From 2d6bce2dc0ded9fcb77caa1cafecd401216b7238 Mon Sep 17 00:00:00 2001
From: Christian Grothoff <christian@grothoff.org>
Date: Tue, 13 Feb 2024 22:01:02 +0100
Subject: set 'finished' to TRUE when KYC process is done (either way,
 successful or failure); should fix #8055, needs testing

---
 src/exchange/taler-exchange-httpd_common_kyc.c  | 24 +++++++++++++++-
 src/exchange/taler-exchange-httpd_common_kyc.h  | 18 ++++++++++++
 src/exchange/taler-exchange-httpd_kyc-proof.c   | 37 ++++++++++++++++++++++++-
 src/exchange/taler-exchange-httpd_kyc-webhook.c | 29 +++++++++++++++++--
 4 files changed, 104 insertions(+), 4 deletions(-)

(limited to 'src/exchange')

diff --git a/src/exchange/taler-exchange-httpd_common_kyc.c b/src/exchange/taler-exchange-httpd_common_kyc.c
index 2a7193f4d..bcee5a0d2 100644
--- a/src/exchange/taler-exchange-httpd_common_kyc.c
+++ b/src/exchange/taler-exchange-httpd_common_kyc.c
@@ -104,7 +104,8 @@ struct TEH_KycAmlTrigger
  *
  * @param cls closure of type `struct TEH_KycAmlTrigger *`
  * @param status_type how did the process die
- * @param code termination status code from the process
+ * @param code termination status code from the process,
+ *        non-zero if AML checks are required next
  * @param result some JSON result, NULL if we failed to get an JSON output
  */
 static void
@@ -278,3 +279,24 @@ TEH_kyc_finished_cancel (struct TEH_KycAmlTrigger *kat)
   }
   GNUNET_free (kat);
 }
+
+
+bool
+TEH_kyc_failed (uint64_t process_row,
+                const struct TALER_PaytoHashP *account_id,
+                const char *provider_section,
+                const char *provider_user_id,
+                const char *provider_legitimization_id)
+{
+  enum GNUNET_DB_QueryStatus qs;
+
+  qs = TEH_plugin->insert_kyc_failure (
+    TEH_plugin->cls,
+    process_row,
+    account_id,
+    provider_section,
+    provider_user_id,
+    provider_legitimization_id);
+  GNUNET_break (qs >= 0);
+  return qs >= 0;
+}
diff --git a/src/exchange/taler-exchange-httpd_common_kyc.h b/src/exchange/taler-exchange-httpd_common_kyc.h
index 572766041..8198679c9 100644
--- a/src/exchange/taler-exchange-httpd_common_kyc.h
+++ b/src/exchange/taler-exchange-httpd_common_kyc.h
@@ -96,4 +96,22 @@ void
 TEH_kyc_finished_cancel (struct TEH_KycAmlTrigger *kat);
 
 
+/**
+ * Update state of a legitmization process to 'finished'
+ * (and failed, no attributes were obtained).
+ *
+ * @param process_row legitimization process the webhook was about
+ * @param account_id account the webhook was about
+ * @param provider_section name of the configuration section of the logic that was run
+ * @param provider_user_id set to user ID at the provider, or NULL if not supported or unknown
+ * @param provider_legitimization_id set to legitimization process ID at the provider, or NULL if not supported or unknown
+ * @return true on success, false if updating the database failed
+ */
+bool
+TEH_kyc_failed (uint64_t process_row,
+                const struct TALER_PaytoHashP *account_id,
+                const char *provider_section,
+                const char *provider_user_id,
+                const char *provider_legitimization_id);
+
 #endif
diff --git a/src/exchange/taler-exchange-httpd_kyc-proof.c b/src/exchange/taler-exchange-httpd_kyc-proof.c
index ef3583d02..b9ec3563d 100644
--- a/src/exchange/taler-exchange-httpd_kyc-proof.c
+++ b/src/exchange/taler-exchange-httpd_kyc-proof.c
@@ -220,8 +220,9 @@ proof_cb (
   kpc->ph = NULL;
   GNUNET_async_scope_enter (&rc->async_scope_id,
                             &old_scope);
-  if (TALER_KYCLOGIC_STATUS_SUCCESS == status)
+  switch (status)
   {
+  case TALER_KYCLOGIC_STATUS_SUCCESS:
     GNUNET_log (GNUNET_ERROR_TYPE_INFO,
                 "KYC process #%llu succeeded with KYC provider\n",
                 (unsigned long long) kpc->process_row);
@@ -246,6 +247,40 @@ proof_cb (
         TALER_EC_EXCHANGE_GENERIC_BAD_CONFIGURATION,
         "[exchange] AML_KYC_TRIGGER");
     }
+    break;
+  case TALER_KYCLOGIC_STATUS_FAILED:
+  case TALER_KYCLOGIC_STATUS_PROVIDER_FAILED:
+  case TALER_KYCLOGIC_STATUS_USER_ABORTED:
+  case TALER_KYCLOGIC_STATUS_ABORTED:
+    GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+                "KYC process %s/%s (Row #%llu) failed: %d\n",
+                provider_user_id,
+                provider_legitimization_id,
+                (unsigned long long) kpc->process_row,
+                status);
+    if (! TEH_kyc_failed (kpc->process_row,
+                          &kpc->h_payto,
+                          kpc->provider_section,
+                          provider_user_id,
+                          provider_legitimization_id))
+    {
+      GNUNET_break (0);
+      if (NULL != response)
+        MHD_destroy_response (response);
+      http_status = MHD_HTTP_INTERNAL_SERVER_ERROR;
+      response = TALER_MHD_make_error (
+        TALER_EC_GENERIC_DB_STORE_FAILED,
+        "insert_kyc_failure");
+    }
+    break;
+  default:
+    GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+                "KYC status of %s/%s (Row #%llu) is %d\n",
+                provider_user_id,
+                provider_legitimization_id,
+                (unsigned long long) kpc->process_row,
+                (int) status);
+    break;
   }
   if (NULL == kpc->kat)
   {
diff --git a/src/exchange/taler-exchange-httpd_kyc-webhook.c b/src/exchange/taler-exchange-httpd_kyc-webhook.c
index 8bd6d4bb2..b92b43e69 100644
--- a/src/exchange/taler-exchange-httpd_kyc-webhook.c
+++ b/src/exchange/taler-exchange-httpd_kyc-webhook.c
@@ -221,22 +221,47 @@ webhook_finished_cb (
       kwh);
     if (NULL == kwh->kat)
     {
-      http_status = MHD_HTTP_INTERNAL_SERVER_ERROR;
       if (NULL != response)
         MHD_destroy_response (response);
+      http_status = MHD_HTTP_INTERNAL_SERVER_ERROR;
       response = TALER_MHD_make_error (
         TALER_EC_EXCHANGE_GENERIC_BAD_CONFIGURATION,
         "[exchange] AML_KYC_TRIGGER");
       break;
     }
     return;
+  case TALER_KYCLOGIC_STATUS_FAILED:
+  case TALER_KYCLOGIC_STATUS_PROVIDER_FAILED:
+  case TALER_KYCLOGIC_STATUS_USER_ABORTED:
+  case TALER_KYCLOGIC_STATUS_ABORTED:
+    GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+                "KYC process %s/%s (Row #%llu) failed: %d\n",
+                provider_user_id,
+                provider_legitimization_id,
+                (unsigned long long) process_row,
+                status);
+    if (! TEH_kyc_failed (process_row,
+                          account_id,
+                          provider_section,
+                          provider_user_id,
+                          provider_legitimization_id))
+    {
+      GNUNET_break (0);
+      if (NULL != response)
+        MHD_destroy_response (response);
+      http_status = MHD_HTTP_INTERNAL_SERVER_ERROR;
+      response = TALER_MHD_make_error (
+        TALER_EC_GENERIC_DB_STORE_FAILED,
+        "insert_kyc_failure");
+    }
+    break;
   default:
     GNUNET_log (GNUNET_ERROR_TYPE_INFO,
                 "KYC status of %s/%s (Row #%llu) is %d\n",
                 provider_user_id,
                 provider_legitimization_id,
                 (unsigned long long) process_row,
-                status);
+                (int) status);
     break;
   }
   GNUNET_break (NULL == kwh->kat);
-- 
cgit v1.2.3