diff options
Diffstat (limited to 'src/lib/exchange_api_kyc_check.c')
-rw-r--r-- | src/lib/exchange_api_kyc_check.c | 321 |
1 files changed, 321 insertions, 0 deletions
diff --git a/src/lib/exchange_api_kyc_check.c b/src/lib/exchange_api_kyc_check.c new file mode 100644 index 000000000..5d3b3792b --- /dev/null +++ b/src/lib/exchange_api_kyc_check.c @@ -0,0 +1,321 @@ +/* + This file is part of TALER + Copyright (C) 2021-2023 Taler Systems SA + + TALER is free software; you can redistribute it and/or modify it under the + terms of the GNU General Public License as published by the Free Software + Foundation; either version 3, or (at your option) any later version. + + TALER is distributed in the hope that it will be useful, but WITHOUT ANY + WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + A PARTICULAR PURPOSE. See the GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along with + TALER; see the file COPYING. If not, see + <http://www.gnu.org/licenses/> +*/ +/** + * @file lib/exchange_api_kyc_check.c + * @brief Implementation of the /kyc-check request + * @author Christian Grothoff + */ +#include "platform.h" +#include <microhttpd.h> /* just for HTTP check codes */ +#include <gnunet/gnunet_util_lib.h> +#include <gnunet/gnunet_curl_lib.h> +#include "taler_exchange_service.h" +#include "taler_json_lib.h" +#include "exchange_api_handle.h" +#include "taler_signatures.h" +#include "exchange_api_curl_defaults.h" + + +/** + * @brief A ``/kyc-check`` handle + */ +struct TALER_EXCHANGE_KycCheckHandle +{ + + /** + * The url for this request. + */ + char *url; + + /** + * Keys of the exchange. + */ + struct TALER_EXCHANGE_Keys *keys; + + /** + * Handle for the request. + */ + struct GNUNET_CURL_Job *job; + + /** + * Function to call with the result. + */ + TALER_EXCHANGE_KycStatusCallback cb; + + /** + * Closure for @e cb. + */ + void *cb_cls; + + /** + * Hash of the payto:// URL that is being KYC'ed. + */ + struct TALER_PaytoHashP h_payto; + +}; + + +/** + * Function called when we're done processing the + * HTTP /kyc-check request. + * + * @param cls the `struct TALER_EXCHANGE_KycCheckHandle` + * @param response_code HTTP response code, 0 on error + * @param response parsed JSON result, NULL on error + */ +static void +handle_kyc_check_finished (void *cls, + long response_code, + const void *response) +{ + struct TALER_EXCHANGE_KycCheckHandle *kch = cls; + const json_t *j = response; + struct TALER_EXCHANGE_KycStatus ks = { + .http_status = (unsigned int) response_code + }; + + kch->job = NULL; + switch (response_code) + { + case 0: + ks.ec = TALER_EC_GENERIC_INVALID_RESPONSE; + break; + case MHD_HTTP_OK: + { + const json_t *kyc_details; + struct GNUNET_JSON_Specification spec[] = { + GNUNET_JSON_spec_fixed_auto ("exchange_sig", + &ks.details.ok.exchange_sig), + GNUNET_JSON_spec_fixed_auto ("exchange_pub", + &ks.details.ok.exchange_pub), + GNUNET_JSON_spec_timestamp ("now", + &ks.details.ok.timestamp), + GNUNET_JSON_spec_object_const ("kyc_details", + &kyc_details), + TALER_JSON_spec_aml_decision ("aml_status", + &ks.details.ok.aml_status), + GNUNET_JSON_spec_end () + }; + + if (GNUNET_OK != + GNUNET_JSON_parse (j, + spec, + NULL, NULL)) + { + GNUNET_break_op (0); + ks.http_status = 0; + ks.ec = TALER_EC_GENERIC_INVALID_RESPONSE; + break; + } + ks.details.ok.kyc_details = kyc_details; + if (GNUNET_OK != + TALER_EXCHANGE_test_signing_key (kch->keys, + &ks.details.ok.exchange_pub)) + { + GNUNET_break_op (0); + ks.http_status = 0; + ks.ec = TALER_EC_GENERIC_INVALID_RESPONSE; + GNUNET_JSON_parse_free (spec); + break; + } + + if (GNUNET_OK != + TALER_exchange_online_account_setup_success_verify ( + &kch->h_payto, + ks.details.ok.kyc_details, + ks.details.ok.timestamp, + &ks.details.ok.exchange_pub, + &ks.details.ok.exchange_sig)) + { + GNUNET_break_op (0); + ks.http_status = 0; + ks.ec = TALER_EC_GENERIC_INVALID_RESPONSE; + GNUNET_JSON_parse_free (spec); + break; + } + kch->cb (kch->cb_cls, + &ks); + GNUNET_JSON_parse_free (spec); + TALER_EXCHANGE_kyc_check_cancel (kch); + return; + } + case MHD_HTTP_ACCEPTED: + { + struct GNUNET_JSON_Specification spec[] = { + TALER_JSON_spec_web_url ("kyc_url", + &ks.details.accepted.kyc_url), + TALER_JSON_spec_aml_decision ("aml_status", + &ks.details.accepted.aml_status), + GNUNET_JSON_spec_end () + }; + + if (GNUNET_OK != + GNUNET_JSON_parse (j, + spec, + NULL, NULL)) + { + GNUNET_break_op (0); + ks.http_status = 0; + ks.ec = TALER_EC_GENERIC_INVALID_RESPONSE; + break; + } + kch->cb (kch->cb_cls, + &ks); + GNUNET_JSON_parse_free (spec); + TALER_EXCHANGE_kyc_check_cancel (kch); + return; + } + case MHD_HTTP_NO_CONTENT: + break; + case MHD_HTTP_BAD_REQUEST: + ks.ec = TALER_JSON_get_error_code (j); + /* This should never happen, either us or the exchange is buggy + (or API version conflict); just pass JSON reply to the application */ + break; + case MHD_HTTP_FORBIDDEN: + ks.ec = TALER_JSON_get_error_code (j); + break; + case MHD_HTTP_NOT_FOUND: + ks.ec = TALER_JSON_get_error_code (j); + break; + case MHD_HTTP_UNAVAILABLE_FOR_LEGAL_REASONS: + { + struct GNUNET_JSON_Specification spec[] = { + TALER_JSON_spec_aml_decision ( + "aml_status", + &ks.details.unavailable_for_legal_reasons.aml_status), + GNUNET_JSON_spec_end () + }; + + if (GNUNET_OK != + GNUNET_JSON_parse (j, + spec, + NULL, NULL)) + { + GNUNET_break_op (0); + ks.http_status = 0; + ks.ec = TALER_EC_GENERIC_INVALID_RESPONSE; + break; + } + kch->cb (kch->cb_cls, + &ks); + GNUNET_JSON_parse_free (spec); + TALER_EXCHANGE_kyc_check_cancel (kch); + return; + } + case MHD_HTTP_INTERNAL_SERVER_ERROR: + ks.ec = TALER_JSON_get_error_code (j); + /* Server had an internal issue; we should retry, but this API + leaves this to the application */ + break; + default: + /* unexpected response code */ + GNUNET_break_op (0); + ks.ec = TALER_JSON_get_error_code (j); + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Unexpected response code %u/%d for exchange kyc_check\n", + (unsigned int) response_code, + (int) ks.ec); + break; + } + kch->cb (kch->cb_cls, + &ks); + TALER_EXCHANGE_kyc_check_cancel (kch); +} + + +struct TALER_EXCHANGE_KycCheckHandle * +TALER_EXCHANGE_kyc_check ( + struct GNUNET_CURL_Context *ctx, + const char *url, + struct TALER_EXCHANGE_Keys *keys, + uint64_t requirement_row, + const struct TALER_PaytoHashP *h_payto, + enum TALER_KYCLOGIC_KycUserType ut, + struct GNUNET_TIME_Relative timeout, + TALER_EXCHANGE_KycStatusCallback cb, + void *cb_cls) +{ + struct TALER_EXCHANGE_KycCheckHandle *kch; + CURL *eh; + char *arg_str; + + { + char payto_str[sizeof (*h_payto) * 2]; + char *end; + unsigned long long timeout_ms; + + end = GNUNET_STRINGS_data_to_string ( + h_payto, + sizeof (*h_payto), + payto_str, + sizeof (payto_str) - 1); + *end = '\0'; + timeout_ms = timeout.rel_value_us + / GNUNET_TIME_UNIT_MILLISECONDS.rel_value_us; + GNUNET_asprintf (&arg_str, + "kyc-check/%llu/%s/%s?timeout_ms=%llu", + (unsigned long long) requirement_row, + payto_str, + TALER_KYCLOGIC_kyc_user_type2s (ut), + timeout_ms); + } + kch = GNUNET_new (struct TALER_EXCHANGE_KycCheckHandle); + kch->h_payto = *h_payto; + kch->cb = cb; + kch->cb_cls = cb_cls; + kch->url = TALER_url_join (url, + arg_str, + NULL); + GNUNET_free (arg_str); + if (NULL == kch->url) + { + GNUNET_free (kch); + return NULL; + } + eh = TALER_EXCHANGE_curl_easy_get_ (kch->url); + if (NULL == eh) + { + GNUNET_break (0); + GNUNET_free (kch->url); + GNUNET_free (kch); + return NULL; + } + kch->keys = TALER_EXCHANGE_keys_incref (keys); + kch->job = GNUNET_CURL_job_add_with_ct_json (ctx, + eh, + &handle_kyc_check_finished, + kch); + return kch; +} + + +void +TALER_EXCHANGE_kyc_check_cancel (struct TALER_EXCHANGE_KycCheckHandle *kch) +{ + if (NULL != kch->job) + { + GNUNET_CURL_job_cancel (kch->job); + kch->job = NULL; + } + TALER_EXCHANGE_keys_decref (kch->keys); + GNUNET_free (kch->url); + GNUNET_free (kch); +} + + +/* end of exchange_api_kyc_check.c */ |