diff options
Diffstat (limited to 'src/exchange/taler-exchange-httpd_kyc-webhook.c')
-rw-r--r-- | src/exchange/taler-exchange-httpd_kyc-webhook.c | 169 |
1 files changed, 121 insertions, 48 deletions
diff --git a/src/exchange/taler-exchange-httpd_kyc-webhook.c b/src/exchange/taler-exchange-httpd_kyc-webhook.c index 6faa2556d..b92b43e69 100644 --- a/src/exchange/taler-exchange-httpd_kyc-webhook.c +++ b/src/exchange/taler-exchange-httpd_kyc-webhook.c @@ -1,6 +1,6 @@ /* This file is part of TALER - Copyright (C) 2022 Taler Systems SA + Copyright (C) 2022-2023 Taler Systems SA TALER is free software; you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software @@ -24,9 +24,11 @@ #include <jansson.h> #include <microhttpd.h> #include <pthread.h> +#include "taler_attributes.h" #include "taler_json_lib.h" #include "taler_mhd_lib.h" #include "taler_kyclogic_lib.h" +#include "taler-exchange-httpd_common_kyc.h" #include "taler-exchange-httpd_kyc-webhook.h" #include "taler-exchange-httpd_responses.h" @@ -53,11 +55,22 @@ struct KycWebhookContext struct TEH_RequestContext *rc; /** + * Handle for the KYC-AML trigger interaction. + */ + struct TEH_KycAmlTrigger *kat; + + /** * Plugin responsible for the webhook. */ struct TALER_KYCLOGIC_Plugin *plugin; /** + * Section in the configuration of the configured + * KYC provider. + */ + const char *provider_section; + + /** * Configuration for the specific action. */ struct TALER_KYCLOGIC_ProviderDetails *pd; @@ -73,12 +86,6 @@ struct KycWebhookContext struct MHD_Response *response; /** - * Logic the request is for. Name of the configuration - * section defining the KYC logic. - */ - char *logic; - - /** * HTTP response code to return. */ unsigned int response_code; @@ -140,31 +147,56 @@ TEH_kyc_webhook_cleanup (void) /** - * Function called with the result of a webhook - * operation. + * Function called after the KYC-AML trigger is done. + * + * @param cls closure with a `struct KycWebhookContext *` + * @param http_status final HTTP status to return + * @param[in] response final HTTP ro return + */ +static void +kyc_aml_webhook_finished ( + void *cls, + unsigned int http_status, + struct MHD_Response *response) +{ + struct KycWebhookContext *kwh = cls; + + kwh->kat = NULL; + kwh->response = response; + kwh->response_code = http_status; + kwh_resume (kwh); +} + + +/** + * Function called with the result of a KYC webhook operation. * * Note that the "decref" for the @a response * will be done by the plugin. * * @param cls closure - * @param legi_row legitimization request the webhook was about + * @param process_row legitimization process the webhook was about * @param account_id account the webhook was about + * @param provider_section name of the configuration section of the logic that was run * @param provider_user_id set to user ID at the provider, or NULL if not supported or unknown * @param provider_legitimization_id set to legitimization process ID at the provider, or NULL if not supported or unknown * @param status KYC status * @param expiration until when is the KYC check valid + * @param attributes user attributes returned by the provider * @param http_status HTTP status code of @a response * @param[in] response to return to the HTTP client */ static void webhook_finished_cb ( void *cls, - uint64_t legi_row, + uint64_t process_row, const struct TALER_PaytoHashP *account_id, + const char *provider_section, const char *provider_user_id, const char *provider_legitimization_id, enum TALER_KYCLOGIC_KycStatus status, struct GNUNET_TIME_Absolute expiration, + const json_t *attributes, unsigned int http_status, struct MHD_Response *response) { @@ -174,26 +206,53 @@ webhook_finished_cb ( switch (status) { case TALER_KYCLOGIC_STATUS_SUCCESS: - /* _successfully_ resumed case */ + kwh->kat = TEH_kyc_finished ( + &kwh->rc->async_scope_id, + process_row, + account_id, + provider_section, + provider_user_id, + provider_legitimization_id, + expiration, + attributes, + http_status, + response, + &kyc_aml_webhook_finished, + kwh); + if (NULL == kwh->kat) { - enum GNUNET_DB_QueryStatus qs; - - qs = TEH_plugin->update_kyc_requirement_by_row (TEH_plugin->cls, - legi_row, - kwh->logic, - account_id, - provider_user_id, - provider_legitimization_id, - expiration); - if (qs < 0) - { - GNUNET_break (0); - kwh->response = TALER_MHD_make_error (TALER_EC_GENERIC_DB_STORE_FAILED, - "set_kyc_ok"); - kwh->response_code = MHD_HTTP_INTERNAL_SERVER_ERROR; - kwh_resume (kwh); - return; - } + if (NULL != response) + MHD_destroy_response (response); + http_status = MHD_HTTP_INTERNAL_SERVER_ERROR; + response = TALER_MHD_make_error ( + TALER_EC_EXCHANGE_GENERIC_BAD_CONFIGURATION, + "[exchange] AML_KYC_TRIGGER"); + break; + } + return; + case TALER_KYCLOGIC_STATUS_FAILED: + case TALER_KYCLOGIC_STATUS_PROVIDER_FAILED: + case TALER_KYCLOGIC_STATUS_USER_ABORTED: + case TALER_KYCLOGIC_STATUS_ABORTED: + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "KYC process %s/%s (Row #%llu) failed: %d\n", + provider_user_id, + provider_legitimization_id, + (unsigned long long) process_row, + status); + if (! TEH_kyc_failed (process_row, + account_id, + provider_section, + provider_user_id, + provider_legitimization_id)) + { + GNUNET_break (0); + if (NULL != response) + MHD_destroy_response (response); + http_status = MHD_HTTP_INTERNAL_SERVER_ERROR; + response = TALER_MHD_make_error ( + TALER_EC_GENERIC_DB_STORE_FAILED, + "insert_kyc_failure"); } break; default: @@ -201,13 +260,14 @@ webhook_finished_cb ( "KYC status of %s/%s (Row #%llu) is %d\n", provider_user_id, provider_legitimization_id, - (unsigned long long) legi_row, - status); + (unsigned long long) process_row, + (int) status); break; } - kwh->response = response; - kwh->response_code = http_status; - kwh_resume (kwh); + GNUNET_break (NULL == kwh->kat); + kyc_aml_webhook_finished (kwh, + http_status, + response); } @@ -226,12 +286,16 @@ clean_kwh (struct TEH_RequestContext *rc) kwh->plugin->webhook_cancel (kwh->wh); kwh->wh = NULL; } + if (NULL != kwh->kat) + { + TEH_kyc_finished_cancel (kwh->kat); + kwh->kat = NULL; + } if (NULL != kwh->response) { MHD_destroy_response (kwh->response); kwh->response = NULL; } - GNUNET_free (kwh->logic); GNUNET_free (kwh); } @@ -242,7 +306,7 @@ clean_kwh (struct TEH_RequestContext *rc) * @param rc request to handle * @param method HTTP request method used by the client * @param root uploaded JSON body (can be NULL) - * @param args one argument with the payment_target_uuid + * @param args one argument with the legitimization_uuid * @return MHD result code */ static MHD_RESULT @@ -257,24 +321,29 @@ handler_kyc_webhook_generic ( if (NULL == kwh) { /* first time */ kwh = GNUNET_new (struct KycWebhookContext); - kwh->logic = GNUNET_strdup (args[0]); kwh->rc = rc; rc->rh_ctx = kwh; rc->rh_cleaner = &clean_kwh; - if (GNUNET_OK != - TALER_KYCLOGIC_kyc_get_logic (kwh->logic, - &kwh->plugin, - &kwh->pd)) + if ( (NULL == args[0]) || + (GNUNET_OK != + TALER_KYCLOGIC_lookup_logic (args[0], + &kwh->plugin, + &kwh->pd, + &kwh->provider_section)) ) { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "KYC logic `%s' unknown (check KYC provider configuration)\n", - kwh->logic); + args[0]); return TALER_MHD_reply_with_error (rc->connection, MHD_HTTP_NOT_FOUND, TALER_EC_EXCHANGE_KYC_GENERIC_LOGIC_UNKNOWN, - "$LOGIC"); + args[0]); } + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "KYC logic `%s' mapped to section %s\n", + args[0], + kwh->provider_section); kwh->wh = kwh->plugin->webhook (kwh->plugin->cls, kwh->pd, TEH_plugin->kyc_provider_account_lookup, @@ -300,13 +369,17 @@ handler_kyc_webhook_generic ( MHD_suspend_connection (rc->connection); return MHD_YES; } + GNUNET_break (GNUNET_NO == kwh->suspended); if (NULL != kwh->response) { - /* handle _failed_ resumed cases */ - return MHD_queue_response (rc->connection, - kwh->response_code, - kwh->response); + MHD_RESULT res; + + res = MHD_queue_response (rc->connection, + kwh->response_code, + kwh->response); + GNUNET_break (MHD_YES == res); + return res; } /* We resumed, but got no response? This should |