diff options
Diffstat (limited to 'src/exchange/taler-exchange-httpd_reserves_attest.c')
| -rw-r--r-- | src/exchange/taler-exchange-httpd_reserves_attest.c | 124 |
1 files changed, 60 insertions, 64 deletions
diff --git a/src/exchange/taler-exchange-httpd_reserves_attest.c b/src/exchange/taler-exchange-httpd_reserves_attest.c index f88f2c300..7bbebaad7 100644 --- a/src/exchange/taler-exchange-httpd_reserves_attest.c +++ b/src/exchange/taler-exchange-httpd_reserves_attest.c @@ -68,7 +68,7 @@ struct ReserveAttestContext /** * List of requested details. */ - json_t *details; + const json_t *details; /** * Client signature approving the request. @@ -76,14 +76,14 @@ struct ReserveAttestContext struct TALER_ReserveSignatureP reserve_sig; /** - * Attributes we are affirming. + * Attributes we are affirming. JSON object. */ json_t *json_attest; /** - * Error code encountered in interaction with KYC provider. + * Database error codes encountered. */ - enum TALER_ErrorCode ec; + enum GNUNET_DB_QueryStatus qs; /** * Set to true if we did not find the reserve. @@ -140,8 +140,12 @@ reply_reserve_attest_success (struct MHD_Connection *connection, &exchange_sig), GNUNET_JSON_pack_data_auto ("exchange_pub", &exchange_pub), - GNUNET_JSON_pack_array_steal ("attest", - rhc->json_attest)); + GNUNET_JSON_pack_timestamp ("exchange_timestamp", + now), + GNUNET_JSON_pack_timestamp ("expiration_time", + rhc->etime), + GNUNET_JSON_pack_object_steal ("attributes", + rhc->json_attest)); } @@ -152,68 +156,68 @@ reply_reserve_attest_success (struct MHD_Connection *connection, * set based on the details requested by the client. * * @param cls our `struct ReserveAttestContext *` - * @param provider_section KYC provider configuration section - * @param provider_user_id UID at a provider (can be NULL) - * @param legi_id legitimization process ID (can be NULL) + * @param h_payto account for which the attribute data is stored + * @param provider_section provider that must be checked + * @param collection_time when was the data collected + * @param expiration_time when does the data expire + * @param enc_attributes_size number of bytes in @a enc_attributes + * @param enc_attributes encrypted attribute data */ static void kyc_process_cb (void *cls, + const struct TALER_PaytoHashP *h_payto, const char *provider_section, - const char *provider_user_id, - const char *legi_id) + struct GNUNET_TIME_Timestamp collection_time, + struct GNUNET_TIME_Timestamp expiration_time, + size_t enc_attributes_size, + const void *enc_attributes) { struct ReserveAttestContext *rsc = cls; - struct GNUNET_TIME_Timestamp etime; json_t *attrs; + json_t *val; + const char *name; bool match = false; - rsc->ec = TALER_KYCLOGIC_user_to_attributes (provider_section, - provider_user_id, - legi_id, - &etime, - &attrs); - if (TALER_EC_NONE != rsc->ec) + if (GNUNET_TIME_absolute_is_past (expiration_time.abs_time)) return; - if (GNUNET_TIME_absolute_is_past (etime.abs_time)) + attrs = TALER_CRYPTO_kyc_attributes_decrypt (&TEH_attribute_key, + enc_attributes, + enc_attributes_size); + json_object_foreach (attrs, name, val) { - json_decref (attrs); - return; - } - { - json_t *val; - const char *name; - - json_object_foreach (attrs, name, val) + bool requested = false; + size_t idx; + json_t *str; + + if (NULL != json_object_get (rsc->json_attest, + name)) + continue; /* duplicate */ + json_array_foreach (rsc->details, idx, str) { - bool requested = false; - size_t idx; - json_t *str; - - if (NULL != json_object_get (rsc->json_attest, - name)) - continue; /* duplicate */ - json_array_foreach (rsc->details, idx, str) + if (0 == strcmp (json_string_value (str), + name)) { - if (0 == strcmp (json_string_value (str), - name)) - { - requested = true; - break; - } + requested = true; + break; } - if (! requested) - continue; - match = true; - GNUNET_assert (0 == - json_object_set (rsc->json_attest, /* NOT set_new! */ - name, - val)); } + if (! requested) + { + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Skipping attribute `%s': not requested\n", + name); + continue; + } + match = true; + GNUNET_assert (0 == + json_object_set (rsc->json_attest, /* NOT set_new! */ + name, + val)); } json_decref (attrs); if (! match) return; - rsc->etime = GNUNET_TIME_timestamp_min (etime, + rsc->etime = GNUNET_TIME_timestamp_min (expiration_time, rsc->etime); } @@ -241,9 +245,9 @@ reserve_attest_transaction (void *cls, struct ReserveAttestContext *rsc = cls; enum GNUNET_DB_QueryStatus qs; - rsc->json_attest = json_array (); + rsc->json_attest = json_object (); GNUNET_assert (NULL != rsc->json_attest); - qs = TEH_plugin->iterate_kyc_reference (TEH_plugin->cls, + qs = TEH_plugin->select_kyc_attributes (TEH_plugin->cls, &rsc->h_payto, &kyc_process_cb, rsc); @@ -255,7 +259,7 @@ reserve_attest_transaction (void *cls, = TALER_MHD_reply_with_error (connection, MHD_HTTP_INTERNAL_SERVER_ERROR, TALER_EC_GENERIC_DB_FETCH_FAILED, - "iterate_kyc_reference"); + "select_kyc_attributes"); return qs; case GNUNET_DB_STATUS_SOFT_ERROR: GNUNET_break (0); @@ -283,8 +287,8 @@ TEH_handler_reserves_attest (struct TEH_RequestContext *rc, struct GNUNET_JSON_Specification spec[] = { GNUNET_JSON_spec_timestamp ("request_timestamp", &rsc.timestamp), - GNUNET_JSON_spec_json ("details", - &rsc.details), + GNUNET_JSON_spec_array_const ("details", + &rsc.details), GNUNET_JSON_spec_fixed_auto ("reserve_sig", &rsc.reserve_sig), GNUNET_JSON_spec_end () @@ -373,16 +377,8 @@ TEH_handler_reserves_attest (struct TEH_RequestContext *rc, TALER_EC_EXCHANGE_GENERIC_RESERVE_UNKNOWN, args[0]); } - if (TALER_EC_NONE != rsc.ec) - { - json_decref (rsc.json_attest); - return TALER_MHD_reply_with_ec (rc->connection, - rsc.ec, - NULL); - } - mhd_ret = reply_reserve_attest_success (rc->connection, - &rsc); - return mhd_ret; + return reply_reserve_attest_success (rc->connection, + &rsc); } |