commit f2f46a1df0cdb5dfb5beaba68296c309fde6a85d
parent 514c54aed35ae3e4b046abc3e059f46e67083e5f
Author: Christian Grothoff <christian@grothoff.org>
Date: Mon, 8 May 2023 20:16:23 +0200
rename /login to /authorize
Diffstat:
14 files changed, 397 insertions(+), 397 deletions(-)
diff --git a/src/challenger/Makefile.am b/src/challenger/Makefile.am
@@ -37,11 +37,11 @@ challenger_admin_LDADD = \
challenger_httpd_SOURCES = \
challenger-httpd.c challenger-httpd.h \
+ challenger-httpd_authorize.c challenger-httpd_authorize.h \
challenger-httpd_challenge.c challenger-httpd_challenge.h \
challenger-httpd_common.c challenger-httpd_common.h \
challenger-httpd_config.c challenger-httpd_config.h \
challenger-httpd_info.c challenger-httpd_info.h \
- challenger-httpd_login.c challenger-httpd_login.h \
challenger-httpd_mhd.c challenger-httpd_mhd.h \
challenger-httpd_setup.c challenger-httpd_setup.h \
challenger-httpd_solve.c challenger-httpd_solve.h \
diff --git a/src/challenger/challenger-httpd.c b/src/challenger/challenger-httpd.c
@@ -27,7 +27,7 @@
#include "challenger-httpd_challenge.h"
#include "challenger-httpd_info.h"
#include "challenger-httpd_setup.h"
-#include "challenger-httpd_login.h"
+#include "challenger-httpd_authorize.h"
#include "challenger-httpd_mhd.h"
#include "challenger-httpd_solve.h"
#include "challenger-httpd_token.h"
@@ -177,14 +177,14 @@ url_handler (void *cls,
.handler = &CH_handler_setup
},
{
- .url = "/login/",
+ .url = "/authorize/",
.method = MHD_HTTP_METHOD_GET,
- .handler = &CH_handler_login
+ .handler = &CH_handler_authorize
},
{
- .url = "/login/",
+ .url = "/authorize/",
.method = MHD_HTTP_METHOD_POST,
- .handler = &CH_handler_login
+ .handler = &CH_handler_authorize
},
{
.url = "/challenge/",
diff --git a/src/challenger/challenger-httpd_authorize.c b/src/challenger/challenger-httpd_authorize.c
@@ -0,0 +1,201 @@
+/*
+ This file is part of Challenger
+ Copyright (C) 2023 Taler Systems SA
+
+ Challenger is free software; you can redistribute it and/or modify it under the
+ terms of the GNU Affero General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ Challenger is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
+
+ You should have received a copy of the GNU Affero General Public License along with
+ Challenger; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+*/
+/**
+ * @file challenger-httpd_authorize.c
+ * @brief functions to handle incoming requests for authorizations
+ * @author Christian Grothoff
+ */
+#include "platform.h"
+#include "challenger-httpd.h"
+#include <gnunet/gnunet_util_lib.h>
+#include <taler/taler_templating_lib.h>
+#include "challenger-httpd_authorize.h"
+
+
+MHD_RESULT
+CH_handler_authorize (struct CH_HandlerContext *hc,
+ const char *upload_data,
+ size_t *upload_data_size)
+{
+ const char *response_type;
+ unsigned long long client_id;
+ const char *redirect_uri;
+ const char *state;
+ const char *scope;
+ struct CHALLENGER_ValidationNonceP nonce;
+
+ (void) upload_data;
+ (void) upload_data_size;
+ if (GNUNET_OK !=
+ GNUNET_STRINGS_string_to_data (hc->path,
+ strlen (hc->path),
+ &nonce,
+ sizeof (nonce)))
+ {
+ GNUNET_break_op (0);
+ return TALER_MHD_reply_with_error (hc->connection,
+ MHD_HTTP_NOT_FOUND,
+ TALER_EC_GENERIC_PARAMETER_MISSING,
+ hc->path);
+ }
+ response_type
+ = MHD_lookup_connection_value (hc->connection,
+ MHD_GET_ARGUMENT_KIND,
+ "response_type");
+ if (NULL == response_type)
+ {
+ GNUNET_break_op (0);
+ return TALER_MHD_reply_with_error (hc->connection,
+ MHD_HTTP_BAD_REQUEST,
+ TALER_EC_GENERIC_PARAMETER_MISSING,
+ "response_type");
+ }
+ if (0 != strcmp (response_type,
+ "code"))
+ {
+ GNUNET_break_op (0);
+ return TALER_MHD_reply_with_error (hc->connection,
+ MHD_HTTP_BAD_REQUEST,
+ TALER_EC_GENERIC_PARAMETER_MALFORMED,
+ "response_type (must be 'code')");
+ }
+
+ {
+ const char *client_id_str;
+ char dummy;
+
+ client_id_str
+ = MHD_lookup_connection_value (hc->connection,
+ MHD_GET_ARGUMENT_KIND,
+ "client_id");
+ if (NULL == client_id_str)
+ {
+ GNUNET_break_op (0);
+ return TALER_MHD_reply_with_error (hc->connection,
+ MHD_HTTP_BAD_REQUEST,
+ TALER_EC_GENERIC_PARAMETER_MISSING,
+ "client_id");
+ }
+ if (1 != sscanf (client_id_str,
+ "%llu%c",
+ &client_id,
+ &dummy))
+ {
+ GNUNET_break_op (0);
+ return TALER_MHD_reply_with_error (hc->connection,
+ MHD_HTTP_BAD_REQUEST,
+ TALER_EC_GENERIC_PARAMETER_MALFORMED,
+ "client_id");
+ }
+ }
+ redirect_uri
+ = MHD_lookup_connection_value (hc->connection,
+ MHD_GET_ARGUMENT_KIND,
+ "redirect_uri");
+ if ( (NULL != redirect_uri) &&
+ (0 != strncmp (redirect_uri,
+ "http://",
+ strlen ("http://"))) &&
+ (0 != strncmp (redirect_uri,
+ "https://",
+ strlen ("https://"))) )
+ {
+ GNUNET_break_op (0);
+ return TALER_MHD_reply_with_error (hc->connection,
+ MHD_HTTP_BAD_REQUEST,
+ TALER_EC_GENERIC_PARAMETER_MALFORMED,
+ "redirect_uri (has to start with 'http://' or 'https://')");
+ }
+ state
+ = MHD_lookup_connection_value (hc->connection,
+ MHD_GET_ARGUMENT_KIND,
+ "state");
+ if (NULL == state)
+ state = "";
+ scope
+ = MHD_lookup_connection_value (hc->connection,
+ MHD_GET_ARGUMENT_KIND,
+ "scope");
+ {
+ char *last_address;
+ uint32_t address_attempts_left;
+ enum GNUNET_DB_QueryStatus qs;
+
+ /* authorize_start will return 0 if a 'redirect_uri' was
+ configured for the client and this one differs. */
+ qs = CH_db->authorize_start (CH_db->cls,
+ &nonce,
+ client_id,
+ scope,
+ state,
+ redirect_uri,
+ &last_address,
+ &address_attempts_left);
+ switch (qs)
+ {
+ case GNUNET_DB_STATUS_HARD_ERROR:
+ GNUNET_break (0);
+ return TALER_TEMPLATING_reply_error (hc->connection,
+ "internal-error",
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_GENERIC_DB_STORE_FAILED,
+ "authorize_start");
+ case GNUNET_DB_STATUS_SOFT_ERROR:
+ GNUNET_break (0);
+ return MHD_NO;
+ case GNUNET_DB_STATUS_SUCCESS_NO_RESULTS:
+ return TALER_TEMPLATING_reply_error (hc->connection,
+ "validation-unknown",
+ MHD_HTTP_NOT_FOUND,
+ TALER_EC_CHALLENGER_GENERIC_VALIDATION_UNKNOWN,
+ NULL);
+ case GNUNET_DB_STATUS_SUCCESS_ONE_RESULT:
+ break;
+ }
+ {
+ enum GNUNET_GenericReturnValue ret;
+ json_t *args;
+
+ args = GNUNET_JSON_PACK (
+ GNUNET_JSON_pack_bool ("fix_address",
+ 0 == address_attempts_left),
+ GNUNET_JSON_pack_string ("nonce",
+ hc->path),
+ GNUNET_JSON_pack_string ("last_address",
+ (NULL == last_address)
+ ? ""
+ : last_address),
+ GNUNET_JSON_pack_uint64 ("changes_left",
+ address_attempts_left)
+ );
+ ret = TALER_TEMPLATING_reply (
+ hc->connection,
+ MHD_HTTP_OK,
+ "enter-address-form",
+ NULL,
+ NULL,
+ args);
+ json_decref (args);
+ if (GNUNET_SYSERR == ret)
+ {
+ GNUNET_break (0);
+ return MHD_NO;
+ }
+ GNUNET_break (GNUNET_OK == ret);
+ return MHD_YES;
+ }
+ }
+}
diff --git a/src/challenger/challenger-httpd_authorize.h b/src/challenger/challenger-httpd_authorize.h
@@ -0,0 +1,41 @@
+/*
+ This file is part of TALER
+ Copyright (C) 2023 Taler Systems SA
+
+ TALER is free software; you can redistribute it and/or modify it under the
+ terms of the GNU Affero General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
+
+ You should have received a copy of the GNU Affero General Public License along with
+ TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+*/
+/**
+ * @file challenger-httpd_login.h
+ * @brief functions to handle incoming requests on /login
+ * @author Christian Grothoff
+ */
+#ifndef CHALLENGER_HTTPD_LOGIN_H
+#define CHALLENGER_HTTPD_LOGIN_H
+
+#include <microhttpd.h>
+
+
+/**
+ * Handle request on @a connection for /login.
+ *
+ * @param hc context of the connection
+ * @param upload_data upload data, if any
+ * @param[in,out] upload_data_size remaining data in @a upload_data, to be updated
+ * @return MHD result code
+ */
+MHD_RESULT
+CH_handler_authorize (struct CH_HandlerContext *hc,
+ const char *upload_data,
+ size_t *upload_data_size);
+
+
+#endif
diff --git a/src/challenger/challenger-httpd_login.c b/src/challenger/challenger-httpd_login.c
@@ -1,201 +0,0 @@
-/*
- This file is part of Challenger
- Copyright (C) 2023 Taler Systems SA
-
- Challenger is free software; you can redistribute it and/or modify it under the
- terms of the GNU Affero General Public License as published by the Free Software
- Foundation; either version 3, or (at your option) any later version.
-
- Challenger is distributed in the hope that it will be useful, but WITHOUT ANY
- WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
- A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
-
- You should have received a copy of the GNU Affero General Public License along with
- Challenger; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
-*/
-/**
- * @file challenger-httpd_login.c
- * @brief functions to handle incoming requests for logins
- * @author Christian Grothoff
- */
-#include "platform.h"
-#include "challenger-httpd.h"
-#include <gnunet/gnunet_util_lib.h>
-#include <taler/taler_templating_lib.h>
-#include "challenger-httpd_login.h"
-
-
-MHD_RESULT
-CH_handler_login (struct CH_HandlerContext *hc,
- const char *upload_data,
- size_t *upload_data_size)
-{
- const char *response_type;
- unsigned long long client_id;
- const char *redirect_uri;
- const char *state;
- const char *scope;
- struct CHALLENGER_ValidationNonceP nonce;
-
- (void) upload_data;
- (void) upload_data_size;
- if (GNUNET_OK !=
- GNUNET_STRINGS_string_to_data (hc->path,
- strlen (hc->path),
- &nonce,
- sizeof (nonce)))
- {
- GNUNET_break_op (0);
- return TALER_MHD_reply_with_error (hc->connection,
- MHD_HTTP_NOT_FOUND,
- TALER_EC_GENERIC_PARAMETER_MISSING,
- hc->path);
- }
- response_type
- = MHD_lookup_connection_value (hc->connection,
- MHD_GET_ARGUMENT_KIND,
- "response_type");
- if (NULL == response_type)
- {
- GNUNET_break_op (0);
- return TALER_MHD_reply_with_error (hc->connection,
- MHD_HTTP_BAD_REQUEST,
- TALER_EC_GENERIC_PARAMETER_MISSING,
- "response_type");
- }
- if (0 != strcmp (response_type,
- "code"))
- {
- GNUNET_break_op (0);
- return TALER_MHD_reply_with_error (hc->connection,
- MHD_HTTP_BAD_REQUEST,
- TALER_EC_GENERIC_PARAMETER_MALFORMED,
- "response_type (must be 'code')");
- }
-
- {
- const char *client_id_str;
- char dummy;
-
- client_id_str
- = MHD_lookup_connection_value (hc->connection,
- MHD_GET_ARGUMENT_KIND,
- "client_id");
- if (NULL == client_id_str)
- {
- GNUNET_break_op (0);
- return TALER_MHD_reply_with_error (hc->connection,
- MHD_HTTP_BAD_REQUEST,
- TALER_EC_GENERIC_PARAMETER_MISSING,
- "client_id");
- }
- if (1 != sscanf (client_id_str,
- "%llu%c",
- &client_id,
- &dummy))
- {
- GNUNET_break_op (0);
- return TALER_MHD_reply_with_error (hc->connection,
- MHD_HTTP_BAD_REQUEST,
- TALER_EC_GENERIC_PARAMETER_MALFORMED,
- "client_id");
- }
- }
- redirect_uri
- = MHD_lookup_connection_value (hc->connection,
- MHD_GET_ARGUMENT_KIND,
- "redirect_uri");
- if ( (NULL != redirect_uri) &&
- (0 != strncmp (redirect_uri,
- "http://",
- strlen ("http://"))) &&
- (0 != strncmp (redirect_uri,
- "https://",
- strlen ("https://"))) )
- {
- GNUNET_break_op (0);
- return TALER_MHD_reply_with_error (hc->connection,
- MHD_HTTP_BAD_REQUEST,
- TALER_EC_GENERIC_PARAMETER_MALFORMED,
- "redirect_uri (has to start with 'http://' or 'https://')");
- }
- state
- = MHD_lookup_connection_value (hc->connection,
- MHD_GET_ARGUMENT_KIND,
- "state");
- if (NULL == state)
- state = "";
- scope
- = MHD_lookup_connection_value (hc->connection,
- MHD_GET_ARGUMENT_KIND,
- "scope");
- {
- char *last_address;
- uint32_t address_attempts_left;
- enum GNUNET_DB_QueryStatus qs;
-
- /* login_start will return 0 if a 'redirect_uri' was
- configured for the client and this one differs. */
- qs = CH_db->login_start (CH_db->cls,
- &nonce,
- client_id,
- scope,
- state,
- redirect_uri,
- &last_address,
- &address_attempts_left);
- switch (qs)
- {
- case GNUNET_DB_STATUS_HARD_ERROR:
- GNUNET_break (0);
- return TALER_TEMPLATING_reply_error (hc->connection,
- "internal-error",
- MHD_HTTP_INTERNAL_SERVER_ERROR,
- TALER_EC_GENERIC_DB_STORE_FAILED,
- "login_start");
- case GNUNET_DB_STATUS_SOFT_ERROR:
- GNUNET_break (0);
- return MHD_NO;
- case GNUNET_DB_STATUS_SUCCESS_NO_RESULTS:
- return TALER_TEMPLATING_reply_error (hc->connection,
- "validation-unknown",
- MHD_HTTP_NOT_FOUND,
- TALER_EC_CHALLENGER_GENERIC_VALIDATION_UNKNOWN,
- NULL);
- case GNUNET_DB_STATUS_SUCCESS_ONE_RESULT:
- break;
- }
- {
- enum GNUNET_GenericReturnValue ret;
- json_t *args;
-
- args = GNUNET_JSON_PACK (
- GNUNET_JSON_pack_bool ("fix_address",
- 0 == address_attempts_left),
- GNUNET_JSON_pack_string ("nonce",
- hc->path),
- GNUNET_JSON_pack_string ("last_address",
- (NULL == last_address)
- ? ""
- : last_address),
- GNUNET_JSON_pack_uint64 ("changes_left",
- address_attempts_left)
- );
- ret = TALER_TEMPLATING_reply (
- hc->connection,
- MHD_HTTP_OK,
- "enter-address-form",
- NULL,
- NULL,
- args);
- json_decref (args);
- if (GNUNET_SYSERR == ret)
- {
- GNUNET_break (0);
- return MHD_NO;
- }
- GNUNET_break (GNUNET_OK == ret);
- return MHD_YES;
- }
- }
-}
diff --git a/src/challenger/challenger-httpd_login.h b/src/challenger/challenger-httpd_login.h
@@ -1,41 +0,0 @@
-/*
- This file is part of TALER
- Copyright (C) 2023 Taler Systems SA
-
- TALER is free software; you can redistribute it and/or modify it under the
- terms of the GNU Affero General Public License as published by the Free Software
- Foundation; either version 3, or (at your option) any later version.
-
- TALER is distributed in the hope that it will be useful, but WITHOUT ANY
- WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
- A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
-
- You should have received a copy of the GNU Affero General Public License along with
- TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
-*/
-/**
- * @file challenger-httpd_login.h
- * @brief functions to handle incoming requests on /login
- * @author Christian Grothoff
- */
-#ifndef CHALLENGER_HTTPD_LOGIN_H
-#define CHALLENGER_HTTPD_LOGIN_H
-
-#include <microhttpd.h>
-
-
-/**
- * Handle request on @a connection for /login.
- *
- * @param hc context of the connection
- * @param upload_data upload data, if any
- * @param[in,out] upload_data_size remaining data in @a upload_data, to be updated
- * @return MHD result code
- */
-MHD_RESULT
-CH_handler_login (struct CH_HandlerContext *hc,
- const char *upload_data,
- size_t *upload_data_size);
-
-
-#endif
diff --git a/src/challenger/test-challenger.sh b/src/challenger/test-challenger.sh
@@ -97,7 +97,7 @@ CLIENT_STATE="the-client-state"
CLIENT_SCOPE="the-client-scope"
echo -n "Initiating user login..."
-STATUS=$(curl "${BURL}/login/${NONCE}" \
+STATUS=$(curl "${BURL}/authorize/${NONCE}" \
-G \
--data-urlencode "response_type=code" \
--data-urlencode "client_id=${CLIENT_ID}" \
diff --git a/src/challengerdb/Makefile.am b/src/challengerdb/Makefile.am
@@ -63,7 +63,7 @@ libchallenger_plugin_db_postgres_la_SOURCES = \
pg_info_get_grant.h pg_info_get_grant.c \
pg_token_add_grant.h pg_token_add_grant.c \
pg_setup_nonce.h pg_setup_nonce.c \
- pg_login_start.h pg_login_start.c \
+ pg_authorize_start.h pg_authorize_start.c \
pg_challenge_set_address_and_pin.h pg_challenge_set_address_and_pin.c \
pg_validate_solve_pin.h pg_validate_solve_pin.c \
pg_validation_get.h pg_validation_get.c \
diff --git a/src/challengerdb/pg_authorize_start.c b/src/challengerdb/pg_authorize_start.c
@@ -0,0 +1,77 @@
+/*
+ This file is part of Challenger
+ Copyright (C) 2023 Taler Systems SA
+
+ Challenger is free software; you can redistribute it and/or modify it under the
+ terms of the GNU General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ Challenger is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along with
+ Challenger; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+ */
+/**
+ * @file challengerdb/pg_authorize_start.c
+ * @brief Implementation of the authorize_start function for Postgres
+ * @author Christian Grothoff
+ */
+#include "platform.h"
+#include <taler/taler_error_codes.h>
+#include <taler/taler_dbevents.h>
+#include <taler/taler_pq_lib.h>
+#include "pg_authorize_start.h"
+#include "pg_helper.h"
+
+
+enum GNUNET_DB_QueryStatus
+CH_PG_authorize_start (void *cls,
+ const struct CHALLENGER_ValidationNonceP *nonce,
+ uint64_t client_id,
+ const char *client_scope,
+ const char *client_state,
+ const char *client_redirect_url,
+ char **last_address,
+ uint32_t *address_attempts_left)
+{
+ struct PostgresClosure *pg = cls;
+ struct GNUNET_PQ_QueryParam params[] = {
+ GNUNET_PQ_query_param_auto_from_type (nonce),
+ GNUNET_PQ_query_param_uint64 (&client_id),
+ GNUNET_PQ_query_param_string (client_scope),
+ GNUNET_PQ_query_param_string (client_state),
+ NULL != client_redirect_url
+ ? GNUNET_PQ_query_param_string (client_redirect_url)
+ : GNUNET_PQ_query_param_null (),
+ GNUNET_PQ_query_param_end
+ };
+ struct GNUNET_PQ_ResultSpec rs[] = {
+ GNUNET_PQ_result_spec_allow_null (
+ GNUNET_PQ_result_spec_string ("address",
+ last_address),
+ NULL),
+ GNUNET_PQ_result_spec_uint32 ("address_attempts_left",
+ address_attempts_left),
+ GNUNET_PQ_result_spec_end
+ };
+
+ *last_address = NULL;
+ PREPARE (pg,
+ "authorize_start_validation",
+ "UPDATE validations SET"
+ " client_scope=$3"
+ " ,client_state=$4"
+ " ,client_redirect_url=$5::VARCHAR"
+ " WHERE nonce=$1"
+ " AND client_serial_id=$2"
+ " AND ($5::VARCHAR=COALESCE(client_redirect_url,$5::VARCHAR))"
+ " RETURNING"
+ " address"
+ " ,address_attempts_left;");
+ return GNUNET_PQ_eval_prepared_singleton_select (pg->conn,
+ "authorize_start_validation",
+ params,
+ rs);
+}
diff --git a/src/challengerdb/pg_authorize_start.h b/src/challengerdb/pg_authorize_start.h
@@ -0,0 +1,59 @@
+/*
+ This file is part of Challenger
+ Copyright (C) 2023 Taler Systems SA
+
+ Challenger is free software; you can redistribute it and/or modify it under the
+ terms of the GNU General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ Challenger is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along with
+ Challenger; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+ */
+/**
+ * @file challengerdb/pg_authorize_start.h
+ * @brief implementation of the authorize_start function for Postgres
+ * @author Christian Grothoff
+ */
+#ifndef PG_LOGIN_START_H
+#define PG_LOGIN_START_H
+
+#include <taler/taler_util.h>
+#include <taler/taler_json_lib.h>
+#include "challenger_database_plugin.h"
+
+
+/**
+ * Set the user-provided address in a validation process. Updates
+ * the address and decrements the "addresses left" counter. If the
+ * address did not change, the operation is successful even without
+ * the counter change.
+ *
+ * @param cls
+ * @param nonce unique nonce to use to identify the validation
+ * @param client_id client that initiated the validation
+ * @param client_scope scope of the validation
+ * @param client_state state of the client
+ * @param client_redirect_url where to redirect at the end, NULL to use a unique one registered for the client
+ * @param[out] last_address set to the last address used
+ * @param[out] address_attempts_left set to number of address changing attempts left for this address
+ * @return transaction status:
+ * #GNUNET_DB_STATUS_SUCCESS_ONE_RESULT if the address was changed
+ * #GNUNET_DB_STATUS_SUCCESS_NO_RESULTS if we do not permit further changes to the address (attempts exhausted)
+ * #GNUNET_DB_STATUS_HARD_ERROR on failure
+ */
+enum GNUNET_DB_QueryStatus
+CH_PG_authorize_start (void *cls,
+ const struct CHALLENGER_ValidationNonceP *nonce,
+ uint64_t client_id,
+ const char *client_scope,
+ const char *client_state,
+ const char *client_redirect_url,
+ char **last_address,
+ uint32_t *address_attempts_left);
+
+
+#endif
diff --git a/src/challengerdb/pg_login_start.c b/src/challengerdb/pg_login_start.c
@@ -1,77 +0,0 @@
-/*
- This file is part of Challenger
- Copyright (C) 2023 Taler Systems SA
-
- Challenger is free software; you can redistribute it and/or modify it under the
- terms of the GNU General Public License as published by the Free Software
- Foundation; either version 3, or (at your option) any later version.
-
- Challenger is distributed in the hope that it will be useful, but WITHOUT ANY
- WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
- A PARTICULAR PURPOSE. See the GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License along with
- Challenger; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
- */
-/**
- * @file challengerdb/pg_login_start.c
- * @brief Implementation of the login_start function for Postgres
- * @author Christian Grothoff
- */
-#include "platform.h"
-#include <taler/taler_error_codes.h>
-#include <taler/taler_dbevents.h>
-#include <taler/taler_pq_lib.h>
-#include "pg_login_start.h"
-#include "pg_helper.h"
-
-
-enum GNUNET_DB_QueryStatus
-CH_PG_login_start (void *cls,
- const struct CHALLENGER_ValidationNonceP *nonce,
- uint64_t client_id,
- const char *client_scope,
- const char *client_state,
- const char *client_redirect_url,
- char **last_address,
- uint32_t *address_attempts_left)
-{
- struct PostgresClosure *pg = cls;
- struct GNUNET_PQ_QueryParam params[] = {
- GNUNET_PQ_query_param_auto_from_type (nonce),
- GNUNET_PQ_query_param_uint64 (&client_id),
- GNUNET_PQ_query_param_string (client_scope),
- GNUNET_PQ_query_param_string (client_state),
- NULL != client_redirect_url
- ? GNUNET_PQ_query_param_string (client_redirect_url)
- : GNUNET_PQ_query_param_null (),
- GNUNET_PQ_query_param_end
- };
- struct GNUNET_PQ_ResultSpec rs[] = {
- GNUNET_PQ_result_spec_allow_null (
- GNUNET_PQ_result_spec_string ("address",
- last_address),
- NULL),
- GNUNET_PQ_result_spec_uint32 ("address_attempts_left",
- address_attempts_left),
- GNUNET_PQ_result_spec_end
- };
-
- *last_address = NULL;
- PREPARE (pg,
- "login_start_validation",
- "UPDATE validations SET"
- " client_scope=$3"
- " ,client_state=$4"
- " ,client_redirect_url=$5::VARCHAR"
- " WHERE nonce=$1"
- " AND client_serial_id=$2"
- " AND ($5::VARCHAR=COALESCE(client_redirect_url,$5::VARCHAR))"
- " RETURNING"
- " address"
- " ,address_attempts_left;");
- return GNUNET_PQ_eval_prepared_singleton_select (pg->conn,
- "login_start_validation",
- params,
- rs);
-}
diff --git a/src/challengerdb/pg_login_start.h b/src/challengerdb/pg_login_start.h
@@ -1,59 +0,0 @@
-/*
- This file is part of Challenger
- Copyright (C) 2023 Taler Systems SA
-
- Challenger is free software; you can redistribute it and/or modify it under the
- terms of the GNU General Public License as published by the Free Software
- Foundation; either version 3, or (at your option) any later version.
-
- Challenger is distributed in the hope that it will be useful, but WITHOUT ANY
- WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
- A PARTICULAR PURPOSE. See the GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License along with
- Challenger; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
- */
-/**
- * @file challengerdb/pg_login_start.h
- * @brief implementation of the login_start function for Postgres
- * @author Christian Grothoff
- */
-#ifndef PG_LOGIN_START_H
-#define PG_LOGIN_START_H
-
-#include <taler/taler_util.h>
-#include <taler/taler_json_lib.h>
-#include "challenger_database_plugin.h"
-
-
-/**
- * Set the user-provided address in a validation process. Updates
- * the address and decrements the "addresses left" counter. If the
- * address did not change, the operation is successful even without
- * the counter change.
- *
- * @param cls
- * @param nonce unique nonce to use to identify the validation
- * @param client_id client that initiated the validation
- * @param client_scope scope of the validation
- * @param client_state state of the client
- * @param client_redirect_url where to redirect at the end, NULL to use a unique one registered for the client
- * @param[out] last_address set to the last address used
- * @param[out] address_attempts_left set to number of address changing attempts left for this address
- * @return transaction status:
- * #GNUNET_DB_STATUS_SUCCESS_ONE_RESULT if the address was changed
- * #GNUNET_DB_STATUS_SUCCESS_NO_RESULTS if we do not permit further changes to the address (attempts exhausted)
- * #GNUNET_DB_STATUS_HARD_ERROR on failure
- */
-enum GNUNET_DB_QueryStatus
-CH_PG_login_start (void *cls,
- const struct CHALLENGER_ValidationNonceP *nonce,
- uint64_t client_id,
- const char *client_scope,
- const char *client_state,
- const char *client_redirect_url,
- char **last_address,
- uint32_t *address_attempts_left);
-
-
-#endif
diff --git a/src/challengerdb/plugin_challengerdb_postgres.c b/src/challengerdb/plugin_challengerdb_postgres.c
@@ -32,7 +32,7 @@
#include "pg_token_add_grant.h"
#include "pg_client_check.h"
#include "pg_setup_nonce.h"
-#include "pg_login_start.h"
+#include "pg_authorize_start.h"
#include "pg_challenge_set_address_and_pin.h"
#include "pg_validate_solve_pin.h"
#include "pg_validation_get.h"
@@ -393,8 +393,8 @@ libchallenger_plugin_db_postgres_init (void *cls)
= &CH_PG_client_check;
plugin->setup_nonce
= &CH_PG_setup_nonce;
- plugin->login_start
- = &CH_PG_login_start;
+ plugin->authorize_start
+ = &CH_PG_authorize_start;
plugin->challenge_set_address_and_pin
= &CH_PG_challenge_set_address_and_pin;
plugin->validate_solve_pin
diff --git a/src/include/challenger_database_plugin.h b/src/include/challenger_database_plugin.h
@@ -237,14 +237,14 @@ struct CHALLENGER_DatabasePlugin
* #GNUNET_DB_STATUS_HARD_ERROR on failure
*/
enum GNUNET_DB_QueryStatus
- (*login_start)(void *cls,
- const struct CHALLENGER_ValidationNonceP *nonce,
- uint64_t client_id,
- const char *client_scope,
- const char *client_state,
- const char *client_redirect_url,
- char **last_address,
- uint32_t *address_attempts_left);
+ (*authorize_start)(void *cls,
+ const struct CHALLENGER_ValidationNonceP *nonce,
+ uint64_t client_id,
+ const char *client_scope,
+ const char *client_state,
+ const char *client_redirect_url,
+ char **last_address,
+ uint32_t *address_attempts_left);
/**
