commit 838f605b6fcc16322b8986b1cc499425cc76fde3
parent 06825b77136e5b978b10152583fff594ae0206a3
Author: Christian Grothoff <christian@grothoff.org>
Date: Mon, 27 Jul 2020 11:51:05 +0200
adjustments to POST /private/orders for #6446 (still missing DB logic update)
Diffstat:
1 file changed, 63 insertions(+), 22 deletions(-)
diff --git a/src/backend/taler-merchant-httpd_private-post-orders.c b/src/backend/taler-merchant-httpd_private-post-orders.c
@@ -184,7 +184,10 @@ struct InventoryProduct
* Execute the database transaction to setup the order.
*
* @param hc handler context for the request
+ * @param order_id unique ID for the order
+ * @param pay_deadline until when does the order have to be paid
* @param[in] order order to process (not modified)
+ * @param claim_token token to use for access control
* @param inventory_products_length length of the @a inventory_products array
* @param inventory_products array of products to add to @a order from our inventory
* @param uuids_length length of the @a uuids array
@@ -196,6 +199,7 @@ execute_transaction (struct TMH_HandlerContext *hc,
const char *order_id,
struct GNUNET_TIME_Absolute pay_deadline,
json_t *order,
+ const struct TALER_ClaimTokenP *claim_token,
unsigned int inventory_products_length,
const struct InventoryProduct inventory_products[],
unsigned int uuids_length,
@@ -217,6 +221,7 @@ execute_transaction (struct TMH_HandlerContext *hc,
hc->instance->settings.id,
order_id,
pay_deadline,
+ // FIXME-6446: also store claim_token!
order);
/* qs == 0: order already exists. */
if (qs <= 0)
@@ -300,6 +305,7 @@ execute_transaction (struct TMH_HandlerContext *hc,
* @param connection connection to write the result or error to
* @param hc handler context for the request
* @param[in,out] order order to process (can be modified)
+ * @param claim_token token to use for access control
* @param inventory_products_length length of the @a inventory_products array
* @param inventory_products array of products to add to @a order from our inventory
* @param uuids_length length of the @a uuids array
@@ -310,6 +316,7 @@ static MHD_RESULT
execute_order (struct MHD_Connection *connection,
struct TMH_HandlerContext *hc,
json_t *order,
+ const struct TALER_ClaimTokenP *claim_token,
unsigned int inventory_products_length,
const struct InventoryProduct inventory_products[],
unsigned int uuids_length,
@@ -421,6 +428,7 @@ execute_order (struct MHD_Connection *connection,
order_id,
pay_deadline,
order,
+ claim_token,
inventory_products_length,
inventory_products,
uuids_length,
@@ -512,11 +520,16 @@ execute_order (struct MHD_Connection *connection,
{
MHD_RESULT ret;
- ret = TALER_MHD_reply_json_pack (connection,
- MHD_HTTP_OK,
- "{s:s}",
- "order_id",
- order_id);
+ ret = TALER_MHD_reply_json_pack (
+ connection,
+ MHD_HTTP_OK,
+ "{s:s, s:o?}",
+ "order_id",
+ order_id,
+ "token",
+ GNUNET_is_zero (claim_token)
+ ? NULL
+ : GNUNET_JSON_from_data_auto (claim_token));
GNUNET_JSON_parse_free (spec);
return ret;
}
@@ -530,6 +543,7 @@ execute_order (struct MHD_Connection *connection,
* @param connection connection to write the result or error to
* @param hc handler context for the request
* @param[in,out] order order to process (can be modified)
+ * @param claim_token token to use for access control
* @param inventory_products_length length of the @a inventory_products array
* @param inventory_products array of products to add to @a order from our inventory
* @param uuids_length length of the @a uuids array
@@ -540,6 +554,7 @@ static MHD_RESULT
patch_order (struct MHD_Connection *connection,
struct TMH_HandlerContext *hc,
json_t *order,
+ const struct TALER_ClaimTokenP *claim_token,
struct GNUNET_TIME_Relative refund_delay,
unsigned int inventory_products_length,
const struct InventoryProduct inventory_products[],
@@ -788,6 +803,7 @@ patch_order (struct MHD_Connection *connection,
return execute_order (connection,
hc,
order,
+ claim_token,
inventory_products_length,
inventory_products,
uuids_length,
@@ -803,6 +819,7 @@ patch_order (struct MHD_Connection *connection,
* @param connection connection to write the result or error to
* @param hc handler context for the request
* @param[in,out] order order to process (can be modified)
+ * @param claim_token token to use for access control
* @param payment_target desired wire method, NULL for no preference
* @param inventory_products_length length of the @a inventory_products array
* @param inventory_products array of products to add to @a order from our inventory
@@ -814,6 +831,7 @@ static MHD_RESULT
add_payment_details (struct MHD_Connection *connection,
struct TMH_HandlerContext *hc,
json_t *order,
+ const struct TALER_ClaimTokenP *claim_token,
struct GNUNET_TIME_Relative refund_delay,
const char *payment_target,
unsigned int inventory_products_length,
@@ -858,6 +876,7 @@ add_payment_details (struct MHD_Connection *connection,
return patch_order (connection,
hc,
order,
+ claim_token,
refund_delay,
inventory_products_length,
inventory_products,
@@ -874,6 +893,7 @@ add_payment_details (struct MHD_Connection *connection,
* @param connection connection to write the result or error to
* @param hc handler context for the request
* @param[in,out] order order to process (can be modified)
+ * @param claim_token token to use for access control
* @param inventory_products_length length of the @a inventory_products array
* @param inventory_products array of products to add to @a order from our inventory
* @param uuids_length length of the @a uuids array
@@ -884,6 +904,7 @@ static MHD_RESULT
merge_inventory (struct MHD_Connection *connection,
struct TMH_HandlerContext *hc,
json_t *order,
+ const struct TALER_ClaimTokenP *claim_token,
struct GNUNET_TIME_Relative refund_delay,
const char *payment_target,
unsigned int inventory_products_length,
@@ -981,6 +1002,7 @@ merge_inventory (struct MHD_Connection *connection,
return add_payment_details (connection,
hc,
order,
+ claim_token,
refund_delay,
payment_target,
inventory_products_length,
@@ -1012,33 +1034,53 @@ TMH_private_post_orders (const struct TMH_RequestHandler *rh,
struct InventoryProduct *ips = NULL;
unsigned int uuids_len = 0;
struct GNUNET_Uuid *uuids = NULL;
+ struct TALER_ClaimTokenP claim_token;
+ bool create_token;
+ struct GNUNET_JSON_Specification spec[] = {
+ GNUNET_JSON_spec_json ("order",
+ &order),
+ GNUNET_JSON_spec_bool ("create_token",
+ &create_token),
+ GNUNET_JSON_spec_end ()
+ };
+ enum GNUNET_GenericReturnValue ret;
(void) rh;
- order = json_object_get (hc->request_body,
- "order");
- if (NULL == order)
+ ret = TALER_MHD_parse_json_data (connection,
+ hc->request_body,
+ spec);
+ if (GNUNET_OK != ret)
+ return (GNUNET_NO == ret)
+ ? MHD_YES
+ : MHD_NO;
+ if (create_token)
{
- return TALER_MHD_reply_with_error (connection,
- MHD_HTTP_BAD_REQUEST,
- TALER_EC_PARAMETER_MISSING,
- "order");
+ GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
+ &claim_token,
+ sizeof (claim_token));
+ }
+ else
+ {
+ /* we use all-zeros for 'no token' */
+ memset (&claim_token,
+ 0,
+ sizeof (claim_token));
}
/* parse the refund_delay (optionally given) */
if (NULL != json_object_get (hc->request_body,
"refund_delay"))
{
- enum GNUNET_GenericReturnValue res;
struct GNUNET_JSON_Specification spec[] = {
TALER_JSON_spec_relative_time ("refund_delay",
&refund_delay),
GNUNET_JSON_spec_end ()
};
- res = TALER_MHD_parse_json_data (connection,
+ ret = TALER_MHD_parse_json_data (connection,
hc->request_body,
spec);
- if (GNUNET_OK != res)
- return (GNUNET_NO == res)
+ if (GNUNET_OK != ret)
+ return (GNUNET_NO == ret)
? MHD_YES
: MHD_NO;
}
@@ -1082,7 +1124,6 @@ TMH_private_post_orders (const struct TMH_RequestHandler *rh,
{
const char *error_name;
unsigned int error_line;
- int res;
struct GNUNET_JSON_Specification spec[] = {
GNUNET_JSON_spec_string ("product_id",
&ips[i].product_id),
@@ -1091,12 +1132,12 @@ TMH_private_post_orders (const struct TMH_RequestHandler *rh,
GNUNET_JSON_spec_end ()
};
- res = GNUNET_JSON_parse (json_array_get (ip,
+ ret = GNUNET_JSON_parse (json_array_get (ip,
i),
spec,
&error_name,
&error_line);
- if (GNUNET_OK != res)
+ if (GNUNET_OK != ret)
{
GNUNET_break_op (0);
GNUNET_array_grow (ips,
@@ -1140,19 +1181,18 @@ TMH_private_post_orders (const struct TMH_RequestHandler *rh,
{
const char *error_name;
unsigned int error_line;
- int res;
struct GNUNET_JSON_Specification spec[] = {
GNUNET_JSON_spec_fixed_auto ("uuid",
&uuids[i]),
GNUNET_JSON_spec_end ()
};
- res = GNUNET_JSON_parse (json_array_get (uuid,
+ ret = GNUNET_JSON_parse (json_array_get (uuid,
i),
spec,
&error_name,
&error_line);
- if (GNUNET_OK != res)
+ if (GNUNET_OK != ret)
{
GNUNET_break_op (0);
GNUNET_array_grow (ips,
@@ -1181,6 +1221,7 @@ TMH_private_post_orders (const struct TMH_RequestHandler *rh,
res = merge_inventory (connection,
hc,
order,
+ &claim_token,
refund_delay,
payment_target,
ips_len,
