[taler-merchant] branch master updated (e29a6603 -> 66f6cf25)

[gnunet]

This is an automated email from the git hooks/post-receive script.

dold pushed a change to branch master
in repository merchant.

    from e29a6603 towards updated auth API (tests still missing)
     new 7075d07b run merchant tests from the wallet test suite in 'make check'
     new 66f6cf25 fix Authorization header parsing

The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 src/.gitignore                             |  3 +-
 src/backend/taler-merchant-httpd.c         | 53 +++++++++++++++++++++---------
 src/include/platform.h                     |  2 +-
 src/testing/Makefile.am                    |  7 +++-
 src/testing/test-merchant-walletharness.sh | 18 ++++++++++
 5 files changed, 64 insertions(+), 19 deletions(-)
 create mode 100755 src/testing/test-merchant-walletharness.sh

diff --git a/src/.gitignore b/src/.gitignore
index 90ea1a04..4f49c073 100644
--- a/src/.gitignore
+++ b/src/.gitignore
@@ -6,4 +6,5 @@
 *.log
 *.trs
 */__pycache__
-test-*
\ No newline at end of file
+test-*
+!test-*.sh
diff --git a/src/backend/taler-merchant-httpd.c 
b/src/backend/taler-merchant-httpd.c
index 0690e621..77dedaae 100644
--- a/src/backend/taler-merchant-httpd.c
+++ b/src/backend/taler-merchant-httpd.c
@@ -960,6 +960,35 @@ TMH_add_instance (struct TMH_MerchantInstance *mi)
   return ret;
 }
 
+/**
+ * Extract the token from authorization header value @a auth.
+ *
+ * @param auth pointer to authorization header value,
+ *        will be updated to point to the start of the token
+ *        or set to NULL if header value is invalid
+ */
+static void
+extract_token (const char **auth)
+{
+  const char *bearer = "Bearer ";
+  const char *tok = *auth;
+  if (0 != strncmp (tok, bearer, strlen (bearer)))
+  {
+    *auth = NULL;
+    return;
+  }
+  tok = tok + strlen (bearer);
+  while (' ' == *tok)
+    tok++;
+  if (0 != strncasecmp (tok,
+                        RFC_8959_PREFIX,
+                        strlen (RFC_8959_PREFIX)))
+  {
+    *auth = NULL;
+    return;
+  }
+  *auth = tok;
+}
 
 /**
  * A client has requested the given url using the given method
@@ -1654,23 +1683,15 @@ url_handler (void *cls,
                                         MHD_HTTP_HEADER_AUTHORIZATION);
     if (NULL != auth)
     {
-      if  (0 != strncasecmp (auth,
-                             RFC_8959_PREFIX,
-                             strlen (RFC_8959_PREFIX)))
-      {
-        /* We _only_ complain about malformed auth headers if
-           authorization was truly required (#6737). This helps
-           in case authorization was disabled in the backend
-           because some reverse proxy is already doing it, and
-           then that reverse proxy may forward malformed auth
-           headers to the backend. */
+      /* We _only_ complain about malformed auth headers if
+         authorization was truly required (#6737). This helps
+         in case authorization was disabled in the backend
+         because some reverse proxy is already doing it, and
+         then that reverse proxy may forward malformed auth
+         headers to the backend. */
+      extract_token (&auth);
+      if (NULL == auth)
         auth_malformed = true;
-        auth = NULL;
-      }
-      else
-      {
-        auth += strlen (RFC_8959_PREFIX);
-      }
     }
 
     /* Are the credentials provided OK for the default instance?
diff --git a/src/include/platform.h b/src/include/platform.h
index 70c296fd..ab260ebe 100644
--- a/src/include/platform.h
+++ b/src/include/platform.h
@@ -62,7 +62,7 @@
  *  Mark Nottingham thinks this should be fixed by revising HTTP
  *  spec (https://github.com/httpwg/http-core/issues/733))
  */
-#define RFC_8959_PREFIX "Bearer secret-token:"
+#define RFC_8959_PREFIX "secret-token:"
 
 
 #endif  /* PLATFORM_H_ */
diff --git a/src/testing/Makefile.am b/src/testing/Makefile.am
index fb045996..cad802fb 100644
--- a/src/testing/Makefile.am
+++ b/src/testing/Makefile.am
@@ -6,6 +6,9 @@ if USE_COVERAGE
   XLIB = -lgcov
 endif
 
+
+check_SCRIPTS = test-merchant-walletharness.sh
+
 lib_LTLIBRARIES = \
   libtalermerchanttesting.la
 
@@ -82,7 +85,9 @@ endif
 endif
 
 TESTS = \
-  $(check_PROGRAMS)
+  $(check_PROGRAMS) \
+  $(check_SCRIPTS)
+
 
 test_merchant_api_twisted_SOURCES = \
   test_merchant_api_twisted.c
diff --git a/src/testing/test-merchant-walletharness.sh 
b/src/testing/test-merchant-walletharness.sh
new file mode 100755
index 00000000..f3f1d59a
--- /dev/null
+++ b/src/testing/test-merchant-walletharness.sh
@@ -0,0 +1,18 @@
+#!/usr/bin/env bash
+
+# This script runs test from the wallet's integration test harness.
+# If the wallet is not installed, the tests are skipped.
+# Only tests from the "merchant" test suite are run.
+
+set -eu
+
+res=0
+taler-wallet-cli testing run-integrationtests --dry --suites merchant 
2&>/dev/null || res=$?
+
+if [[ $res -ne 0 ]]; then
+  echo "skipping wallet test harness"
+  exit 77
+fi
+
+
+exec taler-wallet-cli testing run-integrationtests --suites merchant

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.