[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-merchant] branch master updated: -do not escape inside API, expec
From: |
gnunet |
Subject: |
[taler-merchant] branch master updated: -do not escape inside API, expect client to do it |
Date: |
Sat, 20 Nov 2021 23:52:55 +0100 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository merchant.
The following commit(s) were added to refs/heads/master by this push:
new 4c5614c0 -do not escape inside API, expect client to do it
4c5614c0 is described below
commit 4c5614c0b0a0b9d4cb5feb6057bbcda142e62b77
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Sat Nov 20 23:52:53 2021 +0100
-do not escape inside API, expect client to do it
---
src/backend/taler-merchant-httpd_helper.c | 1 +
src/include/taler_merchant_service.h | 4 ++--
src/lib/merchant_api_post_instance_auth.c | 8 +-------
src/lib/merchant_api_post_instances.c | 8 +-------
4 files changed, 5 insertions(+), 16 deletions(-)
diff --git a/src/backend/taler-merchant-httpd_helper.c
b/src/backend/taler-merchant-httpd_helper.c
index 8c15a542..fe686dd3 100644
--- a/src/backend/taler-merchant-httpd_helper.c
+++ b/src/backend/taler-merchant-httpd_helper.c
@@ -351,6 +351,7 @@ TMH_check_auth_config (struct MHD_Connection *connection,
bool auth_wellformed = false;
const char *auth_method = json_string_value (json_object_get (jauth,
"method"));
+
*auth_token = NULL;
if (NULL == auth_method)
{
diff --git a/src/include/taler_merchant_service.h
b/src/include/taler_merchant_service.h
index fc297219..58148896 100644
--- a/src/include/taler_merchant_service.h
+++ b/src/include/taler_merchant_service.h
@@ -503,7 +503,7 @@ typedef void
* @param default_max_deposit_fee default maximum deposit fee merchant is
willing to pay
* @param default_wire_transfer_delay default wire transfer delay merchant
will ask for
* @param default_pay_delay default validity period for offers merchant makes
- * @param auth_token authentication token to use for access control, NULL for
external auth
+ * @param auth_token authentication token to use for access control, NULL for
external auth; MUST follow RFC 8959
* @param cb function to call with the
* backend's instances information
* @param cb_cls closure for @a config_cb
@@ -638,7 +638,7 @@ typedef void
* @param instance_id identity of the instance to patch the authentication
for; NULL
* if the instance is identified as part of the @a
backend_url
* @param auth_token authorization token needed to access the instance, can be
NULL
- * to switch to no (or external) authentication
+ * to switch to no (or external) authentication; MUST follow
RFC 8959
* @param cb function to call with the backend's response
* @param cb_cls closure for @a config_cb
* @return the instances handle; NULL upon error
diff --git a/src/lib/merchant_api_post_instance_auth.c
b/src/lib/merchant_api_post_instance_auth.c
index e2936c5c..a5a2a480 100644
--- a/src/lib/merchant_api_post_instance_auth.c
+++ b/src/lib/merchant_api_post_instance_auth.c
@@ -174,8 +174,6 @@ TALER_MERCHANT_instance_auth_post (
}
else
{
- char *enc;
-
if (0 != strncasecmp (RFC_8959_PREFIX,
auth_token,
strlen (RFC_8959_PREFIX)))
@@ -187,15 +185,11 @@ TALER_MERCHANT_instance_auth_post (
GNUNET_free (iaph);
return NULL;
}
- (void) GNUNET_STRINGS_urlencode (auth_token,
- strlen (auth_token),
- &enc);
req_obj = GNUNET_JSON_PACK (
GNUNET_JSON_pack_string ("method",
"token"),
GNUNET_JSON_pack_string ("token",
- enc));
- GNUNET_free (enc);
+ auth_token));
}
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Requesting URL '%s'\n",
diff --git a/src/lib/merchant_api_post_instances.c
b/src/lib/merchant_api_post_instances.c
index 19104aa5..0fa7063f 100644
--- a/src/lib/merchant_api_post_instances.c
+++ b/src/lib/merchant_api_post_instances.c
@@ -182,8 +182,6 @@ TALER_MERCHANT_instances_post (
if (NULL != auth_token)
{
- char *enc;
-
if (0 != strncasecmp (RFC_8959_PREFIX,
auth_token,
strlen (RFC_8959_PREFIX)))
@@ -193,15 +191,11 @@ TALER_MERCHANT_instances_post (
RFC_8959_PREFIX);
return NULL;
}
- (void) GNUNET_STRINGS_urlencode (auth_token,
- strlen (auth_token),
- &enc);
auth_obj = GNUNET_JSON_PACK (
GNUNET_JSON_pack_string ("method",
"token"),
GNUNET_JSON_pack_string ("token",
- enc));
- GNUNET_free (enc);
+ auth_token));
}
else
{
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-merchant] branch master updated: -do not escape inside API, expect client to do it,
gnunet <=