diff options
author | Christian Grothoff <christian@grothoff.org> | 2022-08-11 23:35:33 +0200 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2022-08-11 23:35:33 +0200 |
commit | 1009084e94b8e8cf19e3b5568c3cccaba2bd2209 (patch) | |
tree | a346997dedd05f685ba7addc59e288dfa550ad0e /src/include | |
parent | b061ea85c84facfc78c34edface367c5f040bc9c (diff) | |
download | exchange-1009084e94b8e8cf19e3b5568c3cccaba2bd2209.tar.xz |
major rework of the KYC logic, making it more configurable, not complete, but tests pass again
Diffstat (limited to 'src/include')
-rw-r--r-- | src/include/taler_exchange_service.h | 28 | ||||
-rw-r--r-- | src/include/taler_exchangedb_plugin.h | 81 | ||||
-rw-r--r-- | src/include/taler_kyclogic_lib.h | 28 | ||||
-rw-r--r-- | src/include/taler_kyclogic_plugin.h | 2 | ||||
-rw-r--r-- | src/include/taler_testing_lib.h | 19 | ||||
-rw-r--r-- | src/include/taler_util.h | 13 |
6 files changed, 135 insertions, 36 deletions
diff --git a/src/include/taler_exchange_service.h b/src/include/taler_exchange_service.h index e14f01ca2..f4b67be9d 100644 --- a/src/include/taler_exchange_service.h +++ b/src/include/taler_exchange_service.h @@ -304,10 +304,16 @@ struct TALER_EXCHANGE_Keys struct GNUNET_TIME_Relative reserve_closing_delay; /** - * Maximum amount a wallet is allowed to hold from - * this exchange before it must undergo a KYC check. + * Array of amounts a wallet is allowed to hold from + * this exchange before it must undergo further KYC checks. */ - struct TALER_Amount wallet_balance_limit_without_kyc; + struct TALER_Amount *wallet_balance_limit_without_kyc; + + /** + * Length of the @e wallet_balance_limit_without_kyc + * array. + */ + unsigned int wblwk_length; /** * Timestamp indicating the /keys generation. @@ -3422,7 +3428,7 @@ typedef void * of a merchant. * * @param eh exchange handle to use - * @param payment_target number identifying the target + * @param legitimization_uuid number identifying the legitimization process * @param h_payto hash of the payto:// URI at @a payment_target * @param timeout how long to wait for a positive KYC status * @param cb function to call with the result @@ -3431,7 +3437,7 @@ typedef void */ struct TALER_EXCHANGE_KycCheckHandle * TALER_EXCHANGE_kyc_check (struct TALER_EXCHANGE_Handle *eh, - uint64_t payment_target, + uint64_t legitimization_uuid, const struct TALER_PaytoHashP *h_payto, struct GNUNET_TIME_Relative timeout, TALER_EXCHANGE_KycStatusCallback cb, @@ -3500,8 +3506,10 @@ struct TALER_EXCHANGE_KycProofHandle; * * @param eh exchange handle to use * @param h_payto hash of payto URI identifying the target account - * @param code OAuth 2.0 code argument - * @param state OAuth 2.0 state argument + * @param logic name of the KYC logic to run + * @param args additional args to pass, can be NULL + * or a string to append to the URL. Must + * then begin with '/' or '?'. * @param cb function to call with the result * @param cb_cls closure for @a cb * @return NULL on error @@ -3509,8 +3517,8 @@ struct TALER_EXCHANGE_KycProofHandle; struct TALER_EXCHANGE_KycProofHandle * TALER_EXCHANGE_kyc_proof (struct TALER_EXCHANGE_Handle *eh, const struct TALER_PaytoHashP *h_payto, - const char *code, - const char *state, + const char *logic, + const char *args, TALER_EXCHANGE_KycProofCallback cb, void *cb_cls); @@ -3573,6 +3581,7 @@ typedef void * * @param eh exchange handle to use * @param reserve_priv wallet private key to check + * @param balance balance (or balance threshold) crossed by the wallet * @param cb function to call with the result * @param cb_cls closure for @a cb * @return NULL on error @@ -3580,6 +3589,7 @@ typedef void struct TALER_EXCHANGE_KycWalletHandle * TALER_EXCHANGE_kyc_wallet (struct TALER_EXCHANGE_Handle *eh, const struct TALER_ReservePrivateKeyP *reserve_priv, + const struct TALER_Amount *balance, TALER_EXCHANGE_KycWalletCallback cb, void *cb_cls); diff --git a/src/include/taler_exchangedb_plugin.h b/src/include/taler_exchangedb_plugin.h index 42b8a7427..6967e7377 100644 --- a/src/include/taler_exchangedb_plugin.h +++ b/src/include/taler_exchangedb_plugin.h @@ -2327,11 +2327,13 @@ struct TALER_EXCHANGEDB_KycStatus * Number that identifies the KYC target the operation * was about. */ + // FIXME: rename to 'legitimization_uuid' uint64_t payment_target_uuid; /** * What kind of KYC operation is this? */ + // FIXME: kill! enum TALER_EXCHANGEDB_KycType type; /** @@ -2583,6 +2585,26 @@ typedef enum GNUNET_GenericReturnValue /** + * Function called on transient aggregations matching + * a particular hash of a payto URI. + * + * @param cls + * @param payto_uri corresponding payto URI + * @param wtid wire transfer identifier of transient aggregation + * @param merchant_pub public key of the merchant + * @param total amount aggregated so far + * @return true to continue iterating + */ +typedef bool +(*TALER_EXCHANGEDB_TransientAggregationCallback)( + void *cls, + const char *payto_uri, + const struct TALER_WireTransferIdentifierRawP *wtid, + const struct TALER_MerchantPublicKeyP *merchant_pub, + const struct TALER_Amount *total); + + +/** * Callback with data about a prepared wire transfer. * * @param cls closure @@ -3098,6 +3120,21 @@ struct TALER_EXCHANGEDB_Plugin /** + * Get the origin of funds of a reserve. + * + * @param cls the `struct PostgresClosure` with the plugin-specific state + * @param reserve_pub public key of the reserve + * @param[out] h_payto set to hash of the wire source payto://-URI + * @return transaction status + */ + enum GNUNET_DB_QueryStatus + (*reserves_get_origin)( + void *cls, + const struct TALER_ReservePublicKeyP *reserve_pub, + struct TALER_PaytoHashP *h_payto); + + + /** * Set the KYC status to "OK" for a bank account. * * @param cls the @e cls of this struct with the plugin-specific state @@ -3112,6 +3149,20 @@ struct TALER_EXCHANGEDB_Plugin /** + * Extract next KYC alert. Deletes the alert. + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param trigger_type which type of alert to drain + * @param[out] h_payto set to hash of payto-URI where KYC status changed + * @return transaction status + */ + enum GNUNET_DB_QueryStatus + (*drain_kyc_alert)(void *cls, + uint32_t trigger_type, + struct TALER_PaytoHashP *h_payto); + + + /** * Get the @a kyc status and @a h_payto by UUID. * * @param cls the @e cls of this struct with the plugin-specific state @@ -3207,7 +3258,6 @@ struct TALER_EXCHANGEDB_Plugin * @param[out] found set to true if the reserve was found * @param[out] balance_ok set to true if the balance was sufficient * @param[out] nonce_ok set to false if the nonce was reused - * @param[out] kyc set to the KYC status of the reserve * @param[out] ruuid set to the reserve's UUID (reserves table row) * @return query execution status */ @@ -3220,7 +3270,6 @@ struct TALER_EXCHANGEDB_Plugin bool *found, bool *balance_ok, bool *nonce_ok, - struct TALER_EXCHANGEDB_KycStatus *kyc_ok, uint64_t *ruuid); @@ -3235,7 +3284,6 @@ struct TALER_EXCHANGEDB_Plugin * @param amount total amount to withdraw * @param[out] found set to true if the reserve was found * @param[out] balance_ok set to true if the balance was sufficient - * @param[out] kyc set to the KYC status of the reserve * @param[out] ruuid set to the reserve's UUID (reserves table row) * @return query execution status */ @@ -3247,7 +3295,6 @@ struct TALER_EXCHANGEDB_Plugin const struct TALER_Amount *amount, bool *found, bool *balance_ok, - struct TALER_EXCHANGEDB_KycStatus *kyc_ok, uint64_t *ruuid); @@ -3692,8 +3739,6 @@ struct TALER_EXCHANGEDB_Plugin * @param cls the @e cls of this struct with the plugin-specific state * @param start_shard_row minimum shard row to select * @param end_shard_row maximum shard row to select (inclusive) - * @param kyc_off true if we should not check the KYC status because - * this exchange does not need/support KYC checks. * @param[out] merchant_pub set to the public key of a merchant with a ready deposit * @param[out] payto_uri set to the account of the merchant, to be freed by caller * @return transaction status code @@ -3702,7 +3747,6 @@ struct TALER_EXCHANGEDB_Plugin (*get_ready_deposit)(void *cls, uint64_t start_shard_row, uint64_t end_shard_row, - bool kyc_off, struct TALER_MerchantPublicKeyP *merchant_pub, char **payto_uri); @@ -3740,6 +3784,7 @@ struct TALER_EXCHANGEDB_Plugin * @param cls the @e cls of this struct with the plugin-specific state * @param h_payto destination of the wire transfer * @param exchange_account_section exchange account to use + * @param merchant_pub public key of the merchant * @param wtid the raw wire transfer identifier to be used * @param total amount to be wired in the future * @return transaction status @@ -3749,15 +3794,17 @@ struct TALER_EXCHANGEDB_Plugin void *cls, const struct TALER_PaytoHashP *h_payto, const char *exchange_account_section, + const struct TALER_MerchantPublicKeyP *merchant_pub, const struct TALER_WireTransferIdentifierRawP *wtid, const struct TALER_Amount *total); /** - * Find existing entry in the transient aggregation table. + * Select existing entry in the transient aggregation table. * * @param cls the @e cls of this struct with the plugin-specific state * @param h_payto destination of the wire transfer + * @param merchant_pub public key of the merchant * @param exchange_account_section exchange account to use * @param[out] wtid set to the raw wire transfer identifier to be used * @param[out] total existing amount to be wired in the future @@ -3767,12 +3814,30 @@ struct TALER_EXCHANGEDB_Plugin (*select_aggregation_transient)( void *cls, const struct TALER_PaytoHashP *h_payto, + const struct TALER_MerchantPublicKeyP *merchant_pub, const char *exchange_account_section, struct TALER_WireTransferIdentifierRawP *wtid, struct TALER_Amount *total); /** + * Find existing entry in the transient aggregation table. + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param h_payto destination of the wire transfer + * @param cb function to call on each matching entry + * @param cb_cls closure for @a cb + * @return transaction status + */ + enum GNUNET_DB_QueryStatus + (*find_aggregation_transient)( + void *cls, + const struct TALER_PaytoHashP *h_payto, + TALER_EXCHANGEDB_TransientAggregationCallback cb, + void *cb_cls); + + + /** * Update existing entry in the transient aggregation table. * @a h_payto is only needed for query performance. * diff --git a/src/include/taler_kyclogic_lib.h b/src/include/taler_kyclogic_lib.h index 6b54276f6..fedb26a99 100644 --- a/src/include/taler_kyclogic_lib.h +++ b/src/include/taler_kyclogic_lib.h @@ -163,6 +163,19 @@ typedef void /** + * Function called to iterate over KYC-relevant + * transaction thresholds amounts. + * + * @param cls closure, identifies the event type and + * account to iterate over events for + * @param threshold a relevant threshold amount + */ +typedef void +(*TALER_KYCLOGIC_KycThresholdIterator)(void *cls, + const struct TALER_Amount *threshold); + + +/** * Call us on KYC processes satisfied for the given * account. Must match the ``select_satisfied_kyc_processes`` of the exchange database plugin. * @@ -210,6 +223,21 @@ TALER_KYCLOGIC_kyc_test_required (enum TALER_KYCLOGIC_KycTriggerEvent event, /** + * Iterate over all thresholds that are applicable + * to a particular type of @a event + * + * @param event tresholds to look up + * @param it function to call on each + * @param it_cls closure for @a it + */ +void +TALER_KYCLOGIC_kyc_iterate_thresholds ( + enum TALER_KYCLOGIC_KycTriggerEvent event, + TALER_KYCLOGIC_KycThresholdIterator it, + void *it_cls); + + +/** * Obtain the provider logic for a given @a provider_section_name. * * @param provider_section_name identifies a KYC provider process diff --git a/src/include/taler_kyclogic_plugin.h b/src/include/taler_kyclogic_plugin.h index a4bddde61..f41944715 100644 --- a/src/include/taler_kyclogic_plugin.h +++ b/src/include/taler_kyclogic_plugin.h @@ -295,6 +295,7 @@ struct TALER_KYCLOGIC_Plugin * @param url_path rest of the URL after `/kyc-webhook/$H_PAYTO/$LOGIC` * @param connection MHD connection object (for HTTP headers) * @param account_id which account to trigger process for + * @param legi_row row in the table the legitimization is for * @param provider_user_id user ID (or NULL) the proof is for * @param provider_legitimization_id legitimization ID the proof is for * @param cb function to call with the result @@ -307,6 +308,7 @@ struct TALER_KYCLOGIC_Plugin const char *const url_path[], struct MHD_Connection *connection, const struct TALER_PaytoHashP *account_id, + uint64_t legi_row, const char *provider_user_id, const char *provider_legitimization_id, TALER_KYCLOGIC_ProofCallback cb, diff --git a/src/include/taler_testing_lib.h b/src/include/taler_testing_lib.h index 549539a3b..a99defbbc 100644 --- a/src/include/taler_testing_lib.h +++ b/src/include/taler_testing_lib.h @@ -2421,12 +2421,14 @@ TALER_TESTING_cmd_revoke_sign_key ( * * @param label command label. * @param reserve_reference command with reserve private key to use (or NULL to create a fresh reserve key). + * @param threshold_balance balance amount to pass to the exchange * @param expected_response_code expected HTTP status * @return the command */ struct TALER_TESTING_Command TALER_TESTING_cmd_wallet_kyc_get (const char *label, const char *reserve_reference, + const char *threshold_balance, unsigned int expected_response_code); @@ -2445,21 +2447,26 @@ TALER_TESTING_cmd_check_kyc_get (const char *label, /** - * Create a KYC proof request. + * Create a KYC proof request. Only useful in conjunction with the OAuth2.0 + * logic, as it generates an OAuth2.0-specific request. * * @param label command label. * @param payment_target_reference command with a payment target to query + * @param logic_section name of the KYC provider section + * in the exchange configuration for this proof * @param code OAuth 2.0 code to use * @param state OAuth 2.0 state to use * @param expected_response_code expected HTTP status * @return the command */ struct TALER_TESTING_Command -TALER_TESTING_cmd_proof_kyc (const char *label, - const char *payment_target_reference, - const char *code, - const char *state, - unsigned int expected_response_code); +TALER_TESTING_cmd_proof_kyc_oauth2 ( + const char *label, + const char *payment_target_reference, + const char *logic_section, + const char *code, + const char *state, + unsigned int expected_response_code); /** diff --git a/src/include/taler_util.h b/src/include/taler_util.h index afc8ebada..079f72ed6 100644 --- a/src/include/taler_util.h +++ b/src/include/taler_util.h @@ -362,19 +362,6 @@ TALER_payto_get_method (const char *payto_uri); /** - * Construct a payto://-URI from a Taler @a reserve_pub at - * @a exchange_base_url - * - * @param exchange_base_url the URL of the exchange - * @param reserve_pub public key of the reserve - * @return payto:// URI encoding the reserve's address - */ -char * -TALER_payto_from_reserve (const char *exchange_base_url, - const struct TALER_ReservePublicKeyP *reserve_pub); - - -/** * Obtain the account name from a payto URL. * * @param payto an x-taler-bank payto URL |