exchange

taler-exchange-helper-measure-validate-accepted-tos (5092B)

---

 #!/bin/bash
 #
 #  This file is part of TALER
 #  Copyright (C) 2024, 2025 Taler Systems SA
 #
 #  TALER is free software; you can redistribute it and/or modify it under the
 #  terms of the GNU General Public License as published by the Free Software
 #  Foundation; either version 3, or (at your option) any later version.
 #
 #  TALER is distributed in the hope that it will be useful, but WITHOUT ANY
 #  WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
 #  A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
 #
 #  You should have received a copy of the GNU General Public License along with
 #  TALER; see the file COPYING.  If not, If not, see <http://www.gnu.org/license>
 #
 
 # Hard error reporting on.
 set -eu
 
 
 # Exit, with error message (hard failure)
 function exit_fail() {
     echo " FAIL: " "$@" >&2
     EXIT_STATUS=1
     exit "$EXIT_STATUS"
 }
 
 CONF="$HOME/.config/taler-exchange.conf"
 VERBOSE=0
 
 while getopts 'ac:hirvV' OPTION;
 do
     case "$OPTION" in
         a)
             # Terms of service status is required.
             echo "ACCEPTED_TERMS_OF_SERVICE"
             exit 0
             ;;
         c)
             # shellcheck disable=SC2034
             CONF="$OPTARG"
             ;;
         h)
             echo "This is a KYC measure program that lifts restrictions after the terms of service were accepted. Expiration rules are set based on the context."
             echo 'Supported options:'
             echo '  -a           -- show required attributes'
             # shellcheck disable=SC2016
             echo '  -c $CONF     -- set configuration'
             echo '  -h           -- print this help'
             echo '  -i           -- show required inputs'
             echo '  -r           -- show required context'
             echo '  -v           -- show version'
             echo '  -V           -- be verbose'
             exit 0
             ;;
         i)
             # Need context and current_rules.
             echo "attributes"
             echo "context"
             echo "current_rules"
             exit 0
             ;;
         r)
             # What to do next?
             echo "validity_years"
             echo "successor_measure"
             exit 0
             ;;
         v)
             echo "$0 v0.0.2"
             exit 0
             ;;
         V)
             VERBOSE=1
             ;;
         ?)
         exit_fail "Unrecognized command line option"
         ;;
     esac
 done
 
 if [ 1 = "$VERBOSE" ]
 then
     echo "Running $0" 1>&2
 fi
 
 # See https://docs.taler.net/taler-kyc-manual.html#tsref-type-AmlProgramInput
 # for the full JSON with possible inputs.
 
 # First, extract inputs we need
 INPUTS=$(jq '{"current_rules":.current_rules,"attributes":.attributes,"context":.context}')
 
 # Check form ID, must be 'accept-tos'
 FORM_ID=$(echo "$INPUTS" | jq -r '.attributes.FORM_ID')
 
 # The 'form' here should be the accept TOS form
 if [ "$FORM_ID" != "accept-tos" ]
 then
     echo "Unexpected form ID $FORM_ID" 1>&2
     echo "$INPUTS" | exec taler-exchange-helper-measure-freeze
     exit 1
 fi
 
 echo "$INPUTS" \
     | jq '.attributes' \
     | jq -r 'def get($k):
          if has($k)
             then .[$k]
             else error("attribute missing")
          end;
         {"DOWNLOADED_TERMS_OF_SERVICE":get("DOWNLOADED_TERMS_OF_SERVICE"),
          "ACCEPTED_TERMS_OF_SERVICE":get("ACCEPTED_TERMS_OF_SERVICE")}' \
     > /dev/null \
     || exec taler-exchange-helper-measure-freeze
 
 # Get ToS acceptance confirmation.
 TOS_ACCEPTED=$(echo "$INPUTS" | jq '.attributes.ACCEPTED_TERMS_OF_SERVICE // null')
 # Get current rules.
 CURRENT_RULES=$(echo "$INPUTS" | jq '.current_rules // null')
 # Get context values.
 VALIDITY_YEARS=$(echo "$INPUTS" | jq -r '.context.validity_years')
 # Convert to seconds after epoch
 EXPIRATION_STAMP=$((VALIDITY_YEARS * 365 * 24 * 60 * 60 + $(date +%s)))
 # Convert to GNUnet-style JSON timestamp
 EXPIRATION_TIME=$(jq -n --argjson es "$EXPIRATION_STAMP" '{"t_s":$es}')
 
 SUCCESSOR_MEASURE=$(echo "$INPUTS" | jq '.context.successor_measure // .current_rules.successor_measure // null')
 CUSTOM_MEASURES=$(echo "$INPUTS" | jq '.context.custom_measures // null')
 
 # Validate accepted ToS version
 if eval echo "$TOS_ACCEPTED" | grep "${EXCHANGE_AML_PROGRAM_TOPS_ENABLE_DEPOSITS_TOS_NAME}" > /dev/null
 then
     # Valid ToS acceptance
     # Remove limitation from current rules.
     NEW_RULES=$(echo "$CURRENT_RULES" | jq '(.rules[] |= if (.measures[0]=="accept-tos") then del(.) else . end)')
 else
     # Invalid ToS version
     echo "Version of accepted ToS ${TOS_ACCEPTED} invalid, wanted ${EXCHANGE_AML_PROGRAM_TOPS_ENABLE_DEPOSITS_TOS_NAME}." 1>&2
     NEW_RULES="$CURRENT_RULES"
 fi
 
 set -x
 
 # Finally, output the new rules.
 # See https://docs.taler.net/taler-kyc-manual.html#tsref-type-AmlOutcome
 # for the required output format.
 jq -n \
     --argjson et "$EXPIRATION_TIME" \
     --argjson sm "$SUCCESSOR_MEASURE" \
     --argjson cm "$CUSTOM_MEASURES" \
     --argjson nr "$NEW_RULES" \
     '{"new_rules":($nr+{"expiration_time":$et,"successor_measure":$sm,"custom_measures":({}+$cm)})}|del(..|nulls)'
 
 exit 0