diff options
| author | Sebastian <sebasjm@gmail.com> | 2023-10-25 15:44:14 -0300 |
|---|---|---|
| committer | Sebastian <sebasjm@gmail.com> | 2023-10-25 15:44:14 -0300 |
| commit | c31ce9bab8592c31b7c7d879f6daad7886b7486d (patch) | |
| tree | 4021d925d130deb3f71c1a8a15704b2084e97d7a /packages/taler-util/src/http-client/bank-core.ts | |
| parent | c64ab8c9b57d3bbe58ea2aa8e4d57c8baef7042e (diff) | |
| download | wallet-core-c31ce9bab8592c31b7c7d879f6daad7886b7486d.tar.xz | |
testing bank api
Diffstat (limited to 'packages/taler-util/src/http-client/bank-core.ts')
| -rw-r--r-- | packages/taler-util/src/http-client/bank-core.ts | 594 |
1 files changed, 585 insertions, 9 deletions
diff --git a/packages/taler-util/src/http-client/bank-core.ts b/packages/taler-util/src/http-client/bank-core.ts index b9cce6c72..de3622b8e 100644 --- a/packages/taler-util/src/http-client/bank-core.ts +++ b/packages/taler-util/src/http-client/bank-core.ts @@ -18,18 +18,25 @@ import { AmountJson, Amounts, HttpStatusCode, - LibtoolVersion + LibtoolVersion, + TalerError, + TalerErrorDetail, + encodeCrock, + getRandomBytes, + parsePaytoUri, + stringifyPaytoUri } from "@gnu-taler/taler-util"; import { HttpRequestLibrary, createPlatformHttpLib } from "@gnu-taler/taler-util/http"; +import { setShowCurlRequest } from "../http-impl.node.js"; +import { TalerAuthenticationHttpClient } from "./authentication.js"; import { TalerBankIntegrationHttpClient } from "./bank-integration.js"; import { TalerRevenueHttpClient } from "./bank-revenue.js"; import { TalerWireGatewayHttpClient } from "./bank-wire.js"; -import { AccessToken, OperationOk, PaginationParams, TalerCorebankApi, UserAndToken, codecForAccountData, codecForBankAccountCreateWithdrawalResponse, codecForBankAccountGetWithdrawalResponse, codecForBankAccountTransactionInfo, codecForBankAccountTransactionsResponse, codecForCashoutConversionResponse, codecForCashoutPending, codecForCashoutStatusResponse, codecForCashouts, codecForConversionRatesResponse, codecForCoreBankConfig, codecForGlobalCashouts, codecForListBankAccountsResponse, codecForMonitorResponse, codecForPublicAccountsResponse } from "./types.js"; -import { addPaginationParams, opFixedSuccess, opEmptySuccess, opSuccess, opKnownFailure, makeBearerTokenAuthHeader, opUnknownFailure } from "./utils.js"; -import { TalerAuthenticationHttpClient } from "./authentication.js"; +import { AccessToken, OperationOk, OperationResult, PaginationParams, TalerCorebankApi, UserAndToken, codecForAccountData, codecForBankAccountCreateWithdrawalResponse, codecForBankAccountGetWithdrawalResponse, codecForBankAccountTransactionInfo, codecForBankAccountTransactionsResponse, codecForCashoutConversionResponse, codecForCashoutPending, codecForCashoutStatusResponse, codecForCashouts, codecForCoreBankConfig, codecForGlobalCashouts, codecForListBankAccountsResponse, codecForMonitorResponse, codecForPublicAccountsResponse } from "./types.js"; +import { addPaginationParams, makeBearerTokenAuthHeader, opEmptySuccess, opFixedSuccess, opKnownFailure, opSuccess, opUnknownFailure } from "./utils.js"; type props = keyof TalerCoreBankHttpClient @@ -134,7 +141,11 @@ export class TalerCoreBankHttpClient { return opKnownFailure("unauthorized", resp); } } - case HttpStatusCode.PreconditionFailed: return opKnownFailure("balance-not-zero", resp); + //FIXME: this should be forbidden + case HttpStatusCode.Unauthorized: { + return opKnownFailure("unauthorized", resp); + } + case HttpStatusCode.Conflict: return opKnownFailure("balance-not-zero", resp); default: return opUnknownFailure(resp, await resp.text()) } } @@ -155,7 +166,7 @@ export class TalerCoreBankHttpClient { switch (resp.status) { case HttpStatusCode.NoContent: return opEmptySuccess() case HttpStatusCode.NotFound: return opKnownFailure("not-found", resp); - case HttpStatusCode.Unauthorized: return opKnownFailure("unauthorized", resp); + case HttpStatusCode.Unauthorized: return opKnownFailure("unauthorized", resp); //FIXME: missing error code for cases: // * change legal name // * admin tries to change its own account @@ -210,7 +221,7 @@ export class TalerCoreBankHttpClient { * https://docs.taler.net/core/api-corebank.html#get--accounts * */ - async getAccounts(auth: AccessToken, filter: {account? : string} = {}, pagination?: PaginationParams) { + async getAccounts(auth: AccessToken, filter: { account?: string } = {}, pagination?: PaginationParams) { const url = new URL(`accounts`, this.baseUrl); addPaginationParams(url, pagination) if (filter.account) { @@ -226,7 +237,9 @@ export class TalerCoreBankHttpClient { case HttpStatusCode.Ok: return opSuccess(resp, codecForListBankAccountsResponse()) case HttpStatusCode.NoContent: return opFixedSuccess({ accounts: [] }) case HttpStatusCode.Forbidden: return opKnownFailure("no-rights", resp); - case HttpStatusCode.Unauthorized: return opKnownFailure("unauthorized", resp); + case HttpStatusCode.Unauthorized: { + return opKnownFailure("unauthorized", resp); + } default: return opUnknownFailure(resp, await resp.text()) } } @@ -312,6 +325,7 @@ export class TalerCoreBankHttpClient { body, }); switch (resp.status) { + //FIXME: return txid //FIXME: remove this after server has been updated case HttpStatusCode.Ok: return opEmptySuccess() case HttpStatusCode.NoContent: return opEmptySuccess() @@ -342,6 +356,7 @@ export class TalerCoreBankHttpClient { switch (resp.status) { case HttpStatusCode.Ok: return opSuccess(resp, codecForBankAccountCreateWithdrawalResponse()) case HttpStatusCode.PreconditionFailed: return opKnownFailure("insufficient-funds", resp); + case HttpStatusCode.Unauthorized: return opKnownFailure("unauthorized", resp); //FIXME: remove when server is updated case HttpStatusCode.Forbidden: return opKnownFailure("insufficient-funds", resp); default: return opUnknownFailure(resp, await resp.text()) @@ -359,6 +374,7 @@ export class TalerCoreBankHttpClient { }); switch (resp.status) { case HttpStatusCode.Ok: return opSuccess(resp, codecForBankAccountGetWithdrawalResponse()) + case HttpStatusCode.BadRequest: return opKnownFailure("invalid-id", resp) case HttpStatusCode.NotFound: return opKnownFailure("not-found", resp) default: return opUnknownFailure(resp, await resp.text()) } @@ -377,6 +393,8 @@ export class TalerCoreBankHttpClient { //FIXME: remove when the server is fixed case HttpStatusCode.Ok: return opEmptySuccess() case HttpStatusCode.NoContent: return opEmptySuccess() + case HttpStatusCode.BadRequest: return opKnownFailure("invalid-id", resp) + case HttpStatusCode.NotFound: return opKnownFailure("not-found", resp) case HttpStatusCode.Conflict: return opKnownFailure("previously-confirmed", resp); default: return opUnknownFailure(resp, await resp.text()) } @@ -395,6 +413,8 @@ export class TalerCoreBankHttpClient { //FIXME: remove when the server is fixed case HttpStatusCode.Ok: return opEmptySuccess() case HttpStatusCode.NoContent: return opEmptySuccess() + case HttpStatusCode.BadRequest: return opKnownFailure("invalid-id", resp) + case HttpStatusCode.NotFound: return opKnownFailure("not-found", resp) case HttpStatusCode.Conflict: return opKnownFailure("previously-aborted", resp); case HttpStatusCode.UnprocessableEntity: return opKnownFailure("no-exchange-or-reserve-selected", resp); default: return opUnknownFailure(resp, await resp.text()) @@ -570,7 +590,7 @@ export class TalerCoreBankHttpClient { * https://docs.taler.net/core/api-corebank.html#get--monitor * */ - async getMonitor(params: { timeframe?: TalerCorebankApi.MonitorTimeframeParam, which?: number }) { + async getMonitor(params: { timeframe?: TalerCorebankApi.MonitorTimeframeParam, which?: number } = {}) { const url = new URL(`monitor`, this.baseUrl); if (params.timeframe) { url.searchParams.set("timeframe", params.timeframe.toString()) @@ -630,4 +650,560 @@ export class TalerCoreBankHttpClient { const url = new URL(`accounts/${username}/`, this.baseUrl); return new TalerAuthenticationHttpClient(url.href, username, this.httpLib,) } + + async testConfig() { + const config = await this.getConfig() + if (!this.isCompatible(config.body.version)) { + throw Error(`not compatible with server ${config.body.version}`) + } + return config.body + } + + async testCashouts(adminPassword: string) { + } + async testMonitor(adminPassword: string) { + const { access_token: adminToken } = await succeedOrThrow(() => + this.getAuthenticationAPI("admin").createAccessToken(adminPassword, { + scope: "readwrite" + }) + ) + + await succeedOrThrow(() => ( + this.getMonitor() + )) + + await succeedOrThrow(() => ( + this.getMonitor({ + timeframe: TalerCorebankApi.MonitorTimeframeParam.day, + which: (new Date()).getDate() -1 + }) + )) + } + + async testAccountManagement(adminPassword: string) { + + const { access_token: adminToken } = await succeedOrThrow(() => + this.getAuthenticationAPI("admin").createAccessToken(adminPassword, { + scope: "readwrite" + }) + ) + + /** + * Create account + */ + { + const username = "user-" + encodeCrock(getRandomBytes(10)).toLowerCase(); + + // await failOrThrow("invalid-input",() => + // this.createAccount(adminToken, { + // name: username, + // username, password: "123", + // challenge_contact_data: { + // email: "invalid email", + // phone: "invalid phone", + // } + // }) + // ) + + // await failOrThrow("unable-to-create",() => + // this.createAccount(adminToken, { + // name: "admin", + // username, password: "123" + // }) + // ) + + // await failOrThrow("unable-to-create",() => + // this.createAccount(adminToken, { + // name: "bank", + // username, password: "123" + // }) + // ) + + await succeedOrThrow(() => + this.createAccount(adminToken, { + name: username, + username, password: "123" + }) + ) + + await failOrThrow("already-exist", () => + this.createAccount(adminToken, { + name: username, + username, password: "123" + }) + ); + } + + /** + * Delete account + */ + { + const { username, token } = await createRandomTestUser(this, adminToken) + + await failOrThrow("not-found", () => + this.deleteAccount({ username: "not-found", token: adminToken }) + ) + await failOrThrow("unable-to-delete", () => + this.deleteAccount({ username: "admin", token: adminToken }) + ) + await failOrThrow("unable-to-delete", () => + this.deleteAccount({ username: "bank", token: adminToken }) + ) + + await failOrThrow("balance-not-zero", () => + this.deleteAccount({ username, token: adminToken }) + ) + + const userInfo = await succeedOrThrow(() => + this.getAccount({ username, token }) + ) + + const adminInfo = await succeedOrThrow(() => + this.getAccount({ username: "admin", token: adminToken }) + ) + + const adminAccount = parsePaytoUri(adminInfo.payto_uri)! + adminAccount.params["message"] = "all my money" + const withSubject = stringifyPaytoUri(adminAccount) + + await succeedOrThrow(() => + this.createTransaction({ username, token }, { + payto_uri: withSubject, + amount: userInfo.balance.amount + }) + ) + + + const otherUsername = "user-" + encodeCrock(getRandomBytes(10)).toLowerCase(); + + await succeedOrThrow(() => + this.createAccount(adminToken, { + name: otherUsername, + username: otherUsername, password: "123" + }) + ) + + await failOrThrow("unauthorized", () => + this.deleteAccount({ username: otherUsername, token }) + ) + + await succeedOrThrow(() => + this.deleteAccount({ username, token: adminToken }) + ) + } + + /** + * Update account + */ + { + const { username, token } = await createRandomTestUser(this, adminToken) + + await failOrThrow("cant-change-legal-name-or-admin", () => + this.updateAccount({ username, token }, { + name: "something else", + }) + ) + + // await failOrThrow("not-found", () => + // this.updateAccount({ username: "notfound", token }, { + // challenge_contact_data: { + // email: "asd@Aasd.com" + // } + // }) + // ) + + await failOrThrow("unauthorized", () => + this.updateAccount({ username: "notfound", token: "wrongtoken" as AccessToken }, { + challenge_contact_data: { + email: "asd@Aasd.com" + } + }) + ) + + await succeedOrThrow(() => + this.updateAccount({ username, token }, { + challenge_contact_data: { + email: "asd@Aasd.com" + } + }) + ) + } + + /** + * Update password + */ + { + const { username, token } = await createRandomTestUser(this, adminToken) + + await succeedOrThrow(() => + this.updatePassword({ username, token }, { + old_password: "123", + new_password: "234" + }) + ) + // await failOrThrow("not-found",() => + // this.updatePassword({ username:"notfound", token: userTempToken }, { + // old_password: "123", + // new_password: "234" + // }) + // ) + await failOrThrow("unauthorized", () => + this.updatePassword({ username: "admin", token }, { + old_password: "123", + new_password: "234" + }) + ) + // await failOrThrow("old-password-invalid-or-not-allowed",() => + // this.updatePassword({ username, token: userTempToken }, { + // old_password: "123", + // new_password: "234" + // }) + // ) + + } + + /** + * public accounts + */ + { + const acs = await succeedOrThrow(() => this.getPublicAccounts()) + + } + /** + * get accounts + */ + { + const { username, token } = await createRandomTestUser(this, adminToken) + // await failOrThrow("no-rights",() => + // this.getAccounts(token) + // ) + await failOrThrow("unauthorized", () => + this.getAccounts("ASDASD" as AccessToken) + ) + + const acs = await succeedOrThrow(() => + this.getAccounts(adminToken) + ) + } + + } + + async testWithdrawals(adminPassword: string) { + const { access_token: adminToken } = await succeedOrThrow(() => + this.getAuthenticationAPI("admin").createAccessToken(adminPassword, { + scope: "readwrite" + }) + ) + /** + * create withdrawals + */ + { + const { username, token } = await createRandomTestUser(this, adminToken) + + const userInfo = await succeedOrThrow(() => + this.getAccount({ username, token }) + ) + + // FIXME: it shoulw warn about not enough balance + // const balance = Amounts.parseOrThrow(userInfo.balance.amount) + // const moreThanBalance = Amounts.stringify(Amounts.add(balance, balance).amount) + // setShowCurlRequest(true) + // await failOrThrow("insufficient-funds", () => + // this.createWithdrawal({ username, token }, { + // amount: moreThanBalance + // }) + // ) + + await failOrThrow("unauthorized", () => + this.createWithdrawal({ username, token: "wrongtoken" as AccessToken }, { + amount: userInfo.balance.amount + }) + ) + + await succeedOrThrow(() => + this.createWithdrawal({ username, token }, { + amount: userInfo.balance.amount + }) + ) + } + + /** + * get withdrawal + */ + { + const { username, token } = await createRandomTestUser(this, adminToken) + + const userInfo = await succeedOrThrow(() => + this.getAccount({ username, token }) + ) + + const { withdrawal_id } = await succeedOrThrow(() => + this.createWithdrawal({ username, token }, { + amount: userInfo.balance.amount + }) + ) + + await succeedOrThrow(() => + this.getWithdrawalById(withdrawal_id) + ) + + await failOrThrow("invalid-id", () => + this.getWithdrawalById("invalid") + ) + await failOrThrow("not-found", () => + this.getWithdrawalById("11111111-1111-1111-1111-111111111111") + ) + } + + /** + * abort withdrawal + */ + { + const { username:exchangeUser, token: exchangeToken } = await createRandomTestUser(this, adminToken, {is_taler_exchange: true}) + const { username, token } = await createRandomTestUser(this, adminToken) + + const userInfo = await succeedOrThrow(() => + this.getAccount({ username, token }) + ) + const exchangeInfo = await succeedOrThrow(() => + this.getAccount({ username:exchangeUser, token:exchangeToken }) + ) + + await failOrThrow("invalid-id", () => + this.abortWithdrawalById("invalid") + ) + await failOrThrow("not-found", () => + this.abortWithdrawalById("11111111-1111-1111-1111-111111111111") + ) + + const { withdrawal_id:firstWithdrawal } = await succeedOrThrow(() => + this.createWithdrawal({ username, token }, { + amount: userInfo.balance.amount + }) + ) + + await succeedOrThrow(() => + this.abortWithdrawalById(firstWithdrawal) + ) + + const { taler_withdraw_uri: uri, withdrawal_id:secondWithdrawal } = await succeedOrThrow(() => + this.createWithdrawal({ username, token }, { + amount: userInfo.balance.amount + }) + ) + + await succeedOrThrow(() => + this.getIntegrationAPI().completeWithdrawalOperationById(secondWithdrawal, { + reserve_pub: encodeCrock(getRandomBytes(32)), + selected_exchange: exchangeInfo.payto_uri, + }) + ) + await succeedOrThrow(() => + this.confirmWithdrawalById(secondWithdrawal) + ) + await failOrThrow("previously-confirmed", () => + this.abortWithdrawalById(secondWithdrawal) + ) + } + + /** + * confirm withdrawal + */ + { + const { username:exchangeUser, token: exchangeToken } = await createRandomTestUser(this, adminToken, {is_taler_exchange: true}) + const { username, token } = await createRandomTestUser(this, adminToken) + + const userInfo = await succeedOrThrow(() => + this.getAccount({ username, token }) + ) + const exchangeInfo = await succeedOrThrow(() => + this.getAccount({ username:exchangeUser, token:exchangeToken }) + ) + + await failOrThrow("invalid-id", () => + this.confirmWithdrawalById("invalid") + ) + await failOrThrow("not-found", () => + this.confirmWithdrawalById("11111111-1111-1111-1111-111111111111") + ) + + const { withdrawal_id:firstWithdrawal } = await succeedOrThrow(() => + this.createWithdrawal({ username, token }, { + amount: userInfo.balance.amount + }) + ) + + await failOrThrow("no-exchange-or-reserve-selected", () => + this.confirmWithdrawalById(firstWithdrawal) + ) + + await succeedOrThrow(() => + this.getIntegrationAPI().completeWithdrawalOperationById(firstWithdrawal, { + reserve_pub: encodeCrock(getRandomBytes(32)), + selected_exchange: exchangeInfo.payto_uri, + }) + ) + + await succeedOrThrow(() => + this.confirmWithdrawalById(firstWithdrawal) + ) + + const { withdrawal_id:secondWithdrawal } = await succeedOrThrow(() => + this.createWithdrawal({ username, token }, { + amount: userInfo.balance.amount + }) + ) + + await succeedOrThrow(() => + this.abortWithdrawalById(secondWithdrawal) + ) + await failOrThrow("previously-aborted", () => + this.confirmWithdrawalById(secondWithdrawal) + ) + } + } + + async testTransactions(adminPassword: string) { + const { access_token: adminToken } = await succeedOrThrow(() => + this.getAuthenticationAPI("admin").createAccessToken(adminPassword, { + scope: "readwrite" + }) + ) + // get transactions + { + const { username, token } = await createRandomTestUser(this, adminToken) + // await succeedOrThrow(() => this.getTransactions(creds)) + const txs = await succeedOrThrow(() => this.getTransactions({ username, token }, { + limit: 5, + order: "asc" + })) + // await failOrThrow("not-found",() => this.getTransactions({ + // username:"not-found", + // token: creds.token, + // })) + await failOrThrow("unauthorized", () => this.getTransactions({ + username: username, + token: "wrongtoken" as AccessToken, + })) + } + + /** + * getTxby id + */ + { + const { username, token } = await createRandomTestUser(this, adminToken) + const { username: otherUser, token: otherToken } = await createRandomTestUser(this, adminToken) + + const userInfo = await succeedOrThrow(() => + this.getAccount({ username, token }) + ) + const otherInfo = await succeedOrThrow(() => + this.getAccount({ username: otherUser, token: otherToken }) + ) + const otherAccount = parsePaytoUri(otherInfo.payto_uri)! + otherAccount.params["message"] = "all" + + await succeedOrThrow(() => + this.createTransaction({ username, token }, { + payto_uri: stringifyPaytoUri(otherAccount), + amount: userInfo.balance.amount + }) + ) + + const txs = await succeedOrThrow(() => this.getTransactions({ username, token }, { + limit: 5, + order: "asc" + })) + const rowId = txs.transactions[0].row_id + + await succeedOrThrow(() => + this.getTransactionById({ username, token }, rowId) + ) + + await failOrThrow("not-found", () => + this.getTransactionById({ username, token }, 123123123) + ) + + await failOrThrow("unauthorized", () => + this.getTransactionById({ username, token: "wrongtoken" as AccessToken }, 123123123) + ) + } + + /** + * create transactions + */ + { + const { username, token } = await createRandomTestUser(this, adminToken) + const { username: otherUser, token: otherToken } = await createRandomTestUser(this, adminToken) + + const userInfo = await succeedOrThrow(() => + this.getAccount({ username, token }) + ) + const otherInfo = await succeedOrThrow(() => + this.getAccount({ username: otherUser, token: otherToken }) + ) + const otherAccount = parsePaytoUri(otherInfo.payto_uri)! + otherAccount.params["message"] = "all" + + await succeedOrThrow(() => + this.createTransaction({ username, token }, { + payto_uri: stringifyPaytoUri(otherAccount), + amount: userInfo.balance.amount + }) + ) + //missing amount + await failOrThrow("invalid-input", () => + this.createTransaction({ username, token }, { + payto_uri: stringifyPaytoUri(otherAccount), + // amount: userInfo.balance.amount + }) + ) + //missing subject + await failOrThrow("invalid-input", () => + this.createTransaction({ username, token }, { + payto_uri: otherInfo.payto_uri, + amount: userInfo.balance.amount + }) + ) + await failOrThrow("unauthorized", () => + this.createTransaction({ username, token: "wrongtoken" as AccessToken }, { + payto_uri: otherInfo.payto_uri, + amount: userInfo.balance.amount + }) + ) + } + } } + +export async function succeedOrThrow<R, E>(cb: () => Promise<OperationResult<R, E>>): Promise<R> { + const resp = await cb() + if (resp.type === "ok") return resp.body + throw TalerError.fromUncheckedDetail({ ...resp.detail, case: resp.case }) +} +export async function failOrThrow<E>(s: E, cb: () => Promise<OperationResult<unknown, E>>): Promise<TalerErrorDetail> { + const resp = await cb() + if (resp.type === "ok") { + throw TalerError.fromException(new Error(`request succeed but failure "${s}" was expected`)) + } + if (resp.case === s) { + return resp.detail + } + throw TalerError.fromException(new Error(`request failed but case "${s}" was expected`)) +} + +export async function createRandomTestUser(api: TalerCoreBankHttpClient, adminToken: AccessToken, options: Partial<TalerCorebankApi.RegisterAccountRequest> = {}) { + const username = "user-" + encodeCrock(getRandomBytes(10)).toLowerCase(); + await succeedOrThrow(() => + api.createAccount(adminToken, { + name: username, + username, password: "123", + ...options + }) + ) + const { access_token } = await succeedOrThrow(() => + api.getAuthenticationAPI(username).createAccessToken("123", { + scope: "readwrite" + }) + ) + return { username, token: access_token } +}
\ No newline at end of file |