get first KYC test to pass

author: Christian Grothoff <christian@grothoff.org> 2021-11-09 15:39:31 +0100
committer: Christian Grothoff <christian@grothoff.org> 2021-11-09 15:39:31 +0100
commit: a9b2140b1ece806847aa45a6b95a959c9ddaa7bf (patch)
tree: 1e99fa21fa001dac1aa9934830c0fd3f2c84b26a /src/testing
parent: a79cc16067285cee7de72d889eaf8152cc17739d (diff)
download: exchange-a9b2140b1ece806847aa45a6b95a959c9ddaa7bf.tar.gz
exchange-a9b2140b1ece806847aa45a6b95a959c9ddaa7bf.tar.bz2
exchange-a9b2140b1ece806847aa45a6b95a959c9ddaa7bf.zip
5 files changed, 184 insertions, 31 deletions
diff --git a/src/testing/test_exchange_api.c b/src/testing/test_exchange_api.c
index c5544637b..72968c256 100644
--- a/src/testing/test_exchange_api.c
+++ b/src/testing/test_exchange_api.c
@@ -343,7 +343,7 @@ run (void *cls,
     /* Try resolving a deposit's WTID for a failed deposit.
      * As the deposit failed, the answer should be that the
      * exchange does NOT know about the deposit.
-     *///
+     */
     TALER_TESTING_cmd_track_transaction ("deposit-wtid-failing",
                                          "deposit-double-2",
                                          0,
@@ -352,7 +352,7 @@ run (void *cls,
     /* Try resolving an undefined (all zeros) WTID; this
      * should fail as obviously the exchange didn't use that
      * WTID value for any transaction.
-     *///
+     */
     TALER_TESTING_cmd_track_transfer_empty ("wire-deposit-failing",
                                             NULL,
                                             MHD_HTTP_NOT_FOUND),
diff --git a/src/testing/test_kyc_api.c b/src/testing/test_kyc_api.c
index ea2964958..b1a43df56 100644
--- a/src/testing/test_kyc_api.c
+++ b/src/testing/test_kyc_api.c
@@ -66,7 +66,7 @@ static struct TALER_TESTING_BankConfiguration bc;
  */
 #define CMD_EXEC_AGGREGATOR(label)                        \
   TALER_TESTING_cmd_sleep (label "-sleep", 1), \
-  TALER_TESTING_cmd_exec_aggregator /*_with_kyc*/ (label, CONFIG_FILE), \
+  TALER_TESTING_cmd_exec_aggregator_with_kyc (label, CONFIG_FILE), \
   TALER_TESTING_cmd_exec_transfer (label, CONFIG_FILE)
 
 /**
@@ -118,11 +118,39 @@ run (void *cls,
       GNUNET_TIME_UNIT_ZERO,
       "EUR:5",
       MHD_HTTP_OK),
+    TALER_TESTING_cmd_track_transaction (
+      "track-deposit",
+      "deposit-simple",
+      0,
+      MHD_HTTP_ACCEPTED,
+      NULL),
     TALER_TESTING_cmd_end ()
   };
 
   struct TALER_TESTING_Command track[] = {
-    CMD_EXEC_AGGREGATOR ("run-aggregator"),
+    CMD_EXEC_AGGREGATOR ("run-aggregator-before-kyc"),
+    TALER_TESTING_cmd_check_bank_empty ("check_bank_empty-no-kyc"),
+    TALER_TESTING_cmd_check_kyc_get ("check-kyc-deposit",
+                                     "track-deposit",
+                                     MHD_HTTP_ACCEPTED),
+    TALER_TESTING_cmd_proof_kyc ("proof-kyc-no-service",
+                                 "track-deposit",
+                                 "bad",
+                                 "state",
+                                 MHD_HTTP_BAD_GATEWAY),
+    TALER_TESTING_cmd_oauth ("start-oauth-service",
+                             6666),
+    TALER_TESTING_cmd_proof_kyc ("proof-kyc-fail",
+                                 "track-deposit",
+                                 "bad",
+                                 "state",
+                                 MHD_HTTP_FORBIDDEN),
+    TALER_TESTING_cmd_proof_kyc ("proof-kyc-fail",
+                                 "track-deposit",
+                                 "pass",
+                                 "state",
+                                 MHD_HTTP_SEE_OTHER),
+    CMD_EXEC_AGGREGATOR ("run-aggregator-after-kyc"),
     TALER_TESTING_cmd_check_bank_transfer (
       "check_bank_transfer-499c",
       ec.exchange_url,
diff --git a/src/testing/test_kyc_api.conf b/src/testing/test_kyc_api.conf
index 03a5e2453..105ee3b26 100644
--- a/src/testing/test_kyc_api.conf
+++ b/src/testing/test_kyc_api.conf
@@ -45,6 +45,22 @@ DB = postgres
 # exchange (or the twister) is actually listening.
 BASE_URL = "http://localhost:8081/"
 
+
+KYC_MODE = OAUTH2
+
+KYC_WALLET_BALANCE_LIMIT = EUR:1
+
+KYC_WITHDRAW_PERIOD = "31 days"
+
+KYC_WITHDRAW_LIMIT = EUR:150
+
+[exchange-kyc-oauth2]
+
+KYC_OAUTH2_URL = http://localhost:6666/
+KYC_OAUTH2_CLIENT_ID = taler-exchange
+KYC_OAUTH2_CLIENT_SECRET = exchange-secret
+KYC_OAUTH2_POST_URL = http://example.com/
+
 [exchangedb-postgres]
 CONFIG = "postgres:///talercheck"
 
diff --git a/src/testing/testing_api_cmd_kyc_proof.c b/src/testing/testing_api_cmd_kyc_proof.c
index bd6162698..fdd3affdc 100644
--- a/src/testing/testing_api_cmd_kyc_proof.c
+++ b/src/testing/testing_api_cmd_kyc_proof.c
@@ -89,9 +89,8 @@ proof_kyc_cb (void *cls,
   if (kcg->expected_response_code != kpr->http_status)
   {
     GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
-                "Unexpected response code %u/%d to command %s in %s:%u\n",
+                "Unexpected response code %u to command %s in %s:%u\n",
                 kpr->http_status,
-                (int) kpr->ec,
                 cmd->label,
                 __FILE__,
                 __LINE__);
@@ -100,11 +99,18 @@ proof_kyc_cb (void *cls,
   }
   switch (kpr->http_status)
   {
-  case MHD_HTTP_FOUND:
+  case MHD_HTTP_SEE_OTHER:
     kcg->redirect_url = GNUNET_strdup (kpr->details.found.redirect_url);
     break;
+  case MHD_HTTP_FORBIDDEN:
+    break;
+  case MHD_HTTP_BAD_GATEWAY:
+    break;
   default:
     GNUNET_break (0);
+    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                "Unexpected response code %u to /kyc-proof\n",
+                kpr->http_status);
     break;
   }
   TALER_TESTING_interpreter_next (kcg->is);
diff --git a/src/testing/testing_api_cmd_oauth.c b/src/testing/testing_api_cmd_oauth.c
index 6cfad32bc..b71cc8386 100644
--- a/src/testing/testing_api_cmd_oauth.c
+++ b/src/testing/testing_api_cmd_oauth.c
@@ -46,6 +46,76 @@ struct OAuthState
 };
 
 
+struct RequestCtx
+{
+  struct MHD_PostProcessor *pp;
+  char *code;
+  char *client_id;
+  char *redirect_uri;
+  char *client_secret;
+};
+
+
+static void
+append (char **target,
+        const char *data,
+        size_t size)
+{
+  char *tmp;
+
+  if (NULL == *target)
+  {
+    *target = GNUNET_strndup (data,
+                              size);
+    return;
+  }
+  GNUNET_asprintf (&tmp,
+                   "%s%.*s",
+                   *target,
+                   (int) size,
+                   data);
+  GNUNET_free (*target);
+  *target = tmp;
+}
+
+
+static enum MHD_Result
+handle_post (void *cls,
+             enum MHD_ValueKind kind,
+             const char *key,
+             const char *filename,
+             const char *content_type,
+             const char *transfer_encoding,
+             const char *data,
+             uint64_t off,
+             size_t size)
+{
+  struct RequestCtx *rc = cls;
+
+  if (0 == strcmp (key,
+                   "code"))
+    append (&rc->code,
+            data,
+            size);
+  if (0 == strcmp (key,
+                   "client_id"))
+    append (&rc->client_id,
+            data,
+            size);
+  if (0 == strcmp (key,
+                   "redirect_uri"))
+    append (&rc->redirect_uri,
+            data,
+            size);
+  if (0 == strcmp (key,
+                   "client_secret"))
+    append (&rc->client_secret,
+            data,
+            size);
+  return MHD_YES;
+}
+
+
 /**
  * A client has requested the given url using the given method
  * (#MHD_HTTP_METHOD_GET, #MHD_HTTP_METHOD_PUT,
@@ -95,38 +165,52 @@ handler_cb (void *cls,
             size_t *upload_data_size,
             void **con_cls)
 {
-  const char *code;
-  const char *client_id;
-  const char *redirect_uri;
-  const char *client_secret;
+  struct RequestCtx *rc = *con_cls;
   unsigned int hc;
   json_t *body;
 
+  if (NULL == rc)
+  {
+    rc = GNUNET_new (struct RequestCtx);
+    *con_cls = rc;
+    rc->pp = MHD_create_post_processor (connection,
+                                        4092,
+                                        &handle_post,
+                                        rc);
+    return MHD_YES;
+  }
+  if (0 != *upload_data_size)
+  {
+    enum MHD_Result ret;
+
+    ret = MHD_post_process (rc->pp,
+                            upload_data,
+                            *upload_data_size);
+    *upload_data_size = 0;
+    return ret;
+  }
+
+
   /* NOTE: In the future, we MAY want to distinguish between
      the different URLs and possibly return more information.
      For now, just do the minimum: implement the main handler
      that checks the code. */
-  code = MHD_lookup_connection_value (connection,
-                                      MHD_GET_ARGUMENT_KIND,
-                                      "code");
-  client_id = MHD_lookup_connection_value (connection,
-                                           MHD_GET_ARGUMENT_KIND,
-                                           "client_id");
-  redirect_uri = MHD_lookup_connection_value (connection,
-                                              MHD_GET_ARGUMENT_KIND,
-                                              "redirect_uri");
-  client_secret = MHD_lookup_connection_value (connection,
-                                               MHD_GET_ARGUMENT_KIND,
-                                               "client_secret");
-  if ( (NULL == code) ||
-       (NULL == client_id) ||
-       (NULL == redirect_uri) ||
-       (NULL == client_secret) )
+  if ( (NULL == rc->code) ||
+       (NULL == rc->client_id) ||
+       (NULL == rc->redirect_uri) ||
+       (NULL == rc->client_secret) )
   {
     GNUNET_break (0);
+    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                "Bad request to Oauth faker: `%s' with %s/%s/%s/%s\n",
+                url,
+                rc->code,
+                rc->client_id,
+                rc->redirect_uri,
+                rc->client_secret);
     return MHD_NO;
   }
-  if (0 != strcmp (client_id,
+  if (0 != strcmp (rc->client_id,
                    "taler-exchange"))
   {
     body = GNUNET_JSON_PACK (
@@ -136,7 +220,7 @@ handler_cb (void *cls,
                                "only 'taler-exchange' is allowed"));
     hc = MHD_HTTP_NOT_FOUND;
   }
-  else if (0 != strcmp (client_secret,
+  else if (0 != strcmp (rc->client_secret,
                         "exchange-secret"))
   {
     body = GNUNET_JSON_PACK (
@@ -148,7 +232,7 @@ handler_cb (void *cls,
   }
   else
   {
-    if (0 != strcmp (code,
+    if (0 != strcmp (rc->code,
                      "pass"))
     {
       body = GNUNET_JSON_PACK (
@@ -178,6 +262,24 @@ handler_cb (void *cls,
 }
 
 
+static void
+cleanup (void *cls,
+         struct MHD_Connection *connection,
+         void **con_cls,
+         enum MHD_RequestTerminationCode toe)
+{
+  struct RequestCtx *rc = *con_cls;
+
+  if (NULL == rc)
+    return;
+  GNUNET_free (rc->code);
+  GNUNET_free (rc->client_id);
+  GNUNET_free (rc->redirect_uri);
+  GNUNET_free (rc->client_secret);
+  GNUNET_free (rc);
+}
+
+
 /**
  * Run the command.
  *
@@ -193,12 +295,13 @@ oauth_run (void *cls,
   struct OAuthState *oas = cls;
 
   (void) cmd;
-  (void) is;
   oas->mhd = MHD_start_daemon (MHD_USE_AUTO_INTERNAL_THREAD,
                                oas->port,
                                NULL, NULL,
                                &handler_cb, oas,
+                               MHD_OPTION_NOTIFY_COMPLETED, &cleanup, NULL,
                                NULL);
+  TALER_TESTING_interpreter_next (is);
 }
author	Christian Grothoff <christian@grothoff.org>	2021-11-09 15:39:31 +0100
committer	Christian Grothoff <christian@grothoff.org>	2021-11-09 15:39:31 +0100
commit	a9b2140b1ece806847aa45a6b95a959c9ddaa7bf (patch)
tree	1e99fa21fa001dac1aa9934830c0fd3f2c84b26a /src/testing
parent	a79cc16067285cee7de72d889eaf8152cc17739d (diff)
download	exchange-a9b2140b1ece806847aa45a6b95a959c9ddaa7bf.tar.gz exchange-a9b2140b1ece806847aa45a6b95a959c9ddaa7bf.tar.bz2 exchange-a9b2140b1ece806847aa45a6b95a959c9ddaa7bf.zip