Line data    Source code

       1             : /*
       2             :   This file is part of GNU Taler
       3             :   (C) 2023 Taler Systems SA
       4             : 
       5             :   GNU Taler is free software; you can redistribute it and/or modify
       6             :   it under the terms of the GNU Affero General Public License as
       7             :   published by the Free Software Foundation; either version 3,
       8             :   or (at your option) any later version.
       9             : 
      10             :   GNU Taler is distributed in the hope that it will be useful, but
      11             :   WITHOUT ANY WARRANTY; without even the implied warranty of
      12             :   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      13             :   GNU General Public License for more details.
      14             : 
      15             :   You should have received a copy of the GNU General Public
      16             :   License along with TALER; see the file COPYING.  If not,
      17             :   see <http://www.gnu.org/licenses/>
      18             : */
      19             : 
      20             : /**
      21             :  * @file taler-merchant-httpd_private-post-instances-ID-token.c
      22             :  * @brief implementing DELETE /instances/$ID/token request handling
      23             :  * @author Christian Grothoff
      24             :  */
      25             : #include "platform.h"
      26             : #include "taler-merchant-httpd_private-delete-instances-ID-token.h"
      27             : #include "taler-merchant-httpd_helper.h"
      28             : #include <taler/taler_json_lib.h>
      29             : 
      30             : 
      31             : MHD_RESULT
      32           3 : TMH_private_delete_instances_ID_token (const struct TMH_RequestHandler *rh,
      33             :                                        struct MHD_Connection *connection,
      34             :                                        struct TMH_HandlerContext *hc)
      35             : {
      36           3 :   const char *bearer = "Bearer ";
      37           3 :   struct TMH_MerchantInstance *mi = hc->instance;
      38             :   const char *tok;
      39             :   struct TALER_MERCHANTDB_LoginTokenP btoken;
      40             :   enum GNUNET_DB_QueryStatus qs;
      41             : 
      42           3 :   tok = MHD_lookup_connection_value (connection,
      43             :                                      MHD_HEADER_KIND,
      44             :                                      MHD_HTTP_HEADER_AUTHORIZATION);
      45             :   /* This was presumably checked before... */
      46           3 :   if (0 !=
      47           3 :       strncmp (tok,
      48             :                bearer,
      49             :                strlen (bearer)))
      50             :   {
      51           0 :     GNUNET_break_op (0);
      52           0 :     return TALER_MHD_reply_with_ec (connection,
      53             :                                     TALER_EC_GENERIC_PARAMETER_MALFORMED,
      54             :                                     "login token (in 'Authorization' header)");
      55             :   }
      56           3 :   tok += strlen (bearer);
      57           3 :   while (' ' == *tok)
      58           0 :     tok++;
      59           3 :   if (0 != strncasecmp (tok,
      60             :                         RFC_8959_PREFIX,
      61             :                         strlen (RFC_8959_PREFIX)))
      62             :   {
      63           0 :     GNUNET_break_op (0);
      64           0 :     return TALER_MHD_reply_with_ec (connection,
      65             :                                     TALER_EC_GENERIC_PARAMETER_MALFORMED,
      66             :                                     "login token (in 'Authorization' header)");
      67             :   }
      68           3 :   tok += strlen (RFC_8959_PREFIX);
      69             : 
      70           3 :   if (GNUNET_OK !=
      71           3 :       GNUNET_STRINGS_string_to_data (tok,
      72             :                                      strlen (tok),
      73             :                                      &btoken,
      74             :                                      sizeof (btoken)))
      75             :   {
      76           0 :     GNUNET_break_op (0);
      77           0 :     return TALER_MHD_reply_with_ec (connection,
      78             :                                     TALER_EC_GENERIC_PARAMETER_MALFORMED,
      79             :                                     "login token (in 'Authorization' header)");
      80             :   }
      81           3 :   qs = TMH_db->delete_login_token (TMH_db->cls,
      82           3 :                                    mi->settings.id,
      83             :                                    &btoken);
      84           3 :   switch (qs)
      85             :   {
      86           0 :   case GNUNET_DB_STATUS_HARD_ERROR:
      87             :   case GNUNET_DB_STATUS_SOFT_ERROR:
      88           0 :     GNUNET_break (0);
      89           0 :     return TALER_MHD_reply_with_ec (connection,
      90             :                                     TALER_EC_GENERIC_DB_STORE_FAILED,
      91             :                                     "delete_login_token");
      92           3 :   case GNUNET_DB_STATUS_SUCCESS_NO_RESULTS:
      93             :     /* No 404, as the login token must have existed
      94             :        when we got the request as it was accepted as
      95             :        valid. So we can only get here due to concurrent
      96             :        modification, and then the client should still
      97             :        simply see the success. Hence, fall-through */
      98             :   case GNUNET_DB_STATUS_SUCCESS_ONE_RESULT:
      99           3 :     return TALER_MHD_reply_static (connection,
     100             :                                    MHD_HTTP_NO_CONTENT,
     101             :                                    NULL,
     102             :                                    NULL,
     103             :                                    0);
     104             :   }
     105           0 :   GNUNET_break (0);
     106           0 :   return MHD_NO;
     107             : }
     108             : 
     109             : 
     110             : /* end of taler-merchant-httpd_private-delete-instances-ID-login.c */