From 234dbcc7b71ac98e7f63393e454377d1e2ae11c7 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Thu, 4 May 2017 15:18:43 +0200 Subject: switch bank api to new authentication method API --- src/bank-lib/Makefile.am | 3 +- src/bank-lib/bank_api_admin.c | 26 +++++------ src/bank-lib/bank_api_common.c | 88 ++++++++++++++++++++++++++++++++++++ src/bank-lib/bank_api_common.h | 42 +++++++++++++++++ src/bank-lib/fakebank.c | 6 --- src/bank-lib/test_bank_interpreter.c | 13 ++---- 6 files changed, 149 insertions(+), 29 deletions(-) create mode 100644 src/bank-lib/bank_api_common.c create mode 100644 src/bank-lib/bank_api_common.h (limited to 'src/bank-lib') diff --git a/src/bank-lib/Makefile.am b/src/bank-lib/Makefile.am index a87a2c467..feb7e50f9 100644 --- a/src/bank-lib/Makefile.am +++ b/src/bank-lib/Makefile.am @@ -15,7 +15,8 @@ libtalerbank_la_LDFLAGS = \ -no-undefined libtalerbank_la_SOURCES = \ - bank_api_admin.c + bank_api_admin.c \ + bank_api_common.c bank_api_common.h libtalerbank_la_LIBADD = \ $(top_builddir)/src/json/libtalerjson.la \ diff --git a/src/bank-lib/bank_api_admin.c b/src/bank-lib/bank_api_admin.c index 0db28e479..213cd08b3 100644 --- a/src/bank-lib/bank_api_admin.c +++ b/src/bank-lib/bank_api_admin.c @@ -20,13 +20,8 @@ * @author Christian Grothoff */ #include "platform.h" -#include +#include "bank_api_common.h" #include /* just for HTTP status codes */ -#include -#include -#include -#include "taler_bank_service.h" -#include "taler_json_lib.h" #include "taler_signatures.h" @@ -52,9 +47,9 @@ struct TALER_BANK_AdminAddIncomingHandle struct GNUNET_CURL_Job *job; /** - * HTTP headers for the request. + * HTTP authentication-related headers for the request. */ - struct curl_slist *headers; + struct curl_slist *authh; /** * Function to call with the result. @@ -162,8 +157,8 @@ handle_admin_add_incoming_finished (void *cls, * to the operators of the bank. * * @param ctx curl context for the event loop - * @param auth authentication data to send to the bank * @param bank_base_url URL of the bank (used to execute this request) + * @param auth authentication data to send to the bank * @param exchange_base_url base URL of the exchange (for tracking) * @param wtid wire transfer identifier for the transfer * @param amount amount that was deposited @@ -177,8 +172,8 @@ handle_admin_add_incoming_finished (void *cls, */ struct TALER_BANK_AdminAddIncomingHandle * TALER_BANK_admin_add_incoming (struct GNUNET_CURL_Context *ctx, - const json_t *auth, const char *bank_base_url, + const struct TALER_BANK_AuthenticationData *auth, const char *exchange_base_url, const struct TALER_WireTransferIdentifierRawP *wtid, const struct TALER_Amount *amount, @@ -191,9 +186,8 @@ TALER_BANK_admin_add_incoming (struct GNUNET_CURL_Context *ctx, json_t *admin_obj; CURL *eh; - admin_obj = json_pack ("{s:s, s:O, s:o, s:o, s:I, s:I}", + admin_obj = json_pack ("{s:s, s:o, s:o, s:I, s:I}", "exchange_url", exchange_base_url, - "auth", auth, "wtid", GNUNET_JSON_from_data_auto (wtid), "amount", TALER_JSON_from_amount (amount), "debit_account", (json_int_t) debit_account_no, @@ -203,12 +197,16 @@ TALER_BANK_admin_add_incoming (struct GNUNET_CURL_Context *ctx, aai->cb_cls = res_cb_cls; aai->request_url = path_to_url (bank_base_url, "/admin/add/incoming"); - + aai->authh = TALER_BANK_make_auth_header_ (auth); eh = curl_easy_init (); GNUNET_assert (NULL != (aai->json_enc = json_dumps (admin_obj, JSON_COMPACT))); json_decref (admin_obj); + GNUNET_assert (CURLE_OK == + curl_easy_setopt (eh, + CURLOPT_HTTPHEADER, + aai->authh)); GNUNET_assert (CURLE_OK == curl_easy_setopt (eh, CURLOPT_URL, @@ -244,7 +242,7 @@ TALER_BANK_admin_add_incoming_cancel (struct TALER_BANK_AdminAddIncomingHandle * GNUNET_CURL_job_cancel (aai->job); aai->job = NULL; } - curl_slist_free_all (aai->headers); + curl_slist_free_all (aai->authh); GNUNET_free (aai->request_url); GNUNET_free (aai->json_enc); GNUNET_free (aai); diff --git a/src/bank-lib/bank_api_common.c b/src/bank-lib/bank_api_common.c new file mode 100644 index 000000000..0476379d8 --- /dev/null +++ b/src/bank-lib/bank_api_common.c @@ -0,0 +1,88 @@ +/* + This file is part of TALER + Copyright (C) 2015, 2016, 2017 GNUnet e.V. + + TALER is free software; you can redistribute it and/or modify it under the + terms of the GNU General Public License as published by the Free Software + Foundation; either version 3, or (at your option) any later version. + + TALER is distributed in the hope that it will be useful, but WITHOUT ANY + WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + A PARTICULAR PURPOSE. See the GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along with + TALER; see the file COPYING. If not, see + +*/ +/** + * @file bank-lib/bank_api_common.c + * @brief Common functions for the bank API + * @author Christian Grothoff + */ +#include "platform.h" +#include "bank_api_common.h" + + +/** + * Append HTTP key-value pair to curl header list. + * + * @param hdr list to append to, can be NULL + * @param key key to append + * @param value value to append + * @return new list, NULL on error + */ +static struct curl_slist * +append (struct curl_slist *hdr, + const char *key, + const char *value) +{ + char *str; + struct curl_slist *ret; + + GNUNET_asprintf (&str, + "%s: %s", + key, + value); + ret = curl_slist_append (hdr, + str); + GNUNET_free (str); + if (NULL == ret) + { + GNUNET_break (0); + curl_slist_free_all (hdr); + return NULL; + } + return ret; +} + + +/** + * Build authentication header from @a auth. + * + * @param auth authentication data to use + * @return NULL on error, otherwise curl headers to use + */ +struct curl_slist * +TALER_BANK_make_auth_header_ (const struct TALER_BANK_AuthenticationData *auth) +{ + struct curl_slist *authh; + + switch (auth->method) + { + case TALER_BANK_AUTH_NONE: + return NULL; + case TALER_BANK_AUTH_BASIC: + authh = append (NULL, + "X-Taler-Bank-Username", + auth->details.basic.username); + if (NULL == authh) + return NULL; + authh = append (authh, + "X-Taler-Bank-Password", + auth->details.basic.password); + break; + } + return authh; +} + +/* end of bank_api_common.c */ diff --git a/src/bank-lib/bank_api_common.h b/src/bank-lib/bank_api_common.h new file mode 100644 index 000000000..a979ee3ac --- /dev/null +++ b/src/bank-lib/bank_api_common.h @@ -0,0 +1,42 @@ +/* + This file is part of TALER + Copyright (C) 2015, 2016, 2017 GNUnet e.V. + + TALER is free software; you can redistribute it and/or modify it under the + terms of the GNU General Public License as published by the Free Software + Foundation; either version 3, or (at your option) any later version. + + TALER is distributed in the hope that it will be useful, but WITHOUT ANY + WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + A PARTICULAR PURPOSE. See the GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along with + TALER; see the file COPYING. If not, see + +*/ +/** + * @file bank-lib/bank_api_common.h + * @brief Common functions for the bank API + * @author Christian Grothoff + */ +#ifndef BANK_API_COMMON_H +#define BANK_API_COMMON_H +#include +#include +#include +#include +#include "taler_bank_service.h" +#include "taler_json_lib.h" + + +/** + * Build authentication header from @a auth. + * + * @param auth authentication data to use + * @return NULL on error, otherwise curl headers to use + */ +struct curl_slist * +TALER_BANK_make_auth_header_ (const struct TALER_BANK_AuthenticationData *auth); + + +#endif diff --git a/src/bank-lib/fakebank.c b/src/bank-lib/fakebank.c index 486c7a7e2..88d5c36db 100644 --- a/src/bank-lib/fakebank.c +++ b/src/bank-lib/fakebank.c @@ -318,13 +318,11 @@ handle_mhd_request (void *cls, t = GNUNET_new (struct Transaction); { const char *base_url; - json_t *auth; struct GNUNET_JSON_Specification spec[] = { GNUNET_JSON_spec_fixed_auto ("wtid", &t->wtid), GNUNET_JSON_spec_uint64 ("debit_account", &t->debit_account), GNUNET_JSON_spec_uint64 ("credit_account", &t->credit_account), TALER_JSON_spec_amount ("amount", &t->amount), - GNUNET_JSON_spec_json ("auth", &auth), GNUNET_JSON_spec_string ("exchange_url", &base_url), GNUNET_JSON_spec_end () }; @@ -337,10 +335,6 @@ handle_mhd_request (void *cls, json_decref (json); return MHD_NO; } - /* For now, we ignore authentication, this is the fakebank. - We may choose to support "proper" authentication once - it is non-trivial and actually needs to be tested. */ - json_decref (auth); t->exchange_base_url = GNUNET_strdup (base_url); GNUNET_CONTAINER_DLL_insert (h->transactions_head, h->transactions_tail, diff --git a/src/bank-lib/test_bank_interpreter.c b/src/bank-lib/test_bank_interpreter.c index 346e32085..5f2d66648 100644 --- a/src/bank-lib/test_bank_interpreter.c +++ b/src/bank-lib/test_bank_interpreter.c @@ -188,7 +188,7 @@ interpreter_run (void *cls) struct TALER_WireTransferIdentifierRawP wtid; struct TALER_Amount amount; const struct GNUNET_SCHEDULER_TaskContext *tc; - json_t *auth; + struct TALER_BANK_AuthenticationData auth; is->task = NULL; tc = GNUNET_SCHEDULER_get_task_context (); @@ -220,15 +220,13 @@ interpreter_run (void *cls) GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE, &cmd->details.admin_add_incoming.wtid, sizeof (cmd->details.admin_add_incoming.wtid)); - auth = json_pack ("{s:s, s:{s:s, s:s}}", - "type", "basic", - "data", - "username", "user", - "password", "pass"); + auth.method = TALER_BANK_AUTH_BASIC; /* or "NONE"? */ + auth.details.basic.username = "user"; + auth.details.basic.password = "pass"; cmd->details.admin_add_incoming.aih = TALER_BANK_admin_add_incoming (is->ctx, - auth, "http://localhost:8081", + &auth, cmd->details.admin_add_incoming.exchange_base_url, &cmd->details.admin_add_incoming.wtid, &amount, @@ -236,7 +234,6 @@ interpreter_run (void *cls) cmd->details.admin_add_incoming.credit_account_no, &add_incoming_cb, is); - json_decref (auth); if (NULL == cmd->details.admin_add_incoming.aih) { GNUNET_break (0); -- cgit v1.2.3