diff options
| author | Christian Grothoff <christian@grothoff.org> | 2022-08-11 23:35:33 +0200 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2022-08-11 23:35:33 +0200 |
| commit | 1009084e94b8e8cf19e3b5568c3cccaba2bd2209 (patch) | |
| tree | a346997dedd05f685ba7addc59e288dfa550ad0e /src/exchange/taler-exchange-httpd_kyc-wallet.c | |
| parent | b061ea85c84facfc78c34edface367c5f040bc9c (diff) | |
major rework of the KYC logic, making it more configurable, not complete, but tests pass again
Diffstat (limited to 'src/exchange/taler-exchange-httpd_kyc-wallet.c')
| -rw-r--r-- | src/exchange/taler-exchange-httpd_kyc-wallet.c | 119 |
1 files changed, 101 insertions, 18 deletions
diff --git a/src/exchange/taler-exchange-httpd_kyc-wallet.c b/src/exchange/taler-exchange-httpd_kyc-wallet.c index 0d92efd3..a043de6f 100644 --- a/src/exchange/taler-exchange-httpd_kyc-wallet.c +++ b/src/exchange/taler-exchange-httpd_kyc-wallet.c @@ -1,6 +1,6 @@ /* This file is part of TALER - Copyright (C) 2021 Taler Systems SA + Copyright (C) 2021, 2022 Taler Systems SA TALER is free software; you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software @@ -26,6 +26,7 @@ #include <pthread.h> #include "taler_json_lib.h" #include "taler_mhd_lib.h" +#include "taler_kyclogic_lib.h" #include "taler-exchange-httpd_kyc-wallet.h" #include "taler-exchange-httpd_responses.h" @@ -38,16 +39,55 @@ struct KycRequestContext /** * Public key of the reserve/wallet this is about. */ - struct TALER_ReservePublicKeyP reserve_pub; + struct TALER_PaytoHashP h_payto; /** - * Current KYC status. + * Row with the legitimization requirement. */ - struct TALER_EXCHANGEDB_KycStatus kyc; + uint64_t legi_row; + + /** + * Balance threshold crossed by the wallet. + */ + struct TALER_Amount balance; + + /** + * Name of the required check. + */ + const char *required; + }; /** + * Function called to iterate over KYC-relevant + * transaction amounts for a particular time range. + * Returns the wallet balance. + * + * @param cls closure, a `struct KycRequestContext` + * @param limit maximum time-range for which events + * should be fetched (timestamp in the past) + * @param cb function to call on each event found, + * events must be returned in reverse chronological + * order + * @param cb_cls closure for @a cb + */ +static void +balance_iterator (void *cls, + struct GNUNET_TIME_Absolute limit, + TALER_EXCHANGEDB_KycAmountCallback cb, + void *cb_cls) +{ + struct KycRequestContext *krc = cls; + + (void) limit; + cb (cb_cls, + &krc->balance, + GNUNET_TIME_absolute_get ()); +} + + +/** * Function implementing database transaction to check wallet's KYC status. * Runs the transaction logic; IF it returns a non-error code, the transaction * logic MUST NOT queue a MHD response. IF it returns an hard error, the @@ -69,9 +109,23 @@ wallet_kyc_check (void *cls, struct KycRequestContext *krc = cls; enum GNUNET_DB_QueryStatus qs; - qs = TEH_plugin->inselect_wallet_kyc_status (TEH_plugin->cls, - &krc->reserve_pub, - &krc->kyc); + krc->required = TALER_KYCLOGIC_kyc_test_required ( + TALER_KYCLOGIC_KYC_TRIGGER_WALLET_BALANCE, + &krc->h_payto, + TEH_plugin->select_satisfied_kyc_processes, + TEH_plugin->cls, + &balance_iterator, + krc); + GNUNET_log (GNUNET_ERROR_TYPE_WARNING, + "KYC check required at %s is `%s'\n", + TALER_amount2s (&krc->balance), + krc->required); + if (NULL == krc->required) + return GNUNET_DB_STATUS_SUCCESS_NO_RESULTS; + qs = TEH_plugin->insert_kyc_requirement_for_account (TEH_plugin->cls, + krc->required, + &krc->h_payto, + &krc->legi_row); if (qs < 0) { if (GNUNET_DB_STATUS_SOFT_ERROR == qs) @@ -80,9 +134,14 @@ wallet_kyc_check (void *cls, *mhd_ret = TALER_MHD_reply_with_error (connection, MHD_HTTP_INTERNAL_SERVER_ERROR, TALER_EC_GENERIC_DB_FETCH_FAILED, - "inselect_wallet_status"); + "insert_kyc_requirement_for_account"); return qs; } + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "KYC requirement inserted for wallet %s (%llu, %d)\n", + TALER_B2S (&krc->h_payto), + (unsigned long long) krc->legi_row, + qs); return qs; } @@ -95,11 +154,17 @@ TEH_handler_kyc_wallet ( { struct TALER_ReserveSignatureP reserve_sig; struct KycRequestContext krc; + struct TALER_ReservePublicKeyP reserve_pub; struct GNUNET_JSON_Specification spec[] = { GNUNET_JSON_spec_fixed_auto ("reserve_sig", &reserve_sig), GNUNET_JSON_spec_fixed_auto ("reserve_pub", - &krc.reserve_pub), + &reserve_pub), + // FIXME: add balance threshold crossed to the request + // to spec and client API! + TALER_JSON_spec_amount ("balance", + TEH_currency, + &krc.balance), GNUNET_JSON_spec_end () }; MHD_RESULT res; @@ -115,8 +180,10 @@ TEH_handler_kyc_wallet ( return MHD_YES; /* failure */ TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++; + // FIXME: add balance threshold crossed to + // what the wallet signs over! if (GNUNET_OK != - TALER_wallet_account_setup_verify (&krc.reserve_pub, + TALER_wallet_account_setup_verify (&reserve_pub, &reserve_sig)) { GNUNET_break_op (0); @@ -126,13 +193,19 @@ TEH_handler_kyc_wallet ( TALER_EC_EXCHANGE_KYC_WALLET_SIGNATURE_INVALID, NULL); } - if (TEH_KYC_NONE == TEH_kyc_config.mode) - return TALER_MHD_reply_static ( - rc->connection, - MHD_HTTP_NO_CONTENT, - NULL, - NULL, - 0); + { + char *payto_uri; + + payto_uri = TALER_reserve_make_payto (TEH_base_url, + &reserve_pub); + TALER_payto_hash (payto_uri, + &krc.h_payto); + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "h_payto of wallet %s is %s\n", + payto_uri, + TALER_B2S (&krc.h_payto)); + GNUNET_free (payto_uri); + } ret = TEH_DB_run_transaction (rc->connection, "check wallet kyc", TEH_MT_REQUEST_OTHER, @@ -141,11 +214,21 @@ TEH_handler_kyc_wallet ( &krc); if (GNUNET_SYSERR == ret) return res; + if (NULL == krc.required) + { + /* KYC not required or already satisfied */ + return TALER_MHD_reply_static ( + rc->connection, + MHD_HTTP_NO_CONTENT, + NULL, + NULL, + 0); + } return TALER_MHD_REPLY_JSON_PACK ( rc->connection, MHD_HTTP_OK, GNUNET_JSON_pack_uint64 ("payment_target_uuid", - krc.kyc.payment_target_uuid)); + krc.legi_row)); } |