add custom request parameters

indigo-dc · May 7, 2024 · 1dafdf7 · 1dafdf7
1 parent bf1e5fe
commit 1dafdf7
Show file tree

Hide file tree

Showing 15 changed files with 340 additions and 12 deletions.
diff --git a/config/custom_parameters.config.example b/config/custom_parameters.config.example
@@ -0,0 +1,23 @@
+[
+  {
+    "parameter": "key",
+    "value": "value / $VALUE / /home/user/value",
+    "for_issuer": [
+      "https://example.com"
+    ],
+    "for_account": [
+      "iam",
+      "example"
+    ],
+    "request": [
+      "refresh",
+      "auth_url",
+      "code-exchange",
+      "device-init",
+      "device-polling",
+      "registration",
+      "revocation",
+      "password"
+    ]
+  }
+]
diff --git a/src/defines/agent_values.h b/src/defines/agent_values.h
@@ -54,6 +54,12 @@
 #define CONFIG_KEY_LEGACYAUDMODE "legacy_aud_mode"
 #define CONFIG_KEY_PLAINADD "skip-check"
 
+#define CUSTOMPARAMETERS_KEY_PARAMETER "parameter"
+#define CUSTOMPARAMETERS_KEY_VALUE "value"
+#define CUSTOMPARAMETERS_KEY_ISSUERS "for_issuer"
+#define CUSTOMPARAMETERS_KEY_ACCOUNTS "for_account"
+#define CUSTOMPARAMETERS_KEY_REQUESTS "request"
+
 #define ACCOUNTINFO_KEY_HASPUBCLIENT "pubclient"
 
 // INTERNAL / CLI FLOW VALUES

diff --git a/src/defines/settings.c b/src/defines/settings.c
@@ -12,12 +12,13 @@
                              // one is appended later
 #endif
 
-char* _config_path            = NULL;
-char* _cert_file              = NULL;
-char* _etc_issuer_config_file = NULL;
-char* _etc_issuer_config_dir  = NULL;
-char* _etc_config_file        = NULL;
-char* _etc_mytoken_base       = NULL;
+char* _config_path               = NULL;
+char* _cert_file                 = NULL;
+char* _etc_issuer_config_file    = NULL;
+char* _etc_issuer_config_dir     = NULL;
+char* _etc_custom_parameter_file = NULL;
+char* _etc_config_file           = NULL;
+char* _etc_mytoken_base          = NULL;
 
 static const char* config_path() {
   if (_config_path == NULL) {
@@ -49,6 +50,14 @@ const char* ETC_ISSUER_CONFIG_DIR() {
   return _etc_issuer_config_dir;
 }
 
+const char* ETC_CUSTOM_PARAMETERS_FILE() {
+  if (_etc_custom_parameter_file == NULL) {
+    _etc_custom_parameter_file =
+        oidc_pathcat(config_path(), "oidc-agent/" CUSTOM_PARAMETERS_FILENAME);
+  }
+  return _etc_custom_parameter_file;
+}
+
 const char* ETC_CONFIG_FILE() {
   if (_etc_config_file == NULL) {
     _etc_config_file = oidc_pathcat(config_path(), "oidc-agent/config");

diff --git a/src/defines/settings.h b/src/defines/settings.h
@@ -39,11 +39,13 @@
 // file names
 #define ISSUER_CONFIG_FILENAME "issuer.config"
 #define ISSUER_CONFIG_DIRNAME ISSUER_CONFIG_FILENAME ".d"
+#define CUSTOM_PARAMETERS_FILENAME "custom_parameters.config"
 
 #ifdef ANY_MSYS
 const char* CERT_FILE();
 const char* ETC_ISSUER_CONFIG_FILE();
 const char* ETC_ISSUER_CONFIG_DIR();
+const char* ETC_CUSTOM_PARAMETERS_FILE();
 const char* _MYTOKEN_GLOBAL_BASE();
 const char* ETC_CONFIG_FILE();
 
@@ -56,6 +58,8 @@ const char* ETC_CONFIG_FILE();
 
 #define ETC_ISSUER_CONFIG_FILE CONFIG_PATH "/oidc-agent/" ISSUER_CONFIG_FILENAME
 #define ETC_ISSUER_CONFIG_DIR CONFIG_PATH "/oidc-agent/" ISSUER_CONFIG_DIRNAME
+#define ETC_CUSTOM_PARAMETERS_FILE \
+  CONFIG_PATH "/oidc-agent/" CUSTOM_PARAMETERS_FILENAME
 #define ETC_CONFIG_FILE CONFIG_PATH "/oidc-agent/config"
 #endif
 

diff --git a/src/oidc-agent/oidc/flows/code.c b/src/oidc-agent/oidc/flows/code.c
@@ -7,6 +7,7 @@
 #include "oidc-agent/httpserver/startHttpserver.h"
 #include "oidc.h"
 #include "utils/agentLogger.h"
+#include "utils/config/custom_parameter.h"
 #include "utils/config/issuerConfig.h"
 #include "utils/crypt/crypt.h"
 #include "utils/listUtils.h"
@@ -37,6 +38,7 @@ oidc_error_t codeExchange(struct oidc_account* account, const char* code,
       list_rpush(postData, list_node_new(account_getClientSecret(account)));
     }
   }
+  addCustomParameters(postData, account, OIDC_REQUEST_TYPE_CODEEXCHANGE);
   char* data = generatePostDataFromList(postData);
   list_destroy(postData);
   if (data == NULL) {
@@ -146,6 +148,7 @@ char* buildCodeFlowUri(const struct oidc_account* account, char** state_ptr,
       addAudienceRFC8707ToList(postData, aud_tmp);
     }
   }
+  addCustomParameters(postData, account, OIDC_REQUEST_TYPE_AUTHURL);
   char* uri_parameters = generatePostDataFromList(postData);
   secFree(code_challenge);
   secFree(scope);

diff --git a/src/oidc-agent/oidc/flows/device.c b/src/oidc-agent/oidc/flows/device.c
@@ -6,14 +6,16 @@
 #include "oidc-agent/oidcd/deviceCodeEntry.h"
 #include "oidc.h"
 #include "utils/agentLogger.h"
+#include "utils/config/custom_parameter.h"
 #include "utils/config/issuerConfig.h"
 #include "utils/db/deviceCode_db.h"
 #include "utils/errorUtils.h"
 #include "utils/string/stringUtils.h"
 
 char* generateDeviceCodePostData(const struct oidc_account* a) {
-  return generatePostData(OIDC_KEY_CLIENTID, account_getClientId(a),
-                          OIDC_KEY_SCOPE, account_getAuthScope(a), NULL);
+  return generatePostData(OIDC_REQUEST_TYPE_DEVICEINIT, a, OIDC_KEY_CLIENTID,
+                          account_getClientId(a), OIDC_KEY_SCOPE,
+                          account_getAuthScope(a), NULL);
 }
 
 char* generateDeviceCodeLookupPostData(const struct oidc_account* a,
@@ -41,6 +43,7 @@ char* generateDeviceCodeLookupPostData(const struct oidc_account* a,
       addAudienceRFC8707ToList(postDataList, aud_tmp);
     }
   }
+  addCustomParameters(postDataList, a, OIDC_REQUEST_TYPE_DEVICEPOLLING);
   char* str = generatePostDataFromList(postDataList);
   list_destroy(postDataList);
   secFree(tmp_devicecode);

diff --git a/src/oidc-agent/oidc/flows/oidc.c b/src/oidc-agent/oidc/flows/oidc.c
@@ -11,6 +11,7 @@
 #include "oidc-agent/http/http_ipc.h"
 #include "oidc-agent/oidcd/internal_request_handler.h"
 #include "utils/agentLogger.h"
+#include "utils/config/custom_parameter.h"
 #include "utils/errorUtils.h"
 #include "utils/json.h"
 #include "utils/key_value.h"
@@ -21,7 +22,9 @@
 /**
  * last argument has to be NULL
  */
-char* generatePostData(char* k1, char* v1, ...) {
+char* generatePostData(const char*                request_type,
+                       const struct oidc_account* account, char* k1, char* v1,
+                       ...) {
   va_list args;
   va_start(args, v1);
   list_t* list = list_new();
@@ -32,6 +35,7 @@ char* generatePostData(char* k1, char* v1, ...) {
     list_rpush(list, list_node_new(s));
   }
   va_end(args);
+  addCustomParameters(list, account, request_type);
   char* data = generatePostDataFromList(list);
   list_destroy(list);
   return data;

diff --git a/src/oidc-agent/oidc/flows/oidc.h b/src/oidc-agent/oidc/flows/oidc.h
@@ -11,7 +11,9 @@
 #define TOKENPARSEMODE_RETURN_MT 0x08
 #define TOKENPARSEMODE_SAVE_MT 0x08
 
-char* generatePostData(char* k1, char* v1, ...);
+char* generatePostData(const char*                request_type,
+                       const struct oidc_account* account, char* k1, char* v1,
+                       ...);
 char* generatePostDataFromList(list_t* list);
 char* parseTokenResponse(unsigned char mode, const char* res,
                          struct oidc_account* a, struct ipcPipe pipes,

diff --git a/src/oidc-agent/oidc/flows/password.c b/src/oidc-agent/oidc/flows/password.c
@@ -7,6 +7,7 @@
 #include "oidc-agent/http/http_ipc.h"
 #include "oidc.h"
 #include "utils/agentLogger.h"
+#include "utils/config/custom_parameter.h"
 #include "utils/config/issuerConfig.h"
 #include "utils/oidc_error.h"
 #include "utils/string/stringUtils.h"
@@ -40,6 +41,7 @@ char* generatePasswordPostData(const struct oidc_account* a,
       addAudienceRFC8707ToList(postDataList, aud_tmp);
     }
   }
+  addCustomParameters(postDataList, a, OIDC_REQUEST_TYPE_PASSWORD);
   char* str = generatePostDataFromList(postDataList);
   secFree(aud_tmp);
   list_destroy(postDataList);

diff --git a/src/oidc-agent/oidc/flows/refresh.c b/src/oidc-agent/oidc/flows/refresh.c
@@ -7,6 +7,7 @@
 #include "oidc-agent/http/http_ipc.h"
 #include "oidc.h"
 #include "utils/agentLogger.h"
+#include "utils/config/custom_parameter.h"
 #include "utils/config/issuerConfig.h"
 #include "utils/string/stringUtils.h"
 
@@ -57,6 +58,7 @@ char* generateRefreshPostData(const struct oidc_account* a, const char* scope,
       addAudienceRFC8707ToList(postDataList, aud_tmp);
     }
   }
+  addCustomParameters(postDataList, a, OIDC_REQUEST_TYPE_REFRESH);
   char* str = generatePostDataFromList(postDataList);
   list_destroy(postDataList);
   secFree(aud_tmp);

diff --git a/src/oidc-agent/oidc/flows/revoke.c b/src/oidc-agent/oidc/flows/revoke.c
@@ -5,6 +5,7 @@
 #include "oidc-agent/http/http_ipc.h"
 #include "oidc.h"
 #include "utils/agentLogger.h"
+#include "utils/config/custom_parameter.h"
 #include "utils/parseJson.h"
 #include "utils/string/stringUtils.h"
 
@@ -18,8 +19,9 @@ oidc_error_t _revokeToken(struct oidc_account* account,
   }
   char* refresh_token = account_getRefreshToken(account);
   char* data          = generatePostData(
-      OIDC_KEY_TOKENTYPE_HINT, OIDC_TOKENTYPE_REFRESH, OIDC_KEY_TOKEN,
-      refresh_token, withClientId ? OIDC_KEY_CLIENTID : NULL,
+      OIDC_REQUEST_TYPE_REVOKE, account, OIDC_KEY_TOKENTYPE_HINT,
+      OIDC_TOKENTYPE_REFRESH, OIDC_KEY_TOKEN, refresh_token,
+      withClientId ? OIDC_KEY_CLIENTID : NULL,
       withClientId ? account_getClientId(account) : NULL, NULL);
   if (data == NULL) {
     return oidc_errno;