challenger

OAuth 2.0-based authentication service that validates user can receive messages at a certain address
Log | Files | Refs | Submodules | README | LICENSE

challenger_do_validate_and_solve_pin.sql (2643B)


      1 --
      2 -- This file is part of TALER
      3 -- Copyright (C) 2024 Taler Systems SA
      4 --
      5 -- TALER is free software; you can redistribute it and/or modify it under the
      6 -- terms of the GNU General Public License as published by the Free Software
      7 -- Foundation; either version 3, or (at your option) any later version.
      8 --
      9 -- TALER is distributed in the hope that it will be useful, but WITHOUT ANY
     10 -- WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
     11 -- A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
     12 --
     13 -- You should have received a copy of the GNU General Public License along with
     14 -- TALER; see the file COPYING.  If not, see <http://www.gnu.org/licenses/>
     15 --
     16 
     17 CREATE OR REPLACE FUNCTION challenger_do_validate_and_solve_pin (
     18   IN in_nonce BYTEA,
     19   IN in_new_pin INT4,
     20   OUT out_not_found BOOLEAN,
     21   OUT out_exhausted BOOLEAN,
     22   OUT out_no_challenge BOOLEAN,
     23   OUT out_solved BOOLEAN,
     24   OUT out_state TEXT,
     25   OUT out_address_attempts_left INT4,
     26   OUT out_auth_attempts_left INT4,
     27   OUT out_pin_transmissions_left INT4,
     28   OUT out_client_redirect_uri TEXT)
     29 LANGUAGE plpgsql
     30 AS $$
     31 DECLARE
     32   my_status RECORD;
     33 BEGIN
     34 
     35 SELECT auth_attempts_left
     36       ,address_attempts_left
     37       ,pin_transmissions_left
     38       ,last_pin
     39       ,client_redirect_uri
     40       ,client_state
     41   INTO my_status
     42   FROM validations
     43  WHERE nonce=in_nonce
     44    FOR UPDATE;
     45 
     46 IF NOT FOUND
     47 THEN
     48   out_not_found=TRUE;
     49   out_no_challenge=TRUE;
     50   out_exhausted=FALSE;
     51   out_solved=FALSE;
     52   out_address_attempts_left=0;
     53   out_auth_attempts_left=0;
     54   out_pin_transmissions_left=0;
     55   out_client_redirect_uri=NULL;
     56   out_state=NULL;
     57   RETURN;
     58 END IF;
     59 out_not_found=FALSE;
     60 out_address_attempts_left=my_status.address_attempts_left;
     61 out_pin_transmissions_left=my_status.pin_transmissions_left;
     62 out_client_redirect_uri=my_status.client_redirect_uri;
     63 out_state=my_status.client_state;
     64 
     65 IF (my_status.last_pin IS NULL)
     66 THEN
     67   out_solved=FALSE;
     68   out_exhausted=FALSE;
     69   out_auth_attempts_left=0;
     70   out_no_challenge=TRUE;
     71   RETURN;
     72 END IF;
     73 out_no_challenge=FALSE;
     74 
     75 IF (0 > my_status.auth_attempts_left)
     76 THEN
     77   out_solved=TRUE;
     78   out_exhausted=TRUE;
     79   out_auth_attempts_left=0;
     80   RETURN;
     81 END IF;
     82 
     83 IF (0 = my_status.auth_attempts_left)
     84 THEN
     85   out_solved=FALSE;
     86   out_exhausted=TRUE;
     87   out_auth_attempts_left=0;
     88   RETURN;
     89 END IF;
     90 out_exhausted=FALSE;
     91 out_solved = (my_status.last_pin = in_new_pin);
     92 
     93 IF NOT out_solved
     94 THEN
     95   out_auth_attempts_left=my_status.auth_attempts_left-1;
     96 ELSE
     97   out_auth_attempts_left=-1; -- solved: no more attempts
     98 END IF;
     99 
    100 UPDATE validations
    101  SET auth_attempts_left=out_auth_attempts_left
    102  WHERE nonce=in_nonce;
    103 
    104 RETURN;
    105 
    106 END $$;