commit 3e70fdc9d79748551efe3624cd807f5a906996cb
parent 78690ac1efab29308e7aa5e3b8ecc30a76dbf266
Author: Christian Grothoff <christian@grothoff.org>
Date: Sun, 24 Nov 2024 07:47:28 +0100
more KYC measure scripts
Diffstat:
9 files changed, 395 insertions(+), 7 deletions(-)
diff --git a/debian/etc-taler-exchange/taler-exchange/taler-exchange.conf b/debian/etc-taler-exchange/taler-exchange/taler-exchange.conf
@@ -28,9 +28,6 @@
# systems is always rounded to this unit.
#currency_round_unit = KUDOS:0.01
-# Monthly amount that mandatorily triggers an AML check
-#AML_THRESHOLD = KUDOS:10000000
-
# Inline configurations from all Taler components.
@inline-matching@ conf.d/*.conf
diff --git a/src/kyclogic/Makefile.am b/src/kyclogic/Makefile.am
@@ -16,13 +16,16 @@ pkgcfg_DATA = \
bin_SCRIPTS = \
taler-exchange-helper-converter-oauth2-test-full_name \
- taler-exchange-helper-measure-test-form \
- taler-exchange-helper-measure-test-oauth \
- taler-exchange-helper-measure-none \
- taler-exchange-helper-measure-freeze \
taler-exchange-helper-measure-defaults-but-investigate \
+ taler-exchange-helper-measure-enable-deposits \
+ taler-exchange-helper-measure-freeze \
+ taler-exchange-helper-measure-none \
taler-exchange-helper-measure-preserve-but-investigate \
taler-exchange-helper-measure-preserve-set-expiration \
+ taler-exchange-helper-measure-tops-postal-check \
+ taler-exchange-helper-measure-tops-sms-check \
+ taler-exchange-helper-measure-test-form \
+ taler-exchange-helper-measure-test-oauth \
taler-exchange-helper-measure-update-from-context \
taler-exchange-kyc-kycaid-converter.sh \
taler-exchange-kyc-persona-converter.sh \
diff --git a/src/kyclogic/taler-exchange-helper-measure-defaults-but-investigate b/src/kyclogic/taler-exchange-helper-measure-defaults-but-investigate
diff --git a/src/kyclogic/taler-exchange-helper-measure-enable-deposits b/src/kyclogic/taler-exchange-helper-measure-enable-deposits
@@ -0,0 +1,128 @@
+#!/bin/bash
+#
+# This file is part of TALER
+# Copyright (C) 2024 Taler Systems SA
+#
+# TALER is free software; you can redistribute it and/or modify it under the
+# terms of the GNU General Public License as published by the Free Software
+# Foundation; either version 3, or (at your option) any later version.
+#
+# TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+# A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along with
+# TALER; see the file COPYING. If not, If not, see <http://www.gnu.org/license>
+#
+
+# Hard error reporting on.
+set -eu
+
+
+
+# Exit, with error message (hard failure)
+function exit_fail() {
+ echo " FAIL: " "$@" >&2
+ EXIT_STATUS=1
+ exit "$EXIT_STATUS"
+}
+
+CONF="$HOME/.config/taler-exchange.conf"
+VERBOSE=0
+
+while getopts 'ac:hirvV' OPTION;
+do
+ case "$OPTION" in
+ a)
+ # Phone number is required.
+ echo "CONTACT_PHONE"
+ exit 0
+ ;;
+ c)
+ # shellcheck disable=SC2034
+ CONF="$OPTARG"
+ ;;
+ h)
+ echo "This is a KYC measure program that lifts restrictions on deposits after the terms of service were accepted. Expiration rules are set based on the context."
+ echo 'Supported options:'
+ echo ' -a -- show required attributes'
+ # shellcheck disable=SC2016
+ echo ' -c $CONF -- set configuration'
+ echo ' -h -- print this help'
+ echo ' -i -- show required inputs'
+ echo ' -r -- show required context'
+ echo ' -v -- show version'
+ echo ' -V -- be verbose'
+ ;;
+ i)
+ # Need context and current_rules.
+ echo "context"
+ echo "current_rules"
+ exit 0
+ ;;
+ r)
+ # What to do next?
+ echo "custom_measures"
+ echo "expiration_time"
+ echo "successor_measure"
+ exit 0
+ ;;
+ v)
+ echo "$0 v0.0.0"
+ exit 0
+ ;;
+ V)
+ VERBOSE=1
+ ;;
+ ?)
+ exit_fail "Unrecognized command line option"
+ ;;
+ esac
+done
+
+if [ 1 = "$VERBOSE" ]
+then
+ echo "Running $0" 1>&2
+fi
+
+# See https://docs.taler.net/taler-kyc-manual.html#tsref-type-AmlProgramInput
+# for the full JSON with possible inputs.
+
+# First, extract inputs we need
+INPUTS=$(jq '{"current_rules":.current_rules,"attributes":.attributes,"context":.context}')
+
+# Get ToS acceptance confirmation.
+TOS_ACCEPTED=$(echo "$INPUTS" | jq '.attributes.ACCEPTED_TERMS_OF_SERVICE // null')
+# Get current rules.
+CURRENT_RULES=$(echo "$INPUTS" | jq '.current_rules // null')
+# Get context values.
+EXPIRATION_TIME=$(echo "$INPUTS" | jq '.context.expiration_time // .current_rules.expiration_time // null')
+SUCCESSOR_MEASURE=$(echo "$INPUTS" | jq '.context.successor_measure // .current_rules.successor_measure // null')
+CUSTOM_MEASURES=$(echo "$INPUTS" | jq '.context.custom_measures // null')
+
+# FIXME: maybe do this via systemd once instead of in every script run?
+. /etc/taler-exchange/taler-exchange.env
+
+# Validate accepted ToS version
+if $(echo "$TOS_ACCEPTED" | grep "${EXCHANGE_TERMS_ETAG}" > /dev/null)
+then
+ # Valid ToS acceptance
+ # Remove limitation from current rules.
+ NEW_RULES=$(echo "$CURRENT_RULES" | jq 'walk(if ( (type == "object") and (.operation_type == "deposit") and (.threshold == "${EXCHANGE_AML_PROGRAM_TOPS_ENABLE_DEPOSITS_THRESHOLD }}") ) then del(.) else . end)')
+else
+ # Invalid ToS version
+ echo "Version of accepted ToS ${TOS_ACCEPTED} invalid." 1&>2
+ NEW_RULES="$CURRENT_RULES"
+fi
+
+# Finally, output the new rules.
+# See https://docs.taler.net/taler-kyc-manual.html#tsref-type-AmlOutcome
+# for the required output format.
+jq \
+ --jsonarg et "$EXPIRATION_TIME" \
+ --jsonarg sm "$SUCCESSOR_MEASURE" \
+ --jsonarg cm "$CUSTOM_MEASURES" \
+ --jsonarg nr "$NEW_RULES" \
+ '{"new_rules":$nr+{"expiration_time":$et,"successor_measure":$sm,"custom_measures":($nr.custom_measures+$cm)}}|del(..|nulls)'
+
+exit 0
diff --git a/src/kyclogic/taler-exchange-helper-measure-preserve-but-investigate b/src/kyclogic/taler-exchange-helper-measure-preserve-but-investigate
diff --git a/src/kyclogic/taler-exchange-helper-measure-preserve-set-expiration b/src/kyclogic/taler-exchange-helper-measure-preserve-set-expiration
diff --git a/src/kyclogic/taler-exchange-helper-measure-tops-postal-check b/src/kyclogic/taler-exchange-helper-measure-tops-postal-check
@@ -0,0 +1,132 @@
+#!/bin/bash
+#
+# This file is part of TALER
+# Copyright (C) 2024 Taler Systems SA
+#
+# TALER is free software; you can redistribute it and/or modify it under the
+# terms of the GNU General Public License as published by the Free Software
+# Foundation; either version 3, or (at your option) any later version.
+#
+# TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+# A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along with
+# TALER; see the file COPYING. If not, If not, see <http://www.gnu.org/license>
+#
+
+# Hard error reporting on.
+set -eu
+
+
+# Exit, with error message (hard failure)
+function exit_fail() {
+ echo " FAIL: " "$@" >&2
+ EXIT_STATUS=1
+ exit "$EXIT_STATUS"
+}
+
+CONF="$HOME/.config/taler-exchange.conf"
+VERBOSE=0
+
+while getopts 'ac:hirvV' OPTION;
+do
+ case "$OPTION" in
+ a)
+ # Address details are required.
+ echo "ADDRESS_STREET"
+ echo "ADDRESS_CITY"
+ echo "ADDRESS_ZIPCODE"
+ echo "ADDRESS_COUNTRY"
+ exit 0
+ ;;
+ c)
+ # shellcheck disable=SC2034
+ CONF="$OPTARG"
+ ;;
+ h)
+ echo "This is a KYC measure program that lifts restrictions on withdraw and P2P transfers after a phone number was confirmed via SMS. Expiration rules are set based on the context."
+ echo 'Supported options:'
+ echo ' -a -- show required attributes'
+ # shellcheck disable=SC2016
+ echo ' -c $CONF -- set configuration'
+ echo ' -h -- print this help'
+ echo ' -i -- show required inputs'
+ echo ' -r -- show required context'
+ echo ' -v -- show version'
+ echo ' -V -- be verbose'
+ ;;
+ i)
+ # Need context and current_rules.
+ echo "context"
+ echo "current_rules"
+ exit 0
+ ;;
+ r)
+ # What to do next?
+ echo "custom_measures"
+ echo "expiration_time"
+ echo "successor_measure"
+ exit 0
+ ;;
+ v)
+ echo "$0 v0.0.0"
+ exit 0
+ ;;
+ V)
+ VERBOSE=1
+ ;;
+ ?)
+ exit_fail "Unrecognized command line option"
+ ;;
+ esac
+done
+
+if [ 1 = "$VERBOSE" ]
+then
+ echo "Running $0" 1>&2
+fi
+
+# See https://docs.taler.net/taler-kyc-manual.html#tsref-type-AmlProgramInput
+# for the full JSON with possible inputs.
+
+# First, extract inputs we need
+INPUTS=$(jq '{"current_rules":.current_rules,"attributes":.attributes,"context":.context}')
+
+# Get phone number.
+COUNTRY=$(echo "$INPUTS" | jq '.attributes.COUNTRY // null')
+# Get current rules.
+CURRENT_RULES=$(echo "$INPUTS" | jq '.current_rules // null')
+# Get context values.
+EXPIRATION_TIME=$(echo "$INPUTS" | jq '.context.expiration_time // .current_rules.expiration_time // null')
+SUCCESSOR_MEASURE=$(echo "$INPUTS" | jq '.context.successor_measure // .current_rules.successor_measure // null')
+CUSTOM_MEASURES=$(echo "$INPUTS" | jq '.context.custom_measures // null')
+
+# FIXME: maybe do this via systemd once instead of in every script run?
+. /etc/taler-exchange/taler-exchange.env
+
+# FIXME: should we check that BUSINESS_NAME *or* FULL_NAME are provided?
+
+# Validate country
+if $(echo "$COUNTRY" | grep -E -e ${EXCHANGE_AML_PROGRAM_TOPS_POSTAL_CHECK_COUNTRY_REGEX} > /dev/null)
+then
+ # Valid country
+ # Remove limitation from current rules.
+ NEW_RULES=$(echo "$CURRENT_RULES" | jq 'walk(if (type == "object" and ( ( (.operation_type == "withdraw") and (.threshold == "${EXCHANGE_AML_PROGRAM_TOPS_POSTAL_WITHDRAW_THRESHOLD") ) or ( (.operation_type == "merge") and (.threshold == "${EXCHANGE_AML_PROGRAM_TOPS_POSTAL_MERGE_THRESHOLD" ) ) ) ) then del(.) else . end)')
+else
+ # Invalid country
+ echo "Country ${COUNTRY} invalid." 1&>2
+ NEW_RULES="$CURRENT_RULES"
+fi
+
+# Finally, output the new rules.
+# See https://docs.taler.net/taler-kyc-manual.html#tsref-type-AmlOutcome
+# for the required output format.
+jq \
+ --jsonarg et "$EXPIRATION_TIME" \
+ --jsonarg sm "$SUCCESSOR_MEASURE" \
+ --jsonarg cm "$CUSTOM_MEASURES" \
+ --jsonarg nr "$NEW_RULES" \
+ '{"new_rules":$nr+{"expiration_time":$et,"successor_measure":$sm,"custom_measures":($nr.custom_measures+$cm)}}|del(..|nulls)'
+
+exit 0
diff --git a/src/kyclogic/taler-exchange-helper-measure-tops-sms-check b/src/kyclogic/taler-exchange-helper-measure-tops-sms-check
@@ -0,0 +1,128 @@
+#!/bin/bash
+#
+# This file is part of TALER
+# Copyright (C) 2024 Taler Systems SA
+#
+# TALER is free software; you can redistribute it and/or modify it under the
+# terms of the GNU General Public License as published by the Free Software
+# Foundation; either version 3, or (at your option) any later version.
+#
+# TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+# A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along with
+# TALER; see the file COPYING. If not, If not, see <http://www.gnu.org/license>
+#
+
+# Hard error reporting on.
+set -eu
+
+
+
+# Exit, with error message (hard failure)
+function exit_fail() {
+ echo " FAIL: " "$@" >&2
+ EXIT_STATUS=1
+ exit "$EXIT_STATUS"
+}
+
+CONF="$HOME/.config/taler-exchange.conf"
+VERBOSE=0
+
+while getopts 'ac:hirvV' OPTION;
+do
+ case "$OPTION" in
+ a)
+ # Phone number is required.
+ echo "CONTACT_PHONE"
+ exit 0
+ ;;
+ c)
+ # shellcheck disable=SC2034
+ CONF="$OPTARG"
+ ;;
+ h)
+ echo "This is a KYC measure program that lifts restrictions on withdraw and P2P transfers after a phone number was confirmed via SMS. Expiration rules are set based on the context."
+ echo 'Supported options:'
+ echo ' -a -- show required attributes'
+ # shellcheck disable=SC2016
+ echo ' -c $CONF -- set configuration'
+ echo ' -h -- print this help'
+ echo ' -i -- show required inputs'
+ echo ' -r -- show required context'
+ echo ' -v -- show version'
+ echo ' -V -- be verbose'
+ ;;
+ i)
+ # Need context and current_rules.
+ echo "context"
+ echo "current_rules"
+ exit 0
+ ;;
+ r)
+ # What to do next?
+ echo "custom_measures"
+ echo "expiration_time"
+ echo "successor_measure"
+ exit 0
+ ;;
+ v)
+ echo "$0 v0.0.0"
+ exit 0
+ ;;
+ V)
+ VERBOSE=1
+ ;;
+ ?)
+ exit_fail "Unrecognized command line option"
+ ;;
+ esac
+done
+
+if [ 1 = "$VERBOSE" ]
+then
+ echo "Running $0" 1>&2
+fi
+
+# See https://docs.taler.net/taler-kyc-manual.html#tsref-type-AmlProgramInput
+# for the full JSON with possible inputs.
+
+# First, extract inputs we need
+INPUTS=$(jq '{"current_rules":.current_rules,"attributes":.attributes,"context":.context}')
+
+# Get phone number.
+PHONE_NUMBER=$(echo "$INPUTS" | jq '.attributes.CONTACT_PHONE // null')
+# Get current rules.
+CURRENT_RULES=$(echo "$INPUTS" | jq '.current_rules // null')
+# Get context values.
+EXPIRATION_TIME=$(echo "$INPUTS" | jq '.context.expiration_time // .current_rules.expiration_time // null')
+SUCCESSOR_MEASURE=$(echo "$INPUTS" | jq '.context.successor_measure // .current_rules.successor_measure // null')
+CUSTOM_MEASURES=$(echo "$INPUTS" | jq '.context.custom_measures // null')
+
+# FIXME: maybe do this via systemd once instead of in every script run?
+. /etc/taler-exchange/taler-exchange.env
+
+# Validate phone number
+if $(echo "$PHONE_NUMBER" | grep -E -e ${EXCHANGE_AML_PROGRAM_TOPS_SMS_CHECK_REGEX} > /dev/null)
+then
+ # Valid phone number
+ # Remove limitation from current rules.
+ NEW_RULES=$(echo "$CURRENT_RULES" | jq 'walk(if (type == "object" and ( ( (.operation_type == "withdraw") and (.threshold == "${EXCHANGE_AML_PROGRAM_TOPS_SMS_WITHDRAW_THRESHOLD") ) or ( (.operation_type == "merge") and (.threshold == "${EXCHANGE_AML_PROGRAM_TOPS_SMS_MERGE_THRESHOLD" ) ) ) ) then del(.) else . end)')
+else
+ # Invalid phone number
+ echo "Phone number ${PHONE_NUMBER} invalid." 1&>2
+ NEW_RULES="$CURRENT_RULES"
+fi
+
+# Finally, output the new rules.
+# See https://docs.taler.net/taler-kyc-manual.html#tsref-type-AmlOutcome
+# for the required output format.
+jq \
+ --jsonarg et "$EXPIRATION_TIME" \
+ --jsonarg sm "$SUCCESSOR_MEASURE" \
+ --jsonarg cm "$CUSTOM_MEASURES" \
+ --jsonarg nr "$NEW_RULES" \
+ '{"new_rules":$nr+{"expiration_time":$et,"successor_measure":$sm,"custom_measures":($nr.custom_measures+$cm)}}|del(..|nulls)'
+
+exit 0
diff --git a/src/kyclogic/taler-exchange-helper-measure-update-from-context b/src/kyclogic/taler-exchange-helper-measure-update-from-context
