From b496b8fed5bcef74e79bad7351cab98aae6a7dd7 Mon Sep 17 00:00:00 2001 From: Christian Grothoff <grothoff@gnunet.org> Date: Sat, 16 Apr 2022 17:51:27 +0200 Subject: add more flexibility to endpoint naming for KYC --- src/exchange/taler-exchange-httpd.c | 36 ++++++++++++++++++++++++--- src/exchange/taler-exchange-httpd.h | 8 +++++- src/exchange/taler-exchange-httpd_kyc-check.c | 4 +-- src/exchange/taler-exchange-httpd_kyc-proof.c | 8 +++--- src/testing/test_exchange_api.c | 4 +-- src/testing/test_kyc_api.conf | 3 ++- 6 files changed, 49 insertions(+), 14 deletions(-) diff --git a/src/exchange/taler-exchange-httpd.c b/src/exchange/taler-exchange-httpd.c index aa3a7c412..fb3129591 100644 --- a/src/exchange/taler-exchange-httpd.c +++ b/src/exchange/taler-exchange-httpd.c @@ -1413,12 +1413,12 @@ parse_kyc_oauth_cfg (void) if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_string (TEH_cfg, "exchange-kyc-oauth2", - "KYC_OAUTH2_URL", + "KYC_OAUTH2_AUTH_URL", &s)) { GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, "exchange-kyc-oauth2", - "KYC_OAUTH2_URL"); + "KYC_OAUTH2_AUTH_URL"); return GNUNET_SYSERR; } if ( (! TALER_url_valid_charset (s)) || @@ -1431,12 +1431,40 @@ parse_kyc_oauth_cfg (void) { GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, "exchange-kyc-oauth2", - "KYC_OAUTH2_URL", + "KYC_OAUTH2_AUTH_URL", "not a valid URL"); GNUNET_free (s); return GNUNET_SYSERR; } - TEH_kyc_config.details.oauth2.url = s; + TEH_kyc_config.details.oauth2.auth_url = s; + + if (GNUNET_OK != + GNUNET_CONFIGURATION_get_value_string (TEH_cfg, + "exchange-kyc-oauth2", + "KYC_OAUTH2_LOGIN_URL", + &s)) + { + GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, + "exchange-kyc-oauth2", + "KYC_OAUTH2_LOGIN_URL"); + return GNUNET_SYSERR; + } + if ( (! TALER_url_valid_charset (s)) || + ( (0 != strncasecmp (s, + "http://", + strlen ("http://"))) && + (0 != strncasecmp (s, + "https://", + strlen ("https://"))) ) ) + { + GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, + "exchange-kyc-oauth2", + "KYC_OAUTH2_LOGIN_URL", + "not a valid URL"); + GNUNET_free (s); + return GNUNET_SYSERR; + } + TEH_kyc_config.details.oauth2.login_url = s; if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_string (TEH_cfg, diff --git a/src/exchange/taler-exchange-httpd.h b/src/exchange/taler-exchange-httpd.h index ffbce0e9b..deb5b3e02 100644 --- a/src/exchange/taler-exchange-httpd.h +++ b/src/exchange/taler-exchange-httpd.h @@ -93,8 +93,14 @@ struct TEH_KycOptions /** * URL of the OAuth2.0 endpoint for KYC checks. + * (token/auth) */ - char *url; + char *auth_url; + + /** + * URL of the OAuth2.0 endpoint for KYC checks. + */ + char *login_url; /** * URL of the user info access endpoint. diff --git a/src/exchange/taler-exchange-httpd_kyc-check.c b/src/exchange/taler-exchange-httpd_kyc-check.c index 62ecbaab9..8bc2ac196 100644 --- a/src/exchange/taler-exchange-httpd_kyc-check.c +++ b/src/exchange/taler-exchange-httpd_kyc-check.c @@ -395,8 +395,8 @@ TEH_handler_kyc_check ( redirect_uri_encoded = TALER_urlencode (redirect_uri); GNUNET_free (redirect_uri); GNUNET_asprintf (&url, - "%s/login?client_id=%s&redirect_uri=%s", - TEH_kyc_config.details.oauth2.url, + "%s?client_id=%s&redirect_uri=%s", + TEH_kyc_config.details.oauth2.login_url, TEH_kyc_config.details.oauth2.client_id, redirect_uri_encoded); GNUNET_free (redirect_uri_encoded); diff --git a/src/exchange/taler-exchange-httpd_kyc-proof.c b/src/exchange/taler-exchange-httpd_kyc-proof.c index f561a95a8..75ff81e96 100644 --- a/src/exchange/taler-exchange-httpd_kyc-proof.c +++ b/src/exchange/taler-exchange-httpd_kyc-proof.c @@ -579,8 +579,8 @@ TEH_handler_kyc_proof ( "curl_easy_init"); } GNUNET_asprintf (&kpc->token_url, - "%stoken", - TEH_kyc_config.details.oauth2.url); + "%s", + TEH_kyc_config.details.oauth2.auth_url); GNUNET_assert (CURLE_OK == curl_easy_setopt (eh, CURLOPT_URL, @@ -603,8 +603,8 @@ TEH_handler_kyc_proof ( char *request_uri; GNUNET_asprintf (&request_uri, - "%slogin?client_id=%s", - TEH_kyc_config.details.oauth2.url, + "%s?client_id=%s", + TEH_kyc_config.details.oauth2.login_url, TEH_kyc_config.details.oauth2.client_id); redirect_uri = curl_easy_escape (eh, request_uri, diff --git a/src/testing/test_exchange_api.c b/src/testing/test_exchange_api.c index 4f1e2a611..da4974f28 100644 --- a/src/testing/test_exchange_api.c +++ b/src/testing/test_exchange_api.c @@ -432,7 +432,7 @@ run (void *cls, /* Try resolving a deposit's WTID, as we never triggered * execution of transactions, the answer should be that * the exchange knows about the deposit, but has no WTID yet. - */// + */ TALER_TESTING_cmd_track_transaction ("deposit-wtid-found", "deposit-simple", 0, @@ -458,7 +458,7 @@ run (void *cls, * happen here, as each deposit operation is run with a * fresh merchant public key, so the aggregator will treat * them as "different" merchants and do the wire transfers - * individually. */// + * individually. */ CMD_EXEC_AGGREGATOR ("run-aggregator"), /** * Check all the transfers took place. diff --git a/src/testing/test_kyc_api.conf b/src/testing/test_kyc_api.conf index 2dce408b4..539c59ec1 100644 --- a/src/testing/test_kyc_api.conf +++ b/src/testing/test_kyc_api.conf @@ -56,7 +56,8 @@ KYC_WITHDRAW_LIMIT = EUR:8 [exchange-kyc-oauth2] -KYC_OAUTH2_URL = http://localhost:6666/oauth/v2/login +KYC_OAUTH2_AUTH_URL = http://localhost:6666/oauth/v2/token +KYC_OAUTH2_LOGIN_URL = http://localhost:6666/oauth/v2/login KYC_INFO_URL = http://localhost:6666/api/user/me KYC_OAUTH2_CLIENT_ID = taler-exchange KYC_OAUTH2_CLIENT_SECRET = exchange-secret -- cgit v1.2.3