- POST /management/auditors/$AUDITOR_PUB/disable#
This request will be used to disable the use of the given auditor. We use POST instead of DELETE because the exchange will retain state about the auditor (specifically the end date) to prevent replay attacks abusing the AuditorSetupMessage. Also, DELETE would not support a body, which is needed to provide the signature authorizing the operation.
Request:
The request must be a AuditorTeardownMessage.
Response
- 204 No content:
The auditor has successfully disabled the auditor. The body is empty.
- 403 Forbidden:
The signature is invalid. Returned with an error code of
TALER_EC_EXCHANGE_MANAGEMENT_AUDITOR_DEL_SIGNATURE_INVALID,- 404 Not found:
The auditor is unknown to the exchange. Returned with an error code of
TALER_EC_EXCHANGE_MANAGEMENT_AUDITOR_NOT_FOUND.- 409 Conflict:
The exchange has a more recent request related to this auditor key (replay detected). Returned with an error code of
TALER_EC_EXCHANGE_MANAGEMENT_AUDITOR_MORE_RECENT_PRESENT.- 413 Request entity too large:
The uploaded body is to long, it exceeds the size limit. Returned with an error code of
TALER_EC_GENERIC_UPLOAD_EXCEEDS_LIMIT.- 500 Internal Server Error:
The server experienced an internal error. This response comes with a standard ErrorDetail response. Possible error codes include
TALER_EC_GENERIC_DB_FETCH_FAILEDorTALER_EC_GENERIC_DB_STORE_FAILED.
Details:
interface AuditorTeardownMessage { // Signature by the exchange master key over a // TALER_MasterDelAuditorPS. // Must have purpose TALER_SIGNATURE_MASTER_AUDITOR_DEL. master_sig: EddsaSignature; // When does the auditor become inactive? // Should be the time when the signature was created, // using the (monotonic!) local time of the system // with the offline master public key. Note that // even if the time is in the future, the auditor will // become inactive immediately! Used ONLY to detect replay attacks. validity_end: Timestamp; }
