// HandlerSend implements /send endpoint
func (rh *RequestHandler) HandlerSend(c web.C, w http.ResponseWriter, r *http.Request) {
request := &compliance.SendRequest{}
request.FromRequest(r)
err := request.Validate()
if err != nil {
errorResponse := err.(*protocols.ErrorResponse)
log.WithFields(errorResponse.LogData).Error(errorResponse.Error())
server.Write(w, errorResponse)
return
}
destinationObject, stellarToml, err := rh.FederationResolver.Resolve(request.Destination)
if err != nil {
log.WithFields(log.Fields{
"destination": request.Destination,
"err": err,
}).Print("Cannot resolve address")
server.Write(w, compliance.CannotResolveDestination)
return
}
if stellarToml.AuthServer == "" {
log.Print("No AUTH_SERVER in stellar.toml")
server.Write(w, compliance.AuthServerNotDefined)
return
}
var payWithMutator *b.PayWithPath
if request.SendMax != "" {
// Path payment
var sendAsset b.Asset
if request.SendAssetCode != "" && request.SendAssetIssuer != "" {
sendAsset = b.CreditAsset(request.SendAssetCode, request.SendAssetIssuer)
} else if request.SendAssetCode == "" && request.SendAssetIssuer == "" {
sendAsset = b.NativeAsset()
} else {
log.Print("Missing send asset param.")
server.Write(w, protocols.MissingParameterError)
return
}
payWith := b.PayWith(sendAsset, request.SendMax)
for _, asset := range request.Path {
if asset.Code == "" && asset.Issuer == "" {
payWith = payWith.Through(b.NativeAsset())
} else {
payWith = payWith.Through(b.CreditAsset(asset.Code, asset.Issuer))
}
}
payWithMutator = &payWith
}
mutators := []interface{}{
b.Destination{destinationObject.AccountID},
b.CreditAmount{
request.AssetCode,
request.AssetIssuer,
request.Amount,
},
}
if payWithMutator != nil {
mutators = append(mutators, *payWithMutator)
}
operationMutator := b.Payment(mutators...)
if operationMutator.Err != nil {
log.WithFields(log.Fields{
"err": operationMutator.Err,
}).Error("Error creating operation")
server.Write(w, protocols.InternalServerError)
return
}
// Fetch Sender Info
senderInfo := ""
if rh.Config.Callbacks.FetchInfo != "" {
fetchInfoRequest := compliance.FetchInfoRequest{Address: request.Sender}
resp, err := rh.Client.PostForm(
rh.Config.Callbacks.FetchInfo,
fetchInfoRequest.ToValues(),
)
if err != nil {
log.WithFields(log.Fields{
"fetch_info": rh.Config.Callbacks.FetchInfo,
"err": err,
}).Error("Error sending request to fetch_info server")
server.Write(w, protocols.InternalServerError)
return
}
defer resp.Body.Close()
body, err := ioutil.ReadAll(resp.Body)
if err != nil {
log.WithFields(log.Fields{
"fetch_info": rh.Config.Callbacks.FetchInfo,
"err": err,
}).Error("Error reading fetch_info server response")
server.Write(w, protocols.InternalServerError)
return
}
if resp.StatusCode != http.StatusOK {
log.WithFields(log.Fields{
"fetch_info": rh.Config.Callbacks.FetchInfo,
"status": resp.StatusCode,
"body": string(body),
}).Error("Error response from fetch_info server")
server.Write(w, protocols.InternalServerError)
return
}
senderInfo = string(body)
}
memoPreimage := &memo.Memo{
Transaction: memo.Transaction{
SenderInfo: senderInfo,
Route: destinationObject.Memo,
Extra: request.ExtraMemo,
},
}
memoJSON := memoPreimage.Marshal()
memoHashBytes := sha256.Sum256(memoJSON)
memoMutator := &b.MemoHash{xdr.Hash(memoHashBytes)}
transaction, err := submitter.BuildTransaction(
request.Source,
rh.Config.NetworkPassphrase,
operationMutator,
memoMutator,
)
var txBytes bytes.Buffer
_, err = xdr.Marshal(&txBytes, transaction)
if err != nil {
log.Error("Error mashaling transaction")
server.Write(w, protocols.InternalServerError)
return
}
txBase64 := base64.StdEncoding.EncodeToString(txBytes.Bytes())
authData := compliance.AuthData{
Sender: request.Sender,
NeedInfo: rh.Config.NeedsAuth,
Tx: txBase64,
Memo: string(memoJSON),
}
data, err := json.Marshal(authData)
if err != nil {
log.Error("Error mashaling authData")
server.Write(w, protocols.InternalServerError)
return
}
sig, err := rh.SignatureSignerVerifier.Sign(rh.Config.Keys.SigningSeed, data)
if err != nil {
log.Error("Error signing authData")
server.Write(w, protocols.InternalServerError)
return
}
authRequest := compliance.AuthRequest{
Data: string(data),
Signature: sig,
}
resp, err := rh.Client.PostForm(
stellarToml.AuthServer,
authRequest.ToValues(),
)
if err != nil {
log.WithFields(log.Fields{
"auth_server": stellarToml.AuthServer,
"err": err,
}).Error("Error sending request to auth server")
server.Write(w, protocols.InternalServerError)
return
}
defer resp.Body.Close()
body, err := ioutil.ReadAll(resp.Body)
if err != nil {
log.Error("Error reading auth server response")
server.Write(w, protocols.InternalServerError)
return
}
if resp.StatusCode != 200 {
log.WithFields(log.Fields{
"status": resp.StatusCode,
"body": string(body),
}).Error("Error response from auth server")
server.Write(w, protocols.InternalServerError)
return
}
var authResponse compliance.AuthResponse
err = json.Unmarshal(body, &authResponse)
if err != nil {
log.WithFields(log.Fields{
"status": resp.StatusCode,
"body": string(body),
}).Error("Error unmarshalling auth response")
server.Write(w, protocols.InternalServerError)
return
}
response := compliance.SendResponse{
AuthResponse: authResponse,
TransactionXdr: txBase64,
}
server.Write(w, &response)
}
// Payment implements /payment endpoint
func (rh *RequestHandler) Payment(w http.ResponseWriter, r *http.Request) {
request := &bridge.PaymentRequest{}
request.FromRequest(r)
err := request.Validate()
if err != nil {
errorResponse := err.(*protocols.ErrorResponse)
log.WithFields(errorResponse.LogData).Error(errorResponse.Error())
server.Write(w, errorResponse)
return
}
if request.Source == "" {
request.Source = rh.Config.Accounts.BaseSeed
}
sourceKeypair, _ := keypair.Parse(request.Source)
var submitResponse horizon.SubmitTransactionResponse
var submitError error
if request.ExtraMemo != "" && rh.Config.Compliance != "" {
// Compliance server part
sendRequest := request.ToComplianceSendRequest()
resp, err := rh.Client.PostForm(
rh.Config.Compliance+"/send",
sendRequest.ToValues(),
)
if err != nil {
log.WithFields(log.Fields{"err": err}).Error("Error sending request to compliance server")
server.Write(w, protocols.InternalServerError)
return
}
defer resp.Body.Close()
body, err := ioutil.ReadAll(resp.Body)
if err != nil {
log.Error("Error reading compliance server response")
server.Write(w, protocols.InternalServerError)
return
}
if resp.StatusCode != 200 {
log.WithFields(log.Fields{
"status": resp.StatusCode,
"body": string(body),
}).Error("Error response from compliance server")
server.Write(w, protocols.InternalServerError)
return
}
var complianceSendResponse compliance.SendResponse
err = json.Unmarshal(body, &complianceSendResponse)
if err != nil {
log.Error("Error unmarshalling from compliance server")
server.Write(w, protocols.InternalServerError)
return
}
if complianceSendResponse.AuthResponse.InfoStatus == compliance.AuthStatusPending ||
complianceSendResponse.AuthResponse.TxStatus == compliance.AuthStatusPending {
log.WithFields(log.Fields{"response": complianceSendResponse}).Info("Compliance response pending")
server.Write(w, bridge.NewPaymentPendingError(complianceSendResponse.AuthResponse.Pending))
return
}
if complianceSendResponse.AuthResponse.InfoStatus == compliance.AuthStatusDenied ||
complianceSendResponse.AuthResponse.TxStatus == compliance.AuthStatusDenied {
log.WithFields(log.Fields{"response": complianceSendResponse}).Info("Compliance response denied")
server.Write(w, bridge.PaymentDenied)
return
}
var tx xdr.Transaction
err = xdr.SafeUnmarshalBase64(complianceSendResponse.TransactionXdr, &tx)
if err != nil {
log.Error("Error unmarshalling transaction returned by compliance server")
server.Write(w, protocols.InternalServerError)
return
}
submitResponse, submitError = rh.TransactionSubmitter.SignAndSubmitRawTransaction(request.Source, &tx)
} else {
// Payment without compliance server
destinationObject, _, err := rh.FederationResolver.Resolve(request.Destination)
if err != nil {
log.WithFields(log.Fields{"destination": request.Destination, "err": err}).Print("Cannot resolve address")
server.Write(w, bridge.PaymentCannotResolveDestination)
return
}
_, err = keypair.Parse(destinationObject.AccountID)
if err != nil {
log.WithFields(log.Fields{"AccountId": destinationObject.AccountID}).Print("Invalid AccountId in destination")
server.Write(w, protocols.NewInvalidParameterError("destination", request.Destination))
return
}
var payWithMutator *b.PayWithPath
if request.SendMax != "" {
// Path payment
var sendAsset b.Asset
if request.SendAssetCode == "" && request.SendAssetIssuer == "" {
sendAsset = b.NativeAsset()
} else {
sendAsset = b.CreditAsset(request.SendAssetCode, request.SendAssetIssuer)
}
payWith := b.PayWith(sendAsset, request.SendMax)
for i := 0; ; i++ {
codeFieldName := fmt.Sprintf("path[%d][asset_code]", i)
issuerFieldName := fmt.Sprintf("path[%d][asset_issuer]", i)
// If the element does not exist in PostForm break the loop
if _, exists := r.PostForm[codeFieldName]; !exists {
break
}
code := r.PostFormValue(codeFieldName)
issuer := r.PostFormValue(issuerFieldName)
if code == "" && issuer == "" {
payWith = payWith.Through(b.NativeAsset())
} else {
payWith = payWith.Through(b.CreditAsset(code, issuer))
}
}
payWithMutator = &payWith
}
var operationBuilder interface{}
if request.AssetCode != "" && request.AssetIssuer != "" {
mutators := []interface{}{
b.Destination{destinationObject.AccountID},
b.CreditAmount{request.AssetCode, request.AssetIssuer, request.Amount},
}
if payWithMutator != nil {
mutators = append(mutators, *payWithMutator)
}
operationBuilder = b.Payment(mutators...)
} else {
mutators := []interface{}{
b.Destination{destinationObject.AccountID},
b.NativeAmount{request.Amount},
}
if payWithMutator != nil {
mutators = append(mutators, *payWithMutator)
}
// Check if destination account exist
_, err = rh.Horizon.LoadAccount(destinationObject.AccountID)
if err != nil {
log.WithFields(log.Fields{"error": err}).Error("Error loading account")
operationBuilder = b.CreateAccount(mutators...)
} else {
operationBuilder = b.Payment(mutators...)
}
}
memoType := request.MemoType
memo := request.Memo
if destinationObject.MemoType != "" {
if request.MemoType != "" {
log.Print("Memo given in request but federation returned memo fields.")
server.Write(w, bridge.PaymentCannotUseMemo)
return
}
memoType = destinationObject.MemoType
memo = destinationObject.Memo
}
var memoMutator interface{}
switch {
case memoType == "":
break
case memoType == "id":
id, err := strconv.ParseUint(memo, 10, 64)
if err != nil {
log.WithFields(log.Fields{"memo": memo}).Print("Cannot convert memo_id value to uint64")
server.Write(w, protocols.NewInvalidParameterError("memo", request.Memo))
return
}
memoMutator = b.MemoID{id}
case memoType == "text":
memoMutator = &b.MemoText{memo}
case memoType == "hash":
memoBytes, err := hex.DecodeString(memo)
if err != nil || len(memoBytes) != 32 {
log.WithFields(log.Fields{"memo": memo}).Print("Cannot decode hash memo value")
server.Write(w, protocols.NewInvalidParameterError("memo", request.Memo))
return
}
var b32 [32]byte
copy(b32[:], memoBytes[0:32])
hash := xdr.Hash(b32)
memoMutator = &b.MemoHash{hash}
default:
log.Print("Not supported memo type: ", memoType)
server.Write(w, protocols.NewInvalidParameterError("memo", request.Memo))
return
}
accountResponse, err := rh.Horizon.LoadAccount(sourceKeypair.Address())
if err != nil {
log.WithFields(log.Fields{"error": err}).Error("Cannot load source account")
server.Write(w, bridge.PaymentSourceNotExist)
return
}
sequenceNumber, err := strconv.ParseUint(accountResponse.SequenceNumber, 10, 64)
if err != nil {
log.WithFields(log.Fields{"error": err}).Error("Cannot convert SequenceNumber")
server.Write(w, protocols.InternalServerError)
return
}
transactionMutators := []b.TransactionMutator{
b.SourceAccount{request.Source},
b.Sequence{sequenceNumber + 1},
b.Network{rh.Config.NetworkPassphrase},
operationBuilder.(b.TransactionMutator),
}
if memoMutator != nil {
transactionMutators = append(transactionMutators, memoMutator.(b.TransactionMutator))
}
tx := b.Transaction(transactionMutators...)
if tx.Err != nil {
log.WithFields(log.Fields{"err": tx.Err}).Print("Transaction builder error")
// TODO when build.OperationBuilder interface is ready check for
// create_account and payment errors separately
switch {
case tx.Err.Error() == "Asset code length is invalid":
server.Write(
w,
protocols.NewInvalidParameterError("asset_code", request.AssetCode),
)
case strings.Contains(tx.Err.Error(), "cannot parse amount"):
server.Write(
w,
protocols.NewInvalidParameterError("amount", request.Amount),
)
default:
log.WithFields(log.Fields{"err": tx.Err}).Print("Transaction builder error")
server.Write(w, protocols.InternalServerError)
}
return
}
txe := tx.Sign(request.Source)
txeB64, err := txe.Base64()
if err != nil {
log.WithFields(log.Fields{"error": err}).Error("Cannot encode transaction envelope")
server.Write(w, protocols.InternalServerError)
return
}
submitResponse, submitError = rh.Horizon.SubmitTransaction(txeB64)
}
if submitError != nil {
log.WithFields(log.Fields{"error": submitError}).Error("Error submitting transaction")
server.Write(w, protocols.InternalServerError)
return
}
errorResponse := bridge.ErrorFromHorizonResponse(submitResponse)
if errorResponse != nil {
log.WithFields(errorResponse.LogData).Error(errorResponse.Error())
server.Write(w, errorResponse)
return
}
// Path payment send amount
if submitResponse.ResultXdr != nil {
var transactionResult xdr.TransactionResult
reader := strings.NewReader(*submitResponse.ResultXdr)
b64r := base64.NewDecoder(base64.StdEncoding, reader)
_, err := xdr.Unmarshal(b64r, &transactionResult)
if err == nil && transactionResult.Result.Code == xdr.TransactionResultCodeTxSuccess {
operationResult := (*transactionResult.Result.Results)[0]
if operationResult.Tr.PathPaymentResult != nil {
sendAmount := operationResult.Tr.PathPaymentResult.SendAmount()
submitResponse.SendAmount = amount.String(sendAmount)
}
}
}
server.Write(w, &submitResponse)
}