Skip to content
  1. Feb 12, 2020
  2. Feb 11, 2020
  3. Feb 10, 2020
    • hydrargyrum's avatar
    • hydrargyrum's avatar
      ReplApplication: set request_information if app is interactive · 0cdf724e
      hydrargyrum authored
      Specification
      =============
      In a PSD2 law context, in order to avoid triggering 2FA SMS or app
      validation unexpectedly in a non-interactive sync, a mechanism was
      introduced.
      
      Modules will now receive a "request_information" key which can have a
      few values:
      - None if the module was started non-interactively, for example by a
      cronjob
      - {} (empty dict) if the module was started interactively, be in a
      user-shell, a graphical app or through an API daemon
      - a non-empty dict if the module was started interactively, within a
      PSD2 AIS context, to pass special HTTP headers authenticating the AIS,
      as required by the law
      
      A module can ignore this param if not needed.
      
      If it was started interactively, a module can safely raise
      BrowserQuestion/AppValidation and other exceptions like this, requiring
      user interaction to unblock weboob operation.
      
      If it was not started interactively, a module should refrain from
      visiting pages triggering 2FA challenges, as the user will not be able
      to respond them. In such a case, a module can raise
      NeedInteractiveFor2FA to stop operation before a 2FA challenge would be
      sent. An app can then leave a notification to the user telling them to
      operate interactively, as a challenge will pop.
      
      Technical
      =========
      This might not be the best place to add this header though.
      load_backends cannot be used because we don't know about interactiveness
      yet.
      _do_and_retry is not so bad because this is where 2FA challenges are
      handled anyway.
      0cdf724e
  4. Feb 09, 2020
  5. Jan 30, 2020
  6. Jan 25, 2020
  7. Jan 08, 2020