diff options
author | Sebastian <sebasjm@gmail.com> | 2024-04-15 12:01:16 -0300 |
---|---|---|
committer | Sebastian <sebasjm@gmail.com> | 2024-04-15 12:01:16 -0300 |
commit | a7c8f0f3edd738a59d719105cda3aa8821886b90 (patch) | |
tree | acb402075b7b0c0788ec0c5fbecfb58ece64357d /packages/taler-harness/src | |
parent | 56a6c92c814547fcf8af25f183f6ecd75fbbfbb9 (diff) | |
download | wallet-core-a7c8f0f3edd738a59d719105cda3aa8821886b90.tar.xz |
fix #8604
Diffstat (limited to 'packages/taler-harness/src')
-rw-r--r-- | packages/taler-harness/src/index.ts | 96 |
1 files changed, 63 insertions, 33 deletions
diff --git a/packages/taler-harness/src/index.ts b/packages/taler-harness/src/index.ts index 2dcde39b9..0f282e123 100644 --- a/packages/taler-harness/src/index.ts +++ b/packages/taler-harness/src/index.ts @@ -34,6 +34,7 @@ import { TalerMerchantInstanceHttpClient, TalerMerchantManagementHttpClient, TransactionsResponse, + createAccessToken, decodeCrock, encodeCrock, generateIban, @@ -55,7 +56,8 @@ import { WalletApiOperation, } from "@gnu-taler/taler-wallet-core"; import { - downloadExchangeInfo, topupReserveWithBank, + downloadExchangeInfo, + topupReserveWithBank, } from "@gnu-taler/taler-wallet-core/dbless"; import { deepStrictEqual } from "assert"; import fs from "fs"; @@ -614,7 +616,10 @@ deploymentCli }, ) .maybeOption("bankToken", ["--bank-admin-token"], clk.STRING, { - help: "libeufin bank admin's password if the account creation is restricted", + help: "libeufin bank admin's token if the account creation is restricted", + }) + .maybeOption("bankPassword", ["--bank-admin-password"], clk.STRING, { + help: "libeufin bank admin's password if the account creation is restricted, it will override --bank-admin-token", }) .requiredOption("name", ["--legal-name"], clk.STRING, { help: "legal name of the merchant", @@ -638,10 +643,13 @@ deploymentCli help: "if everything worked ok, change the password of the accounts at the end", }) .action(async (args) => { - const managementToken = args.provisionBankMerchant - .merchantToken as AccessToken; - const bankAdminPassword = args.provisionBankMerchant - .bankToken as AccessToken; + const managementToken = createAccessToken( + args.provisionBankMerchant.merchantToken, + ); + const bankAdminPassword = args.provisionBankMerchant.bankPassword; + const bankAdminTokenArg = args.provisionBankMerchant.bankToken + ? createAccessToken(args.provisionBankMerchant.bankToken) + : undefined; const id = args.provisionBankMerchant.id; const name = args.provisionBankMerchant.name; const email = args.provisionBankMerchant.email; @@ -694,21 +702,48 @@ deploymentCli return; } + let bankAdminToken: AccessToken | undefined; + if (bankAdminPassword) { + const adminAuth = new TalerAuthenticationHttpClient( + bank.getAuthenticationAPI("admin").href, + httpLib, + ); + + const resp = await adminAuth.createAccessTokenBasic( + "admin", + bankAdminPassword, + { + scope: "write", + duration: { + d_us: 1000 * 1000 * 10, //10 secs + }, + refreshable: false, + }, + ); + if (resp.type === "fail") { + logger.error(`could not get bank admin token from password.`); + return; + } + bankAdminToken = resp.body.access_token; + } else { + bankAdminToken = bankAdminTokenArg; + } + /** * create bank account */ let accountPayto: PaytoString; { - const resp = await bank.createAccount(bankAdminPassword, { + const resp = await bank.createAccount(bankAdminToken, { name: name, password: password, username: id, contact_data: email || phone ? { - email: email, - phone: phone, - } + email: email, + phone: phone, + } : undefined, }); @@ -730,7 +765,7 @@ deploymentCli address: {}, auth: { method: "token", - token: `secret-token:${password}`, + token: createAccessToken(password), }, default_pay_delay: Duration.toTalerProtocolDuration( Duration.fromSpec({ hours: 1 }), @@ -762,7 +797,7 @@ deploymentCli */ { const resp = await merchantInstance.addBankAccount( - password as AccessToken, + createAccessToken(password), { payto_uri: accountPayto, credit_facade_url: bank.getRevenueAPI(id).href, @@ -805,7 +840,7 @@ deploymentCli { const resp = await merchantInstance.addTemplate( - password as AccessToken, + createAccessToken(password), { template_id: "default", template_description: "First template", @@ -840,7 +875,7 @@ deploymentCli let finalPassword = password; if (args.provisionBankMerchant.randomPassword) { - const prevPassword = password as AccessToken; + const prevPassword = password; const randomPassword = encodeCrock(randomBytes(16)); logger.info("random password: ", randomPassword); let token: AccessToken; @@ -885,10 +920,10 @@ deploymentCli { const resp = await merchantInstance.updateCurrentInstanceAuthentication( - prevPassword, + createAccessToken(prevPassword), { method: "token", - token: `secret-token:${randomPassword}` as AccessToken, + token: createAccessToken(randomPassword), }, ); if (resp.type === "fail") { @@ -902,7 +937,7 @@ deploymentCli { const resp = await merchantInstance.updateBankAccount( - randomPassword as AccessToken, + createAccessToken(randomPassword), wireAccount, { credit_facade_url: bank.getRevenueAPI(id).href, @@ -960,17 +995,12 @@ deploymentCli const httpLib = createPlatformHttpLib({}); const baseUrl = args.provisionMerchantInstance.merchantApiBaseUrl; const api = new TalerMerchantManagementHttpClient(baseUrl, httpLib); - const mt = args.provisionMerchantInstance.managementToken; - const mtWithoutPrefix = mt.startsWith("secret-token:") - ? mt.substring("secret-token:".length) - : mt; - const managementToken = mtWithoutPrefix as AccessToken; - - const it = args.provisionMerchantInstance.instanceToken; - const itWithoutPrefix = it.startsWith("secret-token:") - ? it.substring("secret-token:".length) - : it; - const instanceToken = itWithoutPrefix as AccessToken; + const managementToken = createAccessToken( + args.provisionMerchantInstance.managementToken, + ); + const instanceToken = createAccessToken( + args.provisionMerchantInstance.instanceToken, + ); const instanceId = args.provisionMerchantInstance.id; const instancceName = args.provisionMerchantInstance.name; const bankURL = args.provisionMerchantInstance.bankURL; @@ -982,7 +1012,7 @@ deploymentCli address: {}, auth: { method: "token", - token: `secret-token:${instanceToken}`, + token: instanceToken, }, default_pay_delay: Duration.toTalerProtocolDuration( Duration.fromSpec({ hours: 1 }), @@ -1011,10 +1041,10 @@ deploymentCli credit_facade_credentials: bankUser && bankPassword ? { - type: "basic", - username: bankUser, - password: bankPassword, - } + type: "basic", + username: bankUser, + password: bankPassword, + } : undefined, }); if (createAccountResp.type != "ok") { |