commit 9317a014bd8e1aca5d19d1dada908d732a4981f1
parent 546f35fd8476f3c6adbb2b12702de32ec2de3476
Author: Florian Dold <florian@dold.me>
Date: Sat, 30 Sep 2023 22:49:27 +0200
filter invalid transactions in Taler Wire Gateway API
We don't bounce yet, but at least don't report invalid reserve_pub transactions
Diffstat:
2 files changed, 31 insertions(+), 11 deletions(-)
diff --git a/bank/src/main/kotlin/tech/libeufin/bank/WireGatewayApiHandlers.kt b/bank/src/main/kotlin/tech/libeufin/bank/WireGatewayApiHandlers.kt
@@ -27,9 +27,14 @@ import io.ktor.server.request.*
import io.ktor.server.response.*
import io.ktor.server.routing.*
import net.taler.common.errorcodes.TalerErrorCode
+import org.slf4j.Logger
+import org.slf4j.LoggerFactory
+import tech.libeufin.util.extractReservePubFromSubject
import tech.libeufin.util.stripIbanPayto
import java.time.Instant
+private val logger: Logger = LoggerFactory.getLogger("tech.libeufin.nexus")
+
fun Routing.talerWireGatewayHandlers(db: Database, ctx: BankApplicationContext) {
get("/taler-wire-gateway/config") {
call.respond(TWGConfigResponse(currency = ctx.currency))
@@ -57,15 +62,23 @@ fun Routing.talerWireGatewayHandlers(db: Database, ctx: BankApplicationContext)
}
val resp = IncomingHistory(credit_account = bankAccount.internalPaytoUri)
history.forEach {
- resp.incoming_transactions.add(
- IncomingReserveTransaction(
- row_id = it.expectRowId(),
- amount = it.amount,
- date = TalerProtocolTimestamp(it.transactionDate),
- debit_account = it.debtorPaytoUri,
- reserve_pub = it.subject
+ val reservePub = extractReservePubFromSubject(it.subject)
+ if (reservePub == null) {
+ // This should usually not happen in the first place,
+ // because transactions to the exchange without a valid
+ // reserve pub should be bounced.
+ logger.warn("exchange account ${c.login} contains invalid incoming transaction ${it.expectRowId()}")
+ } else {
+ resp.incoming_transactions.add(
+ IncomingReserveTransaction(
+ row_id = it.expectRowId(),
+ amount = it.amount,
+ date = TalerProtocolTimestamp(it.transactionDate),
+ debit_account = it.debtorPaytoUri,
+ reserve_pub = it.subject
+ )
)
- )
+ }
}
call.respond(resp)
return@get
diff --git a/bank/src/test/kotlin/TalerApiTest.kt b/bank/src/test/kotlin/TalerApiTest.kt
@@ -129,7 +129,10 @@ class TalerApiTest {
assert(currencyMismatchResp.status == HttpStatusCode.BadRequest)
}
}
- // Testing the /history/incoming call from the TWG API.
+
+ /**
+ * Testing the /history/incoming call from the TWG API.
+ */
@Test
fun historyIncoming() {
val db = initDb()
@@ -144,8 +147,12 @@ class TalerApiTest {
TalerAmount(1000, 0, "KUDOS")
))
// Foo pays Bar (the exchange) twice.
- assert(db.bankTransactionCreate(genTx("withdrawal 1")) == Database.BankTransactionResult.SUCCESS)
- assert(db.bankTransactionCreate(genTx("withdrawal 2")) == Database.BankTransactionResult.SUCCESS)
+ val reservePubOne = "5ZFS98S1K4Y083W95GVZK638TSRE44RABVASB3AFA3R95VCW17V0"
+ val reservePubTwo = "TFBT5NEVT8D2GETZ4DRF7C69XZHKHJ15296HRGB1R5ARNK0SP8A0"
+ assert(db.bankTransactionCreate(genTx(reservePubOne)) == Database.BankTransactionResult.SUCCESS)
+ assert(db.bankTransactionCreate(genTx(reservePubTwo)) == Database.BankTransactionResult.SUCCESS)
+ // Should not show up in the taler wire gateway API history
+ assert(db.bankTransactionCreate(genTx("bogus foobar")) == Database.BankTransactionResult.SUCCESS)
// Bar pays Foo once, but that should not appear in the result.
assert(
db.bankTransactionCreate(genTx("payout", creditorId = 1, debtorId = 2)) ==
