Implemented withdraw authorization function in Auth module:

* added operator overloading for ProvidedIdToken and IdToken types * Changed tokens_in_process from set of strings to set of ProvidedIdToken to be able to access the referenced connectors * Introduced processing_finished_cv in AuthHandler to be able to notify a withdraw request waiting thread that the processing of a token has finished * Implemented handle_withdraw_authorization function * Added test cases for new functionality Signed-off-by: Piet Gömpel <[email protected]> Signed-off-by: Maaike Zijderveld <[email protected]>
EVerest · Dec 19, 2024 · 1a9c491 · 1a9c491
1 parent d8db948
commit 1a9c491
Show file tree

Hide file tree

Showing 10 changed files with 530 additions and 75 deletions.
diff --git a/interfaces/auth.yaml b/interfaces/auth.yaml
@@ -19,6 +19,27 @@ cmds:
         description: The master pass group id
         type: string
         maxLength: 36
+  withdraw_authorization:
+    description: >-
+      Withdraw granted authorization.
+      If only the evse_id is given, the granted authorization for this EVSE will be withdrawn.
+      If only the id_token is given, the granted authorization for every EVSE where this id_token is placed will be
+        withdrawn
+      If both parameters are given, the granted authorization for the given EVSE will be withdrawn, if the placed
+        id_token matches the given id_token
+      If no parameter is given, all granted authorizations for all EVSEs will be removed
+    arguments:
+      request:
+        description: The request
+        type: object
+        $ref: /authorization#/WithdrawAuthorizationRequest
+    result:
+      description: >-
+        Accepted in case requested authorization was removed
+        AuthorizationNotFound in case no match for request was found
+        Rejected in case module could not process the request for other reasons
+      type: string
+      $ref: /authorization#/WithdrawAuthorizationResponse
 vars:
   token_validation_status:
     description: Emits all events related to current token validation

diff --git a/modules/Auth/Auth.cpp b/modules/Auth/Auth.cpp
@@ -19,10 +19,8 @@ void Auth::init() {
         this->info.id, (!this->r_kvs.empty() ? this->r_kvs.at(0).get() : nullptr));
 
     for (const auto& token_provider : this->r_token_provider) {
-        token_provider->subscribe_provided_token([this](ProvidedIdToken provided_token) {
-            std::thread t([this, provided_token]() { this->auth_handler->on_token(provided_token); });
-            t.detach();
-        });
+        token_provider->subscribe_provided_token(
+            [this](ProvidedIdToken provided_token) { this->auth_handler->on_token(provided_token); });
     }
 }
 
@@ -136,4 +134,8 @@ void Auth::set_master_pass_group_id(const std::string& master_pass_group_id) {
     this->auth_handler->set_master_pass_group_id(master_pass_group_id);
 }
 
+WithdrawAuthorizationResult Auth::handle_withdraw_authorization(const WithdrawAuthorizationRequest& request) {
+    return this->auth_handler->handle_withdraw_authorization(request);
+}
+
 } // namespace module
diff --git a/modules/Auth/Auth.hpp b/modules/Auth/Auth.hpp
@@ -83,6 +83,8 @@ class Auth : public Everest::ModuleBase {
      * @param master_pass_group_id master pass group id
      */
     void set_master_pass_group_id(const std::string& master_pass_group_id);
+
+    WithdrawAuthorizationResult handle_withdraw_authorization(const WithdrawAuthorizationRequest& request);
     // ev@1fce4c5e-0ab8-41bb-90f7-14277703d2ac:v1
 
 protected:

diff --git a/modules/Auth/include/AuthHandler.hpp b/modules/Auth/include/AuthHandler.hpp
@@ -24,6 +24,28 @@ using namespace types::evse_manager;
 using namespace types::authorization;
 using namespace types::reservation;
 
+namespace types {
+namespace authorization {
+
+inline bool operator==(const IdToken& lhs, const IdToken& rhs) {
+    return lhs.value == rhs.value and lhs.type == rhs.type;
+}
+
+inline bool operator==(const ProvidedIdToken& lhs, const ProvidedIdToken& rhs) {
+    return lhs.id_token == rhs.id_token;
+}
+
+inline bool operator<(const IdToken& lhs, const IdToken& rhs) {
+    return lhs.value < rhs.value;
+}
+
+inline bool operator<(const ProvidedIdToken& lhs, const ProvidedIdToken& rhs) {
+    return lhs.id_token < rhs.id_token;
+}
+
+} // namespace authorization
+} // namespace types
+
 namespace module {
 
 enum class TokenHandlingResult {
@@ -32,7 +54,8 @@ enum class TokenHandlingResult {
     REJECTED,
     USED_TO_STOP_TRANSACTION,
     TIMEOUT,
-    NO_CONNECTOR_AVAILABLE
+    NO_CONNECTOR_AVAILABLE,
+    WITHDRAWN
 };
 
 namespace conversions {
@@ -216,7 +239,20 @@ class AuthHandler {
     void register_publish_token_validation_status_callback(
         const std::function<void(const ProvidedIdToken&, TokenValidationStatus)>& callback);
 
+    WithdrawAuthorizationResult handle_withdraw_authorization(const WithdrawAuthorizationRequest& request);
+
 private:
+    enum class SelectEvseReturnStatus {
+        EvseSelected,
+        Interrupted,
+        TimeOut
+    };
+
+    struct SelectEvseResult {
+        std::optional<int> evse_id;
+        SelectEvseReturnStatus status;
+    };
+
     SelectionAlgorithm selection_algorithm;
     int connection_timeout;
     std::optional<std::string> master_pass_group_id;
@@ -227,9 +263,12 @@ class AuthHandler {
     std::map<int, std::unique_ptr<EVSEContext>> evses;
 
     std::list<int> plug_in_queue;
-    std::set<std::string> tokens_in_process;
+    std::set<ProvidedIdToken> tokens_in_process;
     std::condition_variable cv;
+    std::condition_variable processing_finished_cv;
     std::mutex event_mutex;
+    std::mutex withdraw_mutex;
+    std::unique_ptr<WithdrawAuthorizationRequest> withdraw_request;
 
     // callbacks
     std::function<void(const int evse_index, const ProvidedIdToken& provided_token,
@@ -248,7 +287,8 @@ class AuthHandler {
 
     std::vector<int> get_referenced_evses(const ProvidedIdToken& provided_token);
     int used_for_transaction(const std::vector<int>& evse_ids, const std::string& id_token);
-    bool is_token_already_in_process(const std::string& id_token, const std::vector<int>& referenced_evses);
+    bool is_token_already_in_process(const ProvidedIdToken& provided_id_token,
+                                     const std::vector<int>& referenced_evses);
     bool any_evse_available(const std::vector<int>& evse_ids);
     bool any_parent_id_present(const std::vector<int>& evse_ids);
     bool equals_master_pass_group_id(const std::optional<types::authorization::IdToken> parent_id_token);
@@ -260,9 +300,11 @@ class AuthHandler {
      * occurs that can be used to determine an evse.
      *
      * @param selected_evses
-     * @return int
+     * @param id_token          The id token of the request.
+     * @return The status and optional evse id if an evse was selected.
      */
-    int select_evse(const std::vector<int>& selected_evses);
+    SelectEvseResult select_evse(const std::vector<int>& selected_evses, const IdToken& id_token);
+    bool is_authorization_withdrawn(const std::vector<int>& selected_evses, const IdToken& id_token);
 
     int get_latest_plugin(const std::vector<int>& evse_ids);
     void notify_evse(int evse_id, const ProvidedIdToken& provided_token, const ValidationResult& validation_result);