util.c: complete function renaming and documentation

Signed-off-by: Hans Zandbelt <[email protected]>

src/handle/authz.c

@@ -518,7 +518,7 @@ static authz_status oidc_authz_24_unauthorized_user(request_rec *r) {
 		break;
 	}
 
-	oidc_request_authenticate_user(r, c, NULL, oidc_get_current_url(r, oidc_cfg_x_forwarded_headers_get(c)), NULL,
+	oidc_request_authenticate_user(r, c, NULL, oidc_util_current_url(r, oidc_cfg_x_forwarded_headers_get(c)), NULL,
 				       NULL, NULL, oidc_cfg_dir_path_auth_request_params_get(r),
 				       oidc_cfg_dir_path_scope_get(r));
 
@@ -730,7 +730,7 @@ static int oidc_authz_22_unauthorized_user(request_rec *r) {
 		OIDC_METRICS_COUNTER_INC(r, c, OM_AUTHZ_ACTION_AUTH);
 	}
 
-	return oidc_request_authenticate_user(r, c, NULL, oidc_get_current_url(r, oidc_cfg_x_forwarded_headers_get(c)),
+	return oidc_request_authenticate_user(r, c, NULL, oidc_util_current_url(r, oidc_cfg_x_forwarded_headers_get(c)),
 					      NULL, NULL, NULL, oidc_cfg_dir_path_auth_request_params_get(r),
 					      oidc_cfg_dir_path_scope_get(r));
 }

src/handle/content.c

@@ -64,12 +64,12 @@ int oidc_content_handler(request_rec *r) {
 		return DECLINED;
 	}
 
-	if (oidc_util_request_matches_url(r, oidc_get_redirect_uri(r, c)) == TRUE) {
+	if (oidc_util_request_matches_url(r, oidc_util_redirect_uri(r, c)) == TRUE) {
 
 		/* requests to the redirect URI are handled and finished here */
 		rc = OK;
 
-		if (oidc_http_request_has_parameter(r, OIDC_REDIRECT_URI_REQUEST_INFO)) {
+		if (oidc_util_request_has_parameter(r, OIDC_REDIRECT_URI_REQUEST_INFO)) {
 
 			OIDC_METRICS_COUNTER_INC(r, c, OM_CONTENT_REQUEST_INFO);
 
@@ -92,7 +92,7 @@ int oidc_content_handler(request_rec *r) {
 			/* free resources allocated for the session */
 			oidc_session_free(r, session);
 
-		} else if (oidc_http_request_has_parameter(r, OIDC_REDIRECT_URI_REQUEST_JWKS)) {
+		} else if (oidc_util_request_has_parameter(r, OIDC_REDIRECT_URI_REQUEST_JWKS)) {
 
 			OIDC_METRICS_COUNTER_INC(r, c, OM_CONTENT_REQUEST_JWKS);
 

src/handle/discovery.c

@@ -70,8 +70,8 @@ apr_byte_t oidc_is_discovery_response(request_rec *r, oidc_cfg_t *cfg) {
 	 * prereq: this is a call to the configured redirect_uri, now see if:
 	 * the OIDC_DISC_OP_PARAM is present
 	 */
-	return oidc_http_request_has_parameter(r, OIDC_DISC_OP_PARAM) ||
-	       oidc_http_request_has_parameter(r, OIDC_DISC_USER_PARAM);
+	return oidc_util_request_has_parameter(r, OIDC_DISC_OP_PARAM) ||
+	       oidc_util_request_has_parameter(r, OIDC_DISC_USER_PARAM);
 }
 
 /* define the name of the cookie/parameter for CSRF protection */
@@ -88,7 +88,7 @@ int oidc_discovery_request(request_rec *r, oidc_cfg_t *cfg) {
 	oidc_debug(r, "enter");
 
 	/* obtain the URL we're currently accessing, to be stored in the state/session */
-	char *current_url = oidc_get_current_url(r, oidc_cfg_x_forwarded_headers_get(cfg));
+	char *current_url = oidc_util_current_url(r, oidc_cfg_x_forwarded_headers_get(cfg));
 	const char *method = oidc_original_request_method(r, cfg, FALSE);
 
 	/* generate CSRF token */
@@ -108,7 +108,7 @@ int oidc_discovery_request(request_rec *r, oidc_cfg_t *cfg) {
 		    apr_psprintf(r->pool, "%s%s%s=%s&%s=%s&%s=%s&%s=%s", discover_url,
 				 strchr(discover_url, OIDC_CHAR_QUERY) != NULL ? OIDC_STR_AMP : OIDC_STR_QUERY,
 				 OIDC_DISC_RT_PARAM, oidc_http_url_encode(r, current_url), OIDC_DISC_RM_PARAM, method,
-				 OIDC_DISC_CB_PARAM, oidc_http_url_encode(r, oidc_get_redirect_uri(r, cfg)),
+				 OIDC_DISC_CB_PARAM, oidc_http_url_encode(r, oidc_util_redirect_uri(r, cfg)),
 				 OIDC_CSRF_NAME, oidc_http_url_encode(r, csrf));
 
 		if (path_scopes != NULL)
@@ -152,7 +152,7 @@ int oidc_discovery_request(request_rec *r, oidc_cfg_t *cfg) {
 		// TODO: html escape (especially & character)
 
 		char *href = apr_psprintf(
-		    r->pool, "%s?%s=%s&%s=%s&%s=%s&%s=%s", oidc_get_redirect_uri(r, cfg),
+		    r->pool, "%s?%s=%s&%s=%s&%s=%s&%s=%s", oidc_util_redirect_uri(r, cfg),
 		    OIDC_DISC_OP_PARAM, oidc_http_url_encode(r, issuer), OIDC_DISC_RT_PARAM,
 		    oidc_http_url_encode(r, current_url), OIDC_DISC_RM_PARAM, method, OIDC_CSRF_NAME, csrf);
 
@@ -176,7 +176,7 @@ int oidc_discovery_request(request_rec *r, oidc_cfg_t *cfg) {
 	}
 
 	/* add an option to enter an account or issuer name for dynamic OP discovery */
-	s = apr_psprintf(r->pool, "%s<form method=\"get\" action=\"%s\">\n", s, oidc_get_redirect_uri(r, cfg));
+	s = apr_psprintf(r->pool, "%s<form method=\"get\" action=\"%s\">\n", s, oidc_util_redirect_uri(r, cfg));
 	s = apr_psprintf(r->pool, "%s<p><input type=\"hidden\" name=\"%s\" value=\"%s\"><p>\n", s, OIDC_DISC_RT_PARAM,
 			 current_url);
 	s = apr_psprintf(r->pool, "%s<p><input type=\"hidden\" name=\"%s\" value=\"%s\"><p>\n", s, OIDC_DISC_RM_PARAM,
@@ -225,7 +225,7 @@ static int oidc_discovery_target_link_uri_match(request_rec *r, oidc_cfg_t *cfg,
 	}
 
 	apr_uri_t r_uri;
-	apr_uri_parse(r->pool, oidc_get_redirect_uri(r, cfg), &r_uri);
+	apr_uri_parse(r->pool, oidc_util_redirect_uri(r, cfg), &r_uri);
 
 	if (oidc_cfg_cookie_domain_get(cfg) == NULL) {
 		/* cookie_domain set: see if the target_link_uri matches the redirect_uri host (because the session
@@ -294,13 +294,13 @@ int oidc_discovery_response(request_rec *r, oidc_cfg_t *c) {
 	char *error_str = NULL;
 	char *error_description = NULL;
 
-	oidc_http_request_parameter_get(r, OIDC_DISC_OP_PARAM, &issuer);
-	oidc_http_request_parameter_get(r, OIDC_DISC_USER_PARAM, &user);
-	oidc_http_request_parameter_get(r, OIDC_DISC_RT_PARAM, &target_link_uri);
-	oidc_http_request_parameter_get(r, OIDC_DISC_LH_PARAM, &login_hint);
-	oidc_http_request_parameter_get(r, OIDC_DISC_SC_PARAM, &path_scopes);
-	oidc_http_request_parameter_get(r, OIDC_DISC_AR_PARAM, &auth_request_params);
-	oidc_http_request_parameter_get(r, OIDC_CSRF_NAME, &csrf_query);
+	oidc_util_request_parameter_get(r, OIDC_DISC_OP_PARAM, &issuer);
+	oidc_util_request_parameter_get(r, OIDC_DISC_USER_PARAM, &user);
+	oidc_util_request_parameter_get(r, OIDC_DISC_RT_PARAM, &target_link_uri);
+	oidc_util_request_parameter_get(r, OIDC_DISC_LH_PARAM, &login_hint);
+	oidc_util_request_parameter_get(r, OIDC_DISC_SC_PARAM, &path_scopes);
+	oidc_util_request_parameter_get(r, OIDC_DISC_AR_PARAM, &auth_request_params);
+	oidc_util_request_parameter_get(r, OIDC_CSRF_NAME, &csrf_query);
 	csrf_cookie = oidc_http_get_cookie(r, OIDC_CSRF_NAME);
 
 	/* do CSRF protection if not 3rd party initiated SSO */
@@ -330,7 +330,7 @@ int oidc_discovery_response(request_rec *r, oidc_cfg_t *c) {
 							 " is not set.",
 							 HTTP_INTERNAL_SERVER_ERROR);
 		}
-		target_link_uri = apr_pstrdup(r->pool, oidc_get_absolute_url(r, c, oidc_cfg_default_sso_url_get(c)));
+		target_link_uri = apr_pstrdup(r->pool, oidc_util_absolute_url(r, c, oidc_cfg_default_sso_url_get(c)));
 	}
 
 	/* do open redirect prevention, step 1 */
@@ -412,7 +412,7 @@ int oidc_discovery_response(request_rec *r, oidc_cfg_t *c) {
 	if (issuer[n - 1] == OIDC_CHAR_FORWARD_SLASH)
 		issuer[n - 1] = '\0';
 
-	if (oidc_http_request_has_parameter(r, "test-config")) {
+	if (oidc_util_request_has_parameter(r, "test-config")) {
 		json_t *j_provider = NULL;
 		oidc_metadata_provider_get(r, c, issuer, &j_provider, csrf_cookie != NULL);
 		if (j_provider)
@@ -423,7 +423,7 @@ int oidc_discovery_response(request_rec *r, oidc_cfg_t *c) {
 	/* try and get metadata from the metadata directories for the selected OP */
 	if ((oidc_metadata_get(r, c, issuer, &provider, csrf_cookie != NULL) == TRUE) && (provider != NULL)) {
 
-		if (oidc_http_request_has_parameter(r, "test-jwks-uri")) {
+		if (oidc_util_request_has_parameter(r, "test-jwks-uri")) {
 			json_t *j_jwks = NULL;
 			apr_byte_t force_refresh = TRUE;
 			oidc_metadata_jwks_get(r, c, oidc_cfg_provider_jwks_uri_get(provider),

src/handle/info.c

@@ -62,9 +62,9 @@ int oidc_info_request(request_rec *r, oidc_cfg_t *c, oidc_session_t *session, ap
 	apr_byte_t b_extend_session = TRUE;
 	apr_time_t t_interval = -1;
 
-	oidc_http_request_parameter_get(r, OIDC_REDIRECT_URI_REQUEST_INFO, &s_format);
-	oidc_http_request_parameter_get(r, OIDC_INFO_PARAM_ACCESS_TOKEN_REFRESH_INTERVAL, &s_interval);
-	oidc_http_request_parameter_get(r, OIDC_INFO_PARAM_EXTEND_SESSION, &s_extend_session);
+	oidc_util_request_parameter_get(r, OIDC_REDIRECT_URI_REQUEST_INFO, &s_format);
+	oidc_util_request_parameter_get(r, OIDC_INFO_PARAM_ACCESS_TOKEN_REFRESH_INTERVAL, &s_interval);
+	oidc_util_request_parameter_get(r, OIDC_INFO_PARAM_EXTEND_SESSION, &s_extend_session);
 	if ((s_extend_session) && (_oidc_strcmp(s_extend_session, "false") == 0))
 		b_extend_session = FALSE;
 
@@ -223,7 +223,7 @@ int oidc_info_request(request_rec *r, oidc_cfg_t *c, oidc_session_t *session, ap
 		/* JSON-encode the result */
 		r_value = oidc_util_encode_json_object(r, json, JSON_PRESERVE_ORDER);
 		/* return the stringified JSON result */
-		rc = oidc_http_send(r, r_value, _oidc_strlen(r_value), OIDC_HTTP_CONTENT_TYPE_JSON, OK);
+		rc = oidc_util_http_send(r, r_value, _oidc_strlen(r_value), OIDC_HTTP_CONTENT_TYPE_JSON, OK);
 	} else if (_oidc_strcmp(OIDC_HOOK_INFO_FORMAT_HTML, s_format) == 0) {
 		/* JSON-encode the result */
 		r_value = oidc_util_encode_json_object(r, json, JSON_PRESERVE_ORDER | JSON_INDENT(2));

src/handle/jwks.c

@@ -72,5 +72,5 @@ int oidc_jwks_request(request_rec *r, oidc_cfg_t *c) {
 	// TODO: send stuff if first == FALSE?
 	jwks = apr_psprintf(r->pool, "%s ] }", jwks);
 
-	return oidc_http_send(r, jwks, _oidc_strlen(jwks), OIDC_HTTP_CONTENT_TYPE_JSON, OK);
+	return oidc_util_http_send(r, jwks, _oidc_strlen(jwks), OIDC_HTTP_CONTENT_TYPE_JSON, OK);
 }

src/handle/logout.c

@@ -216,9 +216,9 @@ int oidc_logout_request(request_rec *r, oidc_cfg_t *c, oidc_session_t *session,
 			char *sid, *iss;
 			oidc_provider_t *provider = NULL;
 
-			if (oidc_http_request_parameter_get(r, OIDC_REDIRECT_URI_REQUEST_SID, &sid) != FALSE) {
+			if (oidc_util_request_parameter_get(r, OIDC_REDIRECT_URI_REQUEST_SID, &sid) != FALSE) {
 
-				if (oidc_http_request_parameter_get(r, OIDC_REDIRECT_URI_REQUEST_ISS, &iss) != FALSE) {
+				if (oidc_util_request_parameter_get(r, OIDC_REDIRECT_URI_REQUEST_ISS, &iss) != FALSE) {
 					provider = oidc_get_provider_for_issuer(r, c, iss, FALSE);
 				} else {
 					/*
@@ -249,9 +249,9 @@ int oidc_logout_request(request_rec *r, oidc_cfg_t *c, oidc_session_t *session,
 		const char *accept = oidc_http_hdr_in_accept_get(r);
 		if ((_oidc_strcmp(url, OIDC_IMG_STYLE_LOGOUT_PARAM_VALUE) == 0) ||
 		    ((accept) && _oidc_strstr(accept, OIDC_HTTP_CONTENT_TYPE_IMAGE_PNG))) {
-			return oidc_http_send(r, (const char *)&oidc_logout_transparent_pixel,
-					      sizeof(oidc_logout_transparent_pixel), OIDC_HTTP_CONTENT_TYPE_IMAGE_PNG,
-					      OK);
+			return oidc_util_http_send(r, (const char *)&oidc_logout_transparent_pixel,
+						   sizeof(oidc_logout_transparent_pixel),
+						   OIDC_HTTP_CONTENT_TYPE_IMAGE_PNG, OK);
 		}
 
 		/* standard HTTP based logout: should be called in an iframe from the OP */
@@ -289,7 +289,7 @@ static int oidc_logout_backchannel(request_rec *r, oidc_cfg_t *cfg) {
 	int rc = HTTP_BAD_REQUEST;
 
 	apr_table_t *params = apr_table_make(r->pool, 8);
-	if (oidc_http_read_post_params(r, params, FALSE, NULL) == FALSE) {
+	if (oidc_util_read_post_params(r, params, FALSE, NULL) == FALSE) {
 		oidc_error(r, "could not read POST-ed parameters to the logout endpoint");
 		goto out;
 	}
@@ -368,14 +368,14 @@ static int oidc_logout_backchannel(request_rec *r, oidc_cfg_t *cfg) {
 	}
 
 	char *nonce = NULL;
-	oidc_json_object_get_string(r->pool, jwt->payload.value.json, OIDC_CLAIM_NONCE, &nonce, NULL);
+	oidc_util_json_object_get_string(r->pool, jwt->payload.value.json, OIDC_CLAIM_NONCE, &nonce, NULL);
 	if (nonce != NULL) {
 		oidc_error(r, "rejecting logout request/token since it contains a \"%s\" claim", OIDC_CLAIM_NONCE);
 		goto out;
 	}
 
 	char *jti = NULL;
-	oidc_json_object_get_string(r->pool, jwt->payload.value.json, OIDC_CLAIM_JTI, &jti, NULL);
+	oidc_util_json_object_get_string(r->pool, jwt->payload.value.json, OIDC_CLAIM_JTI, &jti, NULL);
 	if (jti != NULL) {
 		char *replay = NULL;
 		oidc_cache_get_jti(r, jti, &replay);
@@ -395,7 +395,7 @@ static int oidc_logout_backchannel(request_rec *r, oidc_cfg_t *cfg) {
 	/* store it in the cache for the calculated duration */
 	oidc_cache_set_jti(r, jti, jti, apr_time_now() + jti_cache_duration);
 
-	oidc_json_object_get_string(r->pool, jwt->payload.value.json, OIDC_CLAIM_EVENTS, &sid, NULL);
+	oidc_util_json_object_get_string(r->pool, jwt->payload.value.json, OIDC_CLAIM_EVENTS, &sid, NULL);
 
 	// TODO: by-spec we should cater for the fact that "sid" has been provided
 	//       in the id_token returned in the authentication request, but "sub"
@@ -405,7 +405,7 @@ static int oidc_logout_backchannel(request_rec *r, oidc_cfg_t *cfg) {
 	//       this for logout
 	//       (and probably call us multiple times or the same sub if needed)
 
-	oidc_json_object_get_string(r->pool, jwt->payload.value.json, OIDC_CLAIM_SID, &sid, NULL);
+	oidc_util_json_object_get_string(r->pool, jwt->payload.value.json, OIDC_CLAIM_SID, &sid, NULL);
 	if (sid == NULL)
 		sid = jwt->payload.sub;
 
@@ -451,7 +451,7 @@ int oidc_logout(request_rec *r, oidc_cfg_t *c, oidc_session_t *session) {
 	char *id_token_hint = NULL;
 	char *s_logout_request = NULL;
 
-	oidc_http_request_parameter_get(r, OIDC_REDIRECT_URI_REQUEST_LOGOUT, &url);
+	oidc_util_request_parameter_get(r, OIDC_REDIRECT_URI_REQUEST_LOGOUT, &url);
 
 	oidc_debug(r, "enter (url=%s)", url);
 
@@ -463,7 +463,7 @@ int oidc_logout(request_rec *r, oidc_cfg_t *c, oidc_session_t *session) {
 
 	if ((url == NULL) || (_oidc_strcmp(url, "") == 0)) {
 
-		url = apr_pstrdup(r->pool, oidc_get_absolute_url(r, c, oidc_cfg_default_slo_url_get(c)));
+		url = apr_pstrdup(r->pool, oidc_util_absolute_url(r, c, oidc_cfg_default_slo_url_get(c)));
 
 	} else {
 

src/handle/refresh.c

@@ -310,8 +310,8 @@ int oidc_refresh_token_request(request_rec *r, oidc_cfg_t *c, oidc_session_t *se
 	apr_byte_t needs_save = TRUE;
 
 	/* get the command passed to the session management handler */
-	oidc_http_request_parameter_get(r, OIDC_REDIRECT_URI_REQUEST_REFRESH, &return_to);
-	oidc_http_request_parameter_get(r, OIDC_PROTO_ACCESS_TOKEN, &r_access_token);
+	oidc_util_request_parameter_get(r, OIDC_REDIRECT_URI_REQUEST_REFRESH, &return_to);
+	oidc_util_request_parameter_get(r, OIDC_PROTO_ACCESS_TOKEN, &r_access_token);
 
 	/* check the input parameters */
 	if (return_to == NULL) {

src/handle/request.c

@@ -56,7 +56,7 @@ static int oidc_request_check_cookie_domain(request_rec *r, oidc_cfg_t *c, oidc_
 	apr_uri_t r_uri;
 	_oidc_memset(&r_uri, 0, sizeof(apr_uri_t));
 	apr_uri_parse(r->pool, original_url, &o_uri);
-	apr_uri_parse(r->pool, oidc_get_redirect_uri(r, c), &r_uri);
+	apr_uri_parse(r->pool, oidc_util_redirect_uri(r, c), &r_uri);
 	if ((_oidc_strcmp(o_uri.scheme, r_uri.scheme) != 0) && (_oidc_strcmp(r_uri.scheme, "https") == 0)) {
 		oidc_error(r,
 			   "the URL scheme (%s) of the configured " OIDCRedirectURI
@@ -241,8 +241,8 @@ int oidc_request_authenticate_user(request_rec *r, oidc_cfg_t *c, oidc_provider_
 
 	/* send off to the OpenID Connect Provider */
 	// TODO: maybe show intermediate/progress screen "redirecting to"
-	rc = oidc_proto_authorization_request(r, provider, login_hint, oidc_get_redirect_uri_iss(r, c, provider), state,
-					      proto_state, id_token_hint, code_challenge, auth_request_params,
+	rc = oidc_proto_authorization_request(r, provider, login_hint, oidc_util_redirect_uri_iss(r, c, provider),
+					      state, proto_state, id_token_hint, code_challenge, auth_request_params,
 					      path_scope);
 
 	OIDC_METRICS_TIMING_ADD(r, c, OM_AUTHN_REQUEST);

src/handle/request_uri.c

@@ -237,7 +237,7 @@ static char *oidc_request_uri_request_object(request_rec *r, struct oidc_provide
 
 	/* get the crypto settings from the configuration */
 	json_t *crypto = json_object_get(request_object_config, "crypto");
-	oidc_json_object_get_string(r->pool, crypto, "sign_alg", &request_object->header.alg, "none");
+	oidc_util_json_object_get_string(r->pool, crypto, "sign_alg", &request_object->header.alg, "none");
 
 	/* see if we need to sign the request object */
 	if (_oidc_strcmp(request_object->header.alg, "none") != 0) {
@@ -302,8 +302,8 @@ static char *oidc_request_uri_request_object(request_rec *r, struct oidc_provide
 		return NULL;
 	}
 
-	oidc_json_object_get_string(r->pool, crypto, "crypt_alg", &jwe->header.alg, NULL);
-	oidc_json_object_get_string(r->pool, crypto, "crypt_enc", &jwe->header.enc, NULL);
+	oidc_util_json_object_get_string(r->pool, crypto, "crypt_alg", &jwe->header.alg, NULL);
+	oidc_util_json_object_get_string(r->pool, crypto, "crypt_enc", &jwe->header.enc, NULL);
 
 	char *cser = oidc_jwt_serialize(r->pool, request_object, &err);
 
@@ -440,7 +440,7 @@ void oidc_request_uri_add_request_param(request_rec *r, struct oidc_provider_t *
 	/* create request value */
 	char *value = NULL;
 	int ttl = OIDC_REQUEST_OBJECT_TTL_DEFAULT;
-	oidc_json_object_get_int(request_object_config, "ttl", &ttl, OIDC_REQUEST_OBJECT_TTL_DEFAULT);
+	oidc_util_json_object_get_int(request_object_config, "ttl", &ttl, OIDC_REQUEST_OBJECT_TTL_DEFAULT);
 	if (_oidc_strcmp(parameter, OIDC_PROTO_REQUEST_URI) == 0) {
 		/* parameter is "request_uri" */
 		value = oidc_request_uri_create(r, provider, request_object_config, redirect_uri, params, ttl);
@@ -458,7 +458,7 @@ void oidc_request_uri_add_request_param(request_rec *r, struct oidc_provider_t *
 int oidc_request_uri(request_rec *r, oidc_cfg_t *c) {
 
 	char *request_ref = NULL;
-	oidc_http_request_parameter_get(r, OIDC_REDIRECT_URI_REQUEST_REQUEST_URI, &request_ref);
+	oidc_util_request_parameter_get(r, OIDC_REDIRECT_URI_REQUEST_REQUEST_URI, &request_ref);
 	if (request_ref == NULL) {
 		oidc_error(r, "no \"%s\" parameter found", OIDC_REDIRECT_URI_REQUEST_REQUEST_URI);
 		return HTTP_BAD_REQUEST;
@@ -474,5 +474,5 @@ int oidc_request_uri(request_rec *r, oidc_cfg_t *c) {
 
 	oidc_cache_set_request_uri(r, request_ref, NULL, 0);
 
-	return oidc_http_send(r, jwt, _oidc_strlen(jwt), OIDC_HTTP_CONTENT_TYPE_JWT, OK);
+	return oidc_util_http_send(r, jwt, _oidc_strlen(jwt), OIDC_HTTP_CONTENT_TYPE_JWT, OK);
 }