challenger

OAuth 2.0-based authentication service that validates user can receive messages at a certain address
Log | Files | Refs | Submodules | README | LICENSE

challenger_do_validate_and_solve_pin.sql (2623B)

      1 --
      2 -- This file is part of TALER
      3 -- Copyright (C) 2024 Taler Systems SA
      4 --
      5 -- TALER is free software; you can redistribute it and/or modify it under the
      6 -- terms of the GNU General Public License as published by the Free Software
      7 -- Foundation; either version 3, or (at your option) any later version.
      8 --
      9 -- TALER is distributed in the hope that it will be useful, but WITHOUT ANY
     10 -- WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
     11 -- A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
     12 --
     13 -- You should have received a copy of the GNU General Public License along with
     14 -- TALER; see the file COPYING.  If not, see <http://www.gnu.org/licenses/>
     15 --
     16 
     17 CREATE OR REPLACE FUNCTION challenger_do_validate_and_solve_pin (
     18   IN in_nonce BYTEA,
     19   IN in_new_pin INT4,
     20   OUT out_not_found BOOLEAN,
     21   OUT out_exhausted BOOLEAN,
     22   OUT out_no_challenge BOOLEAN,
     23   OUT out_solved BOOLEAN,
     24   OUT out_state TEXT,
     25   OUT out_address_attempts_left INT4,
     26   OUT out_auth_attempts_left INT4,
     27   OUT out_pin_transmissions_left INT4,
     28   OUT out_client_redirect_uri TEXT)
     29 LANGUAGE plpgsql
     30 AS $$
     31 DECLARE
     32   my_status RECORD;
     33 BEGIN
     34 
     35 SELECT auth_attempts_left
     36       ,address_attempts_left
     37       ,pin_transmissions_left
     38       ,last_pin
     39       ,client_redirect_uri
     40       ,client_state
     41   INTO my_status
     42   FROM validations
     43  WHERE nonce=in_nonce;
     44 
     45 IF NOT FOUND
     46 THEN
     47   out_not_found=TRUE;
     48   out_no_challenge=TRUE;
     49   out_exhausted=FALSE;
     50   out_solved=FALSE;
     51   out_address_attempts_left=0;
     52   out_auth_attempts_left=0;
     53   out_pin_transmissions_left=0;
     54   out_client_redirect_uri=NULL;
     55   out_state=NULL;
     56   RETURN;
     57 END IF;
     58 out_not_found=FALSE;
     59 out_address_attempts_left=my_status.address_attempts_left;
     60 out_pin_transmissions_left=my_status.pin_transmissions_left;
     61 out_client_redirect_uri=my_status.client_redirect_uri;
     62 out_state=my_status.client_state;
     63 
     64 IF (my_status.last_pin IS NULL)
     65 THEN
     66   out_solved=FALSE;
     67   out_exhausted=FALSE;
     68   out_auth_attempts_left=0;
     69   out_no_challenge=TRUE;
     70   RETURN;
     71 END IF;
     72 out_no_challenge=FALSE;
     73 
     74 IF (0 > my_status.auth_attempts_left)
     75 THEN
     76   out_solved=TRUE;
     77   out_exhausted=TRUE;
     78   out_auth_attempts_left=0;
     79   RETURN;
     80 END IF;
     81 
     82 IF (0 = my_status.auth_attempts_left)
     83 THEN
     84   out_solved=FALSE;
     85   out_exhausted=TRUE;
     86   out_auth_attempts_left=0;
     87   RETURN;
     88 END IF;
     89 out_exhausted=FALSE;
     90 out_solved = (my_status.last_pin = in_new_pin);
     91 
     92 IF NOT out_solved
     93 THEN
     94   out_auth_attempts_left=my_status.auth_attempts_left-1;
     95 ELSE
     96   out_auth_attempts_left=-1; -- solved: no more attempts
     97 END IF;
     98 
     99 UPDATE validations
    100  SET auth_attempts_left=out_auth_attempts_left
    101  WHERE nonce=$1;
    102 
    103 RETURN;
    104 
    105 END $$;