gnunet-svn
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[taler-merchant] branch master updated: -do not escape inside API, expec

From: gnunet
Subject: [taler-merchant] branch master updated: -do not escape inside API, expect client to do it
Date: Sat, 20 Nov 2021 23:52:55 +0100 
This is an automated email from the git hooks/post-receive script.

grothoff pushed a commit to branch master
in repository merchant.

The following commit(s) were added to refs/heads/master by this push:
     new 4c5614c0 -do not escape inside API, expect client to do it
4c5614c0 is described below

commit 4c5614c0b0a0b9d4cb5feb6057bbcda142e62b77
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Sat Nov 20 23:52:53 2021 +0100

    -do not escape inside API, expect client to do it
---
 src/backend/taler-merchant-httpd_helper.c | 1 +
 src/include/taler_merchant_service.h      | 4 ++--
 src/lib/merchant_api_post_instance_auth.c | 8 +-------
 src/lib/merchant_api_post_instances.c     | 8 +-------
 4 files changed, 5 insertions(+), 16 deletions(-)

diff --git a/src/backend/taler-merchant-httpd_helper.c 
b/src/backend/taler-merchant-httpd_helper.c
index 8c15a542..fe686dd3 100644
--- a/src/backend/taler-merchant-httpd_helper.c
+++ b/src/backend/taler-merchant-httpd_helper.c
@@ -351,6 +351,7 @@ TMH_check_auth_config (struct MHD_Connection *connection,
   bool auth_wellformed = false;
   const char *auth_method = json_string_value (json_object_get (jauth,
                                                                 "method"));
+
   *auth_token = NULL;
   if (NULL == auth_method)
   {
diff --git a/src/include/taler_merchant_service.h 
b/src/include/taler_merchant_service.h
index fc297219..58148896 100644
--- a/src/include/taler_merchant_service.h
+++ b/src/include/taler_merchant_service.h
@@ -503,7 +503,7 @@ typedef void
  * @param default_max_deposit_fee default maximum deposit fee merchant is 
willing to pay
  * @param default_wire_transfer_delay default wire transfer delay merchant 
will ask for
  * @param default_pay_delay default validity period for offers merchant makes
- * @param auth_token authentication token to use for access control, NULL for 
external auth
+ * @param auth_token authentication token to use for access control, NULL for 
external auth; MUST follow RFC 8959
  * @param cb function to call with the
  *        backend's instances information
  * @param cb_cls closure for @a config_cb
@@ -638,7 +638,7 @@ typedef void
  * @param instance_id identity of the instance to patch the authentication 
for; NULL
  *                    if the instance is identified as part of the @a 
backend_url
  * @param auth_token authorization token needed to access the instance, can be 
NULL
- *                   to switch to no (or external) authentication
+ *                   to switch to no (or external) authentication; MUST follow 
RFC 8959
  * @param cb function to call with the backend's response
  * @param cb_cls closure for @a config_cb
  * @return the instances handle; NULL upon error
diff --git a/src/lib/merchant_api_post_instance_auth.c 
b/src/lib/merchant_api_post_instance_auth.c
index e2936c5c..a5a2a480 100644
--- a/src/lib/merchant_api_post_instance_auth.c
+++ b/src/lib/merchant_api_post_instance_auth.c
@@ -174,8 +174,6 @@ TALER_MERCHANT_instance_auth_post (
   }
   else
   {
-    char *enc;
-
     if (0 != strncasecmp (RFC_8959_PREFIX,
                           auth_token,
                           strlen (RFC_8959_PREFIX)))
@@ -187,15 +185,11 @@ TALER_MERCHANT_instance_auth_post (
       GNUNET_free (iaph);
       return NULL;
     }
-    (void) GNUNET_STRINGS_urlencode (auth_token,
-                                     strlen (auth_token),
-                                     &enc);
     req_obj = GNUNET_JSON_PACK (
       GNUNET_JSON_pack_string ("method",
                                "token"),
       GNUNET_JSON_pack_string ("token",
-                               enc));
-    GNUNET_free (enc);
+                               auth_token));
   }
   GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
               "Requesting URL '%s'\n",
diff --git a/src/lib/merchant_api_post_instances.c 
b/src/lib/merchant_api_post_instances.c
index 19104aa5..0fa7063f 100644
--- a/src/lib/merchant_api_post_instances.c
+++ b/src/lib/merchant_api_post_instances.c
@@ -182,8 +182,6 @@ TALER_MERCHANT_instances_post (
 
   if (NULL != auth_token)
   {
-    char *enc;
-
     if (0 != strncasecmp (RFC_8959_PREFIX,
                           auth_token,
                           strlen (RFC_8959_PREFIX)))
@@ -193,15 +191,11 @@ TALER_MERCHANT_instances_post (
                   RFC_8959_PREFIX);
       return NULL;
     }
-    (void) GNUNET_STRINGS_urlencode (auth_token,
-                                     strlen (auth_token),
-                                     &enc);
     auth_obj = GNUNET_JSON_PACK (
       GNUNET_JSON_pack_string ("method",
                                "token"),
       GNUNET_JSON_pack_string ("token",
-                               enc));
-    GNUNET_free (enc);
+                               auth_token));
   }
   else
   {

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]