Implement qr mobile flow
Created /codeStatus endpoint as expected by mobile apps to report their
status to the server
Change /accessnumber to /access and implement the new flow of reporting
statuses to the MPin-pad
diff --git a/servers/rps/mobile_flow.py b/servers/rps/mobile_flow.py
index 638b115..27db65e 100644
--- a/servers/rps/mobile_flow.py
+++ b/servers/rps/mobile_flow.py
@@ -52,3 +52,55 @@
}
return params
+
+ def update_app_status(self, data):
+ mobile_status = data.get('status')
+ params = {
+ 'Status': 'OK'
+ }
+
+ # Keyfind
+ keyAuth = self.storage.find(stage="auth", wid=data.get('wid'))
+ if not keyAuth:
+ return params
+
+ userId = data.get('userId')
+
+ keyAuth.update(mobile_status=mobile_status, userId=userId)
+
+ if mobile_status == "wid":
+ params = {
+ 'PrerollId': "", # We don't use it at the moment
+ 'AppName': options.serviceName,
+ 'AppLogoUrl': options.serviceIconUrl,
+ }
+
+ return params
+
+ def get_app_status(self, webOTT):
+ params = {
+ 'status': "new",
+ 'statusCode': 0,
+ 'userId': "",
+ 'redirectURL': "",
+ 'authOTT': ""
+ }
+
+ I = self.storage.find(stage="auth", webOTT=webOTT)
+ if not I:
+ log.debug("Cannot find webOTT: {0}".format(webOTT))
+ params['status'] = 'expired'
+ return params
+
+ if I.mobile_status:
+ params['status'] = I.mobile_status
+
+ if I.mobile_status == 'user' and I.userId:
+ params['userId'] = I.userId
+
+ authOTT = I.authOTT
+ if authOTT and (str(I.status) == "200"):
+ params['status'] = 'authenticate'
+ params['authOTT'] = authOTT
+
+ return params
diff --git a/servers/rps/rps.py b/servers/rps/rps.py
index 12986dd..81aace9 100755
--- a/servers/rps/rps.py
+++ b/servers/rps/rps.py
@@ -1,4 +1,4 @@
-#!/usr/bin/env python
+#!/usr/bin/en python
#
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
@@ -317,11 +317,12 @@
}
if not options.requestOTP:
- params["accessNumberURL"] = "{0}/accessnumber".format(baseURL)
+ params["accessNumberURL"] = "{0}/access".format(baseURL)
params["getAccessNumberURL"] = "{0}/getAccessNumber".format(baseURL)
if options.mobileUseNative:
params["getQrUrl"] = "{0}/getQrUrl".format(baseURL)
+ params["codeStatusURL"] = "{0}/codeStatus".format(baseURL)
self.write(params)
self.finish()
@@ -722,7 +723,7 @@
self.finish()
-class RPSAccessNumberHandler(BaseHandler):
+class RPSAccessHanler(BaseHandler):
@tornado.web.asynchronous
@tornado.gen.engine
def post(self):
@@ -736,25 +737,10 @@
self.finish()
return
- I = self.storage.find(stage="auth", webOTT=webOTT)
- if not I:
- log.debug("Cannot find webOTT: {0}".format(webOTT))
+ params = MobileFlow(self.application, self.storage).get_app_status(webOTT)
- self.set_status(404)
- self.finish()
- return
-
- authOTT = I.authOTT
- if authOTT and (str(I.status) == "200"):
- self.write({"authOTT": authOTT})
- self.finish()
- else:
- if not authOTT:
- log.debug("authOTT not set for webOTT: {0}".format(webOTT))
- else:
- log.debug("Auth status for webOTT: {0}: {1}".format(webOTT, I.status))
- self.set_status(401)
- self.finish()
+ self.write(params)
+ self.finish()
class RPSAuthenticateHandler(BaseHandler):
@@ -1528,6 +1514,34 @@
self.write(json.dumps(options.mobileConfig))
+class RPSCodeStatusHandler(BaseHandler):
+ @tornado.web.asynchronous
+ @tornado.gen.engine
+ def post(self):
+ try:
+ data = json.loads(self.request.body)
+ data['status']
+ except ValueError:
+ log.error("Cannot decode body as JSON.")
+ log.debug(self.request.body)
+ self.set_status(400, reason="BAD REQUEST. INVALID JSON")
+ self.finish()
+ return
+ except KeyError:
+ log.error("Invalid JSON data structure")
+ log.debug(data)
+ self.set_status(400, reason="BAD REQUEST. INVALID DATA")
+ self.finish()
+ return
+
+ mobileFlow = MobileFlow(self.application, self.storage)
+ params = mobileFlow.update_app_status(data)
+
+ self.set_status(200, 'OK')
+ self.write(params)
+ self.finish()
+
+
# MAIN
class Application(tornado.web.Application):
def __init__(self):
@@ -1538,9 +1552,10 @@
(r"/{0}/signature/([0-9A-Fa-f]+)".format(rpsPrefix), RPSSignatureHandler), # GET
(r"/{0}/timePermit/([0-9A-Fa-f]+)".format(rpsPrefix), RPSTimePermitHandler), # GET
(r"/{0}/setupDone/([0-9A-Fa-f]+)".format(rpsPrefix), RPSSetupDoneHandler), # POST
- (r"/{0}/accessnumber".format(rpsPrefix), RPSAccessNumberHandler), # POST
+ (r"/{0}/access".format(rpsPrefix), RPSAccessHanler), # POST
(r"/{0}/getAccessNumber".format(rpsPrefix), RPSGetAccessNumberHandler), # POST
(r"/{0}/getQrUrl".format(rpsPrefix), RPSGetQrUrlHandler), # POST
+ (r"/{0}/codeStatus".format(rpsPrefix), RPSCodeStatusHandler), # POST
(r"/{0}/clientSettings".format(rpsPrefix), ClientSettingsHandler),
(r"/{0}/authenticate".format(rpsPrefix), RPSAuthenticateHandler), # POST, for mobile login
# Authentication