[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-deployment] 01/02: taler-local, registering users via Access API
|
From: |
gnunet |
|
Subject: |
[taler-deployment] 01/02: taler-local, registering users via Access API |
|
Date: |
Tue, 23 Nov 2021 17:28:49 +0100 |
This is an automated email from the git hooks/post-receive script.
ms pushed a commit to branch master
in repository deployment.
commit 5ee703cb9c51378ae86cd4a54305486fe1099c3a
Author: ms <ms@taler.net>
AuthorDate: Mon Nov 22 20:19:02 2021 +0100
taler-local, registering users via Access API
---
bin/WIP/taler-local | 160 +++++++++++++++++++++++++++++++---------------------
1 file changed, 96 insertions(+), 64 deletions(-)
diff --git a/bin/WIP/taler-local b/bin/WIP/taler-local
index e26610b..1d52129 100755
--- a/bin/WIP/taler-local
+++ b/bin/WIP/taler-local
@@ -28,6 +28,7 @@ import subprocess
import time
import random
import logging
+import json
from os import listdir
from os.path import isdir, join
from pathlib import Path
@@ -523,6 +524,7 @@ class TalerReverseProxy(Flask):
)
except Exception as error:
self.logger.error(error)
+ self.logger.error(f"Failing request was: {request.get_data()}")
return "Could not connect to upstream", 500
self.logger.debug(f"Upstream responds: {resp.text}")
@@ -548,25 +550,21 @@ class TalerReverseProxy(Flask):
return self
-# Defining certain globals here because 'prepare',
-# 'launch' and 'withdraw' need them.
-LOG_DIR = TALER_ROOT_DIR / "logs"
-UNIX_SOCKETS_DIR = TALER_ROOT_DIR / "sockets"
+# Globals sharead accross multiple sub-commands:
+# needed to configure and launch the reverse proxy.
REV_PROXY_NETLOC = "localhost:8080"
REV_PROXY_PROTO = "http"
-NEXUS_DB_FILE = "/tmp/nexus.sqlite"
-SANDBOX_DB_FILE = "/tmp/sandbox.sqlite"
REV_PROXY_URL = f"{REV_PROXY_PROTO}://{REV_PROXY_NETLOC}"
-SANDBOX_ADMIN_USERNAME = "admin"
-SANDBOX_ADMIN_PASSWORD = "secret"
-EXCHANGE_BANK_ACCOUNT_SANDBOX = "exchange-account-sandbox"
+UNIX_SOCKETS_DIR = TALER_ROOT_DIR / "sockets"
+LOG_DIR = TALER_ROOT_DIR / "logs"
+# needed to create the customer's bank account and
+# to let them subsequently withdraw via the Access API.
CUSTOMER_BANK_ACCOUNT = "sandbox-account-customer"
+CUSTOMER_BANK_PASSWORD = "secret"
+# needed along preparation and later to withdraw via
+# the Access API.
CURRENCY = "EUR"
-# FIXME: see whether the hard-coded proxy can be replaced
-# by a Nginx instance, and the Command class can be replaced
-# by tasking SystemD to launch and stop the services along
-# the preparation.
@cli.command()
def prepare():
@@ -699,46 +697,68 @@ def prepare():
],
env
).run()
-
+
+ def get_sandbox_account_info(
+ sandbox_url,
+ bank_account_label,
+ password,
+ ):
+ customer_env = os.environ.copy()
+ customer_env["LIBEUFIN_SANDBOX_USERNAME"] = bank_account_label
+ customer_env["LIBEUFIN_SANDBOX_PASSWORD"] = password
+ demobank_url = urljoin_nodrop(sandbox_url, "/demobanks/default")
+ r = Command([
+ "libeufin-cli", "sandbox",
+ "--sandbox-url", demobank_url,
+ "demobank", "info",
+ "--bank-account", bank_account_label],
+ env = customer_env,
+ capture_stdout=True
+ ).run()
+ print("MEGA DEBUG " + r)
+ return json.loads(r)
+
def prepare_sandbox_account(
sandbox_url,
ebics_host_id,
ebics_partner_id,
ebics_user_id,
person_name,
+ # This value is BOTH a username
+ # and a bank account label.
bank_account_name,
bank_account_iban,
- env
+ password
):
+ demobank_url = urljoin_nodrop(sandbox_url, "/demobanks/default")
+ user_env = os.environ.copy()
+ user_env["LIBEUFIN_SANDBOX_USERNAME"] = bank_account_name
+ user_env["LIBEUFIN_SANDBOX_PASSWORD"] = password
Command(
[
"libeufin-cli", "sandbox",
- "--sandbox-url", sandbox_url,
- "ebicssubscriber", "create",
- "--host-id", ebics_host_id,
- "--partner-id", ebics_partner_id,
- "--user-id", ebics_user_id
+ "--sandbox-url", demobank_url,
+ "demobank", "register"
],
- env
+ env = user_env
).run()
- Command(
- [
- "libeufin-cli", "sandbox",
- "--sandbox-url", sandbox_url,
- "ebicsbankaccount", "create",
- "--iban", bank_account_iban,
- "--bic", "ABCDEFGH",
- "--person-name", person_name,
- "--account-name", bank_account_name,
- "--ebics-user-id", ebics_user_id,
- "--ebics-host-id", ebics_host_id,
- "--ebics-partner-id", ebics_partner_id,
+ admin_env = os.environ.copy()
+ admin_env["LIBEUFIN_SANDBOX_USERNAME"] = SANDBOX_ADMIN_USERNAME
+ admin_env["LIBEUFIN_SANDBOX_PASSWORD"] = SANDBOX_ADMIN_PASSWORD
+ Command([
+ "libeufin-cli", "sandbox",
+ "--sandbox-url", demobank_url,
+ "demobank", "new-ebicssubscriber",
+ "--host-id", ebics_host_id,
+ "--partner-id", ebics_partner_id,
+ "--user-id", ebics_user_id,
+ "--bank-account", bank_account_name
],
- env
+ env = admin_env
).run()
- WIRE_METHOD = "iban"
+ WIRE_METHOD = "iban"
# euFin URLs
SANDBOX_URL = REV_PROXY_URL + "/sandbox"
NEXUS_URL = REV_PROXY_URL + "/nexus"
@@ -771,6 +791,9 @@ def prepare():
EXCHANGE_NEXUS_PASSWORD = "exchange-nexus-password"
FRONTENDS_API_TOKEN = "secret-token:secret"
TALER_MERCHANT_TOKEN = "secret-token:secret"
+ ALL_INSTANCES_BANK_PASSWORD = "secret"
+ EXCHANGE_BANK_ACCOUNT_SANDBOX = "exchange-account-sandbox"
+ EXCHANGE_BANK_ACCOUNT_PASSWORD = "secret"
# EBICS
EBICS_HOST_ID = "ebicsDeployedHost"
@@ -781,7 +804,11 @@ def prepare():
# euFin
EXCHANGE_BANK_ACCOUNT_NEXUS = "exchange-imported-account-nexus"
EXCHANGE_BANK_CONNECTION = "exchange-ebics-connection"
+ NEXUS_DB_FILE = "/tmp/nexus.sqlite"
+ SANDBOX_DB_FILE = "/tmp/sandbox.sqlite"
EXCHANGE_FACADE_NAME = "exchange-taler-facade"
+ SANDBOX_ADMIN_USERNAME = "admin"
+ SANDBOX_ADMIN_PASSWORD = "secret"
class Command:
def __init__(
@@ -1228,14 +1255,6 @@ Logs: {rev_proxy.get_log_filename()}"
"download", "sign", "upload"
]).run()
print(" OK")
- EXCHANGE_PAYTO=mc.sections["exchange-account-1"]["payto_uri"]
- print_nn(f"exchange-offline: enabling {EXCHANGE_PAYTO}...")
- Command([
- "taler-exchange-offline",
- "-c", CFG_OUTDIR / "taler.conf",
- "enable-account", EXCHANGE_PAYTO, "upload"]
- ).run()
- print(" OK")
# Set up wire fees for next 5 years
NOW = datetime.now()
YEAR = NOW.year
@@ -1255,11 +1274,6 @@ Logs: {rev_proxy.get_log_filename()}"
custom_name="set-wire-fee"
).run()
print(" OK")
- print_nn("Stopping exchange HTTP daemon and crypto helpers...")
- exchange_rsa_handle.stop()
- exchange_eddsa_handle.stop()
- exchange_handle.stop()
- print(" OK")
print_nn("Reset and init auditor DB..")
Command([
"taler-auditor-dbinit",
@@ -1286,7 +1300,8 @@ Logs: {rev_proxy.get_log_filename()}"
if error.errno != errno.ENOENT:
raise error
print(" OK")
-
+
+ # This step transparantly creates a default demobank.
print_nn("Launching Sandbox...")
sandbox_handle = Command(
[
@@ -1330,11 +1345,34 @@ Logs: {rev_proxy.get_log_filename()}"
person_name="Exchange Owner",
bank_account_name=EXCHANGE_BANK_ACCOUNT_SANDBOX,
bank_account_iban=IBAN_EXCHANGE,
- env=get_sandbox_cli_env(
- SANDBOX_ADMIN_USERNAME,
- SANDBOX_ADMIN_PASSWORD,
- )
+ password=EXCHANGE_BANK_ACCOUNT_PASSWORD
+ )
+ print(" OK")
+ print_nn("Getting exchange payto-URI from the bank.")
+ exchange_bank_account_info=get_sandbox_account_info(
+ SANDBOX_URL,
+ EXCHANGE_BANK_ACCOUNT_SANDBOX,
+ EXCHANGE_BANK_ACCOUNT_PASSWORD
)
+ EXCHANGE_PAYTO = exchange_bank_account_info["paytoUri"]
+ print(" OK")
+ print_nn("Specify own payto-URI to exchange's configuration.")
+ Command([
+ "taler-config", "-s", "exchange-account-1",
+ "-o", "payto_uri", "-V", EXCHANGE_PAYTO
+ ]).run()
+ print(" OK")
+ print_nn(f"exchange-offline: enabling {EXCHANGE_PAYTO}...")
+ Command([
+ "taler-exchange-offline",
+ "-c", CFG_OUTDIR / "taler.conf",
+ "enable-account", EXCHANGE_PAYTO, "upload"]
+ ).run()
+ print(" OK")
+ print_nn("Stopping exchange HTTP daemon and crypto helpers...")
+ exchange_rsa_handle.stop()
+ exchange_eddsa_handle.stop()
+ exchange_handle.stop()
print(" OK")
# Give each instance a Sandbox account (note: 'default')
@@ -1348,12 +1386,9 @@ Logs: {rev_proxy.get_log_filename()}"
ebics_partner_id="unusedMerchantEbicsPartnerId",
ebics_user_id=f"unused{instance_id}EbicsUserId",
person_name=f"Shop Owner of {instance_id}",
- bank_account_name=f"sandbox-account-{instance_id}",
+ bank_account_name=f"sandbox-account-{instance_id.lower()}",
bank_account_iban=iban,
- env=get_sandbox_cli_env(
- SANDBOX_ADMIN_USERNAME,
- SANDBOX_ADMIN_PASSWORD,
- )
+ password=ALL_INSTANCES_BANK_PASSWORD
)
print(" OK")
print_nn("Create Customer account at Sandbox...")
@@ -1365,10 +1400,7 @@ Logs: {rev_proxy.get_log_filename()}"
person_name="Customer Person",
bank_account_name=CUSTOMER_BANK_ACCOUNT,
bank_account_iban=IBAN_CUSTOMER,
- env=get_sandbox_cli_env(
- SANDBOX_ADMIN_USERNAME,
- SANDBOX_ADMIN_PASSWORD,
- )
+ password=CUSTOMER_BANK_PASSWORD
)
print(" OK")
print_nn("Make Nexus superuser ...")
@@ -1761,7 +1793,7 @@ def withdraw():
resp = requests.post(REV_PROXY_URL +
f"/sandbox/demobanks/default/access-api/accounts/{CUSTOMER_BANK_ACCOUNT}/withdrawals",
json = dict(amount=CURRENCY + ":5"),
- auth = requests.auth.HTTPBasicAuth(SANDBOX_ADMIN_USERNAME,
SANDBOX_ADMIN_PASSWORD)
+ auth = requests.auth.HTTPBasicAuth(CUSTOMER_BANK_ACCOUNT,
CUSTOMER_BANK_PASSWORD)
)
try:
resp.raise_for_status()
@@ -1780,7 +1812,7 @@ def withdraw():
print_nn("Confirm withdrawal operation at the bank...")
resp = requests.post(REV_PROXY_URL +
f"/sandbox/demobanks/default/access-api/accounts/{CUSTOMER_BANK_ACCOUNT}/withdrawals/{withdrawal_id}/confirm",
- auth = requests.auth.HTTPBasicAuth(SANDBOX_ADMIN_USERNAME,
SANDBOX_ADMIN_PASSWORD)
+ auth = requests.auth.HTTPBasicAuth(CUSTOMER_BANK_ACCOUNT,
CUSTOMER_BANK_PASSWORD)
)
try:
resp.raise_for_status()
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.