feat: ask for payment pointer from ASE #1501
Conversation
✅ Deploy Preview for brilliant-pasca-3e80ec canceled.
|
github-actions
bot
added
pkg: backend
| @@ -0,0 +1,21 @@ | |||
| import { IAppConfig } from '../config/app' | |||
There was a problem hiding this comment.
copied from auth package
| 'returns undefined if no payment pointer exists with url', | ||
| withConfigOverride( | ||
| () => config, | ||
| { paymentPointerLookupTimeoutMs: 1 }, |
There was a problem hiding this comment.
purely so the tests run faster, and don't need to wait the 1.5s for the timeout
|
|
||
| response = await requestWithTimeout( | ||
| () => request(), | ||
| timeoutMs - elapsedTimeMs |
There was a problem hiding this comment.
timeoutMs - elapsedTimeMs essentially lets timeoutMs to be the maximum timeout for the polling period. i.e. we can break early without needing for the given request to complete before timing out
| data: { | ||
| paymentPointerUrl: url | ||
| } |
There was a problem hiding this comment.
We could also just return the payment pointer path here, i.e. just gfranklin instead of the full https://rafiki.money/gfranklin, but I think this keeps it consistent, we just let the ASE to the stripping of the string as they see fit
| @@ -21,6 +21,12 @@ accounts: | |||
| initialBalance: 2000 | |||
| path: accounts/planex | |||
| postmanEnvVar: planexPaymentPointer | |||
| - name: 'Alice Smith' | |||
| path: accounts/asmith | |||
There was a problem hiding this comment.
maybe alias is better than path but just went with what was there originally
There was a problem hiding this comment.
Tested locally and it works as described.
Ideally, requests need to be rate-limited (per IP?): for a payment pointer that the ASE cannot resolve (the account doesn't exist), it's a bit of a heavy operation every GET request & can take up some resources.
That does seem like a concern. We should probably create an issue to address this vulnerability (whether by rate limiting or other means) so it doesn't get lost
# Conflicts: # packages/backend/src/config/app.ts # packages/backend/src/index.ts # packages/backend/src/open_payments/payment_pointer/service.test.ts # packages/backend/src/open_payments/payment_pointer/service.ts # packages/documentation/docs/integration/deployment.md
| | `EXCHANGE_RATES_LIFETIME` | `15_000` | milliseconds | | ||
| | `EXCHANGE_RATES_URL` | `undefined` | endpoint on the Account Servicing Entity to request receiver fees | |
There was a problem hiding this comment.
Moved up to alphabetize
| @@ -37,7 +37,6 @@ describe('Open Payments Payment Pointer Service', (): void => { | |||
| let paymentPointerService: PaymentPointerService | |||
| let accountingService: AccountingService | |||
| let knex: Knex | |||
| let config: IAppConfig | |||
There was a problem hiding this comment.
looks like we can remove line 48 as well (duplicate config = await deps.use('config') in beforeAll)
* feat: ask for payment pointer from ASE * docs: update language * docs: add webhook information * add webhook to OpenAPI * docs: update wording * feat(mase): allow for on the fly payment pointer creation * chore(mase): update webhook handler * docs: update wording, link to section * fix test * docs: alphabetize env vars in * chore: remove duplicate line
huijing
added
the
type: documentation
Changes proposed in this pull request
payment_pointer.not_foundwebhook eventContext
Fixes #1419
When a payment pointer is requested but not found in Rafiki, we will now will publish a
payment_pointer.not_foundwebhook event, and start polling for the ASE to create a payment pointer (viacreatePaymentPointermutation). The polling timeout (and frequency) is configurable. This enables creation of payment pointers on the fly: giving a chance for the ASE to resolve any requested payment pointer that they may have in their system.This can be demonstrated via a new seed user, Alice Smith, who doesn't have a payment pointer to start with:
but then upon
GET https://happy-life-bank-backend/accounts/asmithone is created asynchronously:This new payment pointer can be used via the
{{asmithPaymentPointer}}Postman collection variable.Considerations
Ideally, requests need to be rate-limited (per IP?): for a payment pointer that the ASE cannot resolve (the account doesn't exist), it's a bit of a heavy operation every GET request & can take up some resources.
Checklist
fixes #number