diff options
| author | MS <ms@taler.net> | 2023-01-05 17:03:48 +0100 |
|---|---|---|
| committer | MS <ms@taler.net> | 2023-01-05 17:03:48 +0100 |
| commit | 35e3c131593eeacaa95be6c5d0d06eed2a39728f (patch) | |
| tree | 229b7677016bcfd3e3f4029afcc45e6d745f270d /sandbox | |
| parent | f1e1f63691b74e26cbb4605f2e5810e644f45145 (diff) | |
| download | libeufin-35e3c131593eeacaa95be6c5d0d06eed2a39728f.tar.gz libeufin-35e3c131593eeacaa95be6c5d0d06eed2a39728f.tar.bz2 libeufin-35e3c131593eeacaa95be6c5d0d06eed2a39728f.zip | |
Circuit API.
Accepting IBAN internal addresses from
registration requests.
Diffstat (limited to 'sandbox')
| -rw-r--r-- | sandbox/src/main/kotlin/tech/libeufin/sandbox/CircuitApi.kt | 24 |
1 files changed, 17 insertions, 7 deletions
diff --git a/sandbox/src/main/kotlin/tech/libeufin/sandbox/CircuitApi.kt b/sandbox/src/main/kotlin/tech/libeufin/sandbox/CircuitApi.kt index 50d1a96d..e02bdfb3 100644 --- a/sandbox/src/main/kotlin/tech/libeufin/sandbox/CircuitApi.kt +++ b/sandbox/src/main/kotlin/tech/libeufin/sandbox/CircuitApi.kt @@ -129,12 +129,19 @@ fun isTanChannelSupported(tanMethod: String): Boolean { fun circuitApi(circuitRoute: Route) { // Abort a cash-out operation. circuitRoute.post("/cashouts/{uuid}/abort") { - val user = call.request.basicAuth() - val uuid = call.getUriComponent("uuid") + call.request.basicAuth() // both admin and author allowed + val arg = call.getUriComponent("uuid") + // Parse and check the UUID. + val maybeUuid = try { + UUID.fromString(arg) + } catch (e: Exception) { + val msg = "The cash-out UUID is invalid: $arg" + logger.debug(e.message) + logger.debug(msg) + throw badRequest(msg) + } val maybeOperation = transaction { - CashoutOperationEntity.find { - CashoutOperationsTable.uuid eq UUID.fromString(uuid) - }.firstOrNull() + CashoutOperationEntity.find { uuid eq maybeUuid }.firstOrNull() } if (maybeOperation == null) { val msg = "Cash-out operation $uuid not found." @@ -192,6 +199,8 @@ fun circuitApi(circuitRoute: Route) { */ val req = call.receive<CashoutConfirmation>() val maybeTanFromEnv = System.getenv("LIBEUFIN_CASHOUT_TEST_TAN") + if (maybeTanFromEnv != null) + logger.warn("TAN being read from the environment. Assuming tests are being run") val checkTan = maybeTanFromEnv ?: op.tan if (req.tan != checkTan) { logger.debug("The confirmation of '${op.uuid}' has a wrong TAN '${req.tan}'") @@ -216,7 +225,7 @@ fun circuitApi(circuitRoute: Route) { } // Retrieve the status of a cash-out operation. circuitRoute.get("/cashouts/{uuid}") { - val user = call.request.basicAuth() + call.request.basicAuth() // both admin and author val operationUuid = call.getUriComponent("uuid") // Parse and check the UUID. val maybeUuid = try { @@ -488,7 +497,8 @@ fun circuitApi(circuitRoute: Route) { val newAccount = insertNewAccount( username = req.username, password = req.password, - name = req.name + name = req.name, + iban = req.internal_iban ) newAccount.customer.phone = req.contact_data.phone newAccount.customer.email = req.contact_data.email |