resolve some TODOs; valgrind; bump to 1.3.0

Signed-off-by: Hans Zandbelt <hans.zandbelt@zmartzone.eu>

Author: zandbelt

ChangeLog

@@ -1,3 +1,7 @@
+02/26/2020
+- resolve some TODOs; valgrind
+- bump to 1.3.0
+
 02/25/2020
 - change to named sessions
 

configure.ac

@@ -1,4 +1,4 @@
-AC_INIT([liboauth2],[1.2.5],[hans.zandbelt@zmartzone.eu])
+AC_INIT([liboauth2],[1.3.0],[hans.zandbelt@zmartzone.eu])
 AC_CONFIG_HEADERS([include/oauth2/config.h])
 
 AM_INIT_AUTOMAKE([foreign no-define subdir-objects])

include/oauth2/session.h

@@ -26,12 +26,6 @@
 #include "oauth2/openidc.h"
 #include "oauth2/util.h"
 
-// TODO: this can/should be internal I guess
-typedef enum oauth2_cfg_session_type_t {
-	OAUTH2_SESSION_TYPE_COOKIE,
-	OAUTH2_SESSION_TYPE_CACHE
-} oauth2_cfg_session_type_t;
-
 OAUTH2_CFG_TYPE_DECLARE(cfg, session)
 void oauth2_cfg_session_release(oauth2_log_t *log,
 				oauth2_cfg_session_t *session);

src/cache.c

@@ -269,11 +269,12 @@ oauth2_cache_t *_oauth2_cache_obtain(oauth2_log_t *log, const char *name)
 void oauth2_cache_release(oauth2_log_t *log, oauth2_cache_t *cache)
 {
 	oauth2_cache_list_t *ptr = NULL, *prev = NULL;
+	oauth2_uint_t refcount = cache->refcount;
 
 	if (cache)
 		_oauth2_cache_free(log, cache);
 
-	if (cache->refcount > 0)
+	if (refcount > 1)
 		goto end;
 
 	ptr = _cache_list;

src/cfg/session_cfg.c

@@ -32,6 +32,9 @@ typedef struct oauth2_cfg_session_list_t {
 
 static oauth2_cfg_session_list_t *_session_list = NULL;
 
+#define OAUTH2_SESSION_TYPE_COOKIE_STR "cookie"
+#define OAUTH2_SESSION_TYPE_CACHE_STR "cache"
+
 static void _oauth2_cfg_session_register(oauth2_log_t *log, const char *name,
 					 oauth2_cfg_session_t *session)
 {
@@ -117,8 +120,8 @@ oauth2_cfg_session_t *_oauth2_cfg_session_obtain(oauth2_log_t *log,
 
 	if (_session_list == NULL) {
 		cfg = oauth2_cfg_session_init(log);
-		// TODO: "cookie" -> "shm"?
-		oauth2_cfg_session_set_options(log, cfg, "cookie", NULL);
+		oauth2_cfg_session_set_options(
+		    log, cfg, OAUTH2_SESSION_TYPE_CACHE_STR, NULL);
 	}
 
 	ptr = _session_list;
@@ -272,13 +275,10 @@ _OAUTH_CFG_CTX_CALLBACK(oauth2_cfg_session_set_options_cache)
 	return rv;
 }
 
-#define OAUTH2_SESSION_TYPE_COOKIE_STR "cookie"
-#define OAUTH2_SESSION_TYPE_COOKIE_CACHE "cache"
-
 // clang-format off
 static oauth2_cfg_set_options_ctx_t _oauth2_cfg_session_options_set[] = {
 	{ OAUTH2_SESSION_TYPE_COOKIE_STR, oauth2_cfg_session_set_options_cookie },
-	{ OAUTH2_SESSION_TYPE_COOKIE_CACHE, oauth2_cfg_session_set_options_cache },
+	{ OAUTH2_SESSION_TYPE_CACHE_STR, oauth2_cfg_session_set_options_cache },
 	{ NULL, NULL }
 };
 // clang-format on

src/cfg/target.c

@@ -90,13 +90,13 @@ void oauth2_cfg_target_pass_merge(oauth2_log_t *log,
 	cfg->as_headers = add->as_headers != OAUTH2_CFG_FLAG_UNSET
 			      ? add->as_headers
 			      : base->as_headers;
-	// TODO: eeuhm, oauth2_strdup...??
-	cfg->authn_header =
-	    add->authn_header != NULL ? add->authn_header : base->authn_header;
-	cfg->prefix = add->prefix != NULL ? add->prefix : base->prefix;
-	cfg->remote_user_claim = add->remote_user_claim != NULL
-				     ? add->remote_user_claim
-				     : base->remote_user_claim;
+	cfg->authn_header = oauth2_strdup(
+	    add->authn_header != NULL ? add->authn_header : base->authn_header);
+	cfg->prefix =
+	    oauth2_strdup(add->prefix != NULL ? add->prefix : base->prefix);
+	cfg->remote_user_claim = oauth2_strdup(add->remote_user_claim != NULL
+						   ? add->remote_user_claim
+						   : base->remote_user_claim);
 
 end:
 

src/cfg_int.h

@@ -185,6 +185,11 @@ bool oauth2_session_save_cache(oauth2_log_t *log,
 			       const oauth2_http_request_t *request,
 			       oauth2_http_response_t *response, json_t *json);
 
+typedef enum oauth2_cfg_session_type_t {
+	OAUTH2_SESSION_TYPE_COOKIE,
+	OAUTH2_SESSION_TYPE_CACHE
+} oauth2_cfg_session_type_t;
+
 typedef struct oauth2_cfg_session_t {
 	oauth2_cfg_session_type_t type;
 	char *cookie_name;

src/openidc/openidc.c

@@ -209,7 +209,6 @@ static bool _oauth2_openidc_id_token_verify(oauth2_log_t *log,
 	char *rv = NULL;
 	char *options = NULL;
 
-	// TODO: need a global in-memory jwks_uri cache
 	oauth2_cfg_token_verify_t *verify = NULL;
 	options = oauth2_stradd(NULL, "jwks_uri.ssl_verify", "=",
 				provider->ssl_verify ? "true" : "false");

src/proto.c

@@ -461,7 +461,7 @@ bool oauth2_ropc_exec(oauth2_log_t *log, oauth2_cfg_ropc_t *cfg,
 				   username);
 	oauth2_nv_list_add(log, params, OAUTH2_PROTO_ROPC_PASSWORD, password);
 
-	// TODO: sts_merge_request_parameters(log, cfg, params);
+	// TODO: merge configurable endpoint parameters
 
 	ctx = oauth2_http_call_ctx_init(log);
 	if (ctx == NULL)

src/session.c

@@ -189,7 +189,7 @@ bool oauth2_session_load_cache(oauth2_log_t *log,
 	if (oauth2_json_decode_object(log, value, json) == false)
 		goto end;
 
-	oauth2_debug(log, " #### restored: %s ###", value);
+	oauth2_debug(log, "restored session from cache: %s##", value);
 
 	rc = true;
 
@@ -223,7 +223,8 @@ bool oauth2_session_save_cache(oauth2_log_t *log,
 	}
 
 	if (oauth2_cache_set(log, cfg->cache, key, value,
-			     cfg->inactivity_timeout_s) == false) {
+			     oauth2_cfg_session_inactivity_timeout_s_get(
+				 log, cfg)) == false) {
 		oauth2_error(log, "could not store session in cache");
 		goto end;
 	}