From 85d177a853ff16687b6996b577d3bc6aee06141c Mon Sep 17 00:00:00 2001 From: Sebastian Date: Tue, 9 Apr 2024 14:09:01 -0300 Subject: fix backward compatibility: some scripts call provision-merchant-instance using secret-token: prefix --- packages/taler-harness/src/index.ts | 295 ++++++++++++++++++++++-------------- 1 file changed, 179 insertions(+), 116 deletions(-) (limited to 'packages/taler-harness') diff --git a/packages/taler-harness/src/index.ts b/packages/taler-harness/src/index.ts index 5f2708b85..4a7b13317 100644 --- a/packages/taler-harness/src/index.ts +++ b/packages/taler-harness/src/index.ts @@ -42,7 +42,7 @@ import { rsaBlind, setGlobalLogLevelFromString, setPrintHttpRequestAsCurl, - stringifyPayTemplateUri + stringifyPayTemplateUri, } from "@gnu-taler/taler-util"; import { clk } from "@gnu-taler/taler-util/clk"; import { @@ -601,62 +601,80 @@ deploymentCli help: "Provision a bank account, merchant instance and link them together.", }) .requiredArgument("merchantApiBaseUrl", clk.STRING, { - help: "URL location of the merchant backend" + help: "URL location of the merchant backend", }) .requiredArgument("corebankApiBaseUrl", clk.STRING, { - help: "URL location of the libeufin bank backend" - }) - .requiredOption("merchantToken", ["--merchant-management-token"], clk.STRING, { - help: "access token of the default instance in the merchant backend" + help: "URL location of the libeufin bank backend", }) + .requiredOption( + "merchantToken", + ["--merchant-management-token"], + clk.STRING, + { + help: "access token of the default instance in the merchant backend", + }, + ) .maybeOption("bankToken", ["--bank-admin-token"], clk.STRING, { - help: "libeufin bank admin's password if the account creation is restricted" + help: "libeufin bank admin's password if the account creation is restricted", }) .requiredOption("name", ["--legal-name"], clk.STRING, { - help: "legal name of the merchant" + help: "legal name of the merchant", }) .maybeOption("email", ["--email"], clk.STRING, { - help: "email contact of the merchant" + help: "email contact of the merchant", }) .maybeOption("phone", ["--phone"], clk.STRING, { - help: "phone contact of the merchant" + help: "phone contact of the merchant", }) .requiredOption("id", ["--id"], clk.STRING, { - help: "login id for the bank account and instance id of the merchant backend" + help: "login id for the bank account and instance id of the merchant backend", }) .flag("template", ["--create-template"], { - help: "use this flag to create a default template for the merchant with fixed summary" + help: "use this flag to create a default template for the merchant with fixed summary", }) .requiredOption("password", ["--password"], clk.STRING, { - help: "password of the accounts in libeufin bank and merchant backend" + help: "password of the accounts in libeufin bank and merchant backend", }) .flag("randomPassword", ["--set-random-password"], { - help: "if everything worked ok, change the password of the accounts at the end" + help: "if everything worked ok, change the password of the accounts at the end", }) .action(async (args) => { - const managementToken = args.provisionBankMerchant.merchantToken as AccessToken; - const bankAdminPassword = args.provisionBankMerchant.bankToken as AccessToken; + const managementToken = args.provisionBankMerchant + .merchantToken as AccessToken; + const bankAdminPassword = args.provisionBankMerchant + .bankToken as AccessToken; const id = args.provisionBankMerchant.id; const name = args.provisionBankMerchant.name; const email = args.provisionBankMerchant.email; const phone = args.provisionBankMerchant.phone; const password = args.provisionBankMerchant.password; - const httpLib = createPlatformHttpLib({}); - const merchantManager = new TalerMerchantManagementHttpClient(args.provisionBankMerchant.merchantApiBaseUrl, httpLib); - const bank = new TalerCoreBankHttpClient(args.provisionBankMerchant.corebankApiBaseUrl, httpLib); - const instanceURL = merchantManager.getSubInstanceAPI(id).href - const merchantInstance = new TalerMerchantInstanceHttpClient(instanceURL, httpLib); - const conv = new TalerBankConversionHttpClient(bank.getConversionInfoAPI().href, httpLib) - const bankAuth = new TalerAuthenticationHttpClient(bank.getAuthenticationAPI(id).href, httpLib) - + const merchantManager = new TalerMerchantManagementHttpClient( + args.provisionBankMerchant.merchantApiBaseUrl, + httpLib, + ); + const bank = new TalerCoreBankHttpClient( + args.provisionBankMerchant.corebankApiBaseUrl, + httpLib, + ); + const instanceURL = merchantManager.getSubInstanceAPI(id).href; + const merchantInstance = new TalerMerchantInstanceHttpClient( + instanceURL, + httpLib, + ); + const conv = new TalerBankConversionHttpClient( + bank.getConversionInfoAPI().href, + httpLib, + ); + const bankAuth = new TalerAuthenticationHttpClient( + bank.getAuthenticationAPI(id).href, + httpLib, + ); - const bc = await bank.getConfig() + const bc = await bank.getConfig(); if (bc.type === "fail") { - logger.error( - `couldn't get bank config. ${bc.detail.hint}`, - ); + logger.error(`couldn't get bank config. ${bc.detail.hint}`); return; } if (!bank.isCompatible(bc.body.version)) { @@ -665,11 +683,9 @@ deploymentCli ); return; } - const mc = await merchantManager.getConfig() + const mc = await merchantManager.getConfig(); if (mc.type === "fail") { - logger.error( - `couldn't get merchant config. ${mc.detail.hint}`, - ); + logger.error(`couldn't get merchant config. ${mc.detail.hint}`); return; } if (!merchantManager.isCompatible(mc.body.version)) { @@ -688,18 +704,23 @@ deploymentCli name: name, password: password, username: id, - contact_data: email || phone ? { - email: email, - phone: phone, - } : undefined, - }) + contact_data: + email || phone + ? { + email: email, + phone: phone, + } + : undefined, + }); if (resp.type === "fail") { - logger.error(`unable to provision bank account, HTTP response status ${resp.case}`); + logger.error( + `unable to provision bank account, HTTP response status ${resp.case}`, + ); process.exit(2); } logger.info(`account ${id} successfully provisioned`); - accountPayto = resp.body.internal_payto_uri + accountPayto = resp.body.internal_payto_uri; } /** @@ -722,7 +743,7 @@ deploymentCli jurisdiction: {}, name: name, use_stefan: true, - }) + }); if (resp.type === "ok") { logger.info(`instance ${id} created successfully`); @@ -741,21 +762,26 @@ deploymentCli * link bank account and merchant */ { - const resp = await merchantInstance.addBankAccount(password as AccessToken, { - payto_uri: accountPayto, - credit_facade_url: bank.getRevenueAPI(id).href, - credit_facade_credentials: { - type: "basic", - username: id, - password: password, - } - }) + const resp = await merchantInstance.addBankAccount( + password as AccessToken, + { + payto_uri: accountPayto, + credit_facade_url: bank.getRevenueAPI(id).href, + credit_facade_credentials: { + type: "basic", + username: id, + password: password, + }, + }, + ); if (resp.type === "fail") { - console.error(`unable to configure bank account for instance ${id}, status ${resp.case}`) + console.error( + `unable to configure bank account for instance ${id}, status ${resp.case}`, + ); console.error(j2s(resp.detail)); process.exit(2); } - wireAccount = resp.body.h_wire + wireAccount = resp.body.h_wire; } logger.info(`successfully configured bank account for ${id}`); @@ -769,32 +795,35 @@ deploymentCli if (bc.body.allow_conversion) { const cc = await conv.getConfig(); if (cc.type === "ok") { - currency = cc.body.fiat_currency + currency = cc.body.fiat_currency; } else { - console.error( - `could not get fiat currency status ${cc.case}`, - ); + console.error(`could not get fiat currency status ${cc.case}`); console.error(j2s(cc.detail)); } } else { - console.log(`conversion is disabled, using bank currency`) + console.log(`conversion is disabled, using bank currency`); } { - const resp = await merchantInstance.addTemplate(password as AccessToken, { - template_id: "default", - template_description: "First template", - template_contract: { - pay_duration: Duration.toTalerProtocolDuration( - Duration.fromSpec({ hours: 1 }), - ), - minimum_age: 0, - currency, - summary: "Pay me!" - } - }) + const resp = await merchantInstance.addTemplate( + password as AccessToken, + { + template_id: "default", + template_description: "First template", + template_contract: { + pay_duration: Duration.toTalerProtocolDuration( + Duration.fromSpec({ hours: 1 }), + ), + minimum_age: 0, + currency, + summary: "Pay me!", + }, + }, + ); if (resp.type === "fail") { - console.error(`unable to create template for insntaince ${id}, status ${resp.case}`) + console.error( + `unable to create template for insntaince ${id}, status ${resp.case}`, + ); console.error(j2s(resp.detail)); process.exit(2); } @@ -805,25 +834,29 @@ deploymentCli merchantBaseUrl: instanceURL, templateId: "default", templateParams: { - amount: currency - } - }) + amount: currency, + }, + }); } let finalPassword = password; if (args.provisionBankMerchant.randomPassword) { - const prevPassword = password as AccessToken + const prevPassword = password as AccessToken; const randomPassword = encodeCrock(randomBytes(16)); - logger.info("random password: ", randomPassword) + logger.info("random password: ", randomPassword); let token: AccessToken; { const resp = await bankAuth.createAccessTokenBasic(id, prevPassword, { scope: "readwrite", - duration: Duration.toTalerProtocolDuration(Duration.fromSpec({ minutes: 1 })), + duration: Duration.toTalerProtocolDuration( + Duration.fromSpec({ minutes: 1 }), + ), refreshable: false, - }) + }); if (resp.type === "fail") { - console.error(`unable to login into bank accountfor user ${id}, status ${resp.case}`) + console.error( + `unable to login into bank accountfor user ${id}, status ${resp.case}`, + ); console.error(j2s(resp.detail)); process.exit(2); } @@ -831,42 +864,56 @@ deploymentCli } { - const resp = await bank.updatePassword({ username: id, token }, { - old_password: prevPassword, - new_password: randomPassword, - }); + const resp = await bank.updatePassword( + { username: id, token }, + { + old_password: prevPassword, + new_password: randomPassword, + }, + ); if (resp.type === "fail") { - console.error(`unable to change bank password for user ${id}, status ${resp.case}`) + console.error( + `unable to change bank password for user ${id}, status ${resp.case}`, + ); if (resp.case !== HttpStatusCode.Accepted) { console.error(j2s(resp.detail)); } else { - console.error("2FA required") + console.error("2FA required"); } process.exit(2); } } { - const resp = await merchantInstance.updateCurrentInstanceAuthentication(prevPassword, { - method: "token", - token: `secret-token:${randomPassword}` as AccessToken - }) + const resp = await merchantInstance.updateCurrentInstanceAuthentication( + prevPassword, + { + method: "token", + token: `secret-token:${randomPassword}` as AccessToken, + }, + ); if (resp.type === "fail") { - console.error(`unable to change merchant password for instance ${id}, status ${resp.case}`) + console.error( + `unable to change merchant password for instance ${id}, status ${resp.case}`, + ); console.error(j2s(resp.detail)); process.exit(2); } } { - const resp = await merchantInstance.updateBankAccount(randomPassword as AccessToken, wireAccount, { - credit_facade_url: bank.getRevenueAPI(id).href, - credit_facade_credentials: { - type: "basic", - username: id, - password: randomPassword, - } - }) + const resp = await merchantInstance.updateBankAccount( + randomPassword as AccessToken, + wireAccount, + { + credit_facade_url: bank.getRevenueAPI(id).href, + credit_facade_credentials: { + type: "basic", + username: id, + password: randomPassword, + }, + }, + ); if (resp.type != "ok") { console.error( `unable to update bank account for instance ${id}, status ${resp.case}`, @@ -882,17 +929,21 @@ deploymentCli /** * show result */ - console.log(JSON.stringify({ - bankUser: id, - bankURL: args.provisionBankMerchant.corebankApiBaseUrl, - merchantURL: instanceURL, - templateURI, - password: finalPassword, - }, undefined, 2)) - + console.log( + JSON.stringify( + { + bankUser: id, + bankURL: args.provisionBankMerchant.corebankApiBaseUrl, + merchantURL: instanceURL, + templateURI, + password: finalPassword, + }, + undefined, + 2, + ), + ); }); - deploymentCli .subcommand("provisionMerchantInstance", "provision-merchant-instance", { help: "Provision a merchant backend instance.", @@ -909,9 +960,18 @@ deploymentCli .action(async (args) => { const httpLib = createPlatformHttpLib({}); const baseUrl = args.provisionMerchantInstance.merchantApiBaseUrl; - const api = new TalerMerchantManagementHttpClient(baseUrl, httpLib) - const managementToken = args.provisionMerchantInstance.managementToken as AccessToken; - const instanceToken = args.provisionMerchantInstance.instanceToken as AccessToken; + const api = new TalerMerchantManagementHttpClient(baseUrl, httpLib); + const mt = args.provisionMerchantInstance.managementToken; + const mtWithoutPrefix = mt.startsWith("secret-token:") + ? mt.substring("secret-token:".length) + : mt; + const managementToken = mtWithoutPrefix as AccessToken; + + const it = args.provisionMerchantInstance.instanceToken; + const itWithoutPrefix = it.startsWith("secret-token:") + ? it.substring("secret-token:".length) + : it; + const instanceToken = itWithoutPrefix as AccessToken; const instanceId = args.provisionMerchantInstance.id; const instancceName = args.provisionMerchantInstance.name; const bankURL = args.provisionMerchantInstance.bankURL; @@ -933,7 +993,7 @@ deploymentCli jurisdiction: {}, name: instancceName, use_stefan: true, - }) + }); if (createResp.type === "ok") { logger.info(`instance ${instanceId} created successfully`); @@ -949,12 +1009,15 @@ deploymentCli const createAccountResp = await api.addBankAccount(instanceToken, { payto_uri: accountPayto, credit_facade_url: bankURL, - credit_facade_credentials: bankUser && bankPassword ? { - type: "basic", - username: bankUser, - password: bankPassword, - } : undefined - }) + credit_facade_credentials: + bankUser && bankPassword + ? { + type: "basic", + username: bankUser, + password: bankPassword, + } + : undefined, + }); if (createAccountResp.type != "ok") { console.error( `unable to configure bank account for instance ${instanceId}, status ${createAccountResp.case}`, @@ -989,7 +1052,7 @@ deploymentCli is_public: !!args.provisionBankAccount.public, is_taler_exchange: !!args.provisionBankAccount.exchange, payto_uri: args.provisionBankAccount.internalPayto as PaytoString, - }) + }); if (resp.type === "ok") { logger.info(`account ${accountLogin} successfully provisioned`); -- cgit v1.2.3