Iddawc
Handle the flow of OAuth2 and OpenID Connect authentication process from the client side.
iddawc.h
Go to the documentation of this file.
1 
24 #ifndef __IDDAWC_H
25 #define __IDDAWC_H
26 
27 #ifdef __cplusplus
28 extern "C"
29 {
30 #endif
31 
32 #include <jansson.h>
33 #include <orcania.h>
34 #include <ulfius.h>
35 #include <rhonabwy.h>
36 #include "iddawc-cfg.h"
37 
44 #define I_OK 0
45 #define I_ERROR 1
46 #define I_ERROR_PARAM 2
47 #define I_ERROR_MEMORY 3
48 #define I_ERROR_UNAUTHORIZED 4
49 #define I_ERROR_SERVER 5
50 
51 #define I_RESPONSE_TYPE_NONE 0x00000000
52 #define I_RESPONSE_TYPE_CODE 0x00000001
53 #define I_RESPONSE_TYPE_TOKEN 0x00000010
54 #define I_RESPONSE_TYPE_ID_TOKEN 0x00000100
55 #define I_RESPONSE_TYPE_PASSWORD 0x00001000
56 #define I_RESPONSE_TYPE_CLIENT_CREDENTIALS 0x00010000
57 #define I_RESPONSE_TYPE_REFRESH_TOKEN 0x00100000
58 #define I_RESPONSE_TYPE_DEVICE_CODE 0x01000000
59 #define I_RESPONSE_TYPE_CIBA 0x10000000
60 
61 #define I_AUTH_METHOD_GET 0x00000001
62 #define I_AUTH_METHOD_POST 0x00000010
63 #define I_AUTH_METHOD_JWT_SIGN_SECRET 0x00000100
64 #define I_AUTH_METHOD_JWT_SIGN_PRIVKEY 0x00001000
65 #define I_AUTH_METHOD_JWT_ENCRYPT_SECRET 0x00010000
66 #define I_AUTH_METHOD_JWT_ENCRYPT_PUBKEY 0x00100000
67 
68 #define I_TOKEN_AUTH_METHOD_NONE 0x00000000
69 #define I_TOKEN_AUTH_METHOD_SECRET_BASIC 0x00000001
70 #define I_TOKEN_AUTH_METHOD_SECRET_POST 0x00000010
71 #define I_TOKEN_AUTH_METHOD_TLS_CERTIFICATE 0x00000100
72 #define I_TOKEN_AUTH_METHOD_JWT_SIGN_SECRET 0x00001000
73 #define I_TOKEN_AUTH_METHOD_JWT_SIGN_PRIVKEY 0x00010000
74 #define I_TOKEN_AUTH_METHOD_JWT_ENCRYPT_SECRET 0x00100000
75 #define I_TOKEN_AUTH_METHOD_JWT_ENCRYPT_PUBKEY 0x01000000
76 
77 #define I_STRICT_NO 0x00000000
78 #define I_STRICT_YES 0x00000001
79 #define I_STRICT_JWT_AT_SIGNATURE 0x00000010
80 #define I_STRICT_JWT_AT_HEADER_TYP 0x00000100
81 #define I_STRICT_JWT_AT_CLAIM 0x00001000
82 
83 #define I_AUTH_SIGN_ALG_MAX_LENGTH 8
84 
85 #define I_BEARER_TYPE_HEADER 0
86 #define I_BEARER_TYPE_BODY 1
87 #define I_BEARER_TYPE_URL 2
88 
89 #define I_INTROSPECT_REVOKE_AUTH_NONE 0
90 #define I_INTROSPECT_REVOKE_AUTH_ACCESS_TOKEN 1
91 #define I_INTROSPECT_REVOKE_AUTH_CLIENT_TARGET 2
92 
93 #define I_TOKEN_TYPE_ACCESS_TOKEN 0
94 #define I_TOKEN_TYPE_ID_TOKEN 1
95 #define I_TOKEN_TYPE_USERINFO 2
96 #define I_TOKEN_TYPE_INTROSPECTION 3
97 #define I_TOKEN_TYPE_RESPONSE_AUTH 4
98 
99 #define I_HEADER_PREFIX_BEARER "Bearer "
100 #define I_HEADER_PREFIX_DPOP "DPoP "
101 #define I_HEADER_AUTHORIZATION "Authorization"
102 #define I_CONTENT_TYPE_JWKS "application/jwk-set+json"
103 #define I_BODY_URL_PARAMETER "access_token"
104 #define I_HEADER_DPOP "DPoP"
105 
106 #define I_REMOTE_VERIFY_NONE 0x0000
107 #define I_REMOTE_HOST_VERIFY_PEER 0x0001
108 #define I_REMOTE_HOST_VERIFY_HOSTNAME 0x0010
109 #define I_REMOTE_PROXY_VERIFY_PEER 0x0100
110 #define I_REMOTE_PROXY_VERIFY_HOSTNAME 0x1000
111 
112 #define I_PKCE_NONE 0
113 #define I_PKCE_METHOD_PLAIN 1
114 #define I_PKCE_METHOD_S256 2
115 
116 #define I_CLAIM_TARGET_ALL 0
117 #define I_CLAIM_TARGET_USERINFO 1
118 #define I_CLAIM_TARGET_ID_TOKEN 2
119 
120 #define I_CLAIM_ESSENTIAL_NULL 0
121 #define I_CLAIM_ESSENTIAL_TRUE 1
122 #define I_CLAIM_ESSENTIAL_FALSE 2
123 #define I_CLAIM_ESSENTIAL_IGNORE 3
124 
125 #define I_CIBA_MODE_NONE 0
126 #define I_CIBA_MODE_POLL 1
127 #define I_CIBA_MODE_PING 2
128 #define I_CIBA_MODE_PUSH 3
129 
130 #define I_CIBA_LOGIN_HINT_FORMAT_JSON 0
131 #define I_CIBA_LOGIN_HINT_FORMAT_JWT 1
132 #define I_CIBA_LOGIN_HINT_FORMAT_ID_TOKEN 2
133 
139 typedef enum {
140  I_OPT_NONE = 0,
141  I_OPT_RESPONSE_TYPE = 1,
142  I_OPT_SCOPE = 2,
143  I_OPT_SCOPE_APPEND = 3,
144  I_OPT_STATE = 4,
145  I_OPT_NONCE = 5,
146  I_OPT_REDIRECT_URI = 6,
147  I_OPT_REDIRECT_TO = 7,
148  I_OPT_CLIENT_ID = 8,
149  I_OPT_CLIENT_SECRET = 9,
150  I_OPT_ADDITIONAL_PARAMETER = 10,
151  I_OPT_ADDITIONAL_RESPONSE = 11,
152  I_OPT_AUTH_ENDPOINT = 12,
153  I_OPT_TOKEN_ENDPOINT = 13,
154  I_OPT_OPENID_CONFIG_ENDPOINT = 14,
155  I_OPT_OPENID_CONFIG = 15,
156  I_OPT_OPENID_CONFIG_STRICT = 16,
157  I_OPT_USERINFO_ENDPOINT = 17,
158  I_OPT_RESULT = 18,
159  I_OPT_ERROR = 19,
160  I_OPT_ERROR_DESCRIPTION = 20,
161  I_OPT_ERROR_URI = 21,
162  I_OPT_CODE = 22,
163  I_OPT_REFRESH_TOKEN = 23,
164  I_OPT_ACCESS_TOKEN = 24,
165  I_OPT_ID_TOKEN = 25,
166  I_OPT_AUTH_METHOD = 28,
167  I_OPT_TOKEN_METHOD = 29,
168  I_OPT_TOKEN_TYPE = 30,
169  I_OPT_EXPIRES_IN = 31,
170  I_OPT_EXPIRES_AT = 32,
171  I_OPT_USERNAME = 33,
172  I_OPT_USER_PASSWORD = 34,
173  I_OPT_ISSUER = 35,
174  I_OPT_USERINFO = 36,
175  I_OPT_NONCE_GENERATE = 37,
176  I_OPT_STATE_GENERATE = 38,
177  I_OPT_X5U_FLAGS = 39,
178  I_OPT_SERVER_KID = 40,
179  I_OPT_SERVER_ENC_ALG = 41,
180  I_OPT_SERVER_ENC = 42,
181  I_OPT_SERVER_JWKS_CACHE_EXPIRATION = 43,
182  I_OPT_CLIENT_KID = 44,
183  I_OPT_CLIENT_SIGN_ALG = 45,
184  I_OPT_CLIENT_ENC_ALG = 46,
185  I_OPT_CLIENT_ENC = 47,
186  I_OPT_TOKEN_JTI = 48,
187  I_OPT_TOKEN_JTI_GENERATE = 49,
188  I_OPT_TOKEN_EXP = 50,
189  I_OPT_TOKEN_TARGET = 51,
190  I_OPT_TOKEN_TARGET_TYPE_HINT = 52,
191  I_OPT_REVOCATION_ENDPOINT = 53,
192  I_OPT_INTROSPECTION_ENDPOINT = 54,
193  I_OPT_REGISTRATION_ENDPOINT = 55,
194  I_OPT_REGISTRATION_CLIENT_URI = 56,
195  I_OPT_DEVICE_AUTHORIZATION_ENDPOINT = 57,
196  I_OPT_DEVICE_AUTH_CODE = 58,
197  I_OPT_DEVICE_AUTH_USER_CODE = 59,
198  I_OPT_DEVICE_AUTH_VERIFICATION_URI = 60,
199  I_OPT_DEVICE_AUTH_VERIFICATION_URI_COMPLETE = 61,
200  I_OPT_DEVICE_AUTH_EXPIRES_IN = 62,
201  I_OPT_DEVICE_AUTH_INTERVAL = 63,
202  I_OPT_END_SESSION_ENDPOINT = 64,
203  I_OPT_CHECK_SESSION_IRAME = 65,
204  I_OPT_PUSHED_AUTH_REQ_ENDPOINT = 66,
205  I_OPT_PUSHED_AUTH_REQ_REQUIRED = 67,
206  I_OPT_PUSHED_AUTH_REQ_EXPIRES_IN = 68,
207  I_OPT_PUSHED_AUTH_REQ_URI = 69,
208  I_OPT_USE_DPOP = 70,
209  I_OPT_DPOP_KID = 71,
210  I_OPT_DECRYPT_CODE = 72,
211  I_OPT_DECRYPT_REFRESH_TOKEN = 73,
212  I_OPT_DECRYPT_ACCESS_TOKEN = 74,
213  I_OPT_DPOP_SIGN_ALG = 75,
214  I_OPT_HTTP_PROXY = 76,
215  I_OPT_TLS_KEY_FILE = 77,
216  I_OPT_TLS_CERT_FILE = 78,
217  I_OPT_REMOTE_CERT_FLAG = 79,
218  I_OPT_PKCE_CODE_VERIFIER = 80,
219  I_OPT_PKCE_CODE_VERIFIER_GENERATE = 81,
220  I_OPT_PKCE_METHOD = 82,
221  I_OPT_RESOURCE_INDICATOR = 83,
222  I_OPT_ACCESS_TOKEN_SIGNING_ALG = 84,
223  I_OPT_ACCESS_TOKEN_ENCRYPTION_ALG = 85,
224  I_OPT_ACCESS_TOKEN_ENCRYPTION_ENC = 86,
225  I_OPT_ID_TOKEN_SIGNING_ALG = 87,
226  I_OPT_ID_TOKEN_ENCRYPTION_ALG = 88,
227  I_OPT_ID_TOKEN_ENCRYPTION_ENC = 89,
228  I_OPT_USERINFO_SIGNING_ALG = 90,
229  I_OPT_USERINFO_ENCRYPTION_ALG = 91,
230  I_OPT_USERINFO_ENCRYPTION_ENC = 92,
231  I_OPT_REQUEST_OBJECT_SIGNING_ALG = 93,
232  I_OPT_REQUEST_OBJECT_ENCRYPTION_ALG = 94,
233  I_OPT_REQUEST_OBJECT_ENCRYPTION_ENC = 95,
234  I_OPT_TOKEN_ENDPOINT_SIGNING_ALG = 96,
235  I_OPT_TOKEN_ENDPOINT_ENCRYPTION_ALG = 97,
236  I_OPT_TOKEN_ENDPOINT_ENCRYPTION_ENC = 98,
237  I_OPT_CIBA_REQUEST_SIGNING_ALG = 99,
238  I_OPT_CIBA_REQUEST_ENCRYPTION_ALG = 100,
239  I_OPT_CIBA_REQUEST_ENCRYPTION_ENC = 101,
240  I_OPT_AUTH_RESPONSE_SIGNING_ALG = 102,
241  I_OPT_AUTH_RESPONSE_ENCRYPTION_ALG = 103,
242  I_OPT_AUTH_RESPONSE_ENCRYPTION_ENC = 104,
243  I_OPT_CIBA_ENDPOINT = 105,
244  I_OPT_CIBA_MODE = 106,
245  I_OPT_CIBA_USER_CODE = 107,
246  I_OPT_CIBA_LOGIN_HINT = 108,
247  I_OPT_CIBA_LOGIN_HINT_FORMAT = 109,
248  I_OPT_CIBA_LOGIN_HINT_KID = 110,
249  I_OPT_CIBA_BINDING_MESSAGE = 111,
250  I_OPT_CIBA_REQUESTED_EXPIRY = 112,
251  I_OPT_CIBA_CLIENT_NOTIFICATION_TOKEN = 113,
252  I_OPT_CIBA_CLIENT_NOTIFICATION_TOKEN_GENERATE = 114,
253  I_OPT_CIBA_ACR_VALUES = 115,
254  I_OPT_CIBA_ACR_VALUES_APPEND = 116,
255  I_OPT_CIBA_AUTH_REQ_ID = 117,
256  I_OPT_CIBA_CLIENT_NOTIFICATION_ENDPOINT = 118,
257  I_OPT_CIBA_AUTH_REQ_EXPIRES_IN = 119,
258  I_OPT_CIBA_AUTH_REQ_INTERVAL = 120,
259  I_OPT_FRONTCHANNEL_LOGOUT_URI = 121,
260  I_OPT_FRONTCHANNEL_LOGOUT_SESSION_REQUIRED = 122,
261  I_OPT_BACKCHANNEL_LOGOUT_URI = 123,
262  I_OPT_BACKCHANNEL_LOGOUT_SESSION_REQUIRED = 124,
263  I_OPT_POST_LOGOUT_REDIRECT_URI = 125,
264  I_OPT_ID_TOKEN_SID = 126,
265  I_OPT_SAVE_HTTP_REQUEST_RESPONSE = 127,
266  I_OPT_DPOP_NONCE_AS = 128,
267  I_OPT_DPOP_NONCE_RS = 129
268 } i_option;
269 
280 struct _i_session {
281  unsigned int response_type;
282  char * scope;
283  char * state;
284  char * nonce;
285  char * redirect_uri;
286  char * redirect_to;
287  char * client_id;
288  char * client_secret;
289  char * username;
290  char * user_password;
291  struct _u_map additional_parameters;
292  struct _u_map additional_response;
293  char * authorization_endpoint;
294  char * token_endpoint;
295  char * openid_config_endpoint;
296  char * userinfo_endpoint;
297  char * revocation_endpoint;
298  char * introspection_endpoint;
299  char * end_session_endpoint;
300  char * check_session_iframe;
301  char * device_authorization_endpoint;
302  char * registration_endpoint;
303  char * registration_client_uri;
304  char * pushed_authorization_request_endpoint;
305  unsigned int result;
306  char * error;
307  char * error_description;
308  char * error_uri;
309  char * code;
310  char * refresh_token;
311  char * access_token;
312  json_t * access_token_payload;
313  char * token_target;
314  char * token_target_type_hint;
315  char * token_type;
316  unsigned int expires_in;
317  time_t expires_at;
318  char * id_token;
319  json_t * id_token_payload;
320  unsigned int auth_method;
321  unsigned int token_method;
322  jwks_t * server_jwks;
323  char * server_kid;
324  time_t server_jwks_cache_expires_at;
325  time_t server_jwks_cache_expiration;
326  jwa_alg server_enc_alg;
327  jwa_enc server_enc;
328  jwks_t * client_jwks;
329  char * client_kid;
330  jwa_alg client_sign_alg;
331  jwa_alg client_enc_alg;
332  jwa_enc client_enc;
333  int x5u_flags;
334  json_t * openid_config;
335  int openid_config_strict;
336  char * issuer;
337  char * userinfo;
338  json_t * j_userinfo;
339  char * token_jti;
340  unsigned int token_exp;
341  json_t * j_authorization_details;
342  char * device_auth_code;
343  char * device_auth_user_code;
344  char * device_auth_verification_uri;
345  char * device_auth_verification_uri_complete;
346  unsigned int device_auth_expires_in;
347  unsigned int device_auth_interval;
348  unsigned int require_pushed_authorization_requests;
349  unsigned int pushed_authorization_request_expires_in;
350  char * pushed_authorization_request_uri;
351  int use_dpop;
352  char * dpop_kid;
353  jwa_alg dpop_sign_alg;
354  char * dpop_nonce_as;
355  char * dpop_nonce_rs;
356  int decrypt_code;
357  int decrypt_refresh_token;
358  int decrypt_access_token;
359  char * http_proxy;
360  char * key_file;
361  char * cert_file;
362  int remote_cert_flag;
363  char * pkce_code_verifier;
364  int pkce_method;
365  json_t * j_claims;
366  char * resource_indicator;
367  jwa_alg access_token_signing_alg;
368  jwa_alg access_token_encryption_alg;
369  jwa_enc access_token_encryption_enc;
370  jwa_alg id_token_signing_alg;
371  jwa_alg id_token_encryption_alg;
372  jwa_enc id_token_encryption_enc;
373  jwa_alg userinfo_signing_alg;
374  jwa_alg userinfo_encryption_alg;
375  jwa_enc userinfo_encryption_enc;
376  jwa_alg request_object_signing_alg;
377  jwa_alg request_object_encryption_alg;
378  jwa_enc request_object_encryption_enc;
379  jwa_alg token_endpoint_signing_alg;
380  jwa_alg token_endpoint_encryption_alg;
381  jwa_enc token_endpoint_encryption_enc;
382  jwa_alg ciba_request_signing_alg;
383  jwa_alg ciba_request_encryption_alg;
384  jwa_enc ciba_request_encryption_enc;
385  jwa_alg auth_response_signing_alg;
386  jwa_alg auth_response_encryption_alg;
387  jwa_enc auth_response_encryption_enc;
388  char * ciba_endpoint;
389  unsigned int ciba_mode;
390  char * ciba_user_code;
391  char * ciba_login_hint;
392  unsigned int ciba_login_hint_format;
393  char * ciba_login_hint_kid;
394  char * ciba_binding_message;
395  time_t ciba_requested_expiry;
396  char * ciba_client_notification_token;
397  char * ciba_acr_values;
398  char * ciba_auth_req_id;
399  char * ciba_client_notification_endpoint;
400  unsigned int ciba_auth_req_expires_in;
401  unsigned int ciba_auth_req_interval;
402  char * frontchannel_logout_uri;
403  unsigned int frontchannel_logout_session_required;
404  char * backchannel_logout_uri;
405  unsigned int backchannel_logout_session_required;
406  char * post_logout_redirect_uri;
407  char * id_token_sid;
408  unsigned int save_http_request_response;
409  struct _u_request * saved_request;
410  struct _u_response * saved_response;
411 };
412 
429 int i_global_init();
430 
434 void i_global_close();
435 
441 void i_free(void * data);
442 
448 int i_init_session(struct _i_session * i_session);
449 
454 void i_clean_session(struct _i_session * i_session);
455 
478 int i_set_response_type(struct _i_session * i_session, unsigned int i_value);
479 
488 int i_set_result(struct _i_session * i_session, unsigned int i_value);
489 
508 int i_set_int_parameter(struct _i_session * i_session, i_option option, unsigned int i_value);
509 
550 int i_set_str_parameter(struct _i_session * i_session, i_option option, const char * s_value);
551 
559 int i_set_additional_parameter(struct _i_session * i_session, const char * s_key, const char * s_value);
560 
568 int i_set_additional_response(struct _i_session * i_session, const char * s_key, const char * s_value);
569 
583 int i_add_claim_request(struct _i_session * i_session, int target, const char * claim, int essential, const char * value);
584 
593 int i_remove_claim_request(struct _i_session * i_session, int target, const char * claim);
594 
602 int i_set_rich_authorization_request_json_t(struct _i_session * i_session, const char * type, json_t * j_value);
603 
611 int i_set_rich_authorization_request_str(struct _i_session * i_session, const char * type, const char * value);
612 
619 int i_remove_rich_authorization_request(struct _i_session * i_session, const char * type);
620 
627 json_t * i_get_rich_authorization_request_json_t(struct _i_session * i_session, const char * type);
628 
635 char * i_get_rich_authorization_request_str(struct _i_session * i_session, const char * type);
636 
648 unsigned int i_get_response_type(struct _i_session * i_session);
649 
655 unsigned int i_get_result(struct _i_session * i_session);
656 
670 unsigned int i_get_int_parameter(struct _i_session * i_session, i_option option);
671 
711 const char * i_get_str_parameter(struct _i_session * i_session, i_option option);
712 
719 const char * i_get_additional_parameter(struct _i_session * i_session, const char * s_key);
720 
727 const char * i_get_additional_response(struct _i_session * i_session, const char * s_key);
728 
734 json_t * i_get_server_configuration(struct _i_session * i_session);
735 
742 int i_set_server_configuration(struct _i_session * i_session, json_t * j_openid_config);
743 
749 json_t * i_get_server_jwks(struct _i_session * i_session);
750 
757 int i_set_server_jwks(struct _i_session * i_session, json_t * j_jwks);
758 
764 json_t * i_get_client_jwks(struct _i_session * i_session);
765 
772 int i_set_client_jwks(struct _i_session * i_session, json_t * j_jwks);
773 
787 int i_set_parameter_list(struct _i_session * i_session, ...);
788 
794 json_t * i_export_session_json_t(struct _i_session * i_session);
795 
803 int i_import_session_json_t(struct _i_session * i_session, json_t * j_import);
804 
810 char * i_export_session_str(struct _i_session * i_session);
811 
819 int i_import_session_str(struct _i_session * i_session, const char * str_import);
820 
829 int i_import_session_from_registration(struct _i_session * i_session, json_t * j_registration);
830 
846 int i_get_openid_config(struct _i_session * i_session);
847 
854 int i_build_auth_url_get(struct _i_session * i_session);
855 
862 int i_run_auth_request(struct _i_session * i_session);
863 
871 int i_parse_redirect_to(struct _i_session * i_session);
872 
879 int i_run_token_request(struct _i_session * i_session);
880 
889 int i_parse_token_response(struct _i_session * i_session, int http_status, json_t * j_response);
890 
896 int i_verify_id_token(struct _i_session * i_session);
897 
906 int i_verify_jwt_access_token(struct _i_session * i_session, const char * aud);
907 
918 int i_get_userinfo(struct _i_session * i_session, int get_jwt);
919 
933 int i_get_userinfo_custom(struct _i_session * i_session, const char * http_method, struct _u_map * additional_query, struct _u_map * additional_headers);
934 
948 int i_get_token_introspection(struct _i_session * i_session, json_t ** j_result, int authentication, int get_jwt);
949 
960 int i_revoke_token(struct _i_session * i_session, int authentication);
961 
974 int i_register_client(struct _i_session * i_session, json_t * j_parameters, int update_session, json_t ** j_result);
975 
983 int i_get_registration_client(struct _i_session * i_session, json_t ** j_result);
984 
997 int i_manage_registration_client(struct _i_session * i_session, json_t * j_parameters, int update_session, json_t ** j_result);
998 
1005 int i_delete_registration_client(struct _i_session * i_session);
1006 
1017 char * i_generate_dpop_token(struct _i_session * i_session, const char * htm, const char * htu, time_t iat, int add_ath);
1018 
1029 int i_verify_dpop_proof(const char * dpop_header, const char * htm, const char * htu, time_t max_iat, const char * jkt, const char * access_token);
1030 
1038 char * i_generate_client_assertion(struct _i_session * i_session, const char * aud);
1039 
1056 int i_perform_resource_service_request(struct _i_session * i_session, struct _u_request * http_request, struct _u_response * http_response, int refresh_if_expired, int bearer_type, int use_dpop, time_t dpop_iat);
1057 
1064 int i_run_par_request(struct _i_session * i_session);
1065 
1072 int i_run_device_auth_request(struct _i_session * i_session);
1073 
1080 int i_run_ciba_request(struct _i_session * i_session);
1081 
1089 char * i_build_end_session_url(struct _i_session * i_session);
1090 
1097 int i_verify_end_session_backchannel_token(struct _i_session * i_session, const char * token);
1098 
1111 int i_close_session(struct _i_session * i_session, const char * sid);
1112 
1117 #ifdef __cplusplus
1118 }
1119 #endif
1120 
1121 #endif // __IDDAWC_H_
i_option
i_option
Definition: iddawc.h:139
I_OPT_EXPIRES_AT
@ I_OPT_EXPIRES_AT
expires_at value after a succesfull auth or token request, time_t
Definition: iddawc.h:170
I_OPT_TOKEN_TYPE
@ I_OPT_TOKEN_TYPE
token_type value after a succesfull auth or token request, string
Definition: iddawc.h:168
I_OPT_CIBA_ENDPOINT
@ I_OPT_CIBA_ENDPOINT
absolute url for the CIBA endpoint or equivalent, string
Definition: iddawc.h:243
I_OPT_SAVE_HTTP_REQUEST_RESPONSE
@ I_OPT_SAVE_HTTP_REQUEST_RESPONSE
Save HTTP request and response.
Definition: iddawc.h:265
I_OPT_PUSHED_AUTH_REQ_REQUIRED
@ I_OPT_PUSHED_AUTH_REQ_REQUIRED
are pushed authorization requests required, boolean
Definition: iddawc.h:205
I_OPT_TOKEN_EXP
@ I_OPT_TOKEN_EXP
JWT token request expiration time in seconds.
Definition: iddawc.h:188
I_OPT_DEVICE_AUTH_CODE
@ I_OPT_DEVICE_AUTH_CODE
device authorization code sent by the AS
Definition: iddawc.h:196
I_OPT_DPOP_SIGN_ALG
@ I_OPT_DPOP_SIGN_ALG
signature algorithm to use when the client signs a DPoP, values available are 'none',...
Definition: iddawc.h:213
I_OPT_ISSUER
@ I_OPT_ISSUER
issuer value, string
Definition: iddawc.h:173
I_OPT_REMOTE_CERT_FLAG
@ I_OPT_REMOTE_CERT_FLAG
Flags to use with remote connexions to ignore incorrect certificates, flags available are I_REMOTE_HO...
Definition: iddawc.h:217
I_OPT_ACCESS_TOKEN
@ I_OPT_ACCESS_TOKEN
access token given after a succesfull auth or token request using the proper response_type
Definition: iddawc.h:164
I_OPT_REQUEST_OBJECT_ENCRYPTION_ALG
@ I_OPT_REQUEST_OBJECT_ENCRYPTION_ALG
registration value request_object_encryption_alg to specify a key management algorithm for request_ob...
Definition: iddawc.h:232
I_OPT_PUSHED_AUTH_REQ_ENDPOINT
@ I_OPT_PUSHED_AUTH_REQ_ENDPOINT
absolute url for the pushed authoization endpoint, string
Definition: iddawc.h:204
I_OPT_TOKEN_JTI
@ I_OPT_TOKEN_JTI
jti value, string
Definition: iddawc.h:186
I_OPT_TOKEN_TARGET
@ I_OPT_TOKEN_TARGET
access_token which is the target of a revocation or an introspection, string
Definition: iddawc.h:189
I_OPT_INTROSPECTION_ENDPOINT
@ I_OPT_INTROSPECTION_ENDPOINT
absolute url for the introspection endpoint, string
Definition: iddawc.h:192
I_OPT_REQUEST_OBJECT_SIGNING_ALG
@ I_OPT_REQUEST_OBJECT_SIGNING_ALG
registration value request_object_signing_alg to specify a signing algorithm for request_object
Definition: iddawc.h:231
I_OPT_TOKEN_TARGET_TYPE_HINT
@ I_OPT_TOKEN_TARGET_TYPE_HINT
access_token which is the target of a revocation or an introspection, string
Definition: iddawc.h:190
I_OPT_CIBA_AUTH_REQ_EXPIRES_IN
@ I_OPT_CIBA_AUTH_REQ_EXPIRES_IN
expiration of the request in seconds received by the server on succesfull request
Definition: iddawc.h:257
I_OPT_USERINFO_ENCRYPTION_ALG
@ I_OPT_USERINFO_ENCRYPTION_ALG
registration value userinfo_encryption_alg to specify a key management algorithm for userinfo
Definition: iddawc.h:229
I_OPT_CIBA_ACR_VALUES_APPEND
@ I_OPT_CIBA_ACR_VALUES_APPEND
append another ACR value to the ACR values list, string
Definition: iddawc.h:254
I_OPT_TOKEN_METHOD
@ I_OPT_TOKEN_METHOD
Authentication method to use with the token endpoint, values available are I_TOKEN_AUTH_METHOD_SECRET...
Definition: iddawc.h:167
I_OPT_PKCE_CODE_VERIFIER_GENERATE
@ I_OPT_PKCE_CODE_VERIFIER_GENERATE
Generate a random PKCE code verifier.
Definition: iddawc.h:219
I_OPT_CIBA_ACR_VALUES
@ I_OPT_CIBA_ACR_VALUES
ACR values that the OpenID Provider is being requested to use for processing this Authentication Requ...
Definition: iddawc.h:253
I_OPT_CIBA_LOGIN_HINT
@ I_OPT_CIBA_LOGIN_HINT
CIBA login_hint value, mandatory on CIBA requests.
Definition: iddawc.h:246
I_OPT_BACKCHANNEL_LOGOUT_SESSION_REQUIRED
@ I_OPT_BACKCHANNEL_LOGOUT_SESSION_REQUIRED
Backchannel logout session required.
Definition: iddawc.h:262
I_OPT_ACCESS_TOKEN_SIGNING_ALG
@ I_OPT_ACCESS_TOKEN_SIGNING_ALG
registration value access_token_signing_alg to specify a signing algorithm for access_token
Definition: iddawc.h:222
I_OPT_X5U_FLAGS
@ I_OPT_X5U_FLAGS
x5u flage to apply when JWK used have a x5u property, values available are R_FLAG_IGNORE_SERVER_CERTI...
Definition: iddawc.h:177
I_OPT_TOKEN_JTI_GENERATE
@ I_OPT_TOKEN_JTI_GENERATE
Generate a random jti value.
Definition: iddawc.h:187
I_OPT_SERVER_KID
@ I_OPT_SERVER_KID
key id to use if multiple jwk are available on the server, string
Definition: iddawc.h:178
I_OPT_BACKCHANNEL_LOGOUT_URI
@ I_OPT_BACKCHANNEL_LOGOUT_URI
Backchannel logout URI.
Definition: iddawc.h:261
I_OPT_PKCE_METHOD
@ I_OPT_PKCE_METHOD
PKCE method to use, values available are I_PKCE_NONE (no PKCE, default), I_PKCE_METHOD_PLAIN or I_PKC...
Definition: iddawc.h:220
I_OPT_CODE
@ I_OPT_CODE
code given after a succesfull auth request using the response_type I_RESPONSE_TYPE_CODE
Definition: iddawc.h:162
I_OPT_PKCE_CODE_VERIFIER
@ I_OPT_PKCE_CODE_VERIFIER
PKCE code verifier, must be a string of 43 characters minumum only using the characters [A-Z] / [a-z]...
Definition: iddawc.h:218
I_OPT_AUTH_RESPONSE_ENCRYPTION_ENC
@ I_OPT_AUTH_RESPONSE_ENCRYPTION_ENC
registration value auth_response_encryption_enc to specify an encryption algorithm for auth_response
Definition: iddawc.h:242
I_OPT_USERINFO_SIGNING_ALG
@ I_OPT_USERINFO_SIGNING_ALG
registration value userinfo_signing_alg to specify a signing algorithm for userinfo
Definition: iddawc.h:228
I_OPT_CIBA_LOGIN_HINT_KID
@ I_OPT_CIBA_LOGIN_HINT_KID
key id to use to sign CIBA requests or login_hint_token if multiple jwk are available on the client,...
Definition: iddawc.h:248
I_OPT_CIBA_REQUEST_SIGNING_ALG
@ I_OPT_CIBA_REQUEST_SIGNING_ALG
registration value ciba_request_signing_alg to specify a signing algorithm for ciba_request
Definition: iddawc.h:237
I_OPT_USE_DPOP
@ I_OPT_USE_DPOP
Generate and use a DPoP when accessing endpoints userinfo, introspection and revocation.
Definition: iddawc.h:208
I_OPT_CIBA_LOGIN_HINT_FORMAT
@ I_OPT_CIBA_LOGIN_HINT_FORMAT
CIBA login_hint format, values available are I_CIBA_LOGIN_HINT_FORMAT_JSON, I_CIBA_LOGIN_HINT_FORMAT_...
Definition: iddawc.h:247
I_OPT_OPENID_CONFIG_ENDPOINT
@ I_OPT_OPENID_CONFIG_ENDPOINT
absolute url for the .well-known/openid-configuration endpoint, string
Definition: iddawc.h:154
I_OPT_REGISTRATION_CLIENT_URI
@ I_OPT_REGISTRATION_CLIENT_URI
absolute url for the client registration management endpoint, string
Definition: iddawc.h:194
I_OPT_ID_TOKEN
@ I_OPT_ID_TOKEN
id_token given after a succesfull auth or token request using the proper response_type
Definition: iddawc.h:165
I_OPT_DEVICE_AUTHORIZATION_ENDPOINT
@ I_OPT_DEVICE_AUTHORIZATION_ENDPOINT
absolute url for the pushed authorization endpoint, string
Definition: iddawc.h:195
I_OPT_CIBA_AUTH_REQ_ID
@ I_OPT_CIBA_AUTH_REQ_ID
auth_req_id value received by the server on succesfull request
Definition: iddawc.h:255
I_OPT_OPENID_CONFIG
@ I_OPT_OPENID_CONFIG
result of the .well-known/openid-configuration
Definition: iddawc.h:155
I_OPT_TOKEN_ENDPOINT_ENCRYPTION_ALG
@ I_OPT_TOKEN_ENDPOINT_ENCRYPTION_ALG
registration value token_endpoint_encryption_alg to specify a key management algorithm for token_endp...
Definition: iddawc.h:235
I_OPT_HTTP_PROXY
@ I_OPT_HTTP_PROXY
HTTP proxy address to use for outgoing connections.
Definition: iddawc.h:214
I_OPT_NONE
@ I_OPT_NONE
Empty option to complete a i_set_parameter_list.
Definition: iddawc.h:140
I_OPT_CHECK_SESSION_IRAME
@ I_OPT_CHECK_SESSION_IRAME
absolute url for the check session iframe, string
Definition: iddawc.h:203
I_OPT_DEVICE_AUTH_EXPIRES_IN
@ I_OPT_DEVICE_AUTH_EXPIRES_IN
device authorization code expiration sent by the AS
Definition: iddawc.h:200
I_OPT_TLS_KEY_FILE
@ I_OPT_TLS_KEY_FILE
Path to the private key PEM file to use in a TLS authentication.
Definition: iddawc.h:215
I_OPT_ID_TOKEN_ENCRYPTION_ENC
@ I_OPT_ID_TOKEN_ENCRYPTION_ENC
registration value id_token_encryption_enc to specify an encryption algorithm for id_token
Definition: iddawc.h:227
I_OPT_DEVICE_AUTH_INTERVAL
@ I_OPT_DEVICE_AUTH_INTERVAL
device authorization code verification interval sent by the AS
Definition: iddawc.h:201
I_OPT_DPOP_NONCE_RS
@ I_OPT_DPOP_NONCE_RS
DPoP Nonce for the RS.
Definition: iddawc.h:267
I_OPT_REDIRECT_URI
@ I_OPT_REDIRECT_URI
redirect_uri, string
Definition: iddawc.h:146
I_OPT_FRONTCHANNEL_LOGOUT_SESSION_REQUIRED
@ I_OPT_FRONTCHANNEL_LOGOUT_SESSION_REQUIRED
Frontchannel logout session required.
Definition: iddawc.h:260
I_OPT_ACCESS_TOKEN_ENCRYPTION_ALG
@ I_OPT_ACCESS_TOKEN_ENCRYPTION_ALG
registration value access_token_encryption_alg to specify a key management algorithm for access_token
Definition: iddawc.h:223
I_OPT_CLIENT_ENC_ALG
@ I_OPT_CLIENT_ENC_ALG
key encryption algorithm to use when the client encrypts a request in a JWT, values available are 'RS...
Definition: iddawc.h:184
I_OPT_ERROR_URI
@ I_OPT_ERROR_URI
error uri of a failed request, string
Definition: iddawc.h:161
I_OPT_TOKEN_ENDPOINT_ENCRYPTION_ENC
@ I_OPT_TOKEN_ENDPOINT_ENCRYPTION_ENC
registration value token_endpoint_encryption_enc to specify an encryption algorithm for token_endpoin...
Definition: iddawc.h:236
I_OPT_CIBA_MODE
@ I_OPT_CIBA_MODE
backchannel token delivery mode, values available are I_CIBA_MODE_NONE, I_CIBA_MODE_POLL,...
Definition: iddawc.h:244
I_OPT_CLIENT_KID
@ I_OPT_CLIENT_KID
key id to use if multiple jwk are available on the client, string
Definition: iddawc.h:182
I_OPT_REDIRECT_TO
@ I_OPT_REDIRECT_TO
url where the oauth2 is redirected to after a /auth request
Definition: iddawc.h:147
I_OPT_CIBA_CLIENT_NOTIFICATION_TOKEN
@ I_OPT_CIBA_CLIENT_NOTIFICATION_TOKEN
client_notification_token value to use on CIBA requests, string, mandatory if mode is ping or push
Definition: iddawc.h:251
I_OPT_POST_LOGOUT_REDIRECT_URI
@ I_OPT_POST_LOGOUT_REDIRECT_URI
Post logout redirect URI.
Definition: iddawc.h:263
I_OPT_ADDITIONAL_RESPONSE
@ I_OPT_ADDITIONAL_RESPONSE
Definition: iddawc.h:151
I_OPT_DECRYPT_ACCESS_TOKEN
@ I_OPT_DECRYPT_ACCESS_TOKEN
Decrypt access token when received by the AS as a JWE.
Definition: iddawc.h:212
I_OPT_DECRYPT_REFRESH_TOKEN
@ I_OPT_DECRYPT_REFRESH_TOKEN
Decrypt refresh token when received by the AS as a JWE.
Definition: iddawc.h:211
I_OPT_NONCE
@ I_OPT_NONCE
nonce value, string
Definition: iddawc.h:145
I_OPT_DECRYPT_CODE
@ I_OPT_DECRYPT_CODE
Decrypt code when received by the AS as a JWE.
Definition: iddawc.h:210
I_OPT_RESOURCE_INDICATOR
@ I_OPT_RESOURCE_INDICATOR
Resource indicator as detailed in the RFC 8707.
Definition: iddawc.h:221
I_OPT_CIBA_USER_CODE
@ I_OPT_CIBA_USER_CODE
CIBA user code to specify in the CIBA request, string, optional.
Definition: iddawc.h:245
I_OPT_PUSHED_AUTH_REQ_EXPIRES_IN
@ I_OPT_PUSHED_AUTH_REQ_EXPIRES_IN
pushed authorization request expiration time in seconds
Definition: iddawc.h:206
I_OPT_USER_PASSWORD
@ I_OPT_USER_PASSWORD
password for password response_types, string
Definition: iddawc.h:172
I_OPT_PUSHED_AUTH_REQ_URI
@ I_OPT_PUSHED_AUTH_REQ_URI
request_uri sent by the par endpoint result, string
Definition: iddawc.h:207
I_OPT_REVOCATION_ENDPOINT
@ I_OPT_REVOCATION_ENDPOINT
absolute url for the revocation endpoint, string
Definition: iddawc.h:191
I_OPT_AUTH_RESPONSE_ENCRYPTION_ALG
@ I_OPT_AUTH_RESPONSE_ENCRYPTION_ALG
registration value auth_response_encryption_alg to specify a key management algorithm for auth_respon...
Definition: iddawc.h:241
I_OPT_CIBA_REQUEST_ENCRYPTION_ALG
@ I_OPT_CIBA_REQUEST_ENCRYPTION_ALG
registration value ciba_request_encryption_alg to specify a key management algorithm for ciba_request
Definition: iddawc.h:238
I_OPT_ACCESS_TOKEN_ENCRYPTION_ENC
@ I_OPT_ACCESS_TOKEN_ENCRYPTION_ENC
registration value access_token_encryption_enc to specify an encryption algorithm for access_token
Definition: iddawc.h:224
I_OPT_SERVER_ENC_ALG
@ I_OPT_SERVER_ENC_ALG
Key management algorithm to use when sending encrypted messages to the AS.
Definition: iddawc.h:179
I_OPT_TOKEN_ENDPOINT
@ I_OPT_TOKEN_ENDPOINT
absolute url for the token endpoint, string
Definition: iddawc.h:153
I_OPT_REFRESH_TOKEN
@ I_OPT_REFRESH_TOKEN
refresh token given after a succesfull token request using the proper response_type
Definition: iddawc.h:163
I_OPT_TLS_CERT_FILE
@ I_OPT_TLS_CERT_FILE
Path to the certificate PEM file to use in a TLS authentication.
Definition: iddawc.h:216
I_OPT_STATE_GENERATE
@ I_OPT_STATE_GENERATE
Generate a random state value.
Definition: iddawc.h:176
I_OPT_CLIENT_SECRET
@ I_OPT_CLIENT_SECRET
client secret, string
Definition: iddawc.h:149
I_OPT_REQUEST_OBJECT_ENCRYPTION_ENC
@ I_OPT_REQUEST_OBJECT_ENCRYPTION_ENC
registration value request_object_encryption_enc to specify an encryption algorithm for request_objec...
Definition: iddawc.h:233
I_OPT_AUTH_RESPONSE_SIGNING_ALG
@ I_OPT_AUTH_RESPONSE_SIGNING_ALG
registration value auth_response_signing_alg to specify a signing algorithm for auth_response
Definition: iddawc.h:240
I_OPT_CLIENT_SIGN_ALG
@ I_OPT_CLIENT_SIGN_ALG
signature algorithm to use when the client signs a request in a JWT, values available are 'none',...
Definition: iddawc.h:183
I_OPT_SCOPE_APPEND
@ I_OPT_SCOPE_APPEND
append another scope value to the scope list, string
Definition: iddawc.h:143
I_OPT_DEVICE_AUTH_VERIFICATION_URI
@ I_OPT_DEVICE_AUTH_VERIFICATION_URI
device authorization verification URI sent by the AS
Definition: iddawc.h:198
I_OPT_ID_TOKEN_SID
@ I_OPT_ID_TOKEN_SID
ID_Token SID.
Definition: iddawc.h:264
I_OPT_CIBA_CLIENT_NOTIFICATION_ENDPOINT
@ I_OPT_CIBA_CLIENT_NOTIFICATION_ENDPOINT
backchannel_client_notification_endpoint value to specify the url for ping or push modes
Definition: iddawc.h:256
I_OPT_REGISTRATION_ENDPOINT
@ I_OPT_REGISTRATION_ENDPOINT
absolute url for the client registration endpoint, string
Definition: iddawc.h:193
I_OPT_CIBA_BINDING_MESSAGE
@ I_OPT_CIBA_BINDING_MESSAGE
CIBA binding message to specify in the CIBA request, string, optional.
Definition: iddawc.h:249
I_OPT_SERVER_ENC
@ I_OPT_SERVER_ENC
Encryption algorithm to use when sending encrypted messages to the AS.
Definition: iddawc.h:180
I_OPT_CIBA_CLIENT_NOTIFICATION_TOKEN_GENERATE
@ I_OPT_CIBA_CLIENT_NOTIFICATION_TOKEN_GENERATE
Generate a random client_notification_token of the specified length.
Definition: iddawc.h:252
I_OPT_CLIENT_ENC
@ I_OPT_CLIENT_ENC
data encryption algorithm to use when the client encrypts a request in a JWT, values available are 'A...
Definition: iddawc.h:185
I_OPT_EXPIRES_IN
@ I_OPT_EXPIRES_IN
expires_in value after a succesfull auth or token request, integer
Definition: iddawc.h:169
I_OPT_CLIENT_ID
@ I_OPT_CLIENT_ID
client_id, string
Definition: iddawc.h:148
I_OPT_RESPONSE_TYPE
@ I_OPT_RESPONSE_TYPE
response_type, values available are I_RESPONSE_TYPE_CODE, I_RESPONSE_TYPE_TOKEN, I_RESPONSE_TYPE_ID_T...
Definition: iddawc.h:141
I_OPT_ERROR_DESCRIPTION
@ I_OPT_ERROR_DESCRIPTION
error description of a failed request, string
Definition: iddawc.h:160
I_OPT_AUTH_METHOD
@ I_OPT_AUTH_METHOD
Authentication method to use with the auth endpoint, values available are I_AUTH_METHOD_GET,...
Definition: iddawc.h:166
I_OPT_DEVICE_AUTH_USER_CODE
@ I_OPT_DEVICE_AUTH_USER_CODE
device authorization user code sent by the AS
Definition: iddawc.h:197
I_OPT_ID_TOKEN_ENCRYPTION_ALG
@ I_OPT_ID_TOKEN_ENCRYPTION_ALG
registration value id_token_encryption_alg to specify a key management algorithm for id_token
Definition: iddawc.h:226
I_OPT_END_SESSION_ENDPOINT
@ I_OPT_END_SESSION_ENDPOINT
absolute url for the end session endpoint, string
Definition: iddawc.h:202
I_OPT_DPOP_NONCE_AS
@ I_OPT_DPOP_NONCE_AS
DPoP Nonce for the AS.
Definition: iddawc.h:266
I_OPT_CIBA_REQUEST_ENCRYPTION_ENC
@ I_OPT_CIBA_REQUEST_ENCRYPTION_ENC
registration value ciba_request_encryption_enc to specify an encryption algorithm for ciba_request
Definition: iddawc.h:239
I_OPT_ID_TOKEN_SIGNING_ALG
@ I_OPT_ID_TOKEN_SIGNING_ALG
registration value id_token_signing_alg to specify a signing algorithm for id_token
Definition: iddawc.h:225
I_OPT_ERROR
@ I_OPT_ERROR
error value of a failed request, string
Definition: iddawc.h:159
I_OPT_USERINFO_ENDPOINT
@ I_OPT_USERINFO_ENDPOINT
absolute url for the userinfo endpoint or equivalent, string
Definition: iddawc.h:157
I_OPT_FRONTCHANNEL_LOGOUT_URI
@ I_OPT_FRONTCHANNEL_LOGOUT_URI
Frontchannel logout URI.
Definition: iddawc.h:259
I_OPT_STATE
@ I_OPT_STATE
state value, string
Definition: iddawc.h:144
I_OPT_SERVER_JWKS_CACHE_EXPIRATION
@ I_OPT_SERVER_JWKS_CACHE_EXPIRATION
Cache expiration for the server JWKS.
Definition: iddawc.h:181
I_OPT_TOKEN_ENDPOINT_SIGNING_ALG
@ I_OPT_TOKEN_ENDPOINT_SIGNING_ALG
registration value token_endpoint_signing_alg to specify a signing algorithm for token_endpoint
Definition: iddawc.h:234
I_OPT_AUTH_ENDPOINT
@ I_OPT_AUTH_ENDPOINT
absolute url for the auth endpoint, string
Definition: iddawc.h:152
I_OPT_USERNAME
@ I_OPT_USERNAME
username for password response_types, string
Definition: iddawc.h:171
I_OPT_OPENID_CONFIG_STRICT
@ I_OPT_OPENID_CONFIG_STRICT
must the .well-known/openid-configuration parameters be strictly verified? After i_init_session(),...
Definition: iddawc.h:156
I_OPT_CIBA_AUTH_REQ_INTERVAL
@ I_OPT_CIBA_AUTH_REQ_INTERVAL
Interval to poll token endpoint on poll mode in seconds.
Definition: iddawc.h:258
I_OPT_SCOPE
@ I_OPT_SCOPE
scope values, string, multiple scopes must be separated by a space character: "scope1 openid"
Definition: iddawc.h:142
I_OPT_USERINFO_ENCRYPTION_ENC
@ I_OPT_USERINFO_ENCRYPTION_ENC
registration value userinfo_encryption_enc to specify an encryption algorithm for userinfo
Definition: iddawc.h:230
I_OPT_CIBA_REQUESTED_EXPIRY
@ I_OPT_CIBA_REQUESTED_EXPIRY
CIBA binding message to specify in the CIBA request, string, optional.
Definition: iddawc.h:250
I_OPT_NONCE_GENERATE
@ I_OPT_NONCE_GENERATE
Generate a random nonce value.
Definition: iddawc.h:175
I_OPT_USERINFO
@ I_OPT_USERINFO
userinfo result, string
Definition: iddawc.h:174
I_OPT_ADDITIONAL_PARAMETER
@ I_OPT_ADDITIONAL_PARAMETER
use this option to pass any additional parameter value in the /auth request
Definition: iddawc.h:150
I_OPT_DPOP_KID
@ I_OPT_DPOP_KID
key id to use when signing a DPoP
Definition: iddawc.h:209
I_OPT_RESULT
@ I_OPT_RESULT
result of a request
Definition: iddawc.h:158
I_OPT_DEVICE_AUTH_VERIFICATION_URI_COMPLETE
@ I_OPT_DEVICE_AUTH_VERIFICATION_URI_COMPLETE
device authorization verification URI complete sent by the AS
Definition: iddawc.h:199
i_init_session
int i_init_session(struct _i_session *i_session)
Definition: iddawc.c:1805
i_clean_session
void i_clean_session(struct _i_session *i_session)
Definition: iddawc.c:1968
i_global_init
int i_global_init()
Definition: iddawc.c:1787
i_free
void i_free(void *data)
Definition: iddawc.c:1801
i_global_close
void i_global_close()
Definition: iddawc.c:1796
i_set_rich_authorization_request_json_t
int i_set_rich_authorization_request_json_t(struct _i_session *i_session, const char *type, json_t *j_value)
Definition: iddawc.c:6703
i_set_server_jwks
int i_set_server_jwks(struct _i_session *i_session, json_t *j_jwks)
Definition: iddawc.c:3968
i_set_result
int i_set_result(struct _i_session *i_session, unsigned int i_value)
Definition: iddawc.c:2051
i_set_additional_parameter
int i_set_additional_parameter(struct _i_session *i_session, const char *s_key, const char *s_value)
Definition: iddawc.c:2993
i_remove_claim_request
int i_remove_claim_request(struct _i_session *i_session, int target, const char *claim)
Definition: iddawc.c:3060
i_get_int_parameter
unsigned int i_get_int_parameter(struct _i_session *i_session, i_option option)
Definition: iddawc.c:3459
i_set_response_type
int i_set_response_type(struct _i_session *i_session, unsigned int i_value)
Definition: iddawc.c:2047
i_add_claim_request
int i_add_claim_request(struct _i_session *i_session, int target, const char *claim, int essential, const char *value)
Definition: iddawc.c:3017
i_export_session_str
char * i_export_session_str(struct _i_session *i_session)
Definition: iddawc.c:6251
i_import_session_json_t
int i_import_session_json_t(struct _i_session *i_session, json_t *j_import)
Definition: iddawc.c:6078
i_get_server_jwks
json_t * i_get_server_jwks(struct _i_session *i_session)
Definition: iddawc.c:3960
i_get_client_jwks
json_t * i_get_client_jwks(struct _i_session *i_session)
Definition: iddawc.c:3983
i_get_additional_parameter
const char * i_get_additional_parameter(struct _i_session *i_session, const char *s_key)
Definition: iddawc.c:3914
i_export_session_json_t
json_t * i_export_session_json_t(struct _i_session *i_session)
Definition: iddawc.c:5913
i_get_additional_response
const char * i_get_additional_response(struct _i_session *i_session, const char *s_key)
Definition: iddawc.c:3922
i_set_parameter_list
int i_set_parameter_list(struct _i_session *i_session,...)
Definition: iddawc.c:3093
i_get_str_parameter
const char * i_get_str_parameter(struct _i_session *i_session, i_option option)
Definition: iddawc.c:3635
i_remove_rich_authorization_request
int i_remove_rich_authorization_request(struct _i_session *i_session, const char *type)
Definition: iddawc.c:6726
i_get_server_configuration
json_t * i_get_server_configuration(struct _i_session *i_session)
Definition: iddawc.c:3930
i_set_int_parameter
int i_set_int_parameter(struct _i_session *i_session, i_option option, unsigned int i_value)
Definition: iddawc.c:2055
i_import_session_str
int i_import_session_str(struct _i_session *i_session, const char *str_import)
Definition: iddawc.c:6262
i_get_response_type
unsigned int i_get_response_type(struct _i_session *i_session)
Definition: iddawc.c:3451
i_set_server_configuration
int i_set_server_configuration(struct _i_session *i_session, json_t *j_openid_config)
Definition: iddawc.c:3938
i_import_session_from_registration
int i_import_session_from_registration(struct _i_session *i_session, json_t *j_registration)
Definition: iddawc.c:6280
i_get_rich_authorization_request_str
char * i_get_rich_authorization_request_str(struct _i_session *i_session, const char *type)
Definition: iddawc.c:6763
i_get_rich_authorization_request_json_t
json_t * i_get_rich_authorization_request_json_t(struct _i_session *i_session, const char *type)
Definition: iddawc.c:6746
i_set_str_parameter
int i_set_str_parameter(struct _i_session *i_session, i_option option, const char *s_value)
Definition: iddawc.c:2247
i_get_result
unsigned int i_get_result(struct _i_session *i_session)
Definition: iddawc.c:3455
i_set_client_jwks
int i_set_client_jwks(struct _i_session *i_session, json_t *j_jwks)
Definition: iddawc.c:3991
i_set_additional_response
int i_set_additional_response(struct _i_session *i_session, const char *s_key, const char *s_value)
Definition: iddawc.c:3005
i_set_rich_authorization_request_str
int i_set_rich_authorization_request_str(struct _i_session *i_session, const char *type, const char *value)
Definition: iddawc.c:6683
i_verify_end_session_backchannel_token
int i_verify_end_session_backchannel_token(struct _i_session *i_session, const char *token)
Definition: iddawc.c:7312
i_parse_token_response
int i_parse_token_response(struct _i_session *i_session, int http_status, json_t *j_response)
Definition: iddawc.c:4315
i_revoke_token
int i_revoke_token(struct _i_session *i_session, int authentication)
Definition: iddawc.c:5133
i_build_auth_url_get
int i_build_auth_url_get(struct _i_session *i_session)
Definition: iddawc.c:4006
i_perform_resource_service_request
int i_perform_resource_service_request(struct _i_session *i_session, struct _u_request *http_request, struct _u_response *http_response, int refresh_if_expired, int bearer_type, int use_dpop, time_t dpop_iat)
Definition: iddawc.c:6422
i_run_auth_request
int i_run_auth_request(struct _i_session *i_session)
Definition: iddawc.c:4182
i_get_userinfo_custom
int i_get_userinfo_custom(struct _i_session *i_session, const char *http_method, struct _u_map *additional_query, struct _u_map *additional_headers)
Definition: iddawc.c:3318
i_verify_jwt_access_token
int i_verify_jwt_access_token(struct _i_session *i_session, const char *aud)
Definition: iddawc.c:5080
i_get_userinfo
int i_get_userinfo(struct _i_session *i_session, int get_jwt)
Definition: iddawc.c:3301
i_run_device_auth_request
int i_run_device_auth_request(struct _i_session *i_session)
Definition: iddawc.c:6775
i_generate_dpop_token
char * i_generate_dpop_token(struct _i_session *i_session, const char *htm, const char *htu, time_t iat, int add_ath)
Definition: iddawc.c:6328
i_generate_client_assertion
char * i_generate_client_assertion(struct _i_session *i_session, const char *aud)
Definition: iddawc.c:6657
i_get_registration_client
int i_get_registration_client(struct _i_session *i_session, json_t **j_result)
Definition: iddawc.c:5581
i_verify_id_token
int i_verify_id_token(struct _i_session *i_session)
Definition: iddawc.c:4921
i_run_ciba_request
int i_run_ciba_request(struct _i_session *i_session)
Definition: iddawc.c:7035
i_build_end_session_url
char * i_build_end_session_url(struct _i_session *i_session)
Definition: iddawc.c:7297
i_get_openid_config
int i_get_openid_config(struct _i_session *i_session)
Definition: iddawc.c:3258
i_parse_redirect_to
int i_parse_redirect_to(struct _i_session *i_session)
Definition: iddawc.c:3554
i_delete_registration_client
int i_delete_registration_client(struct _i_session *i_session)
Definition: iddawc.c:5835
i_get_token_introspection
int i_get_token_introspection(struct _i_session *i_session, json_t **j_result, int authentication, int get_jwt)
Definition: iddawc.c:5247
i_verify_dpop_proof
int i_verify_dpop_proof(const char *dpop_header, const char *htm, const char *htu, time_t max_iat, const char *jkt, const char *access_token)
Definition: iddawc.c:6526
i_manage_registration_client
int i_manage_registration_client(struct _i_session *i_session, json_t *j_parameters, int update_session, json_t **j_result)
Definition: iddawc.c:5652
i_run_par_request
int i_run_par_request(struct _i_session *i_session)
Definition: iddawc.c:6893
i_register_client
int i_register_client(struct _i_session *i_session, json_t *j_parameters, int update_session, json_t **j_result)
Definition: iddawc.c:5399
i_run_token_request
int i_run_token_request(struct _i_session *i_session)
Definition: iddawc.c:4433
i_close_session
int i_close_session(struct _i_session *i_session, const char *sid)
Definition: iddawc.c:7363
_i_session
Definition: iddawc.h:280
_i_session::ciba_request_encryption_alg
jwa_alg ciba_request_encryption_alg
Definition: iddawc.h:383
_i_session::error_description
char * error_description
Definition: iddawc.h:307
_i_session::userinfo_encryption_alg
jwa_alg userinfo_encryption_alg
Definition: iddawc.h:374
_i_session::pushed_authorization_request_expires_in
unsigned int pushed_authorization_request_expires_in
Definition: iddawc.h:349
_i_session::expires_at
time_t expires_at
Definition: iddawc.h:317
_i_session::ciba_mode
unsigned int ciba_mode
Definition: iddawc.h:389
_i_session::additional_response
struct _u_map additional_response
Definition: iddawc.h:292
_i_session::device_authorization_endpoint
char * device_authorization_endpoint
Definition: iddawc.h:301
_i_session::id_token_encryption_enc
jwa_enc id_token_encryption_enc
Definition: iddawc.h:372
_i_session::request_object_signing_alg
jwa_alg request_object_signing_alg
Definition: iddawc.h:376
_i_session::additional_parameters
struct _u_map additional_parameters
Definition: iddawc.h:291
_i_session::server_jwks_cache_expires_at
time_t server_jwks_cache_expires_at
Definition: iddawc.h:324
_i_session::ciba_request_encryption_enc
jwa_enc ciba_request_encryption_enc
Definition: iddawc.h:384
_i_session::id_token_sid
char * id_token_sid
Definition: iddawc.h:407
_i_session::dpop_nonce_as
char * dpop_nonce_as
Definition: iddawc.h:354
_i_session::client_enc_alg
jwa_alg client_enc_alg
Definition: iddawc.h:331
_i_session::auth_response_signing_alg
jwa_alg auth_response_signing_alg
Definition: iddawc.h:385
_i_session::token_target
char * token_target
Definition: iddawc.h:313
_i_session::registration_client_uri
char * registration_client_uri
Definition: iddawc.h:303
_i_session::device_auth_interval
unsigned int device_auth_interval
Definition: iddawc.h:347
_i_session::ciba_login_hint_format
unsigned int ciba_login_hint_format
Definition: iddawc.h:392
_i_session::access_token_payload
json_t * access_token_payload
Definition: iddawc.h:312
_i_session::device_auth_verification_uri
char * device_auth_verification_uri
Definition: iddawc.h:344
_i_session::token_endpoint_signing_alg
jwa_alg token_endpoint_signing_alg
Definition: iddawc.h:379
_i_session::ciba_auth_req_interval
unsigned int ciba_auth_req_interval
Definition: iddawc.h:401
_i_session::ciba_client_notification_endpoint
char * ciba_client_notification_endpoint
Definition: iddawc.h:399
_i_session::device_auth_code
char * device_auth_code
Definition: iddawc.h:342
_i_session::response_type
unsigned int response_type
Definition: iddawc.h:281
_i_session::dpop_nonce_rs
char * dpop_nonce_rs
Definition: iddawc.h:355
_i_session::redirect_to
char * redirect_to
Definition: iddawc.h:286
_i_session::server_enc
jwa_enc server_enc
Definition: iddawc.h:327
_i_session::require_pushed_authorization_requests
unsigned int require_pushed_authorization_requests
Definition: iddawc.h:348
_i_session::token_jti
char * token_jti
Definition: iddawc.h:339
_i_session::id_token_encryption_alg
jwa_alg id_token_encryption_alg
Definition: iddawc.h:371
_i_session::token_target_type_hint
char * token_target_type_hint
Definition: iddawc.h:314
_i_session::resource_indicator
char * resource_indicator
Definition: iddawc.h:366
_i_session::x5u_flags
int x5u_flags
Definition: iddawc.h:333
_i_session::redirect_uri
char * redirect_uri
Definition: iddawc.h:285
_i_session::client_jwks
jwks_t * client_jwks
Definition: iddawc.h:328
_i_session::auth_response_encryption_enc
jwa_enc auth_response_encryption_enc
Definition: iddawc.h:387
_i_session::decrypt_access_token
int decrypt_access_token
Definition: iddawc.h:358
_i_session::pushed_authorization_request_uri
char * pushed_authorization_request_uri
Definition: iddawc.h:350
_i_session::openid_config_endpoint
char * openid_config_endpoint
Definition: iddawc.h:295
_i_session::remote_cert_flag
int remote_cert_flag
Definition: iddawc.h:362
_i_session::userinfo_endpoint
char * userinfo_endpoint
Definition: iddawc.h:296
_i_session::code
char * code
Definition: iddawc.h:309
_i_session::token_method
unsigned int token_method
Definition: iddawc.h:321
_i_session::openid_config
json_t * openid_config
Definition: iddawc.h:334
_i_session::error
char * error
Definition: iddawc.h:306
_i_session::state
char * state
Definition: iddawc.h:283
_i_session::ciba_auth_req_expires_in
unsigned int ciba_auth_req_expires_in
Definition: iddawc.h:400
_i_session::j_claims
json_t * j_claims
Definition: iddawc.h:365
_i_session::pkce_method
int pkce_method
Definition: iddawc.h:364
_i_session::j_userinfo
json_t * j_userinfo
Definition: iddawc.h:338
_i_session::userinfo
char * userinfo
Definition: iddawc.h:337
_i_session::userinfo_encryption_enc
jwa_enc userinfo_encryption_enc
Definition: iddawc.h:375
_i_session::frontchannel_logout_uri
char * frontchannel_logout_uri
Definition: iddawc.h:402
_i_session::client_id
char * client_id
Definition: iddawc.h:287
_i_session::token_exp
unsigned int token_exp
Definition: iddawc.h:340
_i_session::refresh_token
char * refresh_token
Definition: iddawc.h:310
_i_session::ciba_acr_values
char * ciba_acr_values
Definition: iddawc.h:397
_i_session::revocation_endpoint
char * revocation_endpoint
Definition: iddawc.h:297
_i_session::token_endpoint_encryption_alg
jwa_alg token_endpoint_encryption_alg
Definition: iddawc.h:380
_i_session::ciba_auth_req_id
char * ciba_auth_req_id
Definition: iddawc.h:398
_i_session::cert_file
char * cert_file
Definition: iddawc.h:361
_i_session::ciba_client_notification_token
char * ciba_client_notification_token
Definition: iddawc.h:396
_i_session::user_password
char * user_password
Definition: iddawc.h:290
_i_session::id_token_payload
json_t * id_token_payload
Definition: iddawc.h:319
_i_session::j_authorization_details
json_t * j_authorization_details
Definition: iddawc.h:341
_i_session::decrypt_code
int decrypt_code
Definition: iddawc.h:356
_i_session::error_uri
char * error_uri
Definition: iddawc.h:308
_i_session::ciba_request_signing_alg
jwa_alg ciba_request_signing_alg
Definition: iddawc.h:382
_i_session::client_kid
char * client_kid
Definition: iddawc.h:329
_i_session::ciba_login_hint
char * ciba_login_hint
Definition: iddawc.h:391
_i_session::dpop_sign_alg
jwa_alg dpop_sign_alg
Definition: iddawc.h:353
_i_session::use_dpop
int use_dpop
Definition: iddawc.h:351
_i_session::token_type
char * token_type
Definition: iddawc.h:315
_i_session::token_endpoint
char * token_endpoint
Definition: iddawc.h:294
_i_session::openid_config_strict
int openid_config_strict
Definition: iddawc.h:335
_i_session::device_auth_expires_in
unsigned int device_auth_expires_in
Definition: iddawc.h:346
_i_session::pkce_code_verifier
char * pkce_code_verifier
Definition: iddawc.h:363
_i_session::server_enc_alg
jwa_alg server_enc_alg
Definition: iddawc.h:326
_i_session::ciba_requested_expiry
time_t ciba_requested_expiry
Definition: iddawc.h:395
_i_session::auth_response_encryption_alg
jwa_alg auth_response_encryption_alg
Definition: iddawc.h:386
_i_session::id_token_signing_alg
jwa_alg id_token_signing_alg
Definition: iddawc.h:370
_i_session::saved_request
struct _u_request * saved_request
Definition: iddawc.h:409
_i_session::dpop_kid
char * dpop_kid
Definition: iddawc.h:352
_i_session::backchannel_logout_uri
char * backchannel_logout_uri
Definition: iddawc.h:404
_i_session::ciba_login_hint_kid
char * ciba_login_hint_kid
Definition: iddawc.h:393
_i_session::nonce
char * nonce
Definition: iddawc.h:284
_i_session::access_token
char * access_token
Definition: iddawc.h:311
_i_session::check_session_iframe
char * check_session_iframe
Definition: iddawc.h:300
_i_session::client_secret
char * client_secret
Definition: iddawc.h:288
_i_session::token_endpoint_encryption_enc
jwa_enc token_endpoint_encryption_enc
Definition: iddawc.h:381
_i_session::expires_in
unsigned int expires_in
Definition: iddawc.h:316
_i_session::save_http_request_response
unsigned int save_http_request_response
Definition: iddawc.h:408
_i_session::saved_response
struct _u_response * saved_response
Definition: iddawc.h:410
_i_session::issuer
char * issuer
Definition: iddawc.h:336
_i_session::username
char * username
Definition: iddawc.h:289
_i_session::server_jwks_cache_expiration
time_t server_jwks_cache_expiration
Definition: iddawc.h:325
_i_session::request_object_encryption_enc
jwa_enc request_object_encryption_enc
Definition: iddawc.h:378
_i_session::auth_method
unsigned int auth_method
Definition: iddawc.h:320
_i_session::backchannel_logout_session_required
unsigned int backchannel_logout_session_required
Definition: iddawc.h:405
_i_session::server_kid
char * server_kid
Definition: iddawc.h:323
_i_session::registration_endpoint
char * registration_endpoint
Definition: iddawc.h:302
_i_session::scope
char * scope
Definition: iddawc.h:282
_i_session::access_token_signing_alg
jwa_alg access_token_signing_alg
Definition: iddawc.h:367
_i_session::end_session_endpoint
char * end_session_endpoint
Definition: iddawc.h:299
_i_session::access_token_encryption_alg
jwa_alg access_token_encryption_alg
Definition: iddawc.h:368
_i_session::ciba_endpoint
char * ciba_endpoint
Definition: iddawc.h:388
_i_session::client_sign_alg
jwa_alg client_sign_alg
Definition: iddawc.h:330
_i_session::result
unsigned int result
Definition: iddawc.h:305
_i_session::ciba_binding_message
char * ciba_binding_message
Definition: iddawc.h:394
_i_session::device_auth_user_code
char * device_auth_user_code
Definition: iddawc.h:343
_i_session::client_enc
jwa_enc client_enc
Definition: iddawc.h:332
_i_session::http_proxy
char * http_proxy
Definition: iddawc.h:359
_i_session::pushed_authorization_request_endpoint
char * pushed_authorization_request_endpoint
Definition: iddawc.h:304
_i_session::post_logout_redirect_uri
char * post_logout_redirect_uri
Definition: iddawc.h:406
_i_session::id_token
char * id_token
Definition: iddawc.h:318
_i_session::access_token_encryption_enc
jwa_enc access_token_encryption_enc
Definition: iddawc.h:369
_i_session::key_file
char * key_file
Definition: iddawc.h:360
_i_session::ciba_user_code
char * ciba_user_code
Definition: iddawc.h:390
_i_session::authorization_endpoint
char * authorization_endpoint
Definition: iddawc.h:293
_i_session::request_object_encryption_alg
jwa_alg request_object_encryption_alg
Definition: iddawc.h:377
_i_session::frontchannel_logout_session_required
unsigned int frontchannel_logout_session_required
Definition: iddawc.h:403
_i_session::introspection_endpoint
char * introspection_endpoint
Definition: iddawc.h:298
_i_session::server_jwks
jwks_t * server_jwks
Definition: iddawc.h:322
_i_session::decrypt_refresh_token
int decrypt_refresh_token
Definition: iddawc.h:357
_i_session::userinfo_signing_alg
jwa_alg userinfo_signing_alg
Definition: iddawc.h:373
_i_session::device_auth_verification_uri_complete
char * device_auth_verification_uri_complete
Definition: iddawc.h:345
Generated by doxygen 1.9.1