APP_HOST=0.0.0.0# Host of the applicationAPP_PORT=8000# Port of the applicationAPP_NAME=adapter-for-trading# Name of the applicationAPP_ADDRESS=example.net# Web address of the application (for generating stream URL)LOGGER_ENABLED=true# Enable or disable loggerLOGGER_LEVEL=error# Ex: debug, info, warn, error, fatalACC_TYPES=/opt/config/accounttype_setttings.json# Path to json file with servers and account typesWALLET_PUBLIC_KEY_PATH=/opt/config/atwallet_public.pem# Path to public keyMETRICS_PORT=7777# Port for metricsMETRICS_ENABLED=true# Enable or disable metricsHEALTH_PORT=7000# Port for healthHEALTH_ENDPOINT=/healthz# Endpoint for healthHEALTH_ENABLED=true# Enable or disable healthCHECK_SERVERCODE_JWT=false# Flag that enable mandatory validation of server_code from JWT payload against server_code from query parameters of the request# Handlers, use true or false for enable/disable, default falseHEADER_CLIENT_IP=X-Client-IP# Header for checking client ipHANDLER_ACCOUNT_POST=trueHANDLER_ACCOUNT_GET=trueHANDLER_ACCOUNT_BY_ID_PATCH=trueHANDLER_ACCOUNT_BY_ID_GET=trueHANDLER_ACCOUNT_BY_ID_DELETE=trueHANDLER_TRANSACTION_GET_INFO=trueHANDLER_TRANSACTION_GET_INFO_TRANSACTION_ID=trueHANDLER_TRANSACTION_GET_POSITIONS=trueHANDLER_BALANCE_PUT=trueHANDLER_BONUS_PUT=trueHANDLER_CANDLE_GET=truePROXIED_PARAM_HEADER_SERVER_CODE=X-RWM-Server-Name
FXTR v2 is working on alpine container.
To deploy FXTR v2 you should use the folowing scripts:
This is docker-compose file that you can use for deploying of FXTR v2.
There is also README.md where you can see all commands to deploy FXTR v2.
Possible errors depending on the environment variables
If HANDLER_BALANCE_PUT=false error 404 Not Found will be displayed.
If HANDLER_BALANCE_PUT=true:
if there is no JWT or JWT is incorrect, error 401 Unauthorizedwill be displayed.
If JWT is correct but parameters in JWT are incorrect (not the same as in environment variables), error 403 Forbiddenwill be displayed.
If there are internal errors (errors in balance change), error 500 Internal Server Error will be displayed.
If while sending callback on accountType.Private.BalanceConfirmationURL response is NOT 200OK, error 400 bad request will be displayed.
If there are no internal errors , 200OK will be displayed.
Authorization
To work with FXTR v2 you should authorize in the system.
For authorization JWT (JSON Web Token) is used.
FXTR performs those validations of JWT:
correctness of the token signature by using public key (see ENV wariables for details about used buplic key)
"exiration time" checks against time of the server where FXTR is running.
Parsed JWT in our side looks like:
To check, create a JWT token without an account number (or just a set of characters), make a request by account number.
The account from the path (what is in the URL) is compared with the account in JWT field.
If you use another account, for example:
you will get a mistake 403:
If you use the same account (as in JWT - 69608), you will get a successful response:
While running the FXTR v2 you can define enviroment on what the checking and comparing the IP-address from the header and JWT-token will be done:
environment variable HEADER_CLIENT_IP for define the name of HTTP header. By default it is X-Client-IP.
If in JWT the field client_ip is defined, then HTTP Header and corresponding parameter in JWT will be compared.
For example:
While running the service you will use the default value of HEADER_CLIENT_IP:
HEADER_CLIENT_IP="X-Client-IP"
If you don't transfer X-Client-IP you will get a responce - 403.
If X-Client-IP has another value (for example 127.0.0.1 ) you will get a responce - 403.
If X-Client-IP=176.222.167.10 (as in JWT) you will get a successful responce - 200.
For REST queries that requires authorisation (all queries except /info, /about) and except /stream query, "Authorization" header (standard http header) sould be used like this:
Authorization: Bearer
For /stream query JWT shoul be passed as one of query params (see query defenition for details)
Queries /info, /about can be called without any authorisation
While running the FXTR v2 you can define enviroment on what the checking and comparing the value of server_code from the query paramaters and value from JWT payload field server_code will be mandatory and block request with http error code 403 in case of values mismatch
environment variable CHECK_SERVERCODE_JWT should be true
JWT should have field server_code in payload, for example:
server_code should be in query parameters: https://{{HOST}}/api/v2/fxtr/accounts/demo/87621?server_code=mt5_trial2
{
"payload": {
"account": "69608", //account id
"account_type": "demo" //account type
},
"exp": 1686461515, //expiration time: time after which the JWT expires
"iat": 1682061515, //issued at time: time at which the JWT was issued; can be used to determine age of the JWT
"iss": "atwallet" //issuer*: issuer of the JWT, optional parameter
}
{
"payload": {
"account": "87621", //account id
"account_type": "demo" //account type
},
"exp": 1686461515, //expiration time: time after which the JWT expires
"iat": 1682061515, //issued at time: time at which the JWT was issued; can be used to determine age of the JWT
"iss": "atwallet" //issuer*: issuer of the JWT, optional parameter
}