commit 6d41eb68dbc4ced068c7e2fc8513c86b6d5d0d5f
parent 622897f109001969f94698063edfaf0dc6926cde
Author: Antoine A <>
Date: Wed, 30 Oct 2024 17:56:58 +0100
bank: add wiregateway token scope
Diffstat:
5 files changed, 38 insertions(+), 4 deletions(-)
diff --git a/bank/src/main/kotlin/tech/libeufin/bank/TalerMessage.kt b/bank/src/main/kotlin/tech/libeufin/bank/TalerMessage.kt
@@ -289,12 +289,15 @@ enum class TanChannel {
enum class TokenScope {
readonly,
readwrite,
- revenue;
+ revenue,
+ wiregateway;
+
fun logical(): TokenLogicalScope = when (this) {
readonly -> TokenLogicalScope.readonly
readwrite -> TokenLogicalScope.readwrite
revenue -> TokenLogicalScope.revenue
+ wiregateway -> TokenLogicalScope.readwrite_wiregateway
}
}
@@ -302,7 +305,9 @@ enum class TokenLogicalScope {
readonly,
readwrite,
revenue,
- refreshable
+ refreshable,
+ readonly_wiregateway,
+ readwrite_wiregateway
}
data class BearerToken(
diff --git a/bank/src/main/kotlin/tech/libeufin/bank/api/WireGatewayApi.kt b/bank/src/main/kotlin/tech/libeufin/bank/api/WireGatewayApi.kt
@@ -40,7 +40,7 @@ import java.time.Instant
fun Routing.wireGatewayApi(db: Database, cfg: BankConfig) {
- auth(db, cfg.pwCrypto, TokenLogicalScope.readwrite, cfg.basicAuthCompat) {
+ auth(db, cfg.pwCrypto, TokenLogicalScope.readwrite_wiregateway, cfg.basicAuthCompat) {
get("/accounts/{USERNAME}/taler-wire-gateway/config") {
call.respond(WireGatewayConfig(
currency = cfg.regionalCurrency
@@ -81,7 +81,7 @@ fun Routing.wireGatewayApi(db: Database, cfg: BankConfig) {
}
}
}
- auth(db, cfg.pwCrypto, TokenLogicalScope.readonly, cfg.basicAuthCompat) {
+ auth(db, cfg.pwCrypto, TokenLogicalScope.readonly_wiregateway, cfg.basicAuthCompat) {
suspend fun <T> ApplicationCall.historyEndpoint(
reduce: (List<T>, String) -> Any,
dbLambda: suspend ExchangeDAO.(HistoryParams, Long, BankPaytoCtx) -> List<T>
diff --git a/bank/src/main/kotlin/tech/libeufin/bank/auth/auth.kt b/bank/src/main/kotlin/tech/libeufin/bank/auth/auth.kt
@@ -187,6 +187,8 @@ fun validScope(required: TokenLogicalScope, scope: TokenScope): Boolean = when (
TokenLogicalScope.readonly -> scope in setOf(TokenScope.readonly, TokenScope.readwrite)
TokenLogicalScope.readwrite -> scope in setOf(TokenScope.readwrite)
TokenLogicalScope.revenue -> scope in setOf(TokenScope.readonly, TokenScope.readwrite, TokenScope.revenue)
+ TokenLogicalScope.readonly_wiregateway -> scope in setOf(TokenScope.wiregateway, TokenScope.readonly, TokenScope.readwrite)
+ TokenLogicalScope.readwrite_wiregateway -> scope in setOf(TokenScope.wiregateway, TokenScope.readwrite)
TokenLogicalScope.refreshable -> true
}
diff --git a/database-versioning/libeufin-bank-0010.sql b/database-versioning/libeufin-bank-0010.sql
@@ -0,0 +1,24 @@
+--
+-- This file is part of TALER
+-- Copyright (C) 2024 Taler Systems SA
+--
+-- TALER is free software; you can redistribute it and/or modify it under the
+-- terms of the GNU General Public License as published by the Free Software
+-- Foundation; either version 3, or (at your option) any later version.
+--
+-- TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+-- WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+-- A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+--
+-- You should have received a copy of the GNU General Public License along with
+-- TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+
+BEGIN;
+
+SELECT _v.register_patch('libeufin-bank-0010', NULL, NULL);
+SET search_path TO libeufin_bank;
+
+-- Add new token scope 'revenue'
+ALTER TYPE token_scope_enum ADD VALUE 'wiregateway';
+
+COMMIT;
diff --git a/testbench/src/test/kotlin/MigrationTest.kt b/testbench/src/test/kotlin/MigrationTest.kt
@@ -77,6 +77,9 @@ class MigrationTest {
// libeufin-bank-0009
conn.execSQLUpdate(Path("../database-versioning/libeufin-bank-0009.sql").readText())
+ // libeufin-bank-0010
+ conn.execSQLUpdate(Path("../database-versioning/libeufin-bank-0010.sql").readText())
+
// libeufin-nexus-0001
conn.execSQLUpdate(Path("../database-versioning/libeufin-nexus-0001.sql").readText())
conn.execSQLUpdate("""
