diff options
| author | Christian Grothoff <christian@grothoff.org> | 2020-04-30 17:36:38 +0200 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2020-04-30 17:36:38 +0200 |
| commit | 3f5bc6fa636e278d54f8a17c6f4d4b15cc63608f (patch) | |
| tree | f83b684496ca098f2a3a956a3a9be9bf47647c68 /src | |
| parent | f5c484e625cde6b6822ea75c20cecf8f4db7c54d (diff) | |
| download | merchant-3f5bc6fa636e278d54f8a17c6f4d4b15cc63608f.tar.gz merchant-3f5bc6fa636e278d54f8a17c6f4d4b15cc63608f.tar.bz2 merchant-3f5bc6fa636e278d54f8a17c6f4d4b15cc63608f.zip | |
update pay logic
Diffstat (limited to 'src')
| -rw-r--r-- | src/include/taler_merchant_service.h | 39 | ||||
| -rw-r--r-- | src/lib/Makefile.am | 1 | ||||
| -rw-r--r-- | src/lib/merchant_api_post_order_abort.c | 1067 | ||||
| -rw-r--r-- | src/lib/merchant_api_post_order_pay.c | 943 |
4 files changed, 1356 insertions, 694 deletions
diff --git a/src/include/taler_merchant_service.h b/src/include/taler_merchant_service.h index 39509de9..d5edcff5 100644 --- a/src/include/taler_merchant_service.h +++ b/src/include/taler_merchant_service.h @@ -1508,8 +1508,8 @@ struct TALER_MERCHANT_PaidCoin * * @param ctx execution context * @param merchant_url base URL of the merchant - * @param merchant_pub public key of the merchant * @param order_id which order should be paid + * @param session_id session to pay for, or NULL for none * @param num_coins length of the @a coins array * @param coins array of coins to pay with * @param pay_cb the callback to call when a reply for this request is available @@ -1520,8 +1520,8 @@ struct TALER_MERCHANT_OrderPayHandle * TALER_MERCHANT_order_pay_frontend ( struct GNUNET_CURL_Context *ctx, const char *merchant_url, - const struct TALER_MerchantPublicKeyP *merchant_pub, const char *order_id, + const char *session_id, unsigned int num_coins, const struct TALER_MERCHANT_PaidCoin coins[], TALER_MERCHANT_OrderPayCallback pay_cb, @@ -1584,6 +1584,7 @@ struct TALER_MERCHANT_PayCoin * * @param ctx execution context * @param merchant_url base URL of the merchant + * @param session_id session to pay for, or NULL for none * @param h_wire hash of the merchant’s account details * @param h_contract hash of the contact of the merchant with the customer * @param transaction_id transaction id for the transaction between merchant and customer @@ -1602,23 +1603,23 @@ struct TALER_MERCHANT_PayCoin * @return a handle for this request */ struct TALER_MERCHANT_OrderPayHandle * -TALER_MERCHANT_order_pay ( - struct GNUNET_CURL_Context *ctx, - const char *merchant_url, - const struct GNUNET_HashCode *h_contract, - const struct TALER_Amount *amount, - const struct TALER_Amount *max_fee, - const struct TALER_MerchantPublicKeyP *merchant_pub, - const struct TALER_MerchantSignatureP *merchant_sig, - struct GNUNET_TIME_Absolute timestamp, - struct GNUNET_TIME_Absolute refund_deadline, - struct GNUNET_TIME_Absolute pay_deadline, - const struct GNUNET_HashCode *h_wire, - const char *order_id, - unsigned int num_coins, - const struct TALER_MERCHANT_PayCoin coins[], - TALER_MERCHANT_OrderPayCallback pay_cb, - void *pay_cb_cls); +TALER_MERCHANT_order_pay (struct GNUNET_CURL_Context *ctx, + const char *merchant_url, + const char *session_id, + const struct GNUNET_HashCode *h_contract, + const struct TALER_Amount *amount, + const struct TALER_Amount *max_fee, + const struct TALER_MerchantPublicKeyP *merchant_pub, + const struct TALER_MerchantSignatureP *merchant_sig, + struct GNUNET_TIME_Absolute timestamp, + struct GNUNET_TIME_Absolute refund_deadline, + struct GNUNET_TIME_Absolute pay_deadline, + const struct GNUNET_HashCode *h_wire, + const char *order_id, + unsigned int num_coins, + const struct TALER_MERCHANT_PayCoin coins[], + TALER_MERCHANT_OrderPayCallback pay_cb, + void *pay_cb_cls); /** diff --git a/src/lib/Makefile.am b/src/lib/Makefile.am index b4d9386d..02e8b229 100644 --- a/src/lib/Makefile.am +++ b/src/lib/Makefile.am @@ -30,6 +30,7 @@ libtalermerchant_la_SOURCES = \ merchant_api_post_products.c \ merchant_api_post_orders.c \ merchant_api_post_order_claim.c \ + merchant_api_post_order_pay.c \ \ merchant_api_check_payment.c \ merchant_api_history.c \ diff --git a/src/lib/merchant_api_post_order_abort.c b/src/lib/merchant_api_post_order_abort.c new file mode 100644 index 00000000..f860f3a8 --- /dev/null +++ b/src/lib/merchant_api_post_order_abort.c @@ -0,0 +1,1067 @@ +/* + This file is part of TALER + Copyright (C) 2014, 2015, 2016, 2017, 2020 Taler Systems SA + + TALER is free software; you can redistribute it and/or modify + it under the terms of the GNU Lesser General Public License as + published by the Free Software Foundation; either version 2.1, + or (at your option) any later version. + + TALER is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General + Public License along with TALER; see the file COPYING.LGPL. + If not, see <http://www.gnu.org/licenses/> +*/ +/** + * @file lib/merchant_api_pay.c + * @brief Implementation of the /pay request + * of the merchant's HTTP API + * @author Christian Grothoff + * @author Marcello Stanisci + */ +#include "platform.h" +#include <curl/curl.h> +#include <jansson.h> +#include <microhttpd.h> /* just for HTTP status codes */ +#include <gnunet/gnunet_util_lib.h> +#include <gnunet/gnunet_curl_lib.h> +#include "taler_merchant_service.h" +#include <taler/taler_json_lib.h> +#include <taler/taler_signatures.h> +#include <taler/taler_exchange_service.h> +#include <taler/taler_curl_lib.h> + + +/** + * @brief A Pay Handle + */ +struct TALER_MERCHANT_Pay +{ + + /** + * The url for this request. + */ + char *url; + + /** + * Handle for the request. + */ + struct GNUNET_CURL_Job *job; + + /** + * Function to call with the result in "pay" @e mode. + */ + TALER_MERCHANT_OrderPayCallback pay_cb; + + /** + * Closure for @a pay_cb. + */ + void *pay_cb_cls; + + /** + * Function to call with the result in "abort-refund" @e mode. + */ + TALER_MERCHANT_PayRefundCallback abort_cb; + + /** + * Closure for @a abort_cb. + */ + void *abort_cb_cls; + + /** + * Operational mode, either "pay" or "abort-refund". + */ + const char *mode; + + /** + * Reference to the execution context. + */ + struct GNUNET_CURL_Context *ctx; + + /** + * Minor context that holds body and headers. + */ + struct TALER_CURL_PostContext post_ctx; + + /** + * The coins we are paying with. + */ + struct TALER_MERCHANT_PaidCoin *coins; + + /** + * Number of @e coins we are paying with. + */ + unsigned int num_coins; + + /** + * Hash of the contract, only available in "abort-refund" mode. + */ + struct GNUNET_HashCode h_contract_terms; + +}; + + +/** + * Check that the response for a /pay refund is well-formed, + * and call the application callback with the result if it is + * OK. Otherwise returns #GNUNET_SYSERR. + * + * @param ph handle to operation that created the reply + * @param json the reply to parse + * @return #GNUNET_OK on success + */ +static int +check_abort_refund (struct TALER_MERCHANT_Pay *ph, + const json_t *json) +{ + json_t *refunds; + unsigned int num_refunds; + struct TALER_MerchantPublicKeyP merchant_pub; + struct GNUNET_JSON_Specification spec[] = { + GNUNET_JSON_spec_json ("refund_permissions", &refunds), + GNUNET_JSON_spec_fixed_auto ("merchant_pub", &merchant_pub), + GNUNET_JSON_spec_end () + }; + + if (GNUNET_OK != + GNUNET_JSON_parse (json, + spec, + NULL, NULL)) + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } + num_refunds = json_array_size (refunds); + { + struct TALER_MERCHANT_RefundEntry res[GNUNET_NZL (num_refunds)]; + + for (unsigned int i = 0; i<num_refunds; i++) + { + struct TALER_MerchantSignatureP *sig = &res[i].merchant_sig; + json_t *refund = json_array_get (refunds, i); + struct GNUNET_JSON_Specification spec_detail[] = { + GNUNET_JSON_spec_fixed_auto ("merchant_sig", + sig), + GNUNET_JSON_spec_fixed_auto ("coin_pub", + &res[i].coin_pub), + GNUNET_JSON_spec_uint64 ("rtransaction_id", + &res[i].rtransaction_id), + GNUNET_JSON_spec_end () + }; + int found; + + if (GNUNET_OK != + GNUNET_JSON_parse (refund, + spec_detail, + NULL, NULL)) + { + GNUNET_break_op (0); + GNUNET_JSON_parse_free (spec); + return GNUNET_SYSERR; + } + + found = -1; + for (unsigned int j = 0; j<ph->num_coins; j++) + { + if (0 == memcmp (&ph->coins[j].coin_pub, + &res[i].coin_pub, + sizeof + (struct TALER_CoinSpendPublicKeyP))) + { + found = j; + break; + } + } + if (-1 == found) + { + GNUNET_break_op (0); + GNUNET_JSON_parse_free (spec); + return GNUNET_SYSERR; + } + + { + struct TALER_RefundRequestPS rr = { + .purpose.purpose = htonl (TALER_SIGNATURE_MERCHANT_REFUND), + .purpose.size = htonl (sizeof (struct TALER_RefundRequestPS)), + .h_contract_terms = ph->h_contract_terms, + .coin_pub = res[i].coin_pub, + .merchant = merchant_pub, + .rtransaction_id = GNUNET_htonll (res[i].rtransaction_id) + }; + + TALER_amount_hton (&rr.refund_amount, + &ph->coins[found].amount_with_fee); + TALER_amount_hton (&rr.refund_fee, + &ph->coins[found].refund_fee); + if (GNUNET_OK != + GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MERCHANT_REFUND, + &rr, + &sig->eddsa_sig, + &merchant_pub.eddsa_pub)) + { + GNUNET_break_op (0); + GNUNET_JSON_parse_free (spec); + return GNUNET_SYSERR; + } + } + } + { + struct TALER_MERCHANT_HttpResponse hr = { + .reply = json, + .http_status = MHD_HTTP_OK + }; + + ph->abort_cb (ph->abort_cb_cls, + &hr, + &merchant_pub, + &ph->h_contract_terms, + num_refunds, + res); + } + ph->abort_cb = NULL; + } + GNUNET_JSON_parse_free (spec); + return GNUNET_OK; +} + + +/** + * We got a 403 response back from the exchange (or the merchant). + * Now we need to check the provided cryptographic proof that the + * coin was actually already spent! + * + * @param pc handle of the original coin we paid with + * @param json cryptographic proof of coin's transaction + * history as was returned by the exchange/merchant + * @return #GNUNET_OK if proof checks out + */ +static int +check_coin_history (const struct TALER_MERCHANT_PaidCoin *pc, + json_t *json) +{ + struct TALER_Amount spent; + struct TALER_Amount spent_plus_contrib; + + if (GNUNET_OK != + TALER_EXCHANGE_verify_coin_history (NULL, /* do not verify fees */ + pc->amount_with_fee.currency, + &pc->coin_pub, + json, + &spent)) + { + /* Exchange's history fails to verify */ + GNUNET_break_op (0); + return GNUNET_SYSERR; + } + if (0 > + TALER_amount_add (&spent_plus_contrib, + &spent, + &pc->amount_with_fee)) + { + /* We got an integer overflow? Bad application! */ + GNUNET_break (0); + return GNUNET_SYSERR; + } + if (-1 != TALER_amount_cmp (&pc->denom_value, + &spent_plus_contrib)) + { + /* according to our calculations, the transaction should + have still worked, exchange error! */ + GNUNET_break_op (0); + return GNUNET_SYSERR; + } + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "Accepting proof of double-spending\n"); + return GNUNET_OK; +} + + +/** + * We got a 409 response back from the exchange (or the merchant). + * Now we need to check the provided cryptographic proof that the + * coin was actually already spent! + * + * @param ph handle of the original pay operation + * @param json cryptographic proof returned by the + * exchange/merchant + * @return #GNUNET_OK if proof checks out + */ +static int +check_conflict (struct TALER_MERCHANT_Pay *ph, + const json_t *json) +{ + json_t *history; + json_t *ereply; + struct TALER_CoinSpendPublicKeyP coin_pub; + struct GNUNET_JSON_Specification spec[] = { + GNUNET_JSON_spec_json ("exchange_reply", &ereply), + GNUNET_JSON_spec_fixed_auto ("coin_pub", &coin_pub), + GNUNET_JSON_spec_end () + }; + struct GNUNET_JSON_Specification hspec[] = { + GNUNET_JSON_spec_json ("history", &history), + GNUNET_JSON_spec_end () + }; + + if (GNUNET_OK != + GNUNET_JSON_parse (json, + spec, + NULL, NULL)) + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } + if (GNUNET_OK != + GNUNET_JSON_parse (ereply, + hspec, + NULL, NULL)) + { + GNUNET_break_op (0); + GNUNET_JSON_parse_free (spec); + return GNUNET_SYSERR; + } + GNUNET_JSON_parse_free (spec); + + for (unsigned int i = 0; i<ph->num_coins; i++) + { + if (0 == memcmp (&ph->coins[i].coin_pub, + &coin_pub, + sizeof (struct TALER_CoinSpendPublicKeyP))) + { + int ret; + + ret = check_coin_history (&ph->coins[i], + history); + GNUNET_JSON_parse_free (hspec); + return ret; + } + } + GNUNET_break_op (0); /* complaint is not about any of the coins + that we actually paid with... */ + GNUNET_JSON_parse_free (hspec); + return GNUNET_SYSERR; +} + + +/** + * Function called when we're done processing the + * HTTP /pay request. + * + * @param cls the `struct TALER_MERCHANT_Pay` + * @param response_code HTTP response code, 0 on error + * @param json response body, NULL if not in JSON + */ +static void +handle_pay_finished (void *cls, + long response_code, + const void *response) +{ + struct TALER_MERCHANT_Pay *ph = cls; + const json_t *json = response; + struct TALER_MERCHANT_HttpResponse hr = { + .http_status = (unsigned int) response_code, + .reply = json + }; + + ph->job = NULL; + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "/pay completed with response code %u\n", + (unsigned int) response_code); + if (0 == strcasecmp (ph->mode, + "pay")) + { + switch (response_code) + { + case 0: + hr.ec = TALER_EC_INVALID_RESPONSE; + break; + case MHD_HTTP_OK: + break; + /* Tolerating Not Acceptable because sometimes + * - especially in tests - we might want to POST + * coins one at a time. */ + case MHD_HTTP_NOT_ACCEPTABLE: + hr.ec = TALER_JSON_get_error_code (json); + hr.hint = TALER_JSON_get_error_hint (json); + break; + case MHD_HTTP_BAD_REQUEST: + hr.ec = TALER_JSON_get_error_code (json); + hr.hint = TALER_JSON_get_error_hint (json); + /* This should never happen, either us + * or the merchant is buggy (or API version conflict); + * just pass JSON reply to the application */ + break; + case MHD_HTTP_FORBIDDEN: + hr.ec = TALER_JSON_get_error_code (json); + hr.hint = TALER_JSON_get_error_hint (json); + /* Nothing really to verify, merchant says we tried to abort the payment + * after it was successful. We should pass the JSON reply to the + * application */ + break; + case MHD_HTTP_NOT_FOUND: + hr.ec = TALER_JSON_get_error_code (json); + hr.hint = TALER_JSON_get_error_hint (json); + /* Nothing really to verify, this should never + happen, we should pass the JSON reply to the + application */ + break; + case MHD_HTTP_PRECONDITION_FAILED: + TALER_MERCHANT_parse_error_details_ (json, + response_code, + &hr); + /* Nothing really to verify, the merchant is blaming us for failing to + satisfy some constraint (likely it does not like our exchange because + of some disagreement on the PKI). We should pass the JSON reply to the + application */ + break; + case MHD_HTTP_REQUEST_TIMEOUT: + hr.ec = TALER_JSON_get_error_code (json); + hr.hint = TALER_JSON_get_error_hint (json); + /* The merchant couldn't generate a timely response, likely because + it itself waited too long on the exchange. + Pass on to application. */ + break; + case MHD_HTTP_CONFLICT: + hr.ec = TALER_JSON_get_error_code (json); + hr.hint = TALER_JSON_get_error_hint (json); + if (GNUNET_OK != check_conflict (ph, + json)) + { + GNUNET_break_op (0); + response_code = 0; + } + break; + case MHD_HTTP_GONE: + hr.ec = TALER_JSON_get_error_code (json); + hr.hint = TALER_JSON_get_error_hint (json); + /* The merchant says we are too late, the offer has expired or some + denomination key of a coin involved has expired. + Might be a disagreement in timestamps? Still, pass on to application. */ + break; + case MHD_HTTP_FAILED_DEPENDENCY: + TALER_MERCHANT_parse_error_details_ (json, + response_code, + &hr); + /* Nothing really to verify, the merchant is blaming the exchange. + We should pass the JSON reply to the application */ + break; + case MHD_HTTP_INTERNAL_SERVER_ERROR: + hr.ec = TALER_JSON_get_error_code (json); + hr.hint = TALER_JSON_get_error_hint (json); + /* Server had an internal issue; we should retry, + but this API leaves this to the application */ + break; + case MHD_HTTP_SERVICE_UNAVAILABLE: + TALER_MERCHANT_parse_error_details_ (json, + response_code, + &hr); + /* Exchange couldn't respond properly; the retry is + left to the application */ + break; + default: + TALER_MERCHANT_parse_error_details_ (json, + response_code, + &hr); + /* unexpected response code */ + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Unexpected response code %u/%d\n", + (unsigned int) response_code, + (int) hr.ec); + GNUNET_break_op (0); + break; + } + ph->pay_cb (ph->pay_cb_cls, + &hr); + } + else + { + GNUNET_assert (0 == strcasecmp (ph->mode, + "abort-refund")); + + switch (response_code) + { + case 0: + hr.ec = TALER_EC_INVALID_RESPONSE; + break; + case MHD_HTTP_OK: + if (GNUNET_OK == + check_abort_refund (ph, + json)) + { + TALER_MERCHANT_pay_cancel (ph); + return; + } + hr.http_status = 0; + hr.ec = TALER_EC_PAY_MERCHANT_INVALID_RESPONSE; + break; + case MHD_HTTP_BAD_REQUEST: + hr.ec = TALER_JSON_get_error_code (json); + hr.hint = TALER_JSON_get_error_hint (json); + /* This should never happen, either us or the + merchant is buggy (or API version conflict); just + pass JSON reply to the application */ + break; + case MHD_HTTP_CONFLICT: + hr.ec = TALER_JSON_get_error_code (json); + hr.hint = TALER_JSON_get_error_hint (json); + break; + case MHD_HTTP_FORBIDDEN: + hr.ec = TALER_JSON_get_error_code (json); + hr.hint = TALER_JSON_get_error_hint (json); + /* Nothing really to verify, merchant says one of + the signatures is invalid; as we checked them, + this should never happen, we should pass the JSON + reply to the application */ + break; + case MHD_HTTP_NOT_FOUND: + hr.ec = TALER_JSON_get_error_code (json); + hr.hint = TALER_JSON_get_error_hint (json); + /* Nothing really to verify, this should never + happen, we should pass the JSON reply to the + application */ + break; + case MHD_HTTP_FAILED_DEPENDENCY: + TALER_MERCHANT_parse_error_details_ (json, + response_code, + &hr); + /* Nothing really to verify, the merchant is blaming the exchange. + We should pass the JSON reply to the application */ + break; + case MHD_HTTP_INTERNAL_SERVER_ERROR: + hr.ec = TALER_JSON_get_error_code (json); + hr.hint = TALER_JSON_get_error_hint (json); + /* Server had an internal issue; we should retry, + but this API leaves this to the application */ + break; + default: + /* unexpected response code */ + TALER_MERCHANT_parse_error_details_ (json, + response_code, + &hr); + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Unexpected response code %u/%d\n", + (unsigned int) response_code, + (int) hr.ec); + GNUNET_break_op (0); + break; + } + ph->abort_cb (ph->abort_cb_cls, + &hr, + NULL, + NULL, + 0, + NULL); + } + TALER_MERCHANT_pay_cancel (ph); +} + + +/** + * Issue /pay request. Generic version for the various + * variants of the API. + * + * @param ctx the execution loop context + * @param merchant_url base URL of the merchant's backend + * @param merchant_pub public key of the merchant + * @param num_coins number of coins used to pay + * @param coins array of coins we use to pay + * @param mode mode string to use ("pay" or "abort-refund"). + * @param pay_cb the callback to call when a reply for this + * request is available + * @param pay_cb_cls closure for @a pay_cb + * @param abort_cb callback to call for the abort-refund variant + * @param abort_cb_cls closure for @a abort_cb + * @return a handle for this request + */ +static struct TALER_MERCHANT_Pay * +request_pay_generic ( + struct GNUNET_CURL_Context *ctx, + const char *merchant_url, + const struct TALER_MerchantPublicKeyP *merchant_pub, + const char *order_id, + unsigned int num_coins, + const struct TALER_MERCHANT_PaidCoin *coins, + const char *mode, + TALER_MERCHANT_OrderPayCallback pay_cb, + void *pay_cb_cls, + TALER_MERCHANT_PayRefundCallback abort_cb, + void *abort_cb_cls) +{ + struct TALER_MERCHANT_Pay *ph; + json_t *pay_obj; + json_t *j_coins; + CURL *eh; + struct TALER_Amount total_fee; + struct TALER_Amount total_amount; + + if (0 == num_coins) + { + GNUNET_break (0); + return NULL; + } + j_coins = json_array (); + for (unsigned int i = 0; i<num_coins; i++) + { + json_t *j_coin; + const struct TALER_MERCHANT_PaidCoin *pc = &coins[i]; + struct TALER_Amount fee; + + if (0 > + TALER_amount_subtract (&fee, + &pc->amount_with_fee, + &pc->amount_without_fee)) + { + /* Integer underflow, fee larger than total amount? + This should not happen (client violated API!) */ + GNUNET_break (0); + json_decref (j_coins); + return NULL; + } + if (0 == i) + { + total_fee = fee; + total_amount = pc->amount_with_fee; + } + else + { + if ( (0 > + TALER_amount_add (&total_fee, + &total_fee, + &fee)) || + (0 > + TALER_amount_add (&total_amount, + &total_amount, + &pc->amount_with_fee)) ) + { + /* integer overflow */ + GNUNET_break (0); + json_decref (j_coins); + return NULL; + } + } + + /* create JSON for this coin */ + j_coin = json_pack ( + "{s:o, s:o," /* contribution/coin_pub */ + " s:s, s:o," /* exchange_url / denom_pub */ + " s:o, s:o}", /* ub_sig / coin_sig */ + "contribution", + TALER_JSON_from_amount (&pc->amount_with_fee), + "coin_pub", + GNUNET_JSON_from_data_auto (&pc->coin_pub), + "exchange_url", + pc->exchange_url, + "denom_pub", + GNUNET_JSON_from_rsa_public_key (pc->denom_pub.rsa_public_key), + "ub_sig", + GNUNET_JSON_from_rsa_signature (pc->denom_sig.rsa_signature), + "coin_sig", + GNUNET_JSON_from_data_auto (&pc->coin_sig)); + if (0 != + json_array_append_new (j_coins, + j_coin)) + { + GNUNET_break (0); + json_decref (j_coins); + return NULL; + } + } + + pay_obj = json_pack ("{" + " s:s," /* mode */ + " s:o," /* coins */ + " s:s," /* order_id */ + " s:o," /* merchant_pub */ + "}", + "mode", + mode, + "coins", + j_coins, /* reference consumed! */ + "order_id", + order_id, + "merchant_pub", + GNUNET_JSON_from_data_auto (merchant_pub)); + if (NULL == pay_obj) + { + GNUNET_break (0); + return NULL; + } + ph = GNUNET_new (struct TALER_MERCHANT_Pay); + ph->ctx = ctx; + ph->mode = mode; + ph->abort_cb = abort_cb; + ph->abort_cb_cls = abort_cb_cls; + ph->pay_cb = pay_cb; + ph->pay_cb_cls = pay_cb_cls; + ph->url = TALER_url_join (merchant_url, "pay", NULL); + if (NULL == ph->url) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Could not construct request URL.\n"); + json_decref (pay_obj); + GNUNET_free (ph); + return NULL; + } + ph->num_coins = num_coins; + ph->coins = GNUNET_new_array (num_coins, + struct TALER_MERCHANT_PaidCoin); + memcpy (ph->coins, + coins, + num_coins * sizeof (struct TALER_MERCHANT_PaidCoin)); + + eh = curl_easy_init (); + if (GNUNET_OK != TALER_curl_easy_post (&ph->post_ctx, + eh, + pay_obj)) + { + GNUNET_break (0); + json_decref (pay_obj); + GNUNET_free (ph); + return NULL; + } + + json_decref (pay_obj); + GNUNET_assert (CURLE_OK == curl_easy_setopt (eh, + CURLOPT_URL, + ph->url)); + ph->job = GNUNET_CURL_job_add2 (ctx, + eh, + ph->post_ctx.headers, + &handle_pay_finished, + ph); + return ph; +} + + +/** + * Pay a merchant. API for wallets that have the coin's private + * keys. + * _NOTE_: this function does NOT calculate each coin amount in + * order to match the contract total price. This calculation is + * to be made by the logic using this library. + * + * @param ctx the execution loop context + * @param merchant_url base URL of the merchant's backend + * @param h_contract_terms hashcode of the proposal being paid + * @param amount total value of the contract to be paid to the + * merchant + * @param max_fee maximum fee covered by the merchant + * (according to the contract) + * @param merchant_pub the public key of the merchant + * (used to identify the merchant for refund requests) + * @param merchant_sig signature from the merchant over the + * original contract + * @param timestamp timestamp when the contract was finalized, + * must match approximately the current time of the merchant + * @param refund_deadline date until which the merchant can issue + * a refund to the customer via the merchant (can be zero + * if refunds are not allowed) + * @param pay_deadline maximum time limit to pay for this contract + * @param h_wire hash of the merchant’s account details + * @param order_id order id of the proposal being paid + * @param num_coins number of coins used to pay + * @param coins array of coins we use to pay + * @param pay_cb the callback to call when a reply for this + * request is available + * @param pay_cb_cls closure for @a pay_cb + * @return a handle for this request + */ +static struct TALER_MERCHANT_Pay * +prepare_pay_generic (struct GNUNET_CURL_Context *ctx, + const char *merchant_url, + const struct GNUNET_HashCode *h_contract_terms, + const struct TALER_Amount *amount, + const struct TALER_Amount *max_fee, + const struct TALER_MerchantPublicKeyP *merchant_pub, + const struct TALER_MerchantSignatureP *merchant_sig, + struct GNUNET_TIME_Absolute timestamp, + struct GNUNET_TIME_Absolute refund_deadline, + struct GNUNET_TIME_Absolute pay_deadline, + const struct GNUNET_HashCode *h_wire, + const char *order_id, + unsigned int num_coins, + const struct TALER_MERCHANT_PayCoin *coins, + const char *mode, + TALER_MERCHANT_PayCallback pay_cb, + void *pay_cb_cls, + TALER_MERCHANT_PayRefundCallback abort_cb, + void *abort_cb_cls) +{ + struct TALER_DepositRequestPS dr; + struct TALER_MERCHANT_PaidCoin pc[num_coins]; + + (void) GNUNET_TIME_round_abs (×tamp); + (void) GNUNET_TIME_round_abs (&pay_deadline); + (void) GNUNET_TIME_round_abs (&refund_deadline); + + if (GNUNET_YES != + TALER_amount_cmp_currency (amount, + max_fee)) + { + GNUNET_break (0); + return NULL; + } + + dr.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_DEPOSIT); + dr.purpose.size = htonl (sizeof (struct TALER_DepositRequestPS)); + dr.h_contract_terms = *h_contract_terms; + dr.h_wire = *h_wire; + dr.timestamp = GNUNET_TIME_absolute_hton (timestamp); + dr.refund_deadline = GNUNET_TIME_absolute_hton (refund_deadline); + dr.merchant = *merchant_pub; + + for (unsigned int i = 0; i<num_coins; i++) + { + const struct TALER_MERCHANT_PayCoin *coin = &coins[i]; // coin priv. + struct TALER_MERCHANT_PaidCoin *p = &pc[i]; // coin pub. + struct TALER_Amount fee; + + /* prepare 'dr' for this coin to generate coin signature */ + GNUNET_CRYPTO_eddsa_key_get_public (&coin->coin_priv.eddsa_priv, + &dr.coin_pub.eddsa_pub); + TALER_amount_hton (&dr.amount_with_fee, + &coin->amount_with_fee); + if (0 > + TALER_amount_subtract (&fee, + &coin->amount_with_fee, + &coin->amount_without_fee)) + { + /* Integer underflow, fee larger than total amount? + This should not happen (client violated API!) */ + GNUNET_break (0); + return NULL; + } + TALER_amount_hton (&dr.deposit_fee, + &fee); + { + TALER_LOG_DEBUG ("... amount_with_fee was %s\n", + TALER_amount2s (&coin->amount_with_fee)); + TALER_LOG_DEBUG ("... fee was %s\n", + TALER_amount2s (&fee)); + } + + GNUNET_CRYPTO_eddsa_sign (&coin->coin_priv.eddsa_priv, + &dr, + &p->coin_sig.eddsa_signature); + p->denom_pub = coin->denom_pub; + p->denom_sig = coin->denom_sig; + p->denom_value = coin->denom_value; + p->coin_pub = dr.coin_pub; + p->amount_with_fee = coin->amount_with_fee; + p->amount_without_fee = coin->amount_without_fee; + p->refund_fee = coin->refund_fee; + p->exchange_url = coin->exchange_url; + } + return request_pay_generic (ctx, + merchant_url, + merchant_pub, + order_id, + num_coins, + pc, + mode, + pay_cb, + pay_cb_cls, + abort_cb, + abort_cb_cls); +} + + +/** + * Pay a merchant. API for wallets that have the coin's private keys. + * _NOTE_: this function does NOT calculate each coin amount in order + * to match the contract total price. This calculation is to be made + * by the logic using this library. + * + * @param ctx the execution loop context + * @param merchant_url base URL of the merchant's backend + * @param h_contract_terms hashcode of the proposal being paid + * @param amount total value of the contract to be paid to the merchant + * @param max_fee maximum fee covered by the merchant (according to the contract) + * @param merchant_pub the public key of the merchant (used to identify the merchant for refund requests) + * @param merchant_sig signature from the merchant over the original contract + * @param timestamp timestamp when the contract was finalized, must match approximately the current time of the merchant + * @param refund_deadline date until which the merchant can issue a refund to the customer via the merchant (can be zero if refunds are not allowed) + * @param pay_deadline maximum time limit to pay for this contract + * @param h_wire hash of the merchant’s account details + * @param order_id order id of the proposal being paid + * @param num_coins number of coins used to pay + * @param coins array of coins we use to pay + * @param pay_cb the callback to call when a reply for this request is available + * @param pay_cb_cls closure for @a pay_cb + * @return a handle for this request + */ +struct TALER_MERCHANT_Pay * +TALER_MERCHANT_pay_wallet (struct GNUNET_CURL_Context *ctx, + const char *merchant_url, + const struct GNUNET_HashCode *h_contract_terms, + const struct TALER_Amount *amount, + const struct TALER_Amount *max_fee, + const struct TALER_MerchantPublicKeyP *merchant_pub, + const struct TALER_MerchantSignatureP *merchant_sig, + struct GNUNET_TIME_Absolute timestamp, + struct GNUNET_TIME_Absolute refund_deadline, + struct GNUNET_TIME_Absolute pay_deadline, + const struct GNUNET_HashCode *h_wire, + const char *order_id, + unsigned int num_coins, + const struct TALER_MERCHANT_PayCoin *coins, + TALER_MERCHANT_PayCallback pay_cb, + void *pay_cb_cls) +{ + return prepare_pay_generic (ctx, + merchant_url, + h_contract_terms, + amount, + max_fee, + merchant_pub, + merchant_sig, + timestamp, + refund_deadline, + pay_deadline, + h_wire, + order_id, + num_coins, + coins, + "pay", + pay_cb, + pay_cb_cls, + NULL, + NULL); +} + + +/** + * Run a payment abort operation, asking for refunds for coins + * that were previously spend on a /pay that failed to go through. + * + * @param ctx execution context + * @param merchant_url base URL of the merchant + * @param h_wire hash of the merchant’s account details + * @param h_contract hash of the contact of the merchant with the customer + * @param transaction_id transaction id for the transaction between merchant and customer + * @param amount total value of the contract to be paid to the merchant + * @param max_fee maximum fee covered by the merchant (according to the contract) + * @param merchant_pub the public key of the merchant (used to identify the merchant for refund requests) + * @param merchant_sig signature from the merchant over the original contract + * @param timestamp timestamp when the contract was finalized, must match approximately the current time of the merchant + * @param refund_deadline date until which the merchant can issue a refund to the customer via the merchant (can be zero if refunds are not allowed) + * @param pay_deadline maximum time limit to pay for this contract + * @param num_coins number of coins used to pay + * @param coins array of coins we use to pay + * @param coin_sig the signature made with purpose #TALER_SIGNATURE_WALLET_COIN_DEPOSIT made by the customer with the coin’s private key. + * @param payref_cb the callback to call when a reply for this request is available + * @param payref_cb_cls closure for @a pay_cb + * @return a handle for this request + */ +struct TALER_MERCHANT_Pay * +TALER_MERCHANT_pay_abort (struct GNUNET_CURL_Context *ctx, + const char *merchant_url, + const struct GNUNET_HashCode *h_contract, + const struct TALER_Amount *amount, + const struct TALER_Amount *max_fee, + const struct TALER_MerchantPublicKeyP *merchant_pub, + const struct TALER_MerchantSignatureP *merchant_sig, + struct GNUNET_TIME_Absolute timestamp, + struct GNUNET_TIME_Absolute refund_deadline, + struct GNUNET_TIME_Absolute pay_deadline, + const struct GNUNET_HashCode *h_wire, + const char *order_id, + unsigned int num_coins, + const struct TALER_MERCHANT_PayCoin *coins, + TALER_MERCHANT_PayRefundCallback payref_cb, + void *payref_cb_cls) +{ + struct TALER_MERCHANT_Pay *ph; + + ph = prepare_pay_generic (ctx, + merchant_url, + h_contract, + amount, + max_fee, + merchant_pub, + merchant_sig, + timestamp, + refund_deadline, + pay_deadline, + h_wire, + order_id, + num_coins, + coins, + "abort-refund", + NULL, + NULL, + payref_cb, + payref_cb_cls); + if (NULL == ph) + return NULL; + ph->h_contract_terms = *h_contract; + return ph; +} + + +/** + * PAY a merchant. API for frontends talking to backends. Here, + * the frontend does not have the coin's private keys, but just + * the public keys and signatures. Note the subtle difference + * in the type of @a coins compared to #TALER_MERCHANT_pay(). + * + * @param ctx the execution loop context + * @param merchant_url base URL of the merchant's backend + * @param merchant_pub public key of the merchant + * @param num_coins number of coins used to pay + * @param coins array of coins we use to pay + * @param pay_cb the callback to call when a reply for this request is available + * @param pay_cb_cls closure for @a pay_cb + * @return a handle for this request + */ +struct TALER_MERCHANT_Pay * +TALER_MERCHANT_pay_frontend ( + struct GNUNET_CURL_Context *ctx, + const char *merchant_url, + const struct TALER_MerchantPublicKeyP *merchant_pub, + const char *order_id, + unsigned int num_coins, + const struct TALER_MERCHANT_PaidCoin *coins, + TALER_MERCHANT_PayCallback pay_cb, + void *pay_cb_cls) +{ + return request_pay_generic (ctx, + merchant_url, + merchant_pub, + order_id, + num_coins, + coins, + "pay", + pay_cb, + pay_cb_cls, + NULL, + NULL); +} + + +/** + * Cancel a pay permission request. This function cannot be used + * on a request handle if a response is already served for it. + * + * @param pay the pay permission request handle + */ +void +TALER_MERCHANT_pay_cancel (struct TALER_MERCHANT_Pay *pay) +{ + if (NULL != pay->job) + { + GNUNET_CURL_job_cancel (pay->job); + pay->job = NULL; + } + TALER_curl_easy_post_finished (&pay->post_ctx); + GNUNET_free (pay->coins); + GNUNET_free (pay->url); + GNUNET_free (pay); +} + + +/* end of merchant_api_pay.c */ diff --git a/src/lib/merchant_api_post_order_pay.c b/src/lib/merchant_api_post_order_pay.c index f860f3a8..3cef8043 100644 --- a/src/lib/merchant_api_post_order_pay.c +++ b/src/lib/merchant_api_post_order_pay.c @@ -17,8 +17,8 @@ If not, see <http://www.gnu.org/licenses/> */ /** - * @file lib/merchant_api_pay.c - * @brief Implementation of the /pay request + * @file lib/merchant_api_post_order_pay.c + * @brief Implementation of the POST /order/$ID/pay request * of the merchant's HTTP API * @author Christian Grothoff * @author Marcello Stanisci @@ -39,7 +39,7 @@ /** * @brief A Pay Handle */ -struct TALER_MERCHANT_Pay +struct TALER_MERCHANT_OrderPayHandle { /** @@ -63,21 +63,6 @@ struct TALER_MERCHANT_Pay void *pay_cb_cls; /** - * Function to call with the result in "abort-refund" @e mode. - */ - TALER_MERCHANT_PayRefundCallback abort_cb; - - /** - * Closure for @a abort_cb. - */ - void *abort_cb_cls; - - /** - * Operational mode, either "pay" or "abort-refund". - */ - const char *mode; - - /** * Reference to the execution context. */ struct GNUNET_CURL_Context *ctx; @@ -97,145 +82,16 @@ struct TALER_MERCHANT_Pay */ unsigned int num_coins; - /** - * Hash of the contract, only available in "abort-refund" mode. - */ - struct GNUNET_HashCode h_contract_terms; - }; /** - * Check that the response for a /pay refund is well-formed, - * and call the application callback with the result if it is - * OK. Otherwise returns #GNUNET_SYSERR. - * - * @param ph handle to operation that created the reply - * @param json the reply to parse - * @return #GNUNET_OK on success - */ -static int -check_abort_refund (struct TALER_MERCHANT_Pay *ph, - const json_t *json) -{ - json_t *refunds; - unsigned int num_refunds; - struct TALER_MerchantPublicKeyP merchant_pub; - struct GNUNET_JSON_Specification spec[] = { - GNUNET_JSON_spec_json ("refund_permissions", &refunds), - GNUNET_JSON_spec_fixed_auto ("merchant_pub", &merchant_pub), - GNUNET_JSON_spec_end () - }; - - if (GNUNET_OK != - GNUNET_JSON_parse (json, - spec, - NULL, NULL)) - { - GNUNET_break_op (0); - return GNUNET_SYSERR; - } - num_refunds = json_array_size (refunds); - { - struct TALER_MERCHANT_RefundEntry res[GNUNET_NZL (num_refunds)]; - - for (unsigned int i = 0; i<num_refunds; i++) - { - struct TALER_MerchantSignatureP *sig = &res[i].merchant_sig; - json_t *refund = json_array_get (refunds, i); - struct GNUNET_JSON_Specification spec_detail[] = { - GNUNET_JSON_spec_fixed_auto ("merchant_sig", - sig), - GNUNET_JSON_spec_fixed_auto ("coin_pub", - &res[i].coin_pub), - GNUNET_JSON_spec_uint64 ("rtransaction_id", - &res[i].rtransaction_id), - GNUNET_JSON_spec_end () - }; - int found; - - if (GNUNET_OK != - GNUNET_JSON_parse (refund, - spec_detail, - NULL, NULL)) - { - GNUNET_break_op (0); - GNUNET_JSON_parse_free (spec); - return GNUNET_SYSERR; - } - - found = -1; - for (unsigned int j = 0; j<ph->num_coins; j++) - { - if (0 == memcmp (&ph->coins[j].coin_pub, - &res[i].coin_pub, - sizeof - (struct TALER_CoinSpendPublicKeyP))) - { - found = j; - break; - } - } - if (-1 == found) - { - GNUNET_break_op (0); - GNUNET_JSON_parse_free (spec); - return GNUNET_SYSERR; - } - - { - struct TALER_RefundRequestPS rr = { - .purpose.purpose = htonl (TALER_SIGNATURE_MERCHANT_REFUND), - .purpose.size = htonl (sizeof (struct TALER_RefundRequestPS)), - .h_contract_terms = ph->h_contract_terms, - .coin_pub = res[i].coin_pub, - .merchant = merchant_pub, - .rtransaction_id = GNUNET_htonll (res[i].rtransaction_id) - }; - - TALER_amount_hton (&rr.refund_amount, - &ph->coins[found].amount_with_fee); - TALER_amount_hton (&rr.refund_fee, - &ph->coins[found].refund_fee); - if (GNUNET_OK != - GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MERCHANT_REFUND, - &rr, - &sig->eddsa_sig, - &merchant_pub.eddsa_pub)) - { - GNUNET_break_op (0); - GNUNET_JSON_parse_free (spec); - return GNUNET_SYSERR; - } - } - } - { - struct TALER_MERCHANT_HttpResponse hr = { - .reply = json, - .http_status = MHD_HTTP_OK - }; - - ph->abort_cb (ph->abort_cb_cls, - &hr, - &merchant_pub, - &ph->h_contract_terms, - num_refunds, - res); - } - ph->abort_cb = NULL; - } - GNUNET_JSON_parse_free (spec); - return GNUNET_OK; -} - - -/** * We got a 403 response back from the exchange (or the merchant). - * Now we need to check the provided cryptographic proof that the + * Now we need to check the provided cryptograophic proof that the * coin was actually already spent! * * @param pc handle of the original coin we paid with - * @param json cryptographic proof of coin's transaction + * @param json cryptograophic proof of coin's transaction * history as was returned by the exchange/merchant * @return #GNUNET_OK if proof checks out */ @@ -282,16 +138,16 @@ check_coin_history (const struct TALER_MERCHANT_PaidCoin *pc, /** * We got a 409 response back from the exchange (or the merchant). - * Now we need to check the provided cryptographic proof that the + * Now we need to check the provided cryptograophic proof that the * coin was actually already spent! * - * @param ph handle of the original pay operation - * @param json cryptographic proof returned by the + * @param oph handle of the original pay operation + * @param json cryptograophic proof returned by the * exchange/merchant * @return #GNUNET_OK if proof checks out */ static int -check_conflict (struct TALER_MERCHANT_Pay *ph, +check_conflict (struct TALER_MERCHANT_OrderPayHandle *oph, const json_t *json) { json_t *history; @@ -326,15 +182,15 @@ check_conflict (struct TALER_MERCHANT_Pay *ph, } GNUNET_JSON_parse_free (spec); - for (unsigned int i = 0; i<ph->num_coins; i++) + for (unsigned int i = 0; i<oph->num_coins; i++) { - if (0 == memcmp (&ph->coins[i].coin_pub, + if (0 == memcmp (&oph->coins[i].coin_pub, &coin_pub, sizeof (struct TALER_CoinSpendPublicKeyP))) { int ret; - ret = check_coin_history (&ph->coins[i], + ret = check_coin_history (&oph->coins[i], history); GNUNET_JSON_parse_free (hspec); return ret; @@ -360,238 +216,154 @@ handle_pay_finished (void *cls, long response_code, const void *response) { - struct TALER_MERCHANT_Pay *ph = cls; + struct TALER_MERCHANT_OrderPayHandle *oph = cls; const json_t *json = response; struct TALER_MERCHANT_HttpResponse hr = { .http_status = (unsigned int) response_code, .reply = json }; - ph->job = NULL; + oph->job = NULL; GNUNET_log (GNUNET_ERROR_TYPE_INFO, "/pay completed with response code %u\n", (unsigned int) response_code); - if (0 == strcasecmp (ph->mode, - "pay")) - { - switch (response_code) - { - case 0: - hr.ec = TALER_EC_INVALID_RESPONSE; - break; - case MHD_HTTP_OK: - break; - /* Tolerating Not Acceptable because sometimes - * - especially in tests - we might want to POST - * coins one at a time. */ - case MHD_HTTP_NOT_ACCEPTABLE: - hr.ec = TALER_JSON_get_error_code (json); - hr.hint = TALER_JSON_get_error_hint (json); - break; - case MHD_HTTP_BAD_REQUEST: - hr.ec = TALER_JSON_get_error_code (json); - hr.hint = TALER_JSON_get_error_hint (json); - /* This should never happen, either us - * or the merchant is buggy (or API version conflict); - * just pass JSON reply to the application */ - break; - case MHD_HTTP_FORBIDDEN: - hr.ec = TALER_JSON_get_error_code (json); - hr.hint = TALER_JSON_get_error_hint (json); - /* Nothing really to verify, merchant says we tried to abort the payment - * after it was successful. We should pass the JSON reply to the - * application */ - break; - case MHD_HTTP_NOT_FOUND: - hr.ec = TALER_JSON_get_error_code (json); - hr.hint = TALER_JSON_get_error_hint (json); - /* Nothing really to verify, this should never - happen, we should pass the JSON reply to the - application */ - break; - case MHD_HTTP_PRECONDITION_FAILED: - TALER_MERCHANT_parse_error_details_ (json, - response_code, - &hr); - /* Nothing really to verify, the merchant is blaming us for failing to - satisfy some constraint (likely it does not like our exchange because - of some disagreement on the PKI). We should pass the JSON reply to the - application */ - break; - case MHD_HTTP_REQUEST_TIMEOUT: - hr.ec = TALER_JSON_get_error_code (json); - hr.hint = TALER_JSON_get_error_hint (json); - /* The merchant couldn't generate a timely response, likely because - it itself waited too long on the exchange. - Pass on to application. */ - break; - case MHD_HTTP_CONFLICT: - hr.ec = TALER_JSON_get_error_code (json); - hr.hint = TALER_JSON_get_error_hint (json); - if (GNUNET_OK != check_conflict (ph, - json)) - { - GNUNET_break_op (0); - response_code = 0; - } - break; - case MHD_HTTP_GONE: - hr.ec = TALER_JSON_get_error_code (json); - hr.hint = TALER_JSON_get_error_hint (json); - /* The merchant says we are too late, the offer has expired or some - denomination key of a coin involved has expired. - Might be a disagreement in timestamps? Still, pass on to application. */ - break; - case MHD_HTTP_FAILED_DEPENDENCY: - TALER_MERCHANT_parse_error_details_ (json, - response_code, - &hr); - /* Nothing really to verify, the merchant is blaming the exchange. - We should pass the JSON reply to the application */ - break; - case MHD_HTTP_INTERNAL_SERVER_ERROR: - hr.ec = TALER_JSON_get_error_code (json); - hr.hint = TALER_JSON_get_error_hint (json); - /* Server had an internal issue; we should retry, - but this API leaves this to the application */ - break; - case MHD_HTTP_SERVICE_UNAVAILABLE: - TALER_MERCHANT_parse_error_details_ (json, - response_code, - &hr); - /* Exchange couldn't respond properly; the retry is - left to the application */ - break; - default: - TALER_MERCHANT_parse_error_details_ (json, - response_code, - &hr); - /* unexpected response code */ - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Unexpected response code %u/%d\n", - (unsigned int) response_code, - (int) hr.ec); - GNUNET_break_op (0); - break; - } - ph->pay_cb (ph->pay_cb_cls, - &hr); - } - else + // FIXME: check response codes here match documentation match what service generates! + switch (response_code) { - GNUNET_assert (0 == strcasecmp (ph->mode, - "abort-refund")); - - switch (response_code) + case 0: + hr.ec = TALER_EC_INVALID_RESPONSE; + break; + case MHD_HTTP_OK: + // FIXME: should verify 'sig' from merchant here! + // FIXME: probably should return merchant signature to callback! + break; + /* Tolerating Not Acceptable because sometimes + * - especially in tests - we might want to POST + * coins one at a time. */ + case MHD_HTTP_NOT_ACCEPTABLE: + hr.ec = TALER_JSON_get_error_code (json); + hr.hint = TALER_JSON_get_error_hint (json); + break; + case MHD_HTTP_BAD_REQUEST: + hr.ec = TALER_JSON_get_error_code (json); + hr.hint = TALER_JSON_get_error_hint (json); + /* This should never happen, either us + * or the merchant is buggy (or API version conflict); + * just pass JSON reply to the application */ + break; + case MHD_HTTP_FORBIDDEN: + hr.ec = TALER_JSON_get_error_code (json); + hr.hint = TALER_JSON_get_error_hint (json); + /* Nothing really to verify, merchant says we tried to abort the payment + * after it was successful. We should pass the JSON reply to the + * application */ + break; + case MHD_HTTP_NOT_FOUND: + hr.ec = TALER_JSON_get_error_code (json); + hr.hint = TALER_JSON_get_error_hint (json); + /* Nothing really to verify, this should never + happen, we should pass the JSON reply to the + application */ + break; + case MHD_HTTP_PRECONDITION_FAILED: + TALER_MERCHANT_parse_error_details_ (json, + response_code, + &hr); + /* Nothing really to verify, the merchant is blaming us for failing to + satisfy some constraint (likely it does not like our exchange because + of some disagreement on the PKI). We should pass the JSON reply to the + application */ + break; + case MHD_HTTP_REQUEST_TIMEOUT: + hr.ec = TALER_JSON_get_error_code (json); + hr.hint = TALER_JSON_get_error_hint (json); + /* The merchant couldn't generate a timely response, likely because + it itself waited too long on the exchange. + Pass on to application. */ + break; + case MHD_HTTP_CONFLICT: + hr.ec = TALER_JSON_get_error_code (json); + hr.hint = TALER_JSON_get_error_hint (json); + if (GNUNET_OK != check_conflict (oph, + json)) { - case 0: - hr.ec = TALER_EC_INVALID_RESPONSE; - break; - case MHD_HTTP_OK: - if (GNUNET_OK == - check_abort_refund (ph, - json)) - { - TALER_MERCHANT_pay_cancel (ph); - return; - } - hr.http_status = 0; - hr.ec = TALER_EC_PAY_MERCHANT_INVALID_RESPONSE; - break; - case MHD_HTTP_BAD_REQUEST: - hr.ec = TALER_JSON_get_error_code (json); - hr.hint = TALER_JSON_get_error_hint (json); - /* This should never happen, either us or the - merchant is buggy (or API version conflict); just - pass JSON reply to the application */ - break; - case MHD_HTTP_CONFLICT: - hr.ec = TALER_JSON_get_error_code (json); - hr.hint = TALER_JSON_get_error_hint (json); - break; - case MHD_HTTP_FORBIDDEN: - hr.ec = TALER_JSON_get_error_code (json); - hr.hint = TALER_JSON_get_error_hint (json); - /* Nothing really to verify, merchant says one of - the signatures is invalid; as we checked them, - this should never happen, we should pass the JSON - reply to the application */ - break; - case MHD_HTTP_NOT_FOUND: - hr.ec = TALER_JSON_get_error_code (json); - hr.hint = TALER_JSON_get_error_hint (json); - /* Nothing really to verify, this should never - happen, we should pass the JSON reply to the - application */ - break; - case MHD_HTTP_FAILED_DEPENDENCY: - TALER_MERCHANT_parse_error_details_ (json, - response_code, - &hr); - /* Nothing really to verify, the merchant is blaming the exchange. - We should pass the JSON reply to the application */ - break; - case MHD_HTTP_INTERNAL_SERVER_ERROR: - hr.ec = TALER_JSON_get_error_code (json); - hr.hint = TALER_JSON_get_error_hint (json); - /* Server had an internal issue; we should retry, - but this API leaves this to the application */ - break; - default: - /* unexpected response code */ - TALER_MERCHANT_parse_error_details_ (json, - response_code, - &hr); - GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Unexpected response code %u/%d\n", - (unsigned int) response_code, - (int) hr.ec); GNUNET_break_op (0); - break; + response_code = 0; } - ph->abort_cb (ph->abort_cb_cls, - &hr, - NULL, - NULL, - 0, - NULL); + break; + case MHD_HTTP_GONE: + hr.ec = TALER_JSON_get_error_code (json); + hr.hint = TALER_JSON_get_error_hint (json); + /* The merchant says we are too late, the offer has expired or some + denomination key of a coin involved has expired. + Might be a disagreement in timestamps? Still, pass on to application. */ + break; + case MHD_HTTP_FAILED_DEPENDENCY: + TALER_MERCHANT_parse_error_details_ (json, + response_code, + &hr); + /* Nothing really to verify, the merchant is blaming the exchange. + We should pass the JSON reply to the application */ + break; + case MHD_HTTP_INTERNAL_SERVER_ERROR: + hr.ec = TALER_JSON_get_error_code (json); + hr.hint = TALER_JSON_get_error_hint (json); + /* Server had an internal issue; we should retry, + but this API leaves this to the application */ + break; + case MHD_HTTP_SERVICE_UNAVAILABLE: + TALER_MERCHANT_parse_error_details_ (json, + response_code, + &hr); + /* Exchange couldn't respond properly; the retry is + left to the application */ + break; + default: + TALER_MERCHANT_parse_error_details_ (json, + response_code, + &hr); + /* unexpected response code */ + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Unexpected response code %u/%d\n", + (unsigned int) response_code, + (int) hr.ec); + GNUNET_break_op (0); + break; } - TALER_MERCHANT_pay_cancel (ph); + oph->pay_cb (oph->pay_cb_cls, + &hr); + TALER_MERCHANT_order_pay_cancel (oph); } /** - * Issue /pay request. Generic version for the various - * variants of the API. + * PAY a merchant. API for frontends talking to backends. Here, + * the frontend does not have the coin's private keys, but just + * the public keys and signatures. Note the subtle difference + * in the type of @a coins compared to #TALER_MERCHANT_pay(). * * @param ctx the execution loop context * @param merchant_url base URL of the merchant's backend - * @param merchant_pub public key of the merchant + * @param order_id order to pay + * @param session_id session to pay for, or NULL for none * @param num_coins number of coins used to pay * @param coins array of coins we use to pay - * @param mode mode string to use ("pay" or "abort-refund"). - * @param pay_cb the callback to call when a reply for this - * request is available + * @param pay_cb the callback to call when a reply for this request is available * @param pay_cb_cls closure for @a pay_cb - * @param abort_cb callback to call for the abort-refund variant - * @param abort_cb_cls closure for @a abort_cb * @return a handle for this request */ -static struct TALER_MERCHANT_Pay * -request_pay_generic ( +struct TALER_MERCHANT_OrderPayHandle * +TALER_MERCHANT_order_pay_frontend ( struct GNUNET_CURL_Context *ctx, const char *merchant_url, - const struct TALER_MerchantPublicKeyP *merchant_pub, const char *order_id, + const char *session_id, unsigned int num_coins, - const struct TALER_MERCHANT_PaidCoin *coins, - const char *mode, + const struct TALER_MERCHANT_PaidCoin coins[], TALER_MERCHANT_OrderPayCallback pay_cb, - void *pay_cb_cls, - TALER_MERCHANT_PayRefundCallback abort_cb, - void *abort_cb_cls) + void *pay_cb_cls) { - struct TALER_MERCHANT_Pay *ph; + struct TALER_MERCHANT_OrderPayHandle *oph; json_t *pay_obj; json_t *j_coins; CURL *eh; @@ -609,6 +381,7 @@ request_pay_generic ( json_t *j_coin; const struct TALER_MERCHANT_PaidCoin *pc = &coins[i]; struct TALER_Amount fee; + struct GNUNET_HashCode denom_hash; if (0 > TALER_amount_subtract (&fee, @@ -644,6 +417,8 @@ request_pay_generic ( } } + GNUNET_CRYPTO_rsa_public_key_hash (pc->denom_pub.rsa_public_key, + &denom_hash); /* create JSON for this coin */ j_coin = json_pack ( "{s:o, s:o," /* contribution/coin_pub */ @@ -655,8 +430,8 @@ request_pay_generic ( GNUNET_JSON_from_data_auto (&pc->coin_pub), "exchange_url", pc->exchange_url, - "denom_pub", - GNUNET_JSON_from_rsa_public_key (pc->denom_pub.rsa_public_key), + "h_denom", + GNUNET_JSON_from_data_auto (&denom_hash), "ub_sig", GNUNET_JSON_from_rsa_signature (pc->denom_sig.rsa_signature), "coin_sig", @@ -671,202 +446,79 @@ request_pay_generic ( } } - pay_obj = json_pack ("{" - " s:s," /* mode */ - " s:o," /* coins */ - " s:s," /* order_id */ - " s:o," /* merchant_pub */ - "}", - "mode", - mode, + pay_obj = json_pack ("{ s:o }", "coins", - j_coins, /* reference consumed! */ - "order_id", - order_id, - "merchant_pub", - GNUNET_JSON_from_data_auto (merchant_pub)); + j_coins); if (NULL == pay_obj) { GNUNET_break (0); return NULL; } - ph = GNUNET_new (struct TALER_MERCHANT_Pay); - ph->ctx = ctx; - ph->mode = mode; - ph->abort_cb = abort_cb; - ph->abort_cb_cls = abort_cb_cls; - ph->pay_cb = pay_cb; - ph->pay_cb_cls = pay_cb_cls; - ph->url = TALER_url_join (merchant_url, "pay", NULL); - if (NULL == ph->url) + if (NULL != session_id) + { + if (0 != json_object_set (pay_obj, + "session_id", + json_string (session_id))) + { + GNUNET_break (0); + json_decref (pay_obj); + return NULL; + } + } + + oph = GNUNET_new (struct TALER_MERCHANT_OrderPayHandle); + oph->ctx = ctx; + oph->pay_cb = pay_cb; + oph->pay_cb_cls = pay_cb_cls; + { + char *path; + + GNUNET_asprintf (&path, + "orders/%s/pay", + order_id); + oph->url = TALER_url_join (merchant_url, + path, + NULL); + GNUNET_free (path); + } + if (NULL == oph->url) { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Could not construct request URL.\n"); json_decref (pay_obj); - GNUNET_free (ph); + GNUNET_free (oph); return NULL; } - ph->num_coins = num_coins; - ph->coins = GNUNET_new_array (num_coins, - struct TALER_MERCHANT_PaidCoin); - memcpy (ph->coins, + oph->num_coins = num_coins; + oph->coins = GNUNET_new_array (num_coins, + struct TALER_MERCHANT_PaidCoin); + memcpy (oph->coins, coins, num_coins * sizeof (struct TALER_MERCHANT_PaidCoin)); eh = curl_easy_init (); - if (GNUNET_OK != TALER_curl_easy_post (&ph->post_ctx, - eh, - pay_obj)) + if (GNUNET_OK != + TALER_curl_easy_post (&oph->post_ctx, + eh, + pay_obj)) { GNUNET_break (0); json_decref (pay_obj); - GNUNET_free (ph); + GNUNET_free (oph); return NULL; } json_decref (pay_obj); - GNUNET_assert (CURLE_OK == curl_easy_setopt (eh, - CURLOPT_URL, - ph->url)); - ph->job = GNUNET_CURL_job_add2 (ctx, - eh, - ph->post_ctx.headers, - &handle_pay_finished, - ph); - return ph; -} - - -/** - * Pay a merchant. API for wallets that have the coin's private - * keys. - * _NOTE_: this function does NOT calculate each coin amount in - * order to match the contract total price. This calculation is - * to be made by the logic using this library. - * - * @param ctx the execution loop context - * @param merchant_url base URL of the merchant's backend - * @param h_contract_terms hashcode of the proposal being paid - * @param amount total value of the contract to be paid to the - * merchant - * @param max_fee maximum fee covered by the merchant - * (according to the contract) - * @param merchant_pub the public key of the merchant - * (used to identify the merchant for refund requests) - * @param merchant_sig signature from the merchant over the - * original contract - * @param timestamp timestamp when the contract was finalized, - * must match approximately the current time of the merchant - * @param refund_deadline date until which the merchant can issue - * a refund to the customer via the merchant (can be zero - * if refunds are not allowed) - * @param pay_deadline maximum time limit to pay for this contract - * @param h_wire hash of the merchant’s account details - * @param order_id order id of the proposal being paid - * @param num_coins number of coins used to pay - * @param coins array of coins we use to pay - * @param pay_cb the callback to call when a reply for this - * request is available - * @param pay_cb_cls closure for @a pay_cb - * @return a handle for this request - */ -static struct TALER_MERCHANT_Pay * -prepare_pay_generic (struct GNUNET_CURL_Context *ctx, - const char *merchant_url, - const struct GNUNET_HashCode *h_contract_terms, - const struct TALER_Amount *amount, - const struct TALER_Amount *max_fee, - const struct TALER_MerchantPublicKeyP *merchant_pub, - const struct TALER_MerchantSignatureP *merchant_sig, - struct GNUNET_TIME_Absolute timestamp, - struct GNUNET_TIME_Absolute refund_deadline, - struct GNUNET_TIME_Absolute pay_deadline, - const struct GNUNET_HashCode *h_wire, - const char *order_id, - unsigned int num_coins, - const struct TALER_MERCHANT_PayCoin *coins, - const char *mode, - TALER_MERCHANT_PayCallback pay_cb, - void *pay_cb_cls, - TALER_MERCHANT_PayRefundCallback abort_cb, - void *abort_cb_cls) -{ - struct TALER_DepositRequestPS dr; - struct TALER_MERCHANT_PaidCoin pc[num_coins]; - - (void) GNUNET_TIME_round_abs (×tamp); - (void) GNUNET_TIME_round_abs (&pay_deadline); - (void) GNUNET_TIME_round_abs (&refund_deadline); - - if (GNUNET_YES != - TALER_amount_cmp_currency (amount, - max_fee)) - { - GNUNET_break (0); - return NULL; - } - - dr.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_DEPOSIT); - dr.purpose.size = htonl (sizeof (struct TALER_DepositRequestPS)); - dr.h_contract_terms = *h_contract_terms; - dr.h_wire = *h_wire; - dr.timestamp = GNUNET_TIME_absolute_hton (timestamp); - dr.refund_deadline = GNUNET_TIME_absolute_hton (refund_deadline); - dr.merchant = *merchant_pub; - - for (unsigned int i = 0; i<num_coins; i++) - { - const struct TALER_MERCHANT_PayCoin *coin = &coins[i]; // coin priv. - struct TALER_MERCHANT_PaidCoin *p = &pc[i]; // coin pub. - struct TALER_Amount fee; - - /* prepare 'dr' for this coin to generate coin signature */ - GNUNET_CRYPTO_eddsa_key_get_public (&coin->coin_priv.eddsa_priv, - &dr.coin_pub.eddsa_pub); - TALER_amount_hton (&dr.amount_with_fee, - &coin->amount_with_fee); - if (0 > - TALER_amount_subtract (&fee, - &coin->amount_with_fee, - &coin->amount_without_fee)) - { - /* Integer underflow, fee larger than total amount? - This should not happen (client violated API!) */ - GNUNET_break (0); - return NULL; - } - TALER_amount_hton (&dr.deposit_fee, - &fee); - { - TALER_LOG_DEBUG ("... amount_with_fee was %s\n", - TALER_amount2s (&coin->amount_with_fee)); - TALER_LOG_DEBUG ("... fee was %s\n", - TALER_amount2s (&fee)); - } - - GNUNET_CRYPTO_eddsa_sign (&coin->coin_priv.eddsa_priv, - &dr, - &p->coin_sig.eddsa_signature); - p->denom_pub = coin->denom_pub; - p->denom_sig = coin->denom_sig; - p->denom_value = coin->denom_value; - p->coin_pub = dr.coin_pub; - p->amount_with_fee = coin->amount_with_fee; - p->amount_without_fee = coin->amount_without_fee; - p->refund_fee = coin->refund_fee; - p->exchange_url = coin->exchange_url; - } - return request_pay_generic (ctx, - merchant_url, - merchant_pub, - order_id, - num_coins, - pc, - mode, - pay_cb, - pay_cb_cls, - abort_cb, - abort_cb_cls); + GNUNET_assert (CURLE_OK == + curl_easy_setopt (eh, + CURLOPT_URL, + oph->url)); + oph->job = GNUNET_CURL_job_add2 (ctx, + eh, + oph->post_ctx.headers, + &handle_pay_finished, + oph); + return oph; } @@ -878,6 +530,7 @@ prepare_pay_generic (struct GNUNET_CURL_Context *ctx, * * @param ctx the execution loop context * @param merchant_url base URL of the merchant's backend + * @param session_id session to pay for, or NULL for none * @param h_contract_terms hashcode of the proposal being paid * @param amount total value of the contract to be paid to the merchant * @param max_fee maximum fee covered by the merchant (according to the contract) @@ -894,73 +547,11 @@ prepare_pay_generic (struct GNUNET_CURL_Context *ctx, * @param pay_cb_cls closure for @a pay_cb * @return a handle for this request */ -struct TALER_MERCHANT_Pay * -TALER_MERCHANT_pay_wallet (struct GNUNET_CURL_Context *ctx, - const char *merchant_url, - const struct GNUNET_HashCode *h_contract_terms, - const struct TALER_Amount *amount, - const struct TALER_Amount *max_fee, - const struct TALER_MerchantPublicKeyP *merchant_pub, - const struct TALER_MerchantSignatureP *merchant_sig, - struct GNUNET_TIME_Absolute timestamp, - struct GNUNET_TIME_Absolute refund_deadline, - struct GNUNET_TIME_Absolute pay_deadline, - const struct GNUNET_HashCode *h_wire, - const char *order_id, - unsigned int num_coins, - const struct TALER_MERCHANT_PayCoin *coins, - TALER_MERCHANT_PayCallback pay_cb, - void *pay_cb_cls) -{ - return prepare_pay_generic (ctx, - merchant_url, - h_contract_terms, - amount, - max_fee, - merchant_pub, - merchant_sig, - timestamp, - refund_deadline, - pay_deadline, - h_wire, - order_id, - num_coins, - coins, - "pay", - pay_cb, - pay_cb_cls, - NULL, - NULL); -} - - -/** - * Run a payment abort operation, asking for refunds for coins - * that were previously spend on a /pay that failed to go through. - * - * @param ctx execution context - * @param merchant_url base URL of the merchant - * @param h_wire hash of the merchant’s account details - * @param h_contract hash of the contact of the merchant with the customer - * @param transaction_id transaction id for the transaction between merchant and customer - * @param amount total value of the contract to be paid to the merchant - * @param max_fee maximum fee covered by the merchant (according to the contract) - * @param merchant_pub the public key of the merchant (used to identify the merchant for refund requests) - * @param merchant_sig signature from the merchant over the original contract - * @param timestamp timestamp when the contract was finalized, must match approximately the current time of the merchant - * @param refund_deadline date until which the merchant can issue a refund to the customer via the merchant (can be zero if refunds are not allowed) - * @param pay_deadline maximum time limit to pay for this contract - * @param num_coins number of coins used to pay - * @param coins array of coins we use to pay - * @param coin_sig the signature made with purpose #TALER_SIGNATURE_WALLET_COIN_DEPOSIT made by the customer with the coin’s private key. - * @param payref_cb the callback to call when a reply for this request is available - * @param payref_cb_cls closure for @a pay_cb - * @return a handle for this request - */ -struct TALER_MERCHANT_Pay * -TALER_MERCHANT_pay_abort (struct GNUNET_CURL_Context *ctx, +struct TALER_MERCHANT_OrderPayHandle * +TALER_MERCHANT_order_pay (struct GNUNET_CURL_Context *ctx, const char *merchant_url, - const struct GNUNET_HashCode *h_contract, + const char *session_id, + const struct GNUNET_HashCode *h_contract_terms, const struct TALER_Amount *amount, const struct TALER_Amount *max_fee, const struct TALER_MerchantPublicKeyP *merchant_pub, @@ -971,97 +562,99 @@ TALER_MERCHANT_pay_abort (struct GNUNET_CURL_Context *ctx, const struct GNUNET_HashCode *h_wire, const char *order_id, unsigned int num_coins, - const struct TALER_MERCHANT_PayCoin *coins, - TALER_MERCHANT_PayRefundCallback payref_cb, - void *payref_cb_cls) + const struct TALER_MERCHANT_PayCoin coins[], + TALER_MERCHANT_OrderPayCallback pay_cb, + void *pay_cb_cls) { - struct TALER_MERCHANT_Pay *ph; - - ph = prepare_pay_generic (ctx, - merchant_url, - h_contract, - amount, - max_fee, - merchant_pub, - merchant_sig, - timestamp, - refund_deadline, - pay_deadline, - h_wire, - order_id, - num_coins, - coins, - "abort-refund", - NULL, - NULL, - payref_cb, - payref_cb_cls); - if (NULL == ph) + (void) GNUNET_TIME_round_abs (×tamp); + (void) GNUNET_TIME_round_abs (&pay_deadline); + (void) GNUNET_TIME_round_abs (&refund_deadline); + if (GNUNET_YES != + TALER_amount_cmp_currency (amount, + max_fee)) + { + GNUNET_break (0); return NULL; - ph->h_contract_terms = *h_contract; - return ph; -} - + } -/** - * PAY a merchant. API for frontends talking to backends. Here, - * the frontend does not have the coin's private keys, but just - * the public keys and signatures. Note the subtle difference - * in the type of @a coins compared to #TALER_MERCHANT_pay(). - * - * @param ctx the execution loop context - * @param merchant_url base URL of the merchant's backend - * @param merchant_pub public key of the merchant - * @param num_coins number of coins used to pay - * @param coins array of coins we use to pay - * @param pay_cb the callback to call when a reply for this request is available - * @param pay_cb_cls closure for @a pay_cb - * @return a handle for this request - */ -struct TALER_MERCHANT_Pay * -TALER_MERCHANT_pay_frontend ( - struct GNUNET_CURL_Context *ctx, - const char *merchant_url, - const struct TALER_MerchantPublicKeyP *merchant_pub, - const char *order_id, - unsigned int num_coins, - const struct TALER_MERCHANT_PaidCoin *coins, - TALER_MERCHANT_PayCallback pay_cb, - void *pay_cb_cls) -{ - return request_pay_generic (ctx, - merchant_url, - merchant_pub, - order_id, - num_coins, - coins, - "pay", - pay_cb, - pay_cb_cls, - NULL, - NULL); + { + struct TALER_MERCHANT_PaidCoin pc[num_coins]; + struct TALER_DepositRequestPS dr = { + .purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_DEPOSIT), + .purpose.size = htonl (sizeof (dr)), + .h_contract_terms = *h_contract_terms, + .h_wire = *h_wire, + .timestamp = GNUNET_TIME_absolute_hton (timestamp), + .refund_deadline = GNUNET_TIME_absolute_hton (refund_deadline), + .merchant = *merchant_pub + }; + + for (unsigned int i = 0; i<num_coins; i++) + { + const struct TALER_MERCHANT_PayCoin *coin = &coins[i]; // coin priv. + struct TALER_MERCHANT_PaidCoin *p = &pc[i]; // coin pub. + struct TALER_Amount fee; + + /* prepare 'dr' for this coin to generate coin signature */ + GNUNET_CRYPTO_eddsa_key_get_public (&coin->coin_priv.eddsa_priv, + &dr.coin_pub.eddsa_pub); + TALER_amount_hton (&dr.amount_with_fee, + &coin->amount_with_fee); + if (0 > + TALER_amount_subtract (&fee, + &coin->amount_with_fee, + &coin->amount_without_fee)) + { + /* Integer underflow, fee larger than total amount? + This should not happen (client violated API!) */ + GNUNET_break (0); + return NULL; + } + TALER_amount_hton (&dr.deposit_fee, + &fee); + GNUNET_CRYPTO_eddsa_sign (&coin->coin_priv.eddsa_priv, + &dr, + &p->coin_sig.eddsa_signature); + p->denom_pub = coin->denom_pub; + p->denom_sig = coin->denom_sig; + p->denom_value = coin->denom_value; + p->coin_pub = dr.coin_pub; + p->amount_with_fee = coin->amount_with_fee; + p->amount_without_fee = coin->amount_without_fee; + p->refund_fee = coin->refund_fee; + p->exchange_url = coin->exchange_url; + } + return TALER_MERCHANT_order_pay_frontend (ctx, + merchant_url, + order_id, + session_id, + num_coins, + pc, + pay_cb, + pay_cb_cls); + } } /** - * Cancel a pay permission request. This function cannot be used - * on a request handle if a response is already served for it. + * Cancel a pay request. This function cannot be used on a request handle if + * a response is already served for it. * - * @param pay the pay permission request handle + * @param oph the pay request handle */ void -TALER_MERCHANT_pay_cancel (struct TALER_MERCHANT_Pay *pay) +TALER_MERCHANT_order_pay_cancel (struct TALER_MERCHANT_OrderPayHandle *oph) { - if (NULL != pay->job) + if (NULL != oph->job) { - GNUNET_CURL_job_cancel (pay->job); - pay->job = NULL; + GNUNET_CURL_job_cancel (oph->job); + oph->job = NULL; } - TALER_curl_easy_post_finished (&pay->post_ctx); - GNUNET_free (pay->coins); - GNUNET_free (pay->url); - GNUNET_free (pay); + TALER_curl_easy_post_finished (&oph->post_ctx); + GNUNET_free (oph->coins); + GNUNET_free (oph->url); + GNUNET_free (oph); } -/* end of merchant_api_pay.c */ +/* end of merchant_api_post_order_pay.c */ |