taler/wallet-core
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Activity

wallet-core: check base URL reported by exchange

Browse Source
This commit is contained in:
Florian Dold 2023-06-06 17:18:53 +02:00
parent 002ab0dab7
commit 698f356659
No known key found for this signature in database
GPG Key ID: D2E4F00F29D02A4B
4 changed files with 760 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
packages/taler-util/src/errors.ts
View File

@ -129,6 +129,10 @@ export interface DetailsMap {
*/ */
errors: TalerErrorDetail[]; errors: TalerErrorDetail[];
}; };
[TalerErrorCode.WALLET_EXCHANGE_BASE_URL_MISMATCH]: {
urlWallet: string;
urlExchange: string;
}
} }
type ErrBody<Y> = Y extends keyof DetailsMap ? DetailsMap[Y] : empty; type ErrBody<Y> = Y extends keyof DetailsMap ? DetailsMap[Y] : empty;

738
packages/taler-util/src/taler-error-codes.ts
View File

File diff suppressed because it is too large Load Diff

7
packages/taler-util/src/taler-types.ts
View File

@ -719,6 +719,12 @@ export class ExchangeSignKeyJson {
* Structure that the exchange gives us in /keys. * Structure that the exchange gives us in /keys.
*/ */
export class ExchangeKeysJson { export class ExchangeKeysJson {
/**
* Canonical, public base URL of the exchange.
*/
base_url: string;
/** /**
* List of offered denominations. * List of offered denominations.
*/ */
@ -1401,6 +1407,7 @@ export const codecForGlobalFees = (): Codec<GlobalFees> =>
export const codecForExchangeKeysJson = (): Codec<ExchangeKeysJson> => export const codecForExchangeKeysJson = (): Codec<ExchangeKeysJson> =>
buildCodecForObject<ExchangeKeysJson>() buildCodecForObject<ExchangeKeysJson>()
.property("denoms", codecForList(codecForDenomination())) .property("denoms", codecForList(codecForDenomination()))
.property("base_url", codecForString())
.property("master_public_key", codecForString()) .property("master_public_key", codecForString())
.property("auditors", codecForList(codecForAuditor())) .property("auditors", codecForList(codecForAuditor()))
.property("list_issue_date", codecForTimestamp) .property("list_issue_date", codecForTimestamp)

18
packages/taler-wallet-core/src/operations/exchanges.ts
View File

@ -38,11 +38,13 @@ import {
j2s, j2s,
LibtoolVersion, LibtoolVersion,
Logger, Logger,
makeErrorDetail,
NotificationType, NotificationType,
parsePaytoUri, parsePaytoUri,
Recoup, Recoup,
TalerError, TalerError,
TalerErrorCode, TalerErrorCode,
TalerErrorDetail,
TalerPreciseTimestamp, TalerPreciseTimestamp,
TalerProtocolDuration, TalerProtocolDuration,
TalerProtocolTimestamp, TalerProtocolTimestamp,
@ -421,6 +423,7 @@ export async function provideExchangeRecordInTx(
} }
interface ExchangeKeysDownloadResult { interface ExchangeKeysDownloadResult {
baseUrl: string;
masterPublicKey: string; masterPublicKey: string;
currency: string; currency: string;
auditors: ExchangeAuditor[]; auditors: ExchangeAuditor[];
@ -486,6 +489,7 @@ async function downloadExchangeKeysInfo(
return { return {
masterPublicKey: exchangeKeysJsonUnchecked.master_public_key, masterPublicKey: exchangeKeysJsonUnchecked.master_public_key,
currency, currency,
baseUrl: exchangeKeysJsonUnchecked.base_url,
auditors: exchangeKeysJsonUnchecked.auditors, auditors: exchangeKeysJsonUnchecked.auditors,
currentDenominations: exchangeKeysJsonUnchecked.denoms.map((d) => currentDenominations: exchangeKeysJsonUnchecked.denoms.map((d) =>
denominationRecordFromKeys( denominationRecordFromKeys(
@ -650,6 +654,20 @@ export async function updateExchangeFromUrlHandler(
keysInfo.globalFees, keysInfo.globalFees,
keysInfo.masterPublicKey, keysInfo.masterPublicKey,
); );
if (keysInfo.baseUrl != exchangeBaseUrl) {
logger.warn("exchange base URL mismatch");
const errorDetail: TalerErrorDetail = makeErrorDetail(
TalerErrorCode.WALLET_EXCHANGE_BASE_URL_MISMATCH,
{
urlWallet: exchangeBaseUrl,
urlExchange: keysInfo.baseUrl,
},
);
return {
type: OperationAttemptResultType.Error,
errorDetail,
};
}
logger.info("finished validating exchange /wire info"); logger.info("finished validating exchange /wire info");