/* This file is part of GNU Taler (C) 2020 Taler Systems S.A. GNU Taler is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3, or (at your option) any later version. GNU Taler is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with GNU Taler; see the file COPYING. If not, see */ /** * Imports. */ import { ConfirmPayResultType, Logger, TestPayResult, WithdrawTestBalanceRequest, } from "@gnu-taler/taler-util"; import { HttpRequestLibrary, readSuccessResponseJsonOrThrow, checkSuccessResponseOrThrow, } from "../util/http.js"; import { AmountString, codecForAny, CheckPaymentResponse, codecForCheckPaymentResponse, IntegrationTestArgs, Amounts, TestPayArgs, URL, PreparePayResultType, } from "@gnu-taler/taler-util"; import { InternalWalletState } from "../internal-wallet-state.js"; import { confirmPay, preparePayForUri } from "./pay.js"; import { getBalances } from "./balance.js"; import { applyRefund } from "./refund.js"; import { checkLogicInvariant } from "../util/invariants.js"; import { acceptWithdrawalFromUri } from "./withdraw.js"; const logger = new Logger("operations/testing.ts"); interface BankUser { username: string; password: string; } interface BankWithdrawalResponse { taler_withdraw_uri: string; withdrawal_id: string; } interface MerchantBackendInfo { baseUrl: string; authToken?: string; } /** * Generate a random alphanumeric ID. Does *not* use cryptographically * secure randomness. */ function makeId(length: number): string { let result = ""; const characters = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"; for (let i = 0; i < length; i++) { result += characters.charAt(Math.floor(Math.random() * characters.length)); } return result; } /** * Helper function to generate the "Authorization" HTTP header. */ function makeBasicAuthHeader(username: string, password: string): string { const auth = `${username}:${password}`; const authEncoded: string = Buffer.from(auth).toString("base64"); return `Basic ${authEncoded}`; } export async function withdrawTestBalance( ws: InternalWalletState, req: WithdrawTestBalanceRequest, ): Promise { const amount = req.amount; const exchangeBaseUrl = req.exchangeBaseUrl; logger.trace( `Registered bank user, bank access base url ${req.bankAccessApiBaseUrl}`, ); const bankUser = await registerRandomBankUser( ws.http, req.bankAccessApiBaseUrl, ); logger.trace(`Registered bank user ${JSON.stringify(bankUser)}`); const wresp = await createDemoBankWithdrawalUri( ws.http, req.bankAccessApiBaseUrl, bankUser, amount, ); await acceptWithdrawalFromUri(ws, { talerWithdrawUri: wresp.taler_withdraw_uri, selectedExchange: exchangeBaseUrl, forcedDenomSel: req.forcedDenomSel, }); await confirmBankWithdrawalUri( ws.http, req.bankAccessApiBaseUrl, bankUser, wresp.withdrawal_id, ); } function getMerchantAuthHeader(m: MerchantBackendInfo): Record { if (m.authToken) { return { Authorization: `Bearer ${m.authToken}`, }; } return {}; } /** * Use the testing API of a demobank to create a taler://withdraw URI * that the wallet can then use to make a withdrawal. */ export async function createDemoBankWithdrawalUri( http: HttpRequestLibrary, bankAccessApiBaseUrl: string, bankUser: BankUser, amount: AmountString, ): Promise { const reqUrl = new URL( `accounts/${bankUser.username}/withdrawals`, bankAccessApiBaseUrl, ).href; const resp = await http.postJson( reqUrl, { amount, }, { headers: { Authorization: makeBasicAuthHeader( bankUser.username, bankUser.password, ), }, }, ); const respJson = await readSuccessResponseJsonOrThrow(resp, codecForAny()); return respJson; } async function confirmBankWithdrawalUri( http: HttpRequestLibrary, bankAccessApiBaseUrl: string, bankUser: BankUser, withdrawalId: string, ): Promise { const reqUrl = new URL( `accounts/${bankUser.username}/withdrawals/${withdrawalId}/confirm`, bankAccessApiBaseUrl, ).href; const resp = await http.postJson( reqUrl, {}, { headers: { Authorization: makeBasicAuthHeader( bankUser.username, bankUser.password, ), }, }, ); await readSuccessResponseJsonOrThrow(resp, codecForAny()); return; } async function registerRandomBankUser( http: HttpRequestLibrary, bankAccessApiBaseUrl: string, ): Promise { const reqUrl = new URL("testing/register", bankAccessApiBaseUrl).href; const randId = makeId(8); const bankUser: BankUser = { // euFin doesn't allow resource names to have upper case letters. username: `testuser-${randId.toLowerCase()}`, password: `testpw-${randId}`, }; const resp = await http.postJson(reqUrl, bankUser); await checkSuccessResponseOrThrow(resp); return bankUser; } async function refund( http: HttpRequestLibrary, merchantBackend: MerchantBackendInfo, orderId: string, reason: string, refundAmount: string, ): Promise { const reqUrl = new URL( `private/orders/${orderId}/refund`, merchantBackend.baseUrl, ); const refundReq = { order_id: orderId, reason, refund: refundAmount, }; const resp = await http.postJson(reqUrl.href, refundReq, { headers: getMerchantAuthHeader(merchantBackend), }); const r = await readSuccessResponseJsonOrThrow(resp, codecForAny()); const refundUri = r.taler_refund_uri; if (!refundUri) { throw Error("no refund URI in response"); } return refundUri; } async function createOrder( http: HttpRequestLibrary, merchantBackend: MerchantBackendInfo, amount: string, summary: string, fulfillmentUrl: string, ): Promise<{ orderId: string }> { const t = Math.floor(new Date().getTime() / 1000) + 15 * 60; const reqUrl = new URL("private/orders", merchantBackend.baseUrl).href; const orderReq = { order: { amount, summary, fulfillment_url: fulfillmentUrl, refund_deadline: { t_s: t }, wire_transfer_deadline: { t_s: t }, }, }; const resp = await http.postJson(reqUrl, orderReq, { headers: getMerchantAuthHeader(merchantBackend), }); const r = await readSuccessResponseJsonOrThrow(resp, codecForAny()); const orderId = r.order_id; if (!orderId) { throw Error("no order id in response"); } return { orderId }; } async function checkPayment( http: HttpRequestLibrary, merchantBackend: MerchantBackendInfo, orderId: string, ): Promise { const reqUrl = new URL(`private/orders/${orderId}`, merchantBackend.baseUrl); reqUrl.searchParams.set("order_id", orderId); const resp = await http.get(reqUrl.href, { headers: getMerchantAuthHeader(merchantBackend), }); return readSuccessResponseJsonOrThrow(resp, codecForCheckPaymentResponse()); } interface BankUser { username: string; password: string; } interface BankWithdrawalResponse { taler_withdraw_uri: string; withdrawal_id: string; } async function makePayment( ws: InternalWalletState, merchant: MerchantBackendInfo, amount: string, summary: string, ): Promise<{ orderId: string }> { const orderResp = await createOrder( ws.http, merchant, amount, summary, "taler://fulfillment-success/thx", ); logger.trace("created order with orderId", orderResp.orderId); let paymentStatus = await checkPayment(ws.http, merchant, orderResp.orderId); logger.trace("payment status", paymentStatus); const talerPayUri = paymentStatus.taler_pay_uri; if (!talerPayUri) { throw Error("no taler://pay/ URI in payment response"); } const preparePayResult = await preparePayForUri(ws, talerPayUri); logger.trace("prepare pay result", preparePayResult); if (preparePayResult.status != "payment-possible") { throw Error("payment not possible"); } const confirmPayResult = await confirmPay( ws, preparePayResult.proposalId, undefined, ); logger.trace("confirmPayResult", confirmPayResult); paymentStatus = await checkPayment(ws.http, merchant, orderResp.orderId); logger.trace("payment status after wallet payment:", paymentStatus); if (paymentStatus.order_status !== "paid") { throw Error("payment did not succeed"); } return { orderId: orderResp.orderId, }; } export async function runIntegrationTest( ws: InternalWalletState, args: IntegrationTestArgs, ): Promise { logger.info("running test with arguments", args); const parsedSpendAmount = Amounts.parseOrThrow(args.amountToSpend); const currency = parsedSpendAmount.currency; logger.info("withdrawing test balance"); await withdrawTestBalance(ws, { amount: args.amountToWithdraw, bankBaseUrl: args.bankBaseUrl, bankAccessApiBaseUrl: args.bankAccessApiBaseUrl ?? args.bankBaseUrl, exchangeBaseUrl: args.exchangeBaseUrl, }); await ws.runUntilDone(); logger.info("done withdrawing test balance"); const balance = await getBalances(ws); logger.trace(JSON.stringify(balance, null, 2)); const myMerchant: MerchantBackendInfo = { baseUrl: args.merchantBaseUrl, authToken: args.merchantAuthToken, }; await makePayment(ws, myMerchant, args.amountToSpend, "hello world"); // Wait until the refresh is done await ws.runUntilDone(); logger.trace("withdrawing test balance for refund"); const withdrawAmountTwo = Amounts.parseOrThrow(`${currency}:18`); const spendAmountTwo = Amounts.parseOrThrow(`${currency}:7`); const refundAmount = Amounts.parseOrThrow(`${currency}:6`); const spendAmountThree = Amounts.parseOrThrow(`${currency}:3`); await withdrawTestBalance(ws, { amount: Amounts.stringify(withdrawAmountTwo), bankBaseUrl: args.bankBaseUrl, bankAccessApiBaseUrl: args.bankAccessApiBaseUrl ?? args.bankBaseUrl, exchangeBaseUrl: args.exchangeBaseUrl, }); // Wait until the withdraw is done await ws.runUntilDone(); const { orderId: refundOrderId } = await makePayment( ws, myMerchant, Amounts.stringify(spendAmountTwo), "order that will be refunded", ); const refundUri = await refund( ws.http, myMerchant, refundOrderId, "test refund", Amounts.stringify(refundAmount), ); logger.trace("refund URI", refundUri); await applyRefund(ws, refundUri); logger.trace("integration test: applied refund"); // Wait until the refund is done await ws.runUntilDone(); logger.trace("integration test: making payment after refund"); await makePayment( ws, myMerchant, Amounts.stringify(spendAmountThree), "payment after refund", ); logger.trace("integration test: make payment done"); await ws.runUntilDone(); logger.trace("integration test: all done!"); } export async function testPay( ws: InternalWalletState, args: TestPayArgs, ): Promise { logger.trace("creating order"); const merchant = { authToken: args.merchantAuthToken, baseUrl: args.merchantBaseUrl, }; const orderResp = await createOrder( ws.http, merchant, args.amount, args.summary, "taler://fulfillment-success/thank+you", ); logger.trace("created new order with order ID", orderResp.orderId); const checkPayResp = await checkPayment(ws.http, merchant, orderResp.orderId); const talerPayUri = checkPayResp.taler_pay_uri; if (!talerPayUri) { console.error("fatal: no taler pay URI received from backend"); process.exit(1); } logger.trace("taler pay URI:", talerPayUri); const result = await preparePayForUri(ws, talerPayUri); if (result.status !== PreparePayResultType.PaymentPossible) { throw Error(`unexpected prepare pay status: ${result.status}`); } const r = await confirmPay( ws, result.proposalId, undefined, args.forcedCoinSel, ); if (r.type != ConfirmPayResultType.Done) { throw Error("payment not done"); } const purchase = await ws.db .mktx((x) => [x.purchases]) .runReadOnly(async (tx) => { return tx.purchases.get(result.proposalId); }); checkLogicInvariant(!!purchase); return { payCoinSelection: purchase.payCoinSelection, }; }