aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/exchange/Makefile.am2
-rw-r--r--src/exchange/taler-exchange-httpd.c2
-rw-r--r--src/exchange/taler-exchange-httpd_kyc-check.c168
-rw-r--r--src/exchange/taler-exchange-httpd_kyc-check.h42
-rw-r--r--src/exchange/taler-exchange-httpd_kyc-proof.c99
-rw-r--r--src/exchange/taler-exchange-httpd_kyc-proof.h40
-rw-r--r--src/exchangedb/plugin_exchangedb_postgres.c60
-rw-r--r--src/include/taler_exchangedb_plugin.h23
8 files changed, 436 insertions, 0 deletions
diff --git a/src/exchange/Makefile.am b/src/exchange/Makefile.am
index a0fe1c201..d199e4bc2 100644
--- a/src/exchange/Makefile.am
+++ b/src/exchange/Makefile.am
@@ -83,6 +83,8 @@ taler_exchange_httpd_SOURCES = \
taler-exchange-httpd_deposit.c taler-exchange-httpd_deposit.h \
taler-exchange-httpd_deposits_get.c taler-exchange-httpd_deposits_get.h \
taler-exchange-httpd_keys.c taler-exchange-httpd_keys.h \
+ taler-exchange-httpd_kyc-check.c taler-exchange-httpd_kyc-check.h \
+ taler-exchange-httpd_kyc-proof.c taler-exchange-httpd_kyc-proof.h \
taler-exchange-httpd_kyc-wallet.c taler-exchange-httpd_kyc-wallet.h \
taler-exchange-httpd_link.c taler-exchange-httpd_link.h \
taler-exchange-httpd_management.h \
diff --git a/src/exchange/taler-exchange-httpd.c b/src/exchange/taler-exchange-httpd.c
index 7386a8a45..194a2378a 100644
--- a/src/exchange/taler-exchange-httpd.c
+++ b/src/exchange/taler-exchange-httpd.c
@@ -33,6 +33,8 @@
#include "taler-exchange-httpd_deposit.h"
#include "taler-exchange-httpd_deposits_get.h"
#include "taler-exchange-httpd_keys.h"
+#include "taler-exchange-httpd_kyc-check.h"
+#include "taler-exchange-httpd_kyc-proof.h"
#include "taler-exchange-httpd_kyc-wallet.h"
#include "taler-exchange-httpd_link.h"
#include "taler-exchange-httpd_management.h"
diff --git a/src/exchange/taler-exchange-httpd_kyc-check.c b/src/exchange/taler-exchange-httpd_kyc-check.c
new file mode 100644
index 000000000..1e29ba2c9
--- /dev/null
+++ b/src/exchange/taler-exchange-httpd_kyc-check.c
@@ -0,0 +1,168 @@
+/*
+ This file is part of TALER
+ Copyright (C) 2021 Taler Systems SA
+
+ TALER is free software; you can redistribute it and/or modify it under the
+ terms of the GNU Affero General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
+
+ You should have received a copy of the GNU Affero General Public License along with
+ TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+*/
+/**
+ * @file taler-exchange-httpd_kyc-check.c
+ * @brief Handle request for generic KYC check.
+ * @author Christian Grothoff
+ */
+#include "platform.h"
+#include <gnunet/gnunet_util_lib.h>
+#include <gnunet/gnunet_json_lib.h>
+#include <jansson.h>
+#include <microhttpd.h>
+#include <pthread.h>
+#include "taler_json_lib.h"
+#include "taler_mhd_lib.h"
+#include "taler_signatures.h"
+#include "taler-exchange-httpd_keys.h"
+#include "taler-exchange-httpd_kyc-wallet.h"
+#include "taler-exchange-httpd_responses.h"
+
+
+/**
+ * Context for the request.
+ */
+struct KycCheckContext
+{
+ /**
+ * UUID being checked.
+ */
+ uint64_t payment_target_uuid;
+
+ /**
+ * Current KYC status.
+ */
+ struct TALER_EXCHANGEDB_KycStatus kyc;
+
+ /**
+ * Hash of the payto:// URI we are confirming to
+ * have finished the KYC for.
+ */
+ struct GNUNET_HashCode h_payto;
+};
+
+
+/**
+ * Function implementing database transaction to check wallet's KYC status.
+ * Runs the transaction logic; IF it returns a non-error code, the transaction
+ * logic MUST NOT queue a MHD response. IF it returns an hard error, the
+ * transaction logic MUST queue a MHD response and set @a mhd_ret. IF it
+ * returns the soft error code, the function MAY be called again to retry and
+ * MUST not queue a MHD response.
+ *
+ * @param cls closure with a `struct KycCheckContext *`
+ * @param connection MHD request which triggered the transaction
+ * @param[out] mhd_ret set to MHD response status for @a connection,
+ * if transaction failed (!)
+ * @return transaction status
+ */
+static enum GNUNET_DB_QueryStatus
+kyc_check (void *cls,
+ struct MHD_Connection *connection,
+ MHD_RESULT *mhd_ret)
+{
+ struct KycCheckContext *kcc = cls;
+ enum GNUNET_DB_QueryStatus qs;
+
+ qs = TEH_plugin->select_kyc_status (TEH_plugin->cls,
+ kcc->payment_target_uuid,
+ &kcc->h_payto,
+ &kcc->kyc);
+ if (qs < 0)
+ {
+ if (GNUNET_DB_STATUS_SOFT_ERROR == qs)
+ return qs;
+ GNUNET_break (0);
+ *mhd_ret = TALER_MHD_reply_with_error (connection,
+ MHD_HTTP_INTERNAL_SERVER_ERROR,
+ TALER_EC_GENERIC_DB_FETCH_FAILED,
+ "inselect_wallet_status");
+ return qs;
+ }
+ return qs;
+}
+
+
+MHD_RESULT
+TEH_handler_kyc_check (
+ struct MHD_Connection *connection,
+ uint64_t payment_target_uuid)
+{
+ struct KycCheckContext kcc = {
+ .payment_target_uuid = payment_target_uuid
+ };
+ MHD_RESULT res;
+ enum GNUNET_GenericReturnValue ret;
+ struct GNUNET_TIME_Absolute now = GNUNET_TIME_absolute_get ();
+
+ (void) GNUNET_TIME_round_abs (&now);
+ if (TEH_KYC_NONE == TEH_kyc_config.mode)
+ return TALER_MHD_reply_static (
+ connection,
+ MHD_HTTP_NO_CONTENT,
+ NULL,
+ NULL,
+ 0);
+ ret = TEH_DB_run_transaction (connection,
+ "kyc check",
+ &res,
+ &kyc_check,
+ &kcc);
+ if (GNUNET_SYSERR == ret)
+ return res;
+ if (! kcc.kyc.ok)
+ {
+ GNUNET_assert (TEH_KYC_OAUTH2 == TEH_kyc_config.mode);
+ return TALER_MHD_REPLY_JSON_PACK (
+ connection,
+ MHD_HTTP_ACCEPTED,
+ GNUNET_JSON_pack_string ("kyc_url",
+ TEH_kyc_config.details.oauth2.url));
+ }
+ {
+ struct TALER_ExchangePublicKeyP pub;
+ struct TALER_ExchangeSignatureP sig;
+ struct TALER_ExchangeAccountSetupSuccessPS as = {
+ .purpose.purpose = htonl (TALER_SIGNATURE_EXCHANGE_ACCOUNT_SETUP_SUCCESS),
+ .purpose.size = htonl (sizeof (as)),
+ .h_payto = kcc.h_payto,
+ .timestamp = GNUNET_TIME_absolute_hton (now)
+ };
+ enum TALER_ErrorCode ec;
+
+ if (TALER_EC_NONE !=
+ (ec = TEH_keys_exchange_sign (&as,
+ &pub,
+ &sig)))
+ {
+ return TALER_MHD_reply_with_ec (connection,
+ ec,
+ NULL);
+ }
+ return TALER_MHD_REPLY_JSON_PACK (
+ connection,
+ MHD_HTTP_OK,
+ GNUNET_JSON_pack_data_auto ("exchange_sig",
+ &sig),
+ GNUNET_JSON_pack_data_auto ("exchange_pub",
+ &pub),
+ GNUNET_JSON_pack_time_abs ("now",
+ now));
+ }
+}
+
+
+/* end of taler-exchange-httpd_kyc-check.c */
diff --git a/src/exchange/taler-exchange-httpd_kyc-check.h b/src/exchange/taler-exchange-httpd_kyc-check.h
new file mode 100644
index 000000000..12f24488b
--- /dev/null
+++ b/src/exchange/taler-exchange-httpd_kyc-check.h
@@ -0,0 +1,42 @@
+/*
+ This file is part of TALER
+ Copyright (C) 2021 Taler Systems SA
+
+ TALER is free software; you can redistribute it and/or modify it under the
+ terms of the GNU Affero General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
+
+ You should have received a copy of the GNU Affero General Public License along with
+ TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+*/
+/**
+ * @file taler-exchange-httpd_kyc-check.h
+ * @brief Handle /kyc-check requests
+ * @author Christian Grothoff
+ */
+#ifndef TALER_EXCHANGE_HTTPD_KYC_CHECK_H
+#define TALER_EXCHANGE_HTTPD_KYC_CHECK_H
+
+#include <microhttpd.h>
+#include "taler-exchange-httpd.h"
+
+
+/**
+ * Handle a "/kyc-check" request. Checks the KYC
+ * status of the given account and returns it.
+ *
+ * @param connection request to handle
+ * @param payment_target_uuid which account are we to check
+ * @return MHD result code
+ */
+MHD_RESULT
+TEH_handler_kyc_check (
+ struct MHD_Connection *connection,
+ uint64_t payment_target_uuid);
+
+
+#endif
diff --git a/src/exchange/taler-exchange-httpd_kyc-proof.c b/src/exchange/taler-exchange-httpd_kyc-proof.c
new file mode 100644
index 000000000..cb3f00dde
--- /dev/null
+++ b/src/exchange/taler-exchange-httpd_kyc-proof.c
@@ -0,0 +1,99 @@
+/*
+ This file is part of TALER
+ Copyright (C) 2021 Taler Systems SA
+
+ TALER is free software; you can redistribute it and/or modify it under the
+ terms of the GNU Affero General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
+
+ You should have received a copy of the GNU Affero General Public License along with
+ TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+*/
+/**
+ * @file taler-exchange-httpd_kyc-proof.c
+ * @brief Handle request for proof for KYC check.
+ * @author Christian Grothoff
+ */
+#include "platform.h"
+#include <gnunet/gnunet_util_lib.h>
+#include <gnunet/gnunet_json_lib.h>
+#include <jansson.h>
+#include <microhttpd.h>
+#include <pthread.h>
+#include "taler_json_lib.h"
+#include "taler_mhd_lib.h"
+#include "taler-exchange-httpd_kyc-proof.h"
+#include "taler-exchange-httpd_responses.h"
+
+
+/**
+ * Context for the proof.
+ */
+struct KycProofContext
+{
+
+};
+
+
+/**
+ * Function implementing database transaction to check proof's KYC status.
+ * Runs the transaction logic; IF it returns a non-error code, the transaction
+ * logic MUST NOT queue a MHD response. IF it returns an hard error, the
+ * transaction logic MUST queue a MHD response and set @a mhd_ret. IF it
+ * returns the soft error code, the function MAY be called again to retry and
+ * MUST not queue a MHD response.
+ *
+ * @param cls closure with a `struct KycProofContext *`
+ * @param connection MHD proof which triggered the transaction
+ * @param[out] mhd_ret set to MHD response status for @a connection,
+ * if transaction failed (!)
+ * @return transaction status
+ */
+static enum GNUNET_DB_QueryStatus
+proof_kyc_check (void *cls,
+ struct MHD_Connection *connection,
+ MHD_RESULT *mhd_ret)
+{
+ struct KycProofContext *kpc = cls;
+
+ (void) kpc; // FIXME: do work here!
+ return -2;
+}
+
+
+MHD_RESULT
+TEH_handler_kyc_proof (
+ struct MHD_Connection *connection,
+ ...)
+{
+ struct KycProofContext kpc;
+ MHD_RESULT res;
+ enum GNUNET_GenericReturnValue ret;
+
+ if (1 || (TEH_KYC_NONE == TEH_kyc_config.mode))
+ return TALER_MHD_reply_static (
+ connection,
+ MHD_HTTP_NO_CONTENT,
+ NULL,
+ NULL,
+ 0);
+ ret = TEH_DB_run_transaction (connection,
+ "check proof kyc",
+ &res,
+ &proof_kyc_check,
+ &kpc);
+ if (GNUNET_SYSERR == ret)
+ return res;
+ return TALER_MHD_REPLY_JSON_PACK (
+ connection,
+ MHD_HTTP_OK,
+ GNUNET_JSON_pack_uint64 ("42",
+ 42));
+}
+
+
+/* end of taler-exchange-httpd_kyc-proof.c */
diff --git a/src/exchange/taler-exchange-httpd_kyc-proof.h b/src/exchange/taler-exchange-httpd_kyc-proof.h
new file mode 100644
index 000000000..1958a0043
--- /dev/null
+++ b/src/exchange/taler-exchange-httpd_kyc-proof.h
@@ -0,0 +1,40 @@
+/*
+ This file is part of TALER
+ Copyright (C) 2021 Taler Systems SA
+
+ TALER is free software; you can redistribute it and/or modify it under the
+ terms of the GNU Affero General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
+
+ You should have received a copy of the GNU Affero General Public License along with
+ TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+*/
+/**
+ * @file taler-exchange-httpd_kyc-proof.h
+ * @brief Handle /kyc-proof requests
+ * @author Christian Grothoff
+ */
+#ifndef TALER_EXCHANGE_HTTPD_KYC_PROOF_H
+#define TALER_EXCHANGE_HTTPD_KYC_PROOF_H
+
+#include <microhttpd.h>
+#include "taler-exchange-httpd.h"
+
+
+/**
+ * Handle a "/kyc-proof" request.
+ *
+ * @param connection request to handle
+ * @return MHD result code
+ */
+MHD_RESULT
+TEH_handler_kyc_proof (
+ struct MHD_Connection *connection,
+ ...);
+
+
+#endif
diff --git a/src/exchangedb/plugin_exchangedb_postgres.c b/src/exchangedb/plugin_exchangedb_postgres.c
index b4738ef4a..0026829da 100644
--- a/src/exchangedb/plugin_exchangedb_postgres.c
+++ b/src/exchangedb/plugin_exchangedb_postgres.c
@@ -369,6 +369,15 @@ prepare_statements (struct PostgresClosure *pg)
" WHERE payto_uri=$1"
" LIMIT 1;",
1),
+ /* Used in #postgres_select_kyc_status() */
+ GNUNET_PQ_make_prepare ("select_kyc_status",
+ "SELECT"
+ ",kyc_ok"
+ ",h_payto"
+ " FROM wire_targets"
+ " WHERE"
+ " wire_target_serial_id=$1",
+ 1),
/* Used in #postgres_inselect_wallet_kyc_status() */
// FIXME: Note that this statement has not been debugged at all...
// It just represents the _idea_.
@@ -3595,6 +3604,56 @@ postgres_get_kyc_status (void *cls,
/**
+ * Get the @a kyc status and @a h_payto by UUID.
+ *
+ * @param cls the @e cls of this struct with the plugin-specific state
+ * @param payment_target_uuid which account to get the KYC status for
+ * @param[out] h_payto set to the hash of the account's payto URI (unsalted)
+ * @param[out] kyc set to the KYC status of the account
+ * @return transaction status
+ */
+static enum GNUNET_DB_QueryStatus
+postgres_select_kyc_status (void *cls,
+ uint64_t payment_target_uuid,
+ struct GNUNET_HashCode *h_payto,
+ struct TALER_EXCHANGEDB_KycStatus *kyc)
+{
+#if FIXME_DD23
+ struct PostgresClosure *pg = cls;
+ struct GNUNET_PQ_QueryParam params[] = {
+ GNUNET_PQ_query_param_uint64 (payment_target_uuid),
+ GNUNET_PQ_query_param_end
+ };
+#endif
+ uint8_t ok8;
+#if FIXME_DD23
+ struct GNUNET_PQ_ResultSpec rs[] = {
+ GNUNET_PQ_result_spec_auto_from_type ("h_payto",
+ h_payto),
+ GNUNET_PQ_result_spec_auto_from_type ("kyc_ok",
+ &ok8),
+ GNUNET_PQ_result_spec_end
+ };
+#endif
+ enum GNUNET_DB_QueryStatus qs;
+
+#if FIXME_DD23
+ qs = GNUNET_PQ_eval_prepared_singleton_select (pg->conn,
+ "select_kyc_status",
+ params,
+ rs);
+#else
+ qs = 1;
+ ok8 = 0;
+#endif
+ kyc->type = TALER_EXCHANGEDB_KYC_UNKNOWN;
+ kyc->ok = (0 != ok8);
+ kyc->payment_target_uuid = payment_target_uuid;
+ return qs;
+}
+
+
+/**
* Get the KYC status for a wallet. If the status is unknown,
* inserts a new status record (hence INsertSELECT).
*
@@ -11203,6 +11262,7 @@ libtaler_plugin_exchangedb_postgres_init (void *cls)
&postgres_iterate_auditor_denominations;
plugin->reserves_get = &postgres_reserves_get;
plugin->get_kyc_status = &postgres_get_kyc_status;
+ plugin->select_kyc_status = &postgres_select_kyc_status;
plugin->inselect_wallet_kyc_status = &postgres_inselect_wallet_kyc_status;
plugin->reserves_in_insert = &postgres_reserves_in_insert;
plugin->get_latest_reserve_in_reference =
diff --git a/src/include/taler_exchangedb_plugin.h b/src/include/taler_exchangedb_plugin.h
index 4b90396bb..b8c504063 100644
--- a/src/include/taler_exchangedb_plugin.h
+++ b/src/include/taler_exchangedb_plugin.h
@@ -1630,6 +1630,13 @@ struct TALER_EXCHANGEDB_RefreshRevealedCoin
*/
enum TALER_EXCHANGEDB_KycType
{
+
+ /**
+ * It is unclear for which type of KYC operation
+ * this information is.
+ */
+ TALER_EXCHANGEDB_KYC_UNKNOWN = 0,
+
/**
* KYC to be applied for simple withdraws without
* the involvement of wallet-to-wallet payments.
@@ -2368,6 +2375,22 @@ struct TALER_EXCHANGEDB_Plugin
/**
+ * Get the @a kyc status and @a h_payto by UUID.
+ *
+ * @param cls the @e cls of this struct with the plugin-specific state
+ * @param payment_target_uuid which account to get the KYC status for
+ * @param[out] h_payto set to the hash of the account's payto URI (unsalted)
+ * @param[out] kyc set to the KYC status of the account
+ * @return transaction status
+ */
+ enum GNUNET_DB_QueryStatus
+ (*select_kyc_status)(void *cls,
+ uint64_t payment_target_uuid,
+ struct GNUNET_HashCode *h_payto,
+ struct TALER_EXCHANGEDB_KycStatus *kyc);
+
+
+ /**
* Get the KYC status for a wallet. If the status is unknown,
* inserts a new status record (hence INsertSELECT).
*