feat: either receiveAmount or debitAmount allowed for outgoing payment limits #3449
Conversation
github-actions
bot
added
type: tests
🚀 Performance Test ResultsTest Configuration:
Test Metrics:
📜 Logs |
| if (limits.debitAmount && limits.receiveAmount) { | ||
| throw OutgoingPaymentError.OnlyOneAmountAllowed | ||
| } |
There was a problem hiding this comment.
It is good to check this at the resource server, but also we need to check this at the auth server as well, since that is the place where the grant with the access is actually being created.
In other words, we should prevent the grant being created in the first place with the incorrect access amounts.
| limits: Limits | ||
| ): boolean { | ||
| if (limits.debitAmount && limits.receiveAmount) { | ||
| throw OutgoingPaymentError.OnlyOneAmountAllowed |
There was a problem hiding this comment.
| throw OutgoingPaymentError.OnlyOneAmountAllowed | |
| throw OutgoingPaymentError.OnlyOneGrantAmountAllowed |
…or both types of amount
| function validateLimits(accessRequests: AccessRequest[]) { | ||
| const areBothLimitsSet = | ||
| accessRequests.findIndex( | ||
| (access) => access.limits?.debitAmount && access.limits.receiveAmount | ||
| ) !== -1 | ||
|
|
||
| if (areBothLimitsSet) { | ||
| throw new Error('Only one of receiveAmount or debitAmount allowed') | ||
| } | ||
| } |
There was a problem hiding this comment.
Following the stack trace for the error, we would end up sending a 500 - Internal server error back to the client.
Instead, we should reply with a 400 invalid_request.
|
After going through the Bruno
|
packages/auth/src/grant/routes.ts
Outdated
| if (typeof err === 'string') { | ||
| throw new GNAPServerRouteError(400, GNAPErrorCode.InvalidRequest, err) | ||
| } |
There was a problem hiding this comment.
I think it would be useful to map errors from the services to the HTTP status & GNAPErrorCodes, similar to how we are doing in the backend's incoming payments for example.
packages/auth/src/grant/routes.ts
Outdated
|
|
||
| const trx = await Grant.startTransaction() | ||
|
|
||
| const grant = await createGrantOrThrowError(grantService, body, trx) |
There was a problem hiding this comment.
To simplify, we could probably:
- Only return
Promise<Grant>in thegrantService.create(withoutGrantError) and just let the thrownAccessErrorpropagate tograntRoutes.createPendingGrant - In the
createPendingGrantcatch block down below, check forisAccessError(err)
With this, you'll only end up adding an extra check in the createPendingGrant catch block or the new error without needing to rollback the trx separately
mkurapov
left a comment
mkurapov
left a comment
There was a problem hiding this comment.
Looks good - a final few comments for auth & backend.
Otherwise the only thing left is making sure the MASE frontend is updated to handle the different amount cases
| [OutgoingPaymentError.NegativeReceiveAmount]: 400, | ||
| [OutgoingPaymentError.InvalidReceiver]: 400 | ||
| [OutgoingPaymentError.InvalidReceiver]: 400, | ||
| [OutgoingPaymentError.OnlyOneGrantAmountAllowed]: 400 |
There was a problem hiding this comment.
| [OutgoingPaymentError.OnlyOneGrantAmountAllowed]: 400 | |
| [OutgoingPaymentError.OnlyOneGrantAmountAllowed]: 500 |
Since from the perspective of the client, the input they passed to create outgoing payment could have been OK, it was the auth server handling of the grant request that was incorrect (and a server-side error)
| } | ||
|
|
||
| const grant1 = await grantService.create(grantRequest) | ||
| assert.ok(!isAccessError(grant1)) |
There was a problem hiding this comment.
Looks like we don't need this now, since we only can return Grant
mkurapov
left a comment
mkurapov
left a comment
There was a problem hiding this comment.
Getting this screen after accepting a grant with a defined receiveAmount
| <p> | ||
| You gave {thirdPartyName} permission to send {currencyDisplayCode}{' '} | ||
| {amount.toFixed(2)} out of your account. | ||
| You gave {thirdPartyName} permission to send{' '} |
There was a problem hiding this comment.
| You gave {thirdPartyName} permission to send{' '} | |
| You gave {thirdPartyName} permission to send {' '} |
…nses from OP (#3429) * Removed updatedAt from incoming and outgoing payments responses from OP * Removed 'updatedAt' from test-lib 'createReceiver', updated OP version for auth, test-lib and integration packages * Updated pnpm-lock * Updated bruno requests * Removed 'updatedAt' from webhook.yaml * feat: either receiveAmount or debitAmount allowed for outgoing payment limits (#3449) * Set limits to have either receive or debit amount * Updated auth limits and bruno request * Added the case when both types of amount are missing * Updated mock ASE consent screen, renamed error, added check in auth for both types of amount * Added error enum for access, added tests and updated types * Added error mapping for grants, updated tests * Format fixes and ignored eslint error * Updated createGrant function for testing * Forgot to rollback transaction when error will be thrown * Simplified access error handling * Removed unnecessary assert and changed error code * Fixed mock consent screen so it will support having either receive or debit amount * Updated consent messages * Updated mock ASE consent screen to handle all limit amount cases * Updated token-introspection OP version to 7.0.0, and removed updatedAt from outgoing payments webhooks schema
Changes proposed in this pull request
OutgoingPaymentLimitto no longer accept bothreceiveAmountanddebitAmountContext
Fixes #3337
Checklist
fixes #numberuser-docslabel (if necessary)