test_kyc_api.c (24717B)
1 /* 2 This file is part of TALER 3 Copyright (C) 2014-2024 Taler Systems SA 4 5 TALER is free software; you can redistribute it and/or modify 6 it under the terms of the GNU General Public License as 7 published by the Free Software Foundation; either version 3, or 8 (at your option) any later version. 9 10 TALER is distributed in the hope that it will be useful, but 11 WITHOUT ANY WARRANTY; without even the implied warranty of 12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 GNU General Public License for more details. 14 15 You should have received a copy of the GNU General Public 16 License along with TALER; see the file COPYING. If not, see 17 <http://www.gnu.org/licenses/> 18 */ 19 /** 20 * @file testing/test_kyc_api.c 21 * @brief testcase to test the KYC processes 22 * @author Christian Grothoff 23 */ 24 #include "taler/platform.h" 25 #include "taler/taler_util.h" 26 #include "taler/taler_attributes.h" 27 #include "taler/taler_signatures.h" 28 #include "taler/taler_exchange_service.h" 29 #include "taler/taler_json_lib.h" 30 #include <gnunet/gnunet_util_lib.h> 31 #include <microhttpd.h> 32 #include "taler/taler_bank_service.h" 33 #include "taler/taler_fakebank_lib.h" 34 #include "taler/taler_testing_lib.h" 35 36 37 /** 38 * Configuration file we use. One (big) configuration is used 39 * for the various components for this test. 40 */ 41 #define CONFIG_FILE "test_kyc_api.conf" 42 43 /** 44 * Our credentials. 45 */ 46 struct TALER_TESTING_Credentials cred; 47 48 49 /** 50 * Execute the taler-exchange-wirewatch command with 51 * our configuration file. 52 * 53 * @param label label to use for the command. 54 */ 55 #define CMD_EXEC_WIREWATCH(label) \ 56 TALER_TESTING_cmd_exec_wirewatch2 ( \ 57 label, \ 58 CONFIG_FILE, \ 59 "exchange-account-2") 60 61 /** 62 * Execute the taler-exchange-aggregator, closer and transfer commands with 63 * our configuration file. 64 * 65 * @param label label to use for the command. 66 */ 67 #define CMD_EXEC_AGGREGATOR(label) \ 68 TALER_TESTING_cmd_sleep ( \ 69 label "-sleep", 1), \ 70 TALER_TESTING_cmd_exec_aggregator_with_kyc ( \ 71 label, CONFIG_FILE), \ 72 TALER_TESTING_cmd_exec_transfer ( \ 73 label, CONFIG_FILE) 74 75 /** 76 * Run wire transfer of funds from some user's account to the 77 * exchange. 78 * 79 * @param label label to use for the command. 80 * @param amount amount to transfer, i.e. "EUR:1" 81 */ 82 #define CMD_TRANSFER_TO_EXCHANGE(label,amount) \ 83 TALER_TESTING_cmd_admin_add_incoming ( \ 84 label, \ 85 amount, \ 86 &cred.ba, \ 87 cred.user42_payto) 88 89 /** 90 * Main function that will tell the interpreter what commands to 91 * run. 92 * 93 * @param cls closure 94 */ 95 static void 96 run (void *cls, 97 struct TALER_TESTING_Interpreter *is) 98 { 99 struct TALER_TESTING_Command withdraw[] = { 100 CMD_TRANSFER_TO_EXCHANGE ( 101 "create-reserve-1", 102 "EUR:15.02"), 103 TALER_TESTING_cmd_check_bank_admin_transfer ( 104 "check-create-reserve-1", 105 "EUR:15.02", 106 cred.user42_payto, 107 cred.exchange_payto, 108 "create-reserve-1"), 109 CMD_EXEC_WIREWATCH ("wirewatch-1"), 110 TALER_TESTING_cmd_withdraw_amount ( 111 "withdraw-coin-1-no-kyc", 112 "create-reserve-1", 113 "EUR:10", 114 0, /* age restriction off */ 115 MHD_HTTP_UNAVAILABLE_FOR_LEGAL_REASONS), 116 TALER_TESTING_cmd_withdraw_amount ( 117 "withdraw-coin-1", 118 "create-reserve-1", 119 "EUR:5", 120 0, /* age restriction off */ 121 MHD_HTTP_OK), 122 TALER_TESTING_cmd_end () 123 }; 124 125 /** 126 * Test withdraw with KYC. 127 */ 128 struct TALER_TESTING_Command withdraw_kyc[] = { 129 CMD_TRANSFER_TO_EXCHANGE ( 130 "create-reserve-kyc", 131 "EUR:15.02"), 132 TALER_TESTING_cmd_check_bank_admin_transfer ( 133 "check-create-reserve-kyc", 134 "EUR:15.02", 135 cred.user42_payto, 136 cred.exchange_payto, 137 "create-reserve-kyc"), 138 CMD_EXEC_WIREWATCH ("wirewatch-kyc"), 139 TALER_TESTING_cmd_withdraw_amount ( 140 "withdraw-coin-1-lacking-kyc", 141 "create-reserve-kyc", 142 "EUR:10", 143 0, /* age restriction off */ 144 MHD_HTTP_UNAVAILABLE_FOR_LEGAL_REASONS), 145 TALER_TESTING_cmd_admin_add_kycauth ( 146 "setup-account-key-withdraw", 147 "EUR:0.01", 148 &cred.ba, 149 cred.user42_payto, 150 NULL /* create new key */), 151 CMD_EXEC_WIREWATCH ( 152 "import-kyc-account-withdraw"), 153 TALER_TESTING_cmd_check_kyc_get ( 154 "check-kyc-withdraw", 155 "withdraw-coin-1-lacking-kyc", 156 "setup-account-key-withdraw", 157 TALER_EXCHANGE_KLPT_KYC_AUTH_TRANSFER, 158 MHD_HTTP_ACCEPTED), 159 TALER_TESTING_cmd_get_kyc_info ( 160 "get-kyc-info-withdraw", 161 "check-kyc-withdraw", 162 MHD_HTTP_OK), 163 TALER_TESTING_cmd_post_kyc_start ( 164 "start-kyc-process-withdraw", 165 "get-kyc-info-withdraw", 166 0, 167 MHD_HTTP_OK), 168 TALER_TESTING_cmd_proof_kyc_oauth2 ( 169 "proof-kyc-withdraw-oauth2", 170 "withdraw-coin-1-lacking-kyc", 171 "test-oauth2", 172 "pass", 173 MHD_HTTP_SEE_OTHER), 174 TALER_TESTING_cmd_withdraw_with_age_proof ( 175 "age-withdraw-coin-1-with-kyc", 176 "create-reserve-kyc", 177 1, 178 MHD_HTTP_CREATED, 179 "EUR:5", 180 NULL), 181 TALER_TESTING_cmd_withdraw_reveal_age_proof ( 182 "reveal-age-withdraw-coin-1-with-kyc", 183 "age-withdraw-coin-1-with-kyc", 184 MHD_HTTP_OK), 185 /* Attestations above are bound to the originating *bank* account, 186 not to the reserve (!). Hence, they are NOT found here! */ 187 TALER_TESTING_cmd_reserve_get_attestable ( 188 "reserve-get-attestable", 189 "create-reserve-kyc", 190 MHD_HTTP_NOT_FOUND, 191 NULL), 192 TALER_TESTING_cmd_end () 193 }; 194 struct TALER_TESTING_Command spend[] = { 195 TALER_TESTING_cmd_set_var ( 196 "account-priv", 197 TALER_TESTING_cmd_deposit ( 198 "deposit-simple-fail-kyc", 199 "withdraw-coin-1", 200 0, 201 cred.user43_payto, 202 "{\"items\":[{\"name\":\"ice cream\",\"value\":1}]}", 203 GNUNET_TIME_UNIT_ZERO, 204 "EUR:5", 205 MHD_HTTP_UNAVAILABLE_FOR_LEGAL_REASONS)), 206 TALER_TESTING_cmd_admin_add_kycauth ( 207 "kyc-auth-transfer", 208 "EUR:0.01", 209 &cred.ba, 210 cred.user42_payto, 211 "deposit-simple-fail-kyc"), 212 TALER_TESTING_cmd_admin_add_kycauth ( 213 "kyc-auth-transfer", 214 "EUR:0.01", 215 &cred.ba, 216 cred.user43_payto, 217 "deposit-simple-fail-kyc"), 218 CMD_EXEC_WIREWATCH ( 219 "import-kyc-account"), 220 TALER_TESTING_cmd_deposit ( 221 "deposit-simple", 222 "withdraw-coin-1", 223 0, 224 cred.user43_payto, 225 "{\"items\":[{\"name\":\"ice cream\",\"value\":1}]}", 226 GNUNET_TIME_UNIT_ZERO, 227 "EUR:5", 228 MHD_HTTP_OK), 229 TALER_TESTING_cmd_deposits_get ( 230 "track-deposit", 231 "deposit-simple", 232 0, 233 MHD_HTTP_ACCEPTED, 234 NULL), 235 TALER_TESTING_cmd_end () 236 }; 237 238 239 struct TALER_TESTING_Command track[] = { 240 CMD_EXEC_AGGREGATOR ("run-aggregator-before-kyc"), 241 TALER_TESTING_cmd_check_bank_empty ( 242 "check_bank_empty-no-kyc"), 243 TALER_TESTING_cmd_deposits_get ( 244 "track-deposit-kyc-ready", 245 "deposit-simple", 246 0, 247 MHD_HTTP_ACCEPTED, 248 NULL), 249 TALER_TESTING_cmd_admin_add_kycauth ( 250 "setup-account-key-deposit", 251 "EUR:0.01", 252 &cred.ba, 253 cred.user43_payto, 254 NULL /* create new key */), 255 CMD_EXEC_WIREWATCH ( 256 "import-kyc-account-deposit"), 257 TALER_TESTING_cmd_check_kyc_get ( 258 "check-kyc-deposit", 259 "track-deposit-kyc-ready", 260 "setup-account-key-deposit", 261 TALER_EXCHANGE_KLPT_KYC_AUTH_TRANSFER, 262 MHD_HTTP_ACCEPTED), 263 TALER_TESTING_cmd_get_kyc_info ( 264 "get-kyc-info-deposit", 265 "check-kyc-deposit", 266 MHD_HTTP_OK), 267 TALER_TESTING_cmd_post_kyc_start ( 268 "start-kyc-process-deposit", 269 "get-kyc-info-deposit", 270 0, 271 MHD_HTTP_OK), 272 TALER_TESTING_cmd_proof_kyc_oauth2 ( 273 "proof-kyc-no-service", 274 "track-deposit-kyc-ready", 275 "test-oauth2", 276 "bad", 277 MHD_HTTP_BAD_GATEWAY), 278 TALER_TESTING_cmd_oauth_with_birthdate ( 279 "start-oauth-service", 280 "2005-00-00", 281 6666), 282 TALER_TESTING_cmd_proof_kyc_oauth2 ( 283 "proof-kyc-fail", 284 "track-deposit-kyc-ready", 285 "test-oauth2", 286 "bad", 287 MHD_HTTP_FORBIDDEN), 288 TALER_TESTING_cmd_check_kyc_get ( 289 "check-kyc-deposit-again", 290 "track-deposit-kyc-ready", 291 "setup-account-key-deposit", 292 TALER_EXCHANGE_KLPT_KYC_AUTH_TRANSFER, 293 MHD_HTTP_ACCEPTED), 294 TALER_TESTING_cmd_get_kyc_info ( 295 "get-kyc-info-deposit-again", 296 "check-kyc-deposit-again", 297 MHD_HTTP_OK), 298 TALER_TESTING_cmd_post_kyc_start ( 299 "start-kyc-process-deposit-again", 300 "get-kyc-info-deposit-again", 301 0, 302 MHD_HTTP_OK), 303 TALER_TESTING_cmd_proof_kyc_oauth2 ( 304 "proof-kyc-pass", 305 "track-deposit-kyc-ready", 306 "test-oauth2", 307 "pass", 308 MHD_HTTP_SEE_OTHER), 309 CMD_EXEC_AGGREGATOR ( 310 "run-aggregator-after-kyc"), 311 TALER_TESTING_cmd_check_bank_transfer ( 312 "check_bank_transfer-499c", 313 cred.exchange_url, 314 "EUR:4.98", 315 cred.exchange_payto, 316 cred.user43_payto), 317 TALER_TESTING_cmd_check_bank_empty ( 318 "check_bank_empty"), 319 TALER_TESTING_cmd_end () 320 }; 321 322 struct TALER_TESTING_Command wallet_kyc[] = { 323 TALER_TESTING_cmd_wallet_kyc_get ( 324 "wallet-kyc-fail", 325 NULL, 326 "EUR:1000000", 327 MHD_HTTP_UNAVAILABLE_FOR_LEGAL_REASONS), 328 TALER_TESTING_cmd_check_kyc_get ( 329 "check-kyc-wallet", 330 "wallet-kyc-fail", 331 "wallet-kyc-fail", 332 TALER_EXCHANGE_KLPT_KYC_AUTH_TRANSFER, 333 MHD_HTTP_ACCEPTED), 334 TALER_TESTING_cmd_get_kyc_info ( 335 "get-kyc-info-kyc-wallet", 336 "check-kyc-wallet", 337 MHD_HTTP_OK), 338 TALER_TESTING_cmd_post_kyc_start ( 339 "start-kyc-wallet", 340 "get-kyc-info-kyc-wallet", 341 0, 342 MHD_HTTP_OK), 343 TALER_TESTING_cmd_proof_kyc_oauth2 ( 344 "proof-wallet-kyc", 345 "wallet-kyc-fail", 346 "test-oauth2", 347 "pass", 348 MHD_HTTP_SEE_OTHER), 349 TALER_TESTING_cmd_check_kyc_get ( 350 "wallet-kyc-check", 351 "wallet-kyc-fail", 352 "wallet-kyc-fail", 353 TALER_EXCHANGE_KLPT_KYC_AUTH_TRANSFER, 354 MHD_HTTP_OK), 355 TALER_TESTING_cmd_reserve_get_attestable ( 356 "wallet-get-attestable", 357 "wallet-kyc-fail", 358 MHD_HTTP_OK, 359 TALER_ATTRIBUTE_FULL_NAME, 360 NULL), 361 TALER_TESTING_cmd_reserve_attest ( 362 "wallet-get-attest", 363 "wallet-kyc-fail", 364 MHD_HTTP_OK, 365 TALER_ATTRIBUTE_FULL_NAME, 366 NULL), 367 TALER_TESTING_cmd_end () 368 }; 369 370 /** 371 * Test withdrawal for P2P 372 */ 373 struct TALER_TESTING_Command p2p_withdraw[] = { 374 /** 375 * Move money to the exchange's bank account. 376 */ 377 CMD_TRANSFER_TO_EXCHANGE ( 378 "p2p_create-reserve-1", 379 "EUR:5.04"), 380 CMD_TRANSFER_TO_EXCHANGE ( 381 "p2p_create-reserve-2", 382 "EUR:5.01"), 383 CMD_TRANSFER_TO_EXCHANGE ( 384 "p2p_create-reserve-3", 385 "EUR:0.03"), 386 TALER_TESTING_cmd_reserve_poll ( 387 "p2p_poll-reserve-1", 388 "p2p_create-reserve-1", 389 "EUR:5.04", 390 GNUNET_TIME_UNIT_MINUTES, 391 MHD_HTTP_OK), 392 TALER_TESTING_cmd_check_bank_admin_transfer ( 393 "p2p_check-create-reserve-1", 394 "EUR:5.04", 395 cred.user42_payto, 396 cred.exchange_payto, 397 "p2p_create-reserve-1"), 398 TALER_TESTING_cmd_check_bank_admin_transfer ( 399 "p2p_check-create-reserve-2", 400 "EUR:5.01", 401 cred.user42_payto, 402 cred.exchange_payto, 403 "p2p_create-reserve-2"), 404 /** 405 * Make a reserve exist, according to the previous 406 * transfer. 407 */ 408 CMD_EXEC_WIREWATCH ("p2p_wirewatch-1"), 409 TALER_TESTING_cmd_reserve_poll_finish ( 410 "p2p_finish-poll-reserve-1", 411 GNUNET_TIME_UNIT_SECONDS, 412 "p2p_poll-reserve-1"), 413 /** 414 * Withdraw EUR:5. 415 */ 416 TALER_TESTING_cmd_withdraw_amount ( 417 "p2p_withdraw-coin-1", 418 "p2p_create-reserve-1", 419 "EUR:5", 420 0, /* age restriction off */ 421 MHD_HTTP_OK), 422 /** 423 * Check the reserve is depleted. 424 */ 425 TALER_TESTING_cmd_status ( 426 "p2p_status-1", 427 "p2p_create-reserve-1", 428 "EUR:0.03", 429 MHD_HTTP_OK), 430 TALER_TESTING_cmd_end () 431 }; 432 struct TALER_TESTING_Command push[] = { 433 TALER_TESTING_cmd_purse_create_with_deposit ( 434 "purse-with-deposit", 435 MHD_HTTP_OK, 436 "{\"amount\":\"EUR:1\",\"summary\":\"ice cream\"}", 437 true, /* upload contract */ 438 GNUNET_TIME_UNIT_MINUTES, /* expiration */ 439 "p2p_withdraw-coin-1", 440 "EUR:1.01", 441 NULL), 442 TALER_TESTING_cmd_coin_history ( 443 "coin-history-purse-with-deposit", 444 "p2p_withdraw-coin-1#0", 445 "EUR:3.99", 446 MHD_HTTP_OK), 447 TALER_TESTING_cmd_purse_poll ( 448 "push-poll-purse-before-merge", 449 MHD_HTTP_OK, 450 "purse-with-deposit", 451 "EUR:1", 452 true, 453 GNUNET_TIME_UNIT_MINUTES), 454 TALER_TESTING_cmd_contract_get ( 455 "push-get-contract", 456 MHD_HTTP_OK, 457 true, /* for merge */ 458 "purse-with-deposit"), 459 TALER_TESTING_cmd_purse_merge ( 460 "purse-merge-into-reserve", 461 MHD_HTTP_UNAVAILABLE_FOR_LEGAL_REASONS, 462 "push-get-contract", 463 "p2p_create-reserve-1"), 464 TALER_TESTING_cmd_check_kyc_get ( 465 "check-kyc-purse-merge", 466 "purse-merge-into-reserve", 467 "p2p_create-reserve-1", 468 TALER_EXCHANGE_KLPT_KYC_AUTH_TRANSFER, 469 MHD_HTTP_ACCEPTED), 470 TALER_TESTING_cmd_get_kyc_info ( 471 "get-kyc-info-purse-merge-into-reserve", 472 "check-kyc-purse-merge", 473 MHD_HTTP_OK), 474 TALER_TESTING_cmd_post_kyc_start ( 475 "start-kyc-process-purse-merge-into-reserve", 476 "get-kyc-info-purse-merge-into-reserve", 477 0, 478 MHD_HTTP_OK), 479 TALER_TESTING_cmd_proof_kyc_oauth2 ( 480 "p2p_proof-kyc", 481 "purse-merge-into-reserve", 482 "test-oauth2", 483 "pass", 484 MHD_HTTP_SEE_OTHER), 485 TALER_TESTING_cmd_purse_merge ( 486 "purse-merge-into-reserve", 487 MHD_HTTP_OK, 488 "push-get-contract", 489 "p2p_create-reserve-1"), 490 TALER_TESTING_cmd_purse_poll_finish ( 491 "push-merge-purse-poll-finish", 492 GNUNET_TIME_relative_multiply ( 493 GNUNET_TIME_UNIT_SECONDS, 494 5), 495 "push-poll-purse-before-merge"), 496 TALER_TESTING_cmd_status ( 497 "push-check-post-merge-reserve-balance-get", 498 "p2p_create-reserve-1", 499 "EUR:1.03", 500 MHD_HTTP_OK), 501 TALER_TESTING_cmd_reserve_history ( 502 "push-check-post-merge-reserve-balance-post", 503 "p2p_create-reserve-1", 504 "EUR:1.03", 505 MHD_HTTP_OK), 506 507 TALER_TESTING_cmd_end () 508 }; 509 struct TALER_TESTING_Command pull[] = { 510 TALER_TESTING_cmd_purse_create_with_reserve ( 511 "purse-create-with-reserve", 512 MHD_HTTP_UNAVAILABLE_FOR_LEGAL_REASONS, 513 "{\"amount\":\"EUR:1\",\"summary\":\"ice cream\"}", 514 true /* upload contract */, 515 true /* pay purse fee */, 516 GNUNET_TIME_UNIT_MINUTES, /* expiration */ 517 "p2p_create-reserve-3"), 518 TALER_TESTING_cmd_check_kyc_get ( 519 "check-kyc-purse-create", 520 "purse-create-with-reserve", 521 "purse-create-with-reserve", 522 TALER_EXCHANGE_KLPT_KYC_AUTH_TRANSFER, 523 MHD_HTTP_ACCEPTED), 524 TALER_TESTING_cmd_get_kyc_info ( 525 "get-kyc-info-purse-create", 526 "check-kyc-purse-create", 527 MHD_HTTP_OK), 528 TALER_TESTING_cmd_post_kyc_start ( 529 "start-kyc-process-purse-create", 530 "get-kyc-info-purse-create", 531 0, 532 MHD_HTTP_OK), 533 TALER_TESTING_cmd_proof_kyc_oauth2 ( 534 "p2p_proof-kyc-pull", 535 "purse-create-with-reserve", 536 "test-oauth2", 537 "pass", 538 MHD_HTTP_SEE_OTHER), 539 TALER_TESTING_cmd_purse_create_with_reserve ( 540 "purse-create-with-reserve", 541 MHD_HTTP_OK, 542 "{\"amount\":\"EUR:1\",\"summary\":\"ice cream\"}", 543 true /* upload contract */, 544 true /* pay purse fee */, 545 GNUNET_TIME_UNIT_MINUTES, /* expiration */ 546 "p2p_create-reserve-3"), 547 TALER_TESTING_cmd_contract_get ( 548 "pull-get-contract", 549 MHD_HTTP_OK, 550 false, /* for deposit */ 551 "purse-create-with-reserve"), 552 TALER_TESTING_cmd_purse_poll ( 553 "pull-poll-purse-before-deposit", 554 MHD_HTTP_OK, 555 "purse-create-with-reserve", 556 "EUR:1", 557 false, 558 GNUNET_TIME_UNIT_MINUTES), 559 TALER_TESTING_cmd_purse_deposit_coins ( 560 "purse-deposit-coins", 561 MHD_HTTP_OK, 562 0 /* min age */, 563 "purse-create-with-reserve", 564 "p2p_withdraw-coin-1", 565 "EUR:1.01", 566 NULL), 567 TALER_TESTING_cmd_coin_history ( 568 "coin-history-purse-pull-deposit", 569 "p2p_withdraw-coin-1#0", 570 "EUR:2.98", 571 MHD_HTTP_OK), 572 TALER_TESTING_cmd_purse_poll_finish ( 573 "pull-deposit-purse-poll-finish", 574 GNUNET_TIME_relative_multiply ( 575 GNUNET_TIME_UNIT_SECONDS, 576 5), 577 "pull-poll-purse-before-deposit"), 578 TALER_TESTING_cmd_status ( 579 "pull-check-post-merge-reserve-balance-get-2", 580 "p2p_create-reserve-3", 581 "EUR:1.03", 582 MHD_HTTP_OK), 583 TALER_TESTING_cmd_reserve_history ( 584 "push-check-post-merge-reserve-balance-post-2", 585 "p2p_create-reserve-3", 586 "EUR:1.03", 587 MHD_HTTP_OK), 588 TALER_TESTING_cmd_end () 589 }; 590 struct TALER_TESTING_Command aml[] = { 591 TALER_TESTING_cmd_set_officer ( 592 "create-aml-officer-1", 593 NULL, 594 "Peter Falk", 595 true, 596 true), 597 TALER_TESTING_cmd_check_aml_decisions ( 598 "check-decisions-none-normal", 599 "create-aml-officer-1", 600 NULL, 601 MHD_HTTP_OK), 602 /* Trigger something upon which an AML officer could act */ 603 TALER_TESTING_cmd_wallet_kyc_get ( 604 "wallet-trigger-kyc-for-aml", 605 NULL, 606 "EUR:1000", 607 MHD_HTTP_UNAVAILABLE_FOR_LEGAL_REASONS), 608 TALER_TESTING_cmd_get_active_legitimization_measures ( 609 "check-decisions-wallet-pending", 610 "create-aml-officer-1", 611 "wallet-trigger-kyc-for-aml", 612 MHD_HTTP_OK, 613 "{\"measures\": [{\"check_name\": \"oauth-test-id\", \"prog_name\": \"oauth-output-check\", \"context\": {}}], \"is_and_combinator\": true, \"verboten\": false}"), 614 /* Test that we are not allowed to take AML decisions as our 615 AML staff account is on read-only */ 616 TALER_TESTING_cmd_take_aml_decision ( 617 "aml-decide-while-disabled", 618 "create-aml-officer-1", 619 "wallet-trigger-kyc-for-aml", 620 true /* keep investigating */, 621 GNUNET_TIME_UNIT_HOURS /* expiration */, 622 NULL /* successor measure: default */, 623 "{\"rules\":[" 624 "{\"timeframe\":{\"d_us\":3600000000}," 625 " \"threshold\":\"EUR:10000\"," 626 " \"operation_type\":\"BALANCE\"," 627 " \"verboten\":true" 628 "}" 629 "]}" /* new rules */, 630 "{}" /* properties */, 631 "party time", 632 MHD_HTTP_FORBIDDEN), 633 /* Check that no decision was taken, but that we are allowed 634 to read this information */ 635 TALER_TESTING_cmd_check_aml_decisions ( 636 "check-aml-decision-empty", 637 "create-aml-officer-1", 638 "aml-decide-while-disabled", 639 MHD_HTTP_NO_CONTENT), 640 TALER_TESTING_cmd_sleep ( 641 "sleep-1b", 642 1), 643 TALER_TESTING_cmd_set_officer ( 644 "create-aml-officer-1-enable", 645 "create-aml-officer-1", 646 "Peter Falk", 647 true, 648 false), 649 TALER_TESTING_cmd_take_aml_decision ( 650 "aml-decide", 651 "create-aml-officer-1", 652 "wallet-trigger-kyc-for-aml", 653 true /* keep investigating */, 654 GNUNET_TIME_UNIT_HOURS /* expiration */, 655 NULL /* successor measure: default */, 656 "{\"rules\":[" 657 "{\"timeframe\":{\"d_us\":3600000000}," 658 " \"threshold\":\"EUR:10000\"," 659 " \"operation_type\":\"BALANCE\"," 660 " \"verboten\":true" 661 "}" 662 "]}" /* new rules */, 663 "{}" /* properties */, 664 "party time", 665 MHD_HTTP_NO_CONTENT), 666 TALER_TESTING_cmd_check_aml_decisions ( 667 "check-decisions-one-normal", 668 "create-aml-officer-1", 669 "aml-decide", 670 MHD_HTTP_OK), 671 TALER_TESTING_cmd_wallet_kyc_get ( 672 "wallet-trigger-kyc-for-aml-allowed", 673 "wallet-trigger-kyc-for-aml", 674 "EUR:1000", 675 MHD_HTTP_OK), 676 TALER_TESTING_cmd_wallet_kyc_get ( 677 "wallet-trigger-kyc-for-aml-denied-high", 678 "wallet-trigger-kyc-for-aml", 679 "EUR:20000", 680 MHD_HTTP_UNAVAILABLE_FOR_LEGAL_REASONS), 681 TALER_TESTING_cmd_sleep ( 682 "sleep-1d", 683 1), 684 TALER_TESTING_cmd_set_officer ( 685 "create-aml-officer-1-disable", 686 "create-aml-officer-1", 687 "Peter Falk", 688 false, 689 true), 690 /* Test that we are NOT allowed to read AML decisions now that 691 our AML staff account is disabled */ 692 TALER_TESTING_cmd_check_aml_decisions ( 693 "check-aml-decision-disabled", 694 "create-aml-officer-1", 695 "aml-decide", 696 MHD_HTTP_FORBIDDEN), 697 TALER_TESTING_cmd_end () 698 }; 699 700 struct TALER_TESTING_Command aml_form[] = { 701 TALER_TESTING_cmd_set_officer ( 702 "create-aml-form-officer-1", 703 NULL, 704 "Peter Falk", 705 true, 706 false), 707 /* Trigger something upon which an AML officer could act */ 708 TALER_TESTING_cmd_wallet_kyc_get ( 709 "wallet-trigger-kyc-for-form-aml", 710 NULL, 711 "EUR:1000", 712 MHD_HTTP_UNAVAILABLE_FOR_LEGAL_REASONS), 713 TALER_TESTING_cmd_wallet_kyc_get ( 714 "wallet-trigger-kyc-for-form-aml-disallowed", 715 "wallet-trigger-kyc-for-form-aml", 716 "EUR:500", 717 MHD_HTTP_UNAVAILABLE_FOR_LEGAL_REASONS), 718 /* AML officer switches from Oauth2 to form */ 719 TALER_TESTING_cmd_take_aml_decision ( 720 "aml-decide-form", 721 "create-aml-form-officer-1", 722 "wallet-trigger-kyc-for-form-aml", 723 false /* just awaiting KYC, no investigation */, 724 GNUNET_TIME_UNIT_HOURS /* expiration */, 725 NULL /* successor measure: default */, 726 "{\"rules\":" 727 " [" 728 " {" 729 " \"timeframe\":{\"d_us\":3600000000}" 730 " ,\"threshold\":\"EUR:0\"" 731 " ,\"operation_type\":\"BALANCE\"" 732 " ,\"display_priority\":65536" 733 " ,\"measures\":[\"form-measure\"]" 734 " ,\"verboten\":false" 735 " }" 736 " ]" /* end new rules */ 737 ",\"new_measures\":\"form-measure\"" 738 ",\"custom_measures\":" 739 " {" 740 " \"form-measure\":" 741 " {" 742 " \"check_name\":\"test-form\"" 743 " ,\"prog_name\":\"test-form-check\"" 744 " }" 745 " }" /* end custom measures */ 746 "}", 747 "{}" /* properties */, 748 "form time", 749 MHD_HTTP_NO_CONTENT), 750 /* Wallet learns about form submission */ 751 TALER_TESTING_cmd_check_kyc_get ( 752 "check-kyc-form", 753 "wallet-trigger-kyc-for-form-aml", 754 "wallet-trigger-kyc-for-form-aml", 755 TALER_EXCHANGE_KLPT_KYC_AUTH_TRANSFER, 756 MHD_HTTP_ACCEPTED), 757 TALER_TESTING_cmd_get_kyc_info ( 758 "get-kyc-info-form", 759 "check-kyc-form", 760 MHD_HTTP_OK), 761 TALER_TESTING_cmd_post_kyc_form ( 762 "wallet-post-kyc-form", 763 "get-kyc-info-form", 764 0, /* requirement index */ 765 "application/json", 766 "{\"FORM_ID\":\"test\",\"FULL_NAME\":\"Bob\",\"DATE_OF_BIRTH\":\"1990-00-00\"}", 767 MHD_HTTP_NO_CONTENT), 768 /* now this should be allowed */ 769 TALER_TESTING_cmd_wallet_kyc_get ( 770 "wallet-trigger-kyc-for-form-aml-allowed", 771 "wallet-trigger-kyc-for-form-aml", 772 "EUR:500", 773 MHD_HTTP_OK), 774 TALER_TESTING_cmd_end () 775 }; 776 777 778 struct TALER_TESTING_Command commands[] = { 779 TALER_TESTING_cmd_run_fakebank ( 780 "run-fakebank", 781 cred.cfg, 782 "exchange-account-2"), 783 TALER_TESTING_cmd_system_start ( 784 "start-taler", 785 CONFIG_FILE, 786 "-e", 787 NULL), 788 TALER_TESTING_cmd_get_exchange ( 789 "get-exchange", 790 cred.cfg, 791 NULL, 792 true, 793 true), 794 TALER_TESTING_cmd_batch ( 795 "withdraw", 796 withdraw), 797 TALER_TESTING_cmd_batch ( 798 "spend", 799 spend), 800 TALER_TESTING_cmd_batch ( 801 "track", 802 track), 803 TALER_TESTING_cmd_batch ( 804 "withdraw-kyc", 805 withdraw_kyc), 806 TALER_TESTING_cmd_batch ( 807 "wallet-kyc", 808 wallet_kyc), 809 TALER_TESTING_cmd_batch ( 810 "p2p_withdraw", 811 p2p_withdraw), 812 TALER_TESTING_cmd_batch ( 813 "push", 814 push), 815 TALER_TESTING_cmd_batch ( 816 "pull", 817 pull), 818 TALER_TESTING_cmd_batch ("aml", 819 aml), 820 TALER_TESTING_cmd_batch ("aml-form", 821 aml_form), 822 TALER_TESTING_cmd_end () 823 }; 824 825 (void) cls; 826 TALER_TESTING_run (is, 827 commands); 828 } 829 830 831 int 832 main (int argc, 833 char *const *argv) 834 { 835 (void) argc; 836 return TALER_TESTING_main ( 837 argv, 838 "INFO", 839 CONFIG_FILE, 840 "exchange-account-2", 841 TALER_TESTING_BS_FAKEBANK, 842 &cred, 843 &run, 844 NULL); 845 } 846 847 848 /* end of test_kyc_api.c */