adapting the blog to new payment protocol

6 files changed, 58 insertions, 77 deletions

diff --git a/src/frontend/pay.php b/src/frontend/pay.php
index 6f0f0c0d..be4c25bc 100644
--- a/src/frontend/pay.php
+++ b/src/frontend/pay.php
@@ -42,7 +42,6 @@ if (empty($receiver))
   return;
 }
 
-
 $post_body = file_get_contents('php://input');
 $deposit_permission = json_decode ($post_body, true);
 
diff --git a/src/frontend_blog/essay_contract.php b/src/frontend_blog/essay_contract.php
index 478e70fb..e256b0ca 100644
--- a/src/frontend_blog/essay_contract.php
+++ b/src/frontend_blog/essay_contract.php
@@ -51,13 +51,12 @@ $transaction_id = rand(0, 1001);
 // Include all information so we can
 // restore the contract without storing it
 $fulfillment_url = url_rel("essay_fulfillment.php")
-  . '?uuid=${H_contract}'
-  . '&article=' . urlencode($article)
+  . '&uuid=${H_contract}' //<= super weird: that should be a '?', not '&', but works
   . '&aval=' . urlencode($amount_value)
   . '&afrac=' . urlencode($amount_fraction)
   . '&acurr=' . urlencode($currency)
   . '&tid=' . $transaction_id;
-file_put_contents("/tmp/debg1", $fulfillment_url);
+//file_put_contents("/tmp/debg1", $fulfillment_url);
 $contract_json = generate_contract($amount_value,
                                    $amount_fraction,
 				   $currency,
@@ -78,15 +77,22 @@ http_response_code ($status_code);
 // Now generate our body  
 if ($status_code != 200)
 {
-  echo "Error while generating the contract";
-  echo $resp->body->toString ();
+  echo json_encode(array(
+    'error' => "internal error",
+    'hint' => "backend indicated error",
+    'detail' => $resp->body->toString()
+  ), JSON_PRETTY_PRINT);
 }
 else
-{ $got_json = json_decode ($resp->body->toString ());
-  $_SESSION['H_contract'] = $got_json->H_contract;
-  $_SESSION['article_value'] = 1;
-  $_SESSION['article_fraction'] = 0;
-  $_SESSION['article_currency'] = "KUDOS";
-  echo $resp->body->toString ();
+{
+  $got_json = json_decode($resp->body->toString(), true);
+  $hc = $got_json["H_contract"];
+
+  $payments = &pull($_SESSION, "payments", array());
+  $payments[$hc] = array(
+    'article' => $article,
+  );
+
+  echo json_encode ($got_json, JSON_PRETTY_PRINT);
 }
 ?>
diff --git a/src/frontend_blog/essay_fulfillment.php b/src/frontend_blog/essay_fulfillment.php
index 611990b7..38925dc4 100644
--- a/src/frontend_blog/essay_fulfillment.php
+++ b/src/frontend_blog/essay_fulfillment.php
@@ -52,6 +52,7 @@
  */
 
 include '../frontend_lib/util.php';
+include './blog_lib.php';
 
 $hc = get($_GET["uuid"]);
 
@@ -85,34 +86,15 @@ if (null === $my_payment)
 if (true !== get($my_payment["is_payed"], false))
 {
   echo "<p>you have not payed for this contract: " . $hc . "</p>";
-  echo "<p>Asking the wallet to re-execute it ... </p>";
+  echo "<p>Asking the wallet to re-execute it ... at $pay_url </p>";
   echo "<script>executePayment('$hc', '$pay_url');</script>";
   return;
 }
 
 $article = $my_payment["article"];
 
-$news = false;
-switch ($receiver)
-{
-  case "Taler":
-    $news = "https://taler.net/news";
-    break;
-  case "GNUnet":
-    $news = "https://gnunet.org/";
-    break;
-  case "Tor":
-    $news = "https://www.torproject.org/press/press.html.en";
-    break;
-}
-
-$msg = "<p>Thanks for donating to " . $receiver . ".</p>";
-if ($news)
-{
-  $msg .= "<p>Check our latest <a href=\"" . $news . "\">news!</a></p>";
-}
-
-echo $msg;
+$article_doc = get_article($article);
+echo $article_doc->saveHTML();
 
 ?>
     </article>
diff --git a/src/frontend_blog/essay_pay.php b/src/frontend_blog/essay_pay.php
index 1e017428..33280f40 100644
--- a/src/frontend_blog/essay_pay.php
+++ b/src/frontend_blog/essay_pay.php
@@ -26,62 +26,57 @@ include("../frontend_lib/util.php");
 include("./blog_lib.php");
 
 session_start();
-if (!isset($_SESSION['H_contract']))
+
+$hc = get($_GET["uuid"]);
+if (empty($hc))
 {
-  echo "No session active.";
-  http_response_code (301);
+  http_response_code(400);
+  echo json_encode(array(
+    "error" => "missing parameter",
+    "parameter" => "uuid"
+  ));
   return;
 }
 
-if (isset($_SESSION['payment_ok']) && $_SESSION['payment_ok'] == true)
+// TODO: check if contract body matches URL parameters,
+// so we won't generate a response for the wrong receiver.
+$article = get($_GET["article"]);
+if (empty($article))
 {
-  $_SESSION['payment_ok'] = true;
-  http_response_code (301);
-  $url = (new http\URL($_SERVER['REQUEST_SCHEME'].'://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']))
-    ->mod(array ("path" => "essay_fulfillment.php?article=".$_SESSION['article']), http\Url::JOIN_PATH);
-  header("Location: $url");
-  die();
+  http_response_code(400);
+  echo json_encode(array(
+    "error" => "missing parameter",
+    "parameter" => "article"
+  ));
+  return;
 }
 
-$article = $_SESSION['article'];
-$post_body = file_get_contents('php://input');
-$deposit_permission = json_decode ($post_body, true);
-$to_add = array('max_fee' => array('value' => 3,
-                                   'fraction' => 8,
-                                   'currency' => $_SESSION['article_currency']),
-                'amount' => array('value' => $_SESSION['article_value'],
-                                  'fraction' => $_SESSION['article_fraction'],
-		                  'currency' => $_SESSION['article_currency']));
-$complete_deposit_permission = array_merge($deposit_permission, $to_add);
-
+$deposit_permission = file_get_contents('php://input');
+file_put_contents('/tmp/pay.dbg', 'about to pay', FILE_APPEND);
 $resp = give_to_backend($_SERVER['HTTP_HOST'],
                         "backend/pay",
-			json_encode($complete_deposit_permission, JSON_PRETTY_PRINT));
+			$deposit_permission);
 $status_code = $resp->getResponseCode();
 
-
 // Our response code is the same we got from the backend:
 http_response_code ($status_code);
 // Now generate our body  
 if ($status_code != 200)
 {
-  /* error: just forwarding to the wallet what
-    gotten from the backend (which is forwarding 'as is'
-    the error gotten from the mint) */
-  echo json_encode ($new_deposit_permission);
-  echo "Error came from the backend, payment undone. Status $status_code\n";
-  echo "\n";
-  echo $resp->body->toString ();
-}
-else
-{
-  $_SESSION['payment_ok'] = true;
-  if (!isset($_SESSION['allowed_articles']))
-    $_SESSION['allowed_articles'] = array ($article => true);
-  else $_SESSION['allowed_articles'] = array_merge($_SESSION['allowed_articles'], array ($article => true));
-  http_response_code (301);
-  $url = (new http\URL($_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']))
-    ->mod(array ("path" => "essay_fulfillment.php?article=$article"), http\Url::JOIN_PATH);
-  header("Location: $url");
+  $json = json_encode(
+    array(
+      "error" => "backend error",
+      "status" => $status_code,
+      "detail" => $resp->body->toString()));
+  echo $json;
   die();
 }
+
+session_start();
+
+$payments = &pull($_SESSION, "payments", array());
+$payments[$hc] = array(
+  'article' => $article,
+  'is_payed' => true
+);
+?>
diff --git a/src/frontend_lib/merchants.php b/src/frontend_lib/merchants.php
index 3495256b..510e0446 100644
--- a/src/frontend_lib/merchants.php
+++ b/src/frontend_lib/merchants.php
@@ -61,7 +61,7 @@ function generate_contract($amount_value,
   							             'region' => 'Test Region',
   								     'province' => 'Test Province',
   								     'ZIP code' => 4908)));
-  $json = json_encode (array ('contract' => $contract, 'exec_url' => $exec_url, 'pay_url' => $pay_url), JSON_PRETTY_PRINT);
+  $json = json_encode (array ('contract' => $contract, JSON_PRETTY_PRINT));
   return $json;
 }
 
diff --git a/src/frontend_lib/util.php b/src/frontend_lib/util.php
index 3f463a1a..724285da 100644
--- a/src/frontend_lib/util.php
+++ b/src/frontend_lib/util.php
@@ -12,7 +12,6 @@ function &pull(&$arr, $idx, $default) {
 }
 
 function url_join($base, $path, $strip=false) {
-  file_put_contents('/tmp/debug2', "Iteration:\n" . $base . "\n" . $path . "\n" . $strip, FILE_APPEND);
   $flags = $strip ? (http\Url::STRIP_PATH|http\URL::STRIP_QUERY) : 0;
   return (new http\URL($base, null, $flags))
     ->mod(array ("path" => $path), http\Url::JOIN_PATH|http\URL::SANITIZE_PATH)