commit 0fd191a47b28f8dac4d5996fd1ecf9db53546d3e
parent 098812ecf1d88b882c8fc6dafb64a246cd6b7c7e
Author: Florian Dold <florian@dold.me>
Date: Mon, 26 Aug 2024 13:30:17 +0200
investigate Mallory
Diffstat:
2 files changed, 180 insertions(+), 1 deletion(-)
diff --git a/data/sandcastle-amp-form b/data/sandcastle-amp-form
@@ -0,0 +1,179 @@
+#!/bin/bash
+#
+# This file is part of TALER
+# Copyright (C) 2014-2024 Taler Systems SA
+#
+# TALER is free software; you can redistribute it and/or modify it under the
+# terms of the GNU General Public License as published by the Free Software
+# Foundation; either version 3, or (at your option) any later version.
+#
+# TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+# A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along with
+# TALER; see the file COPYING. If not, If not, see <http://www.gnu.org/license>
+#
+
+# Hard error reporting on.
+set -eu
+
+
+# Exit, with error message (hard failure)
+function exit_fail() {
+ echo " FAIL: " "$@" >&2
+ EXIT_STATUS=1
+ exit "$EXIT_STATUS"
+}
+
+CONF="$HOME/.config/taler.conf"
+VERBOSE=0
+
+while getopts 'ac:hrvV' OPTION;
+do
+ case "$OPTION" in
+ a)
+ # This AML program expects as inputs a full_name
+ # and a birthdate.
+ echo "full_name"
+ echo "birthdate"
+ exit 0
+ ;;
+ c)
+ # shellcheck disable=SC2034
+ CONF="$OPTARG"
+ ;;
+ h)
+ echo "This is a KYC measure program that checks the output of a simple FORM submission, and if it passed, increases all limits to EUR:1000. (and does not impose any other limits)"
+ echo 'Supported options:'
+ echo ' -a -- show required attributes'
+ # shellcheck disable=SC2016
+ echo ' -c $CONF -- set configuration'
+ echo ' -h -- print this help'
+ echo ' -r -- show required context'
+ echo ' -v -- show version'
+ echo ' -V -- be verbose'
+ ;;
+ r)
+ # No context is required.
+ exit 0
+ ;;
+ v)
+ echo "$0 v0.0.0"
+ exit 0
+ ;;
+ V)
+ VERBOSE=1
+ ;;
+ ?)
+ exit_fail "Unrecognized command line option"
+ ;;
+ esac
+done
+
+if [ 1 = "$VERBOSE" ]
+then
+ echo "Running $0" 1>&2
+fi
+
+# First, check everything we expect is in stdin.
+A=$(jq -r .attributes)
+J=$(echo "$A" | jq -r 'def get($k):
+ if has($k)
+ then .[$k]
+ else error("attribute missing")
+ end;
+ {"full_name":get("full_name"),
+ "birthdate":get("birthdate")}')
+
+
+# Raise investigation if Name contains mallory
+# (Very very crude check for demo purposes)
+TO_INVESTIGATE=false
+if [[ $J == *"Mallory"* ]]; then
+ TO_INVESTIGATE=true
+fi
+
+# See https://docs.taler.net/taler-exchange-manual.html#tsref-type-AmlProgramInput
+# for the full JSON with possible inputs.
+
+# New rules apply for 30 days.
+EXPIRATION=$((3600 * 30 + $(date +%s)))
+
+# Read currency from the config
+CURRENCY=$(taler-config -c $CONF -s taler -o currency)
+
+# Finally, output the new rules.
+# See https://docs.taler.net/taler-exchange-manual.html#tsref-type-AmlOutcome
+# for the required output format.
+
+# NOTE: new_check is not yet supported! #9124
+jq -n \
+ --argjson expiration "$EXPIRATION" \
+ --argjson to_investigate "$TO_INVESTIGATE" \
+ --arg currency "$CURRENCY" \
+ '{ "to_investigate": $to_investigate,
+ "new_rules" : {
+ "new_check" : "info-oauth-test-passed",
+ "custom_measures" : {},
+ "expiration_time" : { "t_s": $expiration },
+ "rules" : [
+ {
+ "operation_type": "WITHDRAW",
+ "threshold" : "\($currency):1000",
+ "timeframe" : { "d_us" : 3600000000 },
+ "measures" : [ "verboten" ],
+ "display_priority" : 1,
+ "exposed" : true,
+ "is_and_combinator" : true
+ },
+ {
+ "operation_type": "DEPOSIT",
+ "threshold" : "\($currency):1000",
+ "timeframe" : { "d_us" : 3600000000 },
+ "measures" : [ "verboten" ],
+ "display_priority" : 1,
+ "exposed" : true,
+ "is_and_combinator" : true
+ },
+ {
+ "operation_type": "AGGREGATE",
+ "threshold" : "\($currency):1000",
+ "timeframe" : { "d_us" : 3600000000 },
+ "measures" : [ "verboten" ],
+ "display_priority" : 1,
+ "exposed" : true,
+ "is_and_combinator" : true
+ },
+ {
+ "operation_type": "MERGE",
+ "threshold" : "\($currency):1000",
+ "timeframe" : { "d_us" : 3600000000 },
+ "measures" : [ "verboten" ],
+ "display_priority" : 1,
+ "exposed" : true,
+ "is_and_combinator" : true
+ },
+ {
+ "operation_type": "BALANCE",
+ "threshold" : "\($currency):1000",
+ "timeframe" : { "d_us" : 3600000000 },
+ "measures" : [ "verboten" ],
+ "display_priority" : 1,
+ "exposed" : true,
+ "is_and_combinator" : true
+ },
+ {
+ "operation_type": "CLOSE",
+ "threshold" : "\($currency):1000",
+ "timeframe" : { "d_us" : 3600000000 },
+ "measures" : [ "verboten" ],
+ "display_priority" : 1,
+ "exposed" : true,
+ "is_and_combinator" : true
+ }
+ ]
+ }
+ }' < /dev/null
+
+exit 0
diff --git a/scripts/demo/setup-sandcastle.sh b/scripts/demo/setup-sandcastle.sh
@@ -405,7 +405,7 @@ CONTEXT = {}
PROGRAM = p1
[aml-program-p1]
-COMMAND = taler-exchange-helper-measure-test-form
+COMMAND = /data/sandcastle-amp-form
ENABLED = true
DESCRIPTION = test p1
FALLBACK = m1
