commit 021714a54961523d3a84ebe8fd6ffa476fac56ba
parent 7d6115ab6aca23d906b2550e6a87f8d4a248fbad
Author: Christian Grothoff <christian@grothoff.org>
Date: Tue, 25 Apr 2023 14:36:32 +0200
templates for DB logic
Diffstat:
23 files changed, 691 insertions(+), 37 deletions(-)
diff --git a/src/challenger/Makefile.am b/src/challenger/Makefile.am
@@ -32,6 +32,7 @@ challenger_httpd_SOURCES = \
challenger-httpd_info.c challenger-httpd_info.h \
challenger-httpd_login.c challenger-httpd_login.h \
challenger-httpd_mhd.c challenger-httpd_mhd.h \
+ challenger-httpd_setup.c challenger-httpd_setup.h \
challenger-httpd_solve.c challenger-httpd_solve.h
challenger_httpd_LDADD = \
$(top_builddir)/src/util/libchallengerutil.la \
diff --git a/src/challengerdb/Makefile.am b/src/challengerdb/Makefile.am
@@ -59,6 +59,13 @@ libchallengerdb_la_LDFLAGS = \
libchallenger_plugin_db_postgres_la_SOURCES = \
pg_client_add.h pg_client_add.c \
pg_client_delete.h pg_client_delete.c \
+ pg_client_check.h pg_client_check.c \
+ pg_validation_setup.h pg_validation_setup.c \
+ pg_validate_login_address.h pg_validate_login_address.c \
+ pg_validate_login_pin.h pg_validate_login_pin.c \
+ pg_validate_challenge_open.h pg_validate_challenge_open.c \
+ pg_validate_solve_pin.h pg_validate_solve_pin.c \
+ pg_validation_get.h pg_validation_get.c \
plugin_challengerdb_postgres.c
libchallenger_plugin_db_postgres_la_LIBADD = \
$(LTLIBINTL)
diff --git a/src/challengerdb/challenger-0001.sql b/src/challengerdb/challenger-0001.sql
@@ -28,14 +28,16 @@ SET search_path TO challenger;
CREATE TABLE IF NOT EXISTS clients
(client_serial_id BIGINT GENERATED BY DEFAULT AS IDENTITY
- ,url VARCHAR PRIMARY KEY
+ ,url VARCHAR NOT NULL
,validation_counter INT8 NOT NULL DEFAULT(0)
,client_secret VARCHAR NOT NULL
);
COMMENT ON TABLE clients
IS 'Which clients are eligible to access the OAuth 2.0 client';
+COMMENT ON COLUMN clients.client_serial_id
+ IS 'Unique ID for the client';
COMMENT ON COLUMN clients.url
- IS 'URL of the clients where we would send data';
+ IS 'URL of the clients where we would redirect to for authorization';
COMMENT ON COLUMN clients.validation_counter
IS 'How many validations were initiated on behalf of this client (for accounting)';
COMMENT ON COLUMN clients.client_secret
@@ -54,9 +56,9 @@ CREATE TABLE IF NOT EXISTS validations
,pin_attempts_left INT4 DEFAULT(0)
,auth_attempts_left INT4 DEFAULT(0)
,address VARCHAR
- ,client_scope VARCHAR NOT NULL
- ,client_state VARCHAR NOT NULL
- ,client_redirect_url VARCHAR NOT NULL
+ ,client_scope VARCHAR
+ ,client_state VARCHAR
+ ,client_redirect_url VARCHAR
);
COMMENT ON TABLE validations
diff --git a/src/challengerdb/pg_client_add.h b/src/challengerdb/pg_client_add.h
@@ -23,7 +23,7 @@
#include <taler/taler_util.h>
#include <taler/taler_json_lib.h>
-#include <challenger/challenger_database_plugin.h>
+#include "challenger_database_plugin.h"
/**
diff --git a/src/challengerdb/pg_client_check.c b/src/challengerdb/pg_client_check.c
@@ -0,0 +1,37 @@
+/*
+ This file is part of Challenger
+ Copyright (C) 2023 Taler Systems SA
+
+ Challenger is free software; you can redistribute it and/or modify it under the
+ terms of the GNU General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ Challenger is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along with
+ Challenger; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+ */
+/**
+ * @file challengerdb/pg_client_check.c
+ * @brief Implementation of the client_check function for Postgres
+ * @author Christian Grothoff
+ */
+#include "platform.h"
+#include <taler/taler_error_codes.h>
+#include <taler/taler_dbevents.h>
+#include <taler/taler_pq_lib.h>
+#include "pg_client_check.h"
+#include "pg_helper.h"
+
+enum GNUNET_DB_QueryStatus
+CH_PG_client_check (void *cls,
+ const char *client_url,
+ const char *client_secret,
+ uint32_t counter_increment,
+ uint64_t *client_id)
+{
+ GNUNET_break (0);
+ return GNUNET_DB_STATUS_HARD_ERROR;
+}
diff --git a/src/challengerdb/pg_client_check.h b/src/challengerdb/pg_client_check.h
@@ -0,0 +1,48 @@
+/*
+ This file is part of Challenger
+ Copyright (C) 2023 Taler Systems SA
+
+ Challenger is free software; you can redistribute it and/or modify it under the
+ terms of the GNU General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ Challenger is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along with
+ Challenger; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+ */
+/**
+ * @file backenddb/pg_client_check.h
+ * @brief implementation of the client_check function for Postgres
+ * @author Christian Grothoff
+ */
+#ifndef PG_CLIENT_CHECK_H
+#define PG_CLIENT_CHECK_H
+
+#include <taler/taler_util.h>
+#include <taler/taler_json_lib.h>
+#include "challenger_database_plugin.h"
+
+
+/**
+ * Check if a client is in the list of authorized clients. If @a
+ * counter_increment is non-zero, the validation counter of the
+ * client is incremented by the given value if the client was found.
+ *
+ * @param cls
+ * @param client_url URL of the client
+ * @param client_secret secret of the client
+ * @param counter_increment change in validation counter
+ * @param[out] client_id set to unique row of the client
+ * @return transaction status
+ */
+enum GNUNET_DB_QueryStatus
+CH_PG_client_check (void *cls,
+ const char *client_url,
+ const char *client_secret,
+ uint32_t counter_increment,
+ uint64_t *client_id);
+
+#endif
diff --git a/src/challengerdb/pg_client_delete.h b/src/challengerdb/pg_client_delete.h
@@ -23,7 +23,7 @@
#include <taler/taler_util.h>
#include <taler/taler_json_lib.h>
-#include <challenger/challenger_database_plugin.h>
+#include "challenger_database_plugin.h"
/**
* Delete client from the list of authorized clients.
diff --git a/src/challengerdb/pg_template.h b/src/challengerdb/pg_template.h
@@ -23,7 +23,7 @@
#include <taler/taler_util.h>
#include <taler/taler_json_lib.h>
-#include <challenger/challenger_database_plugin.h>
+#include "challenger_database_plugin.h"
#endif
diff --git a/src/challengerdb/pg_template.sh b/src/challengerdb/pg_template.sh
@@ -10,7 +10,7 @@ do
then
cat pg_template.c | sed -e s/template/$n/g -e s/TEMPLATE/$NCAPS/g > pg_$n.c
cat pg_template.h | sed -e s/template/$n/g -e s/TEMPLATE/$NCAPS/g > pg_$n.h
- echo " plugin->$n\n = &TMH_PG_$n;" >> tmpl.c
+ echo " plugin->$n\n = &CH_PG_$n;" >> tmpl.c
echo "#include \"pg_$n.h\"" >> tmpl.inc
echo " pg_$n.h pg_$n.c \\" >> tmpl.am
fi
diff --git a/src/challengerdb/pg_validate_challenge_open.c b/src/challengerdb/pg_validate_challenge_open.c
@@ -0,0 +1,36 @@
+/*
+ This file is part of Challenger
+ Copyright (C) 2023 Taler Systems SA
+
+ Challenger is free software; you can redistribute it and/or modify it under the
+ terms of the GNU General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ Challenger is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along with
+ Challenger; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+ */
+/**
+ * @file challengerdb/pg_validate_challenge_open.c
+ * @brief Implementation of the validate_challenge_open function for Postgres
+ * @author Christian Grothoff
+ */
+#include "platform.h"
+#include <taler/taler_error_codes.h>
+#include <taler/taler_dbevents.h>
+#include <taler/taler_pq_lib.h>
+#include "pg_validate_challenge_open.h"
+#include "pg_helper.h"
+
+
+enum GNUNET_DB_QueryStatus
+CH_PG_validate_challenge_open (void *cls,
+ const struct CHALLENGER_ValidationNonceP *nonce,
+ bool *open)
+{
+ GNUNET_break (0);
+ return GNUNET_DB_STATUS_HARD_ERROR;
+}
diff --git a/src/challengerdb/pg_validate_challenge_open.h b/src/challengerdb/pg_validate_challenge_open.h
@@ -0,0 +1,45 @@
+/*
+ This file is part of Challenger
+ Copyright (C) 2023 Taler Systems SA
+
+ Challenger is free software; you can redistribute it and/or modify it under the
+ terms of the GNU General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ Challenger is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along with
+ Challenger; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+ */
+/**
+ * @file backenddb/pg_validate_challenge_open.h
+ * @brief implementation of the validate_challenge_open function for Postgres
+ * @author Christian Grothoff
+ */
+#ifndef PG_VALIDATE_CHALLENGE_OPEN_H
+#define PG_VALIDATE_CHALLENGE_OPEN_H
+
+#include <taler/taler_util.h>
+#include <taler/taler_json_lib.h>
+#include "challenger_database_plugin.h"
+
+
+/**
+ * Check if challenge is pending to validate an address.
+ *
+ * @param cls
+ * @param nonce unique nonce to use to identify the validation
+ * @param[out] open set to true if a challenge was sent
+ * @return transaction status:
+ * #GNUNET_DB_SUCCESS_ONE_RESULT if the nonce was found
+ * #GNUNET_DB_SUCCESS_NO_RESULTS if we do not know the nonce
+ * #GNUNET_DB_SUCCESS_HARD_ERROR on failure
+ */
+enum GNUNET_DB_QueryStatus
+CH_PG_validate_challenge_open (void *cls,
+ const struct CHALLENGER_ValidationNonceP *nonce,
+ bool *open);
+
+#endif
diff --git a/src/challengerdb/pg_validate_login_address.c b/src/challengerdb/pg_validate_login_address.c
@@ -0,0 +1,42 @@
+/*
+ This file is part of Challenger
+ Copyright (C) 2023 Taler Systems SA
+
+ Challenger is free software; you can redistribute it and/or modify it under the
+ terms of the GNU General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ Challenger is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along with
+ Challenger; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+ */
+/**
+ * @file challengerdb/pg_validate_login_address.c
+ * @brief Implementation of the validate_login_address function for Postgres
+ * @author Christian Grothoff
+ */
+#include "platform.h"
+#include <taler/taler_error_codes.h>
+#include <taler/taler_dbevents.h>
+#include <taler/taler_pq_lib.h>
+#include "pg_validate_login_address.h"
+#include "pg_helper.h"
+
+
+enum GNUNET_DB_QueryStatus
+CH_PG_validate_login_address (void *cls,
+ const struct CHALLENGER_ValidationNonceP *nonce,
+ const char *address,
+ const char *client_scope,
+ const char *client_state,
+ const char *client_redirect_url,
+ struct GNUNET_TIME_Absolute *last_tx_time,
+ uint32_t *last_pin,
+ uint32_t *pin_attempts_left)
+{
+ GNUNET_break (0);
+ return GNUNET_DB_STATUS_HARD_ERROR;
+}
diff --git a/src/challengerdb/pg_validate_login_address.h b/src/challengerdb/pg_validate_login_address.h
@@ -0,0 +1,61 @@
+/*
+ This file is part of Challenger
+ Copyright (C) 2023 Taler Systems SA
+
+ Challenger is free software; you can redistribute it and/or modify it under the
+ terms of the GNU General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ Challenger is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along with
+ Challenger; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+ */
+/**
+ * @file backenddb/pg_validate_login_address.h
+ * @brief implementation of the validate_login_address function for Postgres
+ * @author Christian Grothoff
+ */
+#ifndef PG_VALIDATE_LOGIN_ADDRESS_H
+#define PG_VALIDATE_LOGIN_ADDRESS_H
+
+#include <taler/taler_util.h>
+#include <taler/taler_json_lib.h>
+#include "challenger_database_plugin.h"
+
+
+/**
+ * Set the user-provided address in a validation process. Updates
+ * the address and decrements the "addresses left" counter. If the
+ * address did not change, the operation is successful even without
+ * the counter change.
+ *
+ * @param cls
+ * @param nonce unique nonce to use to identify the validation
+ * @param address the new address to validate
+ * @param client_scope scope of the validation
+ * @param client_state state of the client
+ * @param client_redirect_url where to redirect at the end, NULL to use a unique one registered for the client
+ * @param[out] last_tx_time set to the last time when we (presumably) send a PIN to @a address; 0 if never sent
+ * @param[out] last_pin set to the PIN last send to @a address, 0 if never sent
+ * @param[in,out] pin_attempts_left set to number of PIN transmission attempts left for this address; input is value to be used if address is new, output is possibly different if address was not new
+ * @return transaction status:
+ * #GNUNET_DB_SUCCESS_ONE_RESULT if the address was changed
+ * #GNUNET_DB_SUCCESS_NO_RESULTS if we do not permit further changes to the address (attempts exhausted)
+ * #GNUNET_DB_SUCCESS_HARD_ERROR on failure
+ */
+enum GNUNET_DB_QueryStatus
+CH_PG_validate_login_address (void *cls,
+ const struct CHALLENGER_ValidationNonceP *nonce,
+ const char *address,
+ const char *client_scope,
+ const char *client_state,
+ const char *client_redirect_url,
+ struct GNUNET_TIME_Absolute *last_tx_time,
+ uint32_t *last_pin,
+ uint32_t *pin_attempts_left);
+
+
+#endif
diff --git a/src/challengerdb/pg_validate_login_pin.c b/src/challengerdb/pg_validate_login_pin.c
@@ -0,0 +1,38 @@
+/*
+ This file is part of Challenger
+ Copyright (C) 2023 Taler Systems SA
+
+ Challenger is free software; you can redistribute it and/or modify it under the
+ terms of the GNU General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ Challenger is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along with
+ Challenger; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+ */
+/**
+ * @file challengerdb/pg_validate_login_pin.c
+ * @brief Implementation of the validate_login_pin function for Postgres
+ * @author Christian Grothoff
+ */
+#include "platform.h"
+#include <taler/taler_error_codes.h>
+#include <taler/taler_dbevents.h>
+#include <taler/taler_pq_lib.h>
+#include "pg_validate_login_pin.h"
+#include "pg_helper.h"
+
+
+enum GNUNET_DB_QueryStatus
+CH_PG_validate_login_pin (void *cls,
+ const struct CHALLENGER_ValidationNonceP *nonce,
+ struct GNUNET_TIME_Absolute tx_time,
+ uint32_t new_pin,
+ uint32_t auth_attempts_allowed)
+{
+ GNUNET_break (0);
+ return GNUNET_DB_STATUS_HARD_ERROR;
+}
diff --git a/src/challengerdb/pg_validate_login_pin.h b/src/challengerdb/pg_validate_login_pin.h
@@ -0,0 +1,50 @@
+/*
+ This file is part of Challenger
+ Copyright (C) 2023 Taler Systems SA
+
+ Challenger is free software; you can redistribute it and/or modify it under the
+ terms of the GNU General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ Challenger is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along with
+ Challenger; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+ */
+/**
+ * @file backenddb/pg_validate_login_pin.h
+ * @brief implementation of the validate_login_pin function for Postgres
+ * @author Christian Grothoff
+ */
+#ifndef PG_VALIDATE_LOGIN_PIN_H
+#define PG_VALIDATE_LOGIN_PIN_H
+
+#include <taler/taler_util.h>
+#include <taler/taler_json_lib.h>
+#include "challenger_database_plugin.h"
+
+
+/**
+ * Store a new PIN to be used to validate an address.
+ *
+ * @param cls
+ * @param nonce unique nonce to use to identify the validation
+ * @param tx_time the current time
+ * @param new_pin the PIN we are sending
+ * @param auth_attempts_allowed how many attempts do we give to the user to enter the correct PIN
+ * @return transaction status:
+ * #GNUNET_DB_SUCCESS_ONE_RESULT if the pin was stored
+ * #GNUNET_DB_SUCCESS_NO_RESULTS if we do not know the @a nonce or if pin attempts left is zero
+ * #GNUNET_DB_SUCCESS_HARD_ERROR on failure
+ */
+enum GNUNET_DB_QueryStatus
+CH_PG_validate_login_pin (void *cls,
+ const struct CHALLENGER_ValidationNonceP *nonce,
+ struct GNUNET_TIME_Absolute tx_time,
+ uint32_t new_pin,
+ uint32_t auth_attempts_allowed);
+
+
+#endif
diff --git a/src/challengerdb/pg_validate_solve_pin.c b/src/challengerdb/pg_validate_solve_pin.c
@@ -0,0 +1,37 @@
+/*
+ This file is part of Challenger
+ Copyright (C) 2023 Taler Systems SA
+
+ Challenger is free software; you can redistribute it and/or modify it under the
+ terms of the GNU General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ Challenger is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along with
+ Challenger; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+ */
+/**
+ * @file challengerdb/pg_validate_solve_pin.c
+ * @brief Implementation of the validate_solve_pin function for Postgres
+ * @author Christian Grothoff
+ */
+#include "platform.h"
+#include <taler/taler_error_codes.h>
+#include <taler/taler_dbevents.h>
+#include <taler/taler_pq_lib.h>
+#include "pg_validate_solve_pin.h"
+#include "pg_helper.h"
+
+
+enum GNUNET_DB_QueryStatus
+CH_PG_validate_solve_pin (void *cls,
+ const struct CHALLENGER_ValidationNonceP *nonce,
+ uint32_t new_pin,
+ bool *solved)
+{
+ GNUNET_break (0);
+ return GNUNET_DB_STATUS_HARD_ERROR;
+}
diff --git a/src/challengerdb/pg_validate_solve_pin.h b/src/challengerdb/pg_validate_solve_pin.h
@@ -0,0 +1,48 @@
+/*
+ This file is part of Challenger
+ Copyright (C) 2023 Taler Systems SA
+
+ Challenger is free software; you can redistribute it and/or modify it under the
+ terms of the GNU General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ Challenger is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along with
+ Challenger; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+ */
+/**
+ * @file backenddb/pg_validate_solve_pin.h
+ * @brief implementation of the validate_solve_pin function for Postgres
+ * @author Christian Grothoff
+ */
+#ifndef PG_VALIDATE_SOLVE_PIN_H
+#define PG_VALIDATE_SOLVE_PIN_H
+
+#include <taler/taler_util.h>
+#include <taler/taler_json_lib.h>
+#include "challenger_database_plugin.h"
+
+
+/**
+ * Check PIN entered to validate an address.
+ *
+ * @param cls
+ * @param nonce unique nonce to use to identify the validation
+ * @param pin the PIN the user entered
+ * @param[out] solved set to true if the PIN was correct
+ * @return transaction status:
+ * #GNUNET_DB_SUCCESS_ONE_RESULT if the nonce was found
+ * #GNUNET_DB_SUCCESS_NO_RESULTS if we do not know the nonce
+ * #GNUNET_DB_SUCCESS_HARD_ERROR on failure
+ */
+enum GNUNET_DB_QueryStatus
+CH_PG_validate_solve_pin (void *cls,
+ const struct CHALLENGER_ValidationNonceP *nonce,
+ uint32_t new_pin,
+ bool *solved);
+
+
+#endif
diff --git a/src/challengerdb/pg_validation_get.c b/src/challengerdb/pg_validation_get.c
@@ -0,0 +1,39 @@
+/*
+ This file is part of Challenger
+ Copyright (C) 2023 Taler Systems SA
+
+ Challenger is free software; you can redistribute it and/or modify it under the
+ terms of the GNU General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ Challenger is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along with
+ Challenger; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+ */
+/**
+ * @file challengerdb/pg_validation_get.c
+ * @brief Implementation of the validation_get function for Postgres
+ * @author Christian Grothoff
+ */
+#include "platform.h"
+#include <taler/taler_error_codes.h>
+#include <taler/taler_dbevents.h>
+#include <taler/taler_pq_lib.h>
+#include "pg_validation_get.h"
+#include "pg_helper.h"
+
+enum GNUNET_DB_QueryStatus
+CH_PG_validation_get (void *cls,
+ const struct CHALLENGER_ValidationNonceP *nonce,
+ char **client_secret,
+ char **address,
+ char **client_scope,
+ char **client_state,
+ char **client_redirect_url)
+{
+ GNUNET_break (0);
+ return GNUNET_DB_STATUS_HARD_ERROR;
+}
diff --git a/src/challengerdb/pg_validation_get.h b/src/challengerdb/pg_validation_get.h
@@ -0,0 +1,55 @@
+/*
+ This file is part of Challenger
+ Copyright (C) 2023 Taler Systems SA
+
+ Challenger is free software; you can redistribute it and/or modify it under the
+ terms of the GNU General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ Challenger is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along with
+ Challenger; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+ */
+/**
+ * @file backenddb/pg_validation_get.h
+ * @brief implementation of the validation_get function for Postgres
+ * @author Christian Grothoff
+ */
+#ifndef PG_VALIDATION_GET_H
+#define PG_VALIDATION_GET_H
+
+#include <taler/taler_util.h>
+#include <taler/taler_json_lib.h>
+#include "challenger_database_plugin.h"
+
+
+/**
+ * Return validation details. Used by ``/solve``, ``/auth`` and
+ * ``/info`` endpoints to authorize and return validated user
+ * address to the client.
+ *
+ * @param cls
+ * @param nonce unique nonce to use to identify the validation
+ * @param[out] client_secret set to secret of client (for client that setup the challenge)
+ * @param[out] address set to client-provided address
+ * @param[out] client_scope set to OAuth2 scope
+ * @param[out] client_state set to client state
+ * @param[out] client_redirect_url set to client redirect URL
+ * @return transaction status:
+ * #GNUNET_DB_SUCCESS_ONE_RESULT if the nonce was found
+ * #GNUNET_DB_SUCCESS_NO_RESULTS if we do not know the nonce
+ * #GNUNET_DB_SUCCESS_HARD_ERROR on failure
+ */
+enum GNUNET_DB_QueryStatus
+CH_PG_validation_get (void *cls,
+ const struct CHALLENGER_ValidationNonceP *nonce,
+ char **client_secret,
+ char **address,
+ char **client_scope,
+ char **client_state,
+ char **client_redirect_url);
+
+#endif
diff --git a/src/challengerdb/pg_validation_setup.c b/src/challengerdb/pg_validation_setup.c
@@ -0,0 +1,37 @@
+/*
+ This file is part of Challenger
+ Copyright (C) 2023 Taler Systems SA
+
+ Challenger is free software; you can redistribute it and/or modify it under the
+ terms of the GNU General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ Challenger is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along with
+ Challenger; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+ */
+/**
+ * @file challengerdb/pg_validation_setup.c
+ * @brief Implementation of the validation_setup function for Postgres
+ * @author Christian Grothoff
+ */
+#include "platform.h"
+#include <taler/taler_error_codes.h>
+#include <taler/taler_dbevents.h>
+#include <taler/taler_pq_lib.h>
+#include "pg_validation_setup.h"
+#include "pg_helper.h"
+
+
+enum GNUNET_DB_QueryStatus
+CH_PG_validation_setup (void *cls,
+ uint64_t client_id,
+ const struct CHALLENGER_ValidationNonceP *nonce,
+ struct GNUNET_TIME_Absolute expiration_time)
+{
+ GNUNET_break (0);
+ return GNUNET_DB_STATUS_HARD_ERROR;
+}
diff --git a/src/challengerdb/pg_validation_setup.h b/src/challengerdb/pg_validation_setup.h
@@ -0,0 +1,45 @@
+/*
+ This file is part of Challenger
+ Copyright (C) 2023 Taler Systems SA
+
+ Challenger is free software; you can redistribute it and/or modify it under the
+ terms of the GNU General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ Challenger is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along with
+ Challenger; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+ */
+/**
+ * @file backenddb/pg_validation_setup.h
+ * @brief implementation of the validation_setup function for Postgres
+ * @author Christian Grothoff
+ */
+#ifndef PG_VALIDATION_SETUP_H
+#define PG_VALIDATION_SETUP_H
+
+#include <taler/taler_util.h>
+#include <taler/taler_json_lib.h>
+#include "challenger_database_plugin.h"
+
+/**
+ * Start validation process by setting up a validation entry. Allows
+ * the respective user who learns the @a nonce to later begin the
+ * process.
+ *
+ * @param cls closure
+ * @param client_id ID of the client
+ * @param nonce unique nonce to use to identify the validation
+ * @param expiration_time when will the validation expire
+ * @return transaction status
+ */
+enum GNUNET_DB_QueryStatus
+CH_PG_validation_setup (void *cls,
+ uint64_t client_id,
+ const struct CHALLENGER_ValidationNonceP *nonce,
+ struct GNUNET_TIME_Absolute expiration_time);
+
+#endif
diff --git a/src/challengerdb/plugin_challengerdb_postgres.c b/src/challengerdb/plugin_challengerdb_postgres.c
@@ -28,6 +28,13 @@
#include "pg_helper.h"
#include "pg_client_add.h"
#include "pg_client_delete.h"
+#include "pg_client_check.h"
+#include "pg_validation_setup.h"
+#include "pg_validate_login_address.h"
+#include "pg_validate_login_pin.h"
+#include "pg_validate_challenge_open.h"
+#include "pg_validate_solve_pin.h"
+#include "pg_validation_get.h"
/**
* Drop challenger tables
@@ -363,17 +370,38 @@ libchallenger_plugin_db_postgres_init (void *cls)
}
plugin = GNUNET_new (struct CHALLENGER_DatabasePlugin);
plugin->cls = pg;
- plugin->create_tables = &postgres_create_tables;
- plugin->drop_tables = &postgres_drop_tables;
- plugin->preflight = &postgres_preflight;
- plugin->gc = &postgres_gc;
- plugin->begin_transaction = &postgres_begin_transaction;
- plugin->commit_transaction = &postgres_commit_transaction;
- plugin->rollback = &postgres_rollback;
+ plugin->create_tables
+ = &postgres_create_tables;
+ plugin->drop_tables
+ = &postgres_drop_tables;
+ plugin->preflight
+ = &postgres_preflight;
+ plugin->gc
+ = &postgres_gc;
+ plugin->begin_transaction
+ = &postgres_begin_transaction;
+ plugin->commit_transaction
+ = &postgres_commit_transaction;
+ plugin->rollback
+ = &postgres_rollback;
plugin->client_add
= &CH_PG_client_add;
plugin->client_delete
= &CH_PG_client_delete;
+ plugin->client_check
+ = &CH_PG_client_check;
+ plugin->validation_setup
+ = &CH_PG_validation_setup;
+ plugin->validate_login_address
+ = &CH_PG_validate_login_address;
+ plugin->validate_login_pin
+ = &CH_PG_validate_login_pin;
+ plugin->validate_challenge_open
+ = &CH_PG_validate_challenge_open;
+ plugin->validate_solve_pin
+ = &CH_PG_validate_solve_pin;
+ plugin->validation_get
+ = &CH_PG_validation_get;
return plugin;
}
diff --git a/src/include/challenger_database_plugin.h b/src/include/challenger_database_plugin.h
@@ -35,7 +35,7 @@ struct CHALLENGER_ValidationNonceP
/**
* 256-bit nonce used to identify validations.
*/
- uint32_t [256 / 32];
+ uint32_t value[256 / 32];
};
@@ -189,25 +189,20 @@ struct CHALLENGER_DatabasePlugin
/**
* Start validation process by setting up a validation entry. Allows
- * the respective user to later begin the process.
+ * the respective user who learns the @a nonce to later begin the
+ * process.
*
- * @param cls
+ * @param cls closure
* @param client_id ID of the client
* @param nonce unique nonce to use to identify the validation
* @param expiration_time when will the validation expire
- * @param client_scope scope of the validation
- * @param client_state state of the client
- * @param client_redirect_url where to redirect at the end
* @return transaction status
*/
enum GNUNET_DB_QueryStatus
(*validation_setup)(void *cls,
uint64_t client_id,
const struct CHALLENGER_ValidationNonceP *nonce,
- struct GNUNET_TIME_Absolute expiration_time,
- const char *client_scope,
- const char *client_state,
- const char *client_redirect_url);
+ struct GNUNET_TIME_Absolute expiration_time);
/**
@@ -219,6 +214,9 @@ struct CHALLENGER_DatabasePlugin
* @param cls
* @param nonce unique nonce to use to identify the validation
* @param address the new address to validate
+ * @param client_scope scope of the validation
+ * @param client_state state of the client
+ * @param client_redirect_url where to redirect at the end, NULL to use a unique one registered for the client
* @param[out] last_tx_time set to the last time when we (presumably) send a PIN to @a address; 0 if never sent
* @param[out] last_pin set to the PIN last send to @a address, 0 if never sent
* @param[in,out] pin_attempts_left set to number of PIN transmission attempts left for this address; input is value to be used if address is new, output is possibly different if address was not new
@@ -231,14 +229,16 @@ struct CHALLENGER_DatabasePlugin
(*validate_login_address)(void *cls,
const struct CHALLENGER_ValidationNonceP *nonce,
const char *address,
+ const char *client_scope,
+ const char *client_state,
+ const char *client_redirect_url,
struct GNUNET_TIME_Absolute *last_tx_time,
uint32_t *last_pin,
uint32_t *pin_attempts_left);
/**
- * Store a new PIN to be used to validate an
- * address.
+ * Store a new PIN to be used to validate an address.
*
* @param cls
* @param nonce unique nonce to use to identify the validation
@@ -301,7 +301,6 @@ struct CHALLENGER_DatabasePlugin
*
* @param cls
* @param nonce unique nonce to use to identify the validation
- * @param[out] client_url set to URL of client (from client registration)
* @param[out] client_secret set to secret of client (for client that setup the challenge)
* @param[out] address set to client-provided address
* @param[out] client_scope set to OAuth2 scope
@@ -313,14 +312,13 @@ struct CHALLENGER_DatabasePlugin
* #GNUNET_DB_SUCCESS_HARD_ERROR on failure
*/
enum GNUNET_DB_QueryStatus
- (*validate_get)(void *cls,
- const struct CHALLENGER_ValidationNonceP *nonce,
- char **client_url,
- char **client_secret,
- char **address,
- char **client_scope,
- char **client_state,
- char **client_redirect_url);
+ (*validation_get)(void *cls,
+ const struct CHALLENGER_ValidationNonceP *nonce,
+ char **client_secret,
+ char **address,
+ char **client_scope,
+ char **client_state,
+ char **client_redirect_url);
};
