donau

Donation authority for GNU Taler (experimental)
Log | Files | Refs | Submodules | README | LICENSE
commit edab9277a1e291a0c2c76b3c4db044867bb9d3a9
parent bbf541a56267327997d71ae09edd67135d8c734b
Author: Casaburi Johannes <johannes.casaburi@students.bfh.ch>
Date:   Tue,  4 Jun 2024 22:53:49 +0200

added some json examples

Diffstat:

Mdoc/thesis/chapters/implementation/arch.tex | 2+-


Mdoc/thesis/chapters/implementation/donau.tex | 74+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-----------


Mdoc/thesis/thesis.pdf | 0


3 files changed, 64 insertions(+), 12 deletions(-)

diff --git a/doc/thesis/chapters/implementation/arch.tex b/doc/thesis/chapters/implementation/arch.tex
@@ -8,4 +8,4 @@ As the charity backend and donor wallet implementation are not yet developed the
 \end{figure}
 
 The Donau backend implements the REST API and HTTP handler which communicates with the database plugin. The postgresql database is further described in section ?? of the thesis.
-The HTTP handler includes a key handler that interacts with the three secmod processes. The secmod processes generate and manage keys.
+The HTTP handler includes a key handler that interacts with the three secmod processes. The secmod processes generate the keys. Only they have access to the private keys.
diff --git a/doc/thesis/chapters/implementation/donau.tex b/doc/thesis/chapters/implementation/donau.tex
@@ -5,29 +5,61 @@ The Donau is written in C as it reuses parts of the codebase from the exchange o
 \subsection{REST API}
 The detailed REST API specificatoin of the Donau backend is publicy available at the following url: \url{https://docs.taler.net/core/api-donau.html}. The following are the main API endpoints:
 
-%json examples
-
 \subsubsection{\texttt{/keys}}
 The \texttt{GET /keys} request returns all valid donation unit public keys offered by the Donau, as well as the Donau's current EdDSA public signing key. Donation units unit keys are used by the Donau to sign blinded messages for an issue receipt request. The signing key is primarily used to create the donation statement signature for the donor (see section xx).
 
-%curl 127.0.0.1:8080/keys
-%\begin{listings}
-%    response
-%\end{listings}
+%TODO
+The following is an example response of a \lstinline{curl 127.0.0.1:8080/keys} command.
+\begin{lstlisting}
+    response
+\end{lstlisting}
 
 \subsubsection{\texttt{/charities}}
 In order for a charity to be able to issue receipts it must be registered by the Donau. To do so the Donau provides an API to manage charities. It is recommended that only the Donau admin can update charities while the charity itself should be able to request their issued donation receipt state to keep track of the set donation limit. The state includes the maximum donation amount and the current donated amount for the charity of the current year.
 
-%curl 127.0.0.1:8080/charities
-%\begin{listings}
-%    response
-%\end{listings}
-
 \begin{figure}[ht]
 \includegraphics[width=1\textwidth]{donau_flow_register_charity}
 \caption{flow chart register charity} \label{fig:donau_flow_register_charity}
 \end{figure}
 
+The following is an example response of a \lstinline{curl 127.0.0.1:8080/charities} command. There is only one charity named \texttt{example} registered with a donation limit of 10 euros.
+
+\begin{lstlisting}
+{
+  "charities": [
+    {
+      "charity_pub": "ABETNXT9ZF606FRF3WD5N6G2XVD5QHDP2PTQD4GSX4VEN2YYG2C0",
+      "url": "example.com",
+      "name": "example",
+      "max_per_year": "EUR:10",
+      "receipts_to_date": "EUR:0",
+      "current_year": 2024
+    }
+  ]
+}
+\end{lstlisting}
+
+To insert a charity a POST request can be sent using \lstinline{curl -d @charity.json -X POST http://127.0.0.1:8080/charities}.
+\begin{lstlisting}[title=charity.json]
+{
+  "charity_pub": "ABETNXT9ZF606FRF3WD5N6G2XVD5QHDP2PTQD4GSX4VEN2YYG2C0",
+  "charity_name": "mycharity",
+  "charity_url": "mycharity.example.com",
+  "max_per_year": "EUR:1000",
+  "receipts_to_date": "EUR:0",
+  "current_year": 2024
+}
+\end{lstlisting}
+
+The response includes the charity ID generated by the database.
+\begin{lstlisting}
+{
+  "charity-id": 1
+}
+\end{lstlisting}
+
+
+
 \subsubsection{\texttt{/batch-issue}}
 %TODO describe BUDI, donation unit -> glossary?
 Only recognized charities requesting issue receipts for their donors (see section xx). An post issue receipt request includes an array of BUDI-Key-Pairs. A BUDI-Key-Pair consists of a BUDI and a hash of a public donation unit key. The charity also signs the request with an EdDSA private key. The corresponding public key was given to the Donau at the registration of the charity. After the Donau checked the signature from the charity it signs the BUDIs with the corresponding donation unit private key. Before the signatures are returned to the charity the Donau saves a hash of the request and all donation unit signatures to make the request idempotent (see database section).
@@ -37,6 +69,16 @@ Only recognized charities requesting issue receipts for their donors (see sectio
 %\caption{flow chart issue receipt} \label{fig:donau_flow_issue_receipt}
 \end{figure}
 
+%TODO
+The following is an example response of a \lstinline{curl -d @issue.json -X POST http://127.0.0.1:8080/batch-issue} request.
+\begin{lstlisting}[title=issue.json]
+    json
+\end{lstlisting}
+
+\begin{lstlisting}
+    response
+\end{lstlisting}
+
 \subsubsection{\texttt{/batch-submit}}
 %TODO describe donation receipt -> glossary?
 The post submit route is used by the donor to summarize his or her donation receipts into one donation statement EdDSA signature. The request is composed of the donation receipt, the corresponding year and the hash of the salted tax id. Processing the request the Donau checks the validity of the donation receipts and searches after more saved donation receipts made in the requested year. The EdDSA signature over the total amount of the value of the donation units of all donation receipts, the hash of the salted tax id and the year forms the donation statement. The donation statement and the receipts are stored in the database (see database).
@@ -49,6 +91,16 @@ Even the donation statement will not be returned after a submit request, a donat
 %\caption{flow chart submit receipt} \label{fig:donau_flow_submit_receipt}
 \end{figure}
 
+%TODO
+The following is an example response of a \lstinline{curl -d @submit.json -X POST http://127.0.0.1:8080/batch-submit} request.
+\begin{lstlisting}[title=submit.json]
+    json
+\end{lstlisting}
+
+\begin{lstlisting}
+    response
+\end{lstlisting}
+
 \subsection{Donau Client}
 The REST client removes some of the complexity of sending requests to the Donau Server. It converts request parameters into JSON and parses JSON responses into a usable C format. What the exact queries are and how they look like is already described in the chapter xx Donau REST API.
 
diff --git a/doc/thesis/thesis.pdf b/doc/thesis/thesis.pdf
Binary files differ.