aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSebastian <sebasjm@gmail.com>2024-04-09 14:09:01 -0300
committerSebastian <sebasjm@gmail.com>2024-04-09 14:09:16 -0300
commit85d177a853ff16687b6996b577d3bc6aee06141c (patch)
treebfbdc1e85915e9a6c8514a0c7a152fc24cc47217
parent3ed118e5320df907287b3bd0d7aadda5b4e7913f (diff)
fix backward compatibility: some scripts call provision-merchant-instance using secret-token: prefix
-rw-r--r--packages/taler-harness/src/index.ts295
1 files changed, 179 insertions, 116 deletions
diff --git a/packages/taler-harness/src/index.ts b/packages/taler-harness/src/index.ts
index 5f2708b85..4a7b13317 100644
--- a/packages/taler-harness/src/index.ts
+++ b/packages/taler-harness/src/index.ts
@@ -42,7 +42,7 @@ import {
rsaBlind,
setGlobalLogLevelFromString,
setPrintHttpRequestAsCurl,
- stringifyPayTemplateUri
+ stringifyPayTemplateUri,
} from "@gnu-taler/taler-util";
import { clk } from "@gnu-taler/taler-util/clk";
import {
@@ -601,62 +601,80 @@ deploymentCli
help: "Provision a bank account, merchant instance and link them together.",
})
.requiredArgument("merchantApiBaseUrl", clk.STRING, {
- help: "URL location of the merchant backend"
+ help: "URL location of the merchant backend",
})
.requiredArgument("corebankApiBaseUrl", clk.STRING, {
- help: "URL location of the libeufin bank backend"
- })
- .requiredOption("merchantToken", ["--merchant-management-token"], clk.STRING, {
- help: "access token of the default instance in the merchant backend"
+ help: "URL location of the libeufin bank backend",
})
+ .requiredOption(
+ "merchantToken",
+ ["--merchant-management-token"],
+ clk.STRING,
+ {
+ help: "access token of the default instance in the merchant backend",
+ },
+ )
.maybeOption("bankToken", ["--bank-admin-token"], clk.STRING, {
- help: "libeufin bank admin's password if the account creation is restricted"
+ help: "libeufin bank admin's password if the account creation is restricted",
})
.requiredOption("name", ["--legal-name"], clk.STRING, {
- help: "legal name of the merchant"
+ help: "legal name of the merchant",
})
.maybeOption("email", ["--email"], clk.STRING, {
- help: "email contact of the merchant"
+ help: "email contact of the merchant",
})
.maybeOption("phone", ["--phone"], clk.STRING, {
- help: "phone contact of the merchant"
+ help: "phone contact of the merchant",
})
.requiredOption("id", ["--id"], clk.STRING, {
- help: "login id for the bank account and instance id of the merchant backend"
+ help: "login id for the bank account and instance id of the merchant backend",
})
.flag("template", ["--create-template"], {
- help: "use this flag to create a default template for the merchant with fixed summary"
+ help: "use this flag to create a default template for the merchant with fixed summary",
})
.requiredOption("password", ["--password"], clk.STRING, {
- help: "password of the accounts in libeufin bank and merchant backend"
+ help: "password of the accounts in libeufin bank and merchant backend",
})
.flag("randomPassword", ["--set-random-password"], {
- help: "if everything worked ok, change the password of the accounts at the end"
+ help: "if everything worked ok, change the password of the accounts at the end",
})
.action(async (args) => {
- const managementToken = args.provisionBankMerchant.merchantToken as AccessToken;
- const bankAdminPassword = args.provisionBankMerchant.bankToken as AccessToken;
+ const managementToken = args.provisionBankMerchant
+ .merchantToken as AccessToken;
+ const bankAdminPassword = args.provisionBankMerchant
+ .bankToken as AccessToken;
const id = args.provisionBankMerchant.id;
const name = args.provisionBankMerchant.name;
const email = args.provisionBankMerchant.email;
const phone = args.provisionBankMerchant.phone;
const password = args.provisionBankMerchant.password;
-
const httpLib = createPlatformHttpLib({});
- const merchantManager = new TalerMerchantManagementHttpClient(args.provisionBankMerchant.merchantApiBaseUrl, httpLib);
- const bank = new TalerCoreBankHttpClient(args.provisionBankMerchant.corebankApiBaseUrl, httpLib);
- const instanceURL = merchantManager.getSubInstanceAPI(id).href
- const merchantInstance = new TalerMerchantInstanceHttpClient(instanceURL, httpLib);
- const conv = new TalerBankConversionHttpClient(bank.getConversionInfoAPI().href, httpLib)
- const bankAuth = new TalerAuthenticationHttpClient(bank.getAuthenticationAPI(id).href, httpLib)
-
+ const merchantManager = new TalerMerchantManagementHttpClient(
+ args.provisionBankMerchant.merchantApiBaseUrl,
+ httpLib,
+ );
+ const bank = new TalerCoreBankHttpClient(
+ args.provisionBankMerchant.corebankApiBaseUrl,
+ httpLib,
+ );
+ const instanceURL = merchantManager.getSubInstanceAPI(id).href;
+ const merchantInstance = new TalerMerchantInstanceHttpClient(
+ instanceURL,
+ httpLib,
+ );
+ const conv = new TalerBankConversionHttpClient(
+ bank.getConversionInfoAPI().href,
+ httpLib,
+ );
+ const bankAuth = new TalerAuthenticationHttpClient(
+ bank.getAuthenticationAPI(id).href,
+ httpLib,
+ );
- const bc = await bank.getConfig()
+ const bc = await bank.getConfig();
if (bc.type === "fail") {
- logger.error(
- `couldn't get bank config. ${bc.detail.hint}`,
- );
+ logger.error(`couldn't get bank config. ${bc.detail.hint}`);
return;
}
if (!bank.isCompatible(bc.body.version)) {
@@ -665,11 +683,9 @@ deploymentCli
);
return;
}
- const mc = await merchantManager.getConfig()
+ const mc = await merchantManager.getConfig();
if (mc.type === "fail") {
- logger.error(
- `couldn't get merchant config. ${mc.detail.hint}`,
- );
+ logger.error(`couldn't get merchant config. ${mc.detail.hint}`);
return;
}
if (!merchantManager.isCompatible(mc.body.version)) {
@@ -688,18 +704,23 @@ deploymentCli
name: name,
password: password,
username: id,
- contact_data: email || phone ? {
- email: email,
- phone: phone,
- } : undefined,
- })
+ contact_data:
+ email || phone
+ ? {
+ email: email,
+ phone: phone,
+ }
+ : undefined,
+ });
if (resp.type === "fail") {
- logger.error(`unable to provision bank account, HTTP response status ${resp.case}`);
+ logger.error(
+ `unable to provision bank account, HTTP response status ${resp.case}`,
+ );
process.exit(2);
}
logger.info(`account ${id} successfully provisioned`);
- accountPayto = resp.body.internal_payto_uri
+ accountPayto = resp.body.internal_payto_uri;
}
/**
@@ -722,7 +743,7 @@ deploymentCli
jurisdiction: {},
name: name,
use_stefan: true,
- })
+ });
if (resp.type === "ok") {
logger.info(`instance ${id} created successfully`);
@@ -741,21 +762,26 @@ deploymentCli
* link bank account and merchant
*/
{
- const resp = await merchantInstance.addBankAccount(password as AccessToken, {
- payto_uri: accountPayto,
- credit_facade_url: bank.getRevenueAPI(id).href,
- credit_facade_credentials: {
- type: "basic",
- username: id,
- password: password,
- }
- })
+ const resp = await merchantInstance.addBankAccount(
+ password as AccessToken,
+ {
+ payto_uri: accountPayto,
+ credit_facade_url: bank.getRevenueAPI(id).href,
+ credit_facade_credentials: {
+ type: "basic",
+ username: id,
+ password: password,
+ },
+ },
+ );
if (resp.type === "fail") {
- console.error(`unable to configure bank account for instance ${id}, status ${resp.case}`)
+ console.error(
+ `unable to configure bank account for instance ${id}, status ${resp.case}`,
+ );
console.error(j2s(resp.detail));
process.exit(2);
}
- wireAccount = resp.body.h_wire
+ wireAccount = resp.body.h_wire;
}
logger.info(`successfully configured bank account for ${id}`);
@@ -769,32 +795,35 @@ deploymentCli
if (bc.body.allow_conversion) {
const cc = await conv.getConfig();
if (cc.type === "ok") {
- currency = cc.body.fiat_currency
+ currency = cc.body.fiat_currency;
} else {
- console.error(
- `could not get fiat currency status ${cc.case}`,
- );
+ console.error(`could not get fiat currency status ${cc.case}`);
console.error(j2s(cc.detail));
}
} else {
- console.log(`conversion is disabled, using bank currency`)
+ console.log(`conversion is disabled, using bank currency`);
}
{
- const resp = await merchantInstance.addTemplate(password as AccessToken, {
- template_id: "default",
- template_description: "First template",
- template_contract: {
- pay_duration: Duration.toTalerProtocolDuration(
- Duration.fromSpec({ hours: 1 }),
- ),
- minimum_age: 0,
- currency,
- summary: "Pay me!"
- }
- })
+ const resp = await merchantInstance.addTemplate(
+ password as AccessToken,
+ {
+ template_id: "default",
+ template_description: "First template",
+ template_contract: {
+ pay_duration: Duration.toTalerProtocolDuration(
+ Duration.fromSpec({ hours: 1 }),
+ ),
+ minimum_age: 0,
+ currency,
+ summary: "Pay me!",
+ },
+ },
+ );
if (resp.type === "fail") {
- console.error(`unable to create template for insntaince ${id}, status ${resp.case}`)
+ console.error(
+ `unable to create template for insntaince ${id}, status ${resp.case}`,
+ );
console.error(j2s(resp.detail));
process.exit(2);
}
@@ -805,25 +834,29 @@ deploymentCli
merchantBaseUrl: instanceURL,
templateId: "default",
templateParams: {
- amount: currency
- }
- })
+ amount: currency,
+ },
+ });
}
let finalPassword = password;
if (args.provisionBankMerchant.randomPassword) {
- const prevPassword = password as AccessToken
+ const prevPassword = password as AccessToken;
const randomPassword = encodeCrock(randomBytes(16));
- logger.info("random password: ", randomPassword)
+ logger.info("random password: ", randomPassword);
let token: AccessToken;
{
const resp = await bankAuth.createAccessTokenBasic(id, prevPassword, {
scope: "readwrite",
- duration: Duration.toTalerProtocolDuration(Duration.fromSpec({ minutes: 1 })),
+ duration: Duration.toTalerProtocolDuration(
+ Duration.fromSpec({ minutes: 1 }),
+ ),
refreshable: false,
- })
+ });
if (resp.type === "fail") {
- console.error(`unable to login into bank accountfor user ${id}, status ${resp.case}`)
+ console.error(
+ `unable to login into bank accountfor user ${id}, status ${resp.case}`,
+ );
console.error(j2s(resp.detail));
process.exit(2);
}
@@ -831,42 +864,56 @@ deploymentCli
}
{
- const resp = await bank.updatePassword({ username: id, token }, {
- old_password: prevPassword,
- new_password: randomPassword,
- });
+ const resp = await bank.updatePassword(
+ { username: id, token },
+ {
+ old_password: prevPassword,
+ new_password: randomPassword,
+ },
+ );
if (resp.type === "fail") {
- console.error(`unable to change bank password for user ${id}, status ${resp.case}`)
+ console.error(
+ `unable to change bank password for user ${id}, status ${resp.case}`,
+ );
if (resp.case !== HttpStatusCode.Accepted) {
console.error(j2s(resp.detail));
} else {
- console.error("2FA required")
+ console.error("2FA required");
}
process.exit(2);
}
}
{
- const resp = await merchantInstance.updateCurrentInstanceAuthentication(prevPassword, {
- method: "token",
- token: `secret-token:${randomPassword}` as AccessToken
- })
+ const resp = await merchantInstance.updateCurrentInstanceAuthentication(
+ prevPassword,
+ {
+ method: "token",
+ token: `secret-token:${randomPassword}` as AccessToken,
+ },
+ );
if (resp.type === "fail") {
- console.error(`unable to change merchant password for instance ${id}, status ${resp.case}`)
+ console.error(
+ `unable to change merchant password for instance ${id}, status ${resp.case}`,
+ );
console.error(j2s(resp.detail));
process.exit(2);
}
}
{
- const resp = await merchantInstance.updateBankAccount(randomPassword as AccessToken, wireAccount, {
- credit_facade_url: bank.getRevenueAPI(id).href,
- credit_facade_credentials: {
- type: "basic",
- username: id,
- password: randomPassword,
- }
- })
+ const resp = await merchantInstance.updateBankAccount(
+ randomPassword as AccessToken,
+ wireAccount,
+ {
+ credit_facade_url: bank.getRevenueAPI(id).href,
+ credit_facade_credentials: {
+ type: "basic",
+ username: id,
+ password: randomPassword,
+ },
+ },
+ );
if (resp.type != "ok") {
console.error(
`unable to update bank account for instance ${id}, status ${resp.case}`,
@@ -882,17 +929,21 @@ deploymentCli
/**
* show result
*/
- console.log(JSON.stringify({
- bankUser: id,
- bankURL: args.provisionBankMerchant.corebankApiBaseUrl,
- merchantURL: instanceURL,
- templateURI,
- password: finalPassword,
- }, undefined, 2))
-
+ console.log(
+ JSON.stringify(
+ {
+ bankUser: id,
+ bankURL: args.provisionBankMerchant.corebankApiBaseUrl,
+ merchantURL: instanceURL,
+ templateURI,
+ password: finalPassword,
+ },
+ undefined,
+ 2,
+ ),
+ );
});
-
deploymentCli
.subcommand("provisionMerchantInstance", "provision-merchant-instance", {
help: "Provision a merchant backend instance.",
@@ -909,9 +960,18 @@ deploymentCli
.action(async (args) => {
const httpLib = createPlatformHttpLib({});
const baseUrl = args.provisionMerchantInstance.merchantApiBaseUrl;
- const api = new TalerMerchantManagementHttpClient(baseUrl, httpLib)
- const managementToken = args.provisionMerchantInstance.managementToken as AccessToken;
- const instanceToken = args.provisionMerchantInstance.instanceToken as AccessToken;
+ const api = new TalerMerchantManagementHttpClient(baseUrl, httpLib);
+ const mt = args.provisionMerchantInstance.managementToken;
+ const mtWithoutPrefix = mt.startsWith("secret-token:")
+ ? mt.substring("secret-token:".length)
+ : mt;
+ const managementToken = mtWithoutPrefix as AccessToken;
+
+ const it = args.provisionMerchantInstance.instanceToken;
+ const itWithoutPrefix = it.startsWith("secret-token:")
+ ? it.substring("secret-token:".length)
+ : it;
+ const instanceToken = itWithoutPrefix as AccessToken;
const instanceId = args.provisionMerchantInstance.id;
const instancceName = args.provisionMerchantInstance.name;
const bankURL = args.provisionMerchantInstance.bankURL;
@@ -933,7 +993,7 @@ deploymentCli
jurisdiction: {},
name: instancceName,
use_stefan: true,
- })
+ });
if (createResp.type === "ok") {
logger.info(`instance ${instanceId} created successfully`);
@@ -949,12 +1009,15 @@ deploymentCli
const createAccountResp = await api.addBankAccount(instanceToken, {
payto_uri: accountPayto,
credit_facade_url: bankURL,
- credit_facade_credentials: bankUser && bankPassword ? {
- type: "basic",
- username: bankUser,
- password: bankPassword,
- } : undefined
- })
+ credit_facade_credentials:
+ bankUser && bankPassword
+ ? {
+ type: "basic",
+ username: bankUser,
+ password: bankPassword,
+ }
+ : undefined,
+ });
if (createAccountResp.type != "ok") {
console.error(
`unable to configure bank account for instance ${instanceId}, status ${createAccountResp.case}`,
@@ -989,7 +1052,7 @@ deploymentCli
is_public: !!args.provisionBankAccount.public,
is_taler_exchange: !!args.provisionBankAccount.exchange,
payto_uri: args.provisionBankAccount.internalPayto as PaytoString,
- })
+ });
if (resp.type === "ok") {
logger.info(`account ${accountLogin} successfully provisioned`);