diff options
| author | Jonathan Buchanan <jonathan.russ.buchanan@gmail.com> | 2020-08-22 04:06:25 -0400 |
|---|---|---|
| committer | Jonathan Buchanan <jonathan.russ.buchanan@gmail.com> | 2020-08-22 04:06:25 -0400 |
| commit | 838e8bf4f11a6713c61a80addfc5517254f72759 (patch) | |
| tree | 7aba3d2cb378c4ea160248043c3f524b3722416d /src | |
| parent | fa24290c5222d78238f8750c21a0004f0f0b6be5 (diff) | |
| download | merchant-838e8bf4f11a6713c61a80addfc5517254f72759.tar.gz merchant-838e8bf4f11a6713c61a80addfc5517254f72759.tar.bz2 merchant-838e8bf4f11a6713c61a80addfc5517254f72759.zip | |
require correct h_contract_terms in GET /orders/
Diffstat (limited to 'src')
| -rw-r--r-- | src/backend/taler-merchant-httpd_get-orders-ID.c | 92 |
1 files changed, 46 insertions, 46 deletions
diff --git a/src/backend/taler-merchant-httpd_get-orders-ID.c b/src/backend/taler-merchant-httpd_get-orders-ID.c index aabdde7f..638db2a5 100644 --- a/src/backend/taler-merchant-httpd_get-orders-ID.c +++ b/src/backend/taler-merchant-httpd_get-orders-ID.c @@ -837,9 +837,9 @@ TMH_get_orders_ID (const struct TMH_RequestHandler *rh, contract_match = (0 == GNUNET_memcmp (&h, &god->h_contract_terms)); - if ( (GNUNET_NO == - GNUNET_is_zero (&god->h_contract_terms)) && - (! contract_match) ) + /* No matter what, the contract terms are required to match if the order + has been claimed. */ + if (! contract_match) { GNUNET_break_op (0); return TALER_MHD_reply_with_error (connection, @@ -849,8 +849,7 @@ TMH_get_orders_ID (const struct TMH_RequestHandler *rh, } } - if ( (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs) || - (! contract_match) ) + if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs) { struct TALER_ClaimTokenP db_claim_token; @@ -922,47 +921,6 @@ TMH_get_orders_ID (const struct TMH_RequestHandler *rh, TALER_EC_MERCHANT_GET_ORDER_INVALID_TOKEN, "Claim token invalid"); } - if ( (! token_match) && - (! contract_match) ) - { - if (god->generate_html) - { - /* Contract was claimed (maybe by another device), so this client - cannot get the status information. Redirect to fulfillment page, - where the client may be able to pickup a fresh order -- or might - be able authenticate via session ID */ - struct MHD_Response *reply; - MHD_RESULT ret; - - reply = MHD_create_response_from_buffer (0, - NULL, - MHD_RESPMEM_PERSISTENT); - if (NULL == reply) - { - GNUNET_break (0); - return MHD_NO; - } - GNUNET_break (MHD_YES == - MHD_add_response_header (reply, - MHD_HTTP_HEADER_LOCATION, - god->fulfillment_url)); - ret = MHD_queue_response (connection, - MHD_HTTP_FOUND, - reply); - MHD_destroy_response (reply); - return ret; - } - else - { - /* Need to generate JSON reply */ - return TALER_MHD_reply_json_pack ( - connection, - MHD_HTTP_ACCEPTED, - "{s:s}", - "fulfillment_url", - god->fulfillment_url); - } - } if (god->unclaimed) { @@ -1038,6 +996,48 @@ TMH_get_orders_ID (const struct TMH_RequestHandler *rh, return send_pay_request (god, NULL); } + else if (GNUNET_NO == GNUNET_is_zero (&god->claim_token)) + { + /* If the order has been paid but the request was made with a claim token, + redirect to the fulfillment url. */ + if (god->generate_html) + { + /* Contract was claimed (maybe by another device), so this client + cannot get the status information. Redirect to fulfillment page, + where the client may be able to pickup a fresh order -- or might + be able authenticate via session ID */ + struct MHD_Response *reply; + MHD_RESULT ret; + + reply = MHD_create_response_from_buffer (0, + NULL, + MHD_RESPMEM_PERSISTENT); + if (NULL == reply) + { + GNUNET_break (0); + return MHD_NO; + } + GNUNET_break (MHD_YES == + MHD_add_response_header (reply, + MHD_HTTP_HEADER_LOCATION, + god->fulfillment_url)); + ret = MHD_queue_response (connection, + MHD_HTTP_FOUND, + reply); + MHD_destroy_response (reply); + return ret; + } + else + { + /* Need to generate JSON reply */ + return TALER_MHD_reply_json_pack ( + connection, + MHD_HTTP_ACCEPTED, + "{s:s}", + "fulfillment_url", + god->fulfillment_url); + } + } } /* At this point, we know the contract was paid. Let's check for |