From 4f5fd7e158a216a957573e5d86c61e28cdd1a7a5 Mon Sep 17 00:00:00 2001
From: eugene <eugene.kobyakov@netfoundry.io>
Date: Thu, 21 Dec 2023 13:23:44 -0500
Subject: [PATCH] fix loading ziti_config from in-memory JSON (fixes #602)

---
 includes/ziti/ziti.h      | 10 +++++++++-
 includes/ziti/zitilib.h   |  9 +++++++--
 library/config.c          |  8 ++++++--
 tests/test_ziti_model.cpp | 34 ++++++++++++++++++++++++++++++++++
 4 files changed, 56 insertions(+), 5 deletions(-)

diff --git a/includes/ziti/ziti.h b/includes/ziti/ziti.h
index f055d311..fdb633e0 100644
--- a/includes/ziti/ziti.h
+++ b/includes/ziti/ziti.h
@@ -420,8 +420,16 @@ extern int ziti_enroll(ziti_enroll_opts *opts, uv_loop_t *loop, ziti_enroll_cb e
 ZITI_FUNC
 extern void ziti_set_app_info(const char *app_id, const char *app_version);
 
+/**
+ * Load ziti identity config from memory or file.
+ * First it tries to parse [conf_str] as identity Json.
+ * if that fails it tries to load it from file using [conf_str] as the path.
+ * @param config target ziti_config object
+ * @param conf_str identity config JSON or path to a file.
+ * @return ZITI_OK on success or error code
+ */
 ZITI_FUNC
-extern int ziti_load_config(ziti_config *config, const char* path);
+extern int ziti_load_config(ziti_config *config, const char* conf_str);
 
 ZITI_FUNC
 extern int ziti_context_init(ziti_context *ztx, const ziti_config *config);
diff --git a/includes/ziti/zitilib.h b/includes/ziti/zitilib.h
index 2315b803..ee02f393 100644
--- a/includes/ziti/zitilib.h
+++ b/includes/ziti/zitilib.h
@@ -65,8 +65,13 @@ int Ziti_enroll_identity(const char *jwt, const char *key, const char *cert,
                          char **id_json, unsigned long *id_json_len);
 /**
  * @brief Load Ziti identity.
- * @param identity location of identity configuration
- * @return Ziti Context handle
+ *
+ * First it tries to parse [identity] as identity Json.
+ * if that fails it tries to load it from file using [identity] as the path.
+ *
+ * returns NULL in case of failure. [Ziti_last_error()] will give specific error code.
+ * @param identity identity config JSON or path to a file.
+ * @return Ziti Context handle or NULL if it fails
  */
 ZITI_FUNC
 ziti_context Ziti_load_context(const char *identity);
diff --git a/library/config.c b/library/config.c
index 549341c3..033eee1e 100644
--- a/library/config.c
+++ b/library/config.c
@@ -60,8 +60,12 @@ int ziti_load_config(ziti_config *cfg, const char* cfgstr) {
     }
 
     if (rc < 0) {
-        free_ziti_config(cfg);
+        return rc;
     }
 
-    return rc;
+    if (cfg->controller_url == NULL || cfg->id.key == NULL) {
+        return ZITI_INVALID_CONFIG;
+    }
+
+    return ZITI_OK;
 }
diff --git a/tests/test_ziti_model.cpp b/tests/test_ziti_model.cpp
index 5d854d16..c31cf6a0 100644
--- a/tests/test_ziti_model.cpp
+++ b/tests/test_ziti_model.cpp
@@ -33,6 +33,7 @@
 #endif
 
 #include "internal_model.h"
+#include "ziti/ziti.h"
 
 using Catch::Matchers::Equals;
 
@@ -721,4 +722,37 @@ TEST_CASE("ziti-intercept_test", "[model]") {
 
     free_ziti_intercept_cfg_v1(&interceptCfgV1);
     free_ziti_client_cfg_v1(&cltV1);
+}
+
+TEST_CASE("load cfg", "[model]") {
+    auto good_json = R"({
+  "ztAPI": "https://calculon.local:1280",
+  "id": {
+    "cert": "-----BEGIN CERTIFICATE-----\nMIIDnjCCAYagAwIBAgIDBirVMA0GCSqGSIb3DQEBCwUAMGIxCzAJBgNVBAYTAlVT\nMRIwEAYDVQQHEwlDaGFybG90dGUxEzARBgNVBAoTCk5ldEZvdW5kcnkxEDAOBgNV\nBAsTB0FEVi1ERVYxGDAWBgNVBAMTD2ludGVybWVkaWF0ZS1jYTAeFw0yMzEyMDQx\nOTI2MTBaFw0yNDEyMDQxOTI3MTBaMEIxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJO\nWTERMA8GA1UEChMIT3BlblppdGkxEzARBgNVBAMTCjVZTENuUGtEcUMwWTATBgcq\nhkjOPQIBBggqhkjOPQMBBwNCAASAQAB1dYikr3YetRN6dLnGz8pWpp5nna/ErGTV\nZAP1nAHykTdrZCjt1dBv8xHxsbF0drT/Ddzyn/HeQdx3SFHbo0gwRjAOBgNVHQ8B\nAf8EBAMCBLAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwHwYDVR0jBBgwFoAUME5gfYO0\n2JAM0WNdLGVOg5JXAHIwDQYJKoZIhvcNAQELBQADggIBAEfW6quMT1Uok/3sbBT2\n+sYeFYigknDtFNTDpyKz2aM03iBYdOGGDnzc/8klwvI/LgOBq9RW6F9ySHl9UdYr\nBeeq2+wlth4Wks+imlmhFw+WafMi94Ly8yk/vQImud17PfGcr78gn+6EaSUevNpk\nT0oq27AxGzYJyIa9c62VCiavPrE2rXVKbFm7CiIr7u1K4+obrf57kS5hPZ4Yxfd+\nTcW8jBhS4aSmwSYjd/qTV9T25jylS/RWe1EvneGvW0DMFvW9l1KfrhS+JKnEaMTW\ndtEfcWcr8Nio7GyPS6OYC48euLqy0TcUDmQXVE/u4tjmngzqlZKAC9Fyc82V4ouj\nyV1F3JMEUwPZfLfWj5/7Nq/mqPGfK1SQAX70vkGE8Ac3zzCtSRCdxrkEvGMaoy2o\ny5iqFd+RFJuo02rmQj/Y4h7ewPCFpofJ60ytQVh29kq7nHM7yJlm/jbrV0z0lWHm\nBVfarXbODeMEweN9J22VB7O3QzHTZUZmKpcRPJVbIDGySVYZRr4/4SkR5AU9SPv5\nowYhD7LPfsgowPE+1bE16eoZLeOwyPUvUfblZJ79LSQb9HFvL6fMTufMgaCQrcb6\nZqjv+0fm+lxhrrgwDVAQE0/0NK5cM6F6jNr0wJJhUsrss6gRr9jA3KcRJZJzknWh\nace4f9yDr6iJ2jUN9y6rAxpq\n-----END CERTIFICATE-----\n",
+    "key": "-----BEGIN PRIVATE KEY-----\nMIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgRZiIMpgWJy6d3wGh\n2mdOsAGZwZ05hhm6NPlaFzU8hQihRANCAASAQAB1dYikr3YetRN6dLnGz8pWpp5n\nna/ErGTVZAP1nAHykTdrZCjt1dBv8xHxsbF0drT/Ddzyn/HeQdx3SFHb\n-----END PRIVATE KEY-----\n",
+    "ca": "-----BEGIN CERTIFICATE-----\nMIIF0jCCA7qgAwIBAgIQIAKIxTp/74TVuVxw0tUh8jANBgkqhkiG9w0BAQsFADBa\nMQswCQYDVQQGEwJVUzESMBAGA1UEBxMJQ2hhcmxvdHRlMRMwEQYDVQQKEwpOZXRG\nb3VuZHJ5MRAwDgYDVQQLEwdBRFYtREVWMRAwDgYDVQQDEwdyb290LWNhMB4XDTIz\nMTIwNDE5MjYwMloXDTMzMTIwMTE5MjcwMVowYjELMAkGA1UEBhMCVVMxEjAQBgNV\nBAcTCUNoYXJsb3R0ZTETMBEGA1UEChMKTmV0Rm91bmRyeTEQMA4GA1UECxMHQURW\nLURFVjEYMBYGA1UEAxMPaW50ZXJtZWRpYXRlLWNhMIICIjANBgkqhkiG9w0BAQEF\nAAOCAg8AMIICCgKCAgEAsKfIHsB0JhRVkpQLkIOilbJRVY0UmUUGILDiuOOeGB2D\n8maAeJ3ZHnqRqeWSaLTmExTGOVxjVFjd76+inqvsInYo2L9wv/uDLFrGuiXi2Yiu\nM6dsC26TsHSCD6h7RUT6iMmuIQntmma9D5SZ7P1hU4YGybtZjJCgkIY8jRBpLcUG\ngB8X7wY3/kfsxw17x8/LZgCUoeQ8mUf/l8gbautFsYgAI45zFSuDbP1GQ0yEEzVO\nu7ls7scSGCySiZueSx0Q5CFwqmmKa0LpZ9G3kE1/VoZ3uxh93HI6qGr9kAiUBU1B\nvBuisJ7Mn/eUYm17zRxO17c0fn4abrxhVH/D8WmeZI8prawkmYrq+Hnh5Y9ScnYv\n0BT8eMgmsKJzdEzy6Fd0SIna/TXth18RKdgYTVkNEJn7sG/sbF5QxT86zO6dKNU6\nHWoKaMLIUH8WyGxt7M9xaY1ww1YP4We9DvRnddVziML/LEry00moofVXVn7RoCur\nvlMxGmloCuy45jLTNLQWsXoPyCzGfipzJSo8uQ4FIQYDlBMcQK4wLXPVd8v/MJ+l\nW4kRQLAEeNmUeUUgMNbPW1+iChjxu4qedK9MRqftaEfEL8h5PGILuMBMCiczLlI3\nsPa7aOYgdcMg5TtxvC7DZu/vFrxMhxRdC8OOx4rRlP5uEx4+3kw4hSiF1nkYKiEC\nAwEAAaOBizCBiDAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBATAd\nBgNVHQ4EFgQUME5gfYO02JAM0WNdLGVOg5JXAHIwHwYDVR0jBBgwFoAU/AOGTE5o\n3/ArUAdOys1aCJ7q9nkwIgYDVR0RBBswGYYXc3BpZmZlOi8vY2FsY3Vsb24ubG9j\nYWwwDQYJKoZIhvcNAQELBQADggIBAJ6zrAW3zdprIExLiVdP375/9PEp1W/k832y\nRPMgcd6BUWm0Yk76jH0o2NGLrSTyaagGAOoXpvdOM2VM2ZGSMr2uYwx+1aDoZ4c4\npz4zRmU4b6uvYbS+r9wcqv9WNOdqYBeuh0p9XG2CsyFqoiDnc/XTQUpqsbb4dZsl\nqJ+UqmyeB09YktMhaux0UK5FhBa6/8trrArl/76yYSBI2Y6ElUSjISQjE8ol3D3N\nXtIkweD4CilWMQnzdneT+OHDDzzVdCh+jBtavEo22/KBjCRDIGjASGTdvNoQjmbo\nZpUHFFeQ2Sm0qJPbu9mJAx3FHy0SznrSxIqiibcjwsTgMCpO9bOily5KFT0rKkdQ\n11+in/T0pDK7U5iHoG0K1f8Mwpv+4b6363srnNp7dgZiibZlJ2JniLV6nBZZmQ83\nAJt9xBpgnRx65SbDX3N3Q6WXGPrQu/mpGXceBO8LgKAzlld5yTRjPnyjmsKI7onx\nAvsen8pt5qp9aJvqH/vm7/99fvCX8r4I+z2AdR6u5GyqGxcPOlG3hzxDybiekD36\nyCE3oKgkOSKuuCg9pT/TXh/zHrgMQ2IsnVcwX8IWzrxNA/+YAHz6LqL3vVT6QGXK\nPK9bgax/uTk6n9AbSc2NQUywHXjyojA1UUMuC/jal1qfelGX+Waib5GH//0HCO8V\nNSJO51hD\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nMIIFyDCCA7CgAwIBAgIRAI8g2BPPjDAlKB21DfukgzUwDQYJKoZIhvcNAQELBQAw\nWjELMAkGA1UEBhMCVVMxEjAQBgNVBAcTCUNoYXJsb3R0ZTETMBEGA1UEChMKTmV0\nRm91bmRyeTEQMA4GA1UECxMHQURWLURFVjEQMA4GA1UEAxMHcm9vdC1jYTAeFw0y\nMzEyMDQxOTI2MDFaFw0zMzEyMDExOTI3MDBaMFoxCzAJBgNVBAYTAlVTMRIwEAYD\nVQQHEwlDaGFybG90dGUxEzARBgNVBAoTCk5ldEZvdW5kcnkxEDAOBgNVBAsTB0FE\nVi1ERVYxEDAOBgNVBAMTB3Jvb3QtY2EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw\nggIKAoICAQDeuuf5FRVlEGTAa195bGx1PtxV3b8USPq1Ez6fSBwE8aQwB2PusrY9\nuac4qyjpdi5oxlAfZ3CnsYCsz4jyumd5pjkdylHADXfZgR5wyRJr3DX6mZcPikx1\neYaPLjNEU5vmG3YDE65w3pWnuhxpBUBc2Nj6rrBFaOPyCO96kgRfe2scG2pgR71s\nE+bCR39teiQ69yxnm3D/EDf+/ZmkJ1oHz+5GZb0SDckb8cR/aSHL3Er7NE01aPmf\nAmbnFgspTiGEVm4NHYHnR8C1NuDZP5S2twRPfktkJoK5VSlWh/3Wh0gAmyrAoGJi\n8QKbqqwBMzxg2GaD+whghUAb/PbSth8wFTSmZQg/6h1RqI5YONIzNfRG1BsV3mV8\nRVDJPXcTBMXiChYXy7wnaTfNDBiML6sDIygBIixON5rIQPUBRJ2nz+VFPC/BSCSw\nLr0DvoEXS2ZgqZe7plcHdT+kuPCAxnk+xZbKllVYxU8gj9OKWKAddvenZqNt6z5Y\nZ/u5m/OfoCdCiNUIOAFac8voPK9mHerIPT9J5oAyidxNgOU+NvpduTo3GPrIxa1E\n9UmDZ/MhqVnUdRi93YcmycFZs9SGNYmrlCigES7jnWFREHBv0R856vbcO1qTcjoF\nSkNLEAQYtLlrfSmYrw7pnKgHDa3KjP8KeSL39BNSvQ5PI2hKpbx9fwIDAQABo4GI\nMIGFMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBT8\nA4ZMTmjf8CtQB07KzVoInur2eTAfBgNVHSMEGDAWgBT8A4ZMTmjf8CtQB07KzVoI\nnur2eTAiBgNVHREEGzAZhhdzcGlmZmU6Ly9jYWxjdWxvbi5sb2NhbDANBgkqhkiG\n9w0BAQsFAAOCAgEAKMxDfoHStDF07iiaHEzqgvAVGGMOR3mnepjHkA93qT0QWsFI\nF/TZ1jAkxDc3Y5BuW5ss5uCaV/50vntyPmcyyZGHmZ0baFK4LaMovbvMP7Y6nOUH\nDaMV/Zcr4cdYJmmVt9bQDgvmsc3qeQ+govnGZ9eD7aB3aQxXgZs/e11l6xqLJ6nM\n7VYJz1RMv92xBi994TFNJHsKvtF7sbwE9LOOUV9ADt5unhltDKBGvoZB+LITvdA+\ndue50+RdNaBTM77k/zP9B2iNw6aNBcFG1I/QponlnDXCb4WFjl09r1EL6IYmakWZ\nwL15WvuW2ZHpbJse2hzK5I9TRbTB3LL7Whbkci6zD0mcV9aUkomWTrfy0XZqVrhy\niboZUCxIbvUIRWINjX/HGJ5Q+v9hrTG3Fx1nW+u3dNzwJOslQmJp1IDFDiJ1jKhU\nF25jRX0XDKkxoBJC5DgJbT16mwuzfRJn5l3u+HCqfY0WCplZbiHmO0HyCN6P3fyh\nTpMd0VGLFj0xYJeHXbVMTQOeRFJPvFMBUUDJW2ZHQxSOfe/ITjouAVyvfcLleZl7\nyjgrQ4GvNWHzPx/rNycBOK3XXniQw3XfVGznkLqxem+GVTUqh3q9esmGMSJ5MMG1\nVrqZyH4bT40qek5d1GXMHTLn045anbTJvX4xbQ+ZTJ+F0Z27EZzQ+Sltz8I=\n-----END CERTIFICATE-----\n"
+  }
+}
+)";
+    auto bad_json = R"({
+  "ztAPI": "https://calculon.local:1280",
+  "id": {
+    "cert": "-----BEGIN CERTIFICATE-----\nMIIDnjCCAYagAwIBAgIDBirVMA0GCSqGSIb3DQEBCwUAMGIxCzAJBgNVBAYTAlVT\nMRIwEAYDVQQHEwlDaGFybG90dGUxEzARBgNVBAoTCk5ldEZvdW5kcnkxEDAOBgNV\nBAsTB0FEVi1ERVYxGDAWBgNVBAMTD2ludGVybWVkaWF0ZS1jYTAeFw0yMzEyMDQx\nOTI2MTBaFw0yNDEyMDQxOTI3MTBaMEIxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJO\nWTERMA8GA1UEChMIT3BlblppdGkxEzARBgNVBAMTCjVZTENuUGtEcUMwWTATBgcq\nhkjOPQIBBggqhkjOPQMBBwNCAASAQAB1dYikr3YetRN6dLnGz8pWpp5nna/ErGTV\nZAP1nAHykTdrZCjt1dBv8xHxsbF0drT/Ddzyn/HeQdx3SFHbo0gwRjAOBgNVHQ8B\nAf8EBAMCBLAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwHwYDVR0jBBgwFoAUME5gfYO0\n2JAM0WNdLGVOg5JXAHIwDQYJKoZIhvcNAQELBQADggIBAEfW6quMT1Uok/3sbBT2\n+sYeFYigknDtFNTDpyKz2aM03iBYdOGGDnzc/8klwvI/LgOBq9RW6F9ySHl9UdYr\nBeeq2+wlth4Wks+imlmhFw+WafMi94Ly8yk/vQImud17PfGcr78gn+6EaSUevNpk\nT0oq27AxGzYJyIa9c62VCiavPrE2rXVKbFm7CiIr7u1K4+obrf57kS5hPZ4Yxfd+\nTcW8jBhS4aSmwSYjd/qTV9T25jylS/RWe1EvneGvW0DMFvW9l1KfrhS+JKnEaMTW\ndtEfcWcr8Nio7GyPS6OYC48euLqy0TcUDmQXVE/u4tjmngzqlZKAC9Fyc82V4ouj\nyV1F3JMEUwPZfLfWj5/7Nq/mqPGfK1SQAX70vkGE8Ac3zzCtSRCdxrkEvGMaoy2o\ny5iqFd+RFJuo02rmQj/Y4h7ewPCFpofJ60ytQVh29kq7nHM7yJlm/jbrV0z0lWHm\nBVfarXbODeMEweN9J22VB7O3QzHTZUZmKpcRPJVbIDGySVYZRr4/4SkR5AU9SPv5\nowYhD7LPfsgowPE+1bE16eoZLeOwyPUvUfblZJ79LSQb9HFvL6fMTufMgaCQrcb6\nZqjv+0fm+lxhrrgwDVAQE0/0NK5cM6F6jNr0wJJhUsrss6gRr9jA3KcRJZJzknWh\nace4f9yDr6iJ2jUN9y6rAxpq\n-----END CERTIFICATE-----\n",
+)";
+
+    auto non_identity_json = R"({
+    "foo": "bar"
+})";
+
+    ziti_config cfg;
+    REQUIRE(ziti_load_config(&cfg, nullptr) == ZITI_INVALID_CONFIG);
+
+    REQUIRE(ziti_load_config(&cfg, good_json) == ZITI_OK);
+    free_ziti_config(&cfg);
+
+    REQUIRE(ziti_load_config(&cfg, bad_json) == ZITI_CONFIG_NOT_FOUND);
+    free_ziti_config(&cfg);
+
+    REQUIRE(ziti_load_config(&cfg, non_identity_json) == ZITI_INVALID_CONFIG);
+    free_ziti_config(&cfg);
 }
\ No newline at end of file