Examples with ConsentDecisionDelegate com.forgerock.openbanking.aspsp.rs.rcs.api.rcs.decisions.ConsentDecisionDelegate used on opensource projects

Example 1 with ConsentDecisionDelegate

use of com.forgerock.openbanking.aspsp.rs.rcs.api.rcs.decisions.ConsentDecisionDelegate in project openbanking-aspsp by OpenBankingToolkit.

the class AutodecisionsApiController method autoAccept.

@Override
public ResponseEntity<RedirectionAction> autoAccept(@RequestBody String consentRequestJwt, @CookieValue(value = "${am.cookie.name}") String ssoToken) throws OBErrorException {
    try {
        log.debug("Parse consent request JWS");
        SignedJWT signedJWT = (SignedJWT) JWTParser.parse(consentRequestJwt);
        log.debug("Read payment ID from the claims");
        // Read the claims
        Claims claims = JwsClaimsUtils.getClaims(signedJWT);
        if (!claims.getIdTokenClaims().containsKey(OpenBankingConstants.IdTokenClaim.INTENT_ID)) {
            return rcsErrorService.error(OBRIErrorType.RCS_CONSENT_REQUEST_INVALID, "No intent ID");
        }
        String intentId = claims.getIdTokenClaims().get(OpenBankingConstants.IdTokenClaim.INTENT_ID).getValue();
        String clientId = signedJWT.getJWTClaimsSet().getStringClaim(RCSConstants.Claims.CLIENT_ID);
        String redirectUri = signedJWT.getJWTClaimsSet().getStringClaim(OIDCConstants.OIDCClaim.CONSENT_APPROVAL_REDIRECT_URI);
        String csrf = signedJWT.getJWTClaimsSet().getStringClaim(RCSConstants.Claims.CSRF);
        List<String> scopes = new ArrayList<>(signedJWT.getJWTClaimsSet().getJSONObjectClaim(RCSConstants.Claims.SCOPES).keySet());
        Map<String, String> profile = userProfileService.getProfile(ssoToken, amOpenBankingConfiguration.endpointUserProfile, amOpenBankingConfiguration.cookieName);
        String username = profile.get(amOpenBankingConfiguration.userProfileId);
        List<FRAccount> accounts = getAccountOrGenerateData(username);
        // Call the right decision delegate, cased on the intent type
        ConsentDecisionDelegate consentDecisionDelegate = intentTypeService.getConsentDecision(intentId);
        consentDecisionDelegate.autoaccept(accounts, username);
        log.debug("Redirect the resource owner to the original oauth2/openid request but this time, with the " + "consent response jwt '{}'.", consentRequestJwt);
        String consentJwt = rcsService.generateRCSConsentResponse(rcsConfiguration, amOpenBankingConfiguration, csrf, true, scopes, clientId);
        ResponseEntity responseEntity = rcsService.sendRCSResponseToAM(ssoToken, RedirectionAction.builder().redirectUri(redirectUri).consentJwt(consentJwt).requestMethod(HttpMethod.POST).build());
        log.debug("Response received from AM: {}", responseEntity);
        if (responseEntity.getStatusCode() != HttpStatus.FOUND) {
            log.error("When sending the consent response {} to AM, it failed to returned a 302", consentJwt, responseEntity);
            throw new OBErrorException(OBRIErrorType.RCS_CONSENT_RESPONSE_FAILURE);
        }
        // TODO: Determine if the id_token needs re-writing!
        String location = responseEntity.getHeaders().getFirst(HttpHeaders.LOCATION);
        log.debug("The redirection to the consent page should be in the location '{}'", location);
        return ResponseEntity.ok(RedirectionAction.builder().redirectUri(location).build());
    } catch (JOSEException e) {
        log.error("Could not generate consent context JWT", e);
        throw new OBErrorException(OBRIErrorType.RCS_CONSENT_RESPONSE_FAILURE);
    } catch (ParseException e) {
        log.error("Could not parse the JWT", e);
        throw new OBErrorException(OBRIErrorType.RCS_CONSENT_REQUEST_FORMAT);
    } catch (Exception e) {
        log.error("Unexpected error while authorising consent", e);
        throw new OBErrorException(OBRIErrorType.RCS_CONSENT_RESPONSE_FAILURE);
    }
}