/* Takes ownership of creds_path if not NULL. */ static grpc_error *create_default_creds_from_path( grpc_exec_ctx *exec_ctx, char *creds_path, grpc_call_credentials **creds) { grpc_json *json = NULL; grpc_auth_json_key key; grpc_auth_refresh_token token; grpc_call_credentials *result = NULL; grpc_slice creds_data = grpc_empty_slice(); grpc_error *error = GRPC_ERROR_NONE; if (creds_path == NULL) { error = GRPC_ERROR_CREATE_FROM_STATIC_STRING("creds_path unset"); goto end; } error = grpc_load_file(creds_path, 0, &creds_data); if (error != GRPC_ERROR_NONE) { goto end; } json = grpc_json_parse_string_with_len( (char *)GRPC_SLICE_START_PTR(creds_data), GRPC_SLICE_LENGTH(creds_data)); if (json == NULL) { error = grpc_error_set_str( GRPC_ERROR_CREATE_FROM_STATIC_STRING("Failed to parse JSON"), GRPC_ERROR_STR_RAW_BYTES, grpc_slice_ref_internal(creds_data)); goto end; } /* First, try an auth json key. */ key = grpc_auth_json_key_create_from_json(json); if (grpc_auth_json_key_is_valid(&key)) { result = grpc_service_account_jwt_access_credentials_create_from_auth_json_key( exec_ctx, key, grpc_max_auth_token_lifetime()); if (result == NULL) { error = GRPC_ERROR_CREATE_FROM_STATIC_STRING( "grpc_service_account_jwt_access_credentials_create_from_auth_json_" "key failed"); } goto end; } /* Then try a refresh token if the auth json key was invalid. */ token = grpc_auth_refresh_token_create_from_json(json); if (grpc_auth_refresh_token_is_valid(&token)) { result = grpc_refresh_token_credentials_create_from_auth_refresh_token(token); if (result == NULL) { error = GRPC_ERROR_CREATE_FROM_STATIC_STRING( "grpc_refresh_token_credentials_create_from_auth_refresh_token " "failed"); } goto end; } end: GPR_ASSERT((result == NULL) + (error == GRPC_ERROR_NONE) == 1); if (creds_path != NULL) gpr_free(creds_path); grpc_slice_unref_internal(exec_ctx, creds_data); if (json != NULL) grpc_json_destroy(json); *creds = result; return error; }
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { char *s = gpr_malloc(size); memcpy(s, data, size); grpc_json *x; if ((x = grpc_json_parse_string_with_len(s, size))) { grpc_json_destroy(x); } gpr_free(s); return 0; }
static void test_bad_audience_claims_failure(void) { grpc_jwt_claims *claims; gpr_slice s = gpr_slice_from_copied_string(claims_without_time_constraint); grpc_json *json = grpc_json_parse_string_with_len( (char *)GPR_SLICE_START_PTR(s), GPR_SLICE_LENGTH(s)); GPR_ASSERT(json != NULL); claims = grpc_jwt_claims_from_json(json, s); GPR_ASSERT(claims != NULL); GPR_ASSERT(grpc_jwt_claims_check(claims, "https://bar.com") == GRPC_JWT_VERIFIER_BAD_AUDIENCE); grpc_jwt_claims_destroy(claims); }
static grpc_json *parse_json_part_from_jwt(const char *str, size_t len, grpc_slice *buffer) { grpc_json *json; *buffer = grpc_base64_decode_with_len(str, len, 1); if (GRPC_SLICE_IS_EMPTY(*buffer)) { gpr_log(GPR_ERROR, "Invalid base64."); return NULL; } json = grpc_json_parse_string_with_len((char *)GRPC_SLICE_START_PTR(*buffer), GRPC_SLICE_LENGTH(*buffer)); if (json == NULL) { grpc_slice_unref(*buffer); gpr_log(GPR_ERROR, "JSON parsing error."); } return json; }
static void test_claims_success(void) { grpc_jwt_claims *claims; gpr_slice s = gpr_slice_from_copied_string(claims_without_time_constraint); grpc_json *json = grpc_json_parse_string_with_len( (char *)GPR_SLICE_START_PTR(s), GPR_SLICE_LENGTH(s)); GPR_ASSERT(json != NULL); claims = grpc_jwt_claims_from_json(json, s); GPR_ASSERT(claims != NULL); GPR_ASSERT(grpc_jwt_claims_json(claims) == json); GPR_ASSERT(strcmp(grpc_jwt_claims_audience(claims), "https://foo.com") == 0); GPR_ASSERT(strcmp(grpc_jwt_claims_issuer(claims), "blah.foo.com") == 0); GPR_ASSERT(strcmp(grpc_jwt_claims_subject(claims), "*****@*****.**") == 0); GPR_ASSERT(strcmp(grpc_jwt_claims_id(claims), "jwtuniqueid") == 0); GPR_ASSERT(grpc_jwt_claims_check(claims, "https://foo.com") == GRPC_JWT_VERIFIER_OK); grpc_jwt_claims_destroy(claims); }
static grpc_json *json_from_http(const grpc_httpcli_response *response) { grpc_json *json = NULL; if (response == NULL) { gpr_log(GPR_ERROR, "HTTP response is NULL."); return NULL; } if (response->status != 200) { gpr_log(GPR_ERROR, "Call to http server failed with error %d.", response->status); return NULL; } json = grpc_json_parse_string_with_len(response->body, response->body_length); if (json == NULL) { gpr_log(GPR_ERROR, "Invalid JSON found in response."); } return json; }
/* Takes ownership of creds_path if not NULL. */ static grpc_call_credentials *create_default_creds_from_path(char *creds_path) { grpc_json *json = NULL; grpc_auth_json_key key; grpc_auth_refresh_token token; grpc_call_credentials *result = NULL; gpr_slice creds_data = gpr_empty_slice(); int file_ok = 0; if (creds_path == NULL) goto end; creds_data = gpr_load_file(creds_path, 0, &file_ok); if (!file_ok) goto end; json = grpc_json_parse_string_with_len( (char *)GPR_SLICE_START_PTR(creds_data), GPR_SLICE_LENGTH(creds_data)); if (json == NULL) goto end; /* First, try an auth json key. */ key = grpc_auth_json_key_create_from_json(json); if (grpc_auth_json_key_is_valid(&key)) { result = grpc_service_account_jwt_access_credentials_create_from_auth_json_key( key, grpc_max_auth_token_lifetime()); goto end; } /* Then try a refresh token if the auth json key was invalid. */ token = grpc_auth_refresh_token_create_from_json(json); if (grpc_auth_refresh_token_is_valid(&token)) { result = grpc_refresh_token_credentials_create_from_auth_refresh_token(token); goto end; } end: if (creds_path != NULL) gpr_free(creds_path); gpr_slice_unref(creds_data); if (json != NULL) grpc_json_destroy(json); return result; }
static void test_expired_claims_failure(void) { grpc_jwt_claims *claims; gpr_slice s = gpr_slice_from_copied_string(expired_claims); grpc_json *json = grpc_json_parse_string_with_len( (char *)GPR_SLICE_START_PTR(s), GPR_SLICE_LENGTH(s)); gpr_timespec exp_iat = {100, 0, GPR_CLOCK_REALTIME}; gpr_timespec exp_exp = {120, 0, GPR_CLOCK_REALTIME}; gpr_timespec exp_nbf = {60, 0, GPR_CLOCK_REALTIME}; GPR_ASSERT(json != NULL); claims = grpc_jwt_claims_from_json(json, s); GPR_ASSERT(claims != NULL); GPR_ASSERT(grpc_jwt_claims_json(claims) == json); GPR_ASSERT(strcmp(grpc_jwt_claims_audience(claims), "https://foo.com") == 0); GPR_ASSERT(strcmp(grpc_jwt_claims_issuer(claims), "blah.foo.com") == 0); GPR_ASSERT(strcmp(grpc_jwt_claims_subject(claims), "*****@*****.**") == 0); GPR_ASSERT(strcmp(grpc_jwt_claims_id(claims), "jwtuniqueid") == 0); GPR_ASSERT(gpr_time_cmp(grpc_jwt_claims_issued_at(claims), exp_iat) == 0); GPR_ASSERT(gpr_time_cmp(grpc_jwt_claims_expires_at(claims), exp_exp) == 0); GPR_ASSERT(gpr_time_cmp(grpc_jwt_claims_not_before(claims), exp_nbf) == 0); GPR_ASSERT(grpc_jwt_claims_check(claims, "https://foo.com") == GRPC_JWT_VERIFIER_TIME_CONSTRAINT_FAILURE); grpc_jwt_claims_destroy(claims); }
/** Parses JSON format address of a zookeeper node */ static char *zookeeper_parse_address(const char *value, size_t value_len) { grpc_json *json; grpc_json *cur; const char *host; const char *port; char *buffer; char *address = NULL; buffer = gpr_malloc(value_len); memcpy(buffer, value, value_len); json = grpc_json_parse_string_with_len(buffer, value_len); if (json != NULL) { host = NULL; port = NULL; for (cur = json->child; cur != NULL; cur = cur->next) { if (!strcmp(cur->key, "host")) { host = cur->value; if (port != NULL) { break; } } else if (!strcmp(cur->key, "port")) { port = cur->value; if (host != NULL) { break; } } } if (host != NULL && port != NULL) { gpr_asprintf(&address, "%s:%s", host, port); } grpc_json_destroy(json); } gpr_free(buffer); return address; }
static void test_invalid_claims_failure(void) { gpr_slice s = gpr_slice_from_copied_string(invalid_claims); grpc_json *json = grpc_json_parse_string_with_len( (char *)GPR_SLICE_START_PTR(s), GPR_SLICE_LENGTH(s)); GPR_ASSERT(grpc_jwt_claims_from_json(json, s) == NULL); }