diff options
Diffstat (limited to 'src/exchange/taler-exchange-httpd_kyc-wallet.c')
| -rw-r--r-- | src/exchange/taler-exchange-httpd_kyc-wallet.c | 136 |
1 files changed, 118 insertions, 18 deletions
diff --git a/src/exchange/taler-exchange-httpd_kyc-wallet.c b/src/exchange/taler-exchange-httpd_kyc-wallet.c index 0d92efd3a..21d07422d 100644 --- a/src/exchange/taler-exchange-httpd_kyc-wallet.c +++ b/src/exchange/taler-exchange-httpd_kyc-wallet.c @@ -1,6 +1,6 @@ /* This file is part of TALER - Copyright (C) 2021 Taler Systems SA + Copyright (C) 2021, 2022 Taler Systems SA TALER is free software; you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software @@ -26,6 +26,7 @@ #include <pthread.h> #include "taler_json_lib.h" #include "taler_mhd_lib.h" +#include "taler_kyclogic_lib.h" #include "taler-exchange-httpd_kyc-wallet.h" #include "taler-exchange-httpd_responses.h" @@ -38,16 +39,60 @@ struct KycRequestContext /** * Public key of the reserve/wallet this is about. */ + struct TALER_PaytoHashP h_payto; + + /** + * The reserve's public key + */ struct TALER_ReservePublicKeyP reserve_pub; /** - * Current KYC status. + * KYC status, with row with the legitimization requirement. */ struct TALER_EXCHANGEDB_KycStatus kyc; + + /** + * Balance threshold crossed by the wallet. + */ + struct TALER_Amount balance; + + /** + * Name of the required check. + */ + char *required; + }; /** + * Function called to iterate over KYC-relevant + * transaction amounts for a particular time range. + * Returns the wallet balance. + * + * @param cls closure, a `struct KycRequestContext` + * @param limit maximum time-range for which events + * should be fetched (timestamp in the past) + * @param cb function to call on each event found, + * events must be returned in reverse chronological + * order + * @param cb_cls closure for @a cb + */ +static void +balance_iterator (void *cls, + struct GNUNET_TIME_Absolute limit, + TALER_EXCHANGEDB_KycAmountCallback cb, + void *cb_cls) +{ + struct KycRequestContext *krc = cls; + + (void) limit; + cb (cb_cls, + &krc->balance, + GNUNET_TIME_absolute_get ()); +} + + +/** * Function implementing database transaction to check wallet's KYC status. * Runs the transaction logic; IF it returns a non-error code, the transaction * logic MUST NOT queue a MHD response. IF it returns an hard error, the @@ -69,9 +114,40 @@ wallet_kyc_check (void *cls, struct KycRequestContext *krc = cls; enum GNUNET_DB_QueryStatus qs; - qs = TEH_plugin->inselect_wallet_kyc_status (TEH_plugin->cls, - &krc->reserve_pub, - &krc->kyc); + qs = TALER_KYCLOGIC_kyc_test_required ( + TALER_KYCLOGIC_KYC_TRIGGER_WALLET_BALANCE, + &krc->h_payto, + TEH_plugin->select_satisfied_kyc_processes, + TEH_plugin->cls, + &balance_iterator, + krc, + &krc->required); + if (qs < 0) + { + if (GNUNET_DB_STATUS_SOFT_ERROR == qs) + return qs; + GNUNET_break (0); + *mhd_ret = TALER_MHD_reply_with_error (connection, + MHD_HTTP_INTERNAL_SERVER_ERROR, + TALER_EC_GENERIC_DB_FETCH_FAILED, + "kyc_test_required"); + return qs; + } + if (NULL == krc->required) + { + krc->kyc.ok = true; + return GNUNET_DB_STATUS_SUCCESS_NO_RESULTS; + } + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "KYC check required at %s is `%s'\n", + TALER_amount2s (&krc->balance), + krc->required); + krc->kyc.ok = false; + qs = TEH_plugin->insert_kyc_requirement_for_account (TEH_plugin->cls, + krc->required, + &krc->h_payto, + &krc->reserve_pub, + &krc->kyc.requirement_row); if (qs < 0) { if (GNUNET_DB_STATUS_SOFT_ERROR == qs) @@ -80,9 +156,14 @@ wallet_kyc_check (void *cls, *mhd_ret = TALER_MHD_reply_with_error (connection, MHD_HTTP_INTERNAL_SERVER_ERROR, TALER_EC_GENERIC_DB_FETCH_FAILED, - "inselect_wallet_status"); + "insert_kyc_requirement_for_account"); return qs; } + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "KYC requirement inserted for wallet %s (%llu, %d)\n", + TALER_B2S (&krc->h_payto), + (unsigned long long) krc->kyc.requirement_row, + qs); return qs; } @@ -100,6 +181,9 @@ TEH_handler_kyc_wallet ( &reserve_sig), GNUNET_JSON_spec_fixed_auto ("reserve_pub", &krc.reserve_pub), + TALER_JSON_spec_amount ("balance", + TEH_currency, + &krc.balance), GNUNET_JSON_spec_end () }; MHD_RESULT res; @@ -117,6 +201,7 @@ TEH_handler_kyc_wallet ( TEH_METRICS_num_verifications[TEH_MT_SIGNATURE_EDDSA]++; if (GNUNET_OK != TALER_wallet_account_setup_verify (&krc.reserve_pub, + &krc.balance, &reserve_sig)) { GNUNET_break_op (0); @@ -126,13 +211,19 @@ TEH_handler_kyc_wallet ( TALER_EC_EXCHANGE_KYC_WALLET_SIGNATURE_INVALID, NULL); } - if (TEH_KYC_NONE == TEH_kyc_config.mode) - return TALER_MHD_reply_static ( - rc->connection, - MHD_HTTP_NO_CONTENT, - NULL, - NULL, - 0); + { + char *payto_uri; + + payto_uri = TALER_reserve_make_payto (TEH_base_url, + &krc.reserve_pub); + TALER_payto_hash (payto_uri, + &krc.h_payto); + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "h_payto of wallet %s is %s\n", + payto_uri, + TALER_B2S (&krc.h_payto)); + GNUNET_free (payto_uri); + } ret = TEH_DB_run_transaction (rc->connection, "check wallet kyc", TEH_MT_REQUEST_OTHER, @@ -141,11 +232,20 @@ TEH_handler_kyc_wallet ( &krc); if (GNUNET_SYSERR == ret) return res; - return TALER_MHD_REPLY_JSON_PACK ( - rc->connection, - MHD_HTTP_OK, - GNUNET_JSON_pack_uint64 ("payment_target_uuid", - krc.kyc.payment_target_uuid)); + if (NULL == krc.required) + { + /* KYC not required or already satisfied */ + return TALER_MHD_reply_static ( + rc->connection, + MHD_HTTP_NO_CONTENT, + NULL, + NULL, + 0); + } + GNUNET_free (krc.required); + return TEH_RESPONSE_reply_kyc_required (rc->connection, + &krc.h_payto, + &krc.kyc); } |