From ec34049dff00219dfbfce23967fcaae92a391bb6 Mon Sep 17 00:00:00 2001
From: Christian Grothoff <christian@grothoff.org>
Date: Thu, 2 Nov 2023 23:45:50 +0100
Subject: towards programmable oauth2 converters

---
 src/kyclogic/plugin_kyclogic_oauth2.c              |  3 +++
 .../taler-exchange-kyc-kycaid-converter.sh         |  1 -
 .../taler-exchange-kyc-oauth2-challenger.sh        | 27 ++++++++++++++++++++++
 src/kyclogic/taler-exchange-kyc-oauth2-nda.sh      | 27 ++++++++++++++++++++++
 4 files changed, 57 insertions(+), 1 deletion(-)
 create mode 100644 src/kyclogic/taler-exchange-kyc-oauth2-challenger.sh
 create mode 100644 src/kyclogic/taler-exchange-kyc-oauth2-nda.sh

(limited to 'src/kyclogic')

diff --git a/src/kyclogic/plugin_kyclogic_oauth2.c b/src/kyclogic/plugin_kyclogic_oauth2.c
index 7344ac43f..4bd0bbfef 100644
--- a/src/kyclogic/plugin_kyclogic_oauth2.c
+++ b/src/kyclogic/plugin_kyclogic_oauth2.c
@@ -968,6 +968,9 @@ static void
 parse_proof_success_reply (struct TALER_KYCLOGIC_ProofHandle *ph,
                            const json_t *j)
 {
+  // FIXME: this is not OAuth2.0, this is
+  // already implementation-specific!
+  // => move into helper shell script!
   const char *state;
   const json_t *data;
   struct GNUNET_JSON_Specification spec[] = {
diff --git a/src/kyclogic/taler-exchange-kyc-kycaid-converter.sh b/src/kyclogic/taler-exchange-kyc-kycaid-converter.sh
index 96aca2b80..175a16137 100755
--- a/src/kyclogic/taler-exchange-kyc-kycaid-converter.sh
+++ b/src/kyclogic/taler-exchange-kyc-kycaid-converter.sh
@@ -78,7 +78,6 @@ then
 else
   # Combine into final result for business.
   echo "$J" | jq \
-    --arg full_name "${FULLNAME}" \
     $DOCS_RAW \
     "{\"company_name\":.company_name,\"phone\":.phone,\"email\":.email,\"registration_country\":.registration_country,\"documents\":[${DOCS_JSON}]}"
 fi
diff --git a/src/kyclogic/taler-exchange-kyc-oauth2-challenger.sh b/src/kyclogic/taler-exchange-kyc-oauth2-challenger.sh
new file mode 100644
index 000000000..667dce5e7
--- /dev/null
+++ b/src/kyclogic/taler-exchange-kyc-oauth2-challenger.sh
@@ -0,0 +1,27 @@
+#!/bin/bash
+# This file is in the public domain.
+#
+# This code converts (some of) the JSON output from
+# Challenger into the GNU Taler
+# specific KYC attribute data (again in JSON format).
+#
+
+# Die if anything goes wrong.
+set -eu
+
+# First, extract everything from stdin.
+J=$(jq '{"id":.id,"email":.address,"type":.address_type,"expires":.address_expiration}')
+
+ADDRESS_TYPE=$(echo "$J" | jq -r '.type')
+ROWID=$(echo "$J" | jq -r '.id')
+if [ "$ADDRESS_TYPE" != "email" ]
+then
+  return 1
+fi
+
+echo "$J" \
+  | jq \
+   --arg id "${ROWID}" \
+  '{$id,"email":.email,"expires",.expires}'
+
+exit 0
diff --git a/src/kyclogic/taler-exchange-kyc-oauth2-nda.sh b/src/kyclogic/taler-exchange-kyc-oauth2-nda.sh
new file mode 100644
index 000000000..61c743c82
--- /dev/null
+++ b/src/kyclogic/taler-exchange-kyc-oauth2-nda.sh
@@ -0,0 +1,27 @@
+#!/bin/bash
+# This file is in the public domain.
+#
+# This code converts (some of) the JSON output from NDA into the GNU Taler
+# specific KYC attribute data (again in JSON format).
+#
+
+# Die if anything goes wrong.
+set -eu
+
+# First, extract everything from stdin.
+J=$(jq '{"status":.status,"id":.data.id,"last":.data.last_name,"first":.data.first_name,"phone":.data.phone}')
+
+STATUS=$(echo "$J" | jq -r '.status')
+if [ "$STATUS" != "success" ]
+then
+  return 1
+fi
+
+# Next, combine some fields into larger values.
+FULLNAME=$(echo "$J" | jq -r '[.first_name,.last_name]|join(" ")')
+
+echo "$J" | jq \
+  --arg full_name "${FULLNAME}" \
+  '{$full_name,"phone":.phone,"id":.id}'
+
+exit 0
-- 
cgit v1.2.3