From 016551dbb4af5de4725fb67787dff07c852c0280 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Tue, 9 Nov 2021 20:36:30 +0100 Subject: misc TODOs for KYC left --- src/curl/curl.c | 17 +++++---- src/exchange/taler-exchange-httpd_kyc-check.c | 39 +++++++++++++++++++ src/exchange/taler-exchange-httpd_withdraw.c | 20 ++++++++-- src/exchangedb/plugin_exchangedb_postgres.c | 7 +++- src/include/taler_crypto_lib.h | 1 - src/lib/exchange_api_kyc_wallet.c | 2 + src/testing/test_kyc_api.c | 55 +++++++++++++++++++++++++-- src/testing/test_kyc_api.conf | 2 +- src/testing/testing_api_cmd_kyc_wallet_get.c | 3 +- 9 files changed, 127 insertions(+), 19 deletions(-) diff --git a/src/curl/curl.c b/src/curl/curl.c index 73fcf86a4..e9a2d5612 100644 --- a/src/curl/curl.c +++ b/src/curl/curl.c @@ -24,6 +24,10 @@ #include "platform.h" #include "taler_curl_lib.h" +// FIXME-workaround: without this, we somehow sometimes forget the header +// that indicates compression and then the exchange 400s us! +#undef TALER_CURL_COMPRESS_BODIES + #if TALER_CURL_COMPRESS_BODIES #include #endif @@ -76,18 +80,17 @@ TALER_curl_easy_post (struct TALER_CURL_PostContext *ctx, slen = (size_t) cbuf_size; ctx->json_enc = (char *) cbuf; } - GNUNET_assert - (NULL != (ctx->headers = curl_slist_append - (ctx->headers, - "Content-Encoding: deflate"))); + GNUNET_assert (NULL != (ctx->headers = curl_slist_append ( + ctx->headers, + "Content-Encoding: deflate"))); #else ctx->json_enc = str; #endif GNUNET_assert - (NULL != (ctx->headers = curl_slist_append - (ctx->headers, - "Content-Type: application/json"))); + (NULL != (ctx->headers = curl_slist_append ( + ctx->headers, + "Content-Type: application/json"))); GNUNET_assert (CURLE_OK == curl_easy_setopt (eh, diff --git a/src/exchange/taler-exchange-httpd_kyc-check.c b/src/exchange/taler-exchange-httpd_kyc-check.c index 38890e98c..5964da501 100644 --- a/src/exchange/taler-exchange-httpd_kyc-check.c +++ b/src/exchange/taler-exchange-httpd_kyc-check.c @@ -105,6 +105,7 @@ TEH_handler_kyc_check ( MHD_RESULT res; enum GNUNET_GenericReturnValue ret; char dummy; + struct TALER_PaytoHash h_payto; if (1 != sscanf (args[0], @@ -118,6 +119,34 @@ TEH_handler_kyc_check ( TALER_EC_GENERIC_PARAMETER_MALFORMED, "payment_target_uuid"); } + /* FIXME: write long polling logic ... */ + { + const char *hps; + + hps = MHD_lookup_connection_value (rc->connection, + MHD_GET_ARGUMENT_KIND, + "h_payto"); + if (NULL == hps) + { + GNUNET_break_op (0); + return TALER_MHD_reply_with_error (rc->connection, + MHD_HTTP_BAD_REQUEST, + TALER_EC_GENERIC_PARAMETER_MISSING, + "h_payto"); + } + if (GNUNET_OK != + GNUNET_STRINGS_string_to_data (hps, + strlen (hps), + &h_payto, + sizeof (h_payto))) + { + GNUNET_break_op (0); + return TALER_MHD_reply_with_error (rc->connection, + MHD_HTTP_BAD_REQUEST, + TALER_EC_GENERIC_PARAMETER_MALFORMED, + "h_payto"); + } + } if (TEH_KYC_NONE == TEH_kyc_config.mode) return TALER_MHD_reply_static ( @@ -141,6 +170,16 @@ TEH_handler_kyc_check ( &kcc); if (GNUNET_SYSERR == ret) return res; + if (0 != + GNUNET_memcmp (&kcc.h_payto, + &h_payto)) + { + GNUNET_break_op (0); + return TALER_MHD_reply_with_error (rc->connection, + MHD_HTTP_FORBIDDEN, + 42, /* FIXME: EC! */ + "h_payto"); + } if (! kcc.kyc.ok) { char *url; diff --git a/src/exchange/taler-exchange-httpd_withdraw.c b/src/exchange/taler-exchange-httpd_withdraw.c index ef1bb27d9..d393567e4 100644 --- a/src/exchange/taler-exchange-httpd_withdraw.c +++ b/src/exchange/taler-exchange-httpd_withdraw.c @@ -224,6 +224,10 @@ withdraw_transaction (void *cls, return qs; } + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "Asked to withdraw from %s amount of %s\n", + TALER_B2S (&wc->wsrd.reserve_pub), + TALER_amount2s (&wc->amount_required)); /* Don't sign again if we have already signed the coin */ if (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT == qs) { @@ -306,6 +310,10 @@ withdraw_transaction (void *cls, return GNUNET_DB_STATUS_HARD_ERROR; } + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "KYC status is %s for %s\n", + wc->kyc.ok ? "ok" : "missing", + TALER_B2S (&r.pub)); if ( (! wc->kyc.ok) && (TEH_KYC_NONE != TEH_kyc_config.mode) && (TALER_EXCHANGEDB_KYC_W2W == wc->kyc.type) ) @@ -323,10 +331,7 @@ withdraw_transaction (void *cls, struct TALER_Amount acc; enum GNUNET_DB_QueryStatus qs2; - TALER_amount_set_zero (TEH_currency, - &acc); - accumulate_withdraws (&acc, - &wc->amount_required); + acc = wc->amount_required; qs2 = TEH_plugin->select_withdraw_amounts_by_account ( TEH_plugin->cls, &wc->wsrd.reserve_pub, @@ -353,6 +358,9 @@ withdraw_transaction (void *cls, NULL); return GNUNET_DB_STATUS_HARD_ERROR; } + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "Amount withdrawn so far is %s\n", + TALER_amount2s (&acc)); if (1 == /* 1: acc > withdraw_limit */ TALER_amount_cmp (&acc, &TEH_kyc_config.withdraw_limit)) @@ -388,6 +396,10 @@ withdraw_transaction (void *cls, wc->collectable.reserve_pub = wc->wsrd.reserve_pub; wc->collectable.h_coin_envelope = wc->wsrd.h_coin_envelope; wc->collectable.reserve_sig = wc->signature; + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "Persisting withdraw from %s over %s\n", + TALER_B2S (&r.pub), + TALER_amount2s (&wc->amount_required)); qs = TEH_plugin->insert_withdraw_info (TEH_plugin->cls, &wc->collectable); if (0 > qs) diff --git a/src/exchangedb/plugin_exchangedb_postgres.c b/src/exchangedb/plugin_exchangedb_postgres.c index fbd168a81..f9f3fd16f 100644 --- a/src/exchangedb/plugin_exchangedb_postgres.c +++ b/src/exchangedb/plugin_exchangedb_postgres.c @@ -26,6 +26,7 @@ #include "taler_error_codes.h" #include "taler_dbevents.h" #include "taler_pq_lib.h" +#include "taler_util.h" #include "taler_json_lib.h" #include "taler_exchangedb_plugin.h" #include @@ -3986,6 +3987,10 @@ postgres_inselect_wallet_kyc_status ( qs = inselect_account_kyc_status (pg, payto_uri, kyc); + GNUNET_log (GNUNET_ERROR_TYPE_WARNING, + "Wire account for `%s' is %llu\n", + payto_uri, + (unsigned long long) kyc->payment_target_uuid); GNUNET_free (payto_uri); return qs; } @@ -4920,7 +4925,7 @@ withdraw_amount_by_account_cb (void *cls, struct WithdrawAmountByAccountContext *wac = cls; struct PostgresClosure *pg = wac->pg; - for (unsigned int i = 0; num_results; i++) + for (unsigned int i = 0; i < num_results; i++) { struct TALER_Amount val; struct GNUNET_PQ_ResultSpec rs[] = { diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h index 7787c23d8..c521541fe 100644 --- a/src/include/taler_crypto_lib.h +++ b/src/include/taler_crypto_lib.h @@ -23,7 +23,6 @@ #define TALER_CRYPTO_LIB_H #include -#include "taler_util.h" #include "taler_error_codes.h" #include diff --git a/src/lib/exchange_api_kyc_wallet.c b/src/lib/exchange_api_kyc_wallet.c index 16d4253ef..e919b562e 100644 --- a/src/lib/exchange_api_kyc_wallet.c +++ b/src/lib/exchange_api_kyc_wallet.c @@ -166,6 +166,7 @@ TALER_EXCHANGE_kyc_wallet (struct TALER_EXCHANGE_Handle *exchange, .purpose = htonl (TALER_SIGNATURE_WALLET_ACCOUNT_SETUP) }; + /* FIXME: move to util/wallet-signatures.c! */ GNUNET_CRYPTO_eddsa_key_get_public (&reserve_priv->eddsa_priv, &reserve_pub.eddsa_pub); @@ -187,6 +188,7 @@ TALER_EXCHANGE_kyc_wallet (struct TALER_EXCHANGE_Handle *exchange, "/kyc-wallet"); if (NULL == kwh->url) { + json_decref (req); GNUNET_free (kwh); return NULL; } diff --git a/src/testing/test_kyc_api.c b/src/testing/test_kyc_api.c index b1a43df56..48464e2f6 100644 --- a/src/testing/test_kyc_api.c +++ b/src/testing/test_kyc_api.c @@ -96,24 +96,48 @@ run (void *cls, */ struct TALER_TESTING_Command withdraw[] = { CMD_TRANSFER_TO_EXCHANGE ("create-reserve-1", - "EUR:5.01"), + "EUR:15.02"), TALER_TESTING_cmd_check_bank_admin_transfer ( "check-create-reserve-1", - "EUR:5.01", bc.user42_payto, bc.exchange_payto, + "EUR:15.02", bc.user42_payto, bc.exchange_payto, "create-reserve-1"), CMD_EXEC_WIREWATCH ("wirewatch-1"), + TALER_TESTING_cmd_withdraw_amount ("withdraw-coin-1-no-kyc", + "create-reserve-1", + "EUR:10", + MHD_HTTP_ACCEPTED), TALER_TESTING_cmd_withdraw_amount ("withdraw-coin-1", "create-reserve-1", "EUR:5", MHD_HTTP_OK), TALER_TESTING_cmd_end () }; + /** + * Test withdraw with KYC. + */ + struct TALER_TESTING_Command withdraw_kyc[] = { + CMD_EXEC_WIREWATCH ("wirewatch-1"), + TALER_TESTING_cmd_withdraw_amount ("withdraw-coin-1-lacking-kyc", + "create-reserve-1", + "EUR:5", + MHD_HTTP_ACCEPTED), + TALER_TESTING_cmd_proof_kyc ("proof-kyc", + "withdraw-coin-1-lacking-kyc", + "pass", + "state", + MHD_HTTP_SEE_OTHER), + TALER_TESTING_cmd_withdraw_amount ("withdraw-coin-1-with-kyc", + "create-reserve-1", + "EUR:5", + MHD_HTTP_OK), + TALER_TESTING_cmd_end () + }; struct TALER_TESTING_Command spend[] = { TALER_TESTING_cmd_deposit ( "deposit-simple", "withdraw-coin-1", 0, - bc.user42_payto, + bc.user43_payto, "{\"items\":[{\"name\":\"ice cream\",\"value\":1}]}", GNUNET_TIME_UNIT_ZERO, "EUR:5", @@ -156,11 +180,28 @@ run (void *cls, ec.exchange_url, "EUR:4.98", bc.exchange_payto, - bc.user42_payto), + bc.user43_payto), TALER_TESTING_cmd_check_bank_empty ("check_bank_empty"), TALER_TESTING_cmd_end () }; + struct TALER_TESTING_Command wallet_kyc[] = { + TALER_TESTING_cmd_wallet_kyc_get ( + "wallet-kyc-fail", + NULL, + MHD_HTTP_OK), + TALER_TESTING_cmd_proof_kyc ("proof-wallet-kyc", + "wallet-kyc-fail", + "pass", + "state", + MHD_HTTP_SEE_OTHER), + TALER_TESTING_cmd_check_kyc_get ( + "wallet-kyc-check", + "wallet-kyc-fail", + MHD_HTTP_OK), + TALER_TESTING_cmd_end () + }; + struct TALER_TESTING_Command commands[] = { TALER_TESTING_cmd_exec_offline_sign_fees ("offline-sign-fees", CONFIG_FILE, @@ -183,6 +224,12 @@ run (void *cls, spend), TALER_TESTING_cmd_batch ("track", track), + TALER_TESTING_cmd_batch ("withdraw-kyc", + withdraw_kyc), +#if 0 + TALER_TESTING_cmd_batch ("wallet-kyc", + wallet_kyc), +#endif TALER_TESTING_cmd_end () }; diff --git a/src/testing/test_kyc_api.conf b/src/testing/test_kyc_api.conf index 105ee3b26..ebc2016b6 100644 --- a/src/testing/test_kyc_api.conf +++ b/src/testing/test_kyc_api.conf @@ -52,7 +52,7 @@ KYC_WALLET_BALANCE_LIMIT = EUR:1 KYC_WITHDRAW_PERIOD = "31 days" -KYC_WITHDRAW_LIMIT = EUR:150 +KYC_WITHDRAW_LIMIT = EUR:8 [exchange-kyc-oauth2] diff --git a/src/testing/testing_api_cmd_kyc_wallet_get.c b/src/testing/testing_api_cmd_kyc_wallet_get.c index 44ca03719..e487f6285 100644 --- a/src/testing/testing_api_cmd_kyc_wallet_get.c +++ b/src/testing/testing_api_cmd_kyc_wallet_get.c @@ -94,9 +94,10 @@ wallet_kyc_cb (void *cls, if (kwg->expected_response_code != wkr->http_status) { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, - "Unexpected response code %u/%d to command %s in %s:%u\n", + "Unexpected response code %u/%d (wanted %u) to command %s in %s:%u\n", wkr->http_status, (int) wkr->ec, + kwg->expected_response_code, cmd->label, __FILE__, __LINE__); -- cgit v1.2.3