/*
  This file is part of TALER
  (C) 2014-2020 Taler Systems SA

  TALER is free software; you can redistribute it and/or modify
  it under the terms of the GNU Affero General Public License as
  published by the Free Software Foundation; either version 3,
  or (at your option) any later version.

  TALER is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  GNU General Public License for more details.

  You should have received a copy of the GNU General Public
  License along with TALER; see the file COPYING.  If not,
  see <http://www.gnu.org/licenses/>
*/

/**
 * @file backend/taler-merchant-httpd_post-orders-ID-paid.c
 * @brief handling of POST /orders/$ID/paid requests
 * @author Christian Grothoff
 */
#include "platform.h"
#include <taler/taler_signatures.h>
#include <taler/taler_json_lib.h>
#include <taler/taler_exchange_service.h>
#include "taler-merchant-httpd_post-orders-ID-paid.h"


/**
 * Process a proof of payment for a paid contract.
 *
 * @param rh context of the handler
 * @param connection the MHD connection to handle
 * @param[in,out] hc context with further information about the request
 * @return MHD result code
 */
MHD_RESULT
TMH_post_orders_ID_paid (const struct TMH_RequestHandler *rh,
                         struct MHD_Connection *connection,
                         struct TMH_HandlerContext *hc)
{
  struct PaymentResponsePS pr = {
    .purpose.purpose = htonl (TALER_SIGNATURE_MERCHANT_PAYMENT_OK),
    .purpose.size = htonl (sizeof (pr))
  };
  struct TALER_MerchantSignatureP merchant_sig;
  const char *session_id;

  {
    struct GNUNET_JSON_Specification spec[] = {
      GNUNET_JSON_spec_fixed_auto ("h_contract_terms",
                                   &pr.h_contract_terms),
      GNUNET_JSON_spec_fixed_auto ("merchant_sig",
                                   &merchant_sig),
      GNUNET_JSON_spec_end ()
    };
    enum GNUNET_GenericReturnValue res;

    res = TALER_MHD_parse_json_data (connection,
                                     hc->request_body,
                                     spec);
    if (GNUNET_YES != res)
    {
      GNUNET_break_op (0);
      return (GNUNET_NO == res)
             ? MHD_YES
             : MHD_NO;
    }
  }
  session_id = json_string_value (
    json_object_get (hc->request_body,
                     "session_id"));

#if FIXME
  if (GNUNET_OK !=
      GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MERCHANT_PAYMENT_OK,
                                  &pr,
                                  &merchant_sig.eddsa_sig,
                                  &hc->instance->merchant_pub.eddsa_pub))
  {
    GNUNET_break_op (0);
    return TALER_MHD_reply_json_pack (
      connection,
      MHD_HTTP_FORBIDDEN,
      "{s:s, s:I}",
      "hint", "deposit signature invalid",
      "code", (json_int_t) TALER_EC_PAID_SIGNATURE_INVALID);
  }

  // FIXME: check that h_contract_terms matches
  // this order-id (and that the order is known),
  // and if it does, update 'session_id' (if non-NULL)
  if (0)
  {
    return TALER_MHD_reply_json_pack (
      connection,
      MHD_HTTP_NOT_FOUND,
      "{s:s, s:I}",
      "hint", "order unknwown",
      "code", (json_int_t) TALER_EC_PAID_ORDER_UNKNOWN);
  }
  if (0)
  {
    return TALER_MHD_reply_json_pack (
      connection,
      MHD_HTTP_CONFLICT,
      "{s:s, s:I}",
      "hint", "contract hash does not match this order",
      "code", (json_int_t) TALER_EC_PAID_CONTRACT_HASH_MISMATCH);
  }
#endif
  return TALER_MHD_reply_static (connection,
                                 MHD_HTTP_NO_CONTENT,
                                 NULL,
                                 NULL,
                                 0);
}


/* end of taler-merchant-httpd_post-orders-ID-paid.c */