diff options
| author | Christian Blättler <blatc2@bfh.ch> | 2024-06-06 18:23:00 +0200 |
|---|---|---|
| committer | Christian Blättler <blatc2@bfh.ch> | 2024-06-06 18:23:00 +0200 |
| commit | 9a1cd9134d872ef1619bb3418ff82b958c919649 (patch) | |
| tree | 96b2e4695e5ea0bdeff57c7479a74b03a70e86a2 | |
| parent | 99c500b4c088396a4646e0e4e71c48eed23946cb (diff) | |
check tokens on idempotent pay request
| -rw-r--r-- | src/backend/taler-merchant-httpd_post-orders-ID-pay.c | 105 | ||||
| -rw-r--r-- | src/backenddb/Makefile.am | 1 | ||||
| -rw-r--r-- | src/backenddb/pg_lookup_spent_tokens_by_order.c | 162 | ||||
| -rw-r--r-- | src/backenddb/pg_lookup_spent_tokens_by_order.h | 45 | ||||
| -rw-r--r-- | src/backenddb/plugin_merchantdb_postgres.c | 3 | ||||
| -rw-r--r-- | src/include/taler_merchantdb_plugin.h | 38 |
6 files changed, 336 insertions, 18 deletions
diff --git a/src/backend/taler-merchant-httpd_post-orders-ID-pay.c b/src/backend/taler-merchant-httpd_post-orders-ID-pay.c index 7fa93404..888ea0ba 100644 --- a/src/backend/taler-merchant-httpd_post-orders-ID-pay.c +++ b/src/backend/taler-merchant-httpd_post-orders-ID-pay.c @@ -259,6 +259,11 @@ struct TokenUseConfirmation */ struct TALER_TokenIssuePublicKeyHashP h_issue; + /** + * true if we found this token in the database. + */ + bool found_in_db; + }; @@ -2682,6 +2687,38 @@ deposit_paid_check ( } +static void +input_tokens_paid_check ( + void *cls, + uint64_t spent_token_serial, + const struct TALER_PrivateContractHashP *h_contract_terms, + const struct TALER_TokenIssuePublicKeyHashP *h_issue_pub, + const struct TALER_TokenUsePublicKeyP *use_pub, + const struct TALER_TokenUseSignatureP *use_sig, + const struct TALER_TokenIssueSignatureP *issue_sig) +{ + struct PayContext *pc = cls; + + for (size_t i = 0; i<pc->tokens_cnt; i++) + { + struct TokenUseConfirmation *tuc = &pc->tokens[i]; + + if ( (0 == + GNUNET_CRYPTO_hash_cmp (&tuc->h_issue.hash, + &h_issue_pub->hash)) && + (0 == + GNUNET_memcmp (&tuc->pub, use_pub)) && + (0 == + GNUNET_memcmp (&tuc->sig, use_sig)) && + (0 == + GNUNET_memcmp (&tuc->unblinded_sig, issue_sig)) ) + { + tuc->found_in_db = true; + break; + } + } +} + /** * Handle case where contract was already paid. Either decides * the payment is idempotent, or refunds the excess payment. @@ -2691,34 +2728,64 @@ deposit_paid_check ( static void phase_contract_paid (struct PayContext *pc) { - enum GNUNET_DB_QueryStatus qs; - bool unmatched = false; json_t *refunds; + bool unmatched = false; - qs = TMH_db->lookup_deposits_by_order (TMH_db->cls, - pc->order_serial, - &deposit_paid_check, - pc); - /* TODO: Check tokens */ - /* Since orders with choices can have a price of zero, - 0 is also a valid query state */ - if (qs < 0) { - GNUNET_break (0); - pay_end (pc, - TALER_MHD_reply_with_error (pc->connection, - MHD_HTTP_INTERNAL_SERVER_ERROR, - TALER_EC_GENERIC_DB_FETCH_FAILED, - "lookup_deposits_by_order")); - return; + enum GNUNET_DB_QueryStatus qs; + + qs = TMH_db->lookup_deposits_by_order (TMH_db->cls, + pc->order_serial, + &deposit_paid_check, + pc); + /* Since orders with choices can have a price of zero, + 0 is also a valid query state */ + if (qs < 0) + { + GNUNET_break (0); + pay_end (pc, + TALER_MHD_reply_with_error (pc->connection, + MHD_HTTP_INTERNAL_SERVER_ERROR, + TALER_EC_GENERIC_DB_FETCH_FAILED, + "lookup_deposits_by_order")); + return; + } } - for (size_t i = 0; i<pc->coins_cnt; i++) + for (size_t i = 0; i<pc->coins_cnt && !unmatched; i++) { struct DepositConfirmation *dci = &pc->dc[i]; if (! dci->matched_in_db) unmatched = true; } + /* Check if provided input tokens match token in the database */ + { + enum GNUNET_DB_QueryStatus qs; + + /* TODO: Use h_contract instead of order_serial here? */ + qs = TMH_db->lookup_spent_tokens_by_order (TMH_db->cls, + pc->order_serial, + &input_tokens_paid_check, + pc); + + if (qs < 0) + { + GNUNET_break (0); + pay_end (pc, + TALER_MHD_reply_with_error (pc->connection, + MHD_HTTP_INTERNAL_SERVER_ERROR, + TALER_EC_GENERIC_DB_FETCH_FAILED, + "lookup_spent_tokens_by_order")); + return; + } + } + for (size_t i = 0; i<pc->tokens_cnt && !unmatched; i++) + { + struct TokenUseConfirmation *tuc = &pc->tokens[i]; + + if (! tuc->found_in_db) + unmatched = true; + } if (! unmatched) { /* Everything fine, idempotent request */ @@ -2740,6 +2807,8 @@ phase_contract_paid (struct PayContext *pc) return; } /* Conflict, double-payment detected! */ + /* TODO: What should we do with input tokens? + Currently there is no refund for tokens. */ GNUNET_log (GNUNET_ERROR_TYPE_INFO, "Client attempted to pay extra for already paid order `%s'\n", pc->order_id); diff --git a/src/backenddb/Makefile.am b/src/backenddb/Makefile.am index 9612beec..95efe07e 100644 --- a/src/backenddb/Makefile.am +++ b/src/backenddb/Makefile.am @@ -180,6 +180,7 @@ libtaler_plugin_merchantdb_postgres_la_SOURCES = \ pg_lookup_token_family_key.h pg_lookup_token_family_key.c \ pg_insert_spent_token.h pg_insert_spent_token.c \ pg_insert_issued_token.h pg_insert_issued_token.c \ + pg_lookup_spent_tokens_by_order.h pg_lookup_spent_tokens_by_order.c \ plugin_merchantdb_postgres.c \ pg_helper.h pg_helper.c libtaler_plugin_merchantdb_postgres_la_LIBADD = \ diff --git a/src/backenddb/pg_lookup_spent_tokens_by_order.c b/src/backenddb/pg_lookup_spent_tokens_by_order.c new file mode 100644 index 00000000..667cbcbc --- /dev/null +++ b/src/backenddb/pg_lookup_spent_tokens_by_order.c @@ -0,0 +1,162 @@ +/* + This file is part of TALER + Copyright (C) 2024 Taler Systems SA + + TALER is free software; you can redistribute it and/or modify it under the + terms of the GNU General Public License as published by the Free Software + Foundation; either version 3, or (at your option) any later version. + + TALER is distributed in the hope that it will be useful, but WITHOUT ANY + WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + A PARTICULAR PURPOSE. See the GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along with + TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/> + */ +/** + * @file backenddb/pg_lookup_spent_tokens_by_order.c + * @brief Implementation of the lookup_spent_tokens_by_order function for Postgres + * @author Christian Blättler + */ +#include "platform.h" +#include <taler/taler_error_codes.h> +#include <taler/taler_dbevents.h> +#include <taler/taler_pq_lib.h> +#include "pg_lookup_spent_tokens_by_order.h" +#include "pg_helper.h" +#include "taler_merchantdb_plugin.h" + +/** + * Closure for lookup_spent_tokens_by_order_cb(). + */ +struct LookupSpentTokensByOrderContext +{ + + /** + * Plugin context. + */ + struct PostgresClosure *pg; + + /** + * Function to call with all results. + */ + TALER_MERCHANTDB_UsedTokensCallback cb; + + /** + * Closure for @e cb. + */ + void *cb_cls; + + /** + * Set to the query result. + */ + enum GNUNET_DB_QueryStatus qs; +}; + + +/** + * Function to be called with the results of a SELECT statement + * that has returned @a num_results results. + * + * @param cls of type `struct LookupSpentTokensByOrderContext *` + * @param result the postgres result + * @param num_results the number of results in @a result + */ +static void +lookup_spent_tokens_by_order_cb (void *cls, + PGresult *result, + unsigned int num_results) +{ + struct LookupSpentTokensByOrderContext *ctx = cls; + + for (unsigned int i = 0; i<num_results; i++) + { + uint64_t spent_token_serial; + struct TALER_PrivateContractHashP h_contract_terms; + struct TALER_TokenIssuePublicKeyHashP h_issue_pub; + struct TALER_TokenUsePublicKeyP use_pub; + struct TALER_TokenUseSignatureP use_sig; + struct TALER_TokenIssueSignatureP issue_sig; + struct GNUNET_PQ_ResultSpec rs[] = { + GNUNET_PQ_result_spec_uint64 ("spent_token_serial", + &spent_token_serial), + GNUNET_PQ_result_spec_auto_from_type ("h_contract_terms", + &h_contract_terms), + GNUNET_PQ_result_spec_auto_from_type ("h_pub", + &h_issue_pub), + GNUNET_PQ_result_spec_auto_from_type ("token_pub", + &use_pub), + GNUNET_PQ_result_spec_auto_from_type ("token_sig", + &use_sig), + // GNUNET_PQ_result_spec_unblinded_sig ("blind_sig", + // &issue_sig), + GNUNET_PQ_result_spec_end + }; + + if (GNUNET_OK != + GNUNET_PQ_extract_result (result, + rs, + i)) + { + GNUNET_break (0); + ctx->qs = GNUNET_DB_STATUS_HARD_ERROR; + return; + } + ctx->cb (ctx->cb_cls, + spent_token_serial, + &h_contract_terms, + &h_issue_pub, + &use_pub, + &use_sig, + &issue_sig); + GNUNET_PQ_cleanup_result (rs); + } + ctx->qs = num_results; +} + + +enum GNUNET_DB_QueryStatus +TMH_PG_lookup_spent_tokens_by_order (void *cls, + uint64_t order_serial, + TALER_MERCHANTDB_UsedTokensCallback cb, + void *cb_cls) +{ + struct PostgresClosure *pg = cls; + struct LookupSpentTokensByOrderContext ctx = { + .pg = pg, + .cb = cb, + .cb_cls = cb_cls + }; + struct GNUNET_PQ_QueryParam params[] = { + GNUNET_PQ_query_param_uint64 (&order_serial), + GNUNET_PQ_query_param_end + }; + enum GNUNET_DB_QueryStatus qs; + + check_connection (pg); + PREPARE (pg, + "lookup_spent_tokens_by_order", + "SELECT" + " spent_token_serial" + ",h_contract_terms" + ",h_pub" + ",token_pub" + ",token_sig" + ",blind_sig" + " FROM merchant_spent_tokens" + " JOIN merchant_contract_terms" + " USING (h_contract_terms)" + " JOIN merchant_token_family_keys" + " USING (token_family_key_serial)" + " WHERE order_serial=$1"); + + qs = GNUNET_PQ_eval_prepared_multi_select (pg->conn, + "lookup_spent_tokens_by_order", + params, + &lookup_spent_tokens_by_order_cb, + &ctx); + + if (qs < 0) + return qs; + return ctx.qs; +} diff --git a/src/backenddb/pg_lookup_spent_tokens_by_order.h b/src/backenddb/pg_lookup_spent_tokens_by_order.h new file mode 100644 index 00000000..d3c55676 --- /dev/null +++ b/src/backenddb/pg_lookup_spent_tokens_by_order.h @@ -0,0 +1,45 @@ +/* + This file is part of TALER + Copyright (C) 2024 Taler Systems SA + + TALER is free software; you can redistribute it and/or modify it under the + terms of the GNU General Public License as published by the Free Software + Foundation; either version 3, or (at your option) any later version. + + TALER is distributed in the hope that it will be useful, but WITHOUT ANY + WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + A PARTICULAR PURPOSE. See the GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along with + TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/> + */ +/** + * @file backenddb/pg_lookup_spent_tokens_by_order.h + * @brief implementation of the lookup_spent_tokens_by_order function for Postgres + * @author Christian Grothoff + */ +#ifndef PG_LOOKUP_SPENT_TOKENS_BY_ORDER_H +#define PG_LOOKUP_SPENT_TOKENS_BY_ORDER_H + +#include <taler/taler_util.h> +#include <taler/taler_json_lib.h> +#include "taler_merchantdb_plugin.h" + +/** + * Retrieve details about tokens that were used for an order. + * + * @param cls closure + * @param order_serial identifies the order + * @param cb function to call for each used token + * @param cb_cls closure for @a cb + * @return transaction status + */ +enum GNUNET_DB_QueryStatus +TMH_PG_lookup_spent_tokens_by_order (void *cls, + uint64_t order_serial, + TALER_MERCHANTDB_UsedTokensCallback cb, + void *cb_cls); + + + +#endif diff --git a/src/backenddb/plugin_merchantdb_postgres.c b/src/backenddb/plugin_merchantdb_postgres.c index 16e40ac5..a886acaf 100644 --- a/src/backenddb/plugin_merchantdb_postgres.c +++ b/src/backenddb/plugin_merchantdb_postgres.c @@ -142,6 +142,7 @@ #include "pg_lookup_token_family_key.h" #include "pg_insert_spent_token.h" #include "pg_insert_issued_token.h" +#include "pg_lookup_spent_tokens_by_order.h" /** @@ -589,6 +590,8 @@ libtaler_plugin_merchantdb_postgres_init (void *cls) = &TMH_PG_insert_spent_token; plugin->insert_issued_token = &TMH_PG_insert_issued_token; + plugin->lookup_spent_tokens_by_order + = &TMH_PG_lookup_spent_tokens_by_order; diff --git a/src/include/taler_merchantdb_plugin.h b/src/include/taler_merchantdb_plugin.h index 329975fa..aac39d17 100644 --- a/src/include/taler_merchantdb_plugin.h +++ b/src/include/taler_merchantdb_plugin.h @@ -1132,6 +1132,27 @@ struct TALER_MERCHANTDB_SpentTokenDetails /** + * Function called with information about a token that was used. + * + * @param cls closure + * @param spent_token_serial which used token is this about + * @param h_contract_terms hash of the contract terms this token was used on + * @param h_issue_pub hash of the token issue public key + * @param use_pub token use public key + * @param use_sig token use signature + * @param issue_sig unblinded token issue signature + */ +typedef void +(*TALER_MERCHANTDB_UsedTokensCallback)( + void *cls, + uint64_t spent_token_serial, + const struct TALER_PrivateContractHashP *h_contract_terms, + const struct TALER_TokenIssuePublicKeyHashP *h_issue_pub, + const struct TALER_TokenUsePublicKeyP *use_pub, + const struct TALER_TokenUseSignatureP *use_sig, + const struct TALER_TokenIssueSignatureP *issue_sig); + +/** * Handle to interact with the database. * * Functions ending with "_TR" run their OWN transaction scope @@ -2127,6 +2148,23 @@ struct TALER_MERCHANTDB_Plugin void *rc_cls); + + /** + * Retrieve details about tokens that were used for an order. + * + * @param cls closure + * @param order_serial identifies the order + * @param cb function to call for each used token + * @param cb_cls closure for @a cb + * @return transaction status + */ + enum GNUNET_DB_QueryStatus + (*lookup_spent_tokens_by_order) (void *cls, + uint64_t order_serial, + TALER_MERCHANTDB_UsedTokensCallback cb, + void *cb_cls); + + /** * Mark contract as paid and store the current @a session_id * for which the contract was paid. Deletes the underlying order |