support bearer token for bank auth

6 files changed, 75 insertions, 3 deletions

diff --git a/src/bank-lib/bank_api_common.c b/src/bank-lib/bank_api_common.c
index 2c47429ad..ffcb3ab72 100644
--- a/src/bank-lib/bank_api_common.c
+++ b/src/bank-lib/bank_api_common.c
@@ -54,6 +54,19 @@ TALER_BANK_setup_auth_ (CURL *easy,
       GNUNET_free (up);
       break;
     }
+  case TALER_BANK_AUTH_BEARER:
+    {
+      if ( (CURLE_OK !=
+            curl_easy_setopt (easy,
+                              CURLOPT_HTTPAUTH,
+                              CURLAUTH_BEARER)) ||
+           (CURLE_OK !=
+            curl_easy_setopt (easy,
+                              CURLOPT_XOAUTH2_BEARER,
+                              auth->details.bearer.token)) )
+        ret = GNUNET_SYSERR;
+      break;
+    }
   }
   return ret;
 }
diff --git a/src/bank-lib/bank_api_parse.c b/src/bank-lib/bank_api_parse.c
index 0d30e9d08..12ed2ed13 100644
--- a/src/bank-lib/bank_api_parse.c
+++ b/src/bank-lib/bank_api_parse.c
@@ -33,9 +33,10 @@ TALER_BANK_auth_parse_cfg (const struct GNUNET_CONFIGURATION_Handle *cfg,
     const char *m;
     enum TALER_BANK_AuthenticationMethod e;
   } methods[] = {
-    { "NONE",  TALER_BANK_AUTH_NONE  },
-    { "BASIC", TALER_BANK_AUTH_BASIC },
-    { NULL, TALER_BANK_AUTH_NONE     }
+    { "NONE",  TALER_BANK_AUTH_NONE    },
+    { "BASIC", TALER_BANK_AUTH_BASIC   },
+    { "BEARER", TALER_BANK_AUTH_BEARER },
+    { NULL, TALER_BANK_AUTH_NONE       }
   };
   char *method;
 
@@ -106,6 +107,23 @@ TALER_BANK_auth_parse_cfg (const struct GNUNET_CONFIGURATION_Handle *cfg,
         auth->method = TALER_BANK_AUTH_BASIC;
         GNUNET_free (method);
         return GNUNET_OK;
+      case TALER_BANK_AUTH_BEARER:
+        if (GNUNET_OK !=
+            GNUNET_CONFIGURATION_get_value_string (cfg,
+                                                   section,
+                                                   "TOKEN",
+                                                   &auth->details.bearer.token))
+        {
+          GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
+                                     section,
+                                     "TOKEN");
+          GNUNET_free (method);
+          GNUNET_free (auth->wire_gateway_url);
+          return GNUNET_SYSERR;
+        }
+        auth->method = TALER_BANK_AUTH_BEARER;
+        GNUNET_free (method);
+        return GNUNET_OK;
       }
     }
   }
@@ -133,7 +151,15 @@ TALER_BANK_auth_free (struct TALER_BANK_AuthenticationData *auth)
       auth->details.basic.password = NULL;
     }
     break;
+  case TALER_BANK_AUTH_BEARER:
+    if (NULL != auth->details.bearer.token)
+    {
+      GNUNET_free (auth->details.bearer.token);
+      auth->details.bearer.token = NULL;
+    }
+    break;
   }
+  
   GNUNET_free (auth->wire_gateway_url);
   auth->wire_gateway_url = NULL;
 }
diff --git a/src/bank-lib/taler-exchange-wire-gateway-client.c b/src/bank-lib/taler-exchange-wire-gateway-client.c
index 93837b15d..2f8499a38 100644
--- a/src/bank-lib/taler-exchange-wire-gateway-client.c
+++ b/src/bank-lib/taler-exchange-wire-gateway-client.c
@@ -618,6 +618,12 @@ run (void *cls,
     {
       auth.method = TALER_BANK_AUTH_BASIC;
     }
+    else if ( (NULL != auth.wire_gateway_url) &&
+              (NULL != auth.details.bearer.token) )
+    {
+      auth.method = TALER_BANK_AUTH_BEARER;
+    }
+
     else if (NULL == auth.wire_gateway_url)
     {
       fprintf (stderr,
diff --git a/src/include/taler_bank_service.h b/src/include/taler_bank_service.h
index 5cf7d8ca9..c1d031546 100644
--- a/src/include/taler_bank_service.h
+++ b/src/include/taler_bank_service.h
@@ -48,6 +48,11 @@ enum TALER_BANK_AuthenticationMethod
    * Basic authentication with cleartext username and password.
    */
   TALER_BANK_AUTH_BASIC,
+
+  /**
+   * Bearer token authentication.
+   */
+  TALER_BANK_AUTH_BEARER,
 };
 
 
@@ -90,6 +95,18 @@ struct TALER_BANK_AuthenticationData
       char *password;
     } basic;
 
+    /**
+     * Details for #TALER_BANK_AUTH_BEARER.
+     */
+    struct
+    {
+      /**
+       * Token to use.
+       */
+      char *token;
+
+    } bearer;
+
   } details;
 
 };
diff --git a/src/testing/testing_api_cmd_bank_admin_add_incoming.c b/src/testing/testing_api_cmd_bank_admin_add_incoming.c
index 39c82429c..39550977b 100644
--- a/src/testing/testing_api_cmd_bank_admin_add_incoming.c
+++ b/src/testing/testing_api_cmd_bank_admin_add_incoming.c
@@ -242,6 +242,11 @@ confirmation_cb (void *cls,
                   "Basic authentication (%s) failed.\n",
                   fts->auth.details.basic.username);
       break;
+    case TALER_BANK_AUTH_BEARER:
+      GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                  "Bearer authentication (%s) failed.\n",
+                  fts->auth.details.bearer.token);
+      break;
     }
     break;
   case MHD_HTTP_CONFLICT:
diff --git a/src/testing/testing_api_cmd_bank_admin_add_kycauth.c b/src/testing/testing_api_cmd_bank_admin_add_kycauth.c
index d804d3813..545e334dc 100644
--- a/src/testing/testing_api_cmd_bank_admin_add_kycauth.c
+++ b/src/testing/testing_api_cmd_bank_admin_add_kycauth.c
@@ -149,6 +149,11 @@ confirmation_cb (void *cls,
                   "Basic authentication (%s) failed.\n",
                   fts->auth.details.basic.username);
       break;
+    case TALER_BANK_AUTH_BEARER:
+      GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                  "Bearer authentication (%s) failed.\n",
+                  fts->auth.details.bearer.token);
+      break;
     }
     break;
   case MHD_HTTP_CONFLICT: