/licenses/LICENSE-2.0 |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 10 | * |
Jan Tattermusch | 7897ae9 | 2017-06-07 22:57:36 +0200 | [diff] [blame] | 11 | * Unless required by applicable law or agreed to in writing, software |
| 12 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 14 | * See the License for the specific language governing permissions and |
| 15 | * limitations under the License. |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 16 | * |
| 17 | */ |
| 18 | |
| 19 | #include <stdio.h> |
| 20 | #include <string.h> |
| 21 | |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 22 | #include <grpc/grpc.h> |
| 23 | #include <grpc/grpc_security.h> |
Craig Tiller | 28b7242 | 2016-10-26 21:15:29 -0700 | [diff] [blame] | 24 | #include <grpc/slice.h> |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 25 | #include <grpc/support/alloc.h> |
| 26 | #include <grpc/support/cmdline.h> |
| 27 | #include <grpc/support/log.h> |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 28 | #include <grpc/support/sync.h> |
| 29 | |
Julien Boeuf | 8ca294e | 2016-05-02 14:56:30 -0700 | [diff] [blame] | 30 | #include "src/core/lib/security/credentials/jwt/jwt_verifier.h" |
Craig Tiller | 69b093b | 2016-02-25 19:04:07 -0800 | [diff] [blame] | 31 | |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 32 | typedef struct { |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 33 | grpc_pollset* pollset; |
| 34 | gpr_mu* mu; |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 35 | int is_done; |
| 36 | int success; |
| 37 | } synchronizer; |
| 38 | |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 39 | static void print_usage_and_exit(gpr_cmdline* cl, const char* argv0) { |
| 40 | char* usage = gpr_cmdline_usage_string(cl, argv0); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 41 | fprintf(stderr, "%s", usage); |
| 42 | gpr_free(usage); |
| 43 | gpr_cmdline_destroy(cl); |
| 44 | exit(1); |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 45 | } |
| 46 | |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame^] | 47 | static void on_jwt_verification_done(void* user_data, |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 48 | grpc_jwt_verifier_status status, |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 49 | grpc_jwt_claims* claims) { |
Yash Tibrewal | 40422d5 | 2017-11-06 14:39:17 -0800 | [diff] [blame] | 50 | synchronizer* sync = static_cast<synchronizer*>(user_data); |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 51 | |
| 52 | sync->success = (status == GRPC_JWT_VERIFIER_OK); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 53 | if (sync->success) { |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 54 | char* claims_str; |
Craig Tiller | 4ac2b8e | 2017-11-10 14:14:17 -0800 | [diff] [blame] | 55 | GPR_ASSERT(claims != nullptr); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 56 | claims_str = |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 57 | grpc_json_dump_to_string((grpc_json*)grpc_jwt_claims_json(claims), 2); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 58 | printf("Claims: \n\n%s\n", claims_str); |
| 59 | gpr_free(claims_str); |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame^] | 60 | grpc_jwt_claims_destroy(claims); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 61 | } else { |
Craig Tiller | 4ac2b8e | 2017-11-10 14:14:17 -0800 | [diff] [blame] | 62 | GPR_ASSERT(claims == nullptr); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 63 | fprintf(stderr, "Verification failed with error %s\n", |
| 64 | grpc_jwt_verifier_status_to_string(status)); |
| 65 | } |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 66 | |
Craig Tiller | 69b093b | 2016-02-25 19:04:07 -0800 | [diff] [blame] | 67 | gpr_mu_lock(sync->mu); |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 68 | sync->is_done = 1; |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame^] | 69 | GRPC_LOG_IF_ERROR("pollset_kick", grpc_pollset_kick(sync->pollset, nullptr)); |
Craig Tiller | 69b093b | 2016-02-25 19:04:07 -0800 | [diff] [blame] | 70 | gpr_mu_unlock(sync->mu); |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 71 | } |
| 72 | |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 73 | int main(int argc, char** argv) { |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 74 | synchronizer sync; |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 75 | grpc_jwt_verifier* verifier; |
| 76 | gpr_cmdline* cl; |
Craig Tiller | 4ac2b8e | 2017-11-10 14:14:17 -0800 | [diff] [blame] | 77 | const char* jwt = nullptr; |
| 78 | const char* aud = nullptr; |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame^] | 79 | grpc_core::ExecCtx exec_ctx; |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 80 | |
Julien Boeuf | 964d7bb | 2016-11-17 16:59:48 -0800 | [diff] [blame] | 81 | grpc_init(); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 82 | cl = gpr_cmdline_create("JWT verifier tool"); |
| 83 | gpr_cmdline_add_string(cl, "jwt", "JSON web token to verify", &jwt); |
| 84 | gpr_cmdline_add_string(cl, "aud", "Audience for the JWT", &aud); |
| 85 | gpr_cmdline_parse(cl, argc, argv); |
Craig Tiller | 4ac2b8e | 2017-11-10 14:14:17 -0800 | [diff] [blame] | 86 | if (jwt == nullptr || aud == nullptr) { |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 87 | print_usage_and_exit(cl, argv[0]); |
| 88 | } |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 89 | |
Craig Tiller | 4ac2b8e | 2017-11-10 14:14:17 -0800 | [diff] [blame] | 90 | verifier = grpc_jwt_verifier_create(nullptr, 0); |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 91 | |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 92 | grpc_init(); |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 93 | |
Yash Tibrewal | 40422d5 | 2017-11-06 14:39:17 -0800 | [diff] [blame] | 94 | sync.pollset = static_cast<grpc_pollset*>(gpr_zalloc(grpc_pollset_size())); |
Craig Tiller | 69b093b | 2016-02-25 19:04:07 -0800 | [diff] [blame] | 95 | grpc_pollset_init(sync.pollset, &sync.mu); |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 96 | sync.is_done = 0; |
| 97 | |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame^] | 98 | grpc_jwt_verifier_verify(verifier, sync.pollset, jwt, aud, |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 99 | on_jwt_verification_done, &sync); |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 100 | |
Craig Tiller | 69b093b | 2016-02-25 19:04:07 -0800 | [diff] [blame] | 101 | gpr_mu_lock(sync.mu); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 102 | while (!sync.is_done) { |
Craig Tiller | 4ac2b8e | 2017-11-10 14:14:17 -0800 | [diff] [blame] | 103 | grpc_pollset_worker* worker = nullptr; |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame^] | 104 | if (!GRPC_LOG_IF_ERROR( |
| 105 | "pollset_work", |
| 106 | grpc_pollset_work(sync.pollset, &worker, GRPC_MILLIS_INF_FUTURE))) |
Craig Tiller | 1aee536 | 2016-05-07 11:26:50 -0700 | [diff] [blame] | 107 | sync.is_done = true; |
Craig Tiller | 69b093b | 2016-02-25 19:04:07 -0800 | [diff] [blame] | 108 | gpr_mu_unlock(sync.mu); |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame^] | 109 | grpc_core::ExecCtx::Get()->Flush(); |
Craig Tiller | 69b093b | 2016-02-25 19:04:07 -0800 | [diff] [blame] | 110 | gpr_mu_lock(sync.mu); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 111 | } |
Craig Tiller | 69b093b | 2016-02-25 19:04:07 -0800 | [diff] [blame] | 112 | gpr_mu_unlock(sync.mu); |
| 113 | |
| 114 | gpr_free(sync.pollset); |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 115 | |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame^] | 116 | grpc_jwt_verifier_destroy(verifier); |
| 117 | |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 118 | gpr_cmdline_destroy(cl); |
Julien Boeuf | 964d7bb | 2016-11-17 16:59:48 -0800 | [diff] [blame] | 119 | grpc_shutdown(); |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 120 | return !sync.success; |
| 121 | } |