commit 59c4c4f5c6eb9fbef24874871fa84b88890e8cc0
parent 56c0bfd76ad72e8c78181ffa93b5089b418e760a
Author: Sebastian <sebasjm@gmail.com>
Date: Fri, 28 Jun 2024 12:45:11 -0300
more info in the login endpoint
return if the challenge is solved, no need to return client redirect uri
also return v2 api
Diffstat:
5 files changed, 41 insertions(+), 11 deletions(-)
diff --git a/src/challenger/challenger-httpd_authorize.c b/src/challenger/challenger-httpd_authorize.c
@@ -185,6 +185,9 @@ CH_handler_authorize (struct CH_HandlerContext *hc,
uint32_t address_attempts_left;
uint32_t pin_transmissions_left;
uint32_t auth_attempts_left;
+ struct GNUNET_TIME_Absolute last_tx_time;
+
+ bool solved;
enum GNUNET_DB_QueryStatus qs;
/* authorize_start will return 0 if a 'redirect_uri' was
@@ -198,7 +201,9 @@ CH_handler_authorize (struct CH_HandlerContext *hc,
&last_address,
&address_attempts_left,
&pin_transmissions_left,
- &auth_attempts_left);
+ &auth_attempts_left,
+ &solved,
+ &last_tx_time);
switch (qs)
{
case GNUNET_DB_STATUS_HARD_ERROR:
@@ -236,8 +241,8 @@ CH_handler_authorize (struct CH_HandlerContext *hc,
json_decref (last_address);
return reply_error (hc,
"unauthorized_client",
- MHD_HTTP_FORBIDDEN,
- 1, // TALER_EC_CHALLENGER_EXHAUSTED
+ MHD_HTTP_TOO_MANY_REQUESTS,
+ TALER_EC_CHALLENGER_TOO_MANY_ATTEMPTS,
"client exceeded authorization attempts limit (too many addresses)");
}
@@ -258,11 +263,20 @@ CH_handler_authorize (struct CH_HandlerContext *hc,
CH_restrictions)),
GNUNET_JSON_pack_bool ("fix_address",
0 == address_attempts_left),
- GNUNET_JSON_pack_string ("nonce",
- hc->path),
GNUNET_JSON_pack_allow_null (
GNUNET_JSON_pack_object_steal ("last_address",
last_address)),
+ GNUNET_JSON_pack_bool ("solved",
+ solved),
+ GNUNET_JSON_pack_uint64 ("pin_transmissions_left",
+ pin_transmissions_left),
+ GNUNET_JSON_pack_uint64 ("auth_attempts_left",
+ auth_attempts_left),
+ GNUNET_JSON_pack_timestamp ("retransmission_time",
+ GNUNET_TIME_absolute_to_timestamp(
+ GNUNET_TIME_absolute_add (
+ last_tx_time,
+ CH_validation_duration))),
GNUNET_JSON_pack_uint64 ("changes_left",
address_attempts_left)
);
diff --git a/src/challenger/challenger-httpd_challenge.c b/src/challenger/challenger-httpd_challenge.c
@@ -759,8 +759,8 @@ CH_handler_challenge (struct CH_HandlerContext *hc,
bc->address),
GNUNET_JSON_pack_bool ("transmitted",
bc->retransmit),
- GNUNET_JSON_pack_string ("next_tx_time",
- GNUNET_TIME_absolute2s (
+ GNUNET_JSON_pack_timestamp ("next_tx_time",
+ GNUNET_TIME_absolute_to_timestamp(
GNUNET_TIME_absolute_add (
bc->last_tx_time,
CH_validation_duration)))
diff --git a/src/challengerdb/pg_authorize_start.c b/src/challengerdb/pg_authorize_start.c
@@ -36,7 +36,9 @@ CH_PG_authorize_start (void *cls,
json_t **last_address,
uint32_t *address_attempts_left,
uint32_t *pin_transmissions_left,
- uint32_t *auth_attempts_left)
+ uint32_t *auth_attempts_left,
+ bool *solved,
+ struct GNUNET_TIME_Absolute *last_tx_time)
{
struct PostgresClosure *pg = cls;
struct GNUNET_PQ_QueryParam params[] = {
@@ -62,6 +64,10 @@ CH_PG_authorize_start (void *cls,
pin_transmissions_left),
GNUNET_PQ_result_spec_uint32 ("auth_attempts_left",
auth_attempts_left),
+ GNUNET_PQ_result_spec_bool ("solved",
+ solved),
+ GNUNET_PQ_result_spec_absolute_time ("last_tx_time",
+ last_tx_time),
GNUNET_PQ_result_spec_end
};
@@ -79,7 +85,9 @@ CH_PG_authorize_start (void *cls,
" address"
" ,address_attempts_left"
" ,pin_transmissions_left"
- " ,auth_attempts_left;");
+ " ,GREATEST(0, auth_attempts_left) AS auth_attempts_left"
+ " ,auth_attempts_left = -1 AS solved"
+ " ,last_tx_time;");
return GNUNET_PQ_eval_prepared_singleton_select (pg->conn,
"authorize_start_validation",
params,
diff --git a/src/challengerdb/pg_authorize_start.h b/src/challengerdb/pg_authorize_start.h
@@ -42,6 +42,8 @@
* @param[out] address_attempts_left set to number of address changing attempts left for this address
* @param[out] pin_transmissions_left set to number of times the PIN can still be re-requested
* @param[out] auth_attempts_left set to number of authentication attempts remaining
+ * @param[out] solved set to true if the challenge is already solved
+ * @param[out] last_tx_time set to the last time when we (presumably) send a PIN to @a last_address; 0 if never sent
* @return transaction status:
* #GNUNET_DB_STATUS_SUCCESS_ONE_RESULT if the address was changed
* #GNUNET_DB_STATUS_SUCCESS_NO_RESULTS if we do not permit further changes to the address (attempts exhausted)
@@ -57,7 +59,9 @@ CH_PG_authorize_start (void *cls,
json_t **last_address,
uint32_t *address_attempts_left,
uint32_t *pin_transmissions_left,
- uint32_t *auth_attempts_left);
+ uint32_t *auth_attempts_left,
+ bool *solved,
+ struct GNUNET_TIME_Absolute *last_tx_time);
#endif
diff --git a/src/include/challenger_database_plugin.h b/src/include/challenger_database_plugin.h
@@ -233,6 +233,8 @@ struct CHALLENGER_DatabasePlugin
* @param[out] address_attempts_left set to number change address operations left for this @a nonce
* @param[out] pin_transmissions_left set to number of times the PIN can still be re-requested
* @param[out] auth_attempts_left set to number of authentication attempts remaining
+ * @param[out] solved set to true if the challenge is already solved
+ * @param[out] last_tx_time set to the last time when we (presumably) send a PIN to @a last_address; 0 if never sent
* @return transaction status:
* #GNUNET_DB_STATUS_SUCCESS_ONE_RESULT if the address was changed
* #GNUNET_DB_STATUS_SUCCESS_NO_RESULTS if we do not permit further changes to the address (attempts exhausted)
@@ -248,7 +250,9 @@ struct CHALLENGER_DatabasePlugin
json_t **last_address,
uint32_t *address_attempts_left,
uint32_t *pin_transmissions_left,
- uint32_t *auth_attempts_left);
+ uint32_t *auth_attempts_left,
+ bool *solved,
+ struct GNUNET_TIME_Absolute *last_tx_time);
/**
