/*
This file is part of TALER
Copyright (C) 2021-2024 Taler Systems SA
TALER is free software; you can redistribute it and/or modify it under the
terms of the GNU General Public License as published by the Free Software
Foundation; either version 3, or (at your option) any later version.
TALER is distributed in the hope that it will be useful, but WITHOUT ANY
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with
TALER; see the file COPYING. If not, see
*/
/**
* @file lib/exchange_api_kyc_check.c
* @brief Implementation of the /kyc-check request
* @author Christian Grothoff
*/
#include "platform.h"
#include /* just for HTTP check codes */
#include
#include
#include "taler_exchange_service.h"
#include "taler_json_lib.h"
#include "exchange_api_handle.h"
#include "taler_signatures.h"
#include "exchange_api_curl_defaults.h"
/**
* @brief A ``/kyc-check`` handle
*/
struct TALER_EXCHANGE_KycCheckHandle
{
/**
* The url for this request.
*/
char *url;
/**
* Handle for the request.
*/
struct GNUNET_CURL_Job *job;
/**
* Function to call with the result.
*/
TALER_EXCHANGE_KycStatusCallback cb;
/**
* Closure for @e cb.
*/
void *cb_cls;
};
static enum GNUNET_GenericReturnValue
parse_account_status (
struct TALER_EXCHANGE_KycCheckHandle *kch,
const json_t *j,
struct TALER_EXCHANGE_KycStatus *ks,
struct TALER_EXCHANGE_AccountKycStatus *status)
{
const json_t *limits = NULL;
struct GNUNET_JSON_Specification spec[] = {
GNUNET_JSON_spec_bool ("aml_review",
&status->aml_review),
GNUNET_JSON_spec_fixed_auto ("access_token",
&status->access_token),
GNUNET_JSON_spec_mark_optional (
GNUNET_JSON_spec_array_const ("limits",
&limits),
NULL),
GNUNET_JSON_spec_end ()
};
if (GNUNET_OK !=
GNUNET_JSON_parse (j,
spec,
NULL, NULL))
{
GNUNET_break_op (0);
return GNUNET_SYSERR;
}
if ( (NULL != limits) &&
(0 != json_array_size (limits)) )
{
size_t limit_length = json_array_size (limits);
struct TALER_EXCHANGE_AccountLimit ala[GNUNET_NZL (limit_length)];
size_t i;
json_t *limit;
json_array_foreach (limits, i, limit)
{
struct TALER_EXCHANGE_AccountLimit *al = &ala[i];
struct GNUNET_JSON_Specification ispec[] = {
GNUNET_JSON_spec_mark_optional (
GNUNET_JSON_spec_bool ("soft_limit",
&al->soft_limit),
NULL),
GNUNET_JSON_spec_relative_time ("timeframe",
&al->timeframe),
TALER_JSON_spec_kycte ("operation_type",
&al->operation_type),
TALER_JSON_spec_amount_any ("threshold",
&al->threshold),
GNUNET_JSON_spec_end ()
};
al->soft_limit = false;
if (GNUNET_OK !=
GNUNET_JSON_parse (limit,
ispec,
NULL, NULL))
{
GNUNET_break_op (0);
return GNUNET_SYSERR;
}
}
status->limits = ala;
status->limits_length = limit_length;
kch->cb (kch->cb_cls,
ks);
}
else
{
kch->cb (kch->cb_cls,
ks);
}
GNUNET_JSON_parse_free (spec);
return GNUNET_OK;
}
/**
* Function called when we're done processing the
* HTTP /kyc-check request.
*
* @param cls the `struct TALER_EXCHANGE_KycCheckHandle`
* @param response_code HTTP response code, 0 on error
* @param response parsed JSON result, NULL on error
*/
static void
handle_kyc_check_finished (void *cls,
long response_code,
const void *response)
{
struct TALER_EXCHANGE_KycCheckHandle *kch = cls;
const json_t *j = response;
struct TALER_EXCHANGE_KycStatus ks = {
.hr.reply = j,
.hr.http_status = (unsigned int) response_code
};
kch->job = NULL;
switch (response_code)
{
case 0:
ks.hr.ec = TALER_EC_GENERIC_INVALID_RESPONSE;
break;
case MHD_HTTP_OK:
{
if (GNUNET_OK !=
parse_account_status (kch,
j,
&ks,
&ks.details.ok))
{
GNUNET_break_op (0);
ks.hr.http_status = 0;
ks.hr.ec = TALER_EC_GENERIC_INVALID_RESPONSE;
break;
}
TALER_EXCHANGE_kyc_check_cancel (kch);
return;
}
case MHD_HTTP_ACCEPTED:
{
if (GNUNET_OK !=
parse_account_status (kch,
j,
&ks,
&ks.details.accepted))
{
GNUNET_break_op (0);
ks.hr.http_status = 0;
ks.hr.ec = TALER_EC_GENERIC_INVALID_RESPONSE;
break;
}
TALER_EXCHANGE_kyc_check_cancel (kch);
return;
}
case MHD_HTTP_NO_CONTENT:
break;
case MHD_HTTP_BAD_REQUEST:
ks.hr.ec = TALER_JSON_get_error_code (j);
/* This should never happen, either us or the exchange is buggy
(or API version conflict); just pass JSON reply to the application */
break;
case MHD_HTTP_FORBIDDEN:
{
struct GNUNET_JSON_Specification spec[] = {
GNUNET_JSON_spec_fixed_auto (
"expected_account_pub",
&ks.details.forbidden.expected_account_pub),
TALER_JSON_spec_ec ("code",
&ks.hr.ec),
GNUNET_JSON_spec_end ()
};
if (GNUNET_OK !=
GNUNET_JSON_parse (j,
spec,
NULL, NULL))
{
GNUNET_break_op (0);
ks.hr.http_status = 0;
ks.hr.ec = TALER_EC_GENERIC_INVALID_RESPONSE;
break;
}
break;
}
case MHD_HTTP_NOT_FOUND:
ks.hr.ec = TALER_JSON_get_error_code (j);
break;
case MHD_HTTP_CONFLICT:
ks.hr.ec = TALER_JSON_get_error_code (j);
break;
case MHD_HTTP_INTERNAL_SERVER_ERROR:
ks.hr.ec = TALER_JSON_get_error_code (j);
/* Server had an internal issue; we should retry, but this API
leaves this to the application */
break;
default:
/* unexpected response code */
GNUNET_break_op (0);
ks.hr.ec = TALER_JSON_get_error_code (j);
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Unexpected response code %u/%d for exchange kyc_check\n",
(unsigned int) response_code,
(int) ks.hr.ec);
break;
}
kch->cb (kch->cb_cls,
&ks);
TALER_EXCHANGE_kyc_check_cancel (kch);
}
struct TALER_EXCHANGE_KycCheckHandle *
TALER_EXCHANGE_kyc_check (
struct GNUNET_CURL_Context *ctx,
const char *url,
const struct TALER_PaytoHashP *h_payto,
const union TALER_AccountPrivateKeyP *account_priv,
enum TALER_EXCHANGE_KycLongPollTarget lpt,
struct GNUNET_TIME_Relative timeout,
TALER_EXCHANGE_KycStatusCallback cb,
void *cb_cls)
{
struct TALER_EXCHANGE_KycCheckHandle *kch;
CURL *eh;
char arg_str[128];
char timeout_ms[32];
char lpt_str[32];
struct curl_slist *job_headers = NULL;
unsigned long long tms;
{
char *hps;
hps = GNUNET_STRINGS_data_to_string_alloc (
h_payto,
sizeof (*h_payto));
GNUNET_snprintf (arg_str,
sizeof (arg_str),
"kyc-check/%s",
hps);
GNUNET_free (hps);
}
tms = timeout.rel_value_us
/ GNUNET_TIME_UNIT_MILLISECONDS.rel_value_us;
GNUNET_snprintf (timeout_ms,
sizeof (timeout_ms),
"%llu",
tms);
GNUNET_snprintf (lpt_str,
sizeof (lpt_str),
"%d",
(int) lpt);
kch = GNUNET_new (struct TALER_EXCHANGE_KycCheckHandle);
kch->cb = cb;
kch->cb_cls = cb_cls;
kch->url
= TALER_url_join (
url,
arg_str,
"timeout_ms",
GNUNET_TIME_relative_is_zero (timeout)
? NULL
: timeout_ms,
"lpt",
TALER_EXCHANGE_KLPT_NONE == lpt
? NULL
: lpt_str,
NULL);
if (NULL == kch->url)
{
GNUNET_free (kch);
return NULL;
}
eh = TALER_EXCHANGE_curl_easy_get_ (kch->url);
if (NULL == eh)
{
GNUNET_break (0);
GNUNET_free (kch->url);
GNUNET_free (kch);
return NULL;
}
if (0 != tms)
{
GNUNET_break (CURLE_OK ==
curl_easy_setopt (eh,
CURLOPT_TIMEOUT_MS,
(long) (tms + 500L)));
}
job_headers
= curl_slist_append (
job_headers,
"Content-Type: application/json");
{
union TALER_AccountSignatureP account_sig;
char *sig_hdr;
char *hdr;
TALER_account_kyc_auth_sign (account_priv,
&account_sig);
sig_hdr = GNUNET_STRINGS_data_to_string_alloc (
&account_sig,
sizeof (account_sig));
GNUNET_asprintf (&hdr,
"%s: %s",
TALER_HTTP_HEADER_ACCOUNT_OWNER_SIGNATURE,
sig_hdr);
GNUNET_free (sig_hdr);
job_headers = curl_slist_append (job_headers,
hdr);
GNUNET_free (hdr);
if (NULL == job_headers)
{
GNUNET_break (0);
curl_easy_cleanup (eh);
return NULL;
}
}
kch->job
= GNUNET_CURL_job_add2 (ctx,
eh,
job_headers,
&handle_kyc_check_finished,
kch);
curl_slist_free_all (job_headers);
return kch;
}
void
TALER_EXCHANGE_kyc_check_cancel (struct TALER_EXCHANGE_KycCheckHandle *kch)
{
if (NULL != kch->job)
{
GNUNET_CURL_job_cancel (kch->job);
kch->job = NULL;
}
GNUNET_free (kch->url);
GNUNET_free (kch);
}
/* end of exchange_api_kyc_check.c */