Merge branch 'master' into 0129sync1.3.0toMaster

# Conflicts: # gradle.properties
GENERALBYTESCOM · Jan 29, 2024 · e1ad280 · e1ad280
2 parents d369cb1 + d5f4846
commit e1ad280
Show file tree

Hide file tree

Showing 82 changed files with 1,433 additions and 109 deletions.
diff --git a/README.md b/README.md
@@ -27,7 +27,7 @@ CAS then parses any "batm-extensions.xml" found in the JAR file to enumerate the
 
 <a href="https://github.com/GENERALBYTESCOM/batm_public/blob/master/server_extensions_api/src/main/java/com/generalbytes/batm/server/extensions/IExtension.java">Extension</a> is a high level component - something like a plugin - that encapsulates and instantiates the rest of the features.
 
-Extension can be asked to provide wallet X for currency Y etc. The best way to learn more about extensions is to read the sample code and examine how other people have implemented support for their wallet or cryptocurrency in the <a href="https://github.com/GENERALBYTESCOM/batm_public/blob/master/server_extensions_extra">server_extensions_extra</a> module. <a href="https://github.com/GENERALBYTESCOM/batm_public/blob/master/server_extensions_extra/src/main/java/com/generalbytes/batm/server/extensions/extra/examples">Additional examples can be found here</a>.
+Extension can be asked to provide wallet X for currency Y etc. The best way to learn more about extensions is to read the sample code and examine how other people have implemented support for their wallet or cryptocurrency in the <a href="https://github.com/GENERALBYTESCOM/batm_public/blob/master/server_extensions_extra">server_extensions_extra</a> module. <a href="https://github.com/GENERALBYTESCOM/batm_public/blob/master/server_extensions_examples/src/main/java/com/generalbytes/batm/server/extensions/examples">Additional examples can be found here</a>.
 
 Here is the list of some functionality that can be extended using Extensions API:
 * **Implement support for different cryptocurrency wallets** - for more information, see the <a href="https://github.com/GENERALBYTESCOM/batm_public/blob/master/server_extensions_api/src/main/java/com/generalbytes/batm/server/extensions/IWallet.java">IWallet</a> interface.
@@ -43,14 +43,16 @@ Here is the list of some functionality that can be extended using Extensions API
 * **Send emails or SMSes from extension** - To notify your customer via SMS or email with custom messages, call the methods exposed by the <a href="https://github.com/GENERALBYTESCOM/batm_public/blob/master/server_extensions_api/src/main/java/com/generalbytes/batm/server/extensions/IExtensionContext.java">IExtensionContext</a> interface.
 * **<a href="https://github.com/GENERALBYTESCOM/batm_public/blob/master/server_extensions_api/src/main/java/com/generalbytes/batm/server/extensions/IExtensionContext.java">ExtensionContext</a>** is your main entrypoint for interacting with CAS.
 ExtensionContext may be called from any extension. A reference to ExtensionContext is passed to an Extension when the **init** method is called by CAS on any Extension. Please make sure you read all of the methods that are available on the IExtensionContext interface. There are, for example: cash related operations, sell functionality, and more!
-* **Implement RESTful services** - facilitates integration of the Server with a 3rd party system. Extensions enable you to quickly and easily create a RESTful service that sends/receives data via JSON and HTTPS. Do you want your website to contact  CAS to find the current exchange rate on your BATM (or even more complicated functions)? Use <a href="https://github.com/GENERALBYTESCOM/batm_public/blob/master/server_extensions_api/src/main/java/com/generalbytes/batm/server/extensions/IRestService.java">IRestService</a> for that. A simple example that returns your current CAS version can be found <a href="https://github.com/GENERALBYTESCOM/batm_public/blob/master/server_extensions_extra/src/main/java/com/generalbytes/batm/server/extensions/extra/examples/rest">here</a>.
-* **Implement ChatBot commands** - Do you need to execute some tasks on server by sending message to server via Telegram Messenger? Simply implement Telegram your command and you are ready to go. A simple example that returns your current CAS version can be found <a href="https://github.com/GENERALBYTESCOM/batm_public/blob/master/server_extensions_extra/src/main/java/com/generalbytes/batm/server/extensions/extra/examples/chat">here</a>.
+* **Implement RESTful services** - facilitates integration of the Server with a 3rd party system. Extensions enable you to quickly and easily create a RESTful service that sends/receives data via JSON and HTTPS. Do you want your website to contact  CAS to find the current exchange rate on your BATM (or even more complicated functions)? Use <a href="https://github.com/GENERALBYTESCOM/batm_public/blob/master/server_extensions_api/src/main/java/com/generalbytes/batm/server/extensions/IRestService.java">IRestService</a> for that. A simple example that returns your current CAS version can be found <a href="https://github.com/GENERALBYTESCOM/batm_public/blob/master/server_extensions_examples/src/main/java/com/generalbytes/batm/server/extensions/examples/rest">here</a>.
+* **Implement ChatBot commands** - Do you need to execute some tasks on server by sending message to server via Telegram Messenger? Simply implement Telegram your command and you are ready to go. A simple example that returns your current CAS version can be found <a href="https://github.com/GENERALBYTESCOM/batm_public/blob/master/server_extensions_examples/src/main/java/com/generalbytes/batm/server/extensions/examples/chat">here</a>.
 
 
 Content
 =======
 * **server_extensions_api** - contains the extension API that all extensions use to extend CAS' functionality.
 * **server_extensions_extra** - reference extension implementation that demonstrates BTC, LTC, CLOAK, DGB, DASH, HATCH, POT, VIA, BTX, SYS, FLASH, DOGE, NLG, ICG, NBT, GRS, MAX, BSD, MEC, BTDX, NANO, SUM, BURST, ECA, LINDA, $PAC, DAI, MKR, BTBS, GQ, VERUM, MUE, BAT and REP coin support functionality.
+* **server_extensions_examples** - contains example implementations of various extensions.
+* **server_extensions_template** - contains template for developer's own extension.
 * **server_extensions_test** - contains tester for testing the extensions (CAS not required).
 * **operators_sample_website** - The OSW is a sample web application that demonstrates how operators can enable their customers initiate sell transactions online via operator's website and later visit two-way BATMThree or BATMFour ATM when cash is ready for withdrawal. For more detailed information see <a href="https://github.com/GENERALBYTESCOM/batm_public/tree/master/operators_sample_website">description</a>.
 <p align="center">`
@@ -65,7 +67,7 @@ Requirements:
 * Java **1.8** (we recommend using https://sdkman.io/ for managing multiple JDK versions on your computer)
 * Gradle
 
-When you implement support for a new crypto-coin, please add it to **server_extensions_extra** - so that it may get into the default CAS installation pack for customers.
+When you implement support for a new crypto-coin, please add it to **server_extensions_extra** - so that it may get into the default CAS distribution ready to be used by other operators.
 Please use the appropriate Fork and Pull Request in the GitHub workflow when adding new functions, and bear in mind that your code will be reviewed prior to any merge with the master.
 
 When adding new cryptocurrency support, please remember to provide its logo! This logo will later be downloaded by the BATM from CAS and displayed on the BATM screen. Both SVG and PNG logos are supported; however, only the SVG logo is used on newer BATM versions. A PNG logo is offered only for backward compatibility, and in the few cases where the SVG logo has an unusually large size.
@@ -88,6 +90,16 @@ Note that on startup, CAS scans the: <code>/batm/app/master/extensions/</code> f
 
 If you happen to add new cryptocurrency in CryptoCurrency class in currencies module then don't forget to make sure that you copy your version of currencies-1.0.XX-SNAPSHOT.jar to /batm/app/master/lib
 
+Creating your own extension
+=================
+When you want to develop your own operator specific extension please create a new module and implement your extension there.
+Use server_extensions_template module as a termplate for your first extension. Just copy this module and rename it.
+You will need to modify also settings.gradle file to contain your new extension module's name. See how is the server_extensions_template module mentioned and add line for your new extension module.
+After building the whole project your built extension shoud be in following file: <code>yournewextension/build/libs/yournewextension.jar</code>
+Copy it to CAS server at following location: <code>/batm/app/master/extensions/</code>
+You may also want to modify build.gradle in your new module to change at least package names and final output filename.
+
+
 How to run Tester
 ==========
 ```bash

diff --git a/gradle.properties b/gradle.properties
@@ -1,6 +1,6 @@
 # buildscript - project id
 projectGroup=com.generalbytes.batm.public
-projectVersion=1.3.8
+projectVersion=1.4.5
 
 # buildscript - common dependency versions
 bitrafaelVersion=1.0.44

diff --git a/...ite/src/main/java/com/generalbytes/batm/server/extensions/website/RestServiceWebsite.java b/...ite/src/main/java/com/generalbytes/batm/server/extensions/website/RestServiceWebsite.java
@@ -7,8 +7,10 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.ws.rs.*;
+import javax.ws.rs.core.Context;
 import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
 import java.math.BigDecimal;
@@ -29,10 +31,10 @@ public class RestServiceWebsite {
     @Path("/terminals-with-available-cash")
     @Produces(MediaType.APPLICATION_JSON)
     public Object terminalsWithAvailableCash(@HeaderParam("X-Api-Key") String apiKey, @QueryParam("amount") BigDecimal amount,
-                                             @QueryParam("fiat_currency") String fiatCurrency) {
+                                             @QueryParam("fiat_currency") String fiatCurrency, @Context HttpServletRequest request) {
 
         try {
-            checkSecurity(apiKey);
+            checkSecurity(apiKey, request);
             List<String> params = new ArrayList<>();
             if (amount == null) {
                 params.add("amount");
@@ -53,7 +55,7 @@ public Object terminalsWithAvailableCash(@HeaderParam("X-Api-Key") String apiKey
             }
             return filteredTerminals;
         } catch (AuthenticationException e) {
-            return responseInvalidApiKey();
+            return responseInvalidApiKey(e);
         } catch (Throwable e) {
             log.error("Error - terminals with available cash", e);
         }
@@ -73,10 +75,11 @@ public Object terminalsWithAvailableCash(@HeaderParam("X-Api-Key") String apiKey
     public Object sellCrypto(@HeaderParam("X-Api-Key") String apiKey, @QueryParam("serial_number") String serialNumber,
                              @QueryParam("fiat_amount") BigDecimal fiatAmount, @QueryParam("fiat_currency") String fiatCurrency,
                              @QueryParam("crypto_amount") BigDecimal cryptoAmount, @QueryParam("crypto_currency") String cryptoCurrency,
-                             @QueryParam("identity_public_id") String identityPublicId, @QueryParam("discount_code") String discountCode) {
+                             @QueryParam("identity_public_id") String identityPublicId, @QueryParam("discount_code") String discountCode,
+                             @Context HttpServletRequest request) {
 
         try {
-            checkSecurity(apiKey);
+            checkSecurity(apiKey, request);
             List<String> params = new ArrayList<>();
             if (serialNumber == null || serialNumber.trim().isEmpty()) {
                 params.add("serial_number");
@@ -96,7 +99,7 @@ public Object sellCrypto(@HeaderParam("X-Api-Key") String apiKey, @QueryParam("s
             return SellExtension.getExtensionContext().sellCrypto(serialNumber, fiatAmount, fiatCurrency, cryptoAmount, cryptoCurrency, identityPublicId, discountCode);
 
         } catch (AuthenticationException e) {
-            return responseInvalidApiKey();
+            return responseInvalidApiKey(e);
 
         } catch (Throwable e) {
             log.error("Error - sell crypto", e);
@@ -112,16 +115,18 @@ public Object sellCrypto(@HeaderParam("X-Api-Key") String apiKey, @QueryParam("s
     @GET
     @Path("/status")
     @Produces(MediaType.APPLICATION_JSON)
-    public Object status(@HeaderParam("X-Api-Key") String apiKey, @QueryParam("transaction_id") String transactionId) {
+    public Object status(@HeaderParam("X-Api-Key") String apiKey,
+                         @QueryParam("transaction_id") String transactionId,
+                         @Context HttpServletRequest request) {
 
         try {
-            checkSecurity(apiKey);
+            checkSecurity(apiKey, request);
             if (transactionId == null) {
                 return Response.status(HttpServletResponse.SC_BAD_REQUEST).entity("{ \"error\": \"Missing parameter transaction_id\" }").build();
             }
             return SellExtension.getExtensionContext().findTransactionByTransactionId(transactionId).getStatus();
         } catch (AuthenticationException e) {
-            return responseInvalidApiKey();
+            return responseInvalidApiKey(e);
         } catch (Throwable e) {
             log.error("Error - status", e);
         }
@@ -137,13 +142,13 @@ public Object status(@HeaderParam("X-Api-Key") String apiKey, @QueryParam("trans
     @GET
     @Path("/terminals")
     @Produces(MediaType.APPLICATION_JSON)
-    public Object terminals(@HeaderParam("X-Api-Key") String apiKey) {
+    public Object terminals(@HeaderParam("X-Api-Key") String apiKey, @Context HttpServletRequest request) {
 
         try {
-            IApiAccess iApiAccess = checkSecurity(apiKey);
+            IApiAccess iApiAccess = checkSecurity(apiKey, request);
             return getTerminalsByApiKey(iApiAccess);
         } catch (AuthenticationException e) {
-            return responseInvalidApiKey();
+            return responseInvalidApiKey(e);
         } catch (Throwable e) {
             log.error("Error - terminals", e);
         }
@@ -184,23 +189,31 @@ private boolean isOnline(ITerminal terminal) {
      * @param apiKey - key generated in CAS / Third Party / Operators sample website (OSW)
      * @return IApiAccess - Authenticated API key
      */
-    private IApiAccess checkSecurity(String apiKey) throws AuthenticationException {
+    private IApiAccess checkSecurity(String apiKey, HttpServletRequest request) throws AuthenticationException {
         IApiAccess iApiAccess = SellExtension.getExtensionContext().getAPIAccessByKey(apiKey, ApiAccessType.OSW);
         if (iApiAccess == null) {
-            throw new AuthenticationException("Authentication failed");
+            throw new AuthenticationException("Invalid X-Api-Key");
+        }
+        log.info("IP whitelist check, from apiAccess={}, from request={}", iApiAccess.getIpWhitelist(), request.getRemoteAddr());
+        if (isIpWhitelistSet(iApiAccess) && !iApiAccess.getIpWhitelist().equals(request.getRemoteAddr())) {
+            throw new AuthenticationException("Access from not allowed IP address");
         }
         return iApiAccess;
     }
 
+    private boolean isIpWhitelistSet(IApiAccess iApiAccess) {
+        return iApiAccess.getIpWhitelist() != null && !iApiAccess.getIpWhitelist().isEmpty();
+    }
+
     private Response responseInvalidParameter(List<String> params) {
         Map<String, List<String>> map = new HashMap<>();
         map.put("missingParameter", params);
         return Response.status(HttpServletResponse.SC_BAD_REQUEST).entity(createJsonString(map)).build();
     }
 
-    private Response responseInvalidApiKey() {
+    private Response responseInvalidApiKey(AuthenticationException e) {
         Map<String, String> map = new HashMap<>();
-        map.put("error", "Invalid X-Api-Key");
+        map.put("error", e.getMessage());
         return Response.status(HttpServletResponse.SC_UNAUTHORIZED).entity(createJsonString(map)).build();
     }
 

diff --git a/...tensions_api/src/main/java/com/generalbytes/batm/server/extensions/AbstractExtension.java b/...tensions_api/src/main/java/com/generalbytes/batm/server/extensions/AbstractExtension.java
@@ -23,6 +23,7 @@
 import com.generalbytes.batm.server.extensions.aml.verification.IIdentityVerificationProvider;
 import com.generalbytes.batm.server.extensions.communication.ICommunicationProvider;
 import com.generalbytes.batm.server.extensions.communication.IPhoneLookupProvider;
+import com.generalbytes.batm.server.extensions.communication.voicecall.IVoiceCallProvider;
 import com.generalbytes.batm.server.extensions.watchlist.IWatchList;
 
 import java.util.Set;
@@ -127,6 +128,9 @@ public Set<ICommunicationProvider> getCommunicationProviders() {
         return null;
     }
 
+    @Override
+    public Set<IVoiceCallProvider> getVoiceCallProviders() { return null; }
+
     @Override
     public Set<ISsnValidator> getSsnValidators() {
         return null;