commit 43b0280cfc84db76e60cf632a20bc9dbf8c9951f
parent 7fa0b56e10d08ae12b0f41b7d70adb48d8cc700d
Author: Sebastian <sebasjm@taler-systems.com>
Date: Thu, 28 May 2026 08:12:38 -0300
mark field with __ as private
easier to exclude when stringifing
Diffstat:
4 files changed, 53 insertions(+), 33 deletions(-)
diff --git a/packages/taler-util/src/http-client/exchange-client.ts b/packages/taler-util/src/http-client/exchange-client.ts
@@ -936,7 +936,7 @@ export class TalerExchangeHttpClient {
method: "GET",
headers: {
"Taler-AML-Officer-Signature": encodeCrock(
- signAmlQuery(auth.signingKey),
+ signAmlQuery(auth.__signingKey),
),
},
});
@@ -981,7 +981,7 @@ export class TalerExchangeHttpClient {
method: "GET",
headers: {
"Taler-AML-Officer-Signature": encodeCrock(
- signAmlQuery(auth.signingKey),
+ signAmlQuery(auth.__signingKey),
),
},
});
@@ -1035,7 +1035,7 @@ export class TalerExchangeHttpClient {
const resp = await this.fetch(url, {
headers: {
"Taler-AML-Officer-Signature": encodeCrock(
- signAmlQuery(auth.signingKey),
+ signAmlQuery(auth.__signingKey),
),
},
});
@@ -1093,7 +1093,7 @@ export class TalerExchangeHttpClient {
headers: {
Accept: mime,
"Taler-AML-Officer-Signature": encodeCrock(
- signAmlQuery(auth.signingKey),
+ signAmlQuery(auth.__signingKey),
),
},
});
@@ -1103,7 +1103,11 @@ export class TalerExchangeHttpClient {
return opFixedSuccess(resp, await resp.bytes());
}
case HttpStatusCode.NoContent:
+ return opKnownHttpFailure(resp.status, resp, {
+ code: TalerErrorCode.NONE,
+ });
case HttpStatusCode.Forbidden:
+ case HttpStatusCode.NotAcceptable:
case HttpStatusCode.NotFound:
case HttpStatusCode.Conflict:
return opKnownHttpFailure(resp.status, resp);
@@ -1150,7 +1154,7 @@ export class TalerExchangeHttpClient {
const resp = await this.fetch(url, {
headers: {
"Taler-AML-Officer-Signature": encodeCrock(
- signAmlQuery(auth.signingKey),
+ signAmlQuery(auth.__signingKey),
),
},
});
@@ -1192,7 +1196,7 @@ export class TalerExchangeHttpClient {
const resp = await this.httpLib.fetch(url.href, {
headers: {
"Taler-AML-Officer-Signature": encodeCrock(
- signAmlQuery(officer.signingKey),
+ signAmlQuery(officer.__signingKey),
),
},
});
@@ -1231,7 +1235,7 @@ export class TalerExchangeHttpClient {
const resp = await this.fetch(url, {
headers: {
"Taler-AML-Officer-Signature": encodeCrock(
- signAmlQuery(auth.signingKey),
+ signAmlQuery(auth.__signingKey),
),
},
});
@@ -1275,7 +1279,7 @@ export class TalerExchangeHttpClient {
headers: {
Accept: "application/pdf",
"Taler-AML-Officer-Signature": encodeCrock(
- signAmlQuery(auth.signingKey),
+ signAmlQuery(auth.__signingKey),
),
},
});
@@ -1305,7 +1309,7 @@ export class TalerExchangeHttpClient {
) {
const body: AmlDecisionRequest = {
officer_sig: encodeCrock(
- signAmlDecision(auth.signingKey, decision),
+ signAmlDecision(auth.__signingKey, decision),
) as any,
...decision,
};
@@ -1313,7 +1317,7 @@ export class TalerExchangeHttpClient {
method: "POST",
headers: {
"Taler-AML-Officer-Signature": encodeCrock(
- signAmlQuery(auth.signingKey),
+ signAmlQuery(auth.__signingKey),
),
},
body,
@@ -1368,7 +1372,7 @@ export class TalerExchangeHttpClient {
const resp = await this.fetch(url, {
headers: {
"Taler-AML-Officer-Signature": encodeCrock(
- signAmlQuery(auth.signingKey),
+ signAmlQuery(auth.__signingKey),
),
},
});
@@ -1419,7 +1423,7 @@ export class TalerExchangeHttpClient {
const resp = await this.fetch(url, {
headers: {
"Taler-AML-Officer-Signature": encodeCrock(
- signAmlQuery(auth.signingKey),
+ signAmlQuery(auth.__signingKey),
),
},
});
@@ -1470,7 +1474,7 @@ export class TalerExchangeHttpClient {
const resp = await this.fetch(url, {
headers: {
"Taler-AML-Officer-Signature": encodeCrock(
- signAmlQuery(auth.signingKey),
+ signAmlQuery(auth.__signingKey),
),
},
});
diff --git a/packages/taler-util/src/http-client/officer-account.ts b/packages/taler-util/src/http-client/officer-account.ts
@@ -42,25 +42,30 @@ import {
*/
export async function unlockOfficerAccount(
account: LockedAccount,
- password: string,
+ password: Password,
): Promise<OfficerSession> {
const rawKey = decodeCrock(account);
- const rawPassword = stringToBytes(password);
+ const rawPassword = stringToBytes(password.__value);
- const signingKey = (await decryptWithDerivedKey(
+ const __signingKey = (await decryptWithDerivedKey(
rawKey,
rawPassword,
- password,
+ password.__value,
).catch((e) => {
throw new UnwrapKeyError(e instanceof Error ? e.message : String(e));
})) as EddsaPrivP;
- const publicKey = eddsaGetPublic(signingKey);
+ const publicKey = eddsaGetPublic(__signingKey);
const accountId = encodeCrock(publicKey) as OfficerId;
- return { id: accountId, signingKey };
+ return { id: accountId, __signingKey };
}
+declare const __password: unique symbol;
+export function asPassword(pwd: string): Password {
+ return { __value: pwd } as Password;
+}
+export type Password = { __value: string; [__password]: true };
/**
* Create new account (secured private key)
@@ -71,12 +76,12 @@ export async function unlockOfficerAccount(
* @returns
*/
export async function createNewOfficerAccount(
- password: string,
+ password: Password,
extraNonce: EncryptionNonceP,
): Promise<OfficerSession & { safe: LockedAccount }> {
const { eddsaPriv, eddsaPub } = createEddsaKeyPair();
- const key = stringToBytes(password);
+ const key = stringToBytes(password.__value);
const localRnd = getRandomBytes(24);
const mergedRnd: EncryptionNonceP = extraNonce
@@ -87,14 +92,14 @@ export async function createNewOfficerAccount(
mergedRnd,
key,
eddsaPriv,
- password,
+ password.__value,
);
- const signingKey = eddsaPriv as EddsaPrivP;
+ const __signingKey = eddsaPriv as EddsaPrivP;
const accountId = encodeCrock(eddsaPub) as OfficerId;
const safe = encodeCrock(protectedPrivKey) as LockedAccount;
- return { id: accountId, signingKey, safe };
+ return { id: accountId, __signingKey, safe };
}
/**
@@ -107,7 +112,7 @@ export async function createNewOfficerAccount(
*/
export async function createNewWalletKycAccount(
extraNonce: EncryptionNonceP,
- password?: string,
+ password?: Password,
): Promise<ReserveAccount & { safe?: LockedAccount }> {
const { eddsaPriv, eddsaPub } = createEddsaKeyPair();
@@ -119,19 +124,19 @@ export async function createNewWalletKycAccount(
const protectedPrivKey = password
? await encryptWithDerivedKey(
mergedRnd,
- stringToBytes(password),
+ stringToBytes(password.__value),
eddsaPriv,
- password,
+ password.__value,
)
: undefined;
- const signingKey = eddsaPriv as EddsaPrivP;
+ const __signingKey = eddsaPriv as EddsaPrivP;
const accountId = encodeCrock(eddsaPub);
const safe = protectedPrivKey
? (encodeCrock(protectedPrivKey) as LockedAccount)
: undefined;
- return { id: accountId, signingKey, safe };
+ return { id: accountId, __signingKey, safe };
}
export class UnwrapKeyError extends Error {
diff --git a/packages/taler-util/src/operation.ts b/packages/taler-util/src/operation.ts
@@ -78,6 +78,8 @@ export interface OperationFail<T> {
case: T;
detail?: TalerErrorDetail;
+
+ extra?: {},
}
/**
@@ -196,7 +198,7 @@ export async function opKnownAlternativeHttpFailure<
/**
* Constructor of a failure response of the API that is already documented in the spec.
* The `case` parameter is a reason of the error.
- *
+ * If detail is not defined it will try to parse the json response
* @param case
* @param resp
* @returns
@@ -209,7 +211,16 @@ export async function opKnownHttpFailure<T extends HttpStatusCode>(
if (!detail) {
detail = await readTalerErrorResponse(resp);
}
- return { type: "fail", response: resp, case: _case, detail };
+ return {
+ type: "fail",
+ case: _case,
+ response: resp,
+ detail,
+ extra: {
+ requestUrl: resp.requestUrl,
+ requestMethod: resp.requestMethod,
+ }
+ };
}
/**
diff --git a/packages/taler-util/src/types-taler-common.ts b/packages/taler-util/src/types-taler-common.ts
@@ -521,12 +521,12 @@ declare const opaque_OfficerSigningKey: unique symbol;
export interface OfficerSession {
id: OfficerId;
- signingKey: EddsaPrivP;
+ __signingKey: EddsaPrivP;
}
export interface ReserveAccount {
id: EddsaPublicKeyString;
- signingKey: EddsaPrivP;
+ __signingKey: EddsaPrivP;
}
export type PaginationParams = {
