LCOV - code coverage report
Current view: top level - backend - taler-merchant-httpd_private-post-instances-ID-auth.c (source / functions) Hit Total Coverage
Test: GNU Taler merchant coverage report Lines: 41 62 66.1 %
Date: 2021-08-30 06:54:17 Functions: 3 3 100.0 %
Legend: Lines: hit not hit

          Line data    Source code
       1             : /*
       2             :   This file is part of GNU Taler
       3             :   (C) 2021 Taler Systems SA
       4             : 
       5             :   GNU Taler is free software; you can redistribute it and/or modify
       6             :   it under the terms of the GNU Affero General Public License as
       7             :   published by the Free Software Foundation; either version 3,
       8             :   or (at your option) any later version.
       9             : 
      10             :   GNU Taler is distributed in the hope that it will be useful, but
      11             :   WITHOUT ANY WARRANTY; without even the implied warranty of
      12             :   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      13             :   GNU General Public License for more details.
      14             : 
      15             :   You should have received a copy of the GNU General Public
      16             :   License along with TALER; see the file COPYING.  If not,
      17             :   see <http://www.gnu.org/licenses/>
      18             : */
      19             : 
      20             : /**
      21             :  * @file taler-merchant-httpd_private-post-instances-ID-auth.c
      22             :  * @brief implementing POST /instances/$ID/auth request handling
      23             :  * @author Christian Grothoff
      24             :  * @author Florian Dold
      25             :  */
      26             : #include "platform.h"
      27             : #include "taler-merchant-httpd_private-post-instances-ID-auth.h"
      28             : #include "taler-merchant-httpd_helper.h"
      29             : #include <taler/taler_json_lib.h>
      30             : 
      31             : 
      32             : /**
      33             :  * How often do we retry the simple INSERT database transaction?
      34             :  */
      35             : #define MAX_RETRIES 3
      36             : 
      37             : 
      38             : /**
      39             :  * Change the authentication settings of an instance.
      40             :  *
      41             :  * @param mi instance to modify settings of
      42             :  * @param connection the MHD connection to handle
      43             :  * @param[in,out] hc context with further information about the request
      44             :  * @return MHD result code
      45             :  */
      46             : static MHD_RESULT
      47           7 : post_instances_ID_auth (struct TMH_MerchantInstance *mi,
      48             :                         struct MHD_Connection *connection,
      49             :                         struct TMH_HandlerContext *hc)
      50             : {
      51             :   struct TALER_MERCHANTDB_InstanceAuthSettings ias;
      52           7 :   const char *auth_token = NULL;
      53           7 :   json_t *jauth = hc->request_body;
      54             : 
      55             :   {
      56             :     enum GNUNET_GenericReturnValue ret;
      57             : 
      58           7 :     ret = TMH_check_auth_config (connection,
      59             :                                  jauth,
      60             :                                  &auth_token);
      61           7 :     if (GNUNET_OK != ret)
      62           1 :       return (GNUNET_NO == ret) ? MHD_YES : MHD_NO;
      63             :   }
      64             : 
      65           6 :   if (NULL == auth_token)
      66             :   {
      67           1 :     memset (&ias.auth_salt,
      68             :             0,
      69             :             sizeof (ias.auth_salt));
      70           1 :     memset (&ias.auth_hash,
      71             :             0,
      72             :             sizeof (ias.auth_hash));
      73             :   }
      74             :   else
      75             :   {
      76           5 :     TMH_compute_auth (auth_token,
      77             :                       &ias.auth_salt,
      78             :                       &ias.auth_hash);
      79             :   }
      80             : 
      81             :   /* Store the new auth information in the database */
      82             :   {
      83             :     enum GNUNET_DB_QueryStatus qs;
      84             : 
      85           6 :     for (unsigned int i = 0; i<MAX_RETRIES; i++)
      86             :     {
      87           6 :       if (GNUNET_OK !=
      88           6 :           TMH_db->start (TMH_db->cls,
      89             :                          "post /instances/$ID/auth"))
      90             :       {
      91           0 :         return TALER_MHD_reply_with_error (connection,
      92             :                                            MHD_HTTP_INTERNAL_SERVER_ERROR,
      93             :                                            TALER_EC_GENERIC_DB_START_FAILED,
      94             :                                            NULL);
      95             :       }
      96             : 
      97             :       /* Make the authentication update a serializable operation.
      98             :          We first check that the authentication information
      99             :          that the caller's request authenticated with
     100             :          is still up to date.
     101             :          Otherwise, we've detected a conflicting update
     102             :          to the authentication. */
     103             :       {
     104             :         struct TALER_MERCHANTDB_InstanceAuthSettings db_ias;
     105           6 :         qs = TMH_db->lookup_instance_auth (TMH_db->cls,
     106           6 :                                            mi->settings.id,
     107             :                                            &db_ias);
     108             : 
     109           6 :         switch (qs)
     110             :         {
     111           0 :         case GNUNET_DB_STATUS_SUCCESS_NO_RESULTS:
     112             :           /* Instance got purged. */
     113           0 :           TMH_db->rollback (TMH_db->cls);
     114           0 :           return TALER_MHD_reply_with_error (connection,
     115             :                                              MHD_HTTP_UNAUTHORIZED,
     116             :                                              TALER_EC_GENERIC_DB_COMMIT_FAILED,
     117             :                                              NULL);
     118           0 :         case GNUNET_DB_STATUS_SOFT_ERROR:
     119           0 :           TMH_db->rollback (TMH_db->cls);
     120           0 :           goto retry;
     121           0 :         case GNUNET_DB_STATUS_HARD_ERROR:
     122           0 :           TMH_db->rollback (TMH_db->cls);
     123           0 :           return TALER_MHD_reply_with_error (connection,
     124             :                                              MHD_HTTP_INTERNAL_SERVER_ERROR,
     125             :                                              TALER_EC_GENERIC_DB_FETCH_FAILED,
     126             :                                              NULL);
     127           6 :         case GNUNET_DB_STATUS_SUCCESS_ONE_RESULT:
     128             :           /* Success! */
     129           6 :           break;
     130             :         }
     131             : 
     132           6 :         if (GNUNET_OK !=
     133           6 :             TMH_check_auth (hc->auth_token,
     134             :                             &db_ias.auth_salt,
     135             :                             &db_ias.auth_hash))
     136             :         {
     137           0 :           TMH_db->rollback (TMH_db->cls);
     138           0 :           return TALER_MHD_reply_with_error (connection,
     139             :                                              MHD_HTTP_UNAUTHORIZED,
     140             :                                              TALER_EC_MERCHANT_GENERIC_UNAUTHORIZED,
     141             :                                              NULL);
     142             :         }
     143             :       }
     144             : 
     145           6 :       qs = TMH_db->update_instance_auth (TMH_db->cls,
     146           6 :                                          mi->settings.id,
     147             :                                          &ias);
     148           6 :       if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT != qs)
     149             :       {
     150           0 :         GNUNET_break (GNUNET_DB_STATUS_SOFT_ERROR == qs);
     151           0 :         TMH_db->rollback (TMH_db->cls);
     152           0 :         if (GNUNET_DB_STATUS_HARD_ERROR == qs)
     153             :         {
     154           0 :           return TALER_MHD_reply_with_error (connection,
     155             :                                              MHD_HTTP_INTERNAL_SERVER_ERROR,
     156             :                                              TALER_EC_GENERIC_DB_FETCH_FAILED,
     157             :                                              NULL);
     158             :         }
     159           0 :         goto retry;
     160             :       }
     161           6 :       qs = TMH_db->commit (TMH_db->cls);
     162           6 :       if (GNUNET_DB_STATUS_SUCCESS_NO_RESULTS == qs)
     163           6 :         qs = GNUNET_DB_STATUS_SUCCESS_ONE_RESULT;
     164           0 : retry:
     165           6 :       if (GNUNET_DB_STATUS_SOFT_ERROR != qs)
     166           6 :         break; /* success! -- or hard failure */
     167             :     } /* for .. MAX_RETRIES */
     168           6 :     if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT != qs)
     169             :     {
     170           0 :       return TALER_MHD_reply_with_error (connection,
     171             :                                          MHD_HTTP_INTERNAL_SERVER_ERROR,
     172             :                                          TALER_EC_GENERIC_DB_COMMIT_FAILED,
     173             :                                          NULL);
     174             :     }
     175             :     /* Finally, also update our running process */
     176           6 :     mi->auth = ias;
     177             :   }
     178           6 :   if (0 == strcmp (mi->settings.id,
     179             :                    "default"))
     180             :   {
     181             :     /* The default auth string should've been
     182             :        cleared with the first request
     183             :        for the default instance. */
     184           2 :     GNUNET_assert (NULL == TMH_default_auth);
     185             :   }
     186           6 :   TMH_reload_instances (mi->settings.id);
     187           6 :   return TALER_MHD_reply_static (connection,
     188             :                                  MHD_HTTP_NO_CONTENT,
     189             :                                  NULL,
     190             :                                  NULL,
     191             :                                  0);
     192             : }
     193             : 
     194             : 
     195             : MHD_RESULT
     196           5 : TMH_private_post_instances_ID_auth (const struct TMH_RequestHandler *rh,
     197             :                                     struct MHD_Connection *connection,
     198             :                                     struct TMH_HandlerContext *hc)
     199             : {
     200           5 :   struct TMH_MerchantInstance *mi = hc->instance;
     201             : 
     202           5 :   return post_instances_ID_auth (mi,
     203             :                                  connection,
     204             :                                  hc);
     205             : }
     206             : 
     207             : 
     208             : MHD_RESULT
     209           2 : TMH_private_post_instances_default_ID_auth (const struct TMH_RequestHandler *rh,
     210             :                                             struct MHD_Connection *connection,
     211             :                                             struct TMH_HandlerContext *hc)
     212             : {
     213             :   struct TMH_MerchantInstance *mi;
     214             : 
     215           2 :   mi = TMH_lookup_instance (hc->infix);
     216           2 :   if (NULL == mi)
     217             :   {
     218           0 :     return TALER_MHD_reply_with_error (connection,
     219             :                                        MHD_HTTP_NOT_FOUND,
     220             :                                        TALER_EC_MERCHANT_GENERIC_INSTANCE_UNKNOWN,
     221           0 :                                        hc->infix);
     222             :   }
     223           2 :   return post_instances_ID_auth (mi,
     224             :                                  connection,
     225             :                                  hc);
     226             : }
     227             : 
     228             : 
     229             : /* end of taler-merchant-httpd_private-post-instances-ID-auth.c */

Generated by: LCOV version 1.14