Skip to content

Commit

Permalink
fix: POST TM
Browse files Browse the repository at this point in the history
  • Loading branch information
@damikael
damikael committed Jun 19, 2024
1 parent 24c9291 commit 3b2dfbc
Show file tree
Hide file tree
Showing 2 changed files with 41 additions and 17 deletions.
32 changes: 24 additions & 8 deletions lib/Federation/TrustMark.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,11 @@ class TrustMark
private array $config;
private string $sub;
private string $id;
private string $organization_type;
private array $id_code;
private string $email;
private string $organization_name;
private $sa_profile;

/**
* creates a new TrustMark instance
Expand All @@ -53,11 +58,16 @@ class TrustMark
* @throws Exception
* @return TrustMark
*/
public function __construct(array $config, string $sub, string $id)
public function __construct(array $config, string $sub, string $id, string $organization_type, array $id_code, string $email, string $organization_name, $sa_profile)
{
$this->config = $config;
$this->sub = $sub;
$this->id = $id;
$this->organization_type = $organization_type;
$this->id_code = $id_code;
$this->email = $email;
$this->organization_name = $organization_name;
$this->sa_profile = $sa_profile ?? null;
}

/**
Expand All @@ -73,15 +83,21 @@ public function makeJwt() {
$jwk_pem = $this->config['cert_private_fed'];

$data = [
'iss' => $this->config['client_id'], // Issuer
'sub' => $this->sub, // Subject of the trust mark
'id' => $this->id, // id of the trust mark
'iat' => $iat->getTimestamp(), // Issued at: time when the trust mark was generated
// logo_uri optional
// exp optional
// ref optional
'iss' => $this->config['client_id'],
'sub' => $this->sub,
'id' => $this->id,
'iat' => strtotime("-2 seconds"),
'logo_uri' => $this->config['client_id'] . '/tm/' . base64_encode($this->id) . '.png',
'exp' => strtotime("+1 years"),
'ref' => $this->config['client_id'] . '/tm/' . base64_encode($this->id) . '.txt',
'organization_type' => $this->organization_type,
'id_code' => $this->id_code,
'email' => $this->email,
'organization_name' => $this->organization_name,
];

if($this->sa_profile) $data['sa_profile'] = $this->sa_profile;

$algorithmManager = new AlgorithmManager([new RS256()]);
$jwk = JWT::getKeyJWK($jwk_pem);
$jwsBuilder = new JWSBuilder($algorithmManager);
Expand Down
26 changes: 17 additions & 9 deletions www/index.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -187,30 +187,38 @@ function ($f3) {
}
);

// GET /trust_mark
// POST /trust_mark
$f3->route(
'GET /trust_mark',
'POST /trust_mark',
function ($f3) {
$config = ($f3->get("CONFIG")['sa']) ?? false;
if (!$config) {
$f3->error(400, "SA configuration not found");
}

$sub = $_GET['sub'];
$id = $_GET['id'];
$sub = $_POST['sub'] ?? null;
$id = $_POST['id'] ?? null;
$organization_type = $_POST['organization_type'] ?? null;
$id_code = $_POST['id_code'] ?? null;
$email = $_POST['email'] ?? null;
$organization_name = $_POST['organization_name'] ?? null;
$sa_profile = $_POST['sa_profile'] ?? null;

if (!$sub || !$id) {
$f3->error(400, "sub or id not specified");
}
if (!$sub) $f3->error(400, "sub is mandatory");
if (!$id) $f3->error(400, "id is mandatory");
if (!$organization_type) $f3->error(400, "organization_type is mandatory");
if (!$id_code) $f3->error(400, "id_code is mandatory");
if (!$email) $f3->error(400, "email is mandatory");
if (!$organization_name) $f3->error(400, "organization_name is mandatory");

try {
$logger = $f3->get("LOGGER");
$logger->log('OIDC', 'POST /trust_mark');

$mediaType = 'trust-mark+jwt';
$mediaType = 'application/json';
header('Content-Type: ' . $mediaType);

$trust_mark = new TrustMark($config, $sub, $id);
$trust_mark = new TrustMark($config, $sub, $id, $organization_type, $id_code, $email, $organization_name, $sa_profile);
echo json_encode(array(
'id' => $id,
'iss' => $config['client_id'],
Expand Down

0 comments on commit 3b2dfbc

Please sign in to comment.