[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-challenger] 01/07: reply with json in /solve and oauth error
|
From: |
gnunet |
|
Subject: |
[taler-challenger] 01/07: reply with json in /solve and oauth error |
|
Date: |
Tue, 02 Jul 2024 14:41:51 +0200 |
This is an automated email from the git hooks/post-receive script.
sebasjm pushed a commit to branch master
in repository challenger.
commit 56385d9aa0eb242be47c1239883804167fccedf9
Author: Sebastian <sebasjm@gmail.com>
AuthorDate: Tue Jun 25 17:49:50 2024 -0300
reply with json in /solve and oauth error
---
src/challenger/challenger-httpd_authorize.c | 13 +++--
src/challenger/challenger-httpd_challenge.c | 27 +++++-----
src/challenger/challenger-httpd_common.c | 50 +++++++++++++-----
src/challenger/challenger-httpd_solve.c | 80 ++++++++++++++++++-----------
4 files changed, 105 insertions(+), 65 deletions(-)
diff --git a/src/challenger/challenger-httpd_authorize.c
b/src/challenger/challenger-httpd_authorize.c
index 68015ac..05ec4f2 100644
--- a/src/challenger/challenger-httpd_authorize.c
+++ b/src/challenger/challenger-httpd_authorize.c
@@ -234,13 +234,12 @@ CH_handler_authorize (struct CH_HandlerContext *hc,
GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
"Refusing authorization: zero attempts left\n");
json_decref (last_address);
- return TALER_MHD_redirect_with_oauth_status (
- hc->connection,
- redirect_uri,
- state,
- "unauthorized_client",
- "client exceeded authorization attempts limit (too many addresses)",
- NULL);
+ return reply_error (hc,
+ "unauthorized_client",
+ MHD_HTTP_FORBIDDEN,
+ 1, // TALER_EC_CHALLENGER_EXHAUSTED
+ "client exceeded authorization attempts limit (too
many addresses)");
+
}
{
enum GNUNET_GenericReturnValue ret;
diff --git a/src/challenger/challenger-httpd_challenge.c
b/src/challenger/challenger-httpd_challenge.c
index c5fed98..1eb39e7 100644
--- a/src/challenger/challenger-httpd_challenge.c
+++ b/src/challenger/challenger-httpd_challenge.c
@@ -681,25 +681,22 @@ CH_handler_challenge (struct CH_HandlerContext *hc,
{
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"Address changes exhausted address change limit for this
process\n");
- return TALER_MHD_redirect_with_oauth_status (
- hc->connection,
- bc->client_redirect_uri,
- bc->state,
- "unauthorized_client",
- "client exceeded authorization attempts limit (too many addresses
attempted)",
- NULL);
+ return reply_error (bc,
+ "unauthorized_client",
+ MHD_HTTP_FORBIDDEN,
+ 1, // TALER_EC_CHALLENGER_TOO_MANY_ADDRESSES_ATTEMPTED
+ "client exceeded authorization attempts limit (too
many addresses attempted)");
+
}
if (0 == bc->pin_attempts_left)
{
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"Address changes exhausted PIN limit for this address\n");
- return TALER_MHD_redirect_with_oauth_status (
- hc->connection,
- bc->client_redirect_uri,
- bc->state,
- "unauthorized_client",
- "client exceeded authorization attempts limit (too many PINs)",
- NULL);
+ return reply_error (bc,
+ "unauthorized_client",
+ MHD_HTTP_FORBIDDEN,
+ 1, // TALER_EC_CHALLENGER_TOO_MANY_PIN_ATTEMPTED
+ "client exceeded authorization attempts limit (too
many PINs)");
}
if (bc->retransmit)
@@ -730,6 +727,8 @@ CH_handler_challenge (struct CH_HandlerContext *hc,
bc->pin_attempts_left),
GNUNET_JSON_pack_string ("nonce",
hc->path),
+ GNUNET_JSON_pack_string ("type",
+ "created"),
GNUNET_JSON_pack_object_incref ("address",
bc->address),
GNUNET_JSON_pack_bool ("transmitted",
diff --git a/src/challenger/challenger-httpd_common.c
b/src/challenger/challenger-httpd_common.c
index 65fbfa5..17b2b6e 100644
--- a/src/challenger/challenger-httpd_common.c
+++ b/src/challenger/challenger-httpd_common.c
@@ -188,21 +188,23 @@ TALER_MHD_redirect_with_oauth_status (
const char *oauth_error_uri)
{
struct MHD_Response *response;
+ unsigned int http_status;
- response = MHD_create_response_from_buffer (strlen (oauth_error),
- (void *) oauth_error,
- MHD_RESPMEM_PERSISTENT);
- if (NULL == response)
- {
- GNUNET_break (0);
- return MHD_NO;
- }
- TALER_MHD_add_global_headers (response);
- GNUNET_break (MHD_YES ==
- MHD_add_response_header (response,
- MHD_HTTP_HEADER_CONTENT_TYPE,
- "text/plain"));
+ if (0 == CH_get_output_type (connection))
{
+ response = MHD_create_response_from_buffer (strlen (oauth_error),
+ (void *) oauth_error,
+ MHD_RESPMEM_PERSISTENT);
+ if (NULL == response)
+ {
+ GNUNET_break (0);
+ return MHD_NO;
+ }
+ TALER_MHD_add_global_headers (response);
+ GNUNET_break (MHD_YES ==
+ MHD_add_response_header (response,
+ MHD_HTTP_HEADER_CONTENT_TYPE,
+ "text/plain"));
char *url;
char *enc_err;
char *enc_state;
@@ -237,14 +239,34 @@ TALER_MHD_redirect_with_oauth_status (
GNUNET_free (url);
return MHD_NO;
}
+ http_status = MHD_HTTP_FOUND;
GNUNET_free (url);
}
+ else
+ {
+ json_t *args;
+ args = GNUNET_JSON_PACK (
+ GNUNET_JSON_pack_string ("state",
+ state),
+ GNUNET_JSON_pack_string ("error",
+ oauth_error),
+ GNUNET_JSON_pack_allow_null (
+ GNUNET_JSON_pack_string ("description",
+ oauth_error_description)),
+ GNUNET_JSON_pack_allow_null (
+ GNUNET_JSON_pack_string ("uri",
+ oauth_error_uri)));
+
+ response = TALER_MHD_make_json (args);
+ TALER_MHD_add_global_headers (response);
+ http_status = MHD_HTTP_TOO_MANY_REQUESTS;
+ }
{
MHD_RESULT ret;
ret = MHD_queue_response (connection,
- MHD_HTTP_FOUND,
+ http_status,
response);
MHD_destroy_response (response);
return ret;
diff --git a/src/challenger/challenger-httpd_solve.c
b/src/challenger/challenger-httpd_solve.c
index 15495bb..4bb8fc5 100644
--- a/src/challenger/challenger-httpd_solve.c
+++ b/src/challenger/challenger-httpd_solve.c
@@ -317,13 +317,11 @@ CH_handler_solve (struct CH_HandlerContext *hc,
{
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"Client exhausted all chances to satisfy challenge\n");
- return TALER_MHD_redirect_with_oauth_status (
- hc->connection,
- bc->client_redirect_uri,
- bc->state,
- "access_denied",
- "users exhausted all possibilities of passing the check",
- NULL);
+ return reply_error (bc,
+ "access_denied",
+ MHD_HTTP_FORBIDDEN,
+ 1, // TALER_EC_CHALLENGER_EXHAUSTED
+ "users exhausted all possibilities of passing the
check");
}
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
@@ -332,6 +330,8 @@ CH_handler_solve (struct CH_HandlerContext *hc,
TALER_JSON_pack_ec (TALER_EC_CHALLENGER_INVALID_PIN),
GNUNET_JSON_pack_uint64 ("addresses_left",
bc->addr_left),
+ GNUNET_JSON_pack_string ("type",
+ "pending"),
GNUNET_JSON_pack_uint64 ("pin_transmissions_left",
bc->pin_transmissions_left),
GNUNET_JSON_pack_uint64 ("auth_attempts_left",
@@ -360,6 +360,7 @@ CH_handler_solve (struct CH_HandlerContext *hc,
{
struct MHD_Response *response;
char *url;
+ unsigned int http_status;
{
char *client_secret;
@@ -422,41 +423,60 @@ CH_handler_solve (struct CH_HandlerContext *hc,
GNUNET_free (client_state);
}
+ if (0 == CH_get_output_type (hc->connection))
{
- const char *ok = "Ok!";
+ {
+ const char *ok = "Ok!";
- response = MHD_create_response_from_buffer (strlen (ok),
- (void *) ok,
- MHD_RESPMEM_PERSISTENT);
- }
- if (NULL == response)
- {
- GNUNET_break (0);
+ response = MHD_create_response_from_buffer (strlen (ok),
+ (void *) ok,
+ MHD_RESPMEM_PERSISTENT);
+ }
+ if (NULL == response)
+ {
+ GNUNET_break (0);
+ GNUNET_free (url);
+ return MHD_NO;
+ }
+ TALER_MHD_add_global_headers (response);
+ GNUNET_break (MHD_YES ==
+ MHD_add_response_header (response,
+ MHD_HTTP_HEADER_CONTENT_TYPE,
+ "text/plain"));
+ if (MHD_NO ==
+ MHD_add_response_header (response,
+ MHD_HTTP_HEADER_LOCATION,
+ url))
+ {
+ GNUNET_break (0);
+ MHD_destroy_response (response);
+ GNUNET_free (url);
+ return MHD_NO;
+ }
+ http_status = MHD_HTTP_FOUND;
GNUNET_free (url);
- return MHD_NO;
}
- TALER_MHD_add_global_headers (response);
- GNUNET_break (MHD_YES ==
- MHD_add_response_header (response,
- MHD_HTTP_HEADER_CONTENT_TYPE,
- "text/plain"));
- if (MHD_NO ==
- MHD_add_response_header (response,
- MHD_HTTP_HEADER_LOCATION,
- url))
+ else
{
- GNUNET_break (0);
- MHD_destroy_response (response);
+ json_t *args;
+ args = GNUNET_JSON_PACK (
+ GNUNET_JSON_pack_string ("type",
+ "completed"),
+ GNUNET_JSON_pack_string ("redirect_url",
+ url)
+ );
GNUNET_free (url);
- return MHD_NO;
+
+ response = TALER_MHD_make_json (args);
+
+ http_status = MHD_HTTP_OK;
}
- GNUNET_free (url);
{
MHD_RESULT ret;
ret = MHD_queue_response (hc->connection,
- MHD_HTTP_FOUND,
+ http_status,
response);
MHD_destroy_response (response);
return ret;
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [taler-challenger] branch master updated (93ac72e -> 93194d9), gnunet, 2024/07/02
- [taler-challenger] 02/07: missing solved status, gnunet, 2024/07/02
- [taler-challenger] 01/07: reply with json in /solve and oauth error,
gnunet <=
- [taler-challenger] 04/07: client state may be NULL if no login was perform first, gnunet, 2024/07/02
- [taler-challenger] 03/07: use TOO_MANY_REQUEST http status, gnunet, 2024/07/02
- [taler-challenger] 06/07: implement missing v2 interface, remove unused fields, gnunet, 2024/07/02
- [taler-challenger] 07/07: remove 428 which is not documented and the normal response gives enough info to the client, gnunet, 2024/07/02
- [taler-challenger] 05/07: more info in the login endpoint, gnunet, 2024/07/02