aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Grothoff <grothoff@gnunet.org>2022-04-16 17:51:27 +0200
committerChristian Grothoff <grothoff@gnunet.org>2022-04-16 17:51:27 +0200
commitb496b8fed5bcef74e79bad7351cab98aae6a7dd7 (patch)
treef2e3139723a02a8f26b1d301dae326f75f36b764
parentfc1383ebd1cf2c57069422dc8a26d09f48869e10 (diff)
add more flexibility to endpoint naming for KYC
-rw-r--r--src/exchange/taler-exchange-httpd.c36
-rw-r--r--src/exchange/taler-exchange-httpd.h8
-rw-r--r--src/exchange/taler-exchange-httpd_kyc-check.c4
-rw-r--r--src/exchange/taler-exchange-httpd_kyc-proof.c8
-rw-r--r--src/testing/test_exchange_api.c4
-rw-r--r--src/testing/test_kyc_api.conf3
6 files changed, 49 insertions, 14 deletions
diff --git a/src/exchange/taler-exchange-httpd.c b/src/exchange/taler-exchange-httpd.c
index aa3a7c412..fb3129591 100644
--- a/src/exchange/taler-exchange-httpd.c
+++ b/src/exchange/taler-exchange-httpd.c
@@ -1413,12 +1413,12 @@ parse_kyc_oauth_cfg (void)
if (GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_string (TEH_cfg,
"exchange-kyc-oauth2",
- "KYC_OAUTH2_URL",
+ "KYC_OAUTH2_AUTH_URL",
&s))
{
GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
"exchange-kyc-oauth2",
- "KYC_OAUTH2_URL");
+ "KYC_OAUTH2_AUTH_URL");
return GNUNET_SYSERR;
}
if ( (! TALER_url_valid_charset (s)) ||
@@ -1431,12 +1431,40 @@ parse_kyc_oauth_cfg (void)
{
GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
"exchange-kyc-oauth2",
- "KYC_OAUTH2_URL",
+ "KYC_OAUTH2_AUTH_URL",
"not a valid URL");
GNUNET_free (s);
return GNUNET_SYSERR;
}
- TEH_kyc_config.details.oauth2.url = s;
+ TEH_kyc_config.details.oauth2.auth_url = s;
+
+ if (GNUNET_OK !=
+ GNUNET_CONFIGURATION_get_value_string (TEH_cfg,
+ "exchange-kyc-oauth2",
+ "KYC_OAUTH2_LOGIN_URL",
+ &s))
+ {
+ GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
+ "exchange-kyc-oauth2",
+ "KYC_OAUTH2_LOGIN_URL");
+ return GNUNET_SYSERR;
+ }
+ if ( (! TALER_url_valid_charset (s)) ||
+ ( (0 != strncasecmp (s,
+ "http://",
+ strlen ("http://"))) &&
+ (0 != strncasecmp (s,
+ "https://",
+ strlen ("https://"))) ) )
+ {
+ GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
+ "exchange-kyc-oauth2",
+ "KYC_OAUTH2_LOGIN_URL",
+ "not a valid URL");
+ GNUNET_free (s);
+ return GNUNET_SYSERR;
+ }
+ TEH_kyc_config.details.oauth2.login_url = s;
if (GNUNET_OK !=
GNUNET_CONFIGURATION_get_value_string (TEH_cfg,
diff --git a/src/exchange/taler-exchange-httpd.h b/src/exchange/taler-exchange-httpd.h
index ffbce0e9b..deb5b3e02 100644
--- a/src/exchange/taler-exchange-httpd.h
+++ b/src/exchange/taler-exchange-httpd.h
@@ -93,8 +93,14 @@ struct TEH_KycOptions
/**
* URL of the OAuth2.0 endpoint for KYC checks.
+ * (token/auth)
*/
- char *url;
+ char *auth_url;
+
+ /**
+ * URL of the OAuth2.0 endpoint for KYC checks.
+ */
+ char *login_url;
/**
* URL of the user info access endpoint.
diff --git a/src/exchange/taler-exchange-httpd_kyc-check.c b/src/exchange/taler-exchange-httpd_kyc-check.c
index 62ecbaab9..8bc2ac196 100644
--- a/src/exchange/taler-exchange-httpd_kyc-check.c
+++ b/src/exchange/taler-exchange-httpd_kyc-check.c
@@ -395,8 +395,8 @@ TEH_handler_kyc_check (
redirect_uri_encoded = TALER_urlencode (redirect_uri);
GNUNET_free (redirect_uri);
GNUNET_asprintf (&url,
- "%s/login?client_id=%s&redirect_uri=%s",
- TEH_kyc_config.details.oauth2.url,
+ "%s?client_id=%s&redirect_uri=%s",
+ TEH_kyc_config.details.oauth2.login_url,
TEH_kyc_config.details.oauth2.client_id,
redirect_uri_encoded);
GNUNET_free (redirect_uri_encoded);
diff --git a/src/exchange/taler-exchange-httpd_kyc-proof.c b/src/exchange/taler-exchange-httpd_kyc-proof.c
index f561a95a8..75ff81e96 100644
--- a/src/exchange/taler-exchange-httpd_kyc-proof.c
+++ b/src/exchange/taler-exchange-httpd_kyc-proof.c
@@ -579,8 +579,8 @@ TEH_handler_kyc_proof (
"curl_easy_init");
}
GNUNET_asprintf (&kpc->token_url,
- "%stoken",
- TEH_kyc_config.details.oauth2.url);
+ "%s",
+ TEH_kyc_config.details.oauth2.auth_url);
GNUNET_assert (CURLE_OK ==
curl_easy_setopt (eh,
CURLOPT_URL,
@@ -603,8 +603,8 @@ TEH_handler_kyc_proof (
char *request_uri;
GNUNET_asprintf (&request_uri,
- "%slogin?client_id=%s",
- TEH_kyc_config.details.oauth2.url,
+ "%s?client_id=%s",
+ TEH_kyc_config.details.oauth2.login_url,
TEH_kyc_config.details.oauth2.client_id);
redirect_uri = curl_easy_escape (eh,
request_uri,
diff --git a/src/testing/test_exchange_api.c b/src/testing/test_exchange_api.c
index 4f1e2a611..da4974f28 100644
--- a/src/testing/test_exchange_api.c
+++ b/src/testing/test_exchange_api.c
@@ -432,7 +432,7 @@ run (void *cls,
/* Try resolving a deposit's WTID, as we never triggered
* execution of transactions, the answer should be that
* the exchange knows about the deposit, but has no WTID yet.
- *///
+ */
TALER_TESTING_cmd_track_transaction ("deposit-wtid-found",
"deposit-simple",
0,
@@ -458,7 +458,7 @@ run (void *cls,
* happen here, as each deposit operation is run with a
* fresh merchant public key, so the aggregator will treat
* them as "different" merchants and do the wire transfers
- * individually. *///
+ * individually. */
CMD_EXEC_AGGREGATOR ("run-aggregator"),
/**
* Check all the transfers took place.
diff --git a/src/testing/test_kyc_api.conf b/src/testing/test_kyc_api.conf
index 2dce408b4..539c59ec1 100644
--- a/src/testing/test_kyc_api.conf
+++ b/src/testing/test_kyc_api.conf
@@ -56,7 +56,8 @@ KYC_WITHDRAW_LIMIT = EUR:8
[exchange-kyc-oauth2]
-KYC_OAUTH2_URL = http://localhost:6666/oauth/v2/login
+KYC_OAUTH2_AUTH_URL = http://localhost:6666/oauth/v2/token
+KYC_OAUTH2_LOGIN_URL = http://localhost:6666/oauth/v2/login
KYC_INFO_URL = http://localhost:6666/api/user/me
KYC_OAUTH2_CLIENT_ID = taler-exchange
KYC_OAUTH2_CLIENT_SECRET = exchange-secret