LCOV - code coverage report
Current view: top level - backend - taler-merchant-httpd_post-orders-ID-paid.c (source / functions) Hit Total Coverage
Test: GNU Taler merchant coverage report Lines: 41 58 70.7 %
Date: 2021-08-30 06:54:17 Functions: 2 2 100.0 %
Legend: Lines: hit not hit

          Line data    Source code
       1             : /*
       2             :   This file is part of TALER
       3             :   (C) 2014-2021 Taler Systems SA
       4             : 
       5             :   TALER is free software; you can redistribute it and/or modify
       6             :   it under the terms of the GNU Affero General Public License as
       7             :   published by the Free Software Foundation; either version 3,
       8             :   or (at your option) any later version.
       9             : 
      10             :   TALER is distributed in the hope that it will be useful, but
      11             :   WITHOUT ANY WARRANTY; without even the implied warranty of
      12             :   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      13             :   GNU General Public License for more details.
      14             : 
      15             :   You should have received a copy of the GNU General Public
      16             :   License along with TALER; see the file COPYING.  If not,
      17             :   see <http://www.gnu.org/licenses/>
      18             : */
      19             : 
      20             : /**
      21             :  * @file taler-merchant-httpd_post-orders-ID-paid.c
      22             :  * @brief handling of POST /orders/$ID/paid requests
      23             :  * @author Christian Grothoff
      24             :  */
      25             : #include "platform.h"
      26             : #include <taler/taler_dbevents.h>
      27             : #include <taler/taler_signatures.h>
      28             : #include <taler/taler_json_lib.h>
      29             : #include <taler/taler_exchange_service.h>
      30             : #include "taler-merchant-httpd_post-orders-ID-paid.h"
      31             : 
      32             : 
      33             : /**
      34             :  * Use database to notify other clients about the
      35             :  * session being captured.
      36             :  *
      37             :  * @param hc http context
      38             :  * @param session_id the captured session
      39             :  * @param fulfillment_url the URL that is now paid for by @a session_id
      40             :  */
      41             : static void
      42           4 : trigger_session_notification (struct TMH_HandlerContext *hc,
      43             :                               const char *session_id,
      44             :                               const char *fulfillment_url)
      45             : {
      46           4 :   struct TMH_SessionEventP session_eh = {
      47           4 :     .header.size = htons (sizeof (session_eh)),
      48           4 :     .header.type = htons (TALER_DBEVENT_MERCHANT_SESSION_CAPTURED),
      49           4 :     .merchant_pub = hc->instance->merchant_pub
      50             :   };
      51             : 
      52           4 :   GNUNET_CRYPTO_hash (session_id,
      53             :                       strlen (session_id),
      54             :                       &session_eh.h_session_id);
      55           4 :   GNUNET_CRYPTO_hash (fulfillment_url,
      56             :                       strlen (fulfillment_url),
      57             :                       &session_eh.h_fulfillment_url);
      58           4 :   TMH_db->event_notify (TMH_db->cls,
      59             :                         &session_eh.header,
      60             :                         NULL,
      61             :                         0);
      62           4 : }
      63             : 
      64             : 
      65             : MHD_RESULT
      66           4 : TMH_post_orders_ID_paid (const struct TMH_RequestHandler *rh,
      67             :                          struct MHD_Connection *connection,
      68             :                          struct TMH_HandlerContext *hc)
      69             : {
      70           4 :   struct TALER_PaymentResponsePS pr = {
      71           4 :     .purpose.purpose = htonl (TALER_SIGNATURE_MERCHANT_PAYMENT_OK),
      72           4 :     .purpose.size = htonl (sizeof (pr))
      73             :   };
      74           4 :   const char *order_id = hc->infix;
      75             :   struct TALER_MerchantSignatureP merchant_sig;
      76             :   const char *session_id;
      77             :   json_t *contract_terms;
      78             :   const char *fulfillment_url;
      79             :   enum GNUNET_DB_QueryStatus qs;
      80             : 
      81             :   {
      82             :     struct GNUNET_JSON_Specification spec[] = {
      83           4 :       GNUNET_JSON_spec_fixed_auto ("sig",
      84             :                                    &merchant_sig),
      85           4 :       GNUNET_JSON_spec_fixed_auto ("h_contract",
      86             :                                    &pr.h_contract_terms),
      87           4 :       GNUNET_JSON_spec_string ("session_id",
      88             :                                &session_id),
      89           4 :       GNUNET_JSON_spec_end ()
      90             :     };
      91             :     enum GNUNET_GenericReturnValue res;
      92             : 
      93           4 :     res = TALER_MHD_parse_json_data (connection,
      94           4 :                                      hc->request_body,
      95             :                                      spec);
      96           4 :     if (GNUNET_YES != res)
      97             :     {
      98           0 :       GNUNET_break_op (0);
      99             :       return (GNUNET_NO == res)
     100             :              ? MHD_YES
     101           0 :              : MHD_NO;
     102             :     }
     103             :   }
     104             : 
     105             : 
     106           4 :   if (GNUNET_OK !=
     107           4 :       GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_MERCHANT_PAYMENT_OK,
     108             :                                   &pr,
     109             :                                   &merchant_sig.eddsa_sig,
     110             :                                   &hc->instance->merchant_pub.eddsa_pub))
     111             :   {
     112           0 :     GNUNET_break_op (0);
     113           0 :     return TALER_MHD_reply_with_error (connection,
     114             :                                        MHD_HTTP_FORBIDDEN,
     115             :                                        TALER_EC_MERCHANT_POST_ORDERS_ID_PAID_COIN_SIGNATURE_INVALID,
     116             :                                        NULL);
     117             :   }
     118             : 
     119           4 :   TMH_db->preflight (TMH_db->cls);
     120             :   {
     121             :     uint64_t order_serial;
     122             : 
     123           4 :     qs = TMH_db->lookup_contract_terms (TMH_db->cls,
     124           4 :                                         hc->instance->settings.id,
     125             :                                         order_id,
     126             :                                         &contract_terms,
     127             :                                         &order_serial,
     128             :                                         NULL);
     129             :   }
     130           4 :   if (0 > qs)
     131             :   {
     132             :     /* single, read-only SQL statements should never cause
     133             :        serialization problems */
     134           0 :     GNUNET_break (GNUNET_DB_STATUS_SOFT_ERROR != qs);
     135             :     /* Always report on hard error as well to enable diagnostics */
     136           0 :     GNUNET_break (GNUNET_DB_STATUS_HARD_ERROR == qs);
     137           0 :     return TALER_MHD_reply_with_error (connection,
     138             :                                        MHD_HTTP_INTERNAL_SERVER_ERROR,
     139             :                                        TALER_EC_GENERIC_DB_FETCH_FAILED,
     140             :                                        "lookup_contract_terms");
     141             :   }
     142           4 :   if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs)
     143             :   {
     144           0 :     GNUNET_log (GNUNET_ERROR_TYPE_INFO,
     145             :                 "Unknown order id given: `%s'\n",
     146             :                 order_id);
     147           0 :     return TALER_MHD_reply_with_error (connection,
     148             :                                        MHD_HTTP_NOT_FOUND,
     149             :                                        TALER_EC_MERCHANT_GENERIC_ORDER_UNKNOWN,
     150             :                                        order_id);
     151             :   }
     152             : 
     153             :   {
     154             :     struct GNUNET_HashCode h_contract_terms;
     155             : 
     156           4 :     if (GNUNET_OK !=
     157           4 :         TALER_JSON_contract_hash (contract_terms,
     158             :                                   &h_contract_terms))
     159             :     {
     160           0 :       GNUNET_break (0);
     161           0 :       json_decref (contract_terms);
     162           0 :       return TALER_MHD_reply_with_error (connection,
     163             :                                          MHD_HTTP_INTERNAL_SERVER_ERROR,
     164             :                                          TALER_EC_GENERIC_FAILED_COMPUTE_JSON_HASH,
     165             :                                          NULL);
     166             :     }
     167           4 :     if (0 != GNUNET_memcmp (&pr.h_contract_terms,
     168             :                             &h_contract_terms))
     169             :     {
     170           0 :       json_decref (contract_terms);
     171           0 :       return TALER_MHD_reply_with_error (connection,
     172             :                                          MHD_HTTP_BAD_REQUEST,
     173             :                                          TALER_EC_MERCHANT_POST_ORDERS_ID_PAID_CONTRACT_HASH_MISMATCH,
     174             :                                          NULL);
     175             :     }
     176             :   }
     177             : 
     178             : 
     179             :   fulfillment_url
     180           4 :     = json_string_value (json_object_get (contract_terms,
     181             :                                           "fulfillment_url"));
     182           4 :   GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
     183             :               "Marking contract %s with %s/%s as paid\n",
     184             :               order_id,
     185             :               session_id,
     186             :               fulfillment_url);
     187           4 :   qs = TMH_db->mark_contract_paid (TMH_db->cls,
     188           4 :                                    hc->instance->settings.id,
     189             :                                    &pr.h_contract_terms,
     190             :                                    session_id);
     191             :   /* If the order was paid already, we get qs == 0. */
     192           4 :   if (0 > qs)
     193             :   {
     194           0 :     GNUNET_break (0);
     195           0 :     json_decref (contract_terms);
     196           0 :     return TALER_MHD_reply_with_error (connection,
     197             :                                        MHD_HTTP_INTERNAL_SERVER_ERROR,
     198             :                                        TALER_EC_GENERIC_DB_STORE_FAILED,
     199             :                                        "mark_contract_paid");
     200             :   }
     201             : 
     202             :   /* Wake everybody up who waits for this fulfillment_url and session_id */
     203           4 :   if ( (NULL != fulfillment_url) &&
     204           4 :        (NULL != session_id) )
     205           4 :     trigger_session_notification (hc,
     206             :                                   session_id,
     207             :                                   fulfillment_url);
     208             :   /* fulfillment_url is part of the contract_terms */
     209           4 :   json_decref (contract_terms);
     210           4 :   return TALER_MHD_reply_static (connection,
     211             :                                  MHD_HTTP_NO_CONTENT,
     212             :                                  NULL,
     213             :                                  NULL,
     214             :                                  0);
     215             : }
     216             : 
     217             : 
     218             : /* end of taler-merchant-httpd_post-orders-ID-paid.c */

Generated by: LCOV version 1.14