summaryrefslogtreecommitdiff
path: root/src/authorization
diff options
context:
space:
mode:
Diffstat (limited to 'src/authorization')
-rw-r--r--src/authorization/Makefile.am2
-rw-r--r--src/authorization/libanastasiseufin/Makefile.am28
-rw-r--r--src/authorization/libanastasiseufin/lae_common.c72
-rw-r--r--src/authorization/libanastasiseufin/lae_common.h45
-rw-r--r--src/authorization/libanastasiseufin/lae_credit.c333
-rw-r--r--src/authorization/libanastasiseufin/lae_parse.c156
6 files changed, 636 insertions, 0 deletions
diff --git a/src/authorization/Makefile.am b/src/authorization/Makefile.am
index 9e9147f..5cf6db1 100644
--- a/src/authorization/Makefile.am
+++ b/src/authorization/Makefile.am
@@ -1,6 +1,8 @@
# This Makefile.am is in the public domain
AM_CPPFLAGS = -I$(top_srcdir)/src/include
+SUBDIRS = libanastasiseufin .
+
pkgcfgdir = $(prefix)/share/anastasis/config.d/
plugindir = $(libdir)/anastasis
pkgdatadir= $(prefix)/share/anastasis/
diff --git a/src/authorization/libanastasiseufin/Makefile.am b/src/authorization/libanastasiseufin/Makefile.am
new file mode 100644
index 0000000..3cd222e
--- /dev/null
+++ b/src/authorization/libanastasiseufin/Makefile.am
@@ -0,0 +1,28 @@
+# This Makefile.am is in the public domain
+AM_CPPFLAGS = -I$(top_srcdir)/src/include
+
+if USE_COVERAGE
+ AM_CFLAGS = --coverage -O0
+ XLIB = -lgcov
+endif
+
+lib_LTLIBRARIES = \
+ libanastasiseufin.la
+
+libanastasiseufin_la_LDFLAGS = \
+ -version-info 0:0:0 \
+ -no-undefined
+libanastasiseufin_la_SOURCES = \
+ lae_common.c lae_common.h \
+ lae_credit.c \
+ lae_parse.c
+libanastasiseufin_la_LIBADD = \
+ -ltalerjson \
+ -ltalercurl \
+ -ltalerutil \
+ -lgnunetcurl \
+ -lgnunetjson \
+ -lgnunetutil \
+ -ljansson \
+ $(LIBGNURLCURL_LIBS) \
+ $(XLIB)
diff --git a/src/authorization/libanastasiseufin/lae_common.c b/src/authorization/libanastasiseufin/lae_common.c
new file mode 100644
index 0000000..172c826
--- /dev/null
+++ b/src/authorization/libanastasiseufin/lae_common.c
@@ -0,0 +1,72 @@
+/*
+ This file is part of Anastasis
+ Copyright (C) 2015-2020 Anastasis SARL
+
+ Anastasis is free software; you can redistribute it and/or modify it under the
+ terms of the GNU General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ Anastasis is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along with
+ Anastasis; see the file COPYING. If not, see
+ <http://www.gnu.org/licenses/>
+*/
+/**
+ * @file libanastasiseufin/lae_common.c
+ * @brief Common functions for the bank API
+ * @author Christian Grothoff
+ */
+#include "platform.h"
+#include "lae_common.h"
+
+
+/**
+ * Set authentication data in @a easy from @a auth.
+ * The API currently specifies the use of HTTP basic
+ * authentication.
+ *
+ * @param easy curl handle to setup for authentication
+ * @param auth authentication data to use
+ * @return #GNUNET_OK in success
+ */
+int
+ANASTASIS_EUFIN_setup_auth_ (
+ CURL *easy,
+ const struct ANASTASIS_EUFIN_AuthenticationData *auth)
+{
+ int ret;
+
+ ret = GNUNET_OK;
+ switch (auth->method)
+ {
+ case ANASTASIS_EUFIN_AUTH_NONE:
+ return GNUNET_OK;
+ case ANASTASIS_EUFIN_AUTH_BASIC:
+ {
+ char *up;
+
+ GNUNET_asprintf (&up,
+ "%s:%s",
+ auth->details.basic.username,
+ auth->details.basic.password);
+ if ( (CURLE_OK !=
+ curl_easy_setopt (easy,
+ CURLOPT_HTTPAUTH,
+ CURLAUTH_BASIC)) ||
+ (CURLE_OK !=
+ curl_easy_setopt (easy,
+ CURLOPT_USERPWD,
+ up)) )
+ ret = GNUNET_SYSERR;
+ GNUNET_free (up);
+ break;
+ }
+ }
+ return ret;
+}
+
+
+/* end of lae_common.c */
diff --git a/src/authorization/libanastasiseufin/lae_common.h b/src/authorization/libanastasiseufin/lae_common.h
new file mode 100644
index 0000000..8879ba3
--- /dev/null
+++ b/src/authorization/libanastasiseufin/lae_common.h
@@ -0,0 +1,45 @@
+/*
+ This file is part of Anastasis
+ Copyright (C) 2015, 2016, 2017 Anastasis SARL
+
+ Anastasis is free software; you can redistribute it and/or modify it under the
+ terms of the GNU General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ Anastasis is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along with
+ Anastasis; see the file COPYING. If not, see
+ <http://www.gnu.org/licenses/>
+*/
+/**
+ * @file libanastasiseufin/lae_common.h
+ * @brief Common functions for the bank API
+ * @author Christian Grothoff
+ */
+#ifndef LAE_COMMON_H
+#define LAE_COMMON_H
+
+#include <gnunet/gnunet_util_lib.h>
+#include <gnunet/gnunet_json_lib.h>
+#include <gnunet/gnunet_curl_lib.h>
+#include "anastasis_eufin_lib.h"
+#include <taler/taler_json_lib.h>
+
+
+/**
+ * Set authentication data in @a easy from @a auth.
+ *
+ * @param easy curl handle to setup for authentication
+ * @param auth authentication data to use
+ * @return #GNUNET_OK in success
+ */
+int
+ANASTASIS_EUFIN_setup_auth_ (
+ CURL *easy,
+ const struct ANASTASIS_EUFIN_AuthenticationData *auth);
+
+
+#endif
diff --git a/src/authorization/libanastasiseufin/lae_credit.c b/src/authorization/libanastasiseufin/lae_credit.c
new file mode 100644
index 0000000..b97536b
--- /dev/null
+++ b/src/authorization/libanastasiseufin/lae_credit.c
@@ -0,0 +1,333 @@
+/*
+ This file is part of Anastasis
+ Copyright (C) 2017--2021 Anastasis SARL
+
+ Anastasis is free software; you can redistribute it and/or
+ modify it under the terms of the GNU General Public License
+ as published by the Free Software Foundation; either version 3,
+ or (at your option) any later version.
+
+ Anastasis is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public
+ License along with Anastasis; see the file COPYING. If not,
+ see <http://www.gnu.org/licenses/>
+*/
+/**
+ * @file libanastasiseufin/lae_credit.c
+ * @brief Implementation of the /history/incoming
+ * requests of the libeufin's Anastasis facade
+ * @author Christian Grothoff
+ * @author Marcello Stanisci
+ */
+#include "platform.h"
+#include "lae_common.h"
+#include <microhttpd.h> /* just for HTTP status codes */
+
+
+/**
+ * @brief A /history/incoming Handle
+ */
+struct ANASTASIS_EUFIN_CreditHistoryHandle
+{
+
+ /**
+ * The url for this request.
+ */
+ char *request_url;
+
+ /**
+ * Handle for the request.
+ */
+ struct GNUNET_CURL_Job *job;
+
+ /**
+ * Function to call with the result.
+ */
+ ANASTASIS_EUFIN_CreditHistoryCallback hcb;
+
+ /**
+ * Closure for @a cb.
+ */
+ void *hcb_cls;
+};
+
+
+/**
+ * Parse history given in JSON format and invoke the callback on each item.
+ *
+ * @param hh handle to the account history request
+ * @param history JSON array with the history
+ * @return #GNUNET_OK if history was valid and @a rhistory and @a balance
+ * were set,
+ * #GNUNET_SYSERR if there was a protocol violation in @a history
+ */
+static int
+parse_account_history (struct ANASTASIS_EUFIN_CreditHistoryHandle *hh,
+ const json_t *history)
+{
+ json_t *history_array;
+
+ if (NULL == (history_array = json_object_get (history,
+ "incoming_transactions")))
+ {
+ GNUNET_break_op (0);
+ return GNUNET_SYSERR;
+ }
+ if (! json_is_array (history_array))
+ {
+ GNUNET_break_op (0);
+ return GNUNET_SYSERR;
+ }
+ for (unsigned int i = 0; i<json_array_size (history_array); i++)
+ {
+ struct ANASTASIS_EUFIN_CreditDetails td;
+ uint64_t row_id;
+ struct GNUNET_JSON_Specification hist_spec[] = {
+ TALER_JSON_spec_amount_any ("amount",
+ &td.amount),
+ TALER_JSON_spec_absolute_time ("date",
+ &td.execution_date),
+ GNUNET_JSON_spec_uint64 ("row_id",
+ &row_id),
+ GNUNET_JSON_spec_string ("subject",
+ &td.wire_subject),
+ GNUNET_JSON_spec_string ("debit_account",
+ &td.debit_account_uri),
+ GNUNET_JSON_spec_string ("credit_account",
+ &td.credit_account_uri),
+ GNUNET_JSON_spec_end ()
+ };
+ json_t *transaction = json_array_get (history_array,
+ i);
+
+ if (GNUNET_OK !=
+ GNUNET_JSON_parse (transaction,
+ hist_spec,
+ NULL, NULL))
+ {
+ GNUNET_break_op (0);
+ return GNUNET_SYSERR;
+ }
+ if (GNUNET_OK !=
+ hh->hcb (hh->hcb_cls,
+ MHD_HTTP_OK,
+ TALER_EC_NONE,
+ row_id,
+ &td,
+ transaction))
+ {
+ hh->hcb = NULL;
+ GNUNET_JSON_parse_free (hist_spec);
+ return GNUNET_OK;
+ }
+ GNUNET_JSON_parse_free (hist_spec);
+ }
+ return GNUNET_OK;
+}
+
+
+/**
+ * Function called when we're done processing the
+ * HTTP /history/incoming request.
+ *
+ * @param cls the `struct ANASTASIS_EUFIN_CreditHistoryHandle`
+ * @param response_code HTTP response code, 0 on error
+ * @param response parsed JSON result, NULL on error
+ */
+static void
+handle_credit_history_finished (void *cls,
+ long response_code,
+ const void *response)
+{
+ struct ANASTASIS_EUFIN_CreditHistoryHandle *hh = cls;
+ const json_t *j = response;
+ enum TALER_ErrorCode ec;
+
+ hh->job = NULL;
+ switch (response_code)
+ {
+ case 0:
+ ec = TALER_EC_GENERIC_INVALID_RESPONSE;
+ break;
+ case MHD_HTTP_OK:
+ if (GNUNET_OK !=
+ parse_account_history (hh,
+ j))
+ {
+ GNUNET_break_op (0);
+ response_code = 0;
+ ec = TALER_EC_GENERIC_INVALID_RESPONSE;
+ break;
+ }
+ response_code = MHD_HTTP_NO_CONTENT; /* signal end of list */
+ ec = TALER_EC_NONE;
+ break;
+ case MHD_HTTP_NO_CONTENT:
+ ec = TALER_EC_NONE;
+ break;
+ case MHD_HTTP_BAD_REQUEST:
+ /* This should never happen, either us or the bank is buggy
+ (or API version conflict); just pass JSON reply to the application */
+ GNUNET_break_op (0);
+ ec = TALER_JSON_get_error_code (j);
+ break;
+ case MHD_HTTP_UNAUTHORIZED:
+ /* Nothing really to verify, bank says the HTTP Authentication
+ failed. May happen if HTTP authentication is used and the
+ user supplied a wrong username/password combination. */
+ ec = TALER_JSON_get_error_code (j);
+ break;
+ case MHD_HTTP_NOT_FOUND:
+ /* Nothing really to verify: the bank is either unaware
+ of the endpoint (not a bank), or of the account.
+ We should pass the JSON (?) reply to the application */
+ ec = TALER_JSON_get_error_code (j);
+ break;
+ case MHD_HTTP_INTERNAL_SERVER_ERROR:
+ /* Server had an internal issue; we should retry, but this API
+ leaves this to the application */
+ ec = TALER_JSON_get_error_code (j);
+ break;
+ default:
+ /* unexpected response code */
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "Unexpected response code %u\n",
+ (unsigned int) response_code);
+ ec = TALER_JSON_get_error_code (j);
+ break;
+ }
+ if (NULL != hh->hcb)
+ hh->hcb (hh->hcb_cls,
+ response_code,
+ ec,
+ 0LLU,
+ NULL,
+ j);
+ ANASTASIS_EUFIN_credit_history_cancel (hh);
+}
+
+
+struct ANASTASIS_EUFIN_CreditHistoryHandle *
+ANASTASIS_EUFIN_credit_history (
+ struct GNUNET_CURL_Context *ctx,
+ const struct ANASTASIS_EUFIN_AuthenticationData *auth,
+ uint64_t start_row,
+ int64_t num_results,
+ struct GNUNET_TIME_Relative timeout,
+ ANASTASIS_EUFIN_CreditHistoryCallback hres_cb,
+ void *hres_cb_cls)
+{
+ char url[128];
+ struct ANASTASIS_EUFIN_CreditHistoryHandle *hh;
+ CURL *eh;
+ unsigned long long tms;
+
+ if (0 == num_results)
+ {
+ GNUNET_break (0);
+ return NULL;
+ }
+
+ tms = (unsigned long long) (timeout.rel_value_us
+ / GNUNET_TIME_UNIT_MILLISECONDS.rel_value_us);
+ if ( ( (UINT64_MAX == start_row) &&
+ (0 > num_results) ) ||
+ ( (0 == start_row) &&
+ (0 < num_results) ) )
+ {
+ if ( (0 < num_results) &&
+ (! GNUNET_TIME_relative_is_zero (timeout)) )
+ GNUNET_snprintf (url,
+ sizeof (url),
+ "history/incoming?delta=%lld&long_poll_ms=%llu",
+ (long long) num_results,
+ tms);
+ else
+ GNUNET_snprintf (url,
+ sizeof (url),
+ "history/incoming?delta=%lld",
+ (long long) num_results);
+ }
+ else
+ {
+ if ( (0 < num_results) &&
+ (! GNUNET_TIME_relative_is_zero (timeout)) )
+ GNUNET_snprintf (url,
+ sizeof (url),
+ "history/incoming?delta=%lld&start=%llu&long_poll_ms=%llu",
+ (long long) num_results,
+ (unsigned long long) start_row,
+ tms);
+ else
+ GNUNET_snprintf (url,
+ sizeof (url),
+ "history/incoming?delta=%lld&start=%llu",
+ (long long) num_results,
+ (unsigned long long) start_row);
+ }
+ hh = GNUNET_new (struct ANASTASIS_EUFIN_CreditHistoryHandle);
+ hh->hcb = hres_cb;
+ hh->hcb_cls = hres_cb_cls;
+ hh->request_url = Anastasis_url_join (auth->wire_gateway_url,
+ url,
+ NULL);
+ if (NULL == hh->request_url)
+ {
+ GNUNET_free (hh);
+ GNUNET_break (0);
+ return NULL;
+ }
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+ "Requesting credit history at `%s'\n",
+ hh->request_url);
+ eh = curl_easy_init ();
+ if ( (NULL == eh) ||
+ (GNUNET_OK !=
+ ANASTASIS_EUFIN_setup_auth_ (eh,
+ auth)) ||
+ (CURLE_OK !=
+ curl_easy_setopt (eh,
+ CURLOPT_URL,
+ hh->request_url)) )
+ {
+ GNUNET_break (0);
+ ANASTASIS_EUFIN_credit_history_cancel (hh);
+ if (NULL != eh)
+ curl_easy_cleanup (eh);
+ return NULL;
+ }
+ if (0 != tms)
+ {
+ GNUNET_break (CURLE_OK ==
+ curl_easy_setopt (eh,
+ CURLOPT_TIMEOUT_MS,
+ (long) tms));
+ }
+ hh->job = GNUNET_CURL_job_add2 (ctx,
+ eh,
+ NULL,
+ &handle_credit_history_finished,
+ hh);
+ return hh;
+}
+
+
+void
+ANASTASIS_EUFIN_credit_history_cancel (
+ struct ANASTASIS_EUFIN_CreditHistoryHandle *hh)
+{
+ if (NULL != hh->job)
+ {
+ GNUNET_CURL_job_cancel (hh->job);
+ hh->job = NULL;
+ }
+ GNUNET_free (hh->request_url);
+ GNUNET_free (hh);
+}
+
+
+/* end of lae_credit.c */
diff --git a/src/authorization/libanastasiseufin/lae_parse.c b/src/authorization/libanastasiseufin/lae_parse.c
new file mode 100644
index 0000000..6863c3f
--- /dev/null
+++ b/src/authorization/libanastasiseufin/lae_parse.c
@@ -0,0 +1,156 @@
+/*
+ This file is part of Anastasis
+ Copyright (C) 2018-2020 Anastasis SARL
+
+ Anastasis is free software; you can redistribute it and/or modify it under the
+ terms of the GNU General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ Anastasis is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along with
+ Anastasis; see the file COPYING. If not, see
+ <http://www.gnu.org/licenses/>
+*/
+/**
+ * @file libanastasiseufin/lae_parse.c
+ * @brief Convenience function to parse authentication configuration
+ * @author Christian Grothoff
+ */
+#include "platform.h"
+#include "anastasis_eufin_lib.h"
+
+
+/**
+ * Parse configuration section with bank authentication data.
+ *
+ * @param cfg configuration to parse
+ * @param section the section with the configuration data
+ * @param[out] auth set to the configuration data found
+ * @return #GNUNET_OK on success
+ */
+int
+ANASTASIS_EUFIN_auth_parse_cfg (const struct GNUNET_CONFIGURATION_Handle *cfg,
+ const char *section,
+ struct ANASTASIS_EUFIN_AuthenticationData *auth)
+{
+ const struct
+ {
+ const char *m;
+ enum ANASTASIS_EUFIN_AuthenticationMethod e;
+ } methods[] = {
+ { "NONE", ANASTASIS_EUFIN_AUTH_NONE },
+ { "BASIC", ANASTASIS_EUFIN_AUTH_BASIC },
+ { NULL, ANASTASIS_EUFIN_AUTH_NONE }
+ };
+ char *method;
+
+ if (GNUNET_OK !=
+ GNUNET_CONFIGURATION_get_value_string (cfg,
+ section,
+ "WIRE_GATEWAY_URL",
+ &auth->wire_gateway_url))
+ {
+ GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
+ section,
+ "WIRE_GATEWAY_URL");
+ return GNUNET_SYSERR;
+ }
+
+ if (GNUNET_OK !=
+ GNUNET_CONFIGURATION_get_value_string (cfg,
+ section,
+ "WIRE_GATEWAY_AUTH_METHOD",
+ &method))
+ {
+ GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
+ section,
+ "WIRE_GATEWAY_AUTH_METHOD");
+ GNUNET_free (auth->wire_gateway_url);
+ return GNUNET_SYSERR;
+ }
+ for (unsigned int i = 0; NULL != methods[i].m; i++)
+ {
+ if (0 == strcasecmp (method,
+ methods[i].m))
+ {
+ switch (methods[i].e)
+ {
+ case ANASTASIS_EUFIN_AUTH_NONE:
+ auth->method = ANASTASIS_EUFIN_AUTH_NONE;
+ GNUNET_free (method);
+ return GNUNET_OK;
+ case ANASTASIS_EUFIN_AUTH_BASIC:
+ if (GNUNET_OK !=
+ GNUNET_CONFIGURATION_get_value_string (cfg,
+ section,
+ "USERNAME",
+ &auth->details.basic.username))
+ {
+ GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
+ section,
+ "USERNAME");
+ GNUNET_free (method);
+ GNUNET_free (auth->wire_gateway_url);
+ return GNUNET_SYSERR;
+ }
+ if (GNUNET_OK !=
+ GNUNET_CONFIGURATION_get_value_string (cfg,
+ section,
+ "PASSWORD",
+ &auth->details.basic.password))
+ {
+ GNUNET_free (auth->details.basic.username);
+ auth->details.basic.username = NULL;
+ GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
+ section,
+ "PASSWORD");
+ GNUNET_free (method);
+ GNUNET_free (auth->wire_gateway_url);
+ return GNUNET_SYSERR;
+ }
+ auth->method = ANASTASIS_EUFIN_AUTH_BASIC;
+ GNUNET_free (method);
+ return GNUNET_OK;
+ }
+ }
+ }
+ GNUNET_free (method);
+ return GNUNET_SYSERR;
+}
+
+
+/**
+ * Free memory inside of @a auth (but not @a auth itself).
+ * Dual to #ANASTASIS_EUFIN_auth_parse_cfg().
+ *
+ * @param[in] auth authentication data to free
+ */
+void
+ANASTASIS_EUFIN_auth_free (struct ANASTASIS_EUFIN_AuthenticationData *auth)
+{
+ switch (auth->method)
+ {
+ case ANASTASIS_EUFIN_AUTH_NONE:
+ break;
+ case ANASTASIS_EUFIN_AUTH_BASIC:
+ if (NULL != auth->details.basic.username)
+ {
+ GNUNET_free (auth->details.basic.username);
+ auth->details.basic.username = NULL;
+ }
+ if (NULL != auth->details.basic.password)
+ {
+ GNUNET_free (auth->details.basic.password);
+ auth->details.basic.password = NULL;
+ }
+ break;
+ }
+ GNUNET_free (auth->wire_gateway_url);
+ auth->wire_gateway_url = NULL;
+}
+
+
+/* end of lae_parse.c */