commit 16cce04e4dd34c041d842a1a84d2a56c2bf75988
parent b1dedac43457497d3c4d8ec0300dd94ad8d28114
Author: Christian Grothoff <christian@grothoff.org>
Date: Sun, 2 Feb 2025 15:38:26 +0100
-code cleanup
Diffstat:
1 file changed, 39 insertions(+), 17 deletions(-)
diff --git a/src/backend/taler-merchant-httpd_post-orders-ID-pay.c b/src/backend/taler-merchant-httpd_post-orders-ID-pay.c
@@ -2565,12 +2565,35 @@ find_valid_input_tokens (
/**
+ * Check if an output token of the given @a tfk is mandatory, or if
+ * wallets are allowed to simply not support it and still proceed.
+ *
+ * @param tfk token family kind to check
+ * @return true if such outputs are mandatory and wallets must supply
+ * the corresponding blinded input
+ */
+static bool
+test_tfk_mandatory (enum TALER_MERCHANTDB_TokenFamilyKind tfk)
+{
+ switch (tfk)
+ {
+ case TALER_MERCHANTDB_TFK_Discount:
+ return false;
+ case TALER_MERCHANTDB_TFK_Subscription:
+ return true;
+ }
+ GNUNET_break (0);
+ return false;
+}
+
+
+/**
* Sign the tokens provided by the wallet for a particular @a key.
*
* @param[in,out] payment we are processing
* @param key token family data
* @param priv private key to use to sign with
- * @param critical true if the token must exist, if false
+ * @param mandatory true if the token must exist, if false
* and the client did not provide an envelope, that's OK and
* we just also skimp on the signature
* @param index offset in the token envelope array (from other families)
@@ -2582,7 +2605,7 @@ static enum GNUNET_GenericReturnValue
sign_token_envelopes (struct PayContext *pc,
struct TALER_MERCHANT_ContractTokenFamilyKey *key,
struct TALER_TokenIssuePrivateKey *priv,
- bool critical,
+ bool mandatory,
unsigned int index,
unsigned int expected_num)
{
@@ -2593,7 +2616,8 @@ sign_token_envelopes (struct PayContext *pc,
unsigned int pos = index + j;
const struct TokenEnvelope *env
= &pc->parse_wallet_data.token_envelopes[pos];
- struct SignedOutputToken *output = &pc->validate_tokens.output_tokens[pos];
+ struct SignedOutputToken *output
+ = &pc->validate_tokens.output_tokens[pos];
if ( (pos >= pc->parse_wallet_data.token_envelopes_cnt) ||
(pos >= pc->validate_tokens.output_tokens_len) )
@@ -2603,17 +2627,17 @@ sign_token_envelopes (struct PayContext *pc,
}
if (NULL == env->blinded_token.blinded_pub)
{
- if (! critical)
+ if (! mandatory)
continue;
- /* critical token families require a token envelope. */
+ /* mandatory token families require a token envelope. */
GNUNET_break_op (0);
pay_end (pc,
TALER_MHD_reply_with_error (
pc->connection,
MHD_HTTP_BAD_REQUEST,
TALER_EC_GENERIC_PARAMETER_MALFORMED,
- "Token envelope for critical token family missing"));
+ "Token envelope for mandatory token family missing"));
return GNUNET_NO;
}
TALER_token_issue_sign (priv,
@@ -2824,16 +2848,14 @@ phase_validate_tokens (struct PayContext *pc)
}
GNUNET_assert (NULL != details.priv.private_key);
-
if (GNUNET_OK !=
- sign_token_envelopes (pc,
- key,
- &details.priv,
- /* FIXME: Use critical field stored in database here instead. */
- details.token_family.kind ==
- TALER_MERCHANTDB_TFK_Subscription,
- i,
- output->details.token.count))
+ sign_token_envelopes (
+ pc,
+ key,
+ &details.priv,
+ test_tfk_mandatory (details.token_family.kind),
+ i,
+ output->details.token.count))
{
/* Error is already scheduled from sign_token_envelopes. */
return;
@@ -2994,7 +3016,7 @@ phase_contract_paid (struct PayContext *pc)
{
enum GNUNET_DB_QueryStatus qs;
- /* FIXME: Use h_contract instead of order_serial here? */
+ /* FIXME-Optimization: Maybe use h_contract instead of order_serial here? */
qs = TMH_db->lookup_spent_tokens_by_order (TMH_db->cls,
pc->check_contract.order_serial,
&input_tokens_paid_check,
@@ -3040,7 +3062,7 @@ phase_contract_paid (struct PayContext *pc)
return;
}
/* Conflict, double-payment detected! */
- /* FIXME: What should we do with input tokens?
+ /* FIXME-#8674: What should we do with input tokens?
Currently there is no refund for tokens. */
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"Client attempted to pay extra for already paid order `%s'\n",
