challenger

OAuth 2.0-based authentication service that validates user can receive messages at a certain address
Log | Files | Refs | Submodules | README | LICENSE

challenger_do_challenge_set_address_and_pin.sql (3567B)


      1 --
      2 -- This file is part of TALER
      3 -- Copyright (C) 2024 Taler Systems SA
      4 --
      5 -- TALER is free software; you can redistribute it and/or modify it under the
      6 -- terms of the GNU General Public License as published by the Free Software
      7 -- Foundation; either version 3, or (at your option) any later version.
      8 --
      9 -- TALER is distributed in the hope that it will be useful, but WITHOUT ANY
     10 -- WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
     11 -- A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
     12 --
     13 -- You should have received a copy of the GNU General Public License along with
     14 -- TALER; see the file COPYING.  If not, see <http://www.gnu.org/licenses/>
     15 --
     16 
     17 
     18 CREATE OR REPLACE FUNCTION challenger_do_challenge_set_address_and_pin (
     19   IN in_nonce BYTEA,
     20   IN in_address TEXT,
     21   IN in_next_tx_time INT8,
     22   IN in_now INT8,
     23   IN in_tan INT4,
     24   OUT out_not_found BOOLEAN,
     25   OUT out_last_tx_time INT8,
     26   OUT out_last_pin INT4,
     27   OUT out_state TEXT,
     28   OUT out_pin_transmit BOOLEAN,
     29   OUT out_auth_attempts_left INT4,
     30   OUT out_client_redirect_uri TEXT,
     31   OUT out_address_refused BOOLEAN,
     32   OUT out_solved BOOLEAN)
     33 LANGUAGE plpgsql
     34 AS $$
     35 DECLARE
     36   my_status RECORD;
     37   my_do_update BOOL;
     38 BEGIN
     39 
     40 my_do_update = FALSE;
     41 
     42 SELECT address
     43       ,address_attempts_left
     44       ,pin_transmissions_left
     45       ,last_tx_time
     46       ,client_redirect_uri
     47       ,last_pin
     48       ,auth_attempts_left
     49       ,client_state
     50   INTO my_status
     51   FROM validations
     52  WHERE nonce=in_nonce
     53    FOR UPDATE;
     54 
     55 IF NOT FOUND
     56 THEN
     57   out_not_found=TRUE;
     58   out_last_tx_time=0;
     59   out_last_pin=0;
     60   out_pin_transmit=FALSE;
     61   out_auth_attempts_left=0;
     62   out_client_redirect_uri=NULL;
     63   out_address_refused=TRUE;
     64   out_solved=FALSE;
     65   out_state=NULL;
     66   RETURN;
     67 END IF;
     68 out_not_found=FALSE;
     69 out_last_tx_time=my_status.last_tx_time;
     70 out_last_pin=my_status.last_pin;
     71 out_pin_transmit=FALSE;
     72 out_auth_attempts_left=my_status.auth_attempts_left;
     73 out_state=my_status.client_state;
     74 out_client_redirect_uri=my_status.client_redirect_uri;
     75 
     76 IF ( 0 > my_status.auth_attempts_left ) -- this challenge is solved
     77 THEN
     78   out_address_refused=TRUE;
     79   out_solved=TRUE;
     80   out_auth_attempts_left=0;
     81   RETURN;
     82 END IF;
     83 out_solved=FALSE;
     84 
     85 IF ( (0 = my_status.address_attempts_left) AND
     86      (in_address != my_status.address) )
     87 THEN
     88   out_address_refused=TRUE;
     89   out_last_pin=0;
     90   RETURN;
     91 END IF;
     92 out_address_refused=FALSE;
     93 
     94 IF ( (my_status.address IS NULL) OR
     95      (in_address != my_status.address) )
     96 THEN
     97   -- we are changing the address, update counters
     98   my_status.address_attempts_left = my_status.address_attempts_left - 1;
     99   my_status.address = in_address;
    100   my_status.pin_transmissions_left = 3;
    101   my_status.last_tx_time = 0;
    102   my_do_update=TRUE;
    103 END IF;
    104 
    105 IF ( (my_status.pin_transmissions_left > 0) AND
    106      (my_status.last_tx_time <= in_next_tx_time) )
    107 THEN
    108   -- we are changing the PIN, update counters
    109   my_status.pin_transmissions_left = my_status.pin_transmissions_left - 1;
    110   my_status.last_pin = in_tan;
    111   my_status.auth_attempts_left = 3;
    112   my_status.last_tx_time = in_now;
    113   out_auth_attempts_left = 3;
    114   out_pin_transmit=TRUE;
    115   out_last_pin = in_tan;
    116   out_last_tx_time = in_now;
    117   my_do_update=TRUE;
    118 END IF;
    119 
    120 IF my_do_update
    121 THEN
    122   UPDATE validations SET
    123     address=my_status.address
    124    ,address_attempts_left=my_status.address_attempts_left
    125    ,pin_transmissions_left=my_status.pin_transmissions_left
    126    ,last_tx_time=my_status.last_tx_time
    127    ,last_pin=my_status.last_pin
    128    ,auth_attempts_left=my_status.auth_attempts_left
    129   WHERE nonce=in_nonce;
    130 END IF;
    131 
    132 RETURN;
    133 
    134 END $$;