[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[libeufin] branch master updated: Introducing file based TAN channel.
From: |
gnunet |
Subject: |
[libeufin] branch master updated: Introducing file based TAN channel. |
Date: |
Tue, 10 Jan 2023 21:51:49 +0100 |
This is an automated email from the git hooks/post-receive script.
ms pushed a commit to branch master
in repository libeufin.
The following commit(s) were added to refs/heads/master by this push:
new c15f9dfa Introducing file based TAN channel.
c15f9dfa is described below
commit c15f9dfa5a284dff23acf28d63d34d05a912afcd
Author: MS <ms@taler.net>
AuthorDate: Tue Jan 10 21:47:59 2023 +0100
Introducing file based TAN channel.
With this feature, Sandbox writes the TAN to a
file under /tmp where it can be read by the tester
without setting up any SMS or e-mail channel.
---
cli/bin/circuit_test.sh | 7 +++---
.../{circuit_test.sh => circuit_test_file_tan.sh} | 29 ++++++++++++++--------
cli/bin/libeufin-cli | 5 ++--
.../kotlin/tech/libeufin/sandbox/CircuitApi.kt | 27 ++++++++++++++++----
4 files changed, 47 insertions(+), 21 deletions(-)
diff --git a/cli/bin/circuit_test.sh b/cli/bin/circuit_test.sh
index b05f79f3..4d7bb5d0 100755
--- a/cli/bin/circuit_test.sh
+++ b/cli/bin/circuit_test.sh
@@ -21,6 +21,7 @@ echo -n Configure the default demobank...
libeufin-sandbox config default
echo DONE
echo -n Start the bank...
+export LIBEUFIN_SANDBOX_ADMIN_PASSWORD=circuit
libeufin-sandbox serve &> sandbox.log &
SANDBOX_PID=$!
trap "echo -n 'killing the bank (pid $SANDBOX_PID)...'; kill $SANDBOX_PID;
wait; echo DONE" EXIT
@@ -33,7 +34,7 @@ curl
http://localhost:5000/demobanks/default/circuit-api/config &> /dev/null
echo DONE
echo -n "Register new account..."
export LIBEUFIN_SANDBOX_USERNAME=admin
-export LIBEUFIN_SANDBOX_PASSWORD=secret
+export LIBEUFIN_SANDBOX_PASSWORD=circuit
export LIBEUFIN_NEW_CIRCUIT_ACCOUNT_PASSWORD=foo
./libeufin-cli \
sandbox --sandbox-url http://localhost:5000/ \
@@ -98,7 +99,7 @@ echo DONE
# balance to zero.
echo -n Bring the account to 0 balance...
export LIBEUFIN_SANDBOX_USERNAME=admin
-export LIBEUFIN_SANDBOX_PASSWORD=secret
+export LIBEUFIN_SANDBOX_PASSWORD=circuit
./libeufin-cli \
sandbox --sandbox-url http://localhost:5000/ \
demobank \
@@ -109,7 +110,7 @@ export LIBEUFIN_SANDBOX_PASSWORD=secret
echo DONE
echo -n Delete the account...
export LIBEUFIN_SANDBOX_USERNAME=admin
-export LIBEUFIN_SANDBOX_PASSWORD=secret
+export LIBEUFIN_SANDBOX_PASSWORD=circuit
./libeufin-cli \
sandbox --sandbox-url http://localhost:5000/ \
demobank \
diff --git a/cli/bin/circuit_test.sh b/cli/bin/circuit_test_file_tan.sh
similarity index 84%
copy from cli/bin/circuit_test.sh
copy to cli/bin/circuit_test_file_tan.sh
index b05f79f3..f98a436a 100755
--- a/cli/bin/circuit_test.sh
+++ b/cli/bin/circuit_test_file_tan.sh
@@ -11,8 +11,6 @@ curl --version &> /dev/null || (echo "'curl' command not
found"; exit 77)
DB_PATH=/tmp/circuit-test.sqlite3
export LIBEUFIN_SANDBOX_DB_CONNECTION=jdbc:sqlite:$DB_PATH
-# NOTE: unset this variable to test the SMS or e-mail TAN.
-export LIBEUFIN_CASHOUT_TEST_TAN=secret-tan
echo -n Delete previous data..
rm -f $DB_PATH
@@ -21,6 +19,7 @@ echo -n Configure the default demobank...
libeufin-sandbox config default
echo DONE
echo -n Start the bank...
+export LIBEUFIN_SANDBOX_ADMIN_PASSWORD=circuit
libeufin-sandbox serve &> sandbox.log &
SANDBOX_PID=$!
trap "echo -n 'killing the bank (pid $SANDBOX_PID)...'; kill $SANDBOX_PID;
wait; echo DONE" EXIT
@@ -33,7 +32,7 @@ curl
http://localhost:5000/demobanks/default/circuit-api/config &> /dev/null
echo DONE
echo -n "Register new account..."
export LIBEUFIN_SANDBOX_USERNAME=admin
-export LIBEUFIN_SANDBOX_PASSWORD=secret
+export LIBEUFIN_SANDBOX_PASSWORD=circuit
export LIBEUFIN_NEW_CIRCUIT_ACCOUNT_PASSWORD=foo
./libeufin-cli \
sandbox --sandbox-url http://localhost:5000/ \
@@ -54,9 +53,13 @@ echo -n Create a cash-out operation...
CASHOUT_RESP=$(./libeufin-cli \
sandbox --sandbox-url http://localhost:5000/ \
demobank \
- circuit-cashout --amount-debit=EUR:1 --amount-credit=CHF:0.95)
+ circuit-cashout \
+ --tan-channel=file \
+ --amount-debit=EUR:1 \
+ --amount-credit=CHF:0.95
+)
echo DONE
-echo -n Extract the cash-out UUID...
+echo -n "Extract the cash-out UUID..."
CASHOUT_UUID=$(echo ${CASHOUT_RESP} | jq --raw-output '.uuid')
echo DONE
echo -n Get cash-out details...
@@ -72,7 +75,7 @@ if ! test "$OPERATION_STATUS" = "PENDING"; then
exit 1
fi
echo DONE
-echo -n Delete the cash-out operation...
+echo -n Abort the cash-out operation...
RESP=$(./libeufin-cli \
sandbox --sandbox-url http://localhost:5000/ \
demobank \
@@ -84,21 +87,27 @@ echo -n Create another cash-out operation...
CASHOUT_RESP=$(./libeufin-cli \
sandbox --sandbox-url http://localhost:5000/ \
demobank \
- circuit-cashout --amount-debit=EUR:1 --amount-credit=CHF:0.95)
+ circuit-cashout \
+ --tan-channel=file \
+ --amount-debit=EUR:1 \
+ --amount-credit=CHF:0.95
+)
CASHOUT_UUID=$(echo ${CASHOUT_RESP} | jq --raw-output '.uuid')
echo DONE
+echo Reading the TAN from /tmp/libeufin-cashout-tan.txt
+INPUT_TAN=$(cat /tmp/libeufin-cashout-tan.txt)
echo -n Confirm the last cash-out operation...
./libeufin-cli \
sandbox --sandbox-url http://localhost:5000/ \
demobank \
- circuit-cashout-confirm --uuid $CASHOUT_UUID --tan secret-tan
+ circuit-cashout-confirm --uuid $CASHOUT_UUID --tan $INPUT_TAN
echo DONE
# The user now has -1 balance. Let the bank
# award EUR:1 to them, in order to bring their
# balance to zero.
echo -n Bring the account to 0 balance...
export LIBEUFIN_SANDBOX_USERNAME=admin
-export LIBEUFIN_SANDBOX_PASSWORD=secret
+export LIBEUFIN_SANDBOX_PASSWORD=circuit
./libeufin-cli \
sandbox --sandbox-url http://localhost:5000/ \
demobank \
@@ -109,7 +118,7 @@ export LIBEUFIN_SANDBOX_PASSWORD=secret
echo DONE
echo -n Delete the account...
export LIBEUFIN_SANDBOX_USERNAME=admin
-export LIBEUFIN_SANDBOX_PASSWORD=secret
+export LIBEUFIN_SANDBOX_PASSWORD=circuit
./libeufin-cli \
sandbox --sandbox-url http://localhost:5000/ \
demobank \
diff --git a/cli/bin/libeufin-cli b/cli/bin/libeufin-cli
index 600d4b4a..417c25ea 100755
--- a/cli/bin/libeufin-cli
+++ b/cli/bin/libeufin-cli
@@ -1863,8 +1863,8 @@ def password_reconfig(obj, username):
)
@click.option(
"--tan-channel",
- help="Indicates how to send the TAN to the user: only 'sms' or 'email' are
valid values. If missing, the bank defaults to SMS",
- required=False
+ help="Indicates how to send the TAN to the user: 'sms', 'email' and 'file'
are valid values. If missing, the bank defaults to SMS. 'file' makes the
server write the TAN to /tmp/libeufin-cashout-tan.txt, normally used for
testing.",
+ required=False,
)
@click.pass_obj
def circuit_cashout(obj, subject, amount_debit, amount_credit, tan_channel):
@@ -1878,7 +1878,6 @@ def circuit_cashout(obj, subject, amount_debit,
amount_credit, tan_channel):
req.update(subject=subject)
if tan_channel:
req.update(tan_channel=tan_channel)
-
cashout_creation_endpoint = obj.circuit_api_url("cashouts")
try:
resp = post(
diff --git a/sandbox/src/main/kotlin/tech/libeufin/sandbox/CircuitApi.kt
b/sandbox/src/main/kotlin/tech/libeufin/sandbox/CircuitApi.kt
index 7ac65039..d10f16dd 100644
--- a/sandbox/src/main/kotlin/tech/libeufin/sandbox/CircuitApi.kt
+++ b/sandbox/src/main/kotlin/tech/libeufin/sandbox/CircuitApi.kt
@@ -8,6 +8,7 @@ import io.ktor.server.routing.*
import org.jetbrains.exposed.sql.transactions.transaction
import tech.libeufin.sandbox.CashoutOperationsTable.uuid
import tech.libeufin.util.*
+import java.io.File
import java.math.BigDecimal
import java.math.MathContext
import java.util.*
@@ -118,9 +119,17 @@ fun generateCashoutSubject(
* NOTE: future versions take the supported TAN method from
* the configuration, or options passed when starting the bank.
*/
-enum class SupportedTanChannels { SMS, EMAIL }
-fun isTanChannelSupported(tanMethod: String): Boolean {
- return listOf(SupportedTanChannels.SMS.name,
SupportedTanChannels.EMAIL.name).contains(tanMethod.uppercase())
+const val LIBEUFIN_TAN_TMP_FILE = "/tmp/libeufin-cashout-tan.txt"
+enum class SupportedTanChannels {
+ SMS,
+ EMAIL,
+ FILE // Test channel writing the TAN to the LIBEUFIN_TAN_TMP_FILE location.
+}
+fun isTanChannelSupported(tanChannel: String): Boolean {
+ enumValues<SupportedTanChannels>().forEach {
+ if (tanChannel.uppercase() == it.name) return true
+ }
+ return false
}
fun circuitApi(circuitRoute: Route) {
@@ -243,12 +252,12 @@ fun circuitApi(circuitRoute: Route) {
throw badRequest("The '${req::amount_debit.name}' field has the
wrong currency")
if (amountCredit.currency == demobank.currency)
throw badRequest("The '${req::amount_credit.name}' field didn't
change the currency.")
- // check if TAN is supported.
+ // check if TAN is supported. Default to SMS, if that's missing.
val tanChannel = req.tan_channel?.uppercase() ?:
SupportedTanChannels.SMS.name
if (!isTanChannelSupported(tanChannel))
throw SandboxError(
HttpStatusCode.ServiceUnavailable,
- "TAN method $tanChannel not supported."
+ "TAN channel '$tanChannel' not supported."
)
// check if the user contact data would allow the TAN channel.
val customer = getCustomer(username = user)
@@ -299,6 +308,14 @@ fun circuitApi(circuitRoute: Route) {
SupportedTanChannels.SMS.name -> {
// TBD
}
+ SupportedTanChannels.FILE.name -> {
+ try {
+ File(LIBEUFIN_TAN_TMP_FILE).writeText(op.tan)
+ } catch (e: Exception) {
+ logger.error(e.message)
+ throw internalServerError("File TAN failed: could not
write to $LIBEUFIN_TAN_TMP_FILE")
+ }
+ }
else ->
throw internalServerError("The bank didn't catch a unsupported
TAN channel: $tanChannel.")
}
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [libeufin] branch master updated: Introducing file based TAN channel.,
gnunet <=