return KYC requirement row when AML imposed KYC requirements on withdraw; return KYC choices in new /config endpoint

src/exchange/Makefile.am

@@ -129,6 +129,7 @@ taler_exchange_httpd_SOURCES = \
   taler-exchange-httpd_batch-deposit.c taler-exchange-httpd_batch-deposit.h \
   taler-exchange-httpd_batch-withdraw.c taler-exchange-httpd_batch-withdraw.h \
   taler-exchange-httpd_common_deposit.c taler-exchange-httpd_common_deposit.h \
+  taler-exchange-httpd_config.c taler-exchange-httpd_config.h \
   taler-exchange-httpd_contract.c taler-exchange-httpd_contract.h \
   taler-exchange-httpd_csr.c taler-exchange-httpd_csr.h \
   taler-exchange-httpd_db.c taler-exchange-httpd_db.h \

src/exchange/taler-exchange-aggregator.c

@@ -585,6 +585,7 @@ aml_satisfied (struct AggregationUnit *au_active)
   struct TALER_Amount total;
   struct TALER_Amount threshold;
   enum TALER_AmlDecisionState decision;
+  struct TALER_EXCHANGEDB_KycStatus kyc;
 
   total = au_active->final_amount;
   qs = db_plugin->select_aggregation_amounts_for_kyc_check (
@@ -602,6 +603,7 @@ aml_satisfied (struct AggregationUnit *au_active)
   qs = db_plugin->select_aml_threshold (db_plugin->cls,
                                         &au_active->h_payto,
                                         &decision,
+                                        &kyc,
                                         &threshold);
   if (qs < 0)
   {

src/exchange/taler-exchange-httpd.c

@@ -34,6 +34,7 @@
 #include "taler-exchange-httpd_auditors.h"
 #include "taler-exchange-httpd_batch-deposit.h"
 #include "taler-exchange-httpd_batch-withdraw.h"
+#include "taler-exchange-httpd_config.h"
 #include "taler-exchange-httpd_contract.h"
 #include "taler-exchange-httpd_csr.h"
 #include "taler-exchange-httpd_deposit.h"
@@ -1371,6 +1372,12 @@ handle_mhd_request (void *cls,
       .method = MHD_HTTP_METHOD_GET,
       .handler.get = &handler_seed
     },
+    /* Configuration */
+    {
+      .url = "config",
+      .method = MHD_HTTP_METHOD_GET,
+      .handler.get = &TEH_handler_config
+    },
     /* Performance metrics */
     {
       .url = "metrics",

src/exchange/taler-exchange-httpd_batch-withdraw.c

@@ -254,6 +254,7 @@ batch_withdraw_transaction (void *cls,
     qs = TEH_plugin->select_aml_threshold (TEH_plugin->cls,
                                            &reserve_h_payto,
                                            &wc->aml_decision,
+                                           &wc->kyc,
                                            &threshold);
     if (qs < 0)
     {

src/exchange/taler-exchange-httpd_config.c

@@ -0,0 +1,55 @@
+/*
+  This file is part of TALER
+  Copyright (C) 2015-2021 Taler Systems SA
+
+  TALER is free software; you can redistribute it and/or modify it under the
+  terms of the GNU Affero General Public License as published by the Free Software
+  Foundation; either version 3, or (at your option) any later version.
+
+  TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+  WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+  A PARTICULAR PURPOSE.  See the GNU Affero General Public License for more details.
+
+  You should have received a copy of the GNU Affero General Public License along with
+  TALER; see the file COPYING.  If not, see <http://www.gnu.org/licenses/>
+*/
+/**
+ * @file taler-exchange-httpd_config.c
+ * @brief Handle /config requests
+ * @author Christian Grothoff
+ */
+#include "platform.h"
+#include <gnunet/gnunet_json_lib.h>
+#include "taler_dbevents.h"
+#include "taler-exchange-httpd_config.h"
+#include "taler_json_lib.h"
+#include "taler_kyclogic_lib.h"
+#include "taler_mhd_lib.h"
+#include <jansson.h>
+
+
+MHD_RESULT
+TEH_handler_config (struct TEH_RequestContext *rc,
+                    const char *const args[])
+{
+  static struct MHD_Response *resp;
+
+  if (NULL == resp)
+  {
+    resp = TALER_MHD_MAKE_JSON_PACK (
+      GNUNET_JSON_pack_array_steal ("supported_kyc_requirements",
+                                    TALER_KYCLOGIC_get_satisfiable ()),
+      GNUNET_JSON_pack_string ("currency",
+                               TEH_currency),
+      GNUNET_JSON_pack_string ("name",
+                               "taler-exchange"),
+      GNUNET_JSON_pack_string ("version",
+                               EXCHANGE_PROTOCOL_VERSION));
+  }
+  return MHD_queue_response (rc->connection,
+                             MHD_HTTP_OK,
+                             resp);
+}
+
+
+/* end of taler-exchange-httpd_config.c */

src/exchange/taler-exchange-httpd_config.h

@@ -0,0 +1,58 @@
+/*
+  This file is part of TALER
+  (C) 2023 Taler Systems SA
+
+  TALER is free software; you can redistribute it and/or modify it under the
+  terms of the GNU General Public License as published by the Free Software
+  Foundation; either version 3, or (at your option) any later version.
+
+  TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+  WARRANTY; without even the implied warranty of EXCHANGEABILITY or FITNESS FOR
+  A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
+
+  You should have received a copy of the GNU General Public License along with
+  TALER; see the file COPYING.  If not, see <http://www.gnu.org/licenses/>
+*/
+/**
+ * @file taler-exchange-httpd_config.h
+ * @brief headers for /config handler
+ * @author Christian Grothoff
+ */
+#ifndef TALER_EXCHANGE_HTTPD_CONFIG_H
+#define TALER_EXCHANGE_HTTPD_CONFIG_H
+#include <microhttpd.h>
+#include "taler-exchange-httpd.h"
+
+
+/**
+ * Taler protocol version in the format CURRENT:REVISION:AGE
+ * as used by GNU libtool.  See
+ * https://www.gnu.org/software/libtool/manual/html_node/Libtool-versioning.html
+ *
+ * Please be very careful when updating and follow
+ * https://www.gnu.org/software/libtool/manual/html_node/Updating-version-info.html#Updating-version-info
+ * precisely.  Note that this version has NOTHING to do with the
+ * release version, and the format is NOT the same that semantic
+ * versioning uses either.
+ *
+ * When changing this version, you likely want to also update
+ * #TALER_PROTOCOL_CURRENT and #TALER_PROTOCOL_AGE in
+ * exchange_api_handle.c!
+ *
+ * Returned via both /config and /keys endpoints.
+ */
+#define EXCHANGE_PROTOCOL_VERSION "14:0:2"
+
+
+/**
+ * Manages a /config call.
+ *
+ * @param rc context of the handler
+ * @param[in,out] args remaining arguments (ingored)
+ * @return MHD result code
+ */
+MHD_RESULT
+TEH_handler_config (struct TEH_RequestContext *rc,
+                    const char *const args[]);
+
+#endif

src/exchange/taler-exchange-httpd_keys.c

@@ -25,6 +25,7 @@
 #include "taler_kyclogic_lib.h"
 #include "taler_dbevents.h"
 #include "taler-exchange-httpd.h"
+#include "taler-exchange-httpd_config.h"
 #include "taler-exchange-httpd_keys.h"
 #include "taler-exchange-httpd_responses.h"
 #include "taler_exchangedb_plugin.h"
@@ -44,24 +45,6 @@
 #define KEYS_TIMEOUT GNUNET_TIME_UNIT_MINUTES
 
 
-/**
- * Taler protocol version in the format CURRENT:REVISION:AGE
- * as used by GNU libtool.  See
- * https://www.gnu.org/software/libtool/manual/html_node/Libtool-versioning.html
- *
- * Please be very careful when updating and follow
- * https://www.gnu.org/software/libtool/manual/html_node/Updating-version-info.html#Updating-version-info
- * precisely.  Note that this version has NOTHING to do with the
- * release version, and the format is NOT the same that semantic
- * versioning uses either.
- *
- * When changing this version, you likely want to also update
- * #TALER_PROTOCOL_CURRENT and #TALER_PROTOCOL_AGE in
- * exchange_api_handle.c!
- */
-#define EXCHANGE_PROTOCOL_VERSION "14:0:2"
-
-
 /**
  * Information about a denomination on offer by the denomination helper.
  */

src/exchange/taler-exchange-httpd_responses.c

@@ -1,6 +1,6 @@
 /*
   This file is part of TALER
-  Copyright (C) 2014-2022 Taler Systems SA
+  Copyright (C) 2014-2023 Taler Systems SA
 
   TALER is free software; you can redistribute it and/or modify it under the
   terms of the GNU Affero General Public License as published by the Free Software

src/exchange/taler-exchange-httpd_withdraw.c

@@ -1,6 +1,6 @@
 /*
   This file is part of TALER
-  Copyright (C) 2014-2022 Taler Systems SA
+  Copyright (C) 2014-2023 Taler Systems SA
 
   TALER is free software; you can redistribute it and/or modify
   it under the terms of the GNU Affero General Public License as
@@ -226,6 +226,7 @@ withdraw_transaction (void *cls,
     qs = TEH_plugin->select_aml_threshold (TEH_plugin->cls,
                                            &reserve_h_payto,
                                            &wc->aml_decision,
+                                           &wc->kyc,
                                            &threshold);
     if (qs < 0)
     {

src/exchangedb/0003-aml_status.sql

@@ -30,6 +30,7 @@ BEGIN
       ',threshold_val INT8 NOT NULL DEFAULT(0)'
       ',threshold_frac INT4 NOT NULL DEFAULT(0)'
       ',status INT4 NOT NULL DEFAULT(0)'
+      ',kyc_requirement INT8 NOT NULL DEFAULT(0)'
     ') %s ;'
     ,table_name
     ,'PARTITION BY HASH (h_payto)'

src/exchangedb/exchange_do_insert_aml_decision.sql

@@ -62,6 +62,7 @@ THEN
     SET threshold_val=in_new_threshold_val
        ,threshold_frac=in_new_threshold_frac
        ,status=in_new_status
+       ,kyc_requirement=in_requirement_row
    WHERE h_payto=in_h_payto;
   ASSERT FOUND, 'cannot have AML decision history but no AML status';
 ELSE
@@ -70,12 +71,14 @@ ELSE
     (h_payto
     ,threshold_val
     ,threshold_frac
-    ,status)
+    ,status
+    ,kyc_requirement)
     VALUES
     (in_h_payto
     ,in_new_threshold_val
     ,in_new_threshold_frac
-    ,in_new_status);
+    ,in_new_status
+    ,in_requirement_row);
 END IF;
 
 

src/exchangedb/pg_select_aml_threshold.c

@@ -31,6 +31,7 @@ TEH_PG_select_aml_threshold (
   void *cls,
   const struct TALER_PaytoHashP *h_payto,
   enum TALER_AmlDecisionState *decision,
+  struct TALER_EXCHANGEDB_KycStatus *kyc,
   struct TALER_Amount *threshold)
 {
   struct PostgresClosure *pg = cls;
@@ -44,6 +45,8 @@ TEH_PG_select_aml_threshold (
                                  threshold),
     GNUNET_PQ_result_spec_uint32 ("status",
                                   &status32),
+    GNUNET_PQ_result_spec_uint64 ("kyc_requirement",
+                                  &kyc->requirement_row),
     GNUNET_PQ_result_spec_end
   };
   enum GNUNET_DB_QueryStatus qs;
@@ -53,6 +56,7 @@ TEH_PG_select_aml_threshold (
            "SELECT"
            " threshold_val"
            ",threshold_frac"
+           ",kyc_requirement"
            " FROM aml_status"
            " WHERE h_payto=$1;");
   qs = GNUNET_PQ_eval_prepared_singleton_select (pg->conn,
@@ -60,5 +64,7 @@ TEH_PG_select_aml_threshold (
                                                  params,
                                                  rs);
   *decision = (enum TALER_AmlDecisionState) status32;
+  kyc->ok = (TALER_AML_FROZEN != *decision)
+            || (0 != kyc->requirement_row);
   return qs;
 }

src/exchangedb/pg_select_aml_threshold.h

@@ -32,6 +32,7 @@
  * @param cls closure
  * @param h_payto account for which the AML threshold is stored
  * @param[out] decision set to current AML decision
+ * @param[out] kyc set to KYC requirements imposed by AML, if any
  * @param[out] threshold set to the existing threshold
  * @return database transaction status, 0 if no threshold was set
  */
@@ -40,6 +41,7 @@ TEH_PG_select_aml_threshold (
   void *cls,
   const struct TALER_PaytoHashP *h_payto,
   enum TALER_AmlDecisionState *decision,
+  struct TALER_EXCHANGEDB_KycStatus *kyc,
   struct TALER_Amount *threshold);
 
 

src/include/taler_exchangedb_plugin.h

@@ -6621,6 +6621,7 @@ struct TALER_EXCHANGEDB_Plugin
     void *cls,
     const struct TALER_PaytoHashP *h_payto,
     enum TALER_AmlDecisionState *decision,
+    struct TALER_EXCHANGEDB_KycStatus *kyc,
     struct TALER_Amount *threshold);
 
 

src/include/taler_kyclogic_lib.h

@@ -311,6 +311,15 @@ TALER_KYCLOGIC_check_satisfiable (
   const char *check_name);
 
 
+/**
+ * Return list of all KYC checks that are possible.
+ *
+ * @return JSON array of strings with the allowed KYC checks
+ */
+json_t *
+TALER_KYCLOGIC_get_satisfiable (void);
+
+
 /**
  * Obtain the provider logic for a given set of @a requirements.
  *

src/kyclogic/kyclogic_api.c

@@ -286,6 +286,23 @@ TALER_KYCLOGIC_check_satisfiable (
 }
 
 
+json_t *
+TALER_KYCLOGIC_get_satisfiable ()
+{
+  json_t *requirements;
+
+  requirements = json_array ();
+  GNUNET_assert (NULL != requirements);
+  for (unsigned int i = 0; i<num_kyc_checks; i++)
+    GNUNET_assert (
+      0 ==
+      json_array_append_new (
+        requirements,
+        json_string (kyc_checks[i]->name)));
+  return requirements;
+}
+
+
 /**
  * Load KYC logic plugin.
  *