-
Notifications
You must be signed in to change notification settings - Fork 15
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Central-Ledger Fulfil Handler does not correctly invalidate requests with an incorrect/non-existent FSP-ID in the FSPIOP-Destination header #2697
Labels
Milestone
Comments
mdebarros
added
bug
Something isn't working or it has wrong behavior on a Mojaloop Core service
oss-core
This is an issue - story or epic related to a feature on a Mojaloop core service or related to it
labels
Feb 14, 2022
mdebarros
added a commit
to mojaloop/central-ledger
that referenced
this issue
Feb 22, 2022
… scenarios (#874) PR re-based from #872 from @lewisdaly. feat(mojaloop/project/issue2556): Implement patch notification for failure scenarios (following v1.1 update) - mojaloop/project#2556 chore: updated dependencies - updated dependencies - fixed audit issues - fixed lint issues fix([#2697](mojaloop/project#2697)): Central-Ledger Fulfil Handler does not correctly invalidate requests with an incorrect/non-existent FSP-ID in the FSPIOP-Destination header - mojaloop/project#2697 - fixed/added unit tests - improved test coverage
mdebarros
added a commit
to mojaloop/ml-api-adapter
that referenced
this issue
Feb 22, 2022
… scenarios (#492) PR re-based from #489 from @lewisdaly. feat([mojaloop/project/issue](mojaloop/project#2556): Implement patch notification for failure scenarios (following v1.1 update) - mojaloop/project#2556 - fixed unit tests chore: updated dependencies - updated dependencies - fixed audit issues - fixed lint issues fix([#2697](mojaloop/project#2697)): Central-Ledger Fulfil Handler does not correctly invalidate requests with an incorrect/non-existent FSP-ID in the FSPIOP-Destination header - mojaloop/project#2697 - fixed/added unit tests - improved test coverage
mdebarros
added a commit
to mojaloop/ml-testing-toolkit
that referenced
this issue
Feb 22, 2022
…ios (#200) Added callback rules: - ttkpayeefsp PATCH Notifications Success Test-case - mojaloop/project#2676 - ttkpayeefsp PATCH Notifications Failure due to invalid fulfiment Test-case - mojaloop/project#2556 - ttkpayeefsp PUT Notifications Failure Test-case due to invalid FSPIOP-Destination Test-case - mojaloop/project#2697 - ttkpayeefsp PATCH Notifications Failure Test-case due to invalid FSPIOP-Destination Test-case - mojaloop/project#2697 ~Blocked by mojaloop/project#2696
mdebarros
added a commit
to mojaloop/helm
that referenced
this issue
Feb 25, 2022
- ml-api-adapter upgraded to v12.3.0 - central-ledger upgraded to v13.15.4 - ml-testing-toolkit backend upgraded to v14.0.4 These upgrades address the following issues: - Implement patch notification for failure scenarios (following v1.1 update) #2556 - mojaloop/project#2556 - Central-Ledger Fulfil Handler does not correctly invalidate requests with an incorrect/non-existent FSP-ID in the FSPIOP-Destination header #2697 - mojaloop/project#2697 - TTK GP Tests for patch notifications - positive scenarios #2676 - mojaloop/project#2676
mdebarros
added a commit
to mojaloop/helm
that referenced
this issue
Feb 28, 2022
- ml-api-adapter upgraded to v12.3.0 - central-ledger upgraded to v13.15.4 - ml-testing-toolkit backend upgraded to v14.0.4 These upgrades address the following issues (inc. updated changelog): - Implement patch notification for failure scenarios (following v1.1 update) #2556 - mojaloop/project#2556 - Central-Ledger Fulfil Handler does not correctly invalidate requests with an incorrect/non-existent FSP-ID in the FSPIOP-Destination header #2697 - mojaloop/project#2697 - TTK GP Tests for patch notifications - positive scenarios #2676 - mojaloop/project#2676
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Summary:
Central-Ledger Fulfil Handler does not correctly invalidate requests with an incorrect/non-existent FSP-ID in the FSPIOP-Destination header.
Here is the ML-API-Adapter Notification Handler log showing that a transfer was successfully processed through the Fulfil and Position handlers before being processed for egress notification, only to fail when looking up the callback URL for the non-existent
doesnotexistfsp
FSP:Severity:
Medium
Priority:
Medium
Expected Behavior
Central-Ledger Fulfil Handler should validate FSP IDs to ensure that they are valid AND that they are correctly associated to the transfer as the payer or the payee!
Steps to Reproduce
Specifications
Notes:
Tasks for fix:
PRs:
The text was updated successfully, but these errors were encountered: