do not consider an order paid if last session id does not match

5 files changed, 27 insertions, 10 deletions

diff --git a/src/backend/taler-merchant-httpd_check-payment.c b/src/backend/taler-merchant-httpd_check-payment.c
index e00c8a70..b0d380f9 100644
--- a/src/backend/taler-merchant-httpd_check-payment.c
+++ b/src/backend/taler-merchant-httpd_check-payment.c
@@ -290,6 +290,7 @@ MH_handler_check_payment (struct TMH_RequestHandler *rh,
   session_id = MHD_lookup_connection_value (connection,
                                                 MHD_GET_ARGUMENT_KIND,
                                                 "session_id");
+
   session_sig_str = MHD_lookup_connection_value (connection,
                                                 MHD_GET_ARGUMENT_KIND,
                                                 "session_sig");
@@ -362,6 +363,22 @@ MH_handler_check_payment (struct TMH_RequestHandler *rh,
   GNUNET_assert (NULL != contract_terms);
   GNUNET_assert (NULL != last_session_id);
 
+  if ( (NULL != session_id) && (0 != strcmp (session_id, last_session_id)) )
+  {
+
+    ret = send_pay_request (connection,
+                            final_contract_url,
+                            session_id,
+                            resource_url,
+                            h_contract_terms_str,
+                            mi);
+
+    json_decref (contract_terms);
+    GNUNET_free (last_session_id);
+    GNUNET_free (final_contract_url);
+    return ret;
+  }
+
   if (GNUNET_OK !=
       TALER_JSON_hash (contract_terms,
                        &h_contract_terms))
diff --git a/src/include/taler_merchant_service.h b/src/include/taler_merchant_service.h
index 30059639..46e6ec9f 100644
--- a/src/include/taler_merchant_service.h
+++ b/src/include/taler_merchant_service.h
@@ -963,7 +963,7 @@ struct TALER_MERCHANT_CheckPaymentOperation;
  *        #GNUNET_NO if refunded, #GNUNET_SYSERR or error
  * @param refunded_amount amount that was refunded, NULL if there
  *        was no refund
- * @param payment_redirect_url URL to redirect the browser to in order to
+ * @param fallback_request_payment_url URL to redirect the browser to in order to
  *        execute or re-play the payment (NULL if not applicable)
  */
 typedef void
@@ -973,7 +973,7 @@ typedef void
                                         int paid,
                                         int refunded,
                                         struct TALER_Amount *refund_amount,
-                                        const char *payment_redirect_url);
+                                        const char *fallback_request_payment_url);
 
 
 /**
diff --git a/src/lib/merchant_api_check_payment.c b/src/lib/merchant_api_check_payment.c
index eb5c4202..4605f476 100644
--- a/src/lib/merchant_api_check_payment.c
+++ b/src/lib/merchant_api_check_payment.c
@@ -111,11 +111,11 @@ handle_check_payment_finished (void *cls,
 
   if (! json_boolean_value (json_object_get (json, "paid")))
   {
-    const char *payment_redirect_url = json_string_value (json_object_get (json, "payment_redirect_url"));
-    if (NULL == payment_redirect_url)
+    const char *fallback_request_payment_url = json_string_value (json_object_get (json, "fallback_request_payment_url"));
+    if (NULL == fallback_request_payment_url)
     {
       GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
-                  "no payment_redirect_url in unpaid check-payment response\n");
+                  "no fallback_request_payment_url in unpaid check-payment response\n");
       GNUNET_break_op (0);
       cpo->cb (cpo->cb_cls,
                0,
@@ -131,7 +131,7 @@ handle_check_payment_finished (void *cls,
                GNUNET_NO,
                GNUNET_NO,
                &refund_amount,
-               payment_redirect_url);
+               fallback_request_payment_url);
     }
     TALER_MERCHANT_check_payment_cancel (cpo);
     return;
diff --git a/src/lib/test_merchant_api_twisted.c b/src/lib/test_merchant_api_twisted.c
index f5403bf6..9646fd16 100644
--- a/src/lib/test_merchant_api_twisted.c
+++ b/src/lib/test_merchant_api_twisted.c
@@ -303,7 +303,7 @@ run (void *cls,
 
     TALER_TESTING_cmd_delete_object ("hack-check-payment-0",
                                      PROXY_MERCHANT_CONFIG_FILE,
-                                     "payment_redirect_url"),
+                                     "fallback_request_payment_url"),
     TALER_TESTING_cmd_check_payment
       ("check-payment-fail-invalid",
        twister_merchant_url,
diff --git a/src/lib/testing_api_cmd_pay.c b/src/lib/testing_api_cmd_pay.c
index 68e8b22c..a9947a50 100644
--- a/src/lib/testing_api_cmd_pay.c
+++ b/src/lib/testing_api_cmd_pay.c
@@ -316,7 +316,7 @@ check_payment_cleanup (void *cls,
  *        refunded (not refunded).
  * @param refund_amount the amount that was refunded to this
  *        contract.
- * @param payment_redirect_url URL where the payment has to be
+ * @param fallback_request_payment_url URL where the payment has to be
  *        addressed.
  */
 static void
@@ -326,7 +326,7 @@ check_payment_cb (void *cls,
                   int paid,
                   int refunded,
                   struct TALER_Amount *refund_amount,
-                  const char *payment_redirect_url)
+                  const char *fallback_request_payment_url)
 {
   struct CheckPaymentState *cps = cls;
 
@@ -341,7 +341,7 @@ check_payment_cb (void *cls,
               paid);
   GNUNET_log (GNUNET_ERROR_TYPE_INFO,
               "check payment: url: %s\n",
-              payment_redirect_url);
+              fallback_request_payment_url);
 
   if (paid != cps->expect_paid)
     TALER_TESTING_FAIL (cps->is);