diff options
author | Christian Grothoff <christian@grothoff.org> | 2023-11-12 14:18:06 +0100 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2023-11-12 14:18:06 +0100 |
commit | ac8144bb553605ef310962d152cf4cad4338f51f (patch) | |
tree | 32140966210d4ac59d15f18fb83fce3ac790258e /src | |
parent | efb7a46b786807994a66040f2d9c831e790b92a1 (diff) | |
download | exchange-ac8144bb553605ef310962d152cf4cad4338f51f.tar.gz exchange-ac8144bb553605ef310962d152cf4cad4338f51f.tar.bz2 exchange-ac8144bb553605ef310962d152cf4cad4338f51f.zip |
keep redirect_url in KYC table to improve idempotency of GET
Diffstat (limited to 'src')
-rw-r--r-- | src/exchange/taler-exchange-httpd_kyc-check.c | 58 | ||||
-rw-r--r-- | src/exchangedb/0002-legitimization_processes.sql | 15 | ||||
-rw-r--r-- | src/exchangedb/Makefile.am | 1 | ||||
-rw-r--r-- | src/exchangedb/pg_get_pending_kyc_requirement_process.c | 63 | ||||
-rw-r--r-- | src/exchangedb/pg_get_pending_kyc_requirement_process.h | 45 | ||||
-rw-r--r-- | src/exchangedb/pg_insert_kyc_requirement_process.c | 11 | ||||
-rw-r--r-- | src/exchangedb/pg_lookup_records_by_table.c | 1 | ||||
-rw-r--r-- | src/exchangedb/pg_update_kyc_process_by_row.c | 6 | ||||
-rw-r--r-- | src/exchangedb/pg_update_kyc_process_by_row.h | 2 | ||||
-rw-r--r-- | src/exchangedb/plugin_exchangedb_postgres.c | 3 | ||||
-rw-r--r-- | src/include/taler_exchangedb_plugin.h | 19 |
11 files changed, 202 insertions, 22 deletions
diff --git a/src/exchange/taler-exchange-httpd_kyc-check.c b/src/exchange/taler-exchange-httpd_kyc-check.c index b55f0a9a8..82c5072b0 100644 --- a/src/exchange/taler-exchange-httpd_kyc-check.c +++ b/src/exchange/taler-exchange-httpd_kyc-check.c @@ -260,6 +260,7 @@ initiate_cb ( &kyp->h_payto, provider_user_id, provider_legitimization_id, + redirect_url, GNUNET_TIME_UNIT_ZERO_ABS); if (qs <= 0) GNUNET_log (GNUNET_ERROR_TYPE_ERROR, @@ -303,6 +304,7 @@ kyc_check (void *cls, enum GNUNET_GenericReturnValue ret; struct TALER_PaytoHashP h_payto; char *requirements; + char *redirect_url; bool satisfied; qs = TEH_plugin->lookup_kyc_requirement_by_row ( @@ -388,7 +390,27 @@ kyc_check (void *cls, if (kyp->ih_done) return qs; - + qs = TEH_plugin->get_pending_kyc_requirement_process ( + THE_plugin->cls, + &h_payto, + kyp->section_name, + &redirect_url); + if (qs < 0) + { + if (GNUNET_DB_STATUS_SOFT_ERROR == qs) + return qs; + GNUNET_break (0); + *mhd_ret = TALER_MHD_reply_with_error (connection, + MHD_HTTP_INTERNAL_SERVER_ERROR, + TALER_EC_GENERIC_DB_STORE_FAILED, + "insert_kyc_requirement_process"); + return GNUNET_DB_STATUS_HARD_ERROR; + } + if (qs > 0) + { + kyp->kyc_url = redirect_url; + return qs; + } qs = TEH_plugin->insert_kyc_requirement_process ( TEH_plugin->cls, &h_payto, @@ -525,6 +547,17 @@ TEH_handler_kyc_check ( TALER_MHD_parse_request_timeout (rc->connection, &kyp->timeout); } + /* KYC plugin generated reply? */ + if (NULL != kyp->kyc_url) + { + return TALER_MHD_REPLY_JSON_PACK ( + rc->connection, + MHD_HTTP_ACCEPTED, + GNUNET_JSON_pack_uint64 ("aml_status", + kyp->aml_status), + GNUNET_JSON_pack_string ("kyc_url", + kyp->kyc_url)); + } if ( (NULL == kyp->eh) && GNUNET_TIME_absolute_is_future (kyp->timeout) ) @@ -558,6 +591,17 @@ TEH_handler_kyc_check ( "Transaction failed.\n"); return res; } + /* KYC plugin generated reply? */ + if (NULL != kyp->kyc_url) + { + return TALER_MHD_REPLY_JSON_PACK ( + rc->connection, + MHD_HTTP_ACCEPTED, + GNUNET_JSON_pack_uint64 ("aml_status", + kyp->aml_status), + GNUNET_JSON_pack_string ("kyc_url", + kyp->kyc_url)); + } if ( (NULL == kyp->ih) && (! kyp->kyc_required) ) @@ -616,18 +660,6 @@ TEH_handler_kyc_check ( return MHD_YES; } - /* KYC plugin generated reply? */ - if (NULL != kyp->kyc_url) - { - return TALER_MHD_REPLY_JSON_PACK ( - rc->connection, - MHD_HTTP_ACCEPTED, - GNUNET_JSON_pack_uint64 ("aml_status", - kyp->aml_status), - GNUNET_JSON_pack_string ("kyc_url", - kyp->kyc_url)); - } - if (TALER_EC_NONE != kyp->ec) { return TALER_MHD_reply_with_ec (rc->connection, diff --git a/src/exchangedb/0002-legitimization_processes.sql b/src/exchangedb/0002-legitimization_processes.sql index 5b70108ea..3212b1c06 100644 --- a/src/exchangedb/0002-legitimization_processes.sql +++ b/src/exchangedb/0002-legitimization_processes.sql @@ -25,12 +25,13 @@ BEGIN 'CREATE TABLE %I' '(legitimization_process_serial_id BIGINT GENERATED BY DEFAULT AS IDENTITY' ',h_payto BYTEA NOT NULL CHECK (LENGTH(h_payto)=32)' + ',start_time INT8 NOT NULL' ',expiration_time INT8 NOT NULL DEFAULT (0)' ',provider_section TEXT NOT NULL' ',provider_user_id TEXT DEFAULT NULL' ',provider_legitimization_id TEXT DEFAULT NULL' + ',redirect_url TEXT DEFAULT NULL' ',finished BOOLEAN DEFAULT (FALSE)' - ',UNIQUE (h_payto, provider_section)' ') %s ;' ,'legitimization_processes' ,'PARTITION BY HASH (h_payto)' @@ -54,6 +55,18 @@ BEGIN ,shard_suffix ); PERFORM comment_partitioned_column( + 'time when the KYC check was initiated, useful for garbage collection' + ,'expiration_time' + ,'legitimization_processes' + ,shard_suffix + ); + PERFORM comment_partitioned_column( + 'URL where the user should go to begin the KYC process' + ,'redirect_url' + ,'legitimization_processes' + ,shard_suffix + ); + PERFORM comment_partitioned_column( 'in the future if the respective KYC check was passed successfully' ,'expiration_time' ,'legitimization_processes' diff --git a/src/exchangedb/Makefile.am b/src/exchangedb/Makefile.am index 33a5722c2..84bd53018 100644 --- a/src/exchangedb/Makefile.am +++ b/src/exchangedb/Makefile.am @@ -77,6 +77,7 @@ libtaler_plugin_exchangedb_postgres_la_SOURCES = \ pg_select_aggregation_amounts_for_kyc_check.h pg_select_aggregation_amounts_for_kyc_check.c \ pg_lookup_wire_fee_by_time.h pg_lookup_wire_fee_by_time.c \ pg_select_satisfied_kyc_processes.h pg_select_satisfied_kyc_processes.c \ + pg_get_pending_kyc_requirement_process.h pg_get_pending_kyc_requirement_process.c \ pg_kyc_provider_account_lookup.h pg_kyc_provider_account_lookup.c \ pg_lookup_kyc_requirement_by_row.h pg_lookup_kyc_requirement_by_row.c \ pg_insert_kyc_requirement_for_account.h pg_insert_kyc_requirement_for_account.c \ diff --git a/src/exchangedb/pg_get_pending_kyc_requirement_process.c b/src/exchangedb/pg_get_pending_kyc_requirement_process.c new file mode 100644 index 000000000..2a5808ff3 --- /dev/null +++ b/src/exchangedb/pg_get_pending_kyc_requirement_process.c @@ -0,0 +1,63 @@ +/* + This file is part of TALER + Copyright (C) 2023 Taler Systems SA + + TALER is free software; you can redistribute it and/or modify it under the + terms of the GNU General Public License as published by the Free Software + Foundation; either version 3, or (at your option) any later version. + + TALER is distributed in the hope that it will be useful, but WITHOUT ANY + WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + A PARTICULAR PURPOSE. See the GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along with + TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/> + */ +/** + * @file exchangedb/pg_get_pending_kyc_requirement_process.c + * @brief Implementation of the get_pending_kyc_requirement_process function for Postgres + * @author Christian Grothoff + */ +#include "platform.h" +#include "taler_error_codes.h" +#include "taler_dbevents.h" +#include "taler_pq_lib.h" +#include "pg_get_pending_kyc_requirement_process.h" +#include "pg_helper.h" + + +enum GNUNET_DB_QueryStatus +TEH_PG_get_pending_kyc_requirement_process ( + void *cls, + const struct TALER_PaytoHashP *h_payto, + const char *provider_section, + char **redirect_url) +{ + struct PostgresClosure *pg = cls; + struct GNUNET_PQ_QueryParam params[] = { + GNUNET_PQ_query_param_string (provider_section), + GNUNET_PQ_query_param_auto_from_type (h_payto), + GNUNET_PQ_query_param_end + }; + struct GNUNET_PQ_ResultSpec rs[] = { + GNUNET_PQ_result_spec_string ("redirect_url", + redirect_url), + GNUNET_PQ_result_spec_end + }; + + PREPARE (pg, + "get_pending_kyc_requirement_process", + "SELECT" + " redirect_url" + " FROM legitimization_processes" + " WHERE provider_section=$1" + " AND h_payto=$2" + " AND NOT finished" + " ORDER BY start_time DESC" + " LIMIT 1"); + return GNUNET_PQ_eval_prepared_singleton_select ( + pg->conn, + "get_pending_kyc_requirement_process", + params, + rs); +} diff --git a/src/exchangedb/pg_get_pending_kyc_requirement_process.h b/src/exchangedb/pg_get_pending_kyc_requirement_process.h new file mode 100644 index 000000000..738c4d65b --- /dev/null +++ b/src/exchangedb/pg_get_pending_kyc_requirement_process.h @@ -0,0 +1,45 @@ +/* + This file is part of TALER + Copyright (C) 2023 Taler Systems SA + + TALER is free software; you can redistribute it and/or modify it under the + terms of the GNU General Public License as published by the Free Software + Foundation; either version 3, or (at your option) any later version. + + TALER is distributed in the hope that it will be useful, but WITHOUT ANY + WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + A PARTICULAR PURPOSE. See the GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along with + TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/> + */ +/** + * @file exchangedb/pg_get_pending_kyc_requirement_process.h + * @brief implementation of the get_pending_kyc_requirement_process function for Postgres + * @author Christian Grothoff + */ +#ifndef PG_GET_PENDING_KYC_REQUIREMENT_PROCESS_H +#define PG_GET_PENDING_KYC_REQUIREMENT_PROCESS_H + +#include "taler_util.h" +#include "taler_json_lib.h" +#include "taler_exchangedb_plugin.h" + + +/** + * Fetch information about pending KYC requirement process. + * + * @param cls closure + * @param h_payto account that must be KYC'ed + * @param provider_section provider that must be checked + * @param[out] redirect_url set to redirect URL for the process + * @return database transaction status + */ +enum GNUNET_DB_QueryStatus +TEH_PG_get_pending_kyc_requirement_process ( + void *cls, + const struct TALER_PaytoHashP *h_payto, + const char *provider_section, + char **redirect_url); + +#endif diff --git a/src/exchangedb/pg_insert_kyc_requirement_process.c b/src/exchangedb/pg_insert_kyc_requirement_process.c index 97b82eff6..a20db3388 100644 --- a/src/exchangedb/pg_insert_kyc_requirement_process.c +++ b/src/exchangedb/pg_insert_kyc_requirement_process.c @@ -36,8 +36,11 @@ TEH_PG_insert_kyc_requirement_process ( uint64_t *process_row) { struct PostgresClosure *pg = cls; + struct GNUNET_TIME_Absolute now + = GNUNET_TIME_absolute_get (); struct GNUNET_PQ_QueryParam params[] = { GNUNET_PQ_query_param_auto_from_type (h_payto), + GNUNET_PQ_query_param_absolute_time (&now), GNUNET_PQ_query_param_string (provider_section), (NULL != provider_account_id) ? GNUNET_PQ_query_param_string (provider_account_id) @@ -53,20 +56,16 @@ TEH_PG_insert_kyc_requirement_process ( GNUNET_PQ_result_spec_end }; - /* Used in #postgres_insert_kyc_requirement_process() */ PREPARE (pg, "insert_legitimization_process", "INSERT INTO legitimization_processes" " (h_payto" + " ,start_time" " ,provider_section" " ,provider_user_id" " ,provider_legitimization_id" " ) VALUES " - " ($1, $2, $3, $4)" - " ON CONFLICT (h_payto,provider_section) " - " DO UPDATE SET" - " provider_user_id=$3" - " ,provider_legitimization_id=$4" + " ($1, $2, $3, $4, $5)" " RETURNING legitimization_process_serial_id"); return GNUNET_PQ_eval_prepared_singleton_select ( pg->conn, diff --git a/src/exchangedb/pg_lookup_records_by_table.c b/src/exchangedb/pg_lookup_records_by_table.c index b1656aaf1..fc4af32a8 100644 --- a/src/exchangedb/pg_lookup_records_by_table.c +++ b/src/exchangedb/pg_lookup_records_by_table.c @@ -1147,7 +1147,6 @@ lrbt_cb_table_batch_deposits (void *cls, unsigned int num_results) { struct LookupRecordsByTableContext *ctx = cls; - struct PostgresClosure *pg = ctx->pg; struct TALER_EXCHANGEDB_TableData td = { .table = TALER_EXCHANGEDB_RT_BATCH_DEPOSITS }; diff --git a/src/exchangedb/pg_update_kyc_process_by_row.c b/src/exchangedb/pg_update_kyc_process_by_row.c index 9f8a18cf7..d379ee81d 100644 --- a/src/exchangedb/pg_update_kyc_process_by_row.c +++ b/src/exchangedb/pg_update_kyc_process_by_row.c @@ -25,6 +25,7 @@ #include "pg_update_kyc_process_by_row.h" #include "pg_helper.h" + enum GNUNET_DB_QueryStatus TEH_PG_update_kyc_process_by_row ( void *cls, @@ -33,6 +34,7 @@ TEH_PG_update_kyc_process_by_row ( const struct TALER_PaytoHashP *h_payto, const char *provider_account_id, const char *provider_legitimization_id, + const char *redirect_url, struct GNUNET_TIME_Absolute expiration) { struct PostgresClosure *pg = cls; @@ -46,6 +48,7 @@ TEH_PG_update_kyc_process_by_row ( (NULL != provider_legitimization_id) ? GNUNET_PQ_query_param_string (provider_legitimization_id) : GNUNET_PQ_query_param_null (), + GNUNET_PQ_query_param_string (redirect_url), GNUNET_PQ_query_param_absolute_time (&expiration), GNUNET_PQ_query_param_end }; @@ -60,7 +63,8 @@ TEH_PG_update_kyc_process_by_row ( "UPDATE legitimization_processes" " SET provider_user_id=$4" " ,provider_legitimization_id=$5" - " ,expiration_time=GREATEST(expiration_time,$6)" + " ,redirect_url=$6" + " ,expiration_time=GREATEST(expiration_time,$7)" " WHERE" " h_payto=$3" " AND legitimization_process_serial_id=$1" diff --git a/src/exchangedb/pg_update_kyc_process_by_row.h b/src/exchangedb/pg_update_kyc_process_by_row.h index 07e896dbc..7ef5285e9 100644 --- a/src/exchangedb/pg_update_kyc_process_by_row.h +++ b/src/exchangedb/pg_update_kyc_process_by_row.h @@ -35,6 +35,7 @@ * @param h_payto account that must be KYC'ed (helps access by shard, otherwise also redundant) * @param provider_account_id provider account ID * @param provider_legitimization_id provider legitimization ID + * @param redirect_url where the user should be redirected to start the KYC process * @param expiration how long is this KYC check set to be valid (in the past if invalid) * @return database transaction status */ @@ -46,6 +47,7 @@ TEH_PG_update_kyc_process_by_row ( const struct TALER_PaytoHashP *h_payto, const char *provider_account_id, const char *provider_legitimization_id, + const char *redirect_url, struct GNUNET_TIME_Absolute expiration); #endif diff --git a/src/exchangedb/plugin_exchangedb_postgres.c b/src/exchangedb/plugin_exchangedb_postgres.c index ea43c8ff9..652ff49ca 100644 --- a/src/exchangedb/plugin_exchangedb_postgres.c +++ b/src/exchangedb/plugin_exchangedb_postgres.c @@ -46,6 +46,7 @@ #include "pg_insert_close_request.h" #include "pg_insert_records_by_table.h" #include "pg_insert_reserve_open_deposit.h" +#include "pg_get_pending_kyc_requirement_process.h" #include "pg_iterate_kyc_reference.h" #include "pg_iterate_reserve_close_info.h" #include "pg_lookup_records_by_table.h" @@ -744,6 +745,8 @@ libtaler_plugin_exchangedb_postgres_init (void *cls) = &TEH_PG_select_purse_by_merge_pub; plugin->set_purse_balance = &TEH_PG_set_purse_balance; + plugin->get_pending_kyc_requirement_process + = &TEH_PG_get_pending_kyc_requirement_process; plugin->insert_kyc_attributes = &TEH_PG_insert_kyc_attributes; plugin->select_similar_kyc_attributes diff --git a/src/include/taler_exchangedb_plugin.h b/src/include/taler_exchangedb_plugin.h index 9d541ac12..704f8012a 100644 --- a/src/include/taler_exchangedb_plugin.h +++ b/src/include/taler_exchangedb_plugin.h @@ -6669,6 +6669,23 @@ struct TALER_EXCHANGEDB_Plugin /** + * Fetch information about pending KYC requirement process. + * + * @param cls closure + * @param h_payto account that must be KYC'ed + * @param provider_section provider that must be checked + * @param[out] redirect_url set to redirect URL for the process + * @return database transaction status + */ + enum GNUNET_DB_QueryStatus + (*get_pending_kyc_requirement_process)( + void *cls, + const struct TALER_PaytoHashP *h_payto, + const char *provider_section, + char **redirect_url); + + + /** * Update KYC process with updated provider-linkage and/or * expiration data. * @@ -6678,6 +6695,7 @@ struct TALER_EXCHANGEDB_Plugin * @param h_payto account that must be KYC'ed (helps access by shard, otherwise also redundant) * @param provider_account_id provider account ID * @param provider_legitimization_id provider legitimization ID + * @param redirect_url where the user should be redirected to start the KYC process * @param expiration how long is this KYC check set to be valid (in the past if invalid) * @return database transaction status */ @@ -6689,6 +6707,7 @@ struct TALER_EXCHANGEDB_Plugin const struct TALER_PaytoHashP *h_payto, const char *provider_account_id, const char *provider_legitimization_id, + const char *redirect_url, struct GNUNET_TIME_Absolute expiration); |