use of com.forgerock.openbanking.aspsp.rs.rcs.api.rcs.decisions.ConsentDecisionDelegate in project openbanking-aspsp by OpenBankingToolkit.
the class AutodecisionsApiController method autoAccept.
@Override
public ResponseEntity<RedirectionAction> autoAccept(@RequestBody String consentRequestJwt, @CookieValue(value = "${am.cookie.name}") String ssoToken) throws OBErrorException {
try {
log.debug("Parse consent request JWS");
SignedJWT signedJWT = (SignedJWT) JWTParser.parse(consentRequestJwt);
log.debug("Read payment ID from the claims");
// Read the claims
Claims claims = JwsClaimsUtils.getClaims(signedJWT);
if (!claims.getIdTokenClaims().containsKey(OpenBankingConstants.IdTokenClaim.INTENT_ID)) {
return rcsErrorService.error(OBRIErrorType.RCS_CONSENT_REQUEST_INVALID, "No intent ID");
}
String intentId = claims.getIdTokenClaims().get(OpenBankingConstants.IdTokenClaim.INTENT_ID).getValue();
String clientId = signedJWT.getJWTClaimsSet().getStringClaim(RCSConstants.Claims.CLIENT_ID);
String redirectUri = signedJWT.getJWTClaimsSet().getStringClaim(OIDCConstants.OIDCClaim.CONSENT_APPROVAL_REDIRECT_URI);
String csrf = signedJWT.getJWTClaimsSet().getStringClaim(RCSConstants.Claims.CSRF);
List<String> scopes = new ArrayList<>(signedJWT.getJWTClaimsSet().getJSONObjectClaim(RCSConstants.Claims.SCOPES).keySet());
Map<String, String> profile = userProfileService.getProfile(ssoToken, amOpenBankingConfiguration.endpointUserProfile, amOpenBankingConfiguration.cookieName);
String username = profile.get(amOpenBankingConfiguration.userProfileId);
List<FRAccount> accounts = getAccountOrGenerateData(username);
// Call the right decision delegate, cased on the intent type
ConsentDecisionDelegate consentDecisionDelegate = intentTypeService.getConsentDecision(intentId);
consentDecisionDelegate.autoaccept(accounts, username);
log.debug("Redirect the resource owner to the original oauth2/openid request but this time, with the " + "consent response jwt '{}'.", consentRequestJwt);
String consentJwt = rcsService.generateRCSConsentResponse(rcsConfiguration, amOpenBankingConfiguration, csrf, true, scopes, clientId);
ResponseEntity responseEntity = rcsService.sendRCSResponseToAM(ssoToken, RedirectionAction.builder().redirectUri(redirectUri).consentJwt(consentJwt).requestMethod(HttpMethod.POST).build());
log.debug("Response received from AM: {}", responseEntity);
if (responseEntity.getStatusCode() != HttpStatus.FOUND) {
log.error("When sending the consent response {} to AM, it failed to returned a 302", consentJwt, responseEntity);
throw new OBErrorException(OBRIErrorType.RCS_CONSENT_RESPONSE_FAILURE);
}
// TODO: Determine if the id_token needs re-writing!
String location = responseEntity.getHeaders().getFirst(HttpHeaders.LOCATION);
log.debug("The redirection to the consent page should be in the location '{}'", location);
return ResponseEntity.ok(RedirectionAction.builder().redirectUri(location).build());
} catch (JOSEException e) {
log.error("Could not generate consent context JWT", e);
throw new OBErrorException(OBRIErrorType.RCS_CONSENT_RESPONSE_FAILURE);
} catch (ParseException e) {
log.error("Could not parse the JWT", e);
throw new OBErrorException(OBRIErrorType.RCS_CONSENT_REQUEST_FORMAT);
} catch (Exception e) {
log.error("Unexpected error while authorising consent", e);
throw new OBErrorException(OBRIErrorType.RCS_CONSENT_RESPONSE_FAILURE);
}
}
Aggregations