skeleton implementation for /login

4 files changed, 153 insertions, 0 deletions

diff --git a/src/backend/Makefile.am b/src/backend/Makefile.am
index ef5b67bb..47716422 100644
--- a/src/backend/Makefile.am
+++ b/src/backend/Makefile.am
@@ -110,6 +110,8 @@ taler_merchant_httpd_SOURCES = \
     taler-merchant-httpd_private-post-instances.h \
   taler-merchant-httpd_private-post-instances-ID-auth.c \
     taler-merchant-httpd_private-post-instances-ID-auth.h \
+  taler-merchant-httpd_private-post-instances-ID-login.c \
+    taler-merchant-httpd_private-post-instances-ID-login.h \
   taler-merchant-httpd_private-post-orders-ID-refund.c \
     taler-merchant-httpd_private-post-orders-ID-refund.h \
   taler-merchant-httpd_private-post-orders.c \
diff --git a/src/backend/taler-merchant-httpd.c b/src/backend/taler-merchant-httpd.c
index c016b5aa..c07db1a5 100644
--- a/src/backend/taler-merchant-httpd.c
+++ b/src/backend/taler-merchant-httpd.c
@@ -72,6 +72,7 @@
 #include "taler-merchant-httpd_private-post-account.h"
 #include "taler-merchant-httpd_private-post-instances.h"
 #include "taler-merchant-httpd_private-post-instances-ID-auth.h"
+#include "taler-merchant-httpd_private-post-instances-ID-login.h"
 #include "taler-merchant-httpd_private-post-otp-devices.h"
 #include "taler-merchant-httpd_private-post-orders.h"
 #include "taler-merchant-httpd_private-post-orders-ID-refund.h"
@@ -750,6 +751,16 @@ url_handler (void *cls,
       /* Body should be pretty small. */
       .max_upload = 1024 * 1024
     },
+    /* POST /token: */
+    {
+      .url_prefix = "/instances/",
+      .url_suffix = "token",
+      .method = MHD_HTTP_METHOD_POST,
+      .have_id_segment = true,
+      .handler = &TMH_private_post_instances_ID_auth,
+      /* Body should be tiny. */
+      .max_upload = 1024
+    },
     /* POST /kyc: */
     {
       .url_prefix = "/instances/",
diff --git a/src/backend/taler-merchant-httpd_private-post-instances-ID-login.c b/src/backend/taler-merchant-httpd_private-post-instances-ID-login.c
new file mode 100644
index 00000000..80a40693
--- /dev/null
+++ b/src/backend/taler-merchant-httpd_private-post-instances-ID-login.c
@@ -0,0 +1,96 @@
+/*
+  This file is part of GNU Taler
+  (C) 2023 Taler Systems SA
+
+  GNU Taler is free software; you can redistribute it and/or modify
+  it under the terms of the GNU Affero General Public License as
+  published by the Free Software Foundation; either version 3,
+  or (at your option) any later version.
+
+  GNU Taler is distributed in the hope that it will be useful, but
+  WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+
+  You should have received a copy of the GNU General Public
+  License along with TALER; see the file COPYING.  If not,
+  see <http://www.gnu.org/licenses/>
+*/
+
+/**
+ * @file taler-merchant-httpd_private-post-instances-ID-login.c
+ * @brief implementing POST /instances/$ID/login request handling
+ * @author Christian Grothoff
+ */
+#include "platform.h"
+#include "taler-merchant-httpd_private-post-instances-ID-login.h"
+#include "taler-merchant-httpd_helper.h"
+#include <taler/taler_json_lib.h>
+
+
+/**
+ * Maximum duration for the validity of a login token.
+ */
+#define MAX_DURATION GNUNET_TIME_UNIT_DAYS
+
+
+MHD_RESULT
+TMH_private_post_instances_ID_login (const struct TMH_RequestHandler *rh,
+                                     struct MHD_Connection *connection,
+                                     struct TMH_HandlerContext *hc)
+{
+  struct TMH_MerchantInstance *mi = hc->instance;
+  json_t *jlogin = hc->request_body;
+  const char *scope;
+  bool refreshable = false;
+  struct GNUNET_TIME_Relative duration
+    = MAX_DURATION;
+  struct GNUNET_TIME_Timestamp expiration_time;
+  struct GNUNET_JSON_Specification spec[] = {
+    GNUNET_JSON_spec_string ("scope",
+                             &scope),
+    GNUNET_JSON_spec_mark_optional (
+      GNUNET_JSON_spec_relative_time ("duration",
+                                      &duration),
+      NULL),
+    GNUNET_JSON_spec_mark_optional (
+      GNUNET_JSON_spec_bool ("refreshable",
+                             &refreshable),
+      NULL),
+    GNUNET_JSON_spec_end ()
+  };
+  char *token;
+  MHD_RESULT ret;
+  
+  {
+    enum GNUNET_GenericReturnValue res;
+
+    res = TALER_MHD_parse_json_data (connection,
+                                     jlogin,
+                                     spec);
+    if (GNUNET_OK != res)
+      return (GNUNET_NO == res) ? MHD_YES : MHD_NO;
+  }
+  duration = GNUNET_TIME_relative_min (duration,
+                                       MAX_DURATION);
+  expiration_time = GNUNET_TIME_relative_to_timestamp (duration);
+  token = GNUNET_strdup ("FIXME-foo");
+  (void) mi;
+  
+  ret = TALER_MHD_REPLY_JSON_PACK (
+    connection,
+    MHD_HTTP_OK,
+    GNUNET_JSON_pack_string ("token",
+                             token),
+    GNUNET_JSON_pack_string ("scope",
+                             scope),
+    GNUNET_JSON_pack_bool ("refreshable",
+                           refreshable),
+    GNUNET_JSON_pack_timestamp ("expiration",
+                                expiration_time));
+  GNUNET_free (token);
+  return ret;
+}
+
+
+/* end of taler-merchant-httpd_private-post-instances-ID-login.c */
diff --git a/src/backend/taler-merchant-httpd_private-post-instances-ID-login.h b/src/backend/taler-merchant-httpd_private-post-instances-ID-login.h
new file mode 100644
index 00000000..388fbc7d
--- /dev/null
+++ b/src/backend/taler-merchant-httpd_private-post-instances-ID-login.h
@@ -0,0 +1,44 @@
+/*
+  This file is part of GNU Taler
+  (C) 2023 Taler Systems SA
+
+  GNU Taler is free software; you can redistribute it and/or modify
+  it under the terms of the GNU Affero General Public License as
+  published by the Free Software Foundation; either version 3,
+  or (at your option) any later version.
+
+  GNU Taler is distributed in the hope that it will be useful, but
+  WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+
+  You should have received a copy of the GNU General Public
+  License along with TALER; see the file COPYING.  If not,
+  see <http://www.gnu.org/licenses/>
+*/
+
+/**
+ * @file taler-merchant-httpd_private-post-instances-ID-login.h
+ * @brief implements POST /instances/$ID/login request handling
+ * @author Christian Grothoff
+ */
+#ifndef TALER_MERCHANT_HTTPD_PRIVATE_POST_INSTANCES_ID_LOGIN_H
+#define TALER_MERCHANT_HTTPD_PRIVATE_POST_INSTANCES_ID_LOGIN_H
+#include "taler-merchant-httpd.h"
+
+
+/**
+ * Obtain a login token for an instance.
+ *
+ * @param rh context of the handler
+ * @param connection the MHD connection to handle
+ * @param[in,out] hc context with further information about the request
+ * @return MHD result code
+ */
+MHD_RESULT
+TMH_private_post_instances_ID_login (const struct TMH_RequestHandler *rh,
+                                     struct MHD_Connection *connection,
+                                     struct TMH_HandlerContext *hc);
+
+
+#endif