# This file is in the public domain.
#

[PATHS]
TALER_TEST_HOME = test_exchange_api_home/

[libeufin-bank]
CURRENCY = EUR
DEFAULT_CUSTOMER_DEBT_LIMIT = EUR:200
DEFAULT_ADMIN_DEBT_LIMIT = EUR:2000
REGISTRATION_BONUS_ENABLED = yes
REGISTRATION_BONUS = EUR:100
SUGGESTED_WITHDRAWAL_EXCHANGE = http://localhost:8081/
WIRE_TYPE = iban
IBAN_PAYTO_BIC = SANDBOXX
SERVE = tcp
PORT = 8082

[libeufin-bankdb-postgres]
CONFIG = postgresql:///talercheck


[taler]
CURRENCY = EUR
CURRENCY_ROUND_UNIT = EUR:0.01

[auditor]
BASE_URL = "http://localhost:8083/"
PORT = 8083
PUBLIC_KEY = 9QZ7CCC5QFMWE9FVF50MGYWV7JR92SFHY5KHT8A1A2VNHM37VCRG
TINY_AMOUNT = EUR:0.01
TALER_AUDITOR_SALT = "salt"

[auditordb-postgres]
CONFIG = "postgres:///talercheck"

[bank]
HTTP_PORT = 8082

[exchange]
TERMS_ETAG = exchange-tos-tops-v0
PRIVACY_ETAG = 0
PORT = 8081
MASTER_PUBLIC_KEY = QD6H521CBJBW0Z7PRN0JTAGH5JCQ97RDZRPPV5TQZSE78NQRT3KG
DB = postgres
BASE_URL = "http://localhost:8081/"
EXPIRE_SHARD_SIZE ="300 ms"
EXPIRE_IDLE_SLEEP_INTERVAL ="1 s"
STEFAN_ABS = EUR:0
STEFAN_LOG = EUR:0.005
ENABLE_KYC = YES

[exchangedb-postgres]
CONFIG = "postgres:///talercheck"

[taler-exchange-secmod-cs]
LOOKAHEAD_SIGN = "24 days"

[taler-exchange-secmod-rsa]
LOOKAHEAD_SIGN = "24 days"

[taler-exchange-secmod-eddsa]
LOOKAHEAD_SIGN = "24 days"
DURATION = "14 days"


[exchange-account-1]
PAYTO_URI = "payto://x-taler-bank/localhost/2?receiver-name=2"
ENABLE_DEBIT = YES
ENABLE_CREDIT = YES

[exchange-accountcredentials-1]
WIRE_GATEWAY_AUTH_METHOD = none
WIRE_GATEWAY_URL = "http://localhost:8082/accounts/2/taler-wire-gateway/"

[admin-accountcredentials-1]
WIRE_GATEWAY_AUTH_METHOD = none
WIRE_GATEWAY_URL = "http://localhost:8082/accounts/2/taler-wire-gateway/"

[exchange-account-2]
PAYTO_URI = "payto://x-taler-bank/localhost/2?receiver-name=2"
ENABLE_DEBIT = YES
ENABLE_CREDIT = YES

[exchange-accountcredentials-2]
WIRE_GATEWAY_AUTH_METHOD = basic
USERNAME = Exchange
PASSWORD = x
WIRE_GATEWAY_URL = "http://localhost:8082/accounts/2/taler-wire-gateway/"

[admin-accountcredentials-2]
WIRE_GATEWAY_AUTH_METHOD = basic
# For now, fakebank still checks against the Exchange account...
USERNAME = Exchange
PASSWORD = x
WIRE_GATEWAY_URL = "http://localhost:8082/accounts/2/taler-wire-gateway/"


[kyc-provider-test-oauth2]
LOGIC = oauth2
KYC_OAUTH2_VALIDITY = forever
KYC_OAUTH2_TOKEN_URL = http://localhost:6666/oauth/v2/token
KYC_OAUTH2_AUTHORIZE_URL = http://localhost:6666/oauth/v2/login
KYC_OAUTH2_INFO_URL = http://localhost:6666/api/user/me
KYC_OAUTH2_CLIENT_ID = taler-exchange
KYC_OAUTH2_CLIENT_SECRET = exchange-secret
KYC_OAUTH2_POST_URL = http://example.com/
KYC_OAUTH2_CONVERTER_HELPER = taler-exchange-kyc-oauth2-test-converter.sh

[kyc-check-oauth-test-id]
VOLUNTARY = NO
# We use an external provider
TYPE = LINK
DESCRIPTION = "Oauth2 dummy authentication"
DESCRIPTION_I18N = {}
# No context requirements
REQUIRES =
# Measure to execute if check failed.
FALLBACK = manual-freeze
# This check runs on oauth2
PROVIDER_ID = test-oauth2
# Outputs from this check
OUTPUTS = full_name birthdate

[kyc-check-test-form]
VOLUNTARY = NO
# We use an external provider
TYPE = FORM
DESCRIPTION = "Test form"
DESCRIPTION_I18N = {}
# No context requirements
REQUIRES =
# Measure to execute if check failed.
FALLBACK = manual-freeze
# This check runs on oauth2
FORM_NAME = full_name_and_birthdate
# Outputs from this check
OUTPUTS = full_name birthdate


# This is the "default" setting for an account if
# it has not yet triggered anything.
[kyc-check-default]
VOLUNTARY = NO
TYPE = INFO
DESCRIPTION = "Your account is operating normally"
DESCRIPTION_I18N = {}
# No context requirements
REQUIRES =
# Measure to execute if check failed. Well,
# this check cannot really fail, but the
# conservative answer is to freeze.
FALLBACK = manual-freeze

# If this "check" is triggered, we merely inform
# the user that their account has been frozen. The
# user cannot proceed manually.
[kyc-check-info-frozen]
VOLUNTARY = NO
TYPE = INFO
DESCRIPTION = "Your account is frozen pending investigation"
DESCRIPTION_I18N = {}
# No context requirements
REQUIRES =
# Measure to execute if check failed. Well,
# this check cannot really fail, but we stay
# where we are: frozen.
FALLBACK = manual-freeze

# If this "check" is triggered, we merely inform
# the user that we got their oauth-test data on file.
[kyc-check-info-oauth-test-passed]
VOLUNTARY = NO
TYPE = INFO
DESCRIPTION = "You passed the OAuth2 check. Thank you."
DESCRIPTION_I18N = {}
# No context requirements
REQUIRES =
# Measure to execute if check failed. Well,
# this check cannot really fail, but we stay
# where we are: frozen.
FALLBACK = manual-freeze

[aml-program-oauth-output-check]
DESCRIPTION = "Validates the output from OAauth2 and then increases all limits to EUR:1000"
# Command that runs on the output of the OAuth provider
# to decide what rules should apply next.
COMMAND = taler-exchange-helper-measure-test-oauth
# What measure to take if the COMMAND failed.
FALLBACK = manual-freeze

[aml-program-test-form-check]
DESCRIPTION = "Validates the output from the test-form and then increases all limits to EUR:1000"
# Command that runs on the output of the form
# to decide what rules should apply next.
COMMAND = taler-exchange-helper-measure-test-form
# What measure to take if the COMMAND failed.
FALLBACK = manual-freeze


[kyc-measure-run-oauth]
# Get client ID via the OAuth test provider
CHECK_NAME = oauth-test-id
# AML program to run on the output of the OAuth provider
# to decide what rules should apply next.
PROGRAM = oauth-output-check
# Context to provide for check and program; empty.
CONTEXT = {}

# This is a base-measure that is being triggered
# whenever something goes wrong. We freeze the
# account and ask AML staff to investigate.
[kyc-measure-manual-freeze]
CHECK_NAME = skip
# AML program that freezes the account and flags
# it for investigation.
PROGRAM = taler-exchange-helper-measure-freeze
# Context to provide for check and program; empty.
CONTEXT = {}

# This rule requests that the users passes KYC
# when closing the reserve.
[kyc-rule-close]
ENABLED = YES
# This is a public rule.
EXPOSED = YES
# All checks listed must be done (well, there is only one...)
IS_AND_COMBINATOR = YES
# This happens if the reserve is closed.
OPERATION_TYPE = CLOSE
# Threshold is 0, so any amount.
THRESHOLD = EUR:0
# Timeframe doesn't exactly matter with a threshold of EUR:0.
TIMEFRAME = 1d
# If the rule is triggered, ask the user to provide
# personal data via OAuth2
NEXT_MEASURES = run-oauth

[exchange-extension-age_restriction]
ENABLED = YES
#AGE_GROUPS = "8:10:12:14:16:18:21"