From 6231c365fdd7b13032dffbebb94be62e2ef34455 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Mon, 16 Jan 2023 11:14:59 +0100 Subject: -fix KYC logic change to work for all plugins and not just OAuth2.0 --- src/exchange/taler-exchange-httpd.c | 3 +-- src/exchange/taler-exchange-httpd_kyc-proof.c | 22 ++++++++-------- src/include/taler_kyclogic_plugin.h | 2 -- src/kyclogic/plugin_kyclogic_kycaid.c | 2 -- src/kyclogic/plugin_kyclogic_oauth2.c | 32 +++++++++++------------- src/kyclogic/plugin_kyclogic_persona.c | 13 +++++----- src/kyclogic/taler-exchange-kyc-tester.c | 36 ++++++++++++++++----------- 7 files changed, 54 insertions(+), 56 deletions(-) diff --git a/src/exchange/taler-exchange-httpd.c b/src/exchange/taler-exchange-httpd.c index 76b388896..def4fd4af 100644 --- a/src/exchange/taler-exchange-httpd.c +++ b/src/exchange/taler-exchange-httpd.c @@ -1258,8 +1258,7 @@ handle_mhd_request (void *cls, .url = "kyc-proof", .method = MHD_HTTP_METHOD_GET, .handler.get = &TEH_handler_kyc_proof, - .nargs = 128, - .nargs_is_upper_bound = true + .nargs = 1 }, { .url = "kyc-wallet", diff --git a/src/exchange/taler-exchange-httpd_kyc-proof.c b/src/exchange/taler-exchange-httpd_kyc-proof.c index e550d28e2..d37164987 100644 --- a/src/exchange/taler-exchange-httpd_kyc-proof.c +++ b/src/exchange/taler-exchange-httpd_kyc-proof.c @@ -256,35 +256,34 @@ clean_kpc (struct TEH_RequestContext *rc) MHD_RESULT TEH_handler_kyc_proof ( struct TEH_RequestContext *rc, - const char *const args[3]) + const char *const args[1]) { struct KycProofContext *kpc = rc->rh_ctx; + const char *provider_section_or_logic = args[0]; const char *h_payto; + if (NULL == kpc) { /* first time */ - if ( (NULL == args[0])) + if (NULL == provider_section_or_logic) { GNUNET_break_op (0); return TALER_MHD_reply_with_error (rc->connection, MHD_HTTP_NOT_FOUND, TALER_EC_GENERIC_ENDPOINT_UNKNOWN, - "'/kyc-proof/$LOGIC?state=$H_PAYTO' required"); + "'/kyc-proof/$PROVIDER_SECTION?state=$H_PAYTO' required"); } - h_payto = MHD_lookup_connection_value (rc->connection, MHD_GET_ARGUMENT_KIND, "state"); - if ( (NULL == h_payto) ) + if (NULL == h_payto) { GNUNET_break_op (0); return TALER_MHD_reply_with_error (rc->connection, MHD_HTTP_BAD_REQUEST, - TALER_EC_GENERIC_PARAMETER_MALFORMED, + TALER_EC_GENERIC_PARAMETER_MISSING, "h_payto"); } - - kpc = GNUNET_new (struct KycProofContext); kpc->rc = rc; rc->rh_ctx = kpc; @@ -302,7 +301,7 @@ TEH_handler_kyc_proof ( "h_payto"); } if (GNUNET_OK != - TALER_KYCLOGIC_lookup_logic (args[0], + TALER_KYCLOGIC_lookup_logic (provider_section_or_logic, &kpc->logic, &kpc->pd, &kpc->provider_section)) @@ -311,14 +310,14 @@ TEH_handler_kyc_proof ( return TALER_MHD_reply_with_error (rc->connection, MHD_HTTP_NOT_FOUND, TALER_EC_EXCHANGE_KYC_GENERIC_LOGIC_UNKNOWN, - args[0]); + provider_section_or_logic); } if (NULL != kpc->provider_section) { enum GNUNET_DB_QueryStatus qs; struct GNUNET_TIME_Absolute expiration; - if (0 != strcmp (args[0], + if (0 != strcmp (provider_section_or_logic, kpc->provider_section)) { GNUNET_break_op (0); @@ -364,7 +363,6 @@ TEH_handler_kyc_proof ( } kpc->ph = kpc->logic->proof (kpc->logic->cls, kpc->pd, - &args[1], rc->connection, &kpc->h_payto, kpc->process_row, diff --git a/src/include/taler_kyclogic_plugin.h b/src/include/taler_kyclogic_plugin.h index 8d86078dd..c2266e1ae 100644 --- a/src/include/taler_kyclogic_plugin.h +++ b/src/include/taler_kyclogic_plugin.h @@ -303,7 +303,6 @@ struct TALER_KYCLOGIC_Plugin * * @param cls the @e cls of this struct with the plugin-specific state * @param pd provider configuration details - * @param url_path rest of the URL after `/kyc-webhook/$H_PAYTO/$LOGIC` * @param connection MHD connection object (for HTTP headers) * @param account_id which account to trigger process for * @param process_row row in the legitimization processes table the legitimization is for @@ -316,7 +315,6 @@ struct TALER_KYCLOGIC_Plugin struct TALER_KYCLOGIC_ProofHandle * (*proof)(void *cls, const struct TALER_KYCLOGIC_ProviderDetails *pd, - const char *const url_path[], struct MHD_Connection *connection, const struct TALER_PaytoHashP *account_id, uint64_t process_row, diff --git a/src/kyclogic/plugin_kyclogic_kycaid.c b/src/kyclogic/plugin_kyclogic_kycaid.c index c08948f7b..8e9323171 100644 --- a/src/kyclogic/plugin_kyclogic_kycaid.c +++ b/src/kyclogic/plugin_kyclogic_kycaid.c @@ -643,7 +643,6 @@ proof_reply (void *cls) * * @param cls the @e cls of this struct with the plugin-specific state * @param pd provider configuration details - * @param url_path rest of the URL after `/kyc-webhook/` * @param connection MHD connection object (for HTTP headers) * @param account_id which account to trigger process for * @param process_row row in the legitimization processes table the legitimization is for @@ -656,7 +655,6 @@ proof_reply (void *cls) static struct TALER_KYCLOGIC_ProofHandle * kycaid_proof (void *cls, const struct TALER_KYCLOGIC_ProviderDetails *pd, - const char *const url_path[], struct MHD_Connection *connection, const struct TALER_PaytoHashP *account_id, uint64_t process_row, diff --git a/src/kyclogic/plugin_kyclogic_oauth2.c b/src/kyclogic/plugin_kyclogic_oauth2.c index e97ca830d..259217ce8 100644 --- a/src/kyclogic/plugin_kyclogic_oauth2.c +++ b/src/kyclogic/plugin_kyclogic_oauth2.c @@ -609,8 +609,8 @@ handle_proof_error (struct TALER_KYCLOGIC_ProofHandle *ph, ph->status = TALER_KYCLOGIC_STATUS_PROVIDER_FAILED; ph->response = TALER_MHD_make_error ( - TALER_EC_EXCHANGE_KYC_PROOF_BACKEND_INVALID_RESPONSE, - "Unexpected response from KYC gateway: proof error"); + TALER_EC_EXCHANGE_KYC_PROOF_BACKEND_INVALID_RESPONSE, + "Unexpected response from KYC gateway: proof error"); ph->http_status = MHD_HTTP_BAD_GATEWAY; return; @@ -677,8 +677,8 @@ parse_proof_success_reply (struct TALER_KYCLOGIC_ProofHandle *ph, ph->status = TALER_KYCLOGIC_STATUS_PROVIDER_FAILED; ph->response = TALER_MHD_make_error ( - TALER_EC_EXCHANGE_KYC_PROOF_BACKEND_INVALID_RESPONSE, - "Unexpected response from KYC gateway: proof success must contain data and status"); + TALER_EC_EXCHANGE_KYC_PROOF_BACKEND_INVALID_RESPONSE, + "Unexpected response from KYC gateway: proof success must contain data and status"); ph->http_status = MHD_HTTP_BAD_GATEWAY; return; @@ -712,8 +712,8 @@ parse_proof_success_reply (struct TALER_KYCLOGIC_ProofHandle *ph, ph->status = TALER_KYCLOGIC_STATUS_PROVIDER_FAILED; ph->response = TALER_MHD_make_error ( - TALER_EC_EXCHANGE_KYC_PROOF_BACKEND_INVALID_RESPONSE, - "Unexpected response from KYC gateway: data must contain id"); + TALER_EC_EXCHANGE_KYC_PROOF_BACKEND_INVALID_RESPONSE, + "Unexpected response from KYC gateway: data must contain id"); ph->http_status = MHD_HTTP_BAD_GATEWAY; return; @@ -831,8 +831,8 @@ handle_curl_login_finished (void *cls, GNUNET_break_op (0); ph->response = TALER_MHD_make_error ( - TALER_EC_EXCHANGE_KYC_PROOF_BACKEND_INVALID_RESPONSE, - "Unexpected response from KYC gateway: login finished"); + TALER_EC_EXCHANGE_KYC_PROOF_BACKEND_INVALID_RESPONSE, + "Unexpected response from KYC gateway: login finished"); ph->http_status = MHD_HTTP_BAD_GATEWAY; break; @@ -844,8 +844,8 @@ handle_curl_login_finished (void *cls, GNUNET_break_op (0); ph->response = TALER_MHD_make_error ( - TALER_EC_EXCHANGE_KYC_PROOF_BACKEND_INVALID_RESPONSE, - "Unexpected token type in response from KYC gateway"); + TALER_EC_EXCHANGE_KYC_PROOF_BACKEND_INVALID_RESPONSE, + "Unexpected token type in response from KYC gateway"); ph->http_status = MHD_HTTP_BAD_GATEWAY; break; @@ -865,8 +865,8 @@ handle_curl_login_finished (void *cls, GNUNET_break_op (0); ph->response = TALER_MHD_make_error ( - TALER_EC_EXCHANGE_KYC_PROOF_BACKEND_INVALID_RESPONSE, - "Illegal character in access token"); + TALER_EC_EXCHANGE_KYC_PROOF_BACKEND_INVALID_RESPONSE, + "Illegal character in access token"); ph->http_status = MHD_HTTP_BAD_GATEWAY; break; @@ -878,8 +878,8 @@ handle_curl_login_finished (void *cls, GNUNET_break_op (0); ph->response = TALER_MHD_make_error ( - TALER_EC_GENERIC_ALLOCATION_FAILURE, - "curl_easy_init"); + TALER_EC_GENERIC_ALLOCATION_FAILURE, + "curl_easy_init"); ph->http_status = MHD_HTTP_INTERNAL_SERVER_ERROR; break; @@ -925,7 +925,6 @@ handle_curl_login_finished (void *cls, * * @param cls the @e cls of this struct with the plugin-specific state * @param pd provider configuration details - * @param url_path rest of the URL after `/kyc-webhook/` * @param connection MHD connection object (for HTTP headers) * @param account_id which account to trigger process for * @param process_row row in the legitimization processes table the legitimization is for @@ -938,7 +937,6 @@ handle_curl_login_finished (void *cls, static struct TALER_KYCLOGIC_ProofHandle * oauth2_proof (void *cls, const struct TALER_KYCLOGIC_ProviderDetails *pd, - const char *const url_path[], struct MHD_Connection *connection, const struct TALER_PaytoHashP *account_id, uint64_t process_row, @@ -951,7 +949,6 @@ oauth2_proof (void *cls, struct TALER_KYCLOGIC_ProofHandle *ph; const char *code; - (void) url_path; GNUNET_break (NULL == provider_user_id); ph = GNUNET_new (struct TALER_KYCLOGIC_ProofHandle); GNUNET_snprintf (ph->provider_legitimization_id, @@ -966,6 +963,7 @@ oauth2_proof (void *cls, GNUNET_free (ph); return NULL; } + ph->pd = pd; ph->connection = connection; ph->h_payto = *account_id; diff --git a/src/kyclogic/plugin_kyclogic_persona.c b/src/kyclogic/plugin_kyclogic_persona.c index d0ce3d05c..abc8e78f5 100644 --- a/src/kyclogic/plugin_kyclogic_persona.c +++ b/src/kyclogic/plugin_kyclogic_persona.c @@ -747,13 +747,14 @@ persona_initiate (void *cls, (unsigned long long) ih->legitimization_uuid); payto_s = GNUNET_STRINGS_data_to_string_alloc (&ih->h_payto, sizeof (ih->h_payto)); - /* NOTE: check here that exchange_base_url ends - with a '/'? */ + GNUNET_break ('/' == + pd->ps->exchange_base_url[strlen ( + pd->ps->exchange_base_url) - 1]); GNUNET_asprintf (&proof_url, - "%skyc-proof/%s/%s", + "%skyc-proof/%s?state=%s", pd->ps->exchange_base_url, - payto_s, - pd->section); + pd->section, + payto_s); body = GNUNET_JSON_PACK ( GNUNET_JSON_pack_object_steal ( "data", @@ -1345,7 +1346,6 @@ handle_proof_finished (void *cls, * * @param cls the @e cls of this struct with the plugin-specific state * @param pd provider configuration details - * @param url_path rest of the URL after `/kyc-webhook/` * @param connection MHD connection object (for HTTP headers) * @param account_id which account to trigger process for * @param process_row row in the legitimization processes table the legitimization is for @@ -1358,7 +1358,6 @@ handle_proof_finished (void *cls, static struct TALER_KYCLOGIC_ProofHandle * persona_proof (void *cls, const struct TALER_KYCLOGIC_ProviderDetails *pd, - const char *const url_path[], struct MHD_Connection *connection, const struct TALER_PaytoHashP *account_id, uint64_t process_row, diff --git a/src/kyclogic/taler-exchange-kyc-tester.c b/src/kyclogic/taler-exchange-kyc-tester.c index 1b6094993..d436ef7ee 100644 --- a/src/kyclogic/taler-exchange-kyc-tester.c +++ b/src/kyclogic/taler-exchange-kyc-tester.c @@ -727,32 +727,42 @@ proof_cb ( * * @param rc request context * @param args remaining URL arguments; - * args[0] is the 'h_payto', - * args[1] should be the logic plugin name + * args[0] should be the logic plugin name */ static MHD_RESULT handler_kyc_proof_get ( struct TEKT_RequestContext *rc, - const char *const args[]) + const char *const args[1]) { struct TALER_PaytoHashP h_payto; struct TALER_KYCLOGIC_ProviderDetails *pd; struct TALER_KYCLOGIC_Plugin *logic; struct ProofRequestState *rs; const char *section_name; + const char *h_paytos; - if ( (NULL == args[0]) || - (NULL == args[1]) ) + if (NULL == args[0]) { GNUNET_break_op (0); return TALER_MHD_reply_with_error (rc->connection, MHD_HTTP_NOT_FOUND, TALER_EC_GENERIC_ENDPOINT_UNKNOWN, - "'/$H_PAYTO/$LOGIC' required after '/kyc-proof'"); + "'/kyc-proof/$PROVIDER_SECTION?state=$H_PAYTO' required"); + } + h_paytos = MHD_lookup_connection_value (rc->connection, + MHD_GET_ARGUMENT_KIND, + "state"); + if (NULL == h_paytos) + { + GNUNET_break_op (0); + return TALER_MHD_reply_with_error (rc->connection, + MHD_HTTP_BAD_REQUEST, + TALER_EC_GENERIC_PARAMETER_MISSING, + "h_payto"); } if (GNUNET_OK != - GNUNET_STRINGS_string_to_data (args[0], - strlen (args[0]), + GNUNET_STRINGS_string_to_data (h_paytos, + strlen (h_paytos), &h_payto, sizeof (h_payto))) { @@ -774,18 +784,18 @@ handler_kyc_proof_get ( } if (GNUNET_OK != - TALER_KYCLOGIC_lookup_logic (args[1], + TALER_KYCLOGIC_lookup_logic (args[0], &logic, &pd, §ion_name)) { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Could not initiate KYC with provider `%s' (configuration error?)\n", - args[1]); + args[0]); return TALER_MHD_reply_with_error (rc->connection, MHD_HTTP_NOT_FOUND, TALER_EC_EXCHANGE_KYC_GENERIC_LOGIC_UNKNOWN, - args[1]); + args[0]); } rs = GNUNET_new (struct ProofRequestState); rs->rc = rc; @@ -796,7 +806,6 @@ handler_kyc_proof_get ( rs); rs->ph = logic->proof (logic->cls, pd, - &args[2], rc->connection, &h_payto, kyc_row_id, @@ -1032,8 +1041,7 @@ handle_mhd_request (void *cls, .url = "kyc-proof", .method = MHD_HTTP_METHOD_GET, .handler.get = &handler_kyc_proof_get, - .nargs = 128, - .nargs_is_upper_bound = true + .nargs = 1 }, { .url = "kyc-webhook", -- cgit v1.2.3