Example 1 with AccountRequestsEndpointWrapper
use of com.forgerock.openbanking.aspsp.rs.wrappper.endpoints.AccountRequestsEndpointWrapper in project openbanking-aspsp by OpenBankingToolkit.
the class AccountAccessConsentsApiController method createAccountAccessConsents.
@Override
public ResponseEntity<OBReadConsentResponse1> createAccountAccessConsents(@ApiParam(value = "Create an Account Request", required = true) @Valid @RequestBody OBReadConsent1 body, @ApiParam(value = "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB.", required = true) @RequestHeader(value = "x-fapi-financial-id", required = true) String xFapiFinancialId, @ApiParam(value = "An Authorisation Token as per https://tools.ietf.org/html/rfc6750", required = true) @RequestHeader(value = "Authorization", required = true) String authorization, @ApiParam(value = "The time when the PSU last logged in with the TPP. All dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below: Sun, 10 Sep 2017 19:43:31 UTC") @RequestHeader(value = "x-fapi-customer-last-logged-time", required = false) @DateTimeFormat(pattern = HTTP_DATE_FORMAT) DateTime xFapiCustomerLastLoggedTime, @ApiParam(value = "The PSU's IP address if the PSU is currently logged in with the TPP.") @RequestHeader(value = "x-fapi-customer-ip-address", required = false) String xFapiCustomerIpAddress, @ApiParam(value = "An RFC4122 UID used as a correlation id.") @RequestHeader(value = "x-fapi-interaction-id", required = false) String xFapiInteractionId, @ApiParam(value = "Indicates the user-agent that the PSU is using.") @RequestHeader(value = "x-customer-user-agent", required = false) String xCustomerUserAgent, HttpServletRequest request, Principal principal) throws OBErrorResponseException {
log.info("Receveid a new account access consent");
HttpHeaders additionalHttpHeaders = new HttpHeaders();
AccountRequestsEndpointWrapper accountRequestEndpoint = RSEndpointWrapperService.accountRequestEndpoint();
accountRequestEndpoint.authorization(authorization).xFapiFinancialId(xFapiFinancialId).principal(principal);
if (rsConfiguration.isCustomerInfoEnabled()) {
log.debug("createAccountAccessConsents() - CustomerInfo consent is enabled");
@NotNull @Valid @Size(min = 1) List<OBExternalPermissions1Code> permissions = body.getData().getPermissions();
accountRequestEndpoint.filters(f -> {
accountAccessConsentPermittedPermissionsFilter.filter(body.getData().getPermissions());
accountAccessConsentBasicAndDetailPermissionsFilter.filter(body.getData());
accountAccessConsentPermittedPermissionsFilter.filterByCustomerInfoPermissionRules(body.getData().getPermissions());
});
} else {
accountRequestEndpoint.filters(f -> {
accountAccessConsentPermittedPermissionsFilter.filter(body.getData().getPermissions());
accountAccessConsentBasicAndDetailPermissionsFilter.filter(body.getData());
});
}
return accountRequestEndpoint.execute((String aispId) -> {
additionalHttpHeaders.add("x-ob-aisp_id", aispId);
return rsStoreGateway.toRsStore(request, additionalHttpHeaders, Collections.emptyMap(), OBReadConsentResponse1.class, body);
});
}
Also used :
HttpHeaders(org.springframework.http.HttpHeaders)
Valid(javax.validation.Valid)
Size(javax.validation.constraints.Size)
AccountRequestsEndpointWrapper(com.forgerock.openbanking.aspsp.rs.wrappper.endpoints.AccountRequestsEndpointWrapper)
NotNull(javax.validation.constraints.NotNull)
OBExternalPermissions1Code(uk.org.openbanking.datamodel.account.OBExternalPermissions1Code)
Aggregations
AccountRequestsEndpointWrapper (com.forgerock.openbanking.aspsp.rs.wrappper.endpoints.AccountRequestsEndpointWrapper)1
Valid (javax.validation.Valid)1
NotNull (javax.validation.constraints.NotNull)1
Size (javax.validation.constraints.Size)1
HttpHeaders (org.springframework.http.HttpHeaders)1
OBExternalPermissions1Code (uk.org.openbanking.datamodel.account.OBExternalPermissions1Code)1
