commit 90e67fe49256d506b8d25de7baf88b7e51998f8c
parent 0a48679bb2b1f112e92fc9b8345a664059bb798d
Author: Christian Grothoff <christian@grothoff.org>
Date: Sun, 31 May 2026 14:23:42 +0200
fix minor challenger spec discrepancies
Diffstat:
5 files changed, 8 insertions(+), 5 deletions(-)
diff --git a/core/api-challenger.rst b/core/api-challenger.rst
@@ -131,7 +131,6 @@ Setup
Login
-----
-.. include:: challenger/get-authorize-NONCE.rst
.. include:: challenger/post-authorize-NONCE.rst
diff --git a/core/challenger/get-authorize-NONCE.rst b/core/challenger/get-authorize-NONCE.rst
@@ -1 +0,0 @@
-.. http:get:: /authorize/$NONCE
diff --git a/core/challenger/post-authorize-NONCE.rst b/core/challenger/post-authorize-NONCE.rst
@@ -1,3 +1,4 @@
+.. http:get:: /authorize/$NONCE
.. http:post:: /authorize/$NONCE
This is the "authorization" endpoint of the OAuth 2.0 protocol. This
@@ -75,10 +76,10 @@
// how many times might the PIN still be retransmitted
// only present if challenge already created
// @since **v2**
- pin_transmissions_left?: Integer;
+ pin_transmissions_left: Integer;
// how many times might the user still try entering the PIN code
// only present if challenge already created
// @since **v2**
- auth_attempts_left?: Integer;
+ auth_attempts_left: Integer;
}
diff --git a/core/challenger/post-token.rst b/core/challenger/post-token.rst
@@ -45,7 +45,7 @@
:http:statuscode:`404 Not found`:
The service is unaware of a matching login process or client.
Returned with error codes of
- ``TALER_EC_CHALLENGER_GENERIC_CLIENT_UNKOWN``
+ ``TALER_EC_CHALLENGER_GENERIC_CLIENT_UNKNOWN``
:http:statuscode:`409 Conflict`:
A ``code`` was presented for a validation process for which
the user has not (yet) submitted any address, so the token
diff --git a/manpages/challenger.conf.5.rst b/manpages/challenger.conf.5.rst
@@ -65,6 +65,10 @@ VALIDATION_EXPIRATION
How long is a validation allowed to take (time from
``/setup`` to ``/token``). After this time, the garbage collection process can delete all associated data. (Note that tokens will always allow access to 1h after they have been issued, regardless of when the validation expires).
+TOKEN_EXPIRATION
+ How long is the access token valid after it was issued.
+ Optional, defaults to 1 hour if not given.
+
AUTH_COMMAND
Which command should we execute to transmit the challenge code to the address. The address is given as the first argument, while the message to send is provided on stdin. Templates (possibly without the necessary credentials) for such commands are provided as challenger-send-email.sh, challenger-send-post.sh and challenger-send-sms.sh.
