commit 2dfaec0fc9b112ed1d6d0581c6bbb48ec0336b06
author Pavlin Angelov <pavlin.angelov@miracl.com> Tue Jun 07 14:15:32 2016 +0300
committer Pavlin Angelov <pavlin.angelov@miracl.com> Wed Jun 08 17:45:40 2016 +0300
tree b248c556e8dbea97daf56d64cf0620329b14985d
parent 89ec87d330253f354241b63bab5487e71344edfb

Implement qr mobile flow

Created /codeStatus endpoint as expected by mobile apps to report their
status to the server

Change /accessnumber to /access and implement the new flow of reporting
statuses to the MPin-pad

servers/rps/mobile_flow.py

diff --git a/servers/rps/mobile_flow.py b/servers/rps/mobile_flow.py
index 638b115..27db65e 100644
--- a/servers/rps/mobile_flow.py
+++ b/servers/rps/mobile_flow.py
@@ -52,3 +52,55 @@
         }
 
         return params
+
+    def update_app_status(self, data):
+        mobile_status = data.get('status')
+        params = {
+            'Status': 'OK'
+        }
+
+        # Keyfind
+        keyAuth = self.storage.find(stage="auth", wid=data.get('wid'))
+        if not keyAuth:
+            return params
+
+        userId = data.get('userId')
+
+        keyAuth.update(mobile_status=mobile_status, userId=userId)
+
+        if mobile_status == "wid":
+            params = {
+                'PrerollId': "",  # We don't use it at the moment
+                'AppName': options.serviceName,
+                'AppLogoUrl': options.serviceIconUrl,
+            }
+
+        return params
+
+    def get_app_status(self, webOTT):
+        params = {
+            'status':      "new",
+            'statusCode':  0,
+            'userId':      "",
+            'redirectURL': "",
+            'authOTT': ""
+        }
+
+        I = self.storage.find(stage="auth", webOTT=webOTT)
+        if not I:
+            log.debug("Cannot find webOTT: {0}".format(webOTT))
+            params['status'] = 'expired'
+            return params
+
+        if I.mobile_status:
+            params['status'] = I.mobile_status
+
+        if I.mobile_status == 'user' and I.userId:
+            params['userId'] = I.userId
+
+        authOTT = I.authOTT
+        if authOTT and (str(I.status) == "200"):
+            params['status'] = 'authenticate'
+            params['authOTT'] = authOTT
+
+        return params

servers/rps/rps.py

diff --git a/servers/rps/rps.py b/servers/rps/rps.py
index 12986dd..81aace9 100755
--- a/servers/rps/rps.py
+++ b/servers/rps/rps.py
@@ -1,4 +1,4 @@
-#!/usr/bin/env python
+#!/usr/bin/en python
 #
 # Licensed to the Apache Software Foundation (ASF) under one
 # or more contributor license agreements.  See the NOTICE file
@@ -317,11 +317,12 @@
         }
 
         if not options.requestOTP:
-            params["accessNumberURL"] = "{0}/accessnumber".format(baseURL)
+            params["accessNumberURL"] = "{0}/access".format(baseURL)
             params["getAccessNumberURL"] = "{0}/getAccessNumber".format(baseURL)
 
         if options.mobileUseNative:
             params["getQrUrl"] = "{0}/getQrUrl".format(baseURL)
+            params["codeStatusURL"] = "{0}/codeStatus".format(baseURL)
 
         self.write(params)
         self.finish()
@@ -722,7 +723,7 @@
         self.finish()
 
 
-class RPSAccessNumberHandler(BaseHandler):
+class RPSAccessHanler(BaseHandler):
     @tornado.web.asynchronous
     @tornado.gen.engine
     def post(self):
@@ -736,25 +737,10 @@
             self.finish()
             return
 
-        I = self.storage.find(stage="auth", webOTT=webOTT)
-        if not I:
-            log.debug("Cannot find webOTT: {0}".format(webOTT))
+        params = MobileFlow(self.application, self.storage).get_app_status(webOTT)
 
-            self.set_status(404)
-            self.finish()
-            return
-
-        authOTT = I.authOTT
-        if authOTT and (str(I.status) == "200"):
-            self.write({"authOTT": authOTT})
-            self.finish()
-        else:
-            if not authOTT:
-                log.debug("authOTT not set for webOTT: {0}".format(webOTT))
-            else:
-                log.debug("Auth status for webOTT: {0}: {1}".format(webOTT, I.status))
-            self.set_status(401)
-            self.finish()
+        self.write(params)
+        self.finish()
 
 
 class RPSAuthenticateHandler(BaseHandler):
@@ -1528,6 +1514,34 @@
             self.write(json.dumps(options.mobileConfig))
 
 
+class RPSCodeStatusHandler(BaseHandler):
+    @tornado.web.asynchronous
+    @tornado.gen.engine
+    def post(self):
+        try:
+            data = json.loads(self.request.body)
+            data['status']
+        except ValueError:
+            log.error("Cannot decode body as JSON.")
+            log.debug(self.request.body)
+            self.set_status(400, reason="BAD REQUEST. INVALID JSON")
+            self.finish()
+            return
+        except KeyError:
+            log.error("Invalid JSON data structure")
+            log.debug(data)
+            self.set_status(400, reason="BAD REQUEST. INVALID DATA")
+            self.finish()
+            return
+
+        mobileFlow = MobileFlow(self.application, self.storage)
+        params = mobileFlow.update_app_status(data)
+
+        self.set_status(200, 'OK')
+        self.write(params)
+        self.finish()
+
+
 # MAIN
 class Application(tornado.web.Application):
     def __init__(self):
@@ -1538,9 +1552,10 @@
             (r"/{0}/signature/([0-9A-Fa-f]+)".format(rpsPrefix), RPSSignatureHandler),  # GET
             (r"/{0}/timePermit/([0-9A-Fa-f]+)".format(rpsPrefix), RPSTimePermitHandler),  # GET
             (r"/{0}/setupDone/([0-9A-Fa-f]+)".format(rpsPrefix), RPSSetupDoneHandler),  # POST
-            (r"/{0}/accessnumber".format(rpsPrefix), RPSAccessNumberHandler),  # POST
+            (r"/{0}/access".format(rpsPrefix), RPSAccessHanler),  # POST
             (r"/{0}/getAccessNumber".format(rpsPrefix), RPSGetAccessNumberHandler),  # POST
             (r"/{0}/getQrUrl".format(rpsPrefix), RPSGetQrUrlHandler),  # POST
+            (r"/{0}/codeStatus".format(rpsPrefix), RPSCodeStatusHandler),  # POST
             (r"/{0}/clientSettings".format(rpsPrefix), ClientSettingsHandler),
             (r"/{0}/authenticate".format(rpsPrefix), RPSAuthenticateHandler),  # POST, for mobile login
             # Authentication