diff options
| author | Jonathan Buchanan <jonathan.russ.buchanan@gmail.com> | 2020-07-29 01:03:44 -0400 |
|---|---|---|
| committer | Jonathan Buchanan <jonathan.russ.buchanan@gmail.com> | 2020-07-29 01:03:44 -0400 |
| commit | 9755a40ef68b78039293c8505fb0910d42affa4e (patch) | |
| tree | 2b4c08cf76ce088a53ad07dd71c1a294dd40fbd4 /src | |
| parent | b54d6b0552a84ed790e1faa5cbe9e0a66a9bc702 (diff) | |
| download | merchant-9755a40ef68b78039293c8505fb0910d42affa4e.tar.gz merchant-9755a40ef68b78039293c8505fb0910d42affa4e.tar.bz2 merchant-9755a40ef68b78039293c8505fb0910d42affa4e.zip | |
remove claim_token from insert_contract_terms and return it from lookup_order
Diffstat (limited to 'src')
| -rw-r--r-- | src/backend/taler-merchant-httpd_post-orders-ID-claim.c | 12 | ||||
| -rw-r--r-- | src/backend/taler-merchant-httpd_private-delete-orders-ID.c | 1 | ||||
| -rw-r--r-- | src/backend/taler-merchant-httpd_private-get-orders-ID.c | 1 | ||||
| -rw-r--r-- | src/backend/taler-merchant-httpd_private-get-orders.c | 1 | ||||
| -rw-r--r-- | src/backend/taler-merchant-httpd_private-post-orders.c | 3 | ||||
| -rw-r--r-- | src/backenddb/plugin_merchantdb_postgres.c | 24 | ||||
| -rw-r--r-- | src/backenddb/test_merchantdb.c | 20 | ||||
| -rw-r--r-- | src/include/taler_merchantdb_plugin.h | 8 |
8 files changed, 41 insertions, 29 deletions
diff --git a/src/backend/taler-merchant-httpd_post-orders-ID-claim.c b/src/backend/taler-merchant-httpd_post-orders-ID-claim.c index 5c8fa540..e306e5ca 100644 --- a/src/backend/taler-merchant-httpd_post-orders-ID-claim.c +++ b/src/backend/taler-merchant-httpd_post-orders-ID-claim.c @@ -42,6 +42,7 @@ * @param instance_id instance to claim order at * @param order_id order to claim * @param nonce nonce to use for the claim + * @param claim_token the token that should be used to verify the claim * @param[out] contract_terms set to the resulting contract terms * (for any non-negative result; * @return transaction status code @@ -54,8 +55,10 @@ static enum GNUNET_DB_QueryStatus claim_order (const char *instance_id, const char *order_id, const char *nonce, + const struct TALER_ClaimTokenP *claim_token, json_t **contract_terms) { + struct TALER_ClaimTokenP order_ct; enum GNUNET_DB_QueryStatus qs; if (GNUNET_OK != @@ -86,6 +89,7 @@ claim_order (const char *instance_id, qs = TMH_db->lookup_order (TMH_db->cls, instance_id, order_id, + &order_ct, contract_terms); if (0 >= qs) { @@ -97,6 +101,12 @@ claim_order (const char *instance_id, json_object_set_new (*contract_terms, "nonce", json_string (nonce))); + if (0 != GNUNET_memcmp (&order_ct, + claim_token)) + { + TMH_db->rollback (TMH_db->cls); + return GNUNET_DB_STATUS_SUCCESS_NO_RESULTS; + } qs = TMH_db->insert_contract_terms (TMH_db->cls, instance_id, order_id, @@ -207,7 +217,7 @@ TMH_post_orders_ID_claim (const struct TMH_RequestHandler *rh, qs = claim_order (hc->instance->settings.id, order_id, nonce, - // &claim_token -- FIXME #6446: modify claim_order to include token in WHERE clause + &claim_token, &contract_terms); if (GNUNET_DB_STATUS_SOFT_ERROR != qs) break; diff --git a/src/backend/taler-merchant-httpd_private-delete-orders-ID.c b/src/backend/taler-merchant-httpd_private-delete-orders-ID.c index e01e752f..f044425c 100644 --- a/src/backend/taler-merchant-httpd_private-delete-orders-ID.c +++ b/src/backend/taler-merchant-httpd_private-delete-orders-ID.c @@ -65,6 +65,7 @@ TMH_private_delete_orders_ID (const struct TMH_RequestHandler *rh, qs = TMH_db->lookup_order (TMH_db->cls, mi->settings.id, hc->infix, + NULL, NULL); if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs) { diff --git a/src/backend/taler-merchant-httpd_private-get-orders-ID.c b/src/backend/taler-merchant-httpd_private-get-orders-ID.c index e3286dd4..3d6c930b 100644 --- a/src/backend/taler-merchant-httpd_private-get-orders-ID.c +++ b/src/backend/taler-merchant-httpd_private-get-orders-ID.c @@ -832,6 +832,7 @@ TMH_private_get_orders_ID (const struct TMH_RequestHandler *rh, qs = TMH_db->lookup_order (TMH_db->cls, hc->instance->settings.id, hc->infix, + NULL, &gorc->contract_terms); order_only = true; } diff --git a/src/backend/taler-merchant-httpd_private-get-orders.c b/src/backend/taler-merchant-httpd_private-get-orders.c index 5907099e..c14569da 100644 --- a/src/backend/taler-merchant-httpd_private-get-orders.c +++ b/src/backend/taler-merchant-httpd_private-get-orders.c @@ -257,6 +257,7 @@ add_order (void *cls, TMH_db->lookup_order (TMH_db->cls, aos->instance_id, order_id, + NULL, &contract_terms); bool refundable = false; if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT != qs) diff --git a/src/backend/taler-merchant-httpd_private-post-orders.c b/src/backend/taler-merchant-httpd_private-post-orders.c index 5f80e6dc..133d1674 100644 --- a/src/backend/taler-merchant-httpd_private-post-orders.c +++ b/src/backend/taler-merchant-httpd_private-post-orders.c @@ -483,6 +483,7 @@ execute_order (struct MHD_Connection *connection, qs = TMH_db->lookup_order (TMH_db->cls, settings->id, order_id, + NULL, NULL); if (0 < qs) { @@ -527,7 +528,7 @@ execute_order (struct MHD_Connection *connection, "order_id", order_id, "token", - GNUNET_is_zero (claim_token) + (0 == GNUNET_is_zero (claim_token)) ? NULL : GNUNET_JSON_from_data_auto (claim_token)); GNUNET_JSON_parse_free (spec); diff --git a/src/backenddb/plugin_merchantdb_postgres.c b/src/backenddb/plugin_merchantdb_postgres.c index 1174fb79..d0c36367 100644 --- a/src/backenddb/plugin_merchantdb_postgres.c +++ b/src/backenddb/plugin_merchantdb_postgres.c @@ -1100,7 +1100,9 @@ postgres_delete_order (void *cls, * * @param cls closure * @param instance_id instance to obtain order of - * @param order id order id used to perform the lookup + * @param order_id order id used to perform the lookup + * @param[out] claim_token the claim token generated for the order, + * NULL to only test if the order exists * @param[out] contract_terms where to store the retrieved contract terms, * NULL to only test if the order exists * @return transaction status @@ -1109,10 +1111,12 @@ static enum GNUNET_DB_QueryStatus postgres_lookup_order (void *cls, const char *instance_id, const char *order_id, + struct TALER_ClaimTokenP *claim_token, json_t **contract_terms) { struct PostgresClosure *pg = cls; json_t *j; + struct TALER_ClaimTokenP ct; enum GNUNET_DB_QueryStatus qs; struct GNUNET_PQ_QueryParam params[] = { GNUNET_PQ_query_param_string (instance_id), @@ -1122,6 +1126,8 @@ postgres_lookup_order (void *cls, struct GNUNET_PQ_ResultSpec rs[] = { TALER_PQ_result_spec_json ("contract_terms", &j), + GNUNET_PQ_result_spec_auto_from_type ("claim_token", + &ct), GNUNET_PQ_result_spec_end }; @@ -1140,6 +1146,8 @@ postgres_lookup_order (void *cls, *contract_terms = j; else json_decref (j); + if (NULL != claim_token) + *claim_token = ct; } else { @@ -1478,14 +1486,12 @@ postgres_lookup_contract_terms (void *cls, * contract terms (to be hashed), the creation_time and pay_deadline (to be * obtained from the merchant_orders table). The "session_id" should be * initially set to the empty string. The "fulfillment_url" and "refund_deadline" - * must be extracted from @a contract_terms. This function will only - * succeed if @a claim_token matches the token created for the order. + * must be extracted from @a contract_terms. * * @param cls closure * @param instance_id instance's identifier * @param order_id order_id used to store - * @param claim_token the token belonging to the order (NULL for none) - * @param contract_terms contract to store + * @param claim_token the token belonging to the order * @return transaction status, #GNUNET_DB_STATUS_HARD_ERROR if @a contract_terms * is malformed */ @@ -1493,7 +1499,6 @@ static enum GNUNET_DB_QueryStatus postgres_insert_contract_terms (void *cls, const char *instance_id, const char *order_id, - const struct TALER_ClaimTokenP *claim_token, json_t *contract_terms) { struct PostgresClosure *pg = cls; @@ -1542,7 +1547,6 @@ postgres_insert_contract_terms (void *cls, GNUNET_PQ_query_param_absolute_time (&pay_deadline), GNUNET_PQ_query_param_absolute_time (&refund_deadline), GNUNET_PQ_query_param_string (fulfillment_url), - GNUNET_PQ_query_param_auto_from_type (claim_token), GNUNET_PQ_query_param_end }; @@ -6238,6 +6242,7 @@ libtaler_plugin_merchantdb_postgres_init (void *cls) GNUNET_PQ_make_prepare ("lookup_order", "SELECT" " contract_terms" + ",claim_token" " FROM merchant_orders" " WHERE merchant_orders.merchant_serial=" " (SELECT merchant_serial " @@ -7134,9 +7139,8 @@ libtaler_plugin_merchantdb_postgres_init (void *cls) " AND merchant_serial=" " (SELECT merchant_serial" " FROM merchant_instances" - " WHERE merchant_id=$1)" - " AND claim_token=$8", - 8), + " WHERE merchant_id=$1)", + 7), /* for postgres_update_contract_terms() */ GNUNET_PQ_make_prepare ("update_contract_terms", "UPDATE merchant_contract_terms SET" diff --git a/src/backenddb/test_merchantdb.c b/src/backenddb/test_merchantdb.c index c9c3500f..f8627260 100644 --- a/src/backenddb/test_merchantdb.c +++ b/src/backenddb/test_merchantdb.c @@ -1377,11 +1377,13 @@ static int test_lookup_order (const struct InstanceData *instance, const struct OrderData *order) { + struct TALER_ClaimTokenP ct; json_t *lookup_terms = NULL; if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT != plugin->lookup_order (plugin->cls, instance->instance.id, order->id, + &ct, &lookup_terms)) { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, @@ -1390,8 +1392,10 @@ test_lookup_order (const struct InstanceData *instance, json_decref (lookup_terms); return 1; } - if (1 != json_equal (order->contract, - lookup_terms)) + if ((1 != json_equal (order->contract, + lookup_terms)) || + (0 != GNUNET_memcmp (&order->claim_token, + &ct))) { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Lookup order failed: incorrect order returned\n"); @@ -1632,7 +1636,6 @@ test_insert_contract_terms (const struct InstanceData *instance, plugin->insert_contract_terms (plugin->cls, instance->instance.id, order->id, - &order->claim_token, order->contract), "Insert contract terms failed\n"); return 0; @@ -2003,6 +2006,7 @@ run_test_orders (struct TestOrders_Closure *cls) plugin->lookup_order (plugin->cls, cls->instance.instance.id, cls->orders[1].id, + NULL, NULL)) { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, @@ -2019,16 +2023,6 @@ run_test_orders (struct TestOrders_Closure *cls) &filter, 2, cls->orders)); - /* Test contract terms must have the correct claim token */ - { - struct OrderData tmp = cls->orders[0]; - /* just increment part of the token to guarantee we don't generate the - same token by chance. */ - tmp.claim_token.token.value[0] += 1; - TEST_RET_ON_FAIL (test_insert_contract_terms (&cls->instance, - &tmp, - GNUNET_DB_STATUS_SUCCESS_NO_RESULTS)); - } /* Test inserting contract terms */ TEST_RET_ON_FAIL (test_insert_contract_terms (&cls->instance, &cls->orders[0], diff --git a/src/include/taler_merchantdb_plugin.h b/src/include/taler_merchantdb_plugin.h index 2eb94a65..0ba158b8 100644 --- a/src/include/taler_merchantdb_plugin.h +++ b/src/include/taler_merchantdb_plugin.h @@ -946,6 +946,8 @@ struct TALER_MERCHANTDB_Plugin * @param cls closure * @param instance_id instance to obtain order of * @param order_id order id used to perform the lookup + * @param[out] claim_token the claim token generated for the order, + * NULL to only test if the order exists * @param[out] contract_terms where to store the retrieved contract terms, * NULL to only test if the order exists * @return transaction status @@ -954,6 +956,7 @@ struct TALER_MERCHANTDB_Plugin (*lookup_order)(void *cls, const char *instance_id, const char *order_id, + struct TALER_ClaimTokenP *claim_token, json_t **contract_terms); @@ -1072,14 +1075,12 @@ struct TALER_MERCHANTDB_Plugin * contract terms (to be hashed), the creation_time and pay_deadline (to be * obtained from the merchant_orders table). The "session_id" should be * initially set to the empty string. The "fulfillment_url" and "refund_deadline" - * must be extracted from @a contract_terms. This function will only - * succeed if @a claim_token matches the token created for the order. + * must be extracted from @a contract_terms. * * @param cls closure * @param instance_id instance's identifier * @param order_id order_id used to store * @param claim_token the token belonging to the order - * @param contract_terms contract to store * @return transaction status, #GNUNET_DB_STATUS_HARD_ERROR if @a contract_terms * is malformed */ @@ -1087,7 +1088,6 @@ struct TALER_MERCHANTDB_Plugin (*insert_contract_terms)(void *cls, const char *instance_id, const char *order_id, - const struct TALER_ClaimTokenP *claim_token, json_t *contract_terms); |