def test_from_json_invalid(self):
# missing kin_version
with pytest.raises(ValueError):
SignTransactionRequest.from_json({'envelope_xdr': 'envelopexdr'})
# missing envelope_xdr
with pytest.raises(ValueError):
SignTransactionRequest.from_json({'kin_version': 3})
def handle_sign_transaction(self, f: Callable[
[SignTransactionRequest, SignTransactionResponse],
None], signature: str, req_body: str) -> Tuple[int, str]:
"""A hook for handling a sign transaction request from Agora.
:param f: A function to call with the received event. Implementations can raise
:exc:`InvoiceError <agora.error.InvoiceError>` to return a 403 response with invoice error details or
:exc:`WebhookRequestError <agora.error.WebhookRequestError>` to return a specific HTTP status code and body.
:param signature: The Agora HMAC signature included in the request headers.
:param req_body: The request body.
:return: A Tuple of the status code (int) and the request body (str).
"""
if self.secret and not self.is_valid_signature(req_body, signature):
return 401, ''
try:
json_req_body = json.loads(req_body)
except JSONDecodeError:
return 400, 'invalid request body'
req = SignTransactionRequest.from_json(json_req_body, self.environment)
resp = SignTransactionResponse(req.envelope)
try:
f(req, resp)
except WebhookRequestError as e:
return e.status_code, e.response_body
except Exception as e:
return 500, str(e)
data = resp.to_json()
if resp.rejected:
return 403, json.dumps(data)
return 200, json.dumps(data)
def test_get_tx_id(self):
tx, _ = _generate_tx(False)
tx.sign([_SIGNING_KEY])
data = {
'kin_version': 4,
'solana_transaction': base64.b64encode(tx.marshal()),
}
req = SignTransactionRequest.from_json(data)
assert req.get_tx_id() == tx.signatures[0]
def test_from_json_kin_4(self):
tx, il = _generate_tx(True)
data = {
'solana_transaction': base64.b64encode(tx.marshal()),
'invoice_list': base64.b64encode(il.SerializeToString()),
}
req = SignTransactionRequest.from_json(data)
assert len(req.payments) == 1
assert req.payments[0].invoice == Invoice.from_proto(il.invoices[0])
assert req.transaction == tx
def test_from_json_simple(self):
envelope = _generate_envelope()
data = {
'kin_version': 3,
'envelope_xdr': envelope.xdr(),
}
req = SignTransactionRequest.from_json(data)
assert len(req.payments) == 1
assert req.kin_version == data['kin_version']
assert req.envelope.xdr() == envelope.xdr()
def test_from_json_kin_2(self):
envelope = _generate_kin_2_envelope()
data = {
'kin_version': 2,
'envelope_xdr': envelope.xdr(),
}
req = SignTransactionRequest.from_json(data, Environment.TEST)
assert len(req.payments) == 1
assert req.kin_version == data['kin_version']
assert req.envelope.xdr() == envelope.xdr()
def test_get_tx_id(self):
envelope = _generate_envelope()
data = {
'kin_version': 3,
'envelope_xdr': envelope.xdr(),
}
req = SignTransactionRequest.from_json(data, Environment.TEST)
assert req.get_tx_id() == envelope.hash_meta()
envelope = _generate_kin_2_envelope()
data = {
'kin_version': 2,
'envelope_xdr': envelope.xdr(),
}
req = SignTransactionRequest.from_json(data, Environment.TEST)
assert req.get_tx_id() == envelope.hash_meta()
keys = generate_keys(4)
public_keys = [key.public_key for key in keys]
token_program = public_keys[3]
tx = solana.Transaction.new(
public_keys[0],
[
solana.transfer(
public_keys[1],
public_keys[2],
public_keys[3],
20,
token_program,
),
]
)
tx.sign([keys[0]])
req = SignTransactionRequest.from_json(data, Environment.TEST)
assert req.get_tx_hash() == envelope.hash_meta()
def test_from_json_invalid(self):
# missing kin_version
with pytest.raises(ValueError):
SignTransactionRequest.from_json({'envelope_xdr': 'envelopexdr'}, Environment.TEST)
# missing transaction on Kin 4
with pytest.raises(ValueError):
SignTransactionRequest.from_json({'kin_version': 4}, Environment.TEST)
# missing envelope_xdr on Kin 3
with pytest.raises(ValueError):
SignTransactionRequest.from_json({'kin_version': 3}, Environment.TEST)
# missing envelope_xdr on Kin 2
with pytest.raises(ValueError):
SignTransactionRequest.from_json({'kin_version': 2}, Environment.TEST)
def _sign_transaction(req: SignTransactionRequest,
resp: SignTransactionResponse):
for idx, payment in enumerate(req.payments):
# Double check that the transaction crafter isn't trying to impersonate us
if payment.sender == webhook_private_key.public_key():
logging.warning("rejecting: payment sender is webhook address")
resp.reject()
return
# In this example, we don't want to sign transactions that are not sending Kin to the webhook account. Other
# application use cases may not have this restrictions
if payment.dest != webhook_private_key.public_key():
logging.warning(
"rejecting: bad destination {}, expected {}".format(
payment.dest.stellar_address,
webhook_private_key.public_key().stellar_address))
resp.mark_invoice_error(idx, InvoiceErrorReason.WRONG_DESTINATION)
# If the transaction crafter submitted an invoice, make sure the line item SKUs are set.
#
# Note: the SKU is optional, but we simulate a rejection here for testing.
# Applications may wish to cross-check their own databases for the item being purchased. If the user has already
# purchased said 'item', they may wish to use mark the invoice error as InvoiceErrorReason.ALREADY_PAID.
if payment.invoice:
for line_item in payment.invoice.items:
if not line_item.sku:
logging.warning("rejecting: invoice missing sku")
resp.mark_invoice_error(idx,
InvoiceErrorReason.SKU_NOT_FOUND)
tx_hash_str = req.get_tx_hash().hex()
if resp.rejected:
logging.warning("transaction rejected: {} ({} payments)".format(
tx_hash_str, len(req.payments)))
return
logging.debug("transaction approved: {} ({} payments)".format(
tx_hash_str, len(req.payments)))
# Note: This allows Agora to forward the transaction to the blockchain. However, it does not indicate that it will
# be submitted successfully, or that the transaction will be successful. For example, the sender may have
# insufficient funds.
#
# Backends may keep track of the transaction themselves using SignTransactionRequest.get_tx_hash() and rely on
# either the Events webhook or polling to get the transaction status.
resp.sign(webhook_private_key)
return
def test_from_json_kin_4(self):
il = model_pb2.InvoiceList(
invoices=[
model_pb2.Invoice(
items=[
model_pb2.Invoice.LineItem(title='title1', description='desc1', amount=50, sku=b'somesku')
]
)
]
)
fk = InvoiceList.from_proto(il).get_sha_224_hash()
memo = AgoraMemo.new(1, TransactionType.P2P, 0, fk)
keys = [key.public_key for key in generate_keys(4)]
token_program = keys[3]
tx = solana.Transaction.new(
keys[0],
[
solana.memo_instruction(base64.b64encode(memo.val).decode('utf-8')),
solana.transfer(
keys[1],
keys[2],
keys[3],
20,
token_program,
),
]
)
data = {
'kin_version': 4,
'solana_transaction': base64.b64encode(tx.marshal()),
'invoice_list': base64.b64encode(il.SerializeToString()),
}
req = SignTransactionRequest.from_json(data, Environment.TEST)
assert len(req.payments) == 1
assert req.payments[0].invoice == Invoice.from_proto(il.invoices[0])
assert req.kin_version == data['kin_version']
assert req.transaction == tx
def test_from_json_full(self):
envelope = _generate_envelope()
il = model_pb2.InvoiceList(invoices=[
model_pb2.Invoice(items=[
model_pb2.Invoice.LineItem(title='title1',
description='desc1',
amount=50,
sku=b'somesku')
])
])
data = {
'kin_version': 3,
'envelope_xdr': envelope.xdr(),
'invoice_list': base64.b64encode(il.SerializeToString()),
}
req = SignTransactionRequest.from_json(data)
assert len(req.payments) == 1
assert req.payments[0].invoice == Invoice.from_proto(il.invoices[0])
assert req.kin_version == data['kin_version']
assert req.envelope.xdr() == envelope.xdr()
def test_from_json_invalid(self):
# missing transaction
with pytest.raises(ValueError):
SignTransactionRequest.from_json({})