From 6ea6a9ae8ed3535bddb8c11b15dc9ebc6f68aec1 Mon Sep 17 00:00:00 2001
From: Christian Grothoff <grothoff@gnunet.org>
Date: Thu, 21 Jul 2022 09:06:15 +0200
Subject: allow credentials override also for /instances/default paths

---
 contrib/merchant-backoffice        | 2 +-
 src/backend/taler-merchant-httpd.c | 6 +++++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/contrib/merchant-backoffice b/contrib/merchant-backoffice
index 1d7ee55e..182cdfff 160000
--- a/contrib/merchant-backoffice
+++ b/contrib/merchant-backoffice
@@ -1 +1 @@
-Subproject commit 1d7ee55ea115b91687c203a8f084ea852867b1f0
+Subproject commit 182cdfffa1d4b6f2bb3543d30cfa7509e73bda03
diff --git a/src/backend/taler-merchant-httpd.c b/src/backend/taler-merchant-httpd.c
index d4d8bc11..94213556 100644
--- a/src/backend/taler-merchant-httpd.c
+++ b/src/backend/taler-merchant-httpd.c
@@ -1424,7 +1424,11 @@ url_handler (void *cls,
                                   &hc->instance->auth.auth_salt,
                                   &hc->instance->auth.auth_hash));
     else /* Are the credentials provided OK for CLI override? */
-      auth_ok |= ( (use_default) &&
+      auth_ok |= ( (use_default ||
+                    /* also allow default credentials if
+                       accessed via /instances/default/ */
+                    (0 == strcmp ("default",
+                                  hc->instance->settings.id))) &&
                    (NULL != TMH_default_auth) &&
                    (NULL != auth) &&
                    (! auth_malformed) &&
-- 
cgit v1.2.3