From 4180d9496f5584c7ad8cce35a7c78a3d7d7896b3 Mon Sep 17 00:00:00 2001
From: MS <ms@taler.net>
Date: Wed, 18 Oct 2023 13:02:15 +0200
Subject: Reloading bank keys from disk after acceptance.

---
 nexus/src/main/kotlin/tech/libeufin/nexus/Main.kt | 37 ++++++++++++++++-------
 1 file changed, 26 insertions(+), 11 deletions(-)

diff --git a/nexus/src/main/kotlin/tech/libeufin/nexus/Main.kt b/nexus/src/main/kotlin/tech/libeufin/nexus/Main.kt
index 8416cc4b..83bbb887 100644
--- a/nexus/src/main/kotlin/tech/libeufin/nexus/Main.kt
+++ b/nexus/src/main/kotlin/tech/libeufin/nexus/Main.kt
@@ -55,7 +55,6 @@ import net.taler.wallet.crypto.Base32Crockford
 import tech.libeufin.nexus.ebics.*
 import tech.libeufin.util.*
 import tech.libeufin.util.ebics_h004.EbicsTypes
-import java.io.StringWriter
 import java.security.interfaces.RSAPrivateCrtKey
 import java.security.interfaces.RSAPublicKey
 import java.time.Instant
@@ -642,7 +641,7 @@ class EbicsSetup: CliktCommand() {
             if ((!privsMaybe.submitted_hia) || forceKeysResubmission)
                 doKeysRequestAndUpdateState(cfg, privsMaybe, httpClient, KeysOrderType.HIA).apply { if (!this) exitProcess(1) }
         }
-        // Reloading new state from disk if any upload actually took place
+        // Reloading new state from disk if any upload (and therefore a disk write) actually took place
         val haveSubmitted = forceKeysResubmission || keysNotSub
         val privs = if (haveSubmitted) {
             logger.info("Keys submitted to the bank, at ${cfg.hostBaseUrl}")
@@ -677,22 +676,38 @@ class EbicsSetup: CliktCommand() {
             logger.info("Bank keys stored at ${cfg.bankPublicKeysFilename}")
         }
         // bank keys made it to the disk, check if they're accepted.
-        val bankKeys = loadBankKeys(cfg.bankPublicKeysFilename)
-        if (bankKeys == null) {
+        val bankKeysMaybe = loadBankKeys(cfg.bankPublicKeysFilename)
+        if (bankKeysMaybe == null) {
             logger.error("Although previous checks, could not load the bank keys file from: ${cfg.bankPublicKeysFilename}")
             exitProcess(1)
         }
-        if (!bankKeys.accepted) {
-
-            if (autoAcceptKeys) bankKeys.accepted = true
-            else bankKeys.accepted = askUserToAcceptKeys(bankKeys)
+        /**
+         * The following block potentially updates the bank keys state
+         * on disk, if that's the first time that they become accepted.
+         * If so, finally reloads the bank keys file from disk.
+         */
+        val bankKeys = if (!bankKeysMaybe.accepted) {
+
+            if (autoAcceptKeys) bankKeysMaybe.accepted = true
+            else bankKeysMaybe.accepted = askUserToAcceptKeys(bankKeysMaybe)
+
+            if (!bankKeysMaybe.accepted) {
+                logger.error("Cannot continue without accepting the bank keys.")
+                exitProcess(1)
+            }
 
-            if (bankKeys.accepted && !syncJsonToDisk(bankKeys, cfg.bankPublicKeysFilename)) {
+            if (!syncJsonToDisk(bankKeysMaybe, cfg.bankPublicKeysFilename)) {
                 logger.error("Could not set bank keys as accepted on disk.")
                 exitProcess(1)
             }
-        }
-        logger.info("Bank keys accepted.")
+            // Reloading after the disk write above.
+            loadBankKeys(cfg.bankPublicKeysFilename) ?: kotlin.run {
+                logger.error("Could not reload bank keys after disk write.")
+                exitProcess(1)
+            }
+        } else
+            bankKeysMaybe // keys were already accepted.
+
         // Downloading the list of owned bank account(s).
         val bankAccounts = runBlocking {
             fetchBankAccounts(cfg, privs, bankKeys, httpClient)
-- 
cgit v1.2.3