commit a3e1b26adbb12f4a88b2aa40d9b6fc9d57ad66ac
parent 77327820d687256ed93f1cfd994955c2c2e20911
Author: Antoine A <>
Date: Wed, 12 Jun 2024 09:38:06 +0200
Merge remote-tracking branch 'origin/master' into v12-dev
Diffstat:
8 files changed, 52 insertions(+), 9 deletions(-)
diff --git a/bank/src/main/kotlin/tech/libeufin/bank/api/CoreBankApi.kt b/bank/src/main/kotlin/tech/libeufin/bank/api/CoreBankApi.kt
@@ -127,7 +127,7 @@ private fun Routing.coreBankTokenApi(db: Database) {
}
call.respond(
TokenSuccessResponse(
- access_token = token.encoded(),
+ access_token = "$TOKEN_PREFIX$token",
expiration = TalerProtocolTimestamp(t_s = expirationTimestamp)
)
)
diff --git a/bank/src/main/kotlin/tech/libeufin/bank/auth/auth.kt b/bank/src/main/kotlin/tech/libeufin/bank/auth/auth.kt
@@ -38,6 +38,8 @@ private val AUTH_IS_ADMIN = AttributeKey<Boolean>("is_admin")
/** Used to store used auth token */
private val AUTH_TOKEN = AttributeKey<ByteArray>("auth_token")
+const val TOKEN_PREFIX = "secret-token:"
+
/** Get username of the request account */
val ApplicationCall.username: String get() = parameters.expect("USERNAME")
/** Get username of the request account */
@@ -156,7 +158,7 @@ private suspend fun ApplicationCall.doTokenAuth(
bearer: String,
requiredScope: TokenScope,
): String {
- if (!bearer.startsWith("secret-token:")) throw badRequest(
+ if (!bearer.startsWith(TOKEN_PREFIX)) throw badRequest(
"Bearer token malformed",
TalerErrorCode.GENERIC_HTTP_HEADERS_MALFORMED
)
diff --git a/bank/src/test/kotlin/CoreBankApiTest.kt b/bank/src/test/kotlin/CoreBankApiTest.kt
@@ -24,6 +24,7 @@ import io.ktor.server.testing.*
import kotlinx.serialization.json.JsonElement
import org.junit.Test
import tech.libeufin.bank.*
+import tech.libeufin.bank.auth.*
import tech.libeufin.common.*
import java.time.Duration
import java.time.Instant
@@ -64,7 +65,7 @@ class CoreBankTokenApiTest {
json { "scope" to "readonly" }
}.assertOkJson<TokenSuccessResponse> {
// Checking that the token lifetime defaulted to 24 hours.
- val token = db.token.get(Base32Crockford.decode(it.access_token))
+ val token = db.token.get(Base32Crockford.decode(it.access_token.removePrefix(TOKEN_PREFIX)))
val lifeTime = Duration.between(token!!.creationTime, token.expirationTime)
assertEquals(Duration.ofDays(1), lifeTime)
}
@@ -74,7 +75,7 @@ class CoreBankTokenApiTest {
json { "scope" to "readonly" }
}.assertOkJson<TokenSuccessResponse> {
// Checking that the token lifetime defaulted to 24 hours.
- val token = db.token.get(Base32Crockford.decode(it.access_token))
+ val token = db.token.get(Base32Crockford.decode(it.access_token.removePrefix(TOKEN_PREFIX)))
val lifeTime = Duration.between(token!!.creationTime, token.expirationTime)
assertEquals(Duration.ofDays(1), lifeTime)
}
@@ -88,7 +89,7 @@ class CoreBankTokenApiTest {
}.assertOkJson<TokenSuccessResponse> {
val token = it.access_token
client.post("/accounts/merchant/token") {
- headers["Authorization"] = "Bearer secret-token:$token"
+ headers["Authorization"] = "Bearer $token"
json { "scope" to "readonly" }
}.assertOk()
}
@@ -142,11 +143,11 @@ class CoreBankTokenApiTest {
}.assertOkJson<TokenSuccessResponse>().access_token
// Check OK
client.delete("/accounts/merchant/token") {
- headers["Authorization"] = "Bearer secret-token:$token"
+ headers["Authorization"] = "Bearer $token"
}.assertNoContent()
// Check token no longer work
client.delete("/accounts/merchant/token") {
- headers["Authorization"] = "Bearer secret-token:$token"
+ headers["Authorization"] = "Bearer $token"
}.assertUnauthorized()
// Checking merchant can still be served by basic auth, after token deletion.
@@ -515,7 +516,7 @@ class CoreBankAccountsApiTest {
// Check account can no longer login
client.delete("/accounts/customer/token") {
- headers["Authorization"] = "Bearer secret-token:$token"
+ headers["Authorization"] = "Bearer $token"
}.assertUnauthorized()
client.getA("/accounts/customer/transactions/$tx_id").assertUnauthorized()
client.getA("/accounts/customer/cashouts/$cashout_id").assertUnauthorized()
diff --git a/bootstrap b/bootstrap
@@ -10,7 +10,13 @@ if ! git --version >/dev/null; then
exit 1
fi
+if ! python3 --version >/dev/null; then
+ echo "python3 not installed"
+ exit 1
+fi
+
git submodule sync
git submodule update --init
+./contrib/check-prebuilt
rm -f ./configure
cp build-system/taler-build-scripts/configure ./configure
diff --git a/build.gradle b/build.gradle
@@ -9,7 +9,7 @@ plugins {
}
group = "tech.libeufin"
-version = "0.11.0"
+version = "0.11.3"
if (!JavaVersion.current().isCompatibleWith(JavaVersion.VERSION_17)){
throw new GradleException(
diff --git a/contrib/bank-spa.lock b/contrib/bank-spa.lock
@@ -0,0 +1 @@
+0.11.3
diff --git a/contrib/check-prebuilt b/contrib/check-prebuilt
@@ -0,0 +1,15 @@
+#!/usr/bin/env python3
+
+import os
+import sys
+
+contrib = os.path.abspath(os.path.dirname(__file__))
+
+bank_ver_lock = open(contrib + "/" + "bank-spa.lock").read().strip()
+bank_ver_prebuilt = open(contrib + "/" + "wallet-core/bank/version.txt").read().strip()
+
+if bank_ver_lock != bank_ver_prebuilt:
+ print("bank SPA version mismatch")
+ print("lockfile has version", bank_ver_lock)
+ print("prebuilt has version", bank_ver_prebuilt)
+ sys.exit(1)
diff --git a/debian/changelog b/debian/changelog
@@ -1,3 +1,21 @@
+libeufin (0.11.3) unstable; urgency=low
+
+ * Update to latest bank SPA.
+
+ -- Florian Dold <dold@taler.net> Mon, 10 Jun 2024 00:20:31 +0200
+
+libeufin (0.11.2) unstable; urgency=low
+
+ * Package v0.11.2.
+
+ -- Sebastian Marchano <sebasjm@taler.net> Mon, 03 Jun 2024 13:27:25 -0300
+
+libeufin (0.11.1) unstable; urgency=low
+
+ * Package v0.11.1.
+
+ -- Florian Dold <dold@taler.net> Mon, 27 May 2024 19:27:25 +0200
+
libeufin (0.11.0) unstable; urgency=low
* Package v0.11.0.
