taler
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Taler] WebEx wallet can't POST on Django site


From: Florian Dold
Subject: Re: [Taler] WebEx wallet can't POST on Django site
Date: Thu, 4 Feb 2016 17:44:07 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1

On 02/04/2016 04:36 PM, Christian Grothoff wrote:
> Given this, all we really need is a mechanism for the first frontend
> page to pass the URI of the PIN page to the backend. The PIN page would
> then be fetched via GET and passed (via URI arguments?) the necessary
> transaction details, just like we do with the deposit process.

That does make sense I guess.  Another question is, should we still
support the forms-based protocol now that the FF wallet is gone?

It seems like there's a bit of needless indirection going on (we have a
DOM event that contains the IDs of input fields that contain the name
for the POST parameter ...).  I'd rather like to get rid of that.

Basically, to support Marcello's use case for the bank, we should change
the create-reserve DOM event to have the the following, simplified
parameters:

interface CreateReserveDetail {
  // Initial amount that the wallet expects
  // in the reserve
  amount: Amount;

  // Target for an HTTP GET with the following
  // query parameters:
  // - mint: mint chosen by user
  // - reserve_pub: generated reserve pubkey
  callback_url: string;
}

This change makes the wallet simpler, but requires some changes to the
existing bank.

The callback_url will do the actual POST.

One question remains:  What happens if, after create-reserve, the user
fails to enter the right PIN?  Will the reserve be marked as "failed"
(maybe by a DOM event from the bank)?  Will it expire?  What's the UX?

Maybe the create-reserve should create the reserve in a "soft hidden"
state, and once the bank is sure that it has actually been created, it
sends a confirm-reserve DOM event to mark it as "yes, after some time
the user can withdraw coins from this reserve".

- Florian

Attachment: signature.asc
Description: OpenPGP digital signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]