View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0006699 | Taler | mechant backend | public | 2021-01-14 01:57 | 2021-09-02 18:23 |
| Reporter | Florian Dold | Assigned To | Christian Grothoff | ||
| Priority | high | Severity | major | Reproducibility | have not tried |
| Status | closed | Resolution | fixed | ||
| Product Version | git (master) | ||||
| Target Version | 0.8 | Fixed in Version | 0.8 | ||
| Summary | 0006699: merchant falsely claims that denomination isn't audited | ||||
| Description | This issue can be reliably reproduced with a wallet integration test. It occurs when the URL for the trusted exchange configured in the merchant configuration differs from the exchange base URL used by in the wallet (and thus sent in the /pay request). The underlying issue is likely *not* the different base URL, but that the merchant requests the exchange's /keys information *during* the /pay request, as opposed to during startup. The merchant gives the following response to the wallet's /pay request: { "hint": "The denomination key used for payment is not audited by an auditor approved by the merchant.", "code": 2152, "h_denom_pub": "6B70V0DFPJ9ZTNZEQV6CYYBM4TZ0EFF744D731N5632QSHKV4WZ8K8Z4FYPQS6BNAX1YQENWDN0GPGHHP6DCPXHZEDAS1T4RFQG8QVG" } Note that the exchange_keys field is missing. What's wrong here is that: 1. The error message claims that the *auditing* is the problem, when exchange trust is the problem 2. The merchant claims that the denomination is "bad", when it didn't even finish obtaining the keys from the exchange yet. | ||||
| Steps To Reproduce | $ taler-wallet-cli testing run-integrationtests merchant-exchange-confusion | ||||
| Tags | No tags attached. | ||||
|
|
This *looks* like a weird corner case, but it means in practice that the merchant will respond with an HTTP 400 (i.e. a permanent error) each time it's seeing a new exchange (or the same exchange via a different base URL). |
|
|
4a5eb61..4bbb29f forces a re-download of /keys also if the auditor DK check fails. Alas, this does NOT fix the issue. But I don't understand the report yet. |
|
|
The real issue here is that the exchange /keys reply is bogus/fails, and the merchant blames the wallet (400) instead of the exchange (502). So we need to check the status code of /keys and generate the right http code. |
|
|
The _real_ real issue is that the merchant doesn't like the base URL being different due to the proxy, even though it explicitly trusts the master_pub. |
|
|
Fixed in 4bbb29f..2c5a245 |
|
|
Fix committed to master branch. |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2021-01-14 01:57 | Florian Dold | New Issue | |
| 2021-01-14 01:57 | Florian Dold | Status | new => assigned |
| 2021-01-14 01:57 | Florian Dold | Assigned To | => Christian Grothoff |
| 2021-01-14 02:00 | Florian Dold | Note Added: 0017344 | |
| 2021-01-15 12:40 | Christian Grothoff | Note Added: 0017352 | |
| 2021-01-15 13:58 | Christian Grothoff | Note Added: 0017353 | |
| 2021-01-16 14:25 | Christian Grothoff | Note Added: 0017357 | |
| 2021-01-16 18:38 | Christian Grothoff | Status | assigned => resolved |
| 2021-01-16 18:38 | Christian Grothoff | Resolution | open => fixed |
| 2021-01-16 18:38 | Christian Grothoff | Fixed in Version | => 0.9 |
| 2021-01-16 18:38 | Christian Grothoff | Note Added: 0017358 | |
| 2021-01-16 18:38 | Christian Grothoff | Product Version | => git (master) |
| 2021-01-16 18:38 | Christian Grothoff | Target Version | => 0.9 |
| 2021-07-30 13:57 | Christian Grothoff | Fixed in Version | 0.9 => 0.8.1 |
| 2021-07-30 13:59 | Christian Grothoff | Target Version | 0.9 => 0.8.1 |
| 2021-07-30 14:02 | Christian Grothoff | Fixed in Version | 0.8.1 => 0.8 |
| 2021-07-30 14:02 | Christian Grothoff | Target Version | 0.8.1 => 0.8 |
| 2021-08-24 16:23 | Christian Grothoff | Status | resolved => closed |
| 2021-09-02 18:22 | Christian Grothoff | Changeset attached | => Taler-merchant master 2c5a2454 |
| 2021-09-02 18:23 | Christian Grothoff | Note Added: 0018363 |
