Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 1 | /* |
| 2 | * |
Craig Tiller | 6169d5f | 2016-03-31 07:46:18 -0700 | [diff] [blame] | 3 | * Copyright 2015, Google Inc. |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 4 | * All rights reserved. |
| 5 | * |
| 6 | * Redistribution and use in source and binary forms, with or without |
| 7 | * modification, are permitted provided that the following conditions are |
| 8 | * met: |
| 9 | * |
| 10 | * * Redistributions of source code must retain the above copyright |
| 11 | * notice, this list of conditions and the following disclaimer. |
| 12 | * * Redistributions in binary form must reproduce the above |
| 13 | * copyright notice, this list of conditions and the following disclaimer |
| 14 | * in the documentation and/or other materials provided with the |
| 15 | * distribution. |
| 16 | * * Neither the name of Google Inc. nor the names of its |
| 17 | * contributors may be used to endorse or promote products derived from |
| 18 | * this software without specific prior written permission. |
| 19 | * |
| 20 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
| 21 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
| 22 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR |
| 23 | * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT |
| 24 | * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
| 25 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
| 26 | * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
| 27 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
| 28 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| 29 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
| 30 | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 31 | * |
| 32 | */ |
| 33 | |
| 34 | #include <stdio.h> |
| 35 | #include <string.h> |
| 36 | |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 37 | #include <grpc/grpc.h> |
| 38 | #include <grpc/grpc_security.h> |
Craig Tiller | 28b7242 | 2016-10-26 21:15:29 -0700 | [diff] [blame] | 39 | #include <grpc/slice.h> |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 40 | #include <grpc/support/alloc.h> |
| 41 | #include <grpc/support/cmdline.h> |
| 42 | #include <grpc/support/log.h> |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 43 | #include <grpc/support/sync.h> |
| 44 | |
Julien Boeuf | 8ca294e | 2016-05-02 14:56:30 -0700 | [diff] [blame] | 45 | #include "src/core/lib/security/credentials/jwt/jwt_verifier.h" |
Craig Tiller | 69b093b | 2016-02-25 19:04:07 -0800 | [diff] [blame] | 46 | |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 47 | typedef struct { |
Craig Tiller | 69b093b | 2016-02-25 19:04:07 -0800 | [diff] [blame] | 48 | grpc_pollset *pollset; |
| 49 | gpr_mu *mu; |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 50 | int is_done; |
| 51 | int success; |
| 52 | } synchronizer; |
| 53 | |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 54 | static void print_usage_and_exit(gpr_cmdline *cl, const char *argv0) { |
| 55 | char *usage = gpr_cmdline_usage_string(cl, argv0); |
| 56 | fprintf(stderr, "%s", usage); |
| 57 | gpr_free(usage); |
| 58 | gpr_cmdline_destroy(cl); |
| 59 | exit(1); |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 60 | } |
| 61 | |
Craig Tiller | 3cf7922 | 2016-11-14 08:02:45 -0800 | [diff] [blame] | 62 | static void on_jwt_verification_done(grpc_exec_ctx *exec_ctx, void *user_data, |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 63 | grpc_jwt_verifier_status status, |
| 64 | grpc_jwt_claims *claims) { |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 65 | synchronizer *sync = user_data; |
| 66 | |
| 67 | sync->success = (status == GRPC_JWT_VERIFIER_OK); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 68 | if (sync->success) { |
| 69 | char *claims_str; |
| 70 | GPR_ASSERT(claims != NULL); |
| 71 | claims_str = |
| 72 | grpc_json_dump_to_string((grpc_json *)grpc_jwt_claims_json(claims), 2); |
| 73 | printf("Claims: \n\n%s\n", claims_str); |
| 74 | gpr_free(claims_str); |
Craig Tiller | 3cf7922 | 2016-11-14 08:02:45 -0800 | [diff] [blame] | 75 | grpc_jwt_claims_destroy(exec_ctx, claims); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 76 | } else { |
| 77 | GPR_ASSERT(claims == NULL); |
| 78 | fprintf(stderr, "Verification failed with error %s\n", |
| 79 | grpc_jwt_verifier_status_to_string(status)); |
| 80 | } |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 81 | |
Craig Tiller | 69b093b | 2016-02-25 19:04:07 -0800 | [diff] [blame] | 82 | gpr_mu_lock(sync->mu); |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 83 | sync->is_done = 1; |
Craig Tiller | 1aee536 | 2016-05-07 11:26:50 -0700 | [diff] [blame] | 84 | GRPC_LOG_IF_ERROR("pollset_kick", grpc_pollset_kick(sync->pollset, NULL)); |
Craig Tiller | 69b093b | 2016-02-25 19:04:07 -0800 | [diff] [blame] | 85 | gpr_mu_unlock(sync->mu); |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 86 | } |
| 87 | |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 88 | int main(int argc, char **argv) { |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 89 | synchronizer sync; |
| 90 | grpc_jwt_verifier *verifier; |
| 91 | gpr_cmdline *cl; |
| 92 | char *jwt = NULL; |
| 93 | char *aud = NULL; |
Craig Tiller | f5768a6 | 2015-09-22 10:54:34 -0700 | [diff] [blame] | 94 | grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT; |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 95 | |
Julien Boeuf | 964d7bb | 2016-11-17 16:59:48 -0800 | [diff] [blame] | 96 | grpc_init(); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 97 | cl = gpr_cmdline_create("JWT verifier tool"); |
| 98 | gpr_cmdline_add_string(cl, "jwt", "JSON web token to verify", &jwt); |
| 99 | gpr_cmdline_add_string(cl, "aud", "Audience for the JWT", &aud); |
| 100 | gpr_cmdline_parse(cl, argc, argv); |
| 101 | if (jwt == NULL || aud == NULL) { |
| 102 | print_usage_and_exit(cl, argv[0]); |
| 103 | } |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 104 | |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 105 | verifier = grpc_jwt_verifier_create(NULL, 0); |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 106 | |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 107 | grpc_init(); |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 108 | |
Yuchen Zeng | 47de64c | 2017-02-22 19:04:38 -0800 | [diff] [blame] | 109 | sync.pollset = gpr_zalloc(grpc_pollset_size()); |
Craig Tiller | 69b093b | 2016-02-25 19:04:07 -0800 | [diff] [blame] | 110 | grpc_pollset_init(sync.pollset, &sync.mu); |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 111 | sync.is_done = 0; |
| 112 | |
Craig Tiller | 69b093b | 2016-02-25 19:04:07 -0800 | [diff] [blame] | 113 | grpc_jwt_verifier_verify(&exec_ctx, verifier, sync.pollset, jwt, aud, |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 114 | on_jwt_verification_done, &sync); |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 115 | |
Craig Tiller | 69b093b | 2016-02-25 19:04:07 -0800 | [diff] [blame] | 116 | gpr_mu_lock(sync.mu); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 117 | while (!sync.is_done) { |
Craig Tiller | 3633ce4 | 2016-02-18 08:08:53 -0800 | [diff] [blame] | 118 | grpc_pollset_worker *worker = NULL; |
Craig Tiller | 1aee536 | 2016-05-07 11:26:50 -0700 | [diff] [blame] | 119 | if (!GRPC_LOG_IF_ERROR( |
| 120 | "pollset_work", |
| 121 | grpc_pollset_work(&exec_ctx, sync.pollset, &worker, |
| 122 | gpr_now(GPR_CLOCK_MONOTONIC), |
| 123 | gpr_inf_future(GPR_CLOCK_MONOTONIC)))) |
| 124 | sync.is_done = true; |
Craig Tiller | 69b093b | 2016-02-25 19:04:07 -0800 | [diff] [blame] | 125 | gpr_mu_unlock(sync.mu); |
Craig Tiller | 9e5ac1b | 2017-02-14 22:25:50 -0800 | [diff] [blame] | 126 | grpc_exec_ctx_flush(&exec_ctx); |
Craig Tiller | 69b093b | 2016-02-25 19:04:07 -0800 | [diff] [blame] | 127 | gpr_mu_lock(sync.mu); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 128 | } |
Craig Tiller | 69b093b | 2016-02-25 19:04:07 -0800 | [diff] [blame] | 129 | gpr_mu_unlock(sync.mu); |
| 130 | |
| 131 | gpr_free(sync.pollset); |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 132 | |
Craig Tiller | 9e5ac1b | 2017-02-14 22:25:50 -0800 | [diff] [blame] | 133 | grpc_jwt_verifier_destroy(&exec_ctx, verifier); |
| 134 | grpc_exec_ctx_finish(&exec_ctx); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 135 | gpr_cmdline_destroy(cl); |
Julien Boeuf | 964d7bb | 2016-11-17 16:59:48 -0800 | [diff] [blame] | 136 | grpc_shutdown(); |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 137 | return !sync.success; |
| 138 | } |