Skip to content
This repository has been archived by the owner on Nov 11, 2024. It is now read-only.

Commit

Permalink
Merge pull request #9 from rnorris/master
Browse files Browse the repository at this point in the history 
Fix spellings in comments
  • Loading branch information
@babelouest
babelouest authored Apr 27, 2024
2 parents 2aa38a5 + 116559c commit 53018f9
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 19 deletions.
30 changes: 15 additions & 15 deletions include/iddawc.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,8 +74,8 @@ extern "C"
#define I_TOKEN_AUTH_METHOD_JWT_ENCRYPT_SECRET 0x00100000 ///< token endpoint using a JWT encrypted with the client secret
#define I_TOKEN_AUTH_METHOD_JWT_ENCRYPT_PUBKEY 0x01000000 ///< token endpoint using a JWT signed with the client private key and encrypted with the server public key or the client secret

#define I_STRICT_NO 0x00000000 ///< Do not stricly conform to openid config result
#define I_STRICT_YES 0x00000001 ///< Stricly conform to openid config result
#define I_STRICT_NO 0x00000000 ///< Do not strictly conform to openid config result
#define I_STRICT_YES 0x00000001 ///< Strictly conform to openid config result
#define I_STRICT_JWT_AT_SIGNATURE 0x00000010 ///< Verify JWT access tokens signatures
#define I_STRICT_JWT_AT_HEADER_TYP 0x00000100 ///< Verify JWT access tokens header typ value
#define I_STRICT_JWT_AT_CLAIM 0x00001000 ///< Verify JWT access tokens claims values
Expand Down Expand Up @@ -162,22 +162,22 @@ typedef enum {
I_OPT_ERROR = 19, ///< error value of a failed request, string
I_OPT_ERROR_DESCRIPTION = 20, ///< error description of a failed request, string
I_OPT_ERROR_URI = 21, ///< error uri of a failed request, string
I_OPT_CODE = 22, ///< code given after a succesfull auth request using the response_type I_RESPONSE_TYPE_CODE
I_OPT_REFRESH_TOKEN = 23, ///< refresh token given after a succesfull token request using the proper response_type
I_OPT_ACCESS_TOKEN = 24, ///< access token given after a succesfull auth or token request using the proper response_type
I_OPT_ID_TOKEN = 25, ///< id_token given after a succesfull auth or token request using the proper response_type
I_OPT_CODE = 22, ///< code given after a successful auth request using the response_type I_RESPONSE_TYPE_CODE
I_OPT_REFRESH_TOKEN = 23, ///< refresh token given after a successful token request using the proper response_type
I_OPT_ACCESS_TOKEN = 24, ///< access token given after a successful auth or token request using the proper response_type
I_OPT_ID_TOKEN = 25, ///< id_token given after a successful auth or token request using the proper response_type
I_OPT_AUTH_METHOD = 28, ///< Authentication method to use with the auth endpoint, values available are I_AUTH_METHOD_GET, I_AUTH_METHOD_POST, I_AUTH_METHOD_JWT_SIGN_SECRET, I_AUTH_METHOD_JWT_SIGN_PRIVKEY, I_AUTH_METHOD_JWT_ENCRYPT_SECRET or I_AUTH_METHOD_JWT_ENCRYPT_PUBKEY, values I_AUTH_METHOD_JWT_SIGN_SECRET, I_AUTH_METHOD_JWT_SIGN_PRIVKEY, I_AUTH_METHOD_JWT_ENCRYPT_SECRET or I_AUTH_METHOD_JWT_ENCRYPT_PUBKEY can be combined with I_AUTH_METHOD_GET or I_AUTH_METHOD_POST
I_OPT_TOKEN_METHOD = 29, ///< Authentication method to use with the token endpoint, values available are I_TOKEN_AUTH_METHOD_SECRET_BASIC, I_TOKEN_AUTH_METHOD_SECRET_POST, I_TOKEN_AUTH_METHOD_SECRET_JWT, I_TOKEN_AUTH_METHOD_PRIVATE_JWT, I_TOKEN_AUTH_METHOD_NONE
I_OPT_TOKEN_TYPE = 30, ///< token_type value after a succesfull auth or token request, string
I_OPT_EXPIRES_IN = 31, ///< expires_in value after a succesfull auth or token request, integer
I_OPT_EXPIRES_AT = 32, ///< expires_at value after a succesfull auth or token request, time_t
I_OPT_TOKEN_TYPE = 30, ///< token_type value after a successful auth or token request, string
I_OPT_EXPIRES_IN = 31, ///< expires_in value after a successful auth or token request, integer
I_OPT_EXPIRES_AT = 32, ///< expires_at value after a successful auth or token request, time_t
I_OPT_USERNAME = 33, ///< username for password response_types, string
I_OPT_USER_PASSWORD = 34, ///< password for password response_types, string
I_OPT_ISSUER = 35, ///< issuer value, string
I_OPT_USERINFO = 36, ///< userinfo result, string
I_OPT_NONCE_GENERATE = 37, ///< Generate a random nonce value
I_OPT_STATE_GENERATE = 38, ///< Generate a random state value
I_OPT_X5U_FLAGS = 39, ///< x5u flage to apply when JWK used have a x5u property, values available are R_FLAG_IGNORE_SERVER_CERTIFICATE: ignrore if web server certificate is invalid, R_FLAG_FOLLOW_REDIRECT: follow redirections if necessary, R_FLAG_IGNORE_REMOTE: do not download remote key
I_OPT_X5U_FLAGS = 39, ///< x5u flags to apply when JWK used have a x5u property, values available are R_FLAG_IGNORE_SERVER_CERTIFICATE: ignore if web server certificate is invalid, R_FLAG_FOLLOW_REDIRECT: follow redirections if necessary, R_FLAG_IGNORE_REMOTE: do not download remote key
I_OPT_SERVER_KID = 40, ///< key id to use if multiple jwk are available on the server, string
I_OPT_SERVER_ENC_ALG = 41, ///< Key management algorithm to use when sending encrypted messages to the AS
I_OPT_SERVER_ENC = 42, ///< Encryption algorithm to use when sending encrypted messages to the AS
Expand All @@ -204,7 +204,7 @@ typedef enum {
I_OPT_DEVICE_AUTH_INTERVAL = 63, ///< device authorization code verification interval sent by the AS
I_OPT_END_SESSION_ENDPOINT = 64, ///< absolute url for the end session endpoint, string
I_OPT_CHECK_SESSION_IRAME = 65, ///< absolute url for the check session iframe, string
I_OPT_PUSHED_AUTH_REQ_ENDPOINT = 66, ///< absolute url for the pushed authoization endpoint, string
I_OPT_PUSHED_AUTH_REQ_ENDPOINT = 66, ///< absolute url for the pushed authorization endpoint, string
I_OPT_PUSHED_AUTH_REQ_REQUIRED = 67, ///< are pushed authorization requests required, boolean
I_OPT_PUSHED_AUTH_REQ_EXPIRES_IN = 68, ///< pushed authorization request expiration time in seconds
I_OPT_PUSHED_AUTH_REQ_URI = 69, ///< request_uri sent by the par endpoint result, string
Expand Down Expand Up @@ -255,9 +255,9 @@ typedef enum {
I_OPT_CIBA_CLIENT_NOTIFICATION_TOKEN_GENERATE = 114, ///< Generate a random client_notification_token of the specified length
I_OPT_CIBA_ACR_VALUES = 115, ///< ACR values that the OpenID Provider is being requested to use for processing this Authentication Request
I_OPT_CIBA_ACR_VALUES_APPEND = 116, ///< append another ACR value to the ACR values list, string
I_OPT_CIBA_AUTH_REQ_ID = 117, ///< auth_req_id value received by the server on succesfull request
I_OPT_CIBA_AUTH_REQ_ID = 117, ///< auth_req_id value received by the server on successful request
I_OPT_CIBA_CLIENT_NOTIFICATION_ENDPOINT = 118, ///< backchannel_client_notification_endpoint value to specify the url for ping or push modes
I_OPT_CIBA_AUTH_REQ_EXPIRES_IN = 119, ///< expiration of the request in seconds received by the server on succesfull request
I_OPT_CIBA_AUTH_REQ_EXPIRES_IN = 119, ///< expiration of the request in seconds received by the server on successful request
I_OPT_CIBA_AUTH_REQ_INTERVAL = 120, ///< Interval to poll token endpoint on poll mode in seconds
I_OPT_FRONTCHANNEL_LOGOUT_URI = 121, ///< Frontchannel logout URI
I_OPT_FRONTCHANNEL_LOGOUT_SESSION_REQUIRED = 122, ///< Frontchannel logout session required
Expand Down Expand Up @@ -975,7 +975,7 @@ int i_revoke_token(struct _i_session * i_session, int authentication);
* @param j_parameters: a json_t * object containing the client metadata
* The metadata content depends on the registration endpoint but at least
* the parameter redirect_uris (array of string) is required to register a new client
* @param update_session: if the registration is succesfull, update the session with the new client_id client_secret,
* @param update_session: if the registration is successful, update the session with the new client_id client_secret,
* registration_client_uri and registration_access_token (as I_OPT_ACCESS_TOKEN)
* @param j_result: if not NULL, set an allocated json_t * object with the endpoint result
* @return I_OK on success, an error value on error
Expand All @@ -998,7 +998,7 @@ int i_get_registration_client(struct _i_session * i_session, json_t ** j_result)
* @param j_parameters: a json_t * object containing the client metadata
* The metadata content depends on the registration endpoint but at least
* the parameter redirect_uris (array of string) is required to register a new client
* @param update_session: if the registration is succesfull, update the session with the new client_id client_secret,
* @param update_session: if the registration is successful, update the session with the new client_id client_secret,
* registration_client_uri and registration_access_token (as I_OPT_ACCESS_TOKEN)
* @param j_result: if not NULL, set an allocated json_t * object with the endpoint result
* @return I_OK on success, an error value on error
Expand Down
8 changes: 4 additions & 4 deletions src/iddawc.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1205,7 +1205,7 @@ static char * _i_sign_encrypt_jwt_auth(struct _i_session * i_session, jwt_t * jw
y_log_message(Y_LOG_LEVEL_ERROR, "signature alg is not specified or supported by the server");
enc_alg = R_JWA_ALG_UNKNOWN;
} else if (i_session->client_enc_alg == R_JWA_ALG_UNKNOWN && json_array_size(json_object_get(i_session->openid_config, "request_object_encryption_alg_values_supported"))) {
// no signtature alg specified, use one supported by the server
// no signature alg specified, use one supported by the server
if (_i_has_openid_config_parameter_value(i_session, "request_object_encryption_alg_values_supported", "A128KW")) {
enc_alg = R_JWA_ALG_A128KW;
} else if (_i_has_openid_config_parameter_value(i_session, "request_object_signing_alg_values_supported", "A192KW")) {
Expand Down Expand Up @@ -1459,7 +1459,7 @@ static char * _i_generate_ciba_jwt(struct _i_session * i_session) {
y_log_message(Y_LOG_LEVEL_ERROR, "signature alg is not specified or supported by the server");
ret = I_ERROR_PARAM;
} else if (sign_alg == R_JWA_ALG_UNKNOWN && json_array_size(json_object_get(i_session->openid_config, "backchannel_authentication_request_signing_alg_values_supported"))) {
// no signtature alg specified, use one supported by the server
// no signature alg specified, use one supported by the server
if (_i_has_openid_config_parameter_value(i_session, "backchannel_authentication_request_signing_alg_values_supported", "HS256")) {
sign_alg = R_JWA_ALG_HS256;
} else if (_i_has_openid_config_parameter_value(i_session, "backchannel_authentication_request_signing_alg_values_supported", "HS384")) {
Expand Down Expand Up @@ -1579,7 +1579,7 @@ static char * _i_generate_client_assertion(struct _i_session * i_session, const
y_log_message(Y_LOG_LEVEL_ERROR, "signature alg is not specified or supported by the server");
ret = I_ERROR_PARAM;
} else if (sign_alg == R_JWA_ALG_UNKNOWN && json_array_size(json_object_get(i_session->openid_config, sign_alg_values))) {
// no signtature alg specified, use one supported by the server
// no signature alg specified, use one supported by the server
if (_i_has_openid_config_parameter_value(i_session, sign_alg_values, "HS256")) {
sign_alg = R_JWA_ALG_HS256;
} else if (_i_has_openid_config_parameter_value(i_session, sign_alg_values, "HS384")) {
Expand Down Expand Up @@ -1650,7 +1650,7 @@ static char * _i_generate_client_assertion(struct _i_session * i_session, const
}
}
if (i_session->client_enc_alg == R_JWA_ALG_UNKNOWN && json_array_size(json_object_get(i_session->openid_config, enc_alg_values))) {
// no signtature alg specified, use one supported by the server
// no signature alg specified, use one supported by the server
if (_i_has_openid_config_parameter_value(i_session, enc_alg_values, "A128KW")) {
enc_alg = R_JWA_ALG_A128KW;
} else if (_i_has_openid_config_parameter_value(i_session, sign_alg_values, "A192KW")) {
Expand Down

0 comments on commit 53018f9

Please sign in to comment.