commit a0c3b23d05691d6bf566b928a563bbaaf8d8e0e8
parent 581c632dabab6f59142e17d26133c2eef4c6c50f
Author: Christian Grothoff <christian@grothoff.org>
Date: Sun, 8 Jun 2025 16:29:34 +0200
start for sanctions test case
Diffstat:
3 files changed, 360 insertions(+), 0 deletions(-)
diff --git a/src/testing/setup.sh b/src/testing/setup.sh
@@ -0,0 +1,73 @@
+#!/bin/sh
+# This file is in the public domain
+
+# Script to be inlined into the main test scripts. Defines function 'setup()'
+# which wraps around 'taler-unified-setup.sh' to launch GNU Taler services.
+# Call setup() with the arguments to pass to 'taler-unified-setup'. setup()
+# will then launch GNU Taler, wait for the process to be complete before
+# returning. The script will also install an exit handler to ensure the GNU
+# Taler processes are stopped when the shell exits.
+
+set -eu
+
+unset XDG_DATA_HOME
+unset XDG_CONFIG_HOME
+
+
+# Cleanup to run whenever we exit
+function exit_cleanup()
+{
+ if [ ! -z ${SETUP_PID+x} ]
+ then
+ echo "Killing taler-unified-setup ($SETUP_PID)" >&2
+ kill -TERM "$SETUP_PID" 2> /dev/null || true
+ wait "$SETUP_PID" 2> /dev/null || true
+ fi
+}
+
+# Install cleanup handler (except for kill -9)
+trap exit_cleanup EXIT
+
+function setup()
+{
+ echo "Starting test system ..." >&2
+ # Create a named pipe in a temp directory we own.
+ FIFO_DIR=$(mktemp -p "${TMPDIR:-/tmp}" -d fifo-XXXXXX)
+ FIFO_OUT=$(echo "$FIFO_DIR/out")
+ mkfifo "$FIFO_OUT"
+ # Open pipe as FD 3 (RW) and FD 4 (RO)
+ exec 3<> "$FIFO_OUT" 4< "$FIFO_OUT"
+ rm -rf "$FIFO_DIR"
+ # We require '-W' for our termination logic to work.
+ taler-unified-setup.sh -W "$@" >&3 &
+ SETUP_PID=$!
+ # Close FD3
+ exec 3>&-
+ sed -u '/<<READY>>/ q' <&4
+ # Close FD4
+ exec 4>&-
+ echo "Test system ready" >&2
+}
+
+# Exit, with status code "skip" (no 'real' failure)
+function exit_fail() {
+ echo "$@" >&2
+ exit 1
+}
+
+# Exit, with status code "skip" (no 'real' failure)
+function exit_skip() {
+ echo "SKIPPING: $1"
+ exit 77
+}
+
+function get_payto_uri() {
+ libeufin-bank create-account -u "$1" -p "$2" --name "$1" 2> /dev/null
+}
+
+echo -n "Checking for curl ..."
+curl --version 2> /dev/null > /dev/null || exit_skip " no curl"
+echo " OK"
+echo -n "Checking for jq ..."
+jq --version 2> /dev/null > /dev/null || exit_skip " no jq"
+echo " OK"
diff --git a/src/testing/test-sanctions.sh b/src/testing/test-sanctions.sh
@@ -0,0 +1,106 @@
+#!/bin/bash
+# This file is part of TALER
+# Copyright (C) 2014-2023 Taler Systems SA
+#
+# TALER is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; either version 3, or
+# (at your option) any later version.
+#
+# TALER is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public
+# License along with TALER; see the file COPYING. If not, see
+# <http://www.gnu.org/licenses/>
+#
+set -eu
+
+# Cleanup to run whenever we exit
+function my_cleanup()
+{
+ for n in $(jobs -p)
+ do
+ kill "$n" 2> /dev/null || true
+ done
+ wait
+ if [ -n "${LAST_RESPONSE+x}" ]
+ then
+ rm -f "${LAST_RESPONSE}"
+ fi
+}
+
+. setup.sh
+
+
+setup -c test_sanctions.conf \
+ -e \
+ -u "exchange-account-exchange"
+
+
+CONF="test_sanctions.conf.edited"
+LAST_RESPONSE=$(mktemp -p "${TMPDIR:-/tmp}" test_response.conf-XXXXXX)
+
+KYC_URL=$(taler-exchange-kyc-trigger -c "$CONF" -b EUR:5 | tail -n1 | awk '{print $4}')
+
+echo $KYC_URL
+
+KYC_ACCESS=$(echo "$KYC_URL" | tr / ' ' | awk '{print $4}')
+
+echo $KYC_ACCESS
+
+echo -n "Creating order to test auth is ok..." >&2
+STATUS=$(curl -H "Content-Type: application/json" \
+ "http://localhost:8081/kyc-info/$KYC_ACCESS" \
+ -w "%{http_code}" -s -o "$LAST_RESPONSE")
+
+if [ "$STATUS" != "200" ]
+then
+ cat "$LAST_RESPONSE" >&2
+ exit_fail "Expected 200, KYC information returned. got: $STATUS"
+fi
+
+ID=$(jq -r .requirements[0].id < "$LAST_RESPONSE")
+
+echo -n "Submitting KYC form..." >&2
+STATUS=$(curl -H "Content-Type: application/json" -X POST \
+ "http://localhost:8081/kyc-upload/$ID" \
+ -d '{"full_name":"Bob","birthdate":"5.7.1980"}' \
+ -w "%{http_code}" -s -o "$LAST_RESPONSE")
+echo $STATUS
+
+if [ "$STATUS" != "204" ]
+then
+ cat "$LAST_RESPONSE" >&2
+ exit_fail "Expected 204, KYC data submitted. got: $STATUS"
+fi
+
+
+
+bash
+
+# => begin KYC process
+# => submit KYC data
+# => run sanction list tool!
+
+
+
+echo "Test PASSED"
+
+exit 0
+
+
+echo -n "Creating order to test auth is ok..." >&2
+STATUS=$(curl -H "Content-Type: application/json" -X POST \
+ 'http://localhost:9966/private/orders' \
+ -H 'Authorization: Bearer '"$NEW_SECRET" \
+ -d '{"order":{"amount":"TESTKUDOS:1","summary":"payme"}}' \
+ -w "%{http_code}" -s -o "$LAST_RESPONSE")
+
+if [ "$STATUS" != "200" ]
+then
+ cat "$LAST_RESPONSE" >&2
+ exit_fail "Expected 200, order created. got: $STATUS"
+fi
diff --git a/src/testing/test_sanctions.conf b/src/testing/test_sanctions.conf
@@ -0,0 +1,181 @@
+# This file is in the public domain.
+#
+[PATHS]
+TALER_TEST_HOME = test_sanctions_api_home/
+
+[taler-helper-crypto-rsa]
+LOOKAHEAD_SIGN = 24 days
+
+[taler-helper-crypto-eddsa]
+LOOKAHEAD_SIGN = 24 days
+DURATION = 14 days
+
+[bank]
+HTTP_PORT = 8082
+
+[exchange]
+CURRENCY = EUR
+CURRENCY_ROUND_UNIT = EUR:0.01
+PORT = 8081
+MASTER_PUBLIC_KEY = KHA6YSPRQV1ZFCF144SY8KJNR588XA8DA0F6510FKJW30DJFJNAG
+BASE_URL = "http://localhost:8081/"
+STEFAN_ABS = "EUR:5"
+ENABLE_KYC = YES
+
+[exchangedb-postgres]
+CONFIG = "postgres:///talercheck"
+SQL_DIR = ${DATADIR}sql/
+DEFAULT_PURSE_LIMIT = 1
+
+[kyc-check-test-form]
+VOLUNTARY = NO
+# We use an external provider
+TYPE = FORM
+DESCRIPTION = "Test form"
+DESCRIPTION_I18N = {}
+# No context requirements
+REQUIRES =
+# Measure to execute if check failed.
+FALLBACK = manual-freeze
+# This check runs on oauth2
+FORM_NAME = full_name_and_birthdate
+# Outputs from this check
+OUTPUTS = full_name birthdate
+
+# This is the "default" setting for an account if
+# it has not yet triggered anything.
+[kyc-check-default]
+VOLUNTARY = NO
+TYPE = INFO
+DESCRIPTION = "Your account is operating normally"
+DESCRIPTION_I18N = {}
+# No context requirements
+REQUIRES =
+# Measure to execute if check failed. Well,
+# this check cannot really fail, but the
+# conservative answer is to freeze.
+FALLBACK = manual-freeze
+
+# If this "check" is triggered, we merely inform
+# the user that their account has been frozen. The
+# user cannot proceed manually.
+[kyc-check-info-frozen]
+VOLUNTARY = NO
+TYPE = INFO
+DESCRIPTION = "Your account is frozen pending investigation"
+DESCRIPTION_I18N = {}
+# No context requirements
+REQUIRES =
+# Measure to execute if check failed. Well,
+# this check cannot really fail, but we stay
+# where we are: frozen.
+FALLBACK = manual-freeze
+
+[kyc-measure-run-form]
+# Get client ID via the OAuth test provider
+CHECK_NAME = test-form
+# AML program to run on the output of the OAuth provider
+# to decide what rules should apply next.
+PROGRAM = form-output-check
+# Context to provide for check and program; empty.
+CONTEXT = {}
+
+[aml-program-form-output-check]
+DESCRIPTION = "Validates the output from the test-form and then increases all limits to EUR:1000"
+# Command that runs on the output of the form
+# to decide what rules should apply next.
+COMMAND = taler-exchange-helper-measure-test-form
+# What measure to take if the COMMAND failed.
+FALLBACK = manual-freeze
+
+
+# This is a base-measure that is being triggered
+# whenever something goes wrong. We freeze the
+# account and ask AML staff to investigate.
+[kyc-measure-manual-freeze]
+CHECK_NAME = skip
+# AML program that freezes the account and flags
+# it for investigation.
+PROGRAM = freeze
+# Context to provide for check and program; empty.
+CONTEXT = {}
+
+[aml-program-freeze]
+DESCRIPTION = "Freeze the account"
+COMMAND = taler-exchange-helper-measure-freeze
+FALLBACK = manual-freeze
+
+[kyc-rule-balance-high]
+ENABLED = YES
+EXPOSED = YES
+IS_AND_COMBINATOR = YES
+OPERATION_TYPE = BALANCE
+NEXT_MEASURES = run-form
+THRESHOLD = EUR:1
+TIMEFRAME = 1d
+
+[exchangedb-postgres]
+CONFIG = "postgres:///talercheck"
+
+# Account of the EXCHANGE
+[exchange-account-exchange]
+PAYTO_URI = "payto://x-taler-bank/localhost/2?receiver-name=2"
+ENABLE_DEBIT = YES
+ENABLE_CREDIT = YES
+
+[exchange-accountcredentials-exchange]
+WIRE_GATEWAY_URL = "http://localhost:8082/accounts/2/taler-wire-gateway/"
+WIRE_GATEWAY_AUTH_METHOD = NONE
+
+[admin-accountcredentials-exchange]
+WIRE_GATEWAY_URL = "http://localhost:8082/accounts/2/taler-wire-gateway/"
+WIRE_GATEWAY_AUTH_METHOD = NONE
+
+
+[coin_eur_ct_1]
+value = EUR:0.01
+duration_withdraw = 7 days
+duration_spend = 2 years
+duration_legal = 3 years
+fee_withdraw = EUR:0.00
+fee_deposit = EUR:0.00
+fee_refresh = EUR:0.01
+fee_refund = EUR:0.01
+rsa_keysize = 1024
+CIPHER = RSA
+
+[coin_eur_ct_10]
+value = EUR:0.10
+duration_withdraw = 7 days
+duration_spend = 2 years
+duration_legal = 3 years
+fee_withdraw = EUR:0.01
+fee_deposit = EUR:0.01
+fee_refresh = EUR:0.03
+fee_refund = EUR:0.01
+rsa_keysize = 1024
+CIPHER = RSA
+
+[coin_eur_1]
+value = EUR:1
+duration_withdraw = 7 days
+duration_spend = 2 years
+duration_legal = 3 years
+fee_withdraw = EUR:0.01
+fee_deposit = EUR:0.01
+fee_refresh = EUR:0.03
+fee_refund = EUR:0.01
+rsa_keysize = 1024
+CIPHER = RSA
+
+[coin_eur_5]
+value = EUR:5
+duration_withdraw = 7 days
+duration_spend = 2 years
+duration_legal = 3 years
+fee_withdraw = EUR:0.01
+fee_deposit = EUR:0.01
+fee_refresh = EUR:0.03
+fee_refund = EUR:0.01
+rsa_keysize = 1024
+CIPHER = RSA
