From 43d3e62ab5321cfcbe1e4d7e77601f3f251a4a2a Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Mon, 27 Jul 2020 11:31:03 +0200 Subject: update logic to match latest documented spec (#6446) --- src/backend/taler-merchant-httpd_get-orders-ID.c | 122 ++++++++++++++--------- 1 file changed, 77 insertions(+), 45 deletions(-) (limited to 'src/backend') diff --git a/src/backend/taler-merchant-httpd_get-orders-ID.c b/src/backend/taler-merchant-httpd_get-orders-ID.c index 7ee53ddf..d569970f 100644 --- a/src/backend/taler-merchant-httpd_get-orders-ID.c +++ b/src/backend/taler-merchant-httpd_get-orders-ID.c @@ -223,6 +223,13 @@ struct GetOrderData */ enum TALER_ErrorCode ec; + /** + * Set to true if we are dealing with an unclaimed order + * (and thus @e h_contract_terms is not set, and certain + * DB queries will not work). + */ + bool unclaimed; + /** * Set to true if this payment has been refunded and * @e refund_amount is initialized. @@ -1026,8 +1033,6 @@ TMH_get_orders_ID (const struct TMH_RequestHandler *rh, if (NULL == god) { - struct TALER_ClaimTokenP db_claim_token; - god = GNUNET_new (struct GetOrderData); hc->ctx = god; hc->cc = &god_cleanup; @@ -1041,21 +1046,19 @@ TMH_get_orders_ID (const struct TMH_RequestHandler *rh, ct = MHD_lookup_connection_value (connection, MHD_GET_ARGUMENT_KIND, "token"); - if (NULL != ct) - { - if (GNUNET_OK != + if ( (NULL != ct) && + (GNUNET_OK != GNUNET_STRINGS_string_to_data (ct, strlen (ct), &god->claim_token, - sizeof (god->claim_token))) - { - /* ct has wrong encoding */ - GNUNET_break_op (0); - return TALER_MHD_reply_with_error (connection, - MHD_HTTP_BAD_REQUEST, - TALER_EC_PARAMETER_MALFORMED, - "token malformed"); - } + sizeof (god->claim_token))) ) + { + /* ct has wrong encoding */ + GNUNET_break_op (0); + return TALER_MHD_reply_with_error (connection, + MHD_HTTP_BAD_REQUEST, + TALER_EC_PARAMETER_MALFORMED, + "token malformed"); } } @@ -1065,16 +1068,6 @@ TMH_get_orders_ID (const struct TMH_RequestHandler *rh, cts = MHD_lookup_connection_value (connection, MHD_GET_ARGUMENT_KIND, "h_contract"); - if ( (NULL == cts) && - (GNUNET_is_zero (&god->claim_token)) ) - { - /* h_contract required (as we have no token), but missing */ - GNUNET_break_op (0); - return TALER_MHD_reply_with_error (connection, - MHD_HTTP_BAD_REQUEST, - TALER_EC_PARAMETER_MISSING, - "h_contract or token required"); - } if ( (NULL != cts) && (GNUNET_OK != GNUNET_CRYPTO_hash_from_string (cts, @@ -1195,7 +1188,6 @@ TMH_get_orders_ID (const struct TMH_RequestHandler *rh, hc->instance->settings.id, order_id, &god->contract_terms, - // &db_claim_token: FIXME #6446 - init here! &order_serial); } if (0 > qs) @@ -1210,18 +1202,9 @@ TMH_get_orders_ID (const struct TMH_RequestHandler *rh, TALER_EC_GET_ORDERS_DB_LOOKUP_ERROR, "database error looking up contract"); } - if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs) - { - GNUNET_log (GNUNET_ERROR_TYPE_INFO, - "Unknown order id given: `%s'\n", - order_id); - return TALER_MHD_reply_with_error (connection, - MHD_HTTP_NOT_FOUND, - TALER_EC_GET_ORDERS_ID_UNKNOWN, - "order_id not found in database"); - } - /* Check client provided the right token OR the right hash code of the contract terms */ + /* Check client provided the right hash code of the contract terms */ + if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT == qs) { struct GNUNET_HashCode h; @@ -1236,15 +1219,9 @@ TMH_get_orders_ID (const struct TMH_RequestHandler *rh, TALER_EC_INTERNAL_LOGIC_ERROR, "Could not hash contract terms"); } - if (0 == GNUNET_memcmp (&db_claim_token, - &god->claim_token)) - { - /* Client provided token. We need the hash later, so we set it! */ - god->h_contract_terms = h; - } - else if (0 != - GNUNET_memcmp (&h, - &god->h_contract_terms)) + if (0 != + GNUNET_memcmp (&h, + &god->h_contract_terms)) { GNUNET_break_op (0); return TALER_MHD_reply_with_error (connection, @@ -1254,6 +1231,53 @@ TMH_get_orders_ID (const struct TMH_RequestHandler *rh, } } + if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs) + { + struct TALER_ClaimTokenP db_claim_token; +#if FIXME_6446 + + qs = TMH_db->lookup_order_token (TMH_db->cls, + hc->instance->settings.id, + order_id, + &god->contract_terms, + &db_claim_token); + if (0 > qs) + { + /* single, read-only SQL statements should never cause + serialization problems */ + GNUNET_break (GNUNET_DB_STATUS_SOFT_ERROR != qs); + /* Always report on hard error as well to enable diagnostics */ + GNUNET_break (GNUNET_DB_STATUS_HARD_ERROR == qs); + return TALER_MHD_reply_with_error (connection, + MHD_HTTP_INTERNAL_SERVER_ERROR, + TALER_EC_GET_ORDERS_DB_LOOKUP_ERROR, + "database error looking up order"); + } +#endif + if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs) + { + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "Unknown order id given: `%s'\n", + order_id); + return TALER_MHD_reply_with_error (connection, + MHD_HTTP_NOT_FOUND, + TALER_EC_GET_ORDERS_ID_UNKNOWN, + "order_id not found in database"); + } + + if (0 != GNUNET_memcmp (&db_claim_token, + &god->claim_token)) + { + /* Token wrong */ + GNUNET_break_op (0); + return TALER_MHD_reply_with_error (connection, + MHD_HTTP_FORBIDDEN, + TALER_EC_MERCHANT_GET_ORDER_INVALID_TOKEN, + "Claim token invalid"); + } + god->unclaimed = true; + } /* end unclaimed order logic */ + { struct GNUNET_JSON_Specification spec[] = { GNUNET_JSON_spec_string ("fulfillment_url", @@ -1275,6 +1299,14 @@ TMH_get_orders_ID (const struct TMH_RequestHandler *rh, } } /* end of first-time initialization / sanity checks */ + if (god->unclaimed) + { + /* Order is unclaimed, no need to check for payments or even + refunds, simply always generate payment request */ + return send_pay_request (god, + NULL); + } + if ( (NULL != god->session_id) && (NULL != god->fulfillment_url) ) { -- cgit v1.2.3