diff --git a/packages/taler-integrationtests/src/test-merchant-refund-api.ts b/packages/taler-integrationtests/src/test-merchant-refund-api.ts new file mode 100644 index 000000000..61f08780c --- /dev/null +++ b/packages/taler-integrationtests/src/test-merchant-refund-api.ts @@ -0,0 +1,137 @@ +/* + This file is part of GNU Taler + (C) 2020 Taler Systems S.A. + + GNU Taler is free software; you can redistribute it and/or modify it under the + terms of the GNU General Public License as published by the Free Software + Foundation; either version 3, or (at your option) any later version. + + GNU Taler is distributed in the hope that it will be useful, but WITHOUT ANY + WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + A PARTICULAR PURPOSE. See the GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along with + GNU Taler; see the file COPYING. If not, see + */ + +/** + * Imports. + */ +import { runTest, GlobalTestState, MerchantPrivateApi } from "./harness"; +import { createSimpleTestkudosEnvironment, withdrawViaBank } from "./helpers"; +import { PreparePayResultType, URL } from "taler-wallet-core"; +import axios from "axios"; + +/** + * Test case for the refund API of the merchant backend. + */ +runTest(async (t: GlobalTestState) => { + // Set up test environment + + const { + wallet, + bank, + exchange, + merchant, + } = await createSimpleTestkudosEnvironment(t); + + // Withdraw digital cash into the wallet. + + await withdrawViaBank(t, { wallet, bank, exchange, amount: "TESTKUDOS:20" }); + + // Set up order. + + const orderResp = await MerchantPrivateApi.createOrder(merchant, "default", { + order: { + summary: "Buy me!", + amount: "TESTKUDOS:5", + fulfillment_url: "taler://fulfillment-success/thx", + }, + }); + + let orderStatus = await MerchantPrivateApi.queryPrivateOrderStatus(merchant, { + orderId: orderResp.order_id, + }); + + t.assertTrue(orderStatus.order_status === "unpaid"); + + const talerPayUri = orderStatus.taler_pay_uri; + const orderId = orderResp.order_id; + + // Make wallet pay for the order + + let preparePayResult = await wallet.preparePay({ + talerPayUri, + }); + + t.assertTrue( + preparePayResult.status === PreparePayResultType.PaymentPossible, + ); + + const r2 = await wallet.apiRequest("confirmPay", { + proposalId: preparePayResult.proposalId, + }); + t.assertTrue(r2.type === "response"); + + // Check if payment was successful. + + orderStatus = await MerchantPrivateApi.queryPrivateOrderStatus(merchant, { + orderId: orderResp.order_id, + }); + + t.assertTrue(orderStatus.order_status === "paid"); + + preparePayResult = await wallet.preparePay({ + talerPayUri, + }); + + t.assertTrue( + preparePayResult.status === PreparePayResultType.AlreadyConfirmed, + ); + + await MerchantPrivateApi.giveRefund(merchant, { + amount: "TESTKUDOS:5", + instance: "default", + justification: "foo", + orderId: orderResp.order_id, + }); + + orderStatus = await MerchantPrivateApi.queryPrivateOrderStatus(merchant, { + orderId: orderResp.order_id, + }); + + t.assertTrue(orderStatus.order_status === "paid"); + + t.assertAmountEquals(orderStatus.refund_amount, "TESTKUDOS:5"); + + // Now test what the merchant gives as a response for various requests to the + // public order status URL! + + let publicOrderStatusUrl = new URL( + `orders/${orderId}`, + merchant.makeInstanceBaseUrl(), + ); + publicOrderStatusUrl.searchParams.set( + "h_contract", + preparePayResult.contractTermsHash, + ); + + let publicOrderStatusResp = await axios.get(publicOrderStatusUrl.href, { + validateStatus: () => true, + }); + console.log(publicOrderStatusResp.data); + t.assertTrue(publicOrderStatusResp.status === 200); + t.assertAmountEquals(publicOrderStatusResp.data.refund_amount, "TESTKUDOS:5"); + + publicOrderStatusUrl = new URL( + `orders/${orderId}`, + merchant.makeInstanceBaseUrl(), + ); + + publicOrderStatusResp = await axios.get(publicOrderStatusUrl.href, { + validateStatus: () => true, + }); + console.log(publicOrderStatusResp.data) + // We didn't give any authentication, so this should be forbidden + t.assertTrue(publicOrderStatusResp.status === 403); +}); diff --git a/packages/taler-wallet-core/src/operations/pay.ts b/packages/taler-wallet-core/src/operations/pay.ts index 327a6c804..565fe9c66 100644 --- a/packages/taler-wallet-core/src/operations/pay.ts +++ b/packages/taler-wallet-core/src/operations/pay.ts @@ -1052,6 +1052,7 @@ export async function preparePayForUri( return { status: PreparePayResultType.AlreadyConfirmed, contractTerms: JSON.parse(purchase.contractTermsRaw), + contractTermsHash: purchase.contractData.contractTermsHash, paid: true, nextUrl: r.nextUrl, amountRaw: Amounts.stringify(purchase.contractData.amount), @@ -1061,6 +1062,7 @@ export async function preparePayForUri( return { status: PreparePayResultType.AlreadyConfirmed, contractTerms: JSON.parse(purchase.contractTermsRaw), + contractTermsHash: purchase.contractData.contractTermsHash, paid: false, amountRaw: Amounts.stringify(purchase.contractData.amount), amountEffective: Amounts.stringify(purchase.payCostInfo.totalCost), @@ -1070,6 +1072,7 @@ export async function preparePayForUri( return { status: PreparePayResultType.AlreadyConfirmed, contractTerms: JSON.parse(purchase.contractTermsRaw), + contractTermsHash: purchase.contractData.contractTermsHash, paid, amountRaw: Amounts.stringify(purchase.contractData.amount), amountEffective: Amounts.stringify(purchase.payCostInfo.totalCost), diff --git a/packages/taler-wallet-core/src/types/walletTypes.ts b/packages/taler-wallet-core/src/types/walletTypes.ts index 511d7766c..921c63a1e 100644 --- a/packages/taler-wallet-core/src/types/walletTypes.ts +++ b/packages/taler-wallet-core/src/types/walletTypes.ts @@ -422,6 +422,7 @@ export const codecForPreparePayResultAlreadyConfirmed = (): Codec< .property("nextUrl", codecForString()) .property("paid", codecForBoolean) .property("contractTerms", codecForAny()) + .property("contractTermsHash", codecForString()) .build("PreparePayResultAlreadyConfirmed"); export const codecForPreparePayResult = (): Codec => @@ -469,6 +470,8 @@ export interface PreparePayResultAlreadyConfirmed { amountEffective: string; // Only specified if paid. nextUrl?: string; + + contractTermsHash: string; } export interface BankWithdrawDetails {