Line data Source code
1 : /*
2 : This file is part of TALER
3 : Copyright (C) 2023, 2024 Taler Systems SA
4 :
5 : TALER is free software; you can redistribute it and/or modify it under the
6 : terms of the GNU General Public License as published by the Free Software
7 : Foundation; either version 3, or (at your option) any later version.
8 :
9 : TALER is distributed in the hope that it will be useful, but WITHOUT ANY
10 : WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
11 : A PARTICULAR PURPOSE. See the GNU General Public License for more details.
12 :
13 : You should have received a copy of the GNU General Public License along with
14 : TALER; see the file COPYING. If not, see
15 : <http://www.gnu.org/licenses/>
16 : */
17 : /**
18 : * @file lib/exchange_api_lookup_aml_decisions.c
19 : * @brief Implementation of the /aml/$OFFICER_PUB/decisions request
20 : * @author Christian Grothoff
21 : */
22 : #include "platform.h"
23 : #include <microhttpd.h> /* just for HTTP status codes */
24 : #include <gnunet/gnunet_util_lib.h>
25 : #include <gnunet/gnunet_curl_lib.h>
26 : #include "taler_exchange_service.h"
27 : #include "taler_json_lib.h"
28 : #include "exchange_api_handle.h"
29 : #include "taler_signatures.h"
30 : #include "exchange_api_curl_defaults.h"
31 :
32 :
33 : /**
34 : * @brief A GET /aml/$OFFICER_PUB/decisions Handle
35 : */
36 : struct TALER_EXCHANGE_LookupAmlDecisions
37 : {
38 :
39 : /**
40 : * The url for this request.
41 : */
42 : char *url;
43 :
44 : /**
45 : * Handle for the request.
46 : */
47 : struct GNUNET_CURL_Job *job;
48 :
49 : /**
50 : * Function to call with the result.
51 : */
52 : TALER_EXCHANGE_LookupAmlDecisionsCallback decisions_cb;
53 :
54 : /**
55 : * Closure for @e cb.
56 : */
57 : void *decisions_cb_cls;
58 :
59 : /**
60 : * HTTP headers for the job.
61 : */
62 : struct curl_slist *job_headers;
63 :
64 : /**
65 : * Array with measure information.
66 : */
67 : struct TALER_EXCHANGE_MeasureInformation *mip;
68 :
69 : /**
70 : * Array with rule information.
71 : */
72 : struct TALER_EXCHANGE_KycRule *rp;
73 :
74 : /**
75 : * Array with all the measures (of all the rules!).
76 : */
77 : const char **mp;
78 : };
79 :
80 :
81 : /**
82 : * Parse AML limits array.
83 : *
84 : * @param[in,out] lh handle to use for allocations
85 : * @param jlimits JSON array with AML rules
86 : * @param[out] ds where to write the result
87 : * @return #GNUNET_OK on success
88 : */
89 : static enum GNUNET_GenericReturnValue
90 2 : parse_limits (struct TALER_EXCHANGE_LookupAmlDecisions *lh,
91 : const json_t *jlimits,
92 : struct TALER_EXCHANGE_AmlDecision *ds)
93 : {
94 2 : struct TALER_EXCHANGE_LegitimizationRuleSet *limits
95 : = &ds->limits;
96 : const json_t *jrules;
97 : const json_t *jmeasures;
98 : size_t mip_len;
99 : size_t rule_len;
100 : size_t total;
101 : struct GNUNET_JSON_Specification spec[] = {
102 2 : GNUNET_JSON_spec_timestamp ("expiration_time",
103 : &limits->expiration_time),
104 2 : GNUNET_JSON_spec_mark_optional (
105 : GNUNET_JSON_spec_string ("successor_measure",
106 : &limits->successor_measure),
107 : NULL),
108 2 : GNUNET_JSON_spec_array_const ("rules",
109 : &jrules),
110 2 : GNUNET_JSON_spec_object_const ("custom_measures",
111 : &jmeasures),
112 2 : GNUNET_JSON_spec_end ()
113 : };
114 :
115 2 : if (GNUNET_OK !=
116 2 : GNUNET_JSON_parse (jlimits,
117 : spec,
118 : NULL,
119 : NULL))
120 : {
121 0 : GNUNET_break_op (0);
122 0 : return GNUNET_SYSERR;
123 : }
124 :
125 2 : mip_len = json_object_size (jmeasures);
126 2 : lh->mip = GNUNET_new_array (mip_len,
127 : struct TALER_EXCHANGE_MeasureInformation);
128 2 : limits->measures = lh->mip;
129 2 : limits->measures_length = mip_len;
130 :
131 : {
132 : const char *measure_name;
133 : const json_t *jmeasure;
134 :
135 2 : json_object_foreach ((json_t*) jmeasures,
136 : measure_name,
137 : jmeasure)
138 : {
139 0 : struct TALER_EXCHANGE_MeasureInformation *mi
140 0 : = &lh->mip[--mip_len];
141 : struct GNUNET_JSON_Specification ispec[] = {
142 0 : GNUNET_JSON_spec_string ("check_name",
143 : &mi->check_name),
144 0 : GNUNET_JSON_spec_string ("prog_name",
145 : &mi->prog_name),
146 0 : GNUNET_JSON_spec_mark_optional (
147 : GNUNET_JSON_spec_object_const ("context",
148 : &mi->context),
149 : NULL),
150 0 : GNUNET_JSON_spec_end ()
151 : };
152 :
153 0 : if (GNUNET_OK !=
154 0 : GNUNET_JSON_parse (jmeasure,
155 : ispec,
156 : NULL,
157 : NULL))
158 : {
159 0 : GNUNET_break_op (0);
160 0 : return GNUNET_SYSERR;
161 : }
162 0 : mi->measure_name = measure_name;
163 : }
164 : }
165 :
166 2 : total = 0;
167 :
168 : {
169 : const json_t *rule;
170 : size_t idx;
171 :
172 9 : json_array_foreach ((json_t *) jrules,
173 : idx,
174 : rule)
175 : {
176 7 : total += json_array_size (json_object_get (rule,
177 : "measures"));
178 : }
179 : }
180 :
181 2 : rule_len = json_array_size (jrules);
182 2 : lh->rp = GNUNET_new_array (rule_len,
183 : struct TALER_EXCHANGE_KycRule);
184 2 : lh->mp = GNUNET_new_array (total,
185 : const char *);
186 :
187 : {
188 : const json_t *rule;
189 : size_t idx;
190 :
191 9 : json_array_foreach ((json_t *) jrules,
192 : idx,
193 : rule)
194 : {
195 : const json_t *smeasures;
196 7 : struct TALER_EXCHANGE_KycRule *r
197 7 : = &lh->rp[--rule_len];
198 : struct GNUNET_JSON_Specification ispec[] = {
199 7 : TALER_JSON_spec_kycte ("operation_type",
200 : &r->operation_type),
201 7 : TALER_JSON_spec_amount_any ("threshold",
202 : &r->threshold),
203 7 : GNUNET_JSON_spec_relative_time ("timeframe",
204 : &r->timeframe),
205 7 : GNUNET_JSON_spec_array_const ("measures",
206 : &smeasures),
207 7 : GNUNET_JSON_spec_mark_optional (
208 : GNUNET_JSON_spec_bool ("exposed",
209 : &r->exposed),
210 : NULL),
211 7 : GNUNET_JSON_spec_mark_optional (
212 : GNUNET_JSON_spec_bool ("is_and_combinator",
213 : &r->is_and_combinator),
214 : NULL),
215 7 : GNUNET_JSON_spec_uint32 ("display_priority",
216 : &r->display_priority),
217 7 : GNUNET_JSON_spec_end ()
218 : };
219 : size_t mlen;
220 :
221 7 : if (GNUNET_OK !=
222 7 : GNUNET_JSON_parse (rule,
223 : ispec,
224 : NULL,
225 : NULL))
226 : {
227 0 : GNUNET_break_op (0);
228 0 : return GNUNET_SYSERR;
229 : }
230 :
231 7 : mlen = json_array_size (smeasures);
232 7 : GNUNET_assert (mlen <= total);
233 7 : total -= mlen;
234 :
235 : {
236 : size_t midx;
237 : const json_t *smeasure;
238 :
239 13 : json_array_foreach (smeasures,
240 : midx,
241 : smeasure)
242 : {
243 6 : const char *sval = json_string_value (smeasure);
244 :
245 6 : if (NULL == sval)
246 : {
247 0 : GNUNET_break_op (0);
248 0 : return GNUNET_SYSERR;
249 : }
250 6 : lh->mp[total + midx] = sval;
251 6 : if (0 == strcasecmp (sval,
252 : "verboten"))
253 6 : r->verboten = true;
254 : }
255 : }
256 7 : r->measures = &lh->mp[total];
257 7 : r->measures_length = r->verboten ? 0 : total;
258 : }
259 : }
260 2 : return GNUNET_OK;
261 : }
262 :
263 :
264 : /**
265 : * Parse AML decision summary array.
266 : *
267 : * @param[in,out] lh handle to use for allocations
268 : * @param decisions JSON array with AML decision summaries
269 : * @param[out] decision_ar where to write the result
270 : * @return #GNUNET_OK on success
271 : */
272 : static enum GNUNET_GenericReturnValue
273 2 : parse_aml_decisions (
274 : struct TALER_EXCHANGE_LookupAmlDecisions *lh,
275 : const json_t *decisions,
276 : struct TALER_EXCHANGE_AmlDecision *decision_ar)
277 : {
278 : json_t *obj;
279 : size_t idx;
280 :
281 4 : json_array_foreach (decisions, idx, obj)
282 : {
283 2 : struct TALER_EXCHANGE_AmlDecision *decision = &decision_ar[idx];
284 : const json_t *jlimits;
285 : struct GNUNET_JSON_Specification spec[] = {
286 2 : GNUNET_JSON_spec_fixed_auto ("h_payto",
287 : &decision->h_payto),
288 2 : GNUNET_JSON_spec_uint64 ("rowid",
289 : &decision->rowid),
290 2 : GNUNET_JSON_spec_mark_optional (
291 : GNUNET_JSON_spec_string ("justification",
292 : &decision->justification),
293 : NULL),
294 2 : GNUNET_JSON_spec_timestamp ("decision_time",
295 : &decision->decision_time),
296 2 : GNUNET_JSON_spec_mark_optional (
297 : GNUNET_JSON_spec_object_const ("properties",
298 : &decision->jproperties),
299 : NULL),
300 2 : GNUNET_JSON_spec_object_const ("limits",
301 : &jlimits),
302 2 : GNUNET_JSON_spec_bool ("to_investigate",
303 : &decision->to_investigate),
304 2 : GNUNET_JSON_spec_bool ("is_active",
305 : &decision->is_active),
306 2 : GNUNET_JSON_spec_end ()
307 : };
308 :
309 2 : if (GNUNET_OK !=
310 2 : GNUNET_JSON_parse (obj,
311 : spec,
312 : NULL,
313 : NULL))
314 : {
315 0 : GNUNET_break_op (0);
316 0 : return GNUNET_SYSERR;
317 : }
318 2 : if (GNUNET_OK !=
319 2 : parse_limits (lh,
320 : jlimits,
321 : decision))
322 : {
323 0 : GNUNET_break_op (0);
324 0 : return GNUNET_SYSERR;
325 : }
326 : }
327 2 : return GNUNET_OK;
328 : }
329 :
330 :
331 : /**
332 : * Parse the provided decision data from the "200 OK" response.
333 : *
334 : * @param[in,out] lh handle (callback may be zero'ed out)
335 : * @param json json reply with the data for one coin
336 : * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
337 : */
338 : static enum GNUNET_GenericReturnValue
339 2 : parse_decisions_ok (struct TALER_EXCHANGE_LookupAmlDecisions *lh,
340 : const json_t *json)
341 : {
342 2 : struct TALER_EXCHANGE_AmlDecisionsResponse lr = {
343 : .hr.reply = json,
344 : .hr.http_status = MHD_HTTP_OK
345 : };
346 : const json_t *records;
347 : struct GNUNET_JSON_Specification spec[] = {
348 2 : GNUNET_JSON_spec_array_const ("records",
349 : &records),
350 2 : GNUNET_JSON_spec_end ()
351 : };
352 :
353 2 : if (GNUNET_OK !=
354 2 : GNUNET_JSON_parse (json,
355 : spec,
356 : NULL,
357 : NULL))
358 : {
359 0 : GNUNET_break_op (0);
360 0 : return GNUNET_SYSERR;
361 : }
362 : lr.details.ok.decisions_length
363 2 : = json_array_size (records);
364 2 : {
365 2 : struct TALER_EXCHANGE_AmlDecision decisions[
366 2 : GNUNET_NZL (lr.details.ok.decisions_length)];
367 2 : enum GNUNET_GenericReturnValue ret = GNUNET_SYSERR;
368 :
369 2 : memset (decisions,
370 : 0,
371 : sizeof (decisions));
372 2 : lr.details.ok.decisions = decisions;
373 2 : ret = parse_aml_decisions (lh,
374 : records,
375 : decisions);
376 2 : if (GNUNET_OK == ret)
377 : {
378 2 : lh->decisions_cb (lh->decisions_cb_cls,
379 : &lr);
380 2 : lh->decisions_cb = NULL;
381 : }
382 2 : GNUNET_free (lh->mip);
383 2 : GNUNET_free (lh->rp);
384 2 : GNUNET_free (lh->mp);
385 2 : return ret;
386 : }
387 : }
388 :
389 :
390 : /**
391 : * Function called when we're done processing the
392 : * HTTP /aml/$OFFICER_PUB/decisions request.
393 : *
394 : * @param cls the `struct TALER_EXCHANGE_LookupAmlDecisions`
395 : * @param response_code HTTP response code, 0 on error
396 : * @param response parsed JSON result, NULL on error
397 : */
398 : static void
399 4 : handle_lookup_finished (void *cls,
400 : long response_code,
401 : const void *response)
402 : {
403 4 : struct TALER_EXCHANGE_LookupAmlDecisions *lh = cls;
404 4 : const json_t *j = response;
405 4 : struct TALER_EXCHANGE_AmlDecisionsResponse lr = {
406 : .hr.reply = j,
407 4 : .hr.http_status = (unsigned int) response_code
408 : };
409 :
410 4 : lh->job = NULL;
411 4 : switch (response_code)
412 : {
413 0 : case 0:
414 0 : lr.hr.ec = TALER_EC_GENERIC_INVALID_RESPONSE;
415 0 : break;
416 2 : case MHD_HTTP_OK:
417 2 : if (GNUNET_OK !=
418 2 : parse_decisions_ok (lh,
419 : j))
420 : {
421 0 : GNUNET_break_op (0);
422 0 : lr.hr.http_status = 0;
423 0 : lr.hr.ec = TALER_EC_GENERIC_REPLY_MALFORMED;
424 0 : break;
425 : }
426 2 : GNUNET_assert (NULL == lh->decisions_cb);
427 2 : TALER_EXCHANGE_lookup_aml_decisions_cancel (lh);
428 2 : return;
429 1 : case MHD_HTTP_NO_CONTENT:
430 1 : break;
431 0 : case MHD_HTTP_BAD_REQUEST:
432 0 : json_dumpf (j,
433 : stderr,
434 : JSON_INDENT (2));
435 0 : lr.hr.ec = TALER_JSON_get_error_code (j);
436 0 : lr.hr.hint = TALER_JSON_get_error_hint (j);
437 : /* This should never happen, either us or the exchange is buggy
438 : (or API version conflict); just pass JSON reply to the application */
439 0 : break;
440 1 : case MHD_HTTP_FORBIDDEN:
441 1 : lr.hr.ec = TALER_JSON_get_error_code (j);
442 1 : lr.hr.hint = TALER_JSON_get_error_hint (j);
443 : /* Nothing really to verify, exchange says this coin was not melted; we
444 : should pass the JSON reply to the application */
445 1 : break;
446 0 : case MHD_HTTP_NOT_FOUND:
447 0 : lr.hr.ec = TALER_JSON_get_error_code (j);
448 0 : lr.hr.hint = TALER_JSON_get_error_hint (j);
449 : /* Nothing really to verify, exchange says this coin was not melted; we
450 : should pass the JSON reply to the application */
451 0 : break;
452 0 : case MHD_HTTP_INTERNAL_SERVER_ERROR:
453 0 : lr.hr.ec = TALER_JSON_get_error_code (j);
454 0 : lr.hr.hint = TALER_JSON_get_error_hint (j);
455 : /* Server had an internal issue; we should retry, but this API
456 : leaves this to the application */
457 0 : break;
458 0 : default:
459 : /* unexpected response code */
460 0 : GNUNET_break_op (0);
461 0 : lr.hr.ec = TALER_JSON_get_error_code (j);
462 0 : lr.hr.hint = TALER_JSON_get_error_hint (j);
463 0 : GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
464 : "Unexpected response code %u/%d for lookup AML decisions\n",
465 : (unsigned int) response_code,
466 : (int) lr.hr.ec);
467 0 : break;
468 : }
469 2 : if (NULL != lh->decisions_cb)
470 2 : lh->decisions_cb (lh->decisions_cb_cls,
471 : &lr);
472 2 : TALER_EXCHANGE_lookup_aml_decisions_cancel (lh);
473 : }
474 :
475 :
476 : struct TALER_EXCHANGE_LookupAmlDecisions *
477 4 : TALER_EXCHANGE_lookup_aml_decisions (
478 : struct GNUNET_CURL_Context *ctx,
479 : const char *exchange_url,
480 : const struct TALER_NormalizedPaytoHashP *h_payto,
481 : enum TALER_EXCHANGE_YesNoAll investigation_only,
482 : enum TALER_EXCHANGE_YesNoAll active_only,
483 : uint64_t offset,
484 : int64_t limit,
485 : const struct TALER_AmlOfficerPrivateKeyP *officer_priv,
486 : TALER_EXCHANGE_LookupAmlDecisionsCallback cb,
487 : void *cb_cls)
488 : {
489 : struct TALER_EXCHANGE_LookupAmlDecisions *lh;
490 : CURL *eh;
491 : struct TALER_AmlOfficerPublicKeyP officer_pub;
492 : struct TALER_AmlOfficerSignatureP officer_sig;
493 : char arg_str[sizeof (struct TALER_AmlOfficerPublicKeyP) * 2
494 : + 32];
495 :
496 4 : GNUNET_CRYPTO_eddsa_key_get_public (&officer_priv->eddsa_priv,
497 : &officer_pub.eddsa_pub);
498 4 : TALER_officer_aml_query_sign (officer_priv,
499 : &officer_sig);
500 : {
501 : char pub_str[sizeof (officer_pub) * 2];
502 : char *end;
503 :
504 4 : end = GNUNET_STRINGS_data_to_string (
505 : &officer_pub,
506 : sizeof (officer_pub),
507 : pub_str,
508 : sizeof (pub_str));
509 4 : *end = '\0';
510 4 : GNUNET_snprintf (arg_str,
511 : sizeof (arg_str),
512 : "aml/%s/decisions",
513 : pub_str);
514 : }
515 4 : lh = GNUNET_new (struct TALER_EXCHANGE_LookupAmlDecisions);
516 4 : lh->decisions_cb = cb;
517 4 : lh->decisions_cb_cls = cb_cls;
518 : {
519 : char limit_s[24];
520 : char offset_s[24];
521 : char payto_s[sizeof (*h_payto) * 2];
522 : char *end;
523 :
524 4 : if (NULL != h_payto)
525 : {
526 3 : end = GNUNET_STRINGS_data_to_string (
527 : h_payto,
528 : sizeof (*h_payto),
529 : payto_s,
530 : sizeof (payto_s));
531 3 : *end = '\0';
532 : }
533 4 : GNUNET_snprintf (limit_s,
534 : sizeof (limit_s),
535 : "%lld",
536 : (long long) limit);
537 4 : GNUNET_snprintf (offset_s,
538 : sizeof (offset_s),
539 : "%llu",
540 : (unsigned long long) offset);
541 8 : lh->url = TALER_url_join (
542 : exchange_url,
543 : arg_str,
544 : "limit",
545 : limit_s,
546 : "offset",
547 4 : ( ( (limit < 0) && (UINT64_MAX == offset) ) ||
548 0 : ( (limit > 0) && (0 == offset) ) )
549 : ? NULL
550 : : offset_s,
551 : "h_payto",
552 : NULL != h_payto
553 : ? payto_s
554 : : NULL,
555 : "active",
556 : TALER_EXCHANGE_YNA_ALL != active_only
557 0 : ? TALER_yna_to_string (active_only)
558 : : NULL,
559 : "investigation",
560 : TALER_EXCHANGE_YNA_ALL != investigation_only
561 0 : ? TALER_yna_to_string (investigation_only)
562 : : NULL,
563 : NULL);
564 : }
565 4 : if (NULL == lh->url)
566 : {
567 0 : GNUNET_free (lh);
568 0 : return NULL;
569 : }
570 4 : eh = TALER_EXCHANGE_curl_easy_get_ (lh->url);
571 4 : if (NULL == eh)
572 : {
573 0 : GNUNET_break (0);
574 0 : GNUNET_free (lh->url);
575 0 : GNUNET_free (lh);
576 0 : return NULL;
577 : }
578 : {
579 : char *hdr;
580 : char sig_str[sizeof (officer_sig) * 2];
581 : char *end;
582 :
583 4 : end = GNUNET_STRINGS_data_to_string (
584 : &officer_sig,
585 : sizeof (officer_sig),
586 : sig_str,
587 : sizeof (sig_str));
588 4 : *end = '\0';
589 :
590 4 : GNUNET_asprintf (&hdr,
591 : "%s: %s",
592 : TALER_AML_OFFICER_SIGNATURE_HEADER,
593 : sig_str);
594 4 : lh->job_headers = curl_slist_append (NULL,
595 : hdr);
596 4 : GNUNET_free (hdr);
597 4 : lh->job_headers = curl_slist_append (lh->job_headers,
598 : "Content-type: application/json");
599 8 : lh->job = GNUNET_CURL_job_add2 (ctx,
600 : eh,
601 4 : lh->job_headers,
602 : &handle_lookup_finished,
603 : lh);
604 : }
605 4 : return lh;
606 : }
607 :
608 :
609 : void
610 4 : TALER_EXCHANGE_lookup_aml_decisions_cancel (
611 : struct TALER_EXCHANGE_LookupAmlDecisions *lh)
612 : {
613 4 : if (NULL != lh->job)
614 : {
615 0 : GNUNET_CURL_job_cancel (lh->job);
616 0 : lh->job = NULL;
617 : }
618 4 : curl_slist_free_all (lh->job_headers);
619 4 : GNUNET_free (lh->url);
620 4 : GNUNET_free (lh);
621 4 : }
622 :
623 :
624 : /* end of exchange_api_lookup_aml_decisions.c */
|