You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by am...@apache.org on 2018/12/05 20:10:32 UTC

[trafficserver] branch master updated: Adding cdniip and cdnistd claims to uri signing

This is an automated email from the ASF dual-hosted git repository.

amc pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/master by this push:
     new 37028f9  Adding cdniip and cdnistd claims to uri signing
37028f9 is described below

commit 37028f9785c79834b2e4dbe72de4093f5cc54543
Author: Dylan Souza <dy...@comcast.com>
AuthorDate: Tue Nov 13 18:38:19 2018 +0000

    Adding cdniip and cdnistd claims to uri signing
---
 plugins/experimental/uri_signing/jwt.c | 14 +++++++++++++-
 plugins/experimental/uri_signing/jwt.h |  4 +++-
 2 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/plugins/experimental/uri_signing/jwt.c b/plugins/experimental/uri_signing/jwt.c
index da4e804..0942c84 100644
--- a/plugins/experimental/uri_signing/jwt.c
+++ b/plugins/experimental/uri_signing/jwt.c
@@ -61,9 +61,11 @@ parse_jwt(json_t *raw)
   jwt->iat        = parse_number(json_object_get(raw, "iat"));
   jwt->jti        = json_string_value(json_object_get(raw, "jti"));
   jwt->cdniv      = parse_integer_default(json_object_get(raw, "cdniv"), 1);
+  jwt->cdnicrit   = json_string_value(json_object_get(raw, "cdnicrit"));
+  jwt->cdniip     = json_string_value(json_object_get(raw, "cdniip"));
   jwt->cdniets    = json_integer_value(json_object_get(raw, "cdniets"));
   jwt->cdnistt    = json_integer_value(json_object_get(raw, "cdnistt"));
-  jwt->cdnicrit   = json_string_value(json_object_get(raw, "cdnicrit"));
+  jwt->cdnistd    = parse_integer_default(json_object_get(raw, "cdnistd"), 0);
   return jwt;
 }
 
@@ -132,6 +134,11 @@ jwt_validate(struct jwt *jwt)
     return false;
   }
 
+  if (!unsupported_string_claim(jwt->cdniip)) {
+    PluginDebug("Initial JWT Failure: cdniip unsupported");
+    return false;
+  }
+
   if (!unsupported_string_claim(jwt->jti)) {
     PluginDebug("Initial JWT Failure: nonse unsupported");
     return false;
@@ -147,6 +154,11 @@ jwt_validate(struct jwt *jwt)
     return false;
   }
 
+  if (jwt->cdnistd != 0) {
+    PluginDebug("Initial JWT Failure: unsupported value for cdnistd: %d", jwt->cdnistd);
+    return false;
+  }
+
   return true;
 }
 
diff --git a/plugins/experimental/uri_signing/jwt.h b/plugins/experimental/uri_signing/jwt.h
index 1604eea..f0bd67a 100644
--- a/plugins/experimental/uri_signing/jwt.h
+++ b/plugins/experimental/uri_signing/jwt.h
@@ -28,10 +28,12 @@ struct jwt {
   double nbf;
   double iat;
   const char *jti;
-  const char *cdnicrit;
   int cdniv;
+  const char *cdnicrit;
+  const char *cdniip;
   int cdniets;
   int cdnistt;
+  int cdnistd;
 };
 struct jwt *parse_jwt(json_t *raw);
 void jwt_delete(struct jwt *jwt);