[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-anastasis] branch master updated: -clean up challenge logic for n
|
From: |
gnunet |
|
Subject: |
[taler-anastasis] branch master updated: -clean up challenge logic for new truth api |
|
Date: |
Thu, 10 Mar 2022 04:18:23 +0100 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository anastasis.
The following commit(s) were added to refs/heads/master by this push:
new 69e887b -clean up challenge logic for new truth api
69e887b is described below
commit 69e887bb68064ddf40db83d46ae3333659112db4
Author: Christian Grothoff <grothoff@gnunet.org>
AuthorDate: Thu Mar 10 04:18:17 2022 +0100
-clean up challenge logic for new truth api
---
.../anastasis_authorization_plugin_email.c | 35 ++--
.../anastasis_authorization_plugin_file.c | 22 +-
.../anastasis_authorization_plugin_iban.c | 224 +++++++++++----------
.../anastasis_authorization_plugin_post.c | 39 ++--
.../anastasis_authorization_plugin_sms.c | 35 ++--
.../anastasis_authorization_plugin_totp.c | 43 ++--
src/backend/anastasis-httpd_truth-challenge.c | 87 +++-----
src/backend/anastasis-httpd_truth-solve.c | 62 +++---
src/include/anastasis_authorization_plugin.h | 72 +++++--
9 files changed, 305 insertions(+), 314 deletions(-)
diff --git a/src/authorization/anastasis_authorization_plugin_email.c
b/src/authorization/anastasis_authorization_plugin_email.c
index 78be9b6..1f27922 100644
--- a/src/authorization/anastasis_authorization_plugin_email.c
+++ b/src/authorization/anastasis_authorization_plugin_email.c
@@ -310,20 +310,17 @@ email_done_cb (void *cls,
* I.e. start to send SMS or e-mail or launch video identification.
*
* @param as authorization state
- * @param timeout how long do we have to produce a reply
* @param connection HTTP client request (for queuing response, such as
redirection to video portal)
* @return state of the request
*/
-static enum ANASTASIS_AUTHORIZATION_Result
-email_process (struct ANASTASIS_AUTHORIZATION_State *as,
- struct GNUNET_TIME_Absolute timeout,
- struct MHD_Connection *connection)
+static enum ANASTASIS_AUTHORIZATION_ChallengeResult
+email_challenge (struct ANASTASIS_AUTHORIZATION_State *as,
+ struct MHD_Connection *connection)
{
MHD_RESULT mres;
const char *mime;
const char *lang;
- (void) timeout;
mime = MHD_lookup_connection_value (connection,
MHD_HEADER_KIND,
MHD_HTTP_HEADER_ACCEPT);
@@ -348,8 +345,8 @@ email_process (struct ANASTASIS_AUTHORIZATION_State *as,
TALER_EC_ANASTASIS_EMAIL_HELPER_EXEC_FAILED,
"pipe");
if (MHD_YES != mres)
- return ANASTASIS_AUTHORIZATION_RES_FAILED_REPLY_FAILED;
- return ANASTASIS_AUTHORIZATION_RES_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_FAILED_REPLY_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_FAILED;
}
as->child = GNUNET_OS_start_process (GNUNET_OS_INHERIT_STD_ERR,
p,
@@ -367,8 +364,8 @@ email_process (struct ANASTASIS_AUTHORIZATION_State *as,
TALER_EC_ANASTASIS_EMAIL_HELPER_EXEC_FAILED,
"exec");
if (MHD_YES != mres)
- return ANASTASIS_AUTHORIZATION_RES_FAILED_REPLY_FAILED;
- return ANASTASIS_AUTHORIZATION_RES_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_FAILED_REPLY_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_FAILED;
}
pipe_stdin = GNUNET_DISK_pipe_detach_end (p,
GNUNET_DISK_PIPE_END_WRITE);
@@ -401,8 +398,8 @@ email_process (struct ANASTASIS_AUTHORIZATION_State *as,
TALER_EC_ANASTASIS_EMAIL_HELPER_EXEC_FAILED,
"write");
if (MHD_YES != mres)
- return ANASTASIS_AUTHORIZATION_RES_FAILED_REPLY_FAILED;
- return ANASTASIS_AUTHORIZATION_RES_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_FAILED_REPLY_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_FAILED;
}
as->msg_off += ret;
off += ret;
@@ -415,14 +412,14 @@ email_process (struct ANASTASIS_AUTHORIZATION_State *as,
as);
as->connection = connection;
MHD_suspend_connection (connection);
- return ANASTASIS_AUTHORIZATION_RES_SUSPENDED;
+ return ANASTASIS_AUTHORIZATION_CRES_SUSPENDED;
}
if (NULL != as->cwh)
{
/* Spurious call, why are we here? */
GNUNET_break (0);
MHD_suspend_connection (connection);
- return ANASTASIS_AUTHORIZATION_RES_SUSPENDED;
+ return ANASTASIS_AUTHORIZATION_CRES_SUSPENDED;
}
if ( (GNUNET_OS_PROCESS_EXITED != as->pst) ||
(0 != as->exit_code) )
@@ -439,8 +436,8 @@ email_process (struct ANASTASIS_AUTHORIZATION_State *as,
TALER_EC_ANASTASIS_EMAIL_HELPER_COMMAND_FAILED,
es);
if (MHD_YES != mres)
- return ANASTASIS_AUTHORIZATION_RES_FAILED_REPLY_FAILED;
- return ANASTASIS_AUTHORIZATION_RES_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_FAILED_REPLY_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_FAILED;
}
/* Build HTTP response */
@@ -495,8 +492,8 @@ email_process (struct ANASTASIS_AUTHORIZATION_State *as,
resp);
MHD_destroy_response (resp);
if (MHD_YES != mres)
- return ANASTASIS_AUTHORIZATION_RES_SUCCESS_REPLY_FAILED;
- return ANASTASIS_AUTHORIZATION_RES_SUCCESS;
+ return ANASTASIS_AUTHORIZATION_CRES_SUCCESS_REPLY_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_SUCCESS;
}
}
@@ -595,7 +592,7 @@ libanastasis_plugin_authorization_email_init (void *cls)
plugin->cls = ctx;
plugin->validate = &email_validate;
plugin->start = &email_start;
- plugin->process = &email_process;
+ plugin->challenge = &email_challenge;
plugin->cleanup = &email_cleanup;
if (GNUNET_OK !=
diff --git a/src/authorization/anastasis_authorization_plugin_file.c
b/src/authorization/anastasis_authorization_plugin_file.c
index 5186ae8..2f4fcb4 100644
--- a/src/authorization/anastasis_authorization_plugin_file.c
+++ b/src/authorization/anastasis_authorization_plugin_file.c
@@ -161,14 +161,12 @@ file_start (void *cls,
* I.e. start to send SMS or e-mail or launch video identification.
*
* @param as authorization state
- * @param timeout how long do we have to produce a reply
* @param connection HTTP client request (for queuing response, such as
redirection to video portal)
* @return state of the request
*/
-static enum ANASTASIS_AUTHORIZATION_Result
-file_process (struct ANASTASIS_AUTHORIZATION_State *as,
- struct GNUNET_TIME_Absolute timeout,
- struct MHD_Connection *connection)
+static enum ANASTASIS_AUTHORIZATION_ChallengeResult
+file_challenge (struct ANASTASIS_AUTHORIZATION_State *as,
+ struct MHD_Connection *connection)
{
const char *mime;
const char *lang;
@@ -201,8 +199,8 @@ file_process (struct ANASTASIS_AUTHORIZATION_State *as,
resp);
MHD_destroy_response (resp);
if (MHD_YES != mres)
- return ANASTASIS_AUTHORIZATION_RES_FAILED_REPLY_FAILED;
- return ANASTASIS_AUTHORIZATION_RES_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_FAILED_REPLY_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_FAILED;
}
/* print challenge code to file */
@@ -221,8 +219,8 @@ file_process (struct ANASTASIS_AUTHORIZATION_State *as,
resp);
MHD_destroy_response (resp);
if (MHD_YES != mres)
- return ANASTASIS_AUTHORIZATION_RES_FAILED_REPLY_FAILED;
- return ANASTASIS_AUTHORIZATION_RES_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_FAILED_REPLY_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_FAILED;
}
GNUNET_break (0 == fclose (f));
}
@@ -266,8 +264,8 @@ file_process (struct ANASTASIS_AUTHORIZATION_State *as,
resp);
MHD_destroy_response (resp);
if (MHD_YES != mres)
- return ANASTASIS_AUTHORIZATION_RES_SUCCESS_REPLY_FAILED;
- return ANASTASIS_AUTHORIZATION_RES_SUCCESS;
+ return ANASTASIS_AUTHORIZATION_CRES_SUCCESS_REPLY_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_SUCCESS;
}
}
}
@@ -306,7 +304,7 @@ libanastasis_plugin_authorization_file_init (void *cls)
plugin->code_retransmission_frequency = GNUNET_TIME_UNIT_MINUTES;
plugin->validate = &file_validate;
plugin->start = &file_start;
- plugin->process = &file_process;
+ plugin->challenge = &file_challenge;
plugin->cleanup = &file_cleanup;
return plugin;
}
diff --git a/src/authorization/anastasis_authorization_plugin_iban.c
b/src/authorization/anastasis_authorization_plugin_iban.c
index e557152..8aebbce 100644
--- a/src/authorization/anastasis_authorization_plugin_iban.c
+++ b/src/authorization/anastasis_authorization_plugin_iban.c
@@ -298,95 +298,6 @@ bank_event_cb (void *cls,
}
-/**
- * Respond with instructions to the user how to
- * satisfy the challenge.
- *
- * @param as our state
- * @param connection connection to respond on
- * @return state of the request
- */
-static enum ANASTASIS_AUTHORIZATION_Result
-respond_with_challenge (struct ANASTASIS_AUTHORIZATION_State *as,
- struct MHD_Connection *connection)
-{
- struct IBAN_Context *ctx = as->ctx;
- const char *mime;
- const char *lang;
- MHD_RESULT mres;
-
- mime = MHD_lookup_connection_value (connection,
- MHD_HEADER_KIND,
- MHD_HTTP_HEADER_ACCEPT);
- if (NULL == mime)
- mime = "text/plain";
- lang = MHD_lookup_connection_value (connection,
- MHD_HEADER_KIND,
- MHD_HTTP_HEADER_ACCEPT_LANGUAGE);
- if (NULL == lang)
- lang = "en";
-
- /* Build HTTP response */
- {
- struct MHD_Response *resp;
-
- if (TALER_MHD_xmime_matches (mime,
- "application/json"))
- {
- char subject[64];
-
- GNUNET_snprintf (subject,
- sizeof (subject),
- "Anastasis %llu",
- (unsigned long long) as->code);
- resp = TALER_MHD_MAKE_JSON_PACK (
- GNUNET_JSON_pack_string ("challenge_type",
- "IBAN_WIRE"),
- GNUNET_JSON_pack_uint64 ("answer_code",
- as->code),
- TALER_JSON_pack_amount ("challenge_amount",
- &ctx->expected_amount),
- GNUNET_JSON_pack_string ("credit_iban",
- ctx->business_iban),
- GNUNET_JSON_pack_string ("business_name",
- ctx->business_name),
- GNUNET_JSON_pack_string ("wire_transfer_subject",
- subject));
- }
- else
- {
- size_t reply_len;
- char *reply;
-
- reply_len = GNUNET_asprintf (&reply,
- get_message (ctx->messages,
- connection,
- "instructions"),
- TALER_amount2s (&ctx->expected_amount),
- ctx->business_name,
- ctx->business_iban,
- (unsigned long long) as->code);
- resp = MHD_create_response_from_buffer (reply_len,
- reply,
- MHD_RESPMEM_MUST_COPY);
- GNUNET_free (reply);
- TALER_MHD_add_global_headers (resp);
- GNUNET_break (MHD_YES ==
- MHD_add_response_header (resp,
- MHD_HTTP_HEADER_CONTENT_TYPE,
- "text/plain"));
- }
- mres = MHD_queue_response (connection,
- MHD_HTTP_ACCEPTED,
- resp);
- MHD_destroy_response (resp);
- if (MHD_YES != mres)
- return ANASTASIS_AUTHORIZATION_RES_SUCCESS_REPLY_FAILED;
- return ANASTASIS_AUTHORIZATION_RES_SUCCESS;
- }
-}
-
-
#include "iban.c"
@@ -495,19 +406,110 @@ test_wire_transfers (struct
ANASTASIS_AUTHORIZATION_State *as)
}
+/**
+ * Respond with instructions to the user how to
+ * satisfy the challenge.
+ *
+ * @param as authorization state
+ * @param connection HTTP client request (for queuing response, such as
redirection to video portal)
+ * @return state of the request
+ */
+static enum ANASTASIS_AUTHORIZATION_ChallengeResult
+iban_challenge (struct ANASTASIS_AUTHORIZATION_State *as,
+ struct MHD_Connection *connection)
+{
+ struct IBAN_Context *ctx = as->ctx;
+ const char *mime;
+ const char *lang;
+ MHD_RESULT mres;
+
+ mime = MHD_lookup_connection_value (connection,
+ MHD_HEADER_KIND,
+ MHD_HTTP_HEADER_ACCEPT);
+ if (NULL == mime)
+ mime = "text/plain";
+ lang = MHD_lookup_connection_value (connection,
+ MHD_HEADER_KIND,
+ MHD_HTTP_HEADER_ACCEPT_LANGUAGE);
+ if (NULL == lang)
+ lang = "en";
+
+ /* Build HTTP response */
+ {
+ struct MHD_Response *resp;
+
+ if (TALER_MHD_xmime_matches (mime,
+ "application/json"))
+ {
+ char subject[64];
+
+ GNUNET_snprintf (subject,
+ sizeof (subject),
+ "Anastasis %llu",
+ (unsigned long long) as->code);
+ resp = TALER_MHD_MAKE_JSON_PACK (
+ GNUNET_JSON_pack_string ("challenge_type",
+ "IBAN_WIRE"),
+ GNUNET_JSON_pack_uint64 ("answer_code",
+ as->code),
+ TALER_JSON_pack_amount ("challenge_amount",
+ &ctx->expected_amount),
+ GNUNET_JSON_pack_string ("credit_iban",
+ ctx->business_iban),
+ GNUNET_JSON_pack_string ("business_name",
+ ctx->business_name),
+ GNUNET_JSON_pack_string ("wire_transfer_subject",
+ subject));
+ }
+ else
+ {
+ size_t reply_len;
+ char *reply;
+
+ reply_len = GNUNET_asprintf (&reply,
+ get_message (ctx->messages,
+ connection,
+ "instructions"),
+ TALER_amount2s (&ctx->expected_amount),
+ ctx->business_name,
+ ctx->business_iban,
+ (unsigned long long) as->code);
+ resp = MHD_create_response_from_buffer (reply_len,
+ reply,
+ MHD_RESPMEM_MUST_COPY);
+ GNUNET_free (reply);
+ TALER_MHD_add_global_headers (resp);
+ GNUNET_break (MHD_YES ==
+ MHD_add_response_header (resp,
+ MHD_HTTP_HEADER_CONTENT_TYPE,
+ "text/plain"));
+ }
+ mres = MHD_queue_response (connection,
+ MHD_HTTP_ACCEPTED,
+ resp);
+ MHD_destroy_response (resp);
+ if (MHD_YES != mres)
+ return ANASTASIS_AUTHORIZATION_CRES_SUCCESS_REPLY_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_SUCCESS;
+ }
+}
+
+
/**
* Begin issuing authentication challenge to user based on @a data.
* I.e. start to send IBAN or e-mail or launch video identification.
*
* @param as authorization state
* @param timeout how long do we have to produce a reply
+ * @param challenge_response hash of the challenge response, or NULL
* @param connection HTTP client request (for queuing response, such as
redirection to video portal)
* @return state of the request
*/
-static enum ANASTASIS_AUTHORIZATION_Result
-iban_process (struct ANASTASIS_AUTHORIZATION_State *as,
- struct GNUNET_TIME_Absolute timeout,
- struct MHD_Connection *connection)
+static enum ANASTASIS_AUTHORIZATION_SolveResult
+iban_solve (struct ANASTASIS_AUTHORIZATION_State *as,
+ struct GNUNET_TIME_Absolute timeout,
+ const struct GNUNET_HashCode *challenge_response,
+ struct MHD_Connection *connection)
{
struct IBAN_Context *ctx = as->ctx;
struct ANASTASIS_DatabasePlugin *db = ctx->ac->db;
@@ -550,45 +552,53 @@ iban_process (struct ANASTASIS_AUTHORIZATION_State *as,
{
case GNUNET_DB_STATUS_HARD_ERROR:
case GNUNET_DB_STATUS_SOFT_ERROR:
- resp = TALER_MHD_make_error (TALER_EC_GENERIC_DB_FETCH_FAILED,
- "test_challenge_code_satisfied");
+ resp = TALER_MHD_make_error (TALER_EC_ANASTASIS_TRUTH_AUTH_TIMEOUT,
+ "IBAN payment not yet received");
mres = MHD_queue_response (connection,
MHD_HTTP_INTERNAL_SERVER_ERROR,
resp);
MHD_destroy_response (resp);
if (MHD_YES != mres)
- return ANASTASIS_AUTHORIZATION_RES_FAILED_REPLY_FAILED;
- return ANASTASIS_AUTHORIZATION_RES_FAILED;
+ return ANASTASIS_AUTHORIZATION_SRES_FAILED_REPLY_FAILED;
+ return ANASTASIS_AUTHORIZATION_SRES_FAILED;
case GNUNET_DB_STATUS_SUCCESS_NO_RESULTS:
switch (test_wire_transfers (as))
{
case WTS_SUCCESS:
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"IBAN authorization finished!\n");
- return ANASTASIS_AUTHORIZATION_RES_FINISHED;
+ return ANASTASIS_AUTHORIZATION_SRES_FINISHED;
case WTS_NOT_READY:
break; /* continue below */
case WTS_FAILED_WITH_REPLY:
- return ANASTASIS_AUTHORIZATION_RES_FAILED;
+ return ANASTASIS_AUTHORIZATION_SRES_FAILED;
case WTS_FAILED_WITHOUT_REPLY:
- return ANASTASIS_AUTHORIZATION_RES_FAILED_REPLY_FAILED;
+ return ANASTASIS_AUTHORIZATION_SRES_FAILED_REPLY_FAILED;
}
if (GNUNET_TIME_absolute_is_future (timeout))
{
as->connection = connection;
MHD_suspend_connection (connection);
- return ANASTASIS_AUTHORIZATION_RES_SUSPENDED;
+ return ANASTASIS_AUTHORIZATION_SRES_SUSPENDED;
}
- return respond_with_challenge (as,
- connection);
+
+ resp = TALER_MHD_make_error (TALER_EC_GENERIC_DB_FETCH_FAILED,
+ NULL);
+ mres = MHD_queue_response (connection,
+ MHD_HTTP_FORBIDDEN,
+ resp);
+ MHD_destroy_response (resp);
+ if (MHD_YES != mres)
+ return ANASTASIS_AUTHORIZATION_SRES_FAILED_REPLY_FAILED;
+ return ANASTASIS_AUTHORIZATION_SRES_FAILED;
case GNUNET_DB_STATUS_SUCCESS_ONE_RESULT:
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"IBAN authorization finished!\n");
- return ANASTASIS_AUTHORIZATION_RES_FINISHED;
+ return ANASTASIS_AUTHORIZATION_SRES_FINISHED;
}
/* should be impossible */
GNUNET_break (0);
- return ANASTASIS_AUTHORIZATION_RES_FAILED_REPLY_FAILED;
+ return ANASTASIS_AUTHORIZATION_SRES_FAILED_REPLY_FAILED;
}
@@ -703,9 +713,9 @@ libanastasis_plugin_authorization_iban_init (void *cls)
plugin->cls = ctx;
plugin->validate = &iban_validate;
plugin->start = &iban_start;
- plugin->process = &iban_process;
+ plugin->challenge = &iban_challenge;
+ plugin->solve = &iban_solve;
plugin->cleanup = &iban_cleanup;
-
return plugin;
}
diff --git a/src/authorization/anastasis_authorization_plugin_post.c
b/src/authorization/anastasis_authorization_plugin_post.c
index ad0ed15..a8810ff 100644
--- a/src/authorization/anastasis_authorization_plugin_post.c
+++ b/src/authorization/anastasis_authorization_plugin_post.c
@@ -348,14 +348,12 @@ post_done_cb (void *cls,
* I.e. start to send SMS or e-mail or launch video identification.
*
* @param as authorization state
- * @param timeout how long do we have to produce a reply
* @param connection HTTP client request (for queuing response, such as
redirection to video portal)
* @return state of the request
*/
-static enum ANASTASIS_AUTHORIZATION_Result
-post_process (struct ANASTASIS_AUTHORIZATION_State *as,
- struct GNUNET_TIME_Absolute timeout,
- struct MHD_Connection *connection)
+static enum ANASTASIS_AUTHORIZATION_ChallengeResult
+post_challenge (struct ANASTASIS_AUTHORIZATION_State *as,
+ struct MHD_Connection *connection)
{
const char *mime;
const char *lang;
@@ -379,7 +377,6 @@ post_process (struct ANASTASIS_AUTHORIZATION_State *as,
GNUNET_JSON_spec_end ()
};
- (void) timeout;
mime = MHD_lookup_connection_value (connection,
MHD_HEADER_KIND,
MHD_HTTP_HEADER_ACCEPT);
@@ -401,8 +398,8 @@ post_process (struct ANASTASIS_AUTHORIZATION_State *as,
TALER_EC_ANASTASIS_POST_INVALID,
"address information incomplete");
if (MHD_YES != mres)
- return ANASTASIS_AUTHORIZATION_RES_FAILED_REPLY_FAILED;
- return ANASTASIS_AUTHORIZATION_RES_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_FAILED_REPLY_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_FAILED;
}
if (NULL == as->msg)
{
@@ -418,8 +415,8 @@ post_process (struct ANASTASIS_AUTHORIZATION_State *as,
TALER_EC_ANASTASIS_POST_HELPER_EXEC_FAILED,
"pipe");
if (MHD_YES != mres)
- return ANASTASIS_AUTHORIZATION_RES_FAILED_REPLY_FAILED;
- return ANASTASIS_AUTHORIZATION_RES_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_FAILED_REPLY_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_FAILED;
}
as->child = GNUNET_OS_start_process (GNUNET_OS_INHERIT_STD_ERR,
p,
@@ -441,8 +438,8 @@ post_process (struct ANASTASIS_AUTHORIZATION_State *as,
TALER_EC_ANASTASIS_POST_HELPER_EXEC_FAILED,
"exec");
if (MHD_YES != mres)
- return ANASTASIS_AUTHORIZATION_RES_FAILED_REPLY_FAILED;
- return ANASTASIS_AUTHORIZATION_RES_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_FAILED_REPLY_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_FAILED;
}
pipe_stdin = GNUNET_DISK_pipe_detach_end (p,
GNUNET_DISK_PIPE_END_WRITE);
@@ -474,8 +471,8 @@ post_process (struct ANASTASIS_AUTHORIZATION_State *as,
TALER_EC_ANASTASIS_POST_HELPER_EXEC_FAILED,
"write");
if (MHD_YES != mres)
- return ANASTASIS_AUTHORIZATION_RES_FAILED_REPLY_FAILED;
- return ANASTASIS_AUTHORIZATION_RES_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_FAILED_REPLY_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_FAILED;
}
as->msg_off += ret;
off += ret;
@@ -488,14 +485,14 @@ post_process (struct ANASTASIS_AUTHORIZATION_State *as,
as);
as->connection = connection;
MHD_suspend_connection (connection);
- return ANASTASIS_AUTHORIZATION_RES_SUSPENDED;
+ return ANASTASIS_AUTHORIZATION_CRES_SUSPENDED;
}
if (NULL != as->cwh)
{
/* Spurious call, why are we here? */
GNUNET_break (0);
MHD_suspend_connection (connection);
- return ANASTASIS_AUTHORIZATION_RES_SUSPENDED;
+ return ANASTASIS_AUTHORIZATION_CRES_SUSPENDED;
}
if ( (GNUNET_OS_PROCESS_EXITED != as->pst) ||
(0 != as->exit_code) )
@@ -512,8 +509,8 @@ post_process (struct ANASTASIS_AUTHORIZATION_State *as,
TALER_EC_ANASTASIS_POST_HELPER_COMMAND_FAILED,
es);
if (MHD_YES != mres)
- return ANASTASIS_AUTHORIZATION_RES_FAILED_REPLY_FAILED;
- return ANASTASIS_AUTHORIZATION_RES_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_FAILED_REPLY_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_FAILED;
}
/* Build HTTP response */
@@ -550,8 +547,8 @@ post_process (struct ANASTASIS_AUTHORIZATION_State *as,
resp);
MHD_destroy_response (resp);
if (MHD_YES != mres)
- return ANASTASIS_AUTHORIZATION_RES_SUCCESS_REPLY_FAILED;
- return ANASTASIS_AUTHORIZATION_RES_SUCCESS;
+ return ANASTASIS_AUTHORIZATION_CRES_SUCCESS_REPLY_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_SUCCESS;
}
}
@@ -636,7 +633,7 @@ libanastasis_plugin_authorization_post_init (void *cls)
plugin->cls = ctx;
plugin->validate = &post_validate;
plugin->start = &post_start;
- plugin->process = &post_process;
+ plugin->challenge = &post_challenge;
plugin->cleanup = &post_cleanup;
if (GNUNET_OK !=
diff --git a/src/authorization/anastasis_authorization_plugin_sms.c
b/src/authorization/anastasis_authorization_plugin_sms.c
index 6598d29..797c576 100644
--- a/src/authorization/anastasis_authorization_plugin_sms.c
+++ b/src/authorization/anastasis_authorization_plugin_sms.c
@@ -309,20 +309,17 @@ sms_done_cb (void *cls,
* I.e. start to send SMS or e-mail or launch video identification.
*
* @param as authorization state
- * @param timeout how long do we have to produce a reply
* @param connection HTTP client request (for queuing response, such as
redirection to video portal)
* @return state of the request
*/
-static enum ANASTASIS_AUTHORIZATION_Result
-sms_process (struct ANASTASIS_AUTHORIZATION_State *as,
- struct GNUNET_TIME_Absolute timeout,
- struct MHD_Connection *connection)
+static enum ANASTASIS_AUTHORIZATION_ChallengeResult
+sms_challenge (struct ANASTASIS_AUTHORIZATION_State *as,
+ struct MHD_Connection *connection)
{
MHD_RESULT mres;
const char *mime;
const char *lang;
- (void) timeout;
mime = MHD_lookup_connection_value (connection,
MHD_HEADER_KIND,
MHD_HTTP_HEADER_ACCEPT);
@@ -347,8 +344,8 @@ sms_process (struct ANASTASIS_AUTHORIZATION_State *as,
TALER_EC_ANASTASIS_SMS_HELPER_EXEC_FAILED,
"pipe");
if (MHD_YES != mres)
- return ANASTASIS_AUTHORIZATION_RES_FAILED_REPLY_FAILED;
- return ANASTASIS_AUTHORIZATION_RES_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_FAILED_REPLY_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_FAILED;
}
as->child = GNUNET_OS_start_process (GNUNET_OS_INHERIT_STD_ERR,
p,
@@ -366,8 +363,8 @@ sms_process (struct ANASTASIS_AUTHORIZATION_State *as,
TALER_EC_ANASTASIS_SMS_HELPER_EXEC_FAILED,
"exec");
if (MHD_YES != mres)
- return ANASTASIS_AUTHORIZATION_RES_FAILED_REPLY_FAILED;
- return ANASTASIS_AUTHORIZATION_RES_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_FAILED_REPLY_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_FAILED;
}
pipe_stdin = GNUNET_DISK_pipe_detach_end (p,
GNUNET_DISK_PIPE_END_WRITE);
@@ -397,8 +394,8 @@ sms_process (struct ANASTASIS_AUTHORIZATION_State *as,
TALER_EC_ANASTASIS_SMS_HELPER_EXEC_FAILED,
"write");
if (MHD_YES != mres)
- return ANASTASIS_AUTHORIZATION_RES_FAILED_REPLY_FAILED;
- return ANASTASIS_AUTHORIZATION_RES_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_FAILED_REPLY_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_FAILED;
}
as->msg_off += ret;
off += ret;
@@ -411,14 +408,14 @@ sms_process (struct ANASTASIS_AUTHORIZATION_State *as,
as);
as->connection = connection;
MHD_suspend_connection (connection);
- return ANASTASIS_AUTHORIZATION_RES_SUSPENDED;
+ return ANASTASIS_AUTHORIZATION_CRES_SUSPENDED;
}
if (NULL != as->cwh)
{
/* Spurious call, why are we here? */
GNUNET_break (0);
MHD_suspend_connection (connection);
- return ANASTASIS_AUTHORIZATION_RES_SUSPENDED;
+ return ANASTASIS_AUTHORIZATION_CRES_SUSPENDED;
}
if ( (GNUNET_OS_PROCESS_EXITED != as->pst) ||
(0 != as->exit_code) )
@@ -435,8 +432,8 @@ sms_process (struct ANASTASIS_AUTHORIZATION_State *as,
TALER_EC_ANASTASIS_SMS_HELPER_COMMAND_FAILED,
es);
if (MHD_YES != mres)
- return ANASTASIS_AUTHORIZATION_RES_FAILED_REPLY_FAILED;
- return ANASTASIS_AUTHORIZATION_RES_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_FAILED_REPLY_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_FAILED;
}
/* Build HTTP response */
@@ -485,8 +482,8 @@ sms_process (struct ANASTASIS_AUTHORIZATION_State *as,
resp);
MHD_destroy_response (resp);
if (MHD_YES != mres)
- return ANASTASIS_AUTHORIZATION_RES_SUCCESS_REPLY_FAILED;
- return ANASTASIS_AUTHORIZATION_RES_SUCCESS;
+ return ANASTASIS_AUTHORIZATION_CRES_SUCCESS_REPLY_FAILED;
+ return ANASTASIS_AUTHORIZATION_CRES_SUCCESS;
}
}
@@ -584,7 +581,7 @@ libanastasis_plugin_authorization_sms_init (void *cls)
plugin->cls = ctx;
plugin->validate = &sms_validate;
plugin->start = &sms_start;
- plugin->process = &sms_process;
+ plugin->challenge = &sms_challenge;
plugin->cleanup = &sms_cleanup;
if (GNUNET_OK !=
diff --git a/src/authorization/anastasis_authorization_plugin_totp.c
b/src/authorization/anastasis_authorization_plugin_totp.c
index 1f01652..77a5909 100644
--- a/src/authorization/anastasis_authorization_plugin_totp.c
+++ b/src/authorization/anastasis_authorization_plugin_totp.c
@@ -244,46 +244,29 @@ totp_start (void *cls,
/**
- * Begin issuing authentication challenge to user based on @a data.
+ * Check authentication response from the user.
*
* @param as authorization state
* @param timeout how long do we have to produce a reply
+ * @param challenge_response hash of the response
* @param connection HTTP client request (for queuing response, such as
redirection to video portal)
* @return state of the request
*/
-static enum ANASTASIS_AUTHORIZATION_Result
-totp_process (struct ANASTASIS_AUTHORIZATION_State *as,
- struct GNUNET_TIME_Absolute timeout,
- struct MHD_Connection *connection)
+static enum ANASTASIS_AUTHORIZATION_SolveResult
+totp_solve (struct ANASTASIS_AUTHORIZATION_State *as,
+ struct GNUNET_TIME_Absolute timeout,
+ const struct GNUNET_HashCode *challenge_response,
+ struct MHD_Connection *connection)
{
MHD_RESULT mres;
const char *mime;
const char *lang;
- const char *challenge_response_s;
- struct GNUNET_HashCode challenge_response;
-
- challenge_response_s = MHD_lookup_connection_value (connection,
- MHD_GET_ARGUMENT_KIND,
- "response");
- if ( (NULL == challenge_response_s) ||
- (GNUNET_OK !=
- GNUNET_CRYPTO_hash_from_string (challenge_response_s,
- &challenge_response)) )
- {
- GNUNET_break_op (0);
- mres = TALER_MHD_reply_with_error (connection,
- MHD_HTTP_BAD_REQUEST,
- TALER_EC_GENERIC_PARAMETER_MALFORMED,
- "response");
- if (MHD_YES != mres)
- return ANASTASIS_AUTHORIZATION_RES_FAILED_REPLY_FAILED;
- return ANASTASIS_AUTHORIZATION_RES_FAILED;
- }
+
for (unsigned int i = 0; i<=TIME_INTERVAL_RANGE * 2; i++)
if (0 ==
- GNUNET_memcmp (&challenge_response,
+ GNUNET_memcmp (challenge_response,
&as->valid_replies[i]))
- return ANASTASIS_AUTHORIZATION_RES_FINISHED;
+ return ANASTASIS_AUTHORIZATION_SRES_FINISHED;
mime = MHD_lookup_connection_value (connection,
MHD_HEADER_KIND,
MHD_HTTP_HEADER_ACCEPT);
@@ -338,8 +321,8 @@ totp_process (struct ANASTASIS_AUTHORIZATION_State *as,
MHD_destroy_response (resp);
}
if (MHD_YES != mres)
- return ANASTASIS_AUTHORIZATION_RES_FAILED_REPLY_FAILED;
- return ANASTASIS_AUTHORIZATION_RES_FAILED;
+ return ANASTASIS_AUTHORIZATION_SRES_FAILED_REPLY_FAILED;
+ return ANASTASIS_AUTHORIZATION_SRES_FAILED;
}
@@ -376,7 +359,7 @@ libanastasis_plugin_authorization_totp_init (void *cls)
plugin->code_retransmission_frequency = plugin->code_validity_period;
plugin->validate = &totp_validate;
plugin->start = &totp_start;
- plugin->process = &totp_process;
+ plugin->solve = &totp_solve;
plugin->cleanup = &totp_cleanup;
return plugin;
}
diff --git a/src/backend/anastasis-httpd_truth-challenge.c
b/src/backend/anastasis-httpd_truth-challenge.c
index 65dc244..3a3688e 100644
--- a/src/backend/anastasis-httpd_truth-challenge.c
+++ b/src/backend/anastasis-httpd_truth-challenge.c
@@ -44,6 +44,12 @@
#define AUTO_REFUND_TIMEOUT GNUNET_TIME_relative_multiply ( \
GNUNET_TIME_UNIT_MINUTES, 2)
+/**
+ * How long should the wallet check for payment before giving up?
+ */
+#define PAYMENT_TIMEOUT GNUNET_TIME_relative_multiply ( \
+ GNUNET_TIME_UNIT_SECONDS, 15)
+
/**
* How many retries do we allow per code?
@@ -135,8 +141,7 @@ struct ChallengeContext
struct GNUNET_CONTAINER_HeapNode *hn;
/**
- * How long do we wait at most for payment or
- * authorization?
+ * When should this request time out?
*/
struct GNUNET_TIME_Absolute timeout;
@@ -887,16 +892,23 @@ static MHD_RESULT
run_authorization_process (struct MHD_Connection *connection,
struct ChallengeContext *gc)
{
- enum ANASTASIS_AUTHORIZATION_Result ret;
+ enum ANASTASIS_AUTHORIZATION_ChallengeResult ret;
enum GNUNET_DB_QueryStatus qs;
GNUNET_assert (! gc->suspended);
- ret = gc->authorization->process (gc->as,
- gc->timeout,
- connection);
+ if (NULL == gc->authorization->challenge)
+ {
+ GNUNET_break (0);
+ return TALER_MHD_reply_with_error (gc->connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+
TALER_EC_ANASTASIS_TRUTH_AUTHORIZATION_START_FAILED,
+ "challenge method not implemented for
authorization method");
+ }
+ ret = gc->authorization->challenge (gc->as,
+ connection);
switch (ret)
{
- case ANASTASIS_AUTHORIZATION_RES_SUCCESS:
+ case ANASTASIS_AUTHORIZATION_CRES_SUCCESS:
/* Challenge sent successfully */
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"Authorization request sent successfully\n");
@@ -908,7 +920,7 @@ run_authorization_process (struct MHD_Connection
*connection,
gc->authorization->cleanup (gc->as);
gc->as = NULL;
return MHD_YES;
- case ANASTASIS_AUTHORIZATION_RES_FAILED:
+ case ANASTASIS_AUTHORIZATION_CRES_FAILED:
if (gc->payment_identifier_provided)
{
begin_refund (gc);
@@ -916,11 +928,11 @@ run_authorization_process (struct MHD_Connection
*connection,
gc->authorization->cleanup (gc->as);
gc->as = NULL;
return MHD_YES;
- case ANASTASIS_AUTHORIZATION_RES_SUSPENDED:
+ case ANASTASIS_AUTHORIZATION_CRES_SUSPENDED:
/* connection was suspended */
gc_suspended (gc);
return MHD_YES;
- case ANASTASIS_AUTHORIZATION_RES_SUCCESS_REPLY_FAILED:
+ case ANASTASIS_AUTHORIZATION_CRES_SUCCESS_REPLY_FAILED:
/* Challenge sent successfully */
qs = db->mark_challenge_sent (db->cls,
&gc->payment_identifier,
@@ -930,27 +942,10 @@ run_authorization_process (struct MHD_Connection
*connection,
gc->authorization->cleanup (gc->as);
gc->as = NULL;
return MHD_NO;
- case ANASTASIS_AUTHORIZATION_RES_FAILED_REPLY_FAILED:
+ case ANASTASIS_AUTHORIZATION_CRES_FAILED_REPLY_FAILED:
gc->authorization->cleanup (gc->as);
gc->as = NULL;
return MHD_NO;
- case ANASTASIS_AUTHORIZATION_RES_FINISHED:
- /* Neither case should EVER happen here! */
- GNUNET_break (0);
- GNUNET_assert (! gc->suspended);
- gc->authorization->cleanup (gc->as);
- gc->as = NULL;
- if (gc->in_list)
- {
- GNUNET_CONTAINER_DLL_remove (gc_head,
- gc_tail,
- gc);
- gc->in_list = false;
- }
- return TALER_MHD_reply_with_error (gc->connection,
- MHD_HTTP_INTERNAL_SERVER_ERROR,
-
TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE,
- "authorization successful when we were
only supposed to be challenging");
}
GNUNET_break (0);
return MHD_NO;
@@ -981,40 +976,8 @@ AH_handler_truth_challenge (
gc->connection = connection;
gc->truth_uuid = *truth_uuid;
gc->hc->cc = &request_done;
-
- {
- const char *long_poll_timeout_ms;
-
- long_poll_timeout_ms = MHD_lookup_connection_value (connection,
-
MHD_GET_ARGUMENT_KIND,
- "timeout_ms");
- if (NULL != long_poll_timeout_ms)
- {
- unsigned int timeout;
- char dummy;
-
- if (1 != sscanf (long_poll_timeout_ms,
- "%u%c",
- &timeout,
- &dummy))
- {
- GNUNET_break_op (0);
- return TALER_MHD_reply_with_error (connection,
- MHD_HTTP_BAD_REQUEST,
-
TALER_EC_GENERIC_PARAMETER_MALFORMED,
- "timeout_ms (must be non-negative
number)");
- }
- gc->timeout
- = GNUNET_TIME_relative_to_absolute (GNUNET_TIME_relative_multiply (
- GNUNET_TIME_UNIT_MILLISECONDS,
- timeout));
- }
- else
- {
- gc->timeout = GNUNET_TIME_relative_to_absolute (
- GNUNET_TIME_UNIT_SECONDS);
- }
- }
+ gc->timeout = GNUNET_TIME_relative_to_absolute (
+ PAYMENT_TIMEOUT);
} /* end of first-time initialization (if NULL == gc) */
else
{
diff --git a/src/backend/anastasis-httpd_truth-solve.c
b/src/backend/anastasis-httpd_truth-solve.c
index 2e4fea0..9142ad2 100644
--- a/src/backend/anastasis-httpd_truth-solve.c
+++ b/src/backend/anastasis-httpd_truth-solve.c
@@ -789,37 +789,36 @@ static MHD_RESULT
run_authorization_process (struct MHD_Connection *connection,
struct SolveContext *gc)
{
- enum ANASTASIS_AUTHORIZATION_Result ret;
+ enum ANASTASIS_AUTHORIZATION_SolveResult ret;
GNUNET_assert (! gc->suspended);
- ret = gc->authorization->process (gc->as,
- gc->timeout,
- connection);
- switch (ret)
+ if (NULL == gc->authorization->solve)
{
- case ANASTASIS_AUTHORIZATION_RES_SUCCESS:
- case ANASTASIS_AUTHORIZATION_RES_SUCCESS_REPLY_FAILED:
- /* Neither case should EVER happen here! */
GNUNET_break (0);
- gc->authorization->cleanup (gc->as);
- gc->as = NULL;
return TALER_MHD_reply_with_error (gc->connection,
MHD_HTTP_INTERNAL_SERVER_ERROR,
-
TALER_EC_GENERIC_INTERNAL_INVARIANT_FAILURE,
- "challenge sent when we were only
supposed to be checking");
- case ANASTASIS_AUTHORIZATION_RES_SUSPENDED:
+
TALER_EC_ANASTASIS_TRUTH_AUTHORIZATION_START_FAILED,
+ "solve method not implemented for
authorization method");
+ }
+ ret = gc->authorization->solve (gc->as,
+ gc->timeout,
+ &gc->challenge_response,
+ connection);
+ switch (ret)
+ {
+ case ANASTASIS_AUTHORIZATION_SRES_SUSPENDED:
/* connection was suspended */
gc_suspended (gc);
return MHD_YES;
- case ANASTASIS_AUTHORIZATION_RES_FAILED:
+ case ANASTASIS_AUTHORIZATION_SRES_FAILED:
gc->authorization->cleanup (gc->as);
gc->as = NULL;
return MHD_YES;
- case ANASTASIS_AUTHORIZATION_RES_FAILED_REPLY_FAILED:
+ case ANASTASIS_AUTHORIZATION_SRES_FAILED_REPLY_FAILED:
gc->authorization->cleanup (gc->as);
gc->as = NULL;
return MHD_NO;
- case ANASTASIS_AUTHORIZATION_RES_FINISHED:
+ case ANASTASIS_AUTHORIZATION_SRES_FINISHED:
GNUNET_assert (! gc->suspended);
gc->authorization->cleanup (gc->as);
gc->as = NULL;
@@ -983,7 +982,7 @@ direct_validation (struct SolveContext *gc,
size_t decrypted_truth_size)
{
/* Non-random code, call plugin directly! */
- enum ANASTASIS_AUTHORIZATION_Result aar;
+ enum ANASTASIS_AUTHORIZATION_SolveResult aar;
enum GNUNET_GenericReturnValue res;
res = rate_limit (gc);
@@ -1004,25 +1003,28 @@ direct_validation (struct SolveContext *gc,
TALER_EC_ANASTASIS_TRUTH_AUTHORIZATION_START_FAILED,
NULL);
}
- aar = gc->authorization->process (gc->as,
- GNUNET_TIME_UNIT_ZERO_ABS,
- gc->connection);
- switch (aar)
+ if (NULL == gc->authorization->solve)
{
- case ANASTASIS_AUTHORIZATION_RES_SUCCESS:
GNUNET_break (0);
+ return TALER_MHD_reply_with_error (gc->connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+
TALER_EC_ANASTASIS_TRUTH_AUTHORIZATION_START_FAILED,
+ "solve method not implemented for
authorization method");
+ }
+ aar = gc->authorization->solve (gc->as,
+ GNUNET_TIME_UNIT_ZERO_ABS,
+ &gc->challenge_response,
+ gc->connection);
+ switch (aar)
+ {
+ case ANASTASIS_AUTHORIZATION_SRES_FAILED:
return MHD_YES;
- case ANASTASIS_AUTHORIZATION_RES_FAILED:
- return MHD_YES;
- case ANASTASIS_AUTHORIZATION_RES_SUSPENDED:
+ case ANASTASIS_AUTHORIZATION_SRES_SUSPENDED:
gc_suspended (gc);
return MHD_YES;
- case ANASTASIS_AUTHORIZATION_RES_SUCCESS_REPLY_FAILED:
- GNUNET_break (0);
- return MHD_NO;
- case ANASTASIS_AUTHORIZATION_RES_FAILED_REPLY_FAILED:
+ case ANASTASIS_AUTHORIZATION_SRES_FAILED_REPLY_FAILED:
return MHD_NO;
- case ANASTASIS_AUTHORIZATION_RES_FINISHED:
+ case ANASTASIS_AUTHORIZATION_SRES_FINISHED:
return return_key_share (&gc->truth_uuid,
gc->connection);
}
diff --git a/src/include/anastasis_authorization_plugin.h
b/src/include/anastasis_authorization_plugin.h
index 10b99f3..a9d993d 100644
--- a/src/include/anastasis_authorization_plugin.h
+++ b/src/include/anastasis_authorization_plugin.h
@@ -33,21 +33,21 @@ struct ANASTASIS_AUTHORIZATION_State;
/**
* Enumeration values indicating the various possible
- * outcomes of the plugin's `process` function.
+ * outcomes of the plugin's `challenge` function.
*/
-enum ANASTASIS_AUTHORIZATION_Result
+enum ANASTASIS_AUTHORIZATION_ChallengeResult
{
/**
* We successfully sent the authorization challenge
* and queued a reply to MHD.
*/
- ANASTASIS_AUTHORIZATION_RES_SUCCESS = 0,
+ ANASTASIS_AUTHORIZATION_CRES_SUCCESS = 0,
/**
* We failed to transmit the authorization challenge,
* but successfully queued a failure response to MHD.
*/
- ANASTASIS_AUTHORIZATION_RES_FAILED = 1,
+ ANASTASIS_AUTHORIZATION_CRES_FAILED = 1,
/**
* The plugin suspended the MHD connection as it needs some more
@@ -55,7 +55,7 @@ enum ANASTASIS_AUTHORIZATION_Result
* plugin will resume the MHD connection when its work is done, and
* then the `process` function should be called again.
*/
- ANASTASIS_AUTHORIZATION_RES_SUSPENDED = 2,
+ ANASTASIS_AUTHORIZATION_CRES_SUSPENDED = 2,
/**
* The plugin tried to queue a reply on the MHD connection and
@@ -65,7 +65,7 @@ enum ANASTASIS_AUTHORIZATION_Result
* However, we were successful at transmitting the challenge,
* so the challenge should be marked as sent.
*/
- ANASTASIS_AUTHORIZATION_RES_SUCCESS_REPLY_FAILED = 4,
+ ANASTASIS_AUTHORIZATION_CRES_SUCCESS_REPLY_FAILED = 4,
/**
* The plugin tried to queue a reply on the MHD connection and
@@ -74,14 +74,45 @@ enum ANASTASIS_AUTHORIZATION_Result
*
* Additionally, we failed to transmit the challenge.
*/
- ANASTASIS_AUTHORIZATION_RES_FAILED_REPLY_FAILED = 5,
+ ANASTASIS_AUTHORIZATION_CRES_FAILED_REPLY_FAILED = 5
+};
+
+
+/**
+ * Enumeration values indicating the various possible
+ * outcomes of the plugin's `solve` function.
+ */
+enum ANASTASIS_AUTHORIZATION_SolveResult
+{
+ /**
+ * We failed to transmit the authorization challenge,
+ * but successfully queued a failure response to MHD.
+ */
+ ANASTASIS_AUTHORIZATION_SRES_FAILED = 0,
+
+ /**
+ * The plugin suspended the MHD connection as it needs some more
+ * time to do its (asynchronous) work before we can proceed. The
+ * plugin will resume the MHD connection when its work is done, and
+ * then the `process` function should be called again.
+ */
+ ANASTASIS_AUTHORIZATION_SRES_SUSPENDED = 1,
+
+ /**
+ * The plugin tried to queue a reply on the MHD connection and
+ * failed to do so. We should return #MHD_NO to MHD to cause the
+ * HTTP connection to be closed without any reply.
+ *
+ * Additionally, we failed to transmit the challenge.
+ */
+ ANASTASIS_AUTHORIZATION_SRES_FAILED_REPLY_FAILED = 2,
/**
* The authentication process completed successfully
* and we should signal success to the client by
* returning the truth.
*/
- ANASTASIS_AUTHORIZATION_RES_FINISHED = 6
+ ANASTASIS_AUTHORIZATION_SRES_FINISHED = 3
};
@@ -210,18 +241,31 @@ struct ANASTASIS_AuthorizationPlugin
/**
* Continue issuing authentication challenge to user based on @a data.
* I.e. check if the transmission of the challenge via SMS or e-mail
- * has completed and/or manipulate @a connection to redirect the client
- * to a video identification site.
+ * has completed and/or manipulate @a connection to direct the client
towards solving the challenge.
+ *
+ * @param as authorization state
+ * @param connection HTTP client request (for queuing response, such as
redirection to video portal)
+ * @return state of the request
+ */
+ enum ANASTASIS_AUTHORIZATION_ChallengeResult
+ (*challenge)(struct ANASTASIS_AUTHORIZATION_State *as,
+ struct MHD_Connection *connection);
+
+
+ /**
+ * Check if the client has solved the challenge.
*
* @param as authorization state
* @param timeout how long do we have to produce a reply
+ * @param challenge_response hash of the challenge response, or NULL
* @param connection HTTP client request (for queuing response, such as
redirection to video portal)
* @return state of the request
*/
- enum ANASTASIS_AUTHORIZATION_Result
- (*process)(struct ANASTASIS_AUTHORIZATION_State *as,
- struct GNUNET_TIME_Absolute timeout,
- struct MHD_Connection *connection);
+ enum ANASTASIS_AUTHORIZATION_SolveResult
+ (*solve)(struct ANASTASIS_AUTHORIZATION_State *as,
+ struct GNUNET_TIME_Absolute timeout,
+ const struct GNUNET_HashCode *challenge_response,
+ struct MHD_Connection *connection);
/**
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-anastasis] branch master updated: -clean up challenge logic for new truth api,
gnunet <=