diff options
Diffstat (limited to 'src/auditor/taler-auditor-httpd.c')
-rw-r--r-- | src/auditor/taler-auditor-httpd.c | 353 |
1 files changed, 241 insertions, 112 deletions
diff --git a/src/auditor/taler-auditor-httpd.c b/src/auditor/taler-auditor-httpd.c index 60f215135..77742456e 100644 --- a/src/auditor/taler-auditor-httpd.c +++ b/src/auditor/taler-auditor-httpd.c @@ -336,6 +336,44 @@ handle_config (struct TAH_RequestHandler *rh, } +char *TMA_auth; + +#define RFC_8959_PREFIX "secret-token:" + +/** + * Extract the token from authorization header value @a auth. + * + * @param auth pointer to authorization header value, + * will be updated to point to the start of the token + * or set to NULL if header value is invalid + */ +static void +extract_token (const char **auth) +{ + const char *bearer = "Bearer "; + const char *tok = *auth; + + if (0 != strncmp (tok, + bearer, + strlen (bearer))) + { + *auth = NULL; + return; + } + tok += strlen (bearer); + while (' ' == *tok) + tok++; + if (0 != strncasecmp (tok, + RFC_8959_PREFIX, + strlen (RFC_8959_PREFIX))) + { + *auth = NULL; + return; + } + *auth = tok; +} + + /** * Handle incoming HTTP request. * @@ -359,593 +397,594 @@ handle_mhd_request (void *cls, size_t *upload_data_size, void **con_cls) { + static struct TAH_RequestHandler handlers[] = { /* Our most popular handler (thus first!), used by merchants to probabilistically report us their deposit confirmations. */ { "/deposit-confirmation", MHD_HTTP_METHOD_PUT, "application/json", NULL, 0, - &TAH_DEPOSIT_CONFIRMATION_handler, MHD_HTTP_OK }, + &TAH_DEPOSIT_CONFIRMATION_handler, MHD_HTTP_OK, false }, { "/deposit-confirmation", MHD_HTTP_METHOD_GET, "application/json", NULL, 0, - &TAH_DEPOSIT_CONFIRMATION_handler_get, MHD_HTTP_OK }, + &TAH_DEPOSIT_CONFIRMATION_handler_get, MHD_HTTP_OK, false }, { "/deposit-confirmation", MHD_HTTP_METHOD_DELETE, "application/json", NULL, 0, - &TAH_DEPOSIT_CONFIRMATION_handler_delete, MHD_HTTP_OK }, + &TAH_DEPOSIT_CONFIRMATION_handler_delete, MHD_HTTP_OK, false }, { "/amount-arithmetic-inconsistency", MHD_HTTP_METHOD_GET, "application/json", NULL, 0, - &TAH_AMOUNT_ARITHMETIC_INCONSISTENCY_handler_get, MHD_HTTP_OK }, + &TAH_AMOUNT_ARITHMETIC_INCONSISTENCY_handler_get, MHD_HTTP_OK, false }, { "/amount-arithmetic-inconsistency", MHD_HTTP_METHOD_PUT, "application/json", NULL, 0, - &TAH_AMOUNT_ARITHMETIC_INCONSISTENCY_PUT_handler, MHD_HTTP_OK }, + &TAH_AMOUNT_ARITHMETIC_INCONSISTENCY_PUT_handler, MHD_HTTP_OK, false }, { "/amount-arithmetic-inconsistency", MHD_HTTP_METHOD_DELETE, "application/json", NULL, 0, - &TAH_AMOUNT_ARITHMETIC_INCONSISTENCY_handler_delete, MHD_HTTP_OK }, + &TAH_AMOUNT_ARITHMETIC_INCONSISTENCY_handler_delete, MHD_HTTP_OK, false }, { "/coin-inconsistency", MHD_HTTP_METHOD_GET, "application/json", NULL, 0, - &TAH_COIN_INCONSISTENCY_handler_get, MHD_HTTP_OK }, + &TAH_COIN_INCONSISTENCY_handler_get, MHD_HTTP_OK, false }, { "/coin-inconsistency", MHD_HTTP_METHOD_PUT, "application/json", NULL, 0, - &TAH_COIN_INCONSISTENCY_PUT_handler, MHD_HTTP_OK }, + &TAH_COIN_INCONSISTENCY_PUT_handler, MHD_HTTP_OK, false }, { "/coin-inconsistency", MHD_HTTP_METHOD_DELETE, "application/json", NULL, 0, - &TAH_COIN_INCONSISTENCY_handler_delete, MHD_HTTP_OK }, + &TAH_COIN_INCONSISTENCY_handler_delete, MHD_HTTP_OK, false }, { "/row-inconsistency", MHD_HTTP_METHOD_GET, "application/json", NULL, 0, - &TAH_ROW_INCONSISTENCY_handler_get, MHD_HTTP_OK }, + &TAH_ROW_INCONSISTENCY_handler_get, MHD_HTTP_OK, false }, { "/row-inconsistency", MHD_HTTP_METHOD_PUT, "application/json", NULL, 0, - &TAH_ROW_INCONSISTENCY_PUT_handler, MHD_HTTP_OK }, + &TAH_ROW_INCONSISTENCY_PUT_handler, MHD_HTTP_OK, false }, { "/row-inconsistency", MHD_HTTP_METHOD_DELETE, "application/json", NULL, 0, - &TAH_ROW_INCONSISTENCY_handler_delete, MHD_HTTP_OK }, + &TAH_ROW_INCONSISTENCY_handler_delete, MHD_HTTP_OK, false }, { "/reserve-balance-insufficient-inconsistency", MHD_HTTP_METHOD_GET, "application/json", NULL, 0, &TAH_RESERVE_BALANCE_INSUFFICIENT_INCONSISTENCY_handler_get, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/reserve-balance-insufficient-inconsistency", MHD_HTTP_METHOD_PUT, "application/json", NULL, 0, &TAH_RESERVE_BALANCE_INSUFFICIENT_INCONSISTENCY_handler_put, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/reserve-balance-insufficient-inconsistency", MHD_HTTP_METHOD_DELETE, "application/json", NULL, 0, &TAH_RESERVE_BALANCE_INSUFFICIENT_INCONSISTENCY_handler_delete, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/bad-sig-losses", MHD_HTTP_METHOD_GET, "application/json", NULL, 0, &TAH_BAD_SIG_LOSSES_handler_get, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/bad-sig-losses", MHD_HTTP_METHOD_PUT, "application/json", NULL, 0, &TAH_BAD_SIG_LOSSES_PUT_handler, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/bad-sig-losses", MHD_HTTP_METHOD_DELETE, "application/json", NULL, 0, &TAH_BAD_SIG_LOSSES_handler_delete, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/bad-sig-losses", MHD_HTTP_METHOD_PATCH, "application/json", NULL, 0, &TAH_BAD_SIG_LOSSES_handler_update, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/closure-lags", MHD_HTTP_METHOD_GET, "application/json", NULL, 0, &TAH_CLOSURE_LAGS_handler_get, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/closure-lags", MHD_HTTP_METHOD_PUT, "application/json", NULL, 0, &TAH_CLOSURE_LAGS_PUT_handler, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/closure-lags", MHD_HTTP_METHOD_DELETE, "application/json", NULL, 0, &TAH_CLOSURE_LAGS_handler_delete, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/closure-lags", MHD_HTTP_METHOD_PATCH, "application/json", NULL, 0, &TAH_CLOSURE_LAGS_handler_update, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/emergency", MHD_HTTP_METHOD_GET, "application/json", NULL, 0, &TAH_EMERGENCY_handler_get, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/emergency", MHD_HTTP_METHOD_PUT, "application/json", NULL, 0, &TAH_EMERGENCY_PUT_handler, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/emergency", MHD_HTTP_METHOD_DELETE, "application/json", NULL, 0, &TAH_EMERGENCY_handler_delete, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/emergency", MHD_HTTP_METHOD_PATCH, "application/json", NULL, 0, &TAH_EMERGENCY_handler_update, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/refreshes-hanging", MHD_HTTP_METHOD_GET, "application/json", NULL, 0, &TAH_REFRESHES_HANGING_handler_get, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/refreshes-hanging", MHD_HTTP_METHOD_PUT, "application/json", NULL, 0, &TAH_REFRESHES_HANGING_PUT_handler, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/refreshes-hanging", MHD_HTTP_METHOD_DELETE, "application/json", NULL, 0, &TAH_REFRESHES_HANGING_handler_delete, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/refreshes-hanging", MHD_HTTP_METHOD_PATCH, "application/json", NULL, 0, &TAH_REFRESHES_HANGING_handler_update, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/denomination-key-validity-withdraw-inconsistency", MHD_HTTP_METHOD_GET, "application/json", NULL, 0, &TAH_DENOMINATION_KEY_VALIDITY_WITHDRAW_INCONSISTENCY_handler_get, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/denomination-key-validity-withdraw-inconsistency", MHD_HTTP_METHOD_PUT, "application/json", NULL, 0, &TAH_DENOMINATION_KEY_VALIDITY_WITHDRAW_INCONSISTENCY_PUT_handler, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/denomination-key-validity-withdraw-inconsistency", MHD_HTTP_METHOD_DELETE, "application/json", NULL, 0, &TAH_DENOMINATION_KEY_VALIDITY_WITHDRAW_INCONSISTENCY_handler_delete, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/denomination-key-validity-withdraw-inconsistency", MHD_HTTP_METHOD_PATCH, "application/json", NULL, 0, &TAH_DENOMINATION_KEY_VALIDITY_WITHDRAW_INCONSISTENCY_handler_update, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/progress", MHD_HTTP_METHOD_GET, "application/json", NULL, 0, &TAH_PROGRESS_handler_get, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/progress", MHD_HTTP_METHOD_PUT, "application/json", NULL, 0, &TAH_PROGRESS_PUT_handler, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/progress", MHD_HTTP_METHOD_DELETE, "application/json", NULL, 0, &TAH_PROGRESS_handler_delete, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/progress", MHD_HTTP_METHOD_PATCH, "application/json", NULL, 0, &TAH_PROGRESS_handler_update, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/reserve-balance-insufficient-inconsistency", MHD_HTTP_METHOD_GET, "application/json", NULL, 0, &TAH_RESERVE_BALANCE_INSUFFICIENT_INCONSISTENCY_handler_get, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/reserve-balance-insufficient-inconsistency", MHD_HTTP_METHOD_PUT, "application/json", NULL, 0, &TAH_RESERVE_BALANCE_INSUFFICIENT_INCONSISTENCY_handler_put, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/reserve-balance-insufficient-inconsistency", MHD_HTTP_METHOD_DELETE, "application/json", NULL, 0, &TAH_RESERVE_BALANCE_INSUFFICIENT_INCONSISTENCY_handler_delete, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/reserve-balance-insufficient-inconsistency", MHD_HTTP_METHOD_PATCH, "application/json", NULL, 0, &TAH_RESERVE_BALANCE_INSUFFICIENT_INCONSISTENCY_handler_update, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/purse-not-closed-inconsistencies", MHD_HTTP_METHOD_GET, "application/json", NULL, 0, &TAH_PURSE_NOT_CLOSED_INCONSISTENCIES_handler_get, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/purse-not-closed-inconsistencies", MHD_HTTP_METHOD_PUT, "application/json", NULL, 0, &TAH_PURSE_NOT_CLOSED_INCONSISTENCIES_PUT_handler, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/purse-not-closed-inconsistencies", MHD_HTTP_METHOD_DELETE, "application/json", NULL, 0, &TAH_PURSE_NOT_CLOSED_INCONSISTENCIES_handler_delete, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/purse-not-closed-inconsistencies", MHD_HTTP_METHOD_PATCH, "application/json", NULL, 0, &TAH_PURSE_NOT_CLOSED_INCONSISTENCIES_handler_update, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/emergency-by-count", MHD_HTTP_METHOD_GET, "application/json", NULL, 0, &TAH_EMERGENCY_BY_COUNT_handler_get, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/emergency-by-count", MHD_HTTP_METHOD_PUT, "application/json", NULL, 0, &TAH_EMERGENCY_BY_COUNT_PUT_handler, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/emergency-by-count", MHD_HTTP_METHOD_DELETE, "application/json", NULL, 0, &TAH_EMERGENCY_BY_COUNT_handler_delete, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/emergency-by-count", MHD_HTTP_METHOD_PATCH, "application/json", NULL, 0, &TAH_EMERGENCY_BY_COUNT_handler_update, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/reserve-in-inconsistency", MHD_HTTP_METHOD_GET, "application/json", NULL, 0, &TAH_RESERVE_IN_INCONSISTENCY_handler_get, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/reserve-in-inconsistency", MHD_HTTP_METHOD_PUT, "application/json", NULL, 0, &TAH_RESERVE_IN_INCONSISTENCY_handler_put, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/reserve-in-inconsistency", MHD_HTTP_METHOD_DELETE, "application/json", NULL, 0, &TAH_RESERVE_IN_INCONSISTENCY_handler_delete, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/reserve-in-inconsistency", MHD_HTTP_METHOD_PATCH, "application/json", NULL, 0, &TAH_RESERVE_IN_INCONSISTENCY_handler_update, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/reserve-not-closed-inconsistency", MHD_HTTP_METHOD_GET, "application/json", NULL, 0, &TAH_RESERVE_NOT_CLOSED_INCONSISTENCY_handler_get, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/reserve-not-closed-inconsistency", MHD_HTTP_METHOD_PUT, "application/json", NULL, 0, &TAH_RESERVE_NOT_CLOSED_INCONSISTENCY_handler_put, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/reserve-not-closed-inconsistency", MHD_HTTP_METHOD_DELETE, "application/json", NULL, 0, &TAH_RESERVE_NOT_CLOSED_INCONSISTENCY_handler_delete, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/reserve-not-closed-inconsistency", MHD_HTTP_METHOD_PATCH, "application/json", NULL, 0, &TAH_RESERVE_NOT_CLOSED_INCONSISTENCY_handler_update, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/denominations-without-sigs", MHD_HTTP_METHOD_GET, "application/json", NULL, 0, &TAH_DENOMINATIONS_WITHOUT_SIGS_handler_get, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/denominations-without-sigs", MHD_HTTP_METHOD_PUT, "application/json", NULL, 0, &TAH_DENOMINATIONS_WITHOUT_SIGS_handler_put, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/denominations-without-sigs", MHD_HTTP_METHOD_DELETE, "application/json", NULL, 0, &TAH_DENOMINATIONS_WITHOUT_SIGS_handler_delete, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/denominations-without-sigs", MHD_HTTP_METHOD_PATCH, "application/json", NULL, 0, &TAH_DENOMINATIONS_WITHOUT_SIGS_handler_update, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/misattribution-in-inconsistency", MHD_HTTP_METHOD_GET, "application/json", NULL, 0, &TAH_MISATTRIBUTION_IN_INCONSISTENCY_handler_get, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/misattribution-in-inconsistency", MHD_HTTP_METHOD_PUT, "application/json", NULL, 0, &TAH_MISATTRIBUTION_IN_INCONSISTENCY_handler_put, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/misattribution-in-inconsistency", MHD_HTTP_METHOD_DELETE, "application/json", NULL, 0, &TAH_MISATTRIBUTION_IN_INCONSISTENCY_handler_delete, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/misattribution-in-inconsistency", MHD_HTTP_METHOD_PATCH, "application/json", NULL, 0, &TAH_MISATTRIBUTION_IN_INCONSISTENCY_handler_update, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/reserves", MHD_HTTP_METHOD_GET, "application/json", NULL, 0, &TAH_RESERVES_handler_get, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/reserves", MHD_HTTP_METHOD_PUT, "application/json", NULL, 0, &TAH_RESERVES_handler_put, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/reserves", MHD_HTTP_METHOD_DELETE, "application/json", NULL, 0, &TAH_RESERVES_handler_delete, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/reserves", MHD_HTTP_METHOD_PATCH, "application/json", NULL, 0, &TAH_RESERVES_handler_update, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/purses", MHD_HTTP_METHOD_GET, "application/json", NULL, 0, &TAH_PURSES_handler_get, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/purses", MHD_HTTP_METHOD_PUT, "application/json", NULL, 0, &TAH_PURSES_handler_put, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/purses", MHD_HTTP_METHOD_DELETE, "application/json", NULL, 0, &TAH_PURSES_handler_delete, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/purses", MHD_HTTP_METHOD_PATCH, "application/json", NULL, 0, &TAH_PURSES_handler_update, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/historic-denomination-revenue", MHD_HTTP_METHOD_GET, "application/json", NULL, 0, &TAH_HISTORIC_DENOMINATION_REVENUE_handler_get, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/historic-denomination-revenue", MHD_HTTP_METHOD_PUT, "application/json", NULL, 0, &TAH_HISTORIC_DENOMINATION_REVENUE_handler_put, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/historic-denomination-revenue", MHD_HTTP_METHOD_DELETE, "application/json", NULL, 0, &TAH_HISTORIC_DENOMINATION_REVENUE_handler_delete, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/historic-denomination-revenue", MHD_HTTP_METHOD_PATCH, "application/json", NULL, 0, &TAH_HISTORIC_DENOMINATION_REVENUE_handler_update, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/denomination-pending", MHD_HTTP_METHOD_GET, "application/json", NULL, 0, &TAH_DENOMINATION_PENDING_handler_get, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/denomination-pending", MHD_HTTP_METHOD_PUT, "application/json", NULL, 0, &TAH_DENOMINATION_PENDING_handler_put, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/denomination-pending", MHD_HTTP_METHOD_DELETE, "application/json", NULL, 0, &TAH_DENOMINATION_PENDING_handler_delete, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/denomination-pending", MHD_HTTP_METHOD_PATCH, "application/json", NULL, 0, &TAH_DENOMINATION_PENDING_handler_update, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/historic-reserve-summary", MHD_HTTP_METHOD_GET, "application/json", NULL, 0, &TAH_HISTORIC_RESERVE_SUMMARY_handler_get, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/historic-reserve-summary", MHD_HTTP_METHOD_PUT, "application/json", NULL, 0, &TAH_HISTORIC_RESERVE_SUMMARY_handler_put, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/historic-reserve-summary", MHD_HTTP_METHOD_DELETE, "application/json", NULL, 0, &TAH_HISTORIC_RESERVE_SUMMARY_handler_delete, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/historic-reserve-summary", MHD_HTTP_METHOD_PATCH, "application/json", NULL, 0, &TAH_HISTORIC_RESERVE_SUMMARY_handler_update, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/exchange-signkeys", MHD_HTTP_METHOD_GET, "application/json", NULL, 0, &TAH_EXCHANGE_SIGNKEYS_handler_get, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/exchange-signkeys", MHD_HTTP_METHOD_PUT, "application/json", NULL, 0, &TAH_EXCHANGE_SIGNKEYS_handler_put, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/exchange-signkeys", MHD_HTTP_METHOD_DELETE, "application/json", NULL, 0, &TAH_EXCHANGE_SIGNKEYS_handler_delete, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/exchange-signkeys", MHD_HTTP_METHOD_PATCH, "application/json", NULL, 0, &TAH_EXCHANGE_SIGNKEYS_handler_update, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/wire-format-inconsistency", MHD_HTTP_METHOD_GET, "application/json", NULL, 0, &TAH_WIRE_FORMAT_INCONSISTENCY_handler_get, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/wire-format-inconsistency", MHD_HTTP_METHOD_PUT, "application/json", NULL, 0, &TAH_WIRE_FORMAT_INCONSISTENCY_handler_put, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/wire-format-inconsistency", MHD_HTTP_METHOD_DELETE, "application/json", NULL, 0, &TAH_WIRE_FORMAT_INCONSISTENCY_handler_delete, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/wire-format-inconsistency", MHD_HTTP_METHOD_PATCH, "application/json", NULL, 0, &TAH_WIRE_FORMAT_INCONSISTENCY_handler_update, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/wire-out-inconsistency", MHD_HTTP_METHOD_GET, "application/json", NULL, 0, &TAH_WIRE_OUT_INCONSISTENCY_handler_get, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/wire-out-inconsistency", MHD_HTTP_METHOD_PUT, "application/json", NULL, 0, &TAH_WIRE_OUT_INCONSISTENCY_handler_put, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/wire-out-inconsistency", MHD_HTTP_METHOD_DELETE, "application/json", NULL, 0, &TAH_WIRE_OUT_INCONSISTENCY_handler_delete, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/wire-out-inconsistency", MHD_HTTP_METHOD_PATCH, "application/json", NULL, 0, &TAH_WIRE_OUT_INCONSISTENCY_handler_update, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/reserve-balance-summary-wrong-inconsistency", MHD_HTTP_METHOD_GET, "application/json", NULL, 0, &TAH_RESERVE_BALANCE_SUMMARY_WRONG_INCONSISTENCY_handler_get, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/reserve-balance-summary-wrong-inconsistency", MHD_HTTP_METHOD_PUT, "application/json", NULL, 0, &TAH_RESERVE_BALANCE_SUMMARY_WRONG_INCONSISTENCY_handler_put, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/reserve-balance-summary-wrong-inconsistency", MHD_HTTP_METHOD_DELETE, "application/json", NULL, 0, &TAH_RESERVE_BALANCE_SUMMARY_WRONG_INCONSISTENCY_handler_delete, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/reserve-balance-summary-wrong-inconsistency", MHD_HTTP_METHOD_PATCH, "application/json", NULL, 0, &TAH_RESERVE_BALANCE_SUMMARY_WRONG_INCONSISTENCY_handler_update, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/row-minor-inconsistencies", MHD_HTTP_METHOD_GET, "application/json", NULL, 0, &TAH_ROW_MINOR_INCONSISTENCIES_handler_get, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/row-minor-inconsistencies", MHD_HTTP_METHOD_PUT, "application/json", NULL, 0, &TAH_ROW_MINOR_INCONSISTENCIES_handler_put, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/row-minor-inconsistencies", MHD_HTTP_METHOD_DELETE, "application/json", NULL, 0, &TAH_ROW_MINOR_INCONSISTENCIES_handler_delete, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/row-minor-inconsistencies", MHD_HTTP_METHOD_PATCH, "application/json", NULL, 0, &TAH_ROW_MINOR_INCONSISTENCIES_handler_update, - MHD_HTTP_OK }, + MHD_HTTP_OK, false }, { "/config", MHD_HTTP_METHOD_GET, "application/json", NULL, 0, - &handle_config, MHD_HTTP_OK }, + &handle_config, MHD_HTTP_OK, true }, /* Landing page, for now tells humans to go away * (NOTE: ideally, the reverse proxy will respond with a nicer page) */ { "/", MHD_HTTP_METHOD_GET, "text/plain", "Hello, I'm the Taler auditor. This HTTP server is not for humans.\n", 0, - &TAH_MHD_handler_static_response, MHD_HTTP_OK }, + &TAH_MHD_handler_static_response, MHD_HTTP_OK, true }, /* /robots.txt: disallow everything */ { "/robots.txt", MHD_HTTP_METHOD_GET, "text/plain", "User-agent: *\nDisallow: /\n", 0, - &TAH_MHD_handler_static_response, MHD_HTTP_OK }, + &TAH_MHD_handler_static_response, MHD_HTTP_OK, true }, /* AGPL licensing page, redirect to source. As per the AGPL-license, every deployment is required to offer the user a download of the source. We make this easy by including a redirect t the source here. */ { "/agpl", MHD_HTTP_METHOD_GET, "text/plain", NULL, 0, - &TAH_MHD_handler_agpl_redirect, MHD_HTTP_FOUND }, - { NULL, NULL, NULL, NULL, 0, NULL, 0 } + &TAH_MHD_handler_agpl_redirect, MHD_HTTP_FOUND, true }, + { NULL, NULL, NULL, NULL, 0, NULL, 0, false } }; (void) cls; @@ -996,12 +1035,76 @@ handle_mhd_request (void *cls, ( (NULL == rh->method) || (0 == strcasecmp (method, rh->method)) ) ) + { + + if (! rh->no_auth_required) + { + + const char *auth; + + /* PATCHing an instance can alternatively be checked against + the default instance */ + auth = MHD_lookup_connection_value (connection, + MHD_HEADER_KIND, + MHD_HTTP_HEADER_AUTHORIZATION); + +// let some requests as through, even if they don't have an auth token + if (NULL != auth) + { + /* We _only_ complain about malformed auth headers if + authorization was truly required (#6737). This helps + in case authorization was disabled in the backend + because some reverse proxy is already doing it, and + then that reverse proxy may forward malformed auth + headers to the backend. */ + extract_token (&auth); + if (NULL == auth) + return TALER_MHD_reply_with_error (connection, + MHD_HTTP_UNAUTHORIZED, + TALER_EC_GENERIC_PARAMETER_MALFORMED, + "'" RFC_8959_PREFIX + "' prefix or 'Bearer' missing in 'Authorization' header"); + + if (strcmp (auth,TMA_auth) == 0) + { + + printf ("AUTH SUCCESS \n"); + + } + else + { + + return TALER_MHD_reply_with_error (connection, + MHD_HTTP_UNAUTHORIZED, + TALER_EC_MERCHANT_GENERIC_UNAUTHORIZED, + "Check 'Authorization' header"); + + + } + + + } + else + { + return TALER_MHD_reply_with_error (connection, + MHD_HTTP_UNAUTHORIZED, + TALER_EC_MERCHANT_GENERIC_UNAUTHORIZED, + "Check 'Authorization' header"); + } + + + } + return rh->handler (rh, connection, con_cls, upload_data, upload_data_size, args); + + } + + } #define NOT_FOUND "<html><title>404: not found</title></html>" return TALER_MHD_reply_static (connection, @@ -1195,6 +1298,32 @@ run (void *cls, enum TALER_MHD_GlobalOptions go; int fh; + { + const char *tok; + + tok = getenv ("TALER_AUDITOR_TOKEN"); + + printf ("token: %s\n", tok); + + if ( (NULL != tok) && + (NULL == TMA_auth) ) + TMA_auth = GNUNET_strdup (tok); + if ( (NULL != TMA_auth) && + (0 != strncmp (TMA_auth, + RFC_8959_PREFIX, + strlen (RFC_8959_PREFIX))) ) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Authentication token does not start with `%s' prefix\n", + RFC_8959_PREFIX); + global_ret = EXIT_NOTCONFIGURED; + GNUNET_SCHEDULER_shutdown (); + return; + } + + + } + (void) cls; (void) args; (void) cfgfile; |