Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 1 | /* |
| 2 | * |
Jan Tattermusch | 7897ae9 | 2017-06-07 22:57:36 +0200 | [diff] [blame] | 3 | * Copyright 2015 gRPC authors. |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 4 | * |
Jan Tattermusch | 7897ae9 | 2017-06-07 22:57:36 +0200 | [diff] [blame] | 5 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 6 | * you may not use this file except in compliance with the License. |
| 7 | * You may obtain a copy of the License at |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 8 | * |
Jan Tattermusch | 7897ae9 | 2017-06-07 22:57:36 +0200 | [diff] [blame] | 9 | * http://www.apache.org/licenses/LICENSE-2.0 |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 10 | * |
Jan Tattermusch | 7897ae9 | 2017-06-07 22:57:36 +0200 | [diff] [blame] | 11 | * Unless required by applicable law or agreed to in writing, software |
| 12 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 14 | * See the License for the specific language governing permissions and |
| 15 | * limitations under the License. |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 16 | * |
| 17 | */ |
| 18 | |
| 19 | #include <stdio.h> |
| 20 | #include <string.h> |
| 21 | |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 22 | #include <grpc/grpc.h> |
| 23 | #include <grpc/grpc_security.h> |
Craig Tiller | 28b7242 | 2016-10-26 21:15:29 -0700 | [diff] [blame] | 24 | #include <grpc/slice.h> |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 25 | #include <grpc/support/alloc.h> |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 26 | #include <grpc/support/log.h> |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 27 | #include <grpc/support/sync.h> |
| 28 | |
Julien Boeuf | 8ca294e | 2016-05-02 14:56:30 -0700 | [diff] [blame] | 29 | #include "src/core/lib/security/credentials/jwt/jwt_verifier.h" |
Vijay Pai | 8a99fdb | 2018-01-25 15:38:20 -0800 | [diff] [blame] | 30 | #include "test/core/util/cmdline.h" |
Craig Tiller | 69b093b | 2016-02-25 19:04:07 -0800 | [diff] [blame] | 31 | |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 32 | typedef struct { |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 33 | grpc_pollset* pollset; |
| 34 | gpr_mu* mu; |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 35 | int is_done; |
| 36 | int success; |
| 37 | } synchronizer; |
| 38 | |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 39 | static void print_usage_and_exit(gpr_cmdline* cl, const char* argv0) { |
| 40 | char* usage = gpr_cmdline_usage_string(cl, argv0); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 41 | fprintf(stderr, "%s", usage); |
Jan Tattermusch | 148700a | 2018-01-12 09:18:21 +0100 | [diff] [blame] | 42 | fflush(stderr); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 43 | gpr_free(usage); |
| 44 | gpr_cmdline_destroy(cl); |
| 45 | exit(1); |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 46 | } |
| 47 | |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame] | 48 | static void on_jwt_verification_done(void* user_data, |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 49 | grpc_jwt_verifier_status status, |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 50 | grpc_jwt_claims* claims) { |
Yash Tibrewal | 40422d5 | 2017-11-06 14:39:17 -0800 | [diff] [blame] | 51 | synchronizer* sync = static_cast<synchronizer*>(user_data); |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 52 | |
| 53 | sync->success = (status == GRPC_JWT_VERIFIER_OK); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 54 | if (sync->success) { |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 55 | char* claims_str; |
Craig Tiller | 4ac2b8e | 2017-11-10 14:14:17 -0800 | [diff] [blame] | 56 | GPR_ASSERT(claims != nullptr); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 57 | claims_str = |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 58 | grpc_json_dump_to_string((grpc_json*)grpc_jwt_claims_json(claims), 2); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 59 | printf("Claims: \n\n%s\n", claims_str); |
| 60 | gpr_free(claims_str); |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame] | 61 | grpc_jwt_claims_destroy(claims); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 62 | } else { |
Craig Tiller | 4ac2b8e | 2017-11-10 14:14:17 -0800 | [diff] [blame] | 63 | GPR_ASSERT(claims == nullptr); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 64 | fprintf(stderr, "Verification failed with error %s\n", |
| 65 | grpc_jwt_verifier_status_to_string(status)); |
Jan Tattermusch | 148700a | 2018-01-12 09:18:21 +0100 | [diff] [blame] | 66 | fflush(stderr); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 67 | } |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 68 | |
Craig Tiller | 69b093b | 2016-02-25 19:04:07 -0800 | [diff] [blame] | 69 | gpr_mu_lock(sync->mu); |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 70 | sync->is_done = 1; |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame] | 71 | GRPC_LOG_IF_ERROR("pollset_kick", grpc_pollset_kick(sync->pollset, nullptr)); |
Craig Tiller | 69b093b | 2016-02-25 19:04:07 -0800 | [diff] [blame] | 72 | gpr_mu_unlock(sync->mu); |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 73 | } |
| 74 | |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 75 | int main(int argc, char** argv) { |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 76 | synchronizer sync; |
Craig Tiller | baa14a9 | 2017-11-03 09:09:36 -0700 | [diff] [blame] | 77 | grpc_jwt_verifier* verifier; |
| 78 | gpr_cmdline* cl; |
Craig Tiller | 4ac2b8e | 2017-11-10 14:14:17 -0800 | [diff] [blame] | 79 | const char* jwt = nullptr; |
| 80 | const char* aud = nullptr; |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame] | 81 | grpc_core::ExecCtx exec_ctx; |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 82 | |
Julien Boeuf | 964d7bb | 2016-11-17 16:59:48 -0800 | [diff] [blame] | 83 | grpc_init(); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 84 | cl = gpr_cmdline_create("JWT verifier tool"); |
| 85 | gpr_cmdline_add_string(cl, "jwt", "JSON web token to verify", &jwt); |
| 86 | gpr_cmdline_add_string(cl, "aud", "Audience for the JWT", &aud); |
| 87 | gpr_cmdline_parse(cl, argc, argv); |
Craig Tiller | 4ac2b8e | 2017-11-10 14:14:17 -0800 | [diff] [blame] | 88 | if (jwt == nullptr || aud == nullptr) { |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 89 | print_usage_and_exit(cl, argv[0]); |
| 90 | } |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 91 | |
Craig Tiller | 4ac2b8e | 2017-11-10 14:14:17 -0800 | [diff] [blame] | 92 | verifier = grpc_jwt_verifier_create(nullptr, 0); |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 93 | |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 94 | grpc_init(); |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 95 | |
Yash Tibrewal | 40422d5 | 2017-11-06 14:39:17 -0800 | [diff] [blame] | 96 | sync.pollset = static_cast<grpc_pollset*>(gpr_zalloc(grpc_pollset_size())); |
Craig Tiller | 69b093b | 2016-02-25 19:04:07 -0800 | [diff] [blame] | 97 | grpc_pollset_init(sync.pollset, &sync.mu); |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 98 | sync.is_done = 0; |
| 99 | |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame] | 100 | grpc_jwt_verifier_verify(verifier, sync.pollset, jwt, aud, |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 101 | on_jwt_verification_done, &sync); |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 102 | |
Craig Tiller | 69b093b | 2016-02-25 19:04:07 -0800 | [diff] [blame] | 103 | gpr_mu_lock(sync.mu); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 104 | while (!sync.is_done) { |
Craig Tiller | 4ac2b8e | 2017-11-10 14:14:17 -0800 | [diff] [blame] | 105 | grpc_pollset_worker* worker = nullptr; |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame] | 106 | if (!GRPC_LOG_IF_ERROR( |
| 107 | "pollset_work", |
| 108 | grpc_pollset_work(sync.pollset, &worker, GRPC_MILLIS_INF_FUTURE))) |
Craig Tiller | 1aee536 | 2016-05-07 11:26:50 -0700 | [diff] [blame] | 109 | sync.is_done = true; |
Craig Tiller | 69b093b | 2016-02-25 19:04:07 -0800 | [diff] [blame] | 110 | gpr_mu_unlock(sync.mu); |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame] | 111 | grpc_core::ExecCtx::Get()->Flush(); |
Craig Tiller | 69b093b | 2016-02-25 19:04:07 -0800 | [diff] [blame] | 112 | gpr_mu_lock(sync.mu); |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 113 | } |
Craig Tiller | 69b093b | 2016-02-25 19:04:07 -0800 | [diff] [blame] | 114 | gpr_mu_unlock(sync.mu); |
| 115 | |
| 116 | gpr_free(sync.pollset); |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 117 | |
Yash Tibrewal | 8cf1470 | 2017-12-06 09:47:54 -0800 | [diff] [blame] | 118 | grpc_jwt_verifier_destroy(verifier); |
| 119 | |
Craig Tiller | a82950e | 2015-09-22 12:33:20 -0700 | [diff] [blame] | 120 | gpr_cmdline_destroy(cl); |
Julien Boeuf | 964d7bb | 2016-11-17 16:59:48 -0800 | [diff] [blame] | 121 | grpc_shutdown(); |
Julien Boeuf | feca1bf | 2015-06-22 16:46:20 +0200 | [diff] [blame] | 122 | return !sync.success; |
| 123 | } |