Hi all,
looking around the moonshot-ui code I just realized the existence of
both, moonshot_get_id, and moonshot_get_default_id methods. As far as I
understand, the former follows the typical procedure to get an ID card
to be used with the selected RP (i.e. use one existing ID<->RP
association, or launch the UI to create one). However, the latter seems
to try to return the last used ID (stored in the "default_id_card"
variable).
However, I've been playing with this function, and I have some doubts
about how it works. I hope anyone can help me understanding it:
1) The moonshot-ui seems to update the default_id_card variable after a
card is selected on the UI. However, this does not assure this variable
contains last used ID, as it is possible that a user makes use of a
different identity for which an association exists. In that case, the UI
is not shown, and the variable is not updated.
Ej. User selects [log in to unmask] in the UI -> default_id_card =
[log in to unmask]
Then, the user accesses a server for which ID [log in to unmask] was
configured -> default_id_card = [log in to unmask]
Therefore, subsequent calls to moonshot_get_default_id will return
[log in to unmask] instead of [log in to unmask]
Is this the expected behaviour or is it a bug?
2) What's the purpose of this method anyway? Is it used under any
circumstance from mech_eap? I've seen some code in util_cred.c, but it
is unclear to me what it is supposed to do. When one tries to access a
new server which has not previous association with you, the default ID
(previous ID) is not sent. Instead, the UI pops up.
Regards,
Alejandro
|