Function caprock_issuer_from_token

• Defined in File basics.h

Function Documentation

caprock_error_t caprock_issuer_from_token(void *issuer_buffer, size_t *issuer_buffer_size, void const *token_buffer, size_t token_buffer_size)

Extract an issuer identifier from a serialized token. This can then be used to e.g. look up keys in a key store, or determine the scope of a claim.

The identifier is an opaque, serialized identifier. The caller must allocate sufficient memory for the identifier. At the time of writing, identifiers are less than 100 Bytes in length. If insufficient buffer space is provided, the return value is CAPROCK_ERR_OUT_OF_MEMORY. The issuer_buffer_size parameter is set to the amount of buffer space used on success. On failure, the value is the amount of buffer needed.

If the input is not a valid token, CAPROCK_ERR_CODEC is returned. Invalid inputs produce CAPROCK_ERR_INVALID_VALUE.

Parameters

• issuer_buffer – [out] Buffer to write issuer identifier into.

• issuer_buffer_size – [inout] Size in octets of issuer_buffer.

• token_buffer – [in] Buffer that holds a token.

• token_buffer_size – [in] Size in octets of token_buffer.

Return values

• CAPROCK_ERR_SUCCESS – When the isuser was successfully extracted from the token.

• CAPROCK_ERR_INVALID_VALUE – When parameters were invalid, such as e.g. NULL pointers for required parameters. Check the debug log for details.

• CAPROC_ERR_CODEC – When the token could not be decoded.

• CAPROCK_ERR_VALIDATION – When the token does not contain an issuer.

• CAPROCK_ERR_OUT_OF_MEMORY – When the issuer field in the token is larger than issuer_buffer_size.