diff options
| -rw-r--r-- | src/exchange/Makefile.am | 2 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd.c | 2 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd_kyc-check.c | 168 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd_kyc-check.h | 42 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd_kyc-proof.c | 99 | ||||
| -rw-r--r-- | src/exchange/taler-exchange-httpd_kyc-proof.h | 40 | ||||
| -rw-r--r-- | src/exchangedb/plugin_exchangedb_postgres.c | 60 | ||||
| -rw-r--r-- | src/include/taler_exchangedb_plugin.h | 23 |
8 files changed, 436 insertions, 0 deletions
diff --git a/src/exchange/Makefile.am b/src/exchange/Makefile.am index a0fe1c20..d199e4bc 100644 --- a/src/exchange/Makefile.am +++ b/src/exchange/Makefile.am @@ -83,6 +83,8 @@ taler_exchange_httpd_SOURCES = \ taler-exchange-httpd_deposit.c taler-exchange-httpd_deposit.h \ taler-exchange-httpd_deposits_get.c taler-exchange-httpd_deposits_get.h \ taler-exchange-httpd_keys.c taler-exchange-httpd_keys.h \ + taler-exchange-httpd_kyc-check.c taler-exchange-httpd_kyc-check.h \ + taler-exchange-httpd_kyc-proof.c taler-exchange-httpd_kyc-proof.h \ taler-exchange-httpd_kyc-wallet.c taler-exchange-httpd_kyc-wallet.h \ taler-exchange-httpd_link.c taler-exchange-httpd_link.h \ taler-exchange-httpd_management.h \ diff --git a/src/exchange/taler-exchange-httpd.c b/src/exchange/taler-exchange-httpd.c index 7386a8a4..194a2378 100644 --- a/src/exchange/taler-exchange-httpd.c +++ b/src/exchange/taler-exchange-httpd.c @@ -33,6 +33,8 @@ #include "taler-exchange-httpd_deposit.h" #include "taler-exchange-httpd_deposits_get.h" #include "taler-exchange-httpd_keys.h" +#include "taler-exchange-httpd_kyc-check.h" +#include "taler-exchange-httpd_kyc-proof.h" #include "taler-exchange-httpd_kyc-wallet.h" #include "taler-exchange-httpd_link.h" #include "taler-exchange-httpd_management.h" diff --git a/src/exchange/taler-exchange-httpd_kyc-check.c b/src/exchange/taler-exchange-httpd_kyc-check.c new file mode 100644 index 00000000..1e29ba2c --- /dev/null +++ b/src/exchange/taler-exchange-httpd_kyc-check.c @@ -0,0 +1,168 @@ +/* + This file is part of TALER + Copyright (C) 2021 Taler Systems SA + + TALER is free software; you can redistribute it and/or modify it under the + terms of the GNU Affero General Public License as published by the Free Software + Foundation; either version 3, or (at your option) any later version. + + TALER is distributed in the hope that it will be useful, but WITHOUT ANY + WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details. + + You should have received a copy of the GNU Affero General Public License along with + TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/> +*/ +/** + * @file taler-exchange-httpd_kyc-check.c + * @brief Handle request for generic KYC check. + * @author Christian Grothoff + */ +#include "platform.h" +#include <gnunet/gnunet_util_lib.h> +#include <gnunet/gnunet_json_lib.h> +#include <jansson.h> +#include <microhttpd.h> +#include <pthread.h> +#include "taler_json_lib.h" +#include "taler_mhd_lib.h" +#include "taler_signatures.h" +#include "taler-exchange-httpd_keys.h" +#include "taler-exchange-httpd_kyc-wallet.h" +#include "taler-exchange-httpd_responses.h" + + +/** + * Context for the request. + */ +struct KycCheckContext +{ + /** + * UUID being checked. + */ + uint64_t payment_target_uuid; + + /** + * Current KYC status. + */ + struct TALER_EXCHANGEDB_KycStatus kyc; + + /** + * Hash of the payto:// URI we are confirming to + * have finished the KYC for. + */ + struct GNUNET_HashCode h_payto; +}; + + +/** + * Function implementing database transaction to check wallet's KYC status. + * Runs the transaction logic; IF it returns a non-error code, the transaction + * logic MUST NOT queue a MHD response. IF it returns an hard error, the + * transaction logic MUST queue a MHD response and set @a mhd_ret. IF it + * returns the soft error code, the function MAY be called again to retry and + * MUST not queue a MHD response. + * + * @param cls closure with a `struct KycCheckContext *` + * @param connection MHD request which triggered the transaction + * @param[out] mhd_ret set to MHD response status for @a connection, + * if transaction failed (!) + * @return transaction status + */ +static enum GNUNET_DB_QueryStatus +kyc_check (void *cls, + struct MHD_Connection *connection, + MHD_RESULT *mhd_ret) +{ + struct KycCheckContext *kcc = cls; + enum GNUNET_DB_QueryStatus qs; + + qs = TEH_plugin->select_kyc_status (TEH_plugin->cls, + kcc->payment_target_uuid, + &kcc->h_payto, + &kcc->kyc); + if (qs < 0) + { + if (GNUNET_DB_STATUS_SOFT_ERROR == qs) + return qs; + GNUNET_break (0); + *mhd_ret = TALER_MHD_reply_with_error (connection, + MHD_HTTP_INTERNAL_SERVER_ERROR, + TALER_EC_GENERIC_DB_FETCH_FAILED, + "inselect_wallet_status"); + return qs; + } + return qs; +} + + +MHD_RESULT +TEH_handler_kyc_check ( + struct MHD_Connection *connection, + uint64_t payment_target_uuid) +{ + struct KycCheckContext kcc = { + .payment_target_uuid = payment_target_uuid + }; + MHD_RESULT res; + enum GNUNET_GenericReturnValue ret; + struct GNUNET_TIME_Absolute now = GNUNET_TIME_absolute_get (); + + (void) GNUNET_TIME_round_abs (&now); + if (TEH_KYC_NONE == TEH_kyc_config.mode) + return TALER_MHD_reply_static ( + connection, + MHD_HTTP_NO_CONTENT, + NULL, + NULL, + 0); + ret = TEH_DB_run_transaction (connection, + "kyc check", + &res, + &kyc_check, + &kcc); + if (GNUNET_SYSERR == ret) + return res; + if (! kcc.kyc.ok) + { + GNUNET_assert (TEH_KYC_OAUTH2 == TEH_kyc_config.mode); + return TALER_MHD_REPLY_JSON_PACK ( + connection, + MHD_HTTP_ACCEPTED, + GNUNET_JSON_pack_string ("kyc_url", + TEH_kyc_config.details.oauth2.url)); + } + { + struct TALER_ExchangePublicKeyP pub; + struct TALER_ExchangeSignatureP sig; + struct TALER_ExchangeAccountSetupSuccessPS as = { + .purpose.purpose = htonl (TALER_SIGNATURE_EXCHANGE_ACCOUNT_SETUP_SUCCESS), + .purpose.size = htonl (sizeof (as)), + .h_payto = kcc.h_payto, + .timestamp = GNUNET_TIME_absolute_hton (now) + }; + enum TALER_ErrorCode ec; + + if (TALER_EC_NONE != + (ec = TEH_keys_exchange_sign (&as, + &pub, + &sig))) + { + return TALER_MHD_reply_with_ec (connection, + ec, + NULL); + } + return TALER_MHD_REPLY_JSON_PACK ( + connection, + MHD_HTTP_OK, + GNUNET_JSON_pack_data_auto ("exchange_sig", + &sig), + GNUNET_JSON_pack_data_auto ("exchange_pub", + &pub), + GNUNET_JSON_pack_time_abs ("now", + now)); + } +} + + +/* end of taler-exchange-httpd_kyc-check.c */ diff --git a/src/exchange/taler-exchange-httpd_kyc-check.h b/src/exchange/taler-exchange-httpd_kyc-check.h new file mode 100644 index 00000000..12f24488 --- /dev/null +++ b/src/exchange/taler-exchange-httpd_kyc-check.h @@ -0,0 +1,42 @@ +/* + This file is part of TALER + Copyright (C) 2021 Taler Systems SA + + TALER is free software; you can redistribute it and/or modify it under the + terms of the GNU Affero General Public License as published by the Free Software + Foundation; either version 3, or (at your option) any later version. + + TALER is distributed in the hope that it will be useful, but WITHOUT ANY + WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details. + + You should have received a copy of the GNU Affero General Public License along with + TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/> +*/ +/** + * @file taler-exchange-httpd_kyc-check.h + * @brief Handle /kyc-check requests + * @author Christian Grothoff + */ +#ifndef TALER_EXCHANGE_HTTPD_KYC_CHECK_H +#define TALER_EXCHANGE_HTTPD_KYC_CHECK_H + +#include <microhttpd.h> +#include "taler-exchange-httpd.h" + + +/** + * Handle a "/kyc-check" request. Checks the KYC + * status of the given account and returns it. + * + * @param connection request to handle + * @param payment_target_uuid which account are we to check + * @return MHD result code + */ +MHD_RESULT +TEH_handler_kyc_check ( + struct MHD_Connection *connection, + uint64_t payment_target_uuid); + + +#endif diff --git a/src/exchange/taler-exchange-httpd_kyc-proof.c b/src/exchange/taler-exchange-httpd_kyc-proof.c new file mode 100644 index 00000000..cb3f00dd --- /dev/null +++ b/src/exchange/taler-exchange-httpd_kyc-proof.c @@ -0,0 +1,99 @@ +/* + This file is part of TALER + Copyright (C) 2021 Taler Systems SA + + TALER is free software; you can redistribute it and/or modify it under the + terms of the GNU Affero General Public License as published by the Free Software + Foundation; either version 3, or (at your option) any later version. + + TALER is distributed in the hope that it will be useful, but WITHOUT ANY + WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details. + + You should have received a copy of the GNU Affero General Public License along with + TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/> +*/ +/** + * @file taler-exchange-httpd_kyc-proof.c + * @brief Handle request for proof for KYC check. + * @author Christian Grothoff + */ +#include "platform.h" +#include <gnunet/gnunet_util_lib.h> +#include <gnunet/gnunet_json_lib.h> +#include <jansson.h> +#include <microhttpd.h> +#include <pthread.h> +#include "taler_json_lib.h" +#include "taler_mhd_lib.h" +#include "taler-exchange-httpd_kyc-proof.h" +#include "taler-exchange-httpd_responses.h" + + +/** + * Context for the proof. + */ +struct KycProofContext +{ + +}; + + +/** + * Function implementing database transaction to check proof's KYC status. + * Runs the transaction logic; IF it returns a non-error code, the transaction + * logic MUST NOT queue a MHD response. IF it returns an hard error, the + * transaction logic MUST queue a MHD response and set @a mhd_ret. IF it + * returns the soft error code, the function MAY be called again to retry and + * MUST not queue a MHD response. + * + * @param cls closure with a `struct KycProofContext *` + * @param connection MHD proof which triggered the transaction + * @param[out] mhd_ret set to MHD response status for @a connection, + * if transaction failed (!) + * @return transaction status + */ +static enum GNUNET_DB_QueryStatus +proof_kyc_check (void *cls, + struct MHD_Connection *connection, + MHD_RESULT *mhd_ret) +{ + struct KycProofContext *kpc = cls; + + (void) kpc; // FIXME: do work here! + return -2; +} + + +MHD_RESULT +TEH_handler_kyc_proof ( + struct MHD_Connection *connection, + ...) +{ + struct KycProofContext kpc; + MHD_RESULT res; + enum GNUNET_GenericReturnValue ret; + + if (1 || (TEH_KYC_NONE == TEH_kyc_config.mode)) + return TALER_MHD_reply_static ( + connection, + MHD_HTTP_NO_CONTENT, + NULL, + NULL, + 0); + ret = TEH_DB_run_transaction (connection, + "check proof kyc", + &res, + &proof_kyc_check, + &kpc); + if (GNUNET_SYSERR == ret) + return res; + return TALER_MHD_REPLY_JSON_PACK ( + connection, + MHD_HTTP_OK, + GNUNET_JSON_pack_uint64 ("42", + 42)); +} + + +/* end of taler-exchange-httpd_kyc-proof.c */ diff --git a/src/exchange/taler-exchange-httpd_kyc-proof.h b/src/exchange/taler-exchange-httpd_kyc-proof.h new file mode 100644 index 00000000..1958a004 --- /dev/null +++ b/src/exchange/taler-exchange-httpd_kyc-proof.h @@ -0,0 +1,40 @@ +/* + This file is part of TALER + Copyright (C) 2021 Taler Systems SA + + TALER is free software; you can redistribute it and/or modify it under the + terms of the GNU Affero General Public License as published by the Free Software + Foundation; either version 3, or (at your option) any later version. + + TALER is distributed in the hope that it will be useful, but WITHOUT ANY + WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details. + + You should have received a copy of the GNU Affero General Public License along with + TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/> +*/ +/** + * @file taler-exchange-httpd_kyc-proof.h + * @brief Handle /kyc-proof requests + * @author Christian Grothoff + */ +#ifndef TALER_EXCHANGE_HTTPD_KYC_PROOF_H +#define TALER_EXCHANGE_HTTPD_KYC_PROOF_H + +#include <microhttpd.h> +#include "taler-exchange-httpd.h" + + +/** + * Handle a "/kyc-proof" request. + * + * @param connection request to handle + * @return MHD result code + */ +MHD_RESULT +TEH_handler_kyc_proof ( + struct MHD_Connection *connection, + ...); + + +#endif diff --git a/src/exchangedb/plugin_exchangedb_postgres.c b/src/exchangedb/plugin_exchangedb_postgres.c index b4738ef4..0026829d 100644 --- a/src/exchangedb/plugin_exchangedb_postgres.c +++ b/src/exchangedb/plugin_exchangedb_postgres.c @@ -369,6 +369,15 @@ prepare_statements (struct PostgresClosure *pg) " WHERE payto_uri=$1" " LIMIT 1;", 1), + /* Used in #postgres_select_kyc_status() */ + GNUNET_PQ_make_prepare ("select_kyc_status", + "SELECT" + ",kyc_ok" + ",h_payto" + " FROM wire_targets" + " WHERE" + " wire_target_serial_id=$1", + 1), /* Used in #postgres_inselect_wallet_kyc_status() */ // FIXME: Note that this statement has not been debugged at all... // It just represents the _idea_. @@ -3595,6 +3604,56 @@ postgres_get_kyc_status (void *cls, /** + * Get the @a kyc status and @a h_payto by UUID. + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param payment_target_uuid which account to get the KYC status for + * @param[out] h_payto set to the hash of the account's payto URI (unsalted) + * @param[out] kyc set to the KYC status of the account + * @return transaction status + */ +static enum GNUNET_DB_QueryStatus +postgres_select_kyc_status (void *cls, + uint64_t payment_target_uuid, + struct GNUNET_HashCode *h_payto, + struct TALER_EXCHANGEDB_KycStatus *kyc) +{ +#if FIXME_DD23 + struct PostgresClosure *pg = cls; + struct GNUNET_PQ_QueryParam params[] = { + GNUNET_PQ_query_param_uint64 (payment_target_uuid), + GNUNET_PQ_query_param_end + }; +#endif + uint8_t ok8; +#if FIXME_DD23 + struct GNUNET_PQ_ResultSpec rs[] = { + GNUNET_PQ_result_spec_auto_from_type ("h_payto", + h_payto), + GNUNET_PQ_result_spec_auto_from_type ("kyc_ok", + &ok8), + GNUNET_PQ_result_spec_end + }; +#endif + enum GNUNET_DB_QueryStatus qs; + +#if FIXME_DD23 + qs = GNUNET_PQ_eval_prepared_singleton_select (pg->conn, + "select_kyc_status", + params, + rs); +#else + qs = 1; + ok8 = 0; +#endif + kyc->type = TALER_EXCHANGEDB_KYC_UNKNOWN; + kyc->ok = (0 != ok8); + kyc->payment_target_uuid = payment_target_uuid; + return qs; +} + + +/** * Get the KYC status for a wallet. If the status is unknown, * inserts a new status record (hence INsertSELECT). * @@ -11203,6 +11262,7 @@ libtaler_plugin_exchangedb_postgres_init (void *cls) &postgres_iterate_auditor_denominations; plugin->reserves_get = &postgres_reserves_get; plugin->get_kyc_status = &postgres_get_kyc_status; + plugin->select_kyc_status = &postgres_select_kyc_status; plugin->inselect_wallet_kyc_status = &postgres_inselect_wallet_kyc_status; plugin->reserves_in_insert = &postgres_reserves_in_insert; plugin->get_latest_reserve_in_reference = diff --git a/src/include/taler_exchangedb_plugin.h b/src/include/taler_exchangedb_plugin.h index 4b90396b..b8c50406 100644 --- a/src/include/taler_exchangedb_plugin.h +++ b/src/include/taler_exchangedb_plugin.h @@ -1630,6 +1630,13 @@ struct TALER_EXCHANGEDB_RefreshRevealedCoin */ enum TALER_EXCHANGEDB_KycType { + + /** + * It is unclear for which type of KYC operation + * this information is. + */ + TALER_EXCHANGEDB_KYC_UNKNOWN = 0, + /** * KYC to be applied for simple withdraws without * the involvement of wallet-to-wallet payments. @@ -2368,6 +2375,22 @@ struct TALER_EXCHANGEDB_Plugin /** + * Get the @a kyc status and @a h_payto by UUID. + * + * @param cls the @e cls of this struct with the plugin-specific state + * @param payment_target_uuid which account to get the KYC status for + * @param[out] h_payto set to the hash of the account's payto URI (unsalted) + * @param[out] kyc set to the KYC status of the account + * @return transaction status + */ + enum GNUNET_DB_QueryStatus + (*select_kyc_status)(void *cls, + uint64_t payment_target_uuid, + struct GNUNET_HashCode *h_payto, + struct TALER_EXCHANGEDB_KycStatus *kyc); + + + /** * Get the KYC status for a wallet. If the status is unknown, * inserts a new status record (hence INsertSELECT). * |