commit 5ffae0e12b62c0eabfa997657eabf02b6dcf9502
parent 004fc57de2e604ad29816d79bd4f593b2c26090a
Author: Antoine A <>
Date: Wed, 10 Jan 2024 11:42:06 +0000
More tan error handling for account creation
Diffstat:
3 files changed, 33 insertions(+), 4 deletions(-)
diff --git a/bank/src/main/kotlin/tech/libeufin/bank/CoreBankApi.kt b/bank/src/main/kotlin/tech/libeufin/bank/CoreBankApi.kt
@@ -143,6 +143,9 @@ private fun Routing.coreBankTokenApi(db: Database) {
}
suspend fun createAccount(db: Database, ctx: BankConfig, req: RegisterAccountRequest, isAdmin: Boolean): Pair<AccountCreationResult, IbanPayTo> {
+ val reqPayto = req.payto_uri ?: req.internal_payto_uri
+ val contactData = req.contact_data ?: req.challenge_contact_data
+
// Prohibit reserved usernames:
if (RESERVED_ACCOUNTS.contains(req.username))
throw conflict(
@@ -156,15 +159,26 @@ suspend fun createAccount(db: Database, ctx: BankConfig, req: RegisterAccountReq
"only admin account can choose the debit limit",
TalerErrorCode.BANK_NON_ADMIN_PATCH_DEBT_LIMIT
)
+
if (req.tan_channel != null)
throw conflict(
"only admin account can enable 2fa on creation",
TalerErrorCode.BANK_NON_ADMIN_SET_TAN_CHANNEL
)
- } else {
- if (req.tan_channel != null && ctx.tanChannels.get(req.tan_channel) == null) {
+
+ } else if (req.tan_channel != null) {
+ if (ctx.tanChannels.get(req.tan_channel) == null) {
throw unsupportedTanChannel(req.tan_channel)
+ }
+ val missing = when (req.tan_channel) {
+ TanChannel.sms -> contactData?.phone?.get() == null
+ TanChannel.email -> contactData?.email?.get() == null
}
+ if (missing)
+ throw conflict(
+ "missing info for tan channel ${req.tan_channel}",
+ TalerErrorCode.BANK_MISSING_TAN_INFO
+ )
}
if (req.username == "exchange" && !req.is_taler_exchange)
@@ -173,8 +187,6 @@ suspend fun createAccount(db: Database, ctx: BankConfig, req: RegisterAccountReq
TalerErrorCode.END
)
- val reqPayto = req.payto_uri ?: req.internal_payto_uri
- val contactData = req.contact_data ?: req.challenge_contact_data
var retry = if (reqPayto == null) IBAN_ALLOCATION_RETRY_COUNTER else 0
while (true) {
diff --git a/bank/src/main/kotlin/tech/libeufin/bank/Main.kt b/bank/src/main/kotlin/tech/libeufin/bank/Main.kt
@@ -449,6 +449,7 @@ class CreateAccount : CliktCommand(
private val options by CreateAccountOption().cooccurring()
override fun run() = cliCmd(logger) {
+ // TODO support setting tan
val cfg = talerConfig(common.config)
val ctx = cfg.loadBankConfig()
val dbCfg = cfg.loadDbConfig()
diff --git a/bank/src/test/kotlin/CoreBankApiTest.kt b/bank/src/test/kotlin/CoreBankApiTest.kt
@@ -235,6 +235,9 @@ class CoreBankAccountsApiTest {
"username" to "bat2"
"password" to "password"
"name" to "Bat"
+ "contact_data" to obj {
+ "phone" to "+456"
+ }
"tan_channel" to "sms"
}.let { req ->
client.post("/accounts") {
@@ -246,6 +249,19 @@ class CoreBankAccountsApiTest {
}.assertOk()
}
+ // Check tan info
+ for (channel in listOf("sms", "email")) {
+ client.post("/accounts") {
+ pwAuth("admin")
+ json {
+ "username" to "bat2"
+ "password" to "password"
+ "name" to "Bat"
+ "tan_channel" to channel
+ }
+ }.assertErr(TalerErrorCode.BANK_MISSING_TAN_INFO)
+ }
+
// Reserved account
RESERVED_ACCOUNTS.forEach {
client.post("/accounts") {
