From 126e375326c9baace1b1c0135088d84ace1061c0 Mon Sep 17 00:00:00 2001 From: Thien-Thi Nguyen Date: Fri, 26 Feb 2021 00:38:00 -0500 Subject: use more precise formulation for step 3 --- frags/taler-payment-cycle.rst | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/frags/taler-payment-cycle.rst b/frags/taler-payment-cycle.rst index 9c7d1302..a40dd356 100644 --- a/frags/taler-payment-cycle.rst +++ b/frags/taler-payment-cycle.rst @@ -20,7 +20,8 @@ these are called the *reserve*. In step 3, (a) *withdraws* coins, either wholly or partially, from (b). These coins are kept in a *wallet* under control of (a). The coins in the wallet -are anonymous. +are unlinkable to the identity of (a) that was revealed during the withdraw +operation. In step 4, (a) authorizes payment of coins from the wallet to (c). This transfers payment coins from the wallet to (c), and change coins from (b) to -- cgit v1.2.3 From 1e55d70f525cbb46b87668e44da457bd14c334a2 Mon Sep 17 00:00:00 2001 From: Thien-Thi Nguyen Date: Fri, 26 Feb 2021 00:42:55 -0500 Subject: use more precise formulation for step 5 --- frags/taler-payment-cycle.rst | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/frags/taler-payment-cycle.rst b/frags/taler-payment-cycle.rst index a40dd356..94dd5c8d 100644 --- a/frags/taler-payment-cycle.rst +++ b/frags/taler-payment-cycle.rst @@ -28,8 +28,10 @@ transfers payment coins from the wallet to (c), and change coins from (b) to the wallet (unless the payment amount exactly matches the denomination of the coins in the wallet). -In step 5, (c) *deposits* coins into (b). These coins are still anonymous, -although the transaction itself is not anonymous. +In step 5, (c) *deposits* coins into (b). At this point, (b) knows the +identity of (c), but not of (a). Taler uses cryptography to validate that the +coins are unique and were issued by (b), but (b) cannot determine to whom the +coins were originally issued. In step 6, (b) directs (e) to wire transfer real funds corresponding to the accumulated deposited coins to (f). -- cgit v1.2.3 From 185b4a297b7ccf1da023b2f1b3c1e5419c0e5fa0 Mon Sep 17 00:00:00 2001 From: Thien-Thi Nguyen Date: Mon, 1 Mar 2021 04:03:16 -0500 Subject: fix typo: s/taler-developers-manual/taler-developer-manual/ (six instances) --- conf.py | 4 ++-- taler-merchant-pos-terminal.rst | 2 +- taler-wallet.rst | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/conf.py b/conf.py index 942c6ea7..d0a0ea89 100644 --- a/conf.py +++ b/conf.py @@ -243,7 +243,7 @@ latex_documents = [ 'GNU Taler team', 'manual'), ('taler-backoffice-manual', 'taler-backoffice-manual.tex', 'GNU Taler Back Office Manual', 'GNU Taler team', 'manual'), - ('taler-developers-manual', 'taler-developers-manual.tex', 'GNU Taler Developer Manual', + ('taler-developer-manual', 'taler-developer-manual.tex', 'GNU Taler Developer Manual', 'GNU Taler team', 'manual'), ] @@ -360,7 +360,7 @@ texinfo_documents = [ "DESCRIPTION", "CATEGORY"), ("taler-bank-manual", "taler-bank", "Taler Bank Manual", "GNU Taler team", "MENU ENTRY", "DESCRIPTION", "CATEGORY"), - ("taler-developers-manual", "taler-developers-manual", "Taler Developer Manual", "GNU Taler team", + ("taler-developer-manual", "taler-developer-manual", "Taler Developer Manual", "GNU Taler team", "MENU ENTRY", "DESCRIPTION", "CATEGORY"), ] diff --git a/taler-merchant-pos-terminal.rst b/taler-merchant-pos-terminal.rst index 8bee175a..5ccfd5c0 100644 --- a/taler-merchant-pos-terminal.rst +++ b/taler-merchant-pos-terminal.rst @@ -93,7 +93,7 @@ Import in and build with Android Studio or run on the command line: $ ./gradlew assembleRelease If you do not have the proprietary Android SDK installed, -see the :doc:`taler-developers-manual` +see the :doc:`taler-developer-manual` for :ref:`build instructions using free SDK rebuilds `. APIs and Data Formats diff --git a/taler-wallet.rst b/taler-wallet.rst index a87ee09c..8707228b 100644 --- a/taler-wallet.rst +++ b/taler-wallet.rst @@ -80,7 +80,7 @@ Building from source Android Wallet ============== -Please see :ref:`Build-apps-from-source` in the :doc:`taler-developers-manual`. +Please see :ref:`Build-apps-from-source` in the :doc:`taler-developer-manual`. APIs and Data Formats -- cgit v1.2.3 From 10ccedeb75c2dd779808412883fb06d19935b0c8 Mon Sep 17 00:00:00 2001 From: Florian Dold Date: Mon, 1 Mar 2021 11:08:31 +0100 Subject: merchant backend: change auth API to make it harder to shoot yourself in the foot --- core/api-merchant.rst | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/core/api-merchant.rst b/core/api-merchant.rst index 1f96ae62..e2ec56c0 100644 --- a/core/api-merchant.rst +++ b/core/api-merchant.rst @@ -825,11 +825,21 @@ Setting up instances // Merchant name corresponding to this instance. name: string; - // "Authentication" header required to authorize management access the instance. - // Optional, if not given authentication will be disabled for - // this instance (hopefully authentication checks are still - // done by some reverse proxy). - auth_token?: string; + // Authentication settings for this instance + auth: { + // Type of authentication. + // "external": The mechant backend does not do + // any authentication checks. Instead an API + // gateway must do the authentication. + // "token": The merchant checks an auth token. + // See "token" for details. + method: "external" | "token"; + + // For method "external", this field is mandatory. + // It specifies the "Authentication" HTTP header required to + // authorize management to access the instance. + token?: string; + } // The merchant's physical address (to be put into contracts). address: Location; -- cgit v1.2.3 From 0dbc535d1bb6ddbceb3347532bb20e7633230080 Mon Sep 17 00:00:00 2001 From: Thien-Thi Nguyen Date: Mon, 1 Mar 2021 05:24:32 -0500 Subject: drop Synopsis and Description headings for taler-config-generate(1) mini-manpage --- taler-developer-manual.rst | 4 ---- 1 file changed, 4 deletions(-) diff --git a/taler-developer-manual.rst b/taler-developer-manual.rst index a1148474..81c99c27 100644 --- a/taler-developer-manual.rst +++ b/taler-developer-manual.rst @@ -1603,8 +1603,6 @@ taler-config-generate **taler-config-generate** - tool to simplify Taler configuration generation -Synopsis -~~~~~~~~ **taler-config-generate** [**-C** *CURRENCY* | **––currency=**\ ‌\ *CURRENCY*] @@ -1623,8 +1621,6 @@ Synopsis [**––exchange-bank-account**] [**––merchant-bank-account**] -Description -~~~~~~~~~~~ **taler-config-generate** can be used to generate configuration files for the Taler exchange or Taler merchants. -- cgit v1.2.3 From 691baf2f742f27443bbfcca221715580f06d9ede Mon Sep 17 00:00:00 2001 From: Florian Dold Date: Mon, 1 Mar 2021 11:46:51 +0100 Subject: separate out auth configuration --- core/api-merchant.rst | 56 +++++++++++++++++++++++++++++++++------------------ 1 file changed, 36 insertions(+), 20 deletions(-) diff --git a/core/api-merchant.rst b/core/api-merchant.rst index e2ec56c0..5a9e6bf5 100644 --- a/core/api-merchant.rst +++ b/core/api-merchant.rst @@ -826,20 +826,7 @@ Setting up instances name: string; // Authentication settings for this instance - auth: { - // Type of authentication. - // "external": The mechant backend does not do - // any authentication checks. Instead an API - // gateway must do the authentication. - // "token": The merchant checks an auth token. - // See "token" for details. - method: "external" | "token"; - - // For method "external", this field is mandatory. - // It specifies the "Authentication" HTTP header required to - // authorize management to access the instance. - token?: string; - } + auth: InstanceAuthConfigurationMessage; // The merchant's physical address (to be put into contracts). address: Location; @@ -873,6 +860,35 @@ Setting up instances } +.. http:post:: /private/instances/$INSTANCE/auth + + Update the authentication settings for an instance. + + **Request** the request must be an `InstanceAuthConfigurationMessage`. + + :http:statuscode:`204 No content`: + The backend has successfully created the instance. + :http:statuscode:`404 Not found`: + This instance is unknown and thus cannot be reconfigured. + + .. ts:def:: InstanceAuthConfigurationMessage + + interface InstanceAuthConfigurationMessage { + // Type of authentication. + // "external": The mechant backend does not do + // any authentication checks. Instead an API + // gateway must do the authentication. + // "token": The merchant checks an auth token. + // See "token" for details. + method: "external" | "token"; + + // For method "external", this field is mandatory. + // It specifies the "Authentication" HTTP header required to + // authorize management to access the instance. + token?: string; + } + + .. http:patch:: /private/instances/$INSTANCE Update the configuration of a merchant instance. PATCH operations against @@ -904,12 +920,6 @@ Setting up instances // Merchant name corresponding to this instance. name: string; - // "Authentication" header required to authorize management access the instance. - // Optional, if not given authentication will be disabled for - // this instance (hopefully authentication checks are still - // done by some reverse proxy). - auth_token?: string; - // The merchant's physical address (to be put into contracts). address: Location; @@ -1039,6 +1049,12 @@ Inspecting instances // offers we make be valid by default? default_pay_deadline: RelativeTime; + // Authentication configuration. + // Does not contain the token when token auth is configured. + auth: { + type: "external" | "token"; + }; + } .. ts:def:: MerchantAccount -- cgit v1.2.3 From 1ede8a2be9dda22c9cd9d4086df2dc8481f70fab Mon Sep 17 00:00:00 2001 From: Florian Dold Date: Mon, 1 Mar 2021 12:24:42 +0100 Subject: fix misc warnings/errors --- anastasis.rst | 6 +++--- taler-merchant-manual.rst | 8 ++++---- taler-wallet.rst | 6 +++--- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/anastasis.rst b/anastasis.rst index 3d0bc1ff..5c82fddb 100644 --- a/anastasis.rst +++ b/anastasis.rst @@ -1288,7 +1288,7 @@ Optional arguments to try uploading recovery document only to specific providers Expected new state (backup process): -.. code-block:: json +.. code-block:: javascript { "backup_state": "POLICIES_REVIEWING", @@ -1300,7 +1300,7 @@ Expected new state (backup process): Arguments (example): -.. code-block:: json +.. code-block:: javascript { "policy": [ @@ -1455,7 +1455,7 @@ Expected new state (backup process): Arguments (example): -.. code-block:: json +.. code-block:: javascript { "secret": string diff --git a/taler-merchant-manual.rst b/taler-merchant-manual.rst index 0d98583c..990b57b1 100644 --- a/taler-merchant-manual.rst +++ b/taler-merchant-manual.rst @@ -1013,22 +1013,22 @@ each instance: if ($http_authorization !~ "(?i)ApiKey FOOTOKEN") { return 401; } - proxy_pass ...; // as above + proxy_pass ...; # as above } location ~ ^/instances/bar/private/ { if ($http_authorization !~ "(?i)ApiKey BARTOKEN") { return 401; } - proxy_pass ...; // as above + proxy_pass ...; # as above } location /private/ { if ($http_authorization !~ "(?i)ApiKey MASTERTOKEN") { return 401; } - proxy_pass ...; // as above + proxy_pass ...; # as above } location ~ /private/ { - return 401; // access to instances not explicitly configured is forbidden + return 401; # access to instances not explicitly configured is forbidden } Apache diff --git a/taler-wallet.rst b/taler-wallet.rst index 8707228b..be471446 100644 --- a/taler-wallet.rst +++ b/taler-wallet.rst @@ -755,7 +755,7 @@ a payto URI). They don't involve a merchant. interface CreateDepositGroupRequest { depositPaytoUri: string; - amount: AmountString; + amount: Amount; } :Response: .. ts:def:: CreateDepositGroupResponse @@ -920,8 +920,8 @@ Preparing a tip // Has the tip already been accepted? accepted: boolean; - tipAmountRaw: AmountString; - tipAmountEffective: AmountString; + tipAmountRaw: Amount; + tipAmountEffective: Amount; exchangeBaseUrl: string; expirationTimestamp: Timestamp; } -- cgit v1.2.3 From f4f1fa0e17b95270d244a950b4b938419dc52029 Mon Sep 17 00:00:00 2001 From: Florian Dold Date: Mon, 1 Mar 2021 13:00:15 +0100 Subject: fix typescript links (closes https://bugs.taler.net/n/6732) --- _exts/typescriptdomain.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/_exts/typescriptdomain.py b/_exts/typescriptdomain.py index 83ab26c6..ac6e4b89 100644 --- a/_exts/typescriptdomain.py +++ b/_exts/typescriptdomain.py @@ -420,6 +420,7 @@ class LinkingHtmlFormatter(HtmlFormatter): + "#" + r1[1] ) + print(f"relative URL from {self._bridge.docname} to {r1[0]} is {rel_uri}") return ( '%s' % (rel_uri, content) @@ -521,7 +522,7 @@ class MyPygmentsBridge(PygmentsBridge): elif isinstance(location, Element): self.line = location.line self.path = location.source - self.docname = Path(location.source).stem + self.docname = self.builder.env.path2doc(self.path) return super().highlight_block(source, lang, opts, force, location, **kwargs) -- cgit v1.2.3