bridge-server
bridge-server copied to clipboard
[Compliance] If `needs_auth` is true, `sanctions` callback should be used before completing `/send`
It’s possible I’m misunderstanding the flow here, but when posting to the compliance server’s internal /send
endpoint, it seems like the sanctions
callback should be called with the info obtained from the foreign compliance server before returning a 200 OK response. Step 6 in the compliance protocol doc would seem to indicate the same.
As it stands, setting needs_auth
merely tells the other compliance server to send back info on the receiver (which it does), but then does nothing with that info other than pass it back in the result to /send
. If the entity that called /send
was the bridge server, we also know the bridge server does nothing with this info.
Is there any improvements concerning this issue ?