merchant

Merchant backend to process payments, run by merchants
Log | Files | Refs | Submodules | README | LICENSE

taler-merchant-httpd_delete-private-tokens-SERIAL.c (5754B)

      1 /*
      2   This file is part of GNU Taler
      3   (C) 2023 Taler Systems SA
      4 
      5   GNU Taler is free software; you can redistribute it and/or modify
      6   it under the terms of the GNU Affero General Public License as
      7   published by the Free Software Foundation; either version 3,
      8   or (at your option) any later version.
      9 
     10   GNU Taler is distributed in the hope that it will be useful, but
     11   WITHOUT ANY WARRANTY; without even the implied warranty of
     12   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
     13   GNU General Public License for more details.
     14 
     15   You should have received a copy of the GNU General Public
     16   License along with TALER; see the file COPYING.  If not,
     17   see <http://www.gnu.org/licenses/>
     18 */
     19 
     20 /**
     21  * @file taler-merchant-httpd_delete-private-tokens-SERIAL.c
     22  * @brief implementing DELETE /instances/$ID/token request handling
     23  * @author Christian Grothoff
     24  */
     25 #include "taler/platform.h"
     26 #include "taler-merchant-httpd_delete-private-tokens-SERIAL.h"
     27 #include "taler-merchant-httpd_helper.h"
     28 #include <taler/taler_json_lib.h>
     29 
     30 
     31 MHD_RESULT
     32 TMH_private_delete_instances_ID_token_SERIAL (
     33   const struct TMH_RequestHandler *rh,
     34   struct MHD_Connection *connection,
     35   struct TMH_HandlerContext *hc)
     36 {
     37   struct TMH_MerchantInstance *mi = hc->instance;
     38   enum GNUNET_DB_QueryStatus qs;
     39   unsigned long long serial;
     40   char dummy;
     41 
     42   GNUNET_assert (NULL != mi);
     43   GNUNET_assert (NULL != hc->infix);
     44   if (1 != sscanf (hc->infix,
     45                    "%llu%c",
     46                    &serial,
     47                    &dummy))
     48   {
     49     GNUNET_break_op (0);
     50     return TALER_MHD_reply_with_error (connection,
     51                                        MHD_HTTP_BAD_REQUEST,
     52                                        TALER_EC_GENERIC_PARAMETER_MALFORMED,
     53                                        "serial must be a number");
     54   }
     55 
     56 
     57   qs = TMH_db->delete_login_token_serial (TMH_db->cls,
     58                                           mi->settings.id,
     59                                           serial);
     60   switch (qs)
     61   {
     62   case GNUNET_DB_STATUS_HARD_ERROR:
     63   case GNUNET_DB_STATUS_SOFT_ERROR:
     64     GNUNET_break (0);
     65     return TALER_MHD_reply_with_ec (connection,
     66                                     TALER_EC_GENERIC_DB_STORE_FAILED,
     67                                     "delete_login_token_by_serial");
     68   case GNUNET_DB_STATUS_SUCCESS_NO_RESULTS:
     69     return TALER_MHD_reply_with_error (
     70       connection,
     71       MHD_HTTP_NOT_FOUND,
     72       TALER_EC_MERCHANT_GENERIC_ACCESS_TOKEN_UNKNOWN,
     73       hc->infix);
     74   case GNUNET_DB_STATUS_SUCCESS_ONE_RESULT:
     75     return TALER_MHD_reply_static (connection,
     76                                    MHD_HTTP_NO_CONTENT,
     77                                    NULL,
     78                                    NULL,
     79                                    0);
     80   }
     81   GNUNET_break (0);
     82   return MHD_NO;
     83 }
     84 
     85 
     86 MHD_RESULT
     87 TMH_private_delete_instances_ID_token (const struct TMH_RequestHandler *rh,
     88                                        struct MHD_Connection *connection,
     89                                        struct TMH_HandlerContext *hc)
     90 {
     91   const char *bearer = "Bearer ";
     92   struct TMH_MerchantInstance *mi = hc->instance;
     93   const char *tok;
     94   struct TALER_MERCHANTDB_LoginTokenP btoken;
     95   enum GNUNET_DB_QueryStatus qs;
     96 
     97   tok = MHD_lookup_connection_value (connection,
     98                                      MHD_HEADER_KIND,
     99                                      MHD_HTTP_HEADER_AUTHORIZATION);
    100   /* This was presumably checked before... */
    101   if (0 !=
    102       strncmp (tok,
    103                bearer,
    104                strlen (bearer)))
    105   {
    106     GNUNET_break_op (0);
    107     return TALER_MHD_reply_with_ec (connection,
    108                                     TALER_EC_GENERIC_PARAMETER_MALFORMED,
    109                                     "login token (in 'Authorization' header)");
    110   }
    111   tok += strlen (bearer);
    112   while (' ' == *tok)
    113     tok++;
    114   if (0 != strncasecmp (tok,
    115                         RFC_8959_PREFIX,
    116                         strlen (RFC_8959_PREFIX)))
    117   {
    118     GNUNET_break_op (0);
    119     return TALER_MHD_reply_with_ec (connection,
    120                                     TALER_EC_GENERIC_PARAMETER_MALFORMED,
    121                                     "login token (in 'Authorization' header)");
    122   }
    123   tok += strlen (RFC_8959_PREFIX);
    124 
    125   if (GNUNET_OK !=
    126       GNUNET_STRINGS_string_to_data (tok,
    127                                      strlen (tok),
    128                                      &btoken,
    129                                      sizeof (btoken)))
    130   {
    131     GNUNET_break_op (0);
    132     return TALER_MHD_reply_with_ec (connection,
    133                                     TALER_EC_GENERIC_PARAMETER_MALFORMED,
    134                                     "login token (in 'Authorization' header)");
    135   }
    136   qs = TMH_db->delete_login_token (TMH_db->cls,
    137                                    mi->settings.id,
    138                                    &btoken);
    139   switch (qs)
    140   {
    141   case GNUNET_DB_STATUS_HARD_ERROR:
    142   case GNUNET_DB_STATUS_SOFT_ERROR:
    143     GNUNET_break (0);
    144     return TALER_MHD_reply_with_ec (connection,
    145                                     TALER_EC_GENERIC_DB_STORE_FAILED,
    146                                     "delete_login_token");
    147   case GNUNET_DB_STATUS_SUCCESS_NO_RESULTS:
    148   /* No 404, as the login token must have existed
    149      when we got the request as it was accepted as
    150      valid. So we can only get here due to concurrent
    151      modification, and then the client should still
    152      simply see the success. Hence, fall-through */
    153   case GNUNET_DB_STATUS_SUCCESS_ONE_RESULT:
    154     return TALER_MHD_reply_static (connection,
    155                                    MHD_HTTP_NO_CONTENT,
    156                                    NULL,
    157                                    NULL,
    158                                    0);
    159   }
    160   GNUNET_break (0);
    161   return MHD_NO;
    162 }
    163 
    164 
    165 /* end of taler-merchant-httpd_delete-private-tokens-SERIAL.c */