From 9207ca09dcb8c2d023c492db98a40850c18b7465 Mon Sep 17 00:00:00 2001
From: Cronus <105345303+ice-cronus@users.noreply.github.com>
Date: Fri, 7 Jun 2024 22:23:46 +0700
Subject: [PATCH] face deletion implemented in eskimo (#138)

---
 application.yaml                         |  1 +
 cmd/eskimo-hut/users.go                  |  3 +++
 go.mod                                   |  6 +++---
 go.sum                                   | 12 ++++++------
 kyc/face/contract.go                     |  2 +-
 kyc/face/face.go                         |  4 ++--
 kyc/face/internal/contract.go            |  2 +-
 kyc/face/internal/threedivi/contract.go  |  1 +
 kyc/face/internal/threedivi/threedivi.go | 13 +++++++++----
 users/contract.go                        |  2 +-
 users/kyc.go                             |  2 +-
 11 files changed, 29 insertions(+), 19 deletions(-)

diff --git a/application.yaml b/application.yaml
index e66ae015..f09b8b39 100644
--- a/application.yaml
+++ b/application.yaml
@@ -65,6 +65,7 @@ kyc/face:
     bafToken: bogus
     bafHost: http://bogus.com/
     availabilityUrl:
+    secretApiToken: bogus-secret
     concurrentUsers: 1
 kyc/quiz:
   environment: local
diff --git a/cmd/eskimo-hut/users.go b/cmd/eskimo-hut/users.go
index 09d2df5d..f08d90f8 100644
--- a/cmd/eskimo-hut/users.go
+++ b/cmd/eskimo-hut/users.go
@@ -393,6 +393,9 @@ func (s *service) DeleteUser( //nolint:gocritic // False negative.
 	if err := server.Auth(ctx).DeleteUser(ctx, req.Data.UserID); err != nil && !errors.Is(err, auth.ErrUserNotFound) {
 		return nil, server.Unexpected(errors.Wrapf(err, "failed to delete auth user:%#v", req.Data.UserID))
 	}
+	if err := s.faceKycClient.Reset(ctx, req.Data.UserID, false); err != nil {
+		return nil, server.Unexpected(errors.Wrapf(err, "failed to delete users face:%#v", req.Data.UserID))
+	}
 
 	return server.OK[any](), nil
 }
diff --git a/go.mod b/go.mod
index 52c8631d..71f1d836 100644
--- a/go.mod
+++ b/go.mod
@@ -10,7 +10,7 @@ require (
 	github.com/google/uuid v1.6.0
 	github.com/hashicorp/go-multierror v1.1.1
 	github.com/ice-blockchain/go-tarantool-client v0.0.0-20230327200757-4fc71fa3f7bb
-	github.com/ice-blockchain/wintr v1.137.0
+	github.com/ice-blockchain/wintr v1.138.0
 	github.com/imroc/req/v3 v3.43.7
 	github.com/ip2location/ip2location-go/v9 v9.7.0
 	github.com/jackc/pgx/v5 v5.6.0
@@ -91,7 +91,7 @@ require (
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/hcl v1.0.0 // indirect
 	github.com/jackc/pgpassfile v1.0.0 // indirect
-	github.com/jackc/pgservicefile v0.0.0-20231201235250-de7065d80cb9 // indirect
+	github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 // indirect
 	github.com/jackc/puddle/v2 v2.2.1 // indirect
 	github.com/joho/godotenv v1.5.1 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
@@ -121,7 +121,7 @@ require (
 	github.com/prometheus/client_model v0.6.1 // indirect
 	github.com/prometheus/procfs v0.15.1 // indirect
 	github.com/quic-go/qpack v0.4.0 // indirect
-	github.com/quic-go/quic-go v0.44.0 // indirect
+	github.com/quic-go/quic-go v0.45.0 // indirect
 	github.com/refraction-networking/utls v1.6.6 // indirect
 	github.com/rs/zerolog v1.33.0 // indirect
 	github.com/sagikazarmark/locafero v0.6.0 // indirect
diff --git a/go.sum b/go.sum
index 3e5551ea..2ef32dae 100644
--- a/go.sum
+++ b/go.sum
@@ -218,16 +218,16 @@ github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4=
 github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ=
 github.com/ice-blockchain/go-tarantool-client v0.0.0-20230327200757-4fc71fa3f7bb h1:8TnFP3mc7O+tc44kv2e0/TpZKnEVUaKH+UstwfBwRkk=
 github.com/ice-blockchain/go-tarantool-client v0.0.0-20230327200757-4fc71fa3f7bb/go.mod h1:ZsQU7i3mxhgBBu43Oev7WPFbIjP4TniN/b1UPNGbrq8=
-github.com/ice-blockchain/wintr v1.137.0 h1:/AM6wcOW0Y20rWfCO0oLoEiLOqqNHlwawCszNFy6BTs=
-github.com/ice-blockchain/wintr v1.137.0/go.mod h1:kUsre9Uz1PgqDjug+Rj3fDaFDiKQyz8ul9yCPraeEIA=
+github.com/ice-blockchain/wintr v1.138.0 h1:vzNUBL9zHxpdWZ7ywlNCAdHjSKwCLKuW0e/6X3BrjcE=
+github.com/ice-blockchain/wintr v1.138.0/go.mod h1:zUkkpYZ9P3F2F4ripoy1LsbYJPCvwGTMVBxNCtIEV0o=
 github.com/imroc/req/v3 v3.43.7 h1:dOcNb9n0X83N5/5/AOkiU+cLhzx8QFXjv5MhikazzQA=
 github.com/imroc/req/v3 v3.43.7/go.mod h1:SQIz5iYop16MJxbo8ib+4LnostGCok8NQf8ToyQc2xA=
 github.com/ip2location/ip2location-go/v9 v9.7.0 h1:ipwl67HOWcrw+6GOChkEXcreRQR37NabqBd2ayYa4Q0=
 github.com/ip2location/ip2location-go/v9 v9.7.0/go.mod h1:MPLnsKxwQlvd2lBNcQCsLoyzJLDBFizuO67wXXdzoyI=
 github.com/jackc/pgpassfile v1.0.0 h1:/6Hmqy13Ss2zCq62VdNG8tM1wchn8zjSGOBJ6icpsIM=
 github.com/jackc/pgpassfile v1.0.0/go.mod h1:CEx0iS5ambNFdcRtxPj5JhEz+xB6uRky5eyVu/W2HEg=
-github.com/jackc/pgservicefile v0.0.0-20231201235250-de7065d80cb9 h1:L0QtFUgDarD7Fpv9jeVMgy/+Ec0mtnmYuImjTz6dtDA=
-github.com/jackc/pgservicefile v0.0.0-20231201235250-de7065d80cb9/go.mod h1:5TJZWKEWniPve33vlWYSoGYefn3gLQRzjfDlhSJ9ZKM=
+github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 h1:iCEnooe7UlwOQYpKFhBabPMi4aNAfoODPEFNiAnClxo=
+github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761/go.mod h1:5TJZWKEWniPve33vlWYSoGYefn3gLQRzjfDlhSJ9ZKM=
 github.com/jackc/pgx/v5 v5.6.0 h1:SWJzexBzPL5jb0GEsrPMLIsi/3jOo7RHlzTjcAeDrPY=
 github.com/jackc/pgx/v5 v5.6.0/go.mod h1:DNZ/vlrUnhWCoFGxHAG8U2ljioxukquj7utPDgtQdTw=
 github.com/jackc/puddle/v2 v2.2.1 h1:RhxXJtFG022u4ibrCSMSiu5aOq1i77R3OHKNJj77OAk=
@@ -326,8 +326,8 @@ github.com/prometheus/prometheus v0.52.1 h1:BrQ29YG+mzdGh8DgHPirHbeMGNqtL+INe0rq
 github.com/prometheus/prometheus v0.52.1/go.mod h1:3z74cVsmVH0iXOR5QBjB7Pa6A0KJeEAK5A6UsmAFb1g=
 github.com/quic-go/qpack v0.4.0 h1:Cr9BXA1sQS2SmDUWjSofMPNKmvF6IiIfDRmgU0w1ZCo=
 github.com/quic-go/qpack v0.4.0/go.mod h1:UZVnYIfi5GRk+zI9UMaCPsmZ2xKJP7XBUvVyT1Knj9A=
-github.com/quic-go/quic-go v0.44.0 h1:So5wOr7jyO4vzL2sd8/pD9Kesciv91zSk8BoFngItQ0=
-github.com/quic-go/quic-go v0.44.0/go.mod h1:z4cx/9Ny9UtGITIPzmPTXh1ULfOyWh4qGQlpnPcWmek=
+github.com/quic-go/quic-go v0.45.0 h1:OHmkQGM37luZITyTSu6ff03HP/2IrwDX1ZFiNEhSFUE=
+github.com/quic-go/quic-go v0.45.0/go.mod h1:1dLehS7TIR64+vxGR70GDcatWTOtMX2PUtnKsjbTurI=
 github.com/refraction-networking/utls v1.6.6 h1:igFsYBUJPYM8Rno9xUuDoM5GQrVEqY4llzEXOkL43Ig=
 github.com/refraction-networking/utls v1.6.6/go.mod h1:BC3O4vQzye5hqpmDTWUqi4P5DDhzJfkV1tdqtawQIH0=
 github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M=
diff --git a/kyc/face/contract.go b/kyc/face/contract.go
index d5dbb42c..d0420149 100644
--- a/kyc/face/contract.go
+++ b/kyc/face/contract.go
@@ -16,7 +16,7 @@ type (
 		ThreeDiVi threedivi.Config `mapstructure:",squash"` //nolint:tagliatelle // .
 	}
 	Client interface {
-		Reset(ctx context.Context, userID string) error
+		Reset(ctx context.Context, userID string, fetchState bool) error
 		CheckStatus(ctx context.Context, userID string, nextKYCStep users.KYCStep) (available bool, err error)
 	}
 )
diff --git a/kyc/face/face.go b/kyc/face/face.go
index 2cc6e18b..edb234ea 100644
--- a/kyc/face/face.go
+++ b/kyc/face/face.go
@@ -36,6 +36,6 @@ func (c *client) CheckStatus(ctx context.Context, userID string, nextKYCStep use
 	return kycFaceAvailable, nil
 }
 
-func (c *client) Reset(ctx context.Context, userID string) error {
-	return errors.Wrapf(c.client.Reset(ctx, userID), "failed to reset face auth state for userID %s", userID)
+func (c *client) Reset(ctx context.Context, userID string, fetchState bool) error {
+	return errors.Wrapf(c.client.Reset(ctx, userID, fetchState), "failed to reset face auth state for userID %s", userID)
 }
diff --git a/kyc/face/internal/contract.go b/kyc/face/internal/contract.go
index 43239d04..2f383d30 100644
--- a/kyc/face/internal/contract.go
+++ b/kyc/face/internal/contract.go
@@ -13,7 +13,7 @@ type (
 	Client interface {
 		Available(ctx context.Context) error
 		CheckAndUpdateStatus(ctx context.Context, userID string) (hasFaceKYCResult bool, err error)
-		Reset(ctx context.Context, userID string) error
+		Reset(ctx context.Context, userID string, fetchState bool) error
 	}
 	UserRepository interface {
 		ModifyUser(ctx context.Context, usr *users.User, profilePicture *multipart.FileHeader) error
diff --git a/kyc/face/internal/threedivi/contract.go b/kyc/face/internal/threedivi/contract.go
index 0661740d..2f425682 100644
--- a/kyc/face/internal/threedivi/contract.go
+++ b/kyc/face/internal/threedivi/contract.go
@@ -19,6 +19,7 @@ type (
 		ThreeDiVi struct {
 			BAFHost         string `yaml:"bafHost"`
 			BAFToken        string `yaml:"bafToken"`
+			SecretAPIToken  string `yaml:"secretApiToken"`
 			AvailabilityURL string `yaml:"availabilityUrl"`
 			ConcurrentUsers int    `yaml:"concurrentUsers"`
 		} `yaml:"threeDiVi"`
diff --git a/kyc/face/internal/threedivi/threedivi.go b/kyc/face/internal/threedivi/threedivi.go
index f73b0c27..add31d37 100644
--- a/kyc/face/internal/threedivi/threedivi.go
+++ b/kyc/face/internal/threedivi/threedivi.go
@@ -128,8 +128,8 @@ func (t *threeDivi) CheckAndUpdateStatus(ctx context.Context, userID string) (ha
 	return hasFaceKYCResult, errors.Wrapf(t.users.ModifyUser(ctx, usr, nil), "failed to update user with face kyc result")
 }
 
-//nolint:funlen // .
-func (t *threeDivi) Reset(ctx context.Context, userID string) error {
+//nolint:funlen,revive // .
+func (t *threeDivi) Reset(ctx context.Context, userID string, fetchState bool) error {
 	bafApplicant, err := t.searchIn3DiviForApplicant(ctx, userID)
 	if err != nil {
 		if errors.Is(err, errFaceAuthNotStarted) {
@@ -157,6 +157,7 @@ func (t *threeDivi) Reset(ctx context.Context, userID string) error {
 		}).
 		AddQueryParam("caller", "eskimo-hut").
 		SetHeader("Authorization", fmt.Sprintf("Bearer %v", t.cfg.ThreeDiVi.BAFToken)).
+		SetHeader("X-Secret-Api-Token", t.cfg.ThreeDiVi.SecretAPIToken).
 		Delete(fmt.Sprintf("%v/publicapi/api/v2/private/Applicants/%v", t.cfg.ThreeDiVi.BAFHost, bafApplicant.ApplicantID)); err != nil {
 		return errors.Wrapf(err, "failed to delete face auth state for userID:%v", userID)
 	} else if statusCode := resp.GetStatusCode(); statusCode != http.StatusOK && statusCode != http.StatusNoContent {
@@ -164,9 +165,13 @@ func (t *threeDivi) Reset(ctx context.Context, userID string) error {
 	} else if _, err2 := resp.ToBytes(); err2 != nil {
 		return errors.Wrapf(err2, "failed to read body of delete face auth state request for userID:%v", userID)
 	} else { //nolint:revive // .
-		_, err = t.CheckAndUpdateStatus(ctx, userID)
+		if fetchState {
+			_, err = t.CheckAndUpdateStatus(ctx, userID)
 
-		return errors.Wrapf(err, "failed to check user's face auth state after reset for userID %v", userID)
+			return errors.Wrapf(err, "failed to check user's face auth state after reset for userID %v", userID)
+		}
+
+		return nil
 	}
 }
 
diff --git a/users/contract.go b/users/contract.go
index 2b8d0f61..6ea1bf89 100644
--- a/users/contract.go
+++ b/users/contract.go
@@ -198,7 +198,7 @@ type (
 		IsEmailUsedBySomebodyElse(ctx context.Context, userID, email string) (bool, error)
 	}
 	ResetKycClient interface {
-		Reset(ctx context.Context, userID string) error
+		Reset(ctx context.Context, userID string, fetchState bool) error
 	}
 	WriteRepository interface {
 		CreateUser(ctx context.Context, usr *User, clientIP net.IP) error
diff --git a/users/kyc.go b/users/kyc.go
index 07dbf336..0ddd52c3 100644
--- a/users/kyc.go
+++ b/users/kyc.go
@@ -74,7 +74,7 @@ func (r *repository) resetKYCSteps(ctx context.Context, resetClient ResetKycClie
 func (r *repository) resetKYCStep(ctx context.Context, resetClient ResetKycClient, userID string, step KYCStep) error {
 	switch step { //nolint:exhaustive // Not needed yet.
 	case FacialRecognitionKYCStep:
-		if err := resetClient.Reset(ctx, userID); err != nil {
+		if err := resetClient.Reset(ctx, userID, true); err != nil {
 			return errors.Wrapf(err, "failed to resetFacialRecognitionKYCStep for userID:%v", userID)
 		}
 	default: