diff options
author | Christian Grothoff <christian@grothoff.org> | 2022-03-02 23:39:26 +0100 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2022-03-02 23:39:26 +0100 |
commit | cf4b6ebd6de3370da4b16d2f1ef19a2a3d3d0b12 (patch) | |
tree | eeec41a888f4f9cbdb77d6f01844ef20fccc2a43 /src/include | |
parent | 81311476b804c054e4ee19c9b182f3b34357f88f (diff) | |
download | anastasis-cf4b6ebd6de3370da4b16d2f1ef19a2a3d3d0b12.tar.gz anastasis-cf4b6ebd6de3370da4b16d2f1ef19a2a3d3d0b12.tar.bz2 anastasis-cf4b6ebd6de3370da4b16d2f1ef19a2a3d3d0b12.zip |
push new /truth/ API through the entire implementation
Diffstat (limited to 'src/include')
-rw-r--r-- | src/include/anastasis.h | 309 | ||||
-rw-r--r-- | src/include/anastasis_service.h | 323 | ||||
-rw-r--r-- | src/include/anastasis_testing_lib.h | 33 |
3 files changed, 270 insertions, 395 deletions
diff --git a/src/include/anastasis.h b/src/include/anastasis.h index 92c0745..90f3f5d 100644 --- a/src/include/anastasis.h +++ b/src/include/anastasis.h @@ -97,61 +97,38 @@ ANASTASIS_challenge_get_details (struct ANASTASIS_Challenge *challenge); /** * Possible outcomes of trying to start a challenge operation. */ -enum ANASTASIS_ChallengeStatus +enum ANASTASIS_ChallengeStartStatus { /** - * The challenge has been solved. - */ - ANASTASIS_CHALLENGE_STATUS_SOLVED, - - /** - * Instructions for how to solve the challenge are provided. Also - * used if the answer we provided was wrong (or if no answer was - * provided, but one is needed). - */ - ANASTASIS_CHALLENGE_STATUS_INSTRUCTIONS, - - /** - * A redirection URL needed to solve the challenge is provided. Also - * used if the answer we provided was wrong (or if no answer was - * provided, but one is needed). + * We encountered an error talking to the Anastasis service. */ - ANASTASIS_CHALLENGE_STATUS_REDIRECT_FOR_AUTHENTICATION, + ANASTASIS_CHALLENGE_START_STATUS_SERVER_FAILURE, /** * Payment is required before the challenge can be answered. */ - ANASTASIS_CHALLENGE_STATUS_PAYMENT_REQUIRED, - - /** - * We encountered an error talking to the Anastasis service. - */ - ANASTASIS_CHALLENGE_STATUS_SERVER_FAILURE, + ANASTASIS_CHALLENGE_START_STATUS_PAYMENT_REQUIRED, /** * The server does not know this truth. */ - ANASTASIS_CHALLENGE_STATUS_TRUTH_UNKNOWN, + ANASTASIS_CHALLENGE_START_STATUS_TRUTH_UNKNOWN, /** - * The rate limit for solving the challenge was exceeded. + * A filename with the TAN has been provided. */ - ANASTASIS_CHALLENGE_STATUS_RATE_LIMIT_EXCEEDED, + ANASTASIS_CHALLENGE_START_STATUS_FILENAME_PROVIDED, /** - * The user did not satisfy the (external) authentication - * challenge in time. The request should be repeated - * later and may then succeed. + * A TAN has been send, address hint is provided. */ - ANASTASIS_CHALLENGE_STATUS_AUTH_TIMEOUT, + ANASTASIS_CHALLENGE_START_STATUS_TAN_SENT_HINT_PROVIDED, /** - * Plugin-specific ("external") instructions for how to solve the - * challenge are provided. + * Wire transfer required, banking details provided. */ - ANASTASIS_CHALLENGE_STATUS_EXTERNAL_INSTRUCTIONS - + ANASTASIS_CHALLENGE_START_STATUS_BANK_TRANSFER_REQUIRED }; @@ -161,10 +138,21 @@ enum ANASTASIS_ChallengeStatus */ struct ANASTASIS_ChallengeStartResponse { + + /** + * HTTP status returned by the server. + */ + unsigned int http_status; + + /** + * Taler-specific error code. + */ + enum TALER_ErrorCode ec; + /** * What is our status on satisfying this challenge. Determines @e details. */ - enum ANASTASIS_ChallengeStatus cs; + enum ANASTASIS_ChallengeStartStatus cs; /** * Which challenge is this about? @@ -179,36 +167,159 @@ struct ANASTASIS_ChallengeStartResponse /** * Challenge details provided if - * @e cs is #ANASTASIS_CHALLENGE_STATUS_INSTRUCTIONS + * @e cs is #ANASTASIS_CHALLENGE_START_STATUS_FILENAME_PROVIDED. + */ + const char *tan_filename; + + /** + * Challenge details provided if + * @e cs is #ANASTASIS_CHALLENGE_START_STATUS_TAN_SENT_HINT_PROVIDED. + */ + const char *tan_address_hint; + + /** + * Challenge details provided if + * @e cs is #ANASTASIS_CHALLENGE_START_STATUS_BANK_TRANSFER_REQUIRED. + */ + struct ANASTASIS_WireFundsDetails bank_transfer_required; + + /** + * Response with instructions for how to pay, if + * @e cs is #ANASTASIS_CHALLENGE_START_STATUS_PAYMENT_REQUIRED. */ struct { /** - * Response with server-side instructions for the user. + * "taler://pay" URI with details how to pay for the challenge. */ - const void *body; + const char *taler_pay_uri; /** - * Mime type of the data in @e body. + * Payment secret from @e taler_pay_uri. */ - const char *content_type; + struct ANASTASIS_PaymentSecretP payment_secret; - /** - * Number of bytes in @e body - */ - size_t body_size; + } payment_required; + + } details; +}; - /** - * HTTP status returned by the server. #MHD_HTTP_ALREADY_REPORTED - * if the server did already send the challenge to the user, - * #MHD_HTTP_FORBIDDEN if the answer was wrong (or missing). - */ - unsigned int http_status; - } open_challenge; + +/** + * Defines a callback for the response status for a challenge start + * operation. + * + * @param cls closure + * @param csr response details + */ +typedef void +(*ANASTASIS_ChallengeStartFeedback)( + void *cls, + const struct ANASTASIS_ChallengeStartResponse *csr); + + +/** + * User starts a challenge which reponds out of bounds (E-Mail, SMS, + * Postal..) If the challenge is zero cost, the challenge + * instructions will be sent to the client. If the challenge needs + * payment a payment link is sent to the client. After payment the + * challenge start method has to be called again. + * + * @param c reference to the escrow challenge which is started + * @param psp payment secret, NULL if no payment was yet made + * @param af reference to the answerfeedback which is passed back to the user + * @param af_cls closure for @a af + * @return #GNUNET_OK if the challenge was successfully started + */ +enum GNUNET_GenericReturnValue +ANASTASIS_challenge_start (struct ANASTASIS_Challenge *c, + const struct ANASTASIS_PaymentSecretP *psp, + ANASTASIS_ChallengeStartFeedback af, + void *af_cls); + + +/** + * Possible outcomes of trying to start a challenge operation. + */ +enum ANASTASIS_ChallengeAnswerStatus +{ + + /** + * The challenge has been solved. + */ + ANASTASIS_CHALLENGE_ANSWER_STATUS_SOLVED, + + /** + * Payment is required before the challenge can be answered. + */ + ANASTASIS_CHALLENGE_ANSWER_STATUS_PAYMENT_REQUIRED, + + /** + * We encountered an error talking to the Anastasis service. + */ + ANASTASIS_CHALLENGE_ANSWER_STATUS_SERVER_FAILURE, + + /** + * The server does not know this truth. + */ + ANASTASIS_CHALLENGE_ANSWER_STATUS_TRUTH_UNKNOWN, + + /** + * The answer was wrong. + */ + ANASTASIS_CHALLENGE_ANSWER_STATUS_INVALID_ANSWER, + + /** + * The rate limit for solving the challenge was exceeded. + */ + ANASTASIS_CHALLENGE_ANSWER_STATUS_RATE_LIMIT_EXCEEDED, + + /** + * The user did not satisfy the (external) authentication + * challenge in time. The request should be repeated + * later and may then succeed. + */ + ANASTASIS_CHALLENGE_ANSWER_STATUS_AUTH_TIMEOUT + + +}; + + +/** + * Response from an #ANASTASIS_challenge_start() operation. + */ +struct ANASTASIS_ChallengeAnswerResponse +{ + + /** + * HTTP status returned by the server. + */ + unsigned int http_status; + + /** + * Taler-specific error code. + */ + enum TALER_ErrorCode ec; + + /** + * What is our status on satisfying this challenge. Determines @e details. + */ + enum ANASTASIS_ChallengeAnswerStatus cs; + + /** + * Which challenge is this about? + */ + struct ANASTASIS_Challenge *challenge; + + /** + * Details depending on @e cs + */ + union + { /** - * Details for #ANASTASIS_CHALLENGE_STATUS_RATE_LIMIT_EXCEEDED. + * Details for #ANASTASIS_CHALLENGE_ANSWER_STATUS_RATE_LIMIT_EXCEEDED. */ struct { @@ -227,20 +338,8 @@ struct ANASTASIS_ChallengeStartResponse } rate_limit_exceeded; /** - * Response with details if - * @e cs is #ANASTASIS_CHALLENGE_STATUS_EXTERNAL_INSTRUCTIONS. - */ - const json_t *external_challenge; - - /** - * Response with URL to redirect the user to, if - * @e cs is #ANASTASIS_CHALLENGE_STATUS_REDIRECT_FOR_AUTHENTICATION. - */ - const char *redirect_url; - - /** * Response with instructions for how to pay, if - * @e cs is #ANASTASIS_CHALLENGE_STATUS_PAYMENT_REQUIRED. + * @e cs is #ANASTASIS_CHALLENGE_ANSWER_STATUS_PAYMENT_REQUIRED. */ struct { @@ -257,26 +356,6 @@ struct ANASTASIS_ChallengeStartResponse } payment_required; - - /** - * Response with details about a server-side failure, if - * @e cs is #ANASTASIS_CHALLENGE_STATUS_SERVER_FAILURE. - */ - struct - { - - /** - * HTTP status returned by the server. - */ - unsigned int http_status; - - /** - * Taler-specific error code. - */ - enum TALER_ErrorCode ec; - - } server_failure; - } details; }; @@ -286,36 +365,12 @@ struct ANASTASIS_ChallengeStartResponse * operation. * * @param cls closure - * @param csr response details + * @param car response details */ typedef void (*ANASTASIS_AnswerFeedback)( void *cls, - const struct ANASTASIS_ChallengeStartResponse *csr); - - -/** - * User starts a challenge which reponds out of bounds (E-Mail, SMS, - * Postal..) If the challenge is zero cost, the challenge - * instructions will be sent to the client. If the challenge needs - * payment a payment link is sent to the client. After payment the - * challenge start method has to be called again. - * - * @param c reference to the escrow challenge which is started - * @param psp payment secret, NULL if no payment was yet made - * @param timeout how long to wait for payment - * @param hashed_answer answer to the challenge, NULL if we have none yet - * @param af reference to the answerfeedback which is passed back to the user - * @param af_cls closure for @a af - * @return #GNUNET_OK if the challenge was successfully started - */ -enum GNUNET_GenericReturnValue -ANASTASIS_challenge_start (struct ANASTASIS_Challenge *c, - const struct ANASTASIS_PaymentSecretP *psp, - struct GNUNET_TIME_Relative timeout, - const struct GNUNET_HashCode *hashed_answer, - ANASTASIS_AnswerFeedback af, - void *af_cls); + const struct ANASTASIS_ChallengeAnswerResponse *car); /** @@ -328,8 +383,8 @@ ANASTASIS_challenge_start (struct ANASTASIS_Challenge *c, * @param psp information about payment made for the recovery * @param timeout how long to wait for payment * @param answer user input instruction defines which input is needed - * @param af reference to the answerfeedback which is passed back to the user - * @param af_cls closure for @a af + * @param csf function to call with the result + * @param csf_cls closure for @a csf * @return #GNUNET_OK on success */ enum GNUNET_GenericReturnValue @@ -337,8 +392,8 @@ ANASTASIS_challenge_answer (struct ANASTASIS_Challenge *c, const struct ANASTASIS_PaymentSecretP *psp, struct GNUNET_TIME_Relative timeout, const char *answer, - ANASTASIS_AnswerFeedback af, - void *af_cls); + ANASTASIS_AnswerFeedback csf, + void *csf_cls); /** @@ -365,6 +420,30 @@ ANASTASIS_challenge_answer2 (struct ANASTASIS_Challenge *c, /** + * User starts a challenge which reponds out of bounds (E-Mail, SMS, + * Postal..) If the challenge is zero cost, the challenge + * instructions will be sent to the client. If the challenge needs + * payment a payment link is sent to the client. After payment the + * challenge start method has to be called again. + * + * @param c reference to the escrow challenge which is started + * @param psp payment secret, NULL if no payment was yet made + * @param timeout how long to wait for payment + * @param hashed_answer answer to the challenge + * @param af reference to the answerfeedback which is passed back to the user + * @param af_cls closure for @a af + * @return #GNUNET_OK if the challenge was successfully started + */ +enum GNUNET_GenericReturnValue +ANASTASIS_challenge_answer3 (struct ANASTASIS_Challenge *c, + const struct ANASTASIS_PaymentSecretP *psp, + struct GNUNET_TIME_Relative timeout, + const struct GNUNET_HashCode *hashed_answer, + ANASTASIS_AnswerFeedback af, + void *af_cls); + + +/** * Abort answering challenge. * * @param c reference to the escrow challenge which was started diff --git a/src/include/anastasis_service.h b/src/include/anastasis_service.h index c21cde5..e88b7e0 100644 --- a/src/include/anastasis_service.h +++ b/src/include/anastasis_service.h @@ -517,258 +517,6 @@ ANASTASIS_policy_store_cancel ( /** - * Operational status. - */ -enum ANASTASIS_KeyShareDownloadStatus -{ - /** - * We got the encrypted key share. - */ - ANASTASIS_KSD_SUCCESS = 0, - - /** - * Payment is needed to proceed with the recovery. - */ - ANASTASIS_KSD_PAYMENT_REQUIRED, - - /** - * The provided answer was wrong or missing. Instructions for - * getting a good answer may be provided. - */ - ANASTASIS_KSD_INVALID_ANSWER, - - /** - * To answer the challenge, the client should be redirected to - * the given URL. - */ - ANASTASIS_KSD_REDIRECT_FOR_AUTHENTICATION, - - /** - * The provider had an error. - */ - ANASTASIS_KSD_SERVER_ERROR, - - /** - * The provider claims we made an error. - */ - ANASTASIS_KSD_CLIENT_FAILURE, - - /** - * The provider does not know this truth. - */ - ANASTASIS_KSD_TRUTH_UNKNOWN, - - /** - * Too many attempts to solve the challenge were made in a short - * time. Try again later. - */ - ANASTASIS_KSD_RATE_LIMIT_EXCEEDED, - - /** - * The user did not satisfy the (external) - * authentication check until the request timeout - * was reached. The client should try again later. - */ - ANASTASIS_KSD_AUTHENTICATION_TIMEOUT, - - /** - * The plugin provided external challenge instructions - * that should be followed. They are method-specific. - */ - ANASTASIS_KSD_EXTERNAL_CHALLENGE_INSTRUCTIONS - -}; - - -/** - * Detailed results from the successful download. - */ -struct ANASTASIS_KeyShareDownloadDetails -{ - - /** - * Operational status. - */ - enum ANASTASIS_KeyShareDownloadStatus status; - - /** - * Anastasis URL that returned the @e status. - */ - const char *server_url; - - /** - * Details depending on @e status. - */ - union - { - - /** - * The encrypted key share (if @e status is #ANASTASIS_KSD_SUCCESS). - */ - struct ANASTASIS_CRYPTO_EncryptedKeyShareP eks; - - /** - * Response if the challenge still needs to be answered, and the - * instructions are provided inline (no redirection). - */ - struct - { - - /** - * HTTP status returned by the server. #MHD_HTTP_ALREADY_REPORTED - * if the server did already send the challenge to the user, - * #MHD_HTTP_FORBIDDEN if the answer was wrong (or missing). - */ - unsigned int http_status; - - /** - * Response with server-side reply containing instructions for the user - */ - const char *body; - - /** - * Content-type: mime type of @e body, NULL if server did not provide any. - */ - const char *content_type; - - /** - * Number of bytes in @e body. - */ - size_t body_size; - - } open_challenge; - - /** - * URL with instructions for the user to satisfy the challenge, if - * @e status is #ANASTASIS_KSD_REDIRECT_FOR_AUTHENTICATION. - */ - const char *redirect_url; - - /** - * Response with instructions for how to pay, if - * @e status is #ANASTASIS_KSD_PAYMENT_REQUIRED. - */ - struct - { - - /** - * "taler://pay" URL with details how to pay for the challenge. - */ - const char *taler_pay_uri; - - /** - * The order ID from @e taler_pay_uri. - */ - struct ANASTASIS_PaymentSecretP payment_secret; - - } payment_required; - - - struct - { - - /** - * How many requests are allowed at most per @e request_frequency? - */ - uint32_t request_limit; - - /** - * Frequency at which requests are allowed / new challenges are - * created. - */ - struct GNUNET_TIME_Relative request_frequency; - - } rate_limit_exceeded; - - - /** - * Response with details about a server-side failure, if - * @e status is #ANASTASIS_KSD_SERVER_ERROR, - * #ANASTASIS_KSD_CLIENT_FAILURE or #ANASTASIS_KSD_TRUTH_UNKNOWN. - */ - struct - { - - /** - * HTTP status returned by the server. - */ - unsigned int http_status; - - /** - * Taler-specific error code. - */ - enum TALER_ErrorCode ec; - - } server_failure; - - /** - * External challenge instructions, if @e status is - * #ANASTASIS_KSD_EXTERNAL_CHALLENGE_INSTRUCTIONS. - */ - const json_t *external_challenge; - - } details; -}; - - -/** - * Handle for a GET /truth operation. - */ -struct ANASTASIS_KeyShareLookupOperation; - - -/** - * Callback to process a GET /truth request - * - * @param cls closure - * @param http_status HTTP status code for this request - * @param kdd details about the key share - */ -typedef void -(*ANASTASIS_KeyShareLookupCallback) ( - void *cls, - const struct ANASTASIS_KeyShareDownloadDetails *kdd); - - -/** - * Does a GET /truth. - * - * @param ctx execution context - * @param backend_url base URL of the merchant backend - * @param truth_uuid identification of the Truth - * @param truth_key Key used to Decrypt the Truth on the Server - * @param payment_secret secret from the previously done payment NULL to trigger payment - * @param timeout how long to wait for the payment, use - * #GNUNET_TIME_UNIT_ZERO to let the server pick - * @param hashed_answer hashed answer to the challenge - * @param cb callback which will work the response gotten from the backend - * @param cb_cls closure to pass to the callback - * @return handle for this operation, NULL upon errors - */ -struct ANASTASIS_KeyShareLookupOperation * -ANASTASIS_keyshare_lookup ( - struct GNUNET_CURL_Context *ctx, - const char *backend_url, - const struct ANASTASIS_CRYPTO_TruthUUIDP *truth_uuid, - const struct ANASTASIS_CRYPTO_TruthKeyP *truth_key, - const struct ANASTASIS_PaymentSecretP *payment_secret, - struct GNUNET_TIME_Relative timeout, - const struct GNUNET_HashCode *hashed_answer, - ANASTASIS_KeyShareLookupCallback cb, - void *cb_cls); - - -/** - * Cancel a GET /truth request. - * - * @param kslo cancel the key share lookup operation - */ -void -ANASTASIS_keyshare_lookup_cancel ( - struct ANASTASIS_KeyShareLookupOperation *kslo); - - -/** * Handle for a POST /truth operation. */ struct ANASTASIS_TruthStoreOperation; @@ -836,6 +584,12 @@ enum ANASTASIS_ChallengeDetailType { /** + * A challenge TAN was written to a file. + * The name of the file is provided. + */ + ANASTASIS_CS_FILE_WRITTEN, + + /** * A challenge TAN was sent to the customer. * A hint may be provided as to the address used. */ @@ -851,6 +605,42 @@ enum ANASTASIS_ChallengeDetailType /** + * This structure contains information about where to wire the funds + * to authenticate as well as a hint as to which bank account to send + * the funds from. + */ +struct ANASTASIS_WireFundsDetails +{ + + /** + * Answer code expected. + */ + uint64_t answer_code; + + /** + * How much should be sent. + */ + struct TALER_Amount amount; + + /** + * IBAN where to send the funds. + */ + const char *target_iban; + + /** + * Name of the business receiving the funds. + */ + const char *target_business_name; + + /** + * Wire transfer subject to use. + */ + const char *wire_transfer_subject; + +}; + + +/** * Information returned for a POST /truth/$TID/challenge request. */ struct ANASTASIS_TruthChallengeDetails @@ -894,6 +684,12 @@ struct ANASTASIS_TruthChallengeDetails { /** + * If @e cs is #ANASTASIS_CS_FILE_WRITTEN, this + * is the filename with the challenge code. + */ + const char *challenge_filename; + + /** * If @e cs is #ANASTASIS_CS_TAN_SENT, this * is human-readable information as to where * the TAN was sent. @@ -907,28 +703,7 @@ struct ANASTASIS_TruthChallengeDetails * as a hint as to which bank account to send * the funds from. */ - struct - { - - /** - * How much should be sent. - */ - struct TALER_Amount amount; - - /** - * payto:// URI with the target account number. - */ - const char *target_payto; - - /** - * Human-readable hint about which sender bank - * account must be used. - */ - const char *sender_hint; - - // FIXME: more? Wire transfer subject? - - } wire_funds; + struct ANASTASIS_WireFundsDetails wire_funds; } details; diff --git a/src/include/anastasis_testing_lib.h b/src/include/anastasis_testing_lib.h index ba1b8a3..0066939 100644 --- a/src/include/anastasis_testing_lib.h +++ b/src/include/anastasis_testing_lib.h @@ -374,7 +374,28 @@ ANASTASIS_TESTING_cmd_truth_question ( /** - * Make the "keyshare lookup" command. + * Make a "truth challenge" command. + * + * @param label command label + * @param anastasis_url base URL of the ANASTASIS serving + * the keyshare lookup request. + * @param answer (response to challenge) + * @param payment_ref reference to the payment request + * @param upload_ref reference to upload command + * @param http_status expected HTTP status + * @return the command + */ +struct TALER_TESTING_Command +ANASTASIS_TESTING_cmd_truth_challenge ( + const char *label, + const char *anastasis_url, + const char *payment_ref, + const char *upload_ref, + unsigned int http_status); + + +/** + * Make a "truth solve" command. * * @param label command label * @param anastasis_url base URL of the ANASTASIS serving @@ -384,18 +405,18 @@ ANASTASIS_TESTING_cmd_truth_question ( * @param upload_ref reference to upload command * @param lookup_mode 0 for security question, 1 for * code-based - * @param ksdd expected status + * @param http_status expected HTTP status * @return the command */ struct TALER_TESTING_Command -ANASTASIS_TESTING_cmd_keyshare_lookup ( +ANASTASIS_TESTING_cmd_truth_solve ( const char *label, const char *anastasis_url, const char *answer, const char *payment_ref, const char *upload_ref, int lookup_mode, - enum ANASTASIS_KeyShareDownloadStatus ksdd); + unsigned int http_status); /** @@ -633,7 +654,7 @@ ANASTASIS_TESTING_cmd_challenge_start ( const char *payment_ref, const char *challenge_ref, unsigned int challenge_index, - enum ANASTASIS_ChallengeStatus expected_cs); + enum ANASTASIS_ChallengeStartStatus expected_cs); /** @@ -657,7 +678,7 @@ ANASTASIS_TESTING_cmd_challenge_answer ( unsigned int challenge_index, const char *answer, unsigned int mode, - enum ANASTASIS_ChallengeStatus expected_cs); + enum ANASTASIS_ChallengeAnswerStatus expected_cs); #endif |