/*
This file is part of TALER
(C) 2014-2020 Taler Systems SA
TALER is free software; you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation; either version 3,
or (at your option) any later version.
TALER is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public
License along with TALER; see the file COPYING. If not,
see
*/
/**
* @file backend/taler-merchant-httpd_post-orders-ID-paid.c
* @brief handling of POST /orders/$ID/paid requests
* @author Christian Grothoff
*/
#include "platform.h"
#include
#include
#include
#include "taler-merchant-httpd_post-orders-ID-paid.h"
/**
* Process a proof of payment for a paid contract.
*
* @param rh context of the handler
* @param connection the MHD connection to handle
* @param[in,out] hc context with further information about the request
* @return MHD result code
*/
MHD_RESULT
TMH_post_orders_ID_paid (const struct TMH_RequestHandler *rh,
struct MHD_Connection *connection,
struct TMH_HandlerContext *hc)
{
struct PaymentResponsePS pr = {
.purpose.purpose = htonl (TALER_SIGNATURE_MERCHANT_PAYMENT_OK),
.purpose.size = htonl (sizeof (pr))
};
struct TALER_MerchantSignatureP merchant_sig;
const char *session_id;
{
struct GNUNET_JSON_Specification spec[] = {
GNUNET_JSON_spec_fixed_auto ("h_contract_terms",
&pr.h_contract_terms),
GNUNET_JSON_spec_fixed_auto ("merchant_sig",
&merchant_sig),
GNUNET_JSON_spec_end ()
};
enum GNUNET_GenericReturnValue res;
res = TALER_MHD_parse_json_data (connection,
hc->request_body,
spec);
if (GNUNET_YES != res)
{
GNUNET_break_op (0);
return (GNUNET_NO == res)
? MHD_YES
: MHD_NO;
}
}
session_id = json_string_value (
json_object_get (hc->request_body,
"session_id"));
#if FIXME
if (GNUNET_OK !=
GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MERCHANT_PAYMENT_OK,
&pr,
&merchant_sig.eddsa_sig,
&hc->instance->merchant_pub.eddsa_pub))
{
GNUNET_break_op (0);
return TALER_MHD_reply_json_pack (
connection,
MHD_HTTP_FORBIDDEN,
"{s:s, s:I}",
"hint", "deposit signature invalid",
"code", (json_int_t) TALER_EC_PAID_SIGNATURE_INVALID);
}
// FIXME: check that h_contract_terms matches
// this order-id (and that the order is known),
// and if it does, update 'session_id' (if non-NULL)
if (0)
{
return TALER_MHD_reply_json_pack (
connection,
MHD_HTTP_NOT_FOUND,
"{s:s, s:I}",
"hint", "order unknwown",
"code", (json_int_t) TALER_EC_PAID_ORDER_UNKNOWN);
}
if (0)
{
return TALER_MHD_reply_json_pack (
connection,
MHD_HTTP_CONFLICT,
"{s:s, s:I}",
"hint", "contract hash does not match this order",
"code", (json_int_t) TALER_EC_PAID_CONTRACT_HASH_MISMATCH);
}
#endif
return TALER_MHD_reply_static (connection,
MHD_HTTP_NO_CONTENT,
NULL,
NULL,
0);
}
/* end of taler-merchant-httpd_post-orders-ID-paid.c */