diff options
Diffstat (limited to 'src/backend/taler-merchant-httpd.c')
| -rw-r--r-- | src/backend/taler-merchant-httpd.c | 53 |
1 files changed, 46 insertions, 7 deletions
diff --git a/src/backend/taler-merchant-httpd.c b/src/backend/taler-merchant-httpd.c index c07db1a5..ce9f1e8c 100644 --- a/src/backend/taler-merchant-httpd.c +++ b/src/backend/taler-merchant-httpd.c @@ -35,6 +35,7 @@ #include "taler-merchant-httpd_mhd.h" #include "taler-merchant-httpd_private-delete-account-ID.h" #include "taler-merchant-httpd_private-delete-instances-ID.h" +#include "taler-merchant-httpd_private-delete-instances-ID-token.h" #include "taler-merchant-httpd_private-delete-products-ID.h" #include "taler-merchant-httpd_private-delete-orders-ID.h" #include "taler-merchant-httpd_private-delete-otp-devices-ID.h" @@ -72,7 +73,7 @@ #include "taler-merchant-httpd_private-post-account.h" #include "taler-merchant-httpd_private-post-instances.h" #include "taler-merchant-httpd_private-post-instances-ID-auth.h" -#include "taler-merchant-httpd_private-post-instances-ID-login.h" +#include "taler-merchant-httpd_private-post-instances-ID-token.h" #include "taler-merchant-httpd_private-post-otp-devices.h" #include "taler-merchant-httpd_private-post-orders.h" #include "taler-merchant-httpd_private-post-orders-ID-refund.h" @@ -182,6 +183,16 @@ static const struct GNUNET_CONFIGURATION_Handle *cfg; char *TMH_default_auth; +enum TMH_AuthScope +TMH_check_token (const char *token, + const char *instance_id) +{ + if (NULL == token) + return TMH_AS_NONE; + GNUNET_break (0); // FIXME: not implemented + return TMH_AS_NONE; +} + enum GNUNET_GenericReturnValue TMH_check_auth (const char *token, struct TALER_MerchantAuthenticationSaltP *salt, @@ -754,6 +765,7 @@ url_handler (void *cls, /* POST /token: */ { .url_prefix = "/instances/", + .auth_scope = TMH_AS_RENEWABLE, .url_suffix = "token", .method = MHD_HTTP_METHOD_POST, .have_id_segment = true, @@ -761,6 +773,17 @@ url_handler (void *cls, /* Body should be tiny. */ .max_upload = 1024 }, +#if FUTURE_FIXME + /* DELETE /token: */ + { + .url_prefix = "/instances/", + .auth_scope = TMH_AS_READ_ONLY, + .url_suffix = "token", + .method = MHD_HTTP_METHOD_DELETE, + .have_id_segment = true, + .handler = &TMH_private_delete_instances_ID_auth, + }, +#endif /* POST /kyc: */ { .url_prefix = "/instances/", @@ -1753,14 +1776,16 @@ url_handler (void *cls, if (public_handlers != handlers) { const char *auth; + const char *tok; bool auth_ok; bool auth_malformed = false; /* PATCHing an instance can alternatively be checked against the default instance */ - auth = MHD_lookup_connection_value (connection, - MHD_HEADER_KIND, - MHD_HTTP_HEADER_AUTHORIZATION); + tok = MHD_lookup_connection_value (connection, + MHD_HEADER_KIND, + MHD_HTTP_HEADER_AUTHORIZATION); + auth = tok; if (NULL != auth) { /* We _only_ complain about malformed auth headers if @@ -1794,9 +1819,23 @@ url_handler (void *cls, (! auth_malformed) && (0 == strcmp (auth, TMH_default_auth)) ); - if (! auth_ok) - { - if (auth_malformed) + hc->auth_scope = auth_ok + ? TMH_AS_ALL + : TMH_check_token (tok, + hc->instance->settings.id); + /* We grant access if: + - scope is 'all' + - rh has an explicit non-NONE scope that matches + - scope is 'read only' and we have a GET request */ + if (! ( (TMH_AS_ALL == hc->auth_scope) || + ( (TMH_AS_NONE != hc->rh->auth_scope) && + (hc->rh->auth_scope == (hc->rh->auth_scope & hc->auth_scope)) ) || + ( (TMH_AS_READ_ONLY == hc->auth_scope) && + (0 == strcmp (MHD_HTTP_METHOD_GET, + method)) ) ) ) + { + if ( auth_malformed && + (TMH_AS_NONE == hc->auth_scope) ) return TALER_MHD_reply_with_error (connection, MHD_HTTP_UNAUTHORIZED, TALER_EC_GENERIC_PARAMETER_MALFORMED, |