diff options
author | Florian Dold <florian@dold.me> | 2021-08-07 21:40:49 +0200 |
---|---|---|
committer | Florian Dold <florian@dold.me> | 2021-08-07 21:40:59 +0200 |
commit | a48071fa8bb1de5bfb6b07102f170cc5053212da (patch) | |
tree | 3c3dbb53ebb00506785345584dccf76640d8c67d /nexus | |
parent | 575613d4d9f4c63a07ed22f245944f5b34214a8b (diff) | |
download | libeufin-a48071fa8bb1de5bfb6b07102f170cc5053212da.tar.gz libeufin-a48071fa8bb1de5bfb6b07102f170cc5053212da.tar.bz2 libeufin-a48071fa8bb1de5bfb6b07102f170cc5053212da.zip |
bic validation
Diffstat (limited to 'nexus')
-rw-r--r-- | nexus/src/main/kotlin/tech/libeufin/nexus/server/NexusServer.kt | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/nexus/src/main/kotlin/tech/libeufin/nexus/server/NexusServer.kt b/nexus/src/main/kotlin/tech/libeufin/nexus/server/NexusServer.kt index 4742d99b..9737090c 100644 --- a/nexus/src/main/kotlin/tech/libeufin/nexus/server/NexusServer.kt +++ b/nexus/src/main/kotlin/tech/libeufin/nexus/server/NexusServer.kt @@ -646,6 +646,9 @@ fun serverMain(host: String, port: Int) { requireSuperuser(call.request) val body = call.receive<CreatePaymentInitiationRequest>() val accountId = ensureNonNull(call.parameters["accountid"]) + if (!validateBic(body.bic)) { + throw NexusError(HttpStatusCode.BadRequest, "invalid BIC (${body.bic})") + } val res = transaction { authenticateRequest(call.request) val bankAccount = NexusBankAccountEntity.findByName(accountId) |