View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0008456 | Taler | mechant backend | public | 2024-02-20 20:49 | 2024-03-07 20:47 |
| Reporter | sebasjm | Assigned To | Christian Grothoff | ||
| Priority | normal | Severity | minor | Reproducibility | always |
| Status | closed | Resolution | fixed | ||
| Product Version | git (master) | ||||
| Target Version | 0.9.4 | Fixed in Version | 0.9.4 | ||
| Summary | 0008456: merchan backend complains about credentials being wrong when URL is missing a / | ||||
| Description | https://git.taler.net/merchant.git/tree/src/bank/mb_parse.c#n125 $ curl 'http://merchant.taler.test:1180/private/accounts' --data-raw '{"payto_uri":"payto://x-taler-bank/e/e?receiver-name=e","credit_facade_url":"http://evil.com","credit_facade_credentials":{"type":"BASIC","username":"we","password":"we"}}' { "code": 26, "hint": "A parameter in the request was malformed. This is likely a bug in the client implementation. Check if you are using the latest available version and/or file a report with the developers.", "detail": "credit_facade_credentials" } | ||||
| Tags | No tags attached. | ||||
|
|
also, this request should not be valid since doesn't have URL $ curl 'http://merchant.taler.test:1180/private/accounts/SP8R9SG0WEYXKPE85Z8V71EBKWG6VZMYMZMP77MNX2GAWDSD5F5MACV05YTBB1F5E24GR85KH41XD5R594Y6J81XY29SX0KKQ5RKRTR' -X 'PATCH' -v --data-raw '{"credit_facade_credentials":{"type":"basic","password":"we","username":"we"}}' * Trying 127.0.0.1:1180... * Connected to merchant.taler.test (127.0.0.1) port 1180 (#0) > PATCH /private/accounts/SP8R9SG0WEYXKPE85Z8V71EBKWG6VZMYMZMP77MNX2GAWDSD5F5MACV05YTBB1F5E24GR85KH41XD5R594Y6J81XY29SX0KKQ5RKRTR HTTP/1.1 < HTTP/1.1 204 No Content |
|
|
I don't see the issue. The credit_facade_url is specified as mandatory ending with "/". The error message says the credit_facade_url is malformed, as it is. Why do you think this is even a bug? The 2nd request is well-formed: the credit_facade_url is specified as *optional*. So it is OK to be missing. Sure, the other credentials are then not useful, but that doesn't make the request invalid. In fact, the user may want to keep/store/preserve the credentials and could just disable the credit facade by setting the URL to empty. So again, I don't see an issue here. |
|
|
the problem is that the error message says that the credentials are wrong, they are not the URL is, that's OK, I agree and it's not part of the problem I even point out here https://git.taler.net/merchant.git/tree/src/bank/mb_parse.c#n125 is checking URL in the function that should check credentials |
|
|
Ah, I see. We refer to the wrong field, because due to the internal logic we actually don't know which of the two went south. Fixing the message to refer to *both* fields. |
|
|
Fixed in 9b21f07..ba762c3 |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2024-02-20 20:49 | sebasjm | New Issue | |
| 2024-02-20 20:49 | sebasjm | Status | new => assigned |
| 2024-02-20 20:49 | sebasjm | Assigned To | => Christian Grothoff |
| 2024-02-20 21:17 | sebasjm | Note Added: 0021394 | |
| 2024-02-21 19:46 | Christian Grothoff | Note Added: 0021412 | |
| 2024-02-21 19:46 | Christian Grothoff | Assigned To | Christian Grothoff => sebasjm |
| 2024-02-21 19:46 | Christian Grothoff | Status | assigned => feedback |
| 2024-02-21 19:54 | sebasjm | Note Added: 0021413 | |
| 2024-02-21 19:54 | sebasjm | Assigned To | sebasjm => Christian Grothoff |
| 2024-02-21 21:13 | Christian Grothoff | Note Added: 0021425 | |
| 2024-02-21 21:13 | Christian Grothoff | Note Added: 0021426 | |
| 2024-02-21 21:13 | Christian Grothoff | Status | feedback => resolved |
| 2024-02-21 21:13 | Christian Grothoff | Resolution | open => fixed |
| 2024-02-21 21:13 | Christian Grothoff | Fixed in Version | => 0.9.4 |
| 2024-03-07 20:47 | Christian Grothoff | Status | resolved => closed |
