diff options
Diffstat (limited to 'src/testing/test_kyc_api.c')
-rw-r--r-- | src/testing/test_kyc_api.c | 581 |
1 files changed, 581 insertions, 0 deletions
diff --git a/src/testing/test_kyc_api.c b/src/testing/test_kyc_api.c new file mode 100644 index 000000000..0844c5818 --- /dev/null +++ b/src/testing/test_kyc_api.c @@ -0,0 +1,581 @@ +/* + This file is part of TALER + Copyright (C) 2014-2023 Taler Systems SA + + TALER is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as + published by the Free Software Foundation; either version 3, or + (at your option) any later version. + + TALER is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public + License along with TALER; see the file COPYING. If not, see + <http://www.gnu.org/licenses/> +*/ +/** + * @file testing/test_kyc_api.c + * @brief testcase to test the KYC processes + * @author Christian Grothoff + */ +#include "platform.h" +#include "taler_util.h" +#include "taler_attributes.h" +#include "taler_signatures.h" +#include "taler_exchange_service.h" +#include "taler_json_lib.h" +#include <gnunet/gnunet_util_lib.h> +#include <microhttpd.h> +#include "taler_bank_service.h" +#include "taler_fakebank_lib.h" +#include "taler_testing_lib.h" + + +/** + * Configuration file we use. One (big) configuration is used + * for the various components for this test. + */ +#define CONFIG_FILE "test_kyc_api.conf" + +/** + * Our credentials. + */ +struct TALER_TESTING_Credentials cred; + + +/** + * Execute the taler-exchange-wirewatch command with + * our configuration file. + * + * @param label label to use for the command. + */ +#define CMD_EXEC_WIREWATCH(label) \ + TALER_TESTING_cmd_exec_wirewatch2 (label, CONFIG_FILE, "exchange-account-2") + +/** + * Execute the taler-exchange-aggregator, closer and transfer commands with + * our configuration file. + * + * @param label label to use for the command. + */ +#define CMD_EXEC_AGGREGATOR(label) \ + TALER_TESTING_cmd_sleep (label "-sleep", 1), \ + TALER_TESTING_cmd_exec_aggregator_with_kyc (label, CONFIG_FILE), \ + TALER_TESTING_cmd_exec_transfer (label, CONFIG_FILE) + +/** + * Run wire transfer of funds from some user's account to the + * exchange. + * + * @param label label to use for the command. + * @param amount amount to transfer, i.e. "EUR:1" + */ +#define CMD_TRANSFER_TO_EXCHANGE(label,amount) \ + TALER_TESTING_cmd_admin_add_incoming (label, amount, \ + &cred.ba, \ + cred.user42_payto) + +/** + * Main function that will tell the interpreter what commands to + * run. + * + * @param cls closure + */ +static void +run (void *cls, + struct TALER_TESTING_Interpreter *is) +{ + struct TALER_TESTING_Command withdraw[] = { + CMD_TRANSFER_TO_EXCHANGE ("create-reserve-1", + "EUR:15.02"), + TALER_TESTING_cmd_check_bank_admin_transfer ( + "check-create-reserve-1", + "EUR:15.02", + cred.user42_payto, + cred.exchange_payto, + "create-reserve-1"), + CMD_EXEC_WIREWATCH ("wirewatch-1"), + TALER_TESTING_cmd_withdraw_amount ("withdraw-coin-1-no-kyc", + "create-reserve-1", + "EUR:10", + 0, /* age restriction off */ + MHD_HTTP_UNAVAILABLE_FOR_LEGAL_REASONS), + TALER_TESTING_cmd_withdraw_amount ("withdraw-coin-1", + "create-reserve-1", + "EUR:5", + 0, /* age restriction off */ + MHD_HTTP_OK), + TALER_TESTING_cmd_end () + }; + /** + * Test withdraw with KYC. + */ + struct TALER_TESTING_Command withdraw_kyc[] = { + CMD_EXEC_WIREWATCH ("wirewatch-1"), + TALER_TESTING_cmd_withdraw_amount ("withdraw-coin-1-lacking-kyc", + "create-reserve-1", + "EUR:5", + 0, /* age restriction off */ + MHD_HTTP_UNAVAILABLE_FOR_LEGAL_REASONS), + TALER_TESTING_cmd_check_kyc_get ("check-kyc-withdraw", + "withdraw-coin-1-lacking-kyc", + MHD_HTTP_ACCEPTED), + TALER_TESTING_cmd_proof_kyc_oauth2 ("proof-kyc", + "withdraw-coin-1-lacking-kyc", + "kyc-provider-test-oauth2", + "pass", + MHD_HTTP_SEE_OTHER), + TALER_TESTING_cmd_withdraw_amount ("withdraw-coin-1-with-kyc", + "create-reserve-1", + "EUR:5", + 0, /* age restriction off */ + MHD_HTTP_OK), + /* Attestations above are bound to the originating *bank* account, + not to the reserve (!). Hence, they are NOT found here! */ + TALER_TESTING_cmd_reserve_get_attestable ("reserve-get-attestable", + "create-reserve-1", + MHD_HTTP_NOT_FOUND, + NULL), + TALER_TESTING_cmd_end () + }; + struct TALER_TESTING_Command spend[] = { + TALER_TESTING_cmd_deposit ( + "deposit-simple", + "withdraw-coin-1", + 0, + cred.user43_payto, + "{\"items\":[{\"name\":\"ice cream\",\"value\":1}]}", + GNUNET_TIME_UNIT_ZERO, + "EUR:5", + MHD_HTTP_OK), + TALER_TESTING_cmd_track_transaction ( + "track-deposit", + "deposit-simple", + 0, + MHD_HTTP_ACCEPTED, + NULL), + TALER_TESTING_cmd_end () + }; + + struct TALER_TESTING_Command track[] = { + CMD_EXEC_AGGREGATOR ("run-aggregator-before-kyc"), + TALER_TESTING_cmd_check_bank_empty ("check_bank_empty-no-kyc"), + TALER_TESTING_cmd_track_transaction ( + "track-deposit-kyc-ready", + "deposit-simple", + 0, + MHD_HTTP_ACCEPTED, + NULL), + TALER_TESTING_cmd_check_kyc_get ("check-kyc-deposit", + "track-deposit-kyc-ready", + MHD_HTTP_ACCEPTED), + TALER_TESTING_cmd_proof_kyc_oauth2 ("proof-kyc-no-service", + "track-deposit-kyc-ready", + "kyc-provider-test-oauth2", + "bad", + MHD_HTTP_BAD_GATEWAY), + TALER_TESTING_cmd_oauth ("start-oauth-service", + 6666), + TALER_TESTING_cmd_proof_kyc_oauth2 ("proof-kyc-fail", + "track-deposit-kyc-ready", + "kyc-provider-test-oauth2", + "bad", + MHD_HTTP_FORBIDDEN), + TALER_TESTING_cmd_check_kyc_get ("check-kyc-deposit-again", + "track-deposit-kyc-ready", + MHD_HTTP_ACCEPTED), + TALER_TESTING_cmd_proof_kyc_oauth2 ("proof-kyc-pass", + "track-deposit-kyc-ready", + "kyc-provider-test-oauth2", + "pass", + MHD_HTTP_SEE_OTHER), + CMD_EXEC_AGGREGATOR ("run-aggregator-after-kyc"), + TALER_TESTING_cmd_check_bank_transfer ( + "check_bank_transfer-499c", + cred.exchange_url, + "EUR:4.98", + cred.exchange_payto, + cred.user43_payto), + TALER_TESTING_cmd_check_bank_empty ("check_bank_empty"), + TALER_TESTING_cmd_end () + }; + + struct TALER_TESTING_Command wallet_kyc[] = { + TALER_TESTING_cmd_wallet_kyc_get ("wallet-kyc-fail", + NULL, + "EUR:1000000", + MHD_HTTP_UNAVAILABLE_FOR_LEGAL_REASONS), + TALER_TESTING_cmd_check_kyc_get ("check-kyc-wallet", + "wallet-kyc-fail", + MHD_HTTP_ACCEPTED), + TALER_TESTING_cmd_proof_kyc_oauth2 ("proof-wallet-kyc", + "wallet-kyc-fail", + "kyc-provider-test-oauth2", + "pass", + MHD_HTTP_SEE_OTHER), + TALER_TESTING_cmd_check_kyc_get ("wallet-kyc-check", + "wallet-kyc-fail", + MHD_HTTP_NO_CONTENT), + TALER_TESTING_cmd_reserve_get_attestable ("wallet-get-attestable", + "wallet-kyc-fail", + MHD_HTTP_OK, + TALER_ATTRIBUTE_FULL_NAME, + NULL), + TALER_TESTING_cmd_reserve_attest ("wallet-get-attest", + "wallet-kyc-fail", + MHD_HTTP_OK, + TALER_ATTRIBUTE_FULL_NAME, + NULL), + TALER_TESTING_cmd_end () + }; + + /** + * Test withdrawal for P2P + */ + struct TALER_TESTING_Command p2p_withdraw[] = { + /** + * Move money to the exchange's bank account. + */ + CMD_TRANSFER_TO_EXCHANGE ("p2p_create-reserve-1", + "EUR:5.04"), + CMD_TRANSFER_TO_EXCHANGE ("p2p_create-reserve-2", + "EUR:5.01"), + CMD_TRANSFER_TO_EXCHANGE ("p2p_create-reserve-3", + "EUR:0.03"), + TALER_TESTING_cmd_reserve_poll ("p2p_poll-reserve-1", + "p2p_create-reserve-1", + "EUR:5.04", + GNUNET_TIME_UNIT_MINUTES, + MHD_HTTP_OK), + TALER_TESTING_cmd_check_bank_admin_transfer ("p2p_check-create-reserve-1", + "EUR:5.04", + cred.user42_payto, + cred.exchange_payto, + "p2p_create-reserve-1"), + TALER_TESTING_cmd_check_bank_admin_transfer ("p2p_check-create-reserve-2", + "EUR:5.01", + cred.user42_payto, + cred.exchange_payto, + "p2p_create-reserve-2"), + /** + * Make a reserve exist, according to the previous + * transfer. + */ + CMD_EXEC_WIREWATCH ("p2p_wirewatch-1"), + TALER_TESTING_cmd_reserve_poll_finish ("p2p_finish-poll-reserve-1", + GNUNET_TIME_UNIT_SECONDS, + "p2p_poll-reserve-1"), + /** + * Withdraw EUR:5. + */ + TALER_TESTING_cmd_withdraw_amount ("p2p_withdraw-coin-1", + "p2p_create-reserve-1", + "EUR:5", + 0, /* age restriction off */ + MHD_HTTP_OK), + /** + * Check the reserve is depleted. + */ + TALER_TESTING_cmd_status ("p2p_status-1", + "p2p_create-reserve-1", + "EUR:0.03", + MHD_HTTP_OK), + TALER_TESTING_cmd_end () + }; + struct TALER_TESTING_Command push[] = { + TALER_TESTING_cmd_purse_create_with_deposit ( + "purse-with-deposit", + MHD_HTTP_OK, + "{\"amount\":\"EUR:1\",\"summary\":\"ice cream\"}", + true, /* upload contract */ + GNUNET_TIME_UNIT_MINUTES, /* expiration */ + "p2p_withdraw-coin-1", + "EUR:1.01", + NULL), + TALER_TESTING_cmd_coin_history ("coin-history-purse-with-deposit", + "p2p_withdraw-coin-1#0", + "EUR:3.99", + MHD_HTTP_OK), + TALER_TESTING_cmd_purse_poll ( + "push-poll-purse-before-merge", + MHD_HTTP_OK, + "purse-with-deposit", + "EUR:1", + true, + GNUNET_TIME_UNIT_MINUTES), + TALER_TESTING_cmd_contract_get ( + "push-get-contract", + MHD_HTTP_OK, + true, /* for merge */ + "purse-with-deposit"), + TALER_TESTING_cmd_purse_merge ( + "purse-merge-into-reserve", + MHD_HTTP_UNAVAILABLE_FOR_LEGAL_REASONS, + "push-get-contract", + "p2p_create-reserve-1"), + TALER_TESTING_cmd_check_kyc_get ("check-kyc-purse-merge", + "purse-merge-into-reserve", + MHD_HTTP_ACCEPTED), + TALER_TESTING_cmd_proof_kyc_oauth2 ("p2p_proof-kyc", + "purse-merge-into-reserve", + "kyc-provider-test-oauth2", + "pass", + MHD_HTTP_SEE_OTHER), + TALER_TESTING_cmd_purse_merge ( + "purse-merge-into-reserve", + MHD_HTTP_OK, + "push-get-contract", + "p2p_create-reserve-1"), + TALER_TESTING_cmd_purse_poll_finish ( + "push-merge-purse-poll-finish", + GNUNET_TIME_relative_multiply ( + GNUNET_TIME_UNIT_SECONDS, + 5), + "push-poll-purse-before-merge"), + TALER_TESTING_cmd_status ( + "push-check-post-merge-reserve-balance-get", + "p2p_create-reserve-1", + "EUR:1.03", + MHD_HTTP_OK), + TALER_TESTING_cmd_reserve_history ( + "push-check-post-merge-reserve-balance-post", + "p2p_create-reserve-1", + "EUR:1.03", + MHD_HTTP_OK), + + TALER_TESTING_cmd_end () + }; + struct TALER_TESTING_Command pull[] = { + TALER_TESTING_cmd_purse_create_with_reserve ( + "purse-create-with-reserve", + MHD_HTTP_UNAVAILABLE_FOR_LEGAL_REASONS, + "{\"amount\":\"EUR:1\",\"summary\":\"ice cream\"}", + true /* upload contract */, + true /* pay purse fee */, + GNUNET_TIME_UNIT_MINUTES, /* expiration */ + "p2p_create-reserve-3"), + TALER_TESTING_cmd_check_kyc_get ("check-kyc-purse-create", + "purse-create-with-reserve", + MHD_HTTP_ACCEPTED), + TALER_TESTING_cmd_proof_kyc_oauth2 ("p2p_proof-kyc-pull", + "purse-create-with-reserve", + "kyc-provider-test-oauth2", + "pass", + MHD_HTTP_SEE_OTHER), + TALER_TESTING_cmd_purse_create_with_reserve ( + "purse-create-with-reserve", + MHD_HTTP_OK, + "{\"amount\":\"EUR:1\",\"summary\":\"ice cream\"}", + true /* upload contract */, + true /* pay purse fee */, + GNUNET_TIME_UNIT_MINUTES, /* expiration */ + "p2p_create-reserve-3"), + TALER_TESTING_cmd_contract_get ( + "pull-get-contract", + MHD_HTTP_OK, + false, /* for deposit */ + "purse-create-with-reserve"), + TALER_TESTING_cmd_purse_poll ( + "pull-poll-purse-before-deposit", + MHD_HTTP_OK, + "purse-create-with-reserve", + "EUR:1", + false, + GNUNET_TIME_UNIT_MINUTES), + TALER_TESTING_cmd_purse_deposit_coins ( + "purse-deposit-coins", + MHD_HTTP_OK, + 0 /* min age */, + "purse-create-with-reserve", + "p2p_withdraw-coin-1", + "EUR:1.01", + NULL), + TALER_TESTING_cmd_coin_history ("coin-history-purse-pull-deposit", + "p2p_withdraw-coin-1#0", + "EUR:2.98", + MHD_HTTP_OK), + TALER_TESTING_cmd_purse_poll_finish ( + "pull-deposit-purse-poll-finish", + GNUNET_TIME_relative_multiply ( + GNUNET_TIME_UNIT_SECONDS, + 5), + "pull-poll-purse-before-deposit"), + TALER_TESTING_cmd_status ( + "pull-check-post-merge-reserve-balance-get-2", + "p2p_create-reserve-3", + "EUR:1.03", + MHD_HTTP_OK), + TALER_TESTING_cmd_reserve_history ( + "push-check-post-merge-reserve-balance-post-2", + "p2p_create-reserve-3", + "EUR:1.03", + MHD_HTTP_OK), + TALER_TESTING_cmd_end () + }; + struct TALER_TESTING_Command aml[] = { + /* Trigger something upon which an AML officer could act */ + TALER_TESTING_cmd_wallet_kyc_get ("wallet-trigger-kyc-for-aml", + NULL, + "EUR:1000", + MHD_HTTP_UNAVAILABLE_FOR_LEGAL_REASONS), + TALER_TESTING_cmd_set_officer ("create-aml-officer-1", + NULL, + "Peter Falk", + true, + false), + TALER_TESTING_cmd_check_aml_decisions ("check-decisions-none-normal", + "create-aml-officer-1", + TALER_AML_NORMAL, + MHD_HTTP_NO_CONTENT), + TALER_TESTING_cmd_check_aml_decisions ("check-decisions-none-pending", + "create-aml-officer-1", + TALER_AML_PENDING, + MHD_HTTP_NO_CONTENT), + TALER_TESTING_cmd_check_aml_decisions ("check-decisions-none-frozen", + "create-aml-officer-1", + TALER_AML_FROZEN, + MHD_HTTP_NO_CONTENT), + TALER_TESTING_cmd_sleep ("sleep-1a", + 1), + TALER_TESTING_cmd_set_officer ("create-aml-officer-1-disable", + "create-aml-officer-1", + "Peter Falk", + true, + true), + /* Test that we are not allowed to take AML decisions as our + AML staff account is on read-only */ + TALER_TESTING_cmd_take_aml_decision ("aml-decide-while-disabled", + "create-aml-officer-1", + "wallet-trigger-kyc-for-aml", + "EUR:10000", + "party time", + TALER_AML_NORMAL, + NULL, + MHD_HTTP_FORBIDDEN), + /* Check that no decision was taken, but that we are allowed + to read this information */ + TALER_TESTING_cmd_check_aml_decision ("check-aml-decision-empty", + "create-aml-officer-1", + "aml-decide-while-disabled", + MHD_HTTP_NO_CONTENT), + TALER_TESTING_cmd_sleep ("sleep-1b", + 1), + TALER_TESTING_cmd_set_officer ("create-aml-officer-1-enable", + "create-aml-officer-1", + "Peter Falk", + true, + false), + TALER_TESTING_cmd_take_aml_decision ("aml-decide", + "create-aml-officer-1", + "wallet-trigger-kyc-for-aml", + "EUR:10000", + "party time", + TALER_AML_NORMAL, + NULL, + MHD_HTTP_NO_CONTENT), + TALER_TESTING_cmd_check_aml_decisions ("check-decisions-one-normal", + "create-aml-officer-1", + TALER_AML_NORMAL, + MHD_HTTP_OK), + TALER_TESTING_cmd_check_aml_decisions ("check-decisions-zero-frozen", + "create-aml-officer-1", + TALER_AML_FROZEN, + MHD_HTTP_NO_CONTENT), + TALER_TESTING_cmd_check_aml_decision ("check-aml-decision", + "create-aml-officer-1", + "aml-decide", + MHD_HTTP_OK), + TALER_TESTING_cmd_sleep ("sleep-1c", + 1), + TALER_TESTING_cmd_take_aml_decision ("aml-decide-freeze", + "create-aml-officer-1", + "wallet-trigger-kyc-for-aml", + "EUR:1000", + "party over", + TALER_AML_FROZEN, + NULL, + MHD_HTTP_NO_CONTENT), + TALER_TESTING_cmd_check_aml_decisions ("check-decisions-one-frozen", + "create-aml-officer-1", + TALER_AML_FROZEN, + MHD_HTTP_OK), + TALER_TESTING_cmd_check_aml_decisions ("check-decisions-zero-normal", + "create-aml-officer-1", + TALER_AML_NORMAL, + MHD_HTTP_NO_CONTENT), + TALER_TESTING_cmd_sleep ("sleep-1d", + 1), + TALER_TESTING_cmd_set_officer ("create-aml-officer-1-disable", + "create-aml-officer-1", + "Peter Falk", + false, + true), + /* Test that we are NOT allowed to read AML decisions now that + our AML staff account is disabled */ + TALER_TESTING_cmd_check_aml_decision ("check-aml-decision-disabled", + "create-aml-officer-1", + "aml-decide", + MHD_HTTP_FORBIDDEN), + TALER_TESTING_cmd_end () + }; + + struct TALER_TESTING_Command commands[] = { + TALER_TESTING_cmd_run_fakebank ("run-fakebank", + cred.cfg, + "exchange-account-2"), + TALER_TESTING_cmd_system_start ("start-taler", + CONFIG_FILE, + "-e", + NULL), + TALER_TESTING_cmd_get_exchange ("get-exchange", + cred.cfg, + NULL, + true, + true), + TALER_TESTING_cmd_batch ("withdraw", + withdraw), + TALER_TESTING_cmd_batch ("spend", + spend), + TALER_TESTING_cmd_batch ("track", + track), + TALER_TESTING_cmd_batch ("withdraw-kyc", + withdraw_kyc), + TALER_TESTING_cmd_batch ("wallet-kyc", + wallet_kyc), + TALER_TESTING_cmd_batch ("p2p_withdraw", + p2p_withdraw), + TALER_TESTING_cmd_batch ("push", + push), + TALER_TESTING_cmd_batch ("pull", + pull), + TALER_TESTING_cmd_batch ("aml", + aml), + TALER_TESTING_cmd_end () + }; + + (void) cls; + TALER_TESTING_run (is, + commands); +} + + +int +main (int argc, + char *const *argv) +{ + (void) argc; + return TALER_TESTING_main (argv, + "INFO", + CONFIG_FILE, + "exchange-account-2", + TALER_TESTING_BS_FAKEBANK, + &cred, + &run, + NULL); +} + + +/* end of test_kyc_api.c */ |