Example 16 with OAuth2InvalidClientException
use of com.forgerock.openbanking.common.error.exception.oauth2.OAuth2InvalidClientException in project openbanking-aspsp by OpenBankingToolkit.
the class DataApiController method generateData.
@Override
public ResponseEntity generateData(@ApiParam(value = "PSU User session") @CookieValue(value = "obri-session", required = true) String obriSession, @ApiParam(value = "The access token") @RequestHeader(name = HttpHeaders.AUTHORIZATION, required = true) String authorization, @ApiParam(value = "Data profile", required = false) @RequestParam(name = "profile", required = false) String profile, Principal principal) throws OBErrorException, OAuth2InvalidClientException, OAuth2BearerTokenUsageInvalidTokenException {
try {
log.debug("generateData() called");
String tppName = psd2WithSessionApiHelperService.getTppName(principal);
String psuName = psd2WithSessionApiHelperService.getPsuNameFromSession(obriSession);
verifyAccessTokenAndVerifyTppIdentity(authorization, tppName);
log.info("generateUserData() called with session for psu '{}' by tpp '{}'", psuName, tppName);
final String defaultProfile = profile != null ? profile : dataConfig.getDefaultProfile();
Optional<DataConfigurationProperties.DataTemplateProfile> any = dataConfig.getProfiles().stream().filter(t -> t.getId().equals(defaultProfile)).findAny();
if (!any.isPresent()) {
throw new OBErrorException(OBRIErrorType.DATA_INVALID_REQUEST, "Profile '" + profile + "' doesn't exist.");
}
if (!userDataService.deleteUserData(psuName)) {
psuCounterEntryKPIService.pushPsuCounterEntry(PsuCounterEntry.builder().count(1l).day(DateTime.now()).build());
}
return ResponseEntity.status(HttpStatus.CREATED).body(userDataService.generateUserData(psuName, defaultProfile));
} catch (HttpClientErrorException e) {
if (e.getStatusCode() == HttpStatus.BAD_REQUEST) {
log.debug("TPP bad request: {}", e.getResponseBodyAsString(), e);
throw new OBErrorException(OBRIErrorType.DATA_INVALID_REQUEST, e.getResponseBodyAsString());
} else {
log.error("Internal server: {}", e.getResponseBodyAsString(), e);
throw new OBErrorException(OBRIErrorType.SERVER_ERROR);
}
}
}
Also used :
OpenBankingConstants(com.forgerock.openbanking.constants.OpenBankingConstants)
OAuth2BearerTokenUsageInvalidTokenException(com.forgerock.openbanking.common.error.exception.oauth2.OAuth2BearerTokenUsageInvalidTokenException)
RequestParam(org.springframework.web.bind.annotation.RequestParam)
ApiParam(io.swagger.annotations.ApiParam)
Autowired(org.springframework.beans.factory.annotation.Autowired)
Controller(org.springframework.stereotype.Controller)
CookieValue(org.springframework.web.bind.annotation.CookieValue)
RequestBody(org.springframework.web.bind.annotation.RequestBody)
PsuCounterEntry(com.forgerock.openbanking.analytics.model.entries.PsuCounterEntry)
Psd2WithSessionApiHelperService(com.forgerock.openbanking.common.services.security.Psd2WithSessionApiHelperService)
DataConfigurationProperties(com.forgerock.openbanking.common.conf.data.DataConfigurationProperties)
AccessTokenService(com.forgerock.openbanking.common.services.token.AccessTokenService)
OIDCConstants(com.forgerock.openbanking.constants.OIDCConstants)
HttpHeaders(org.springframework.http.HttpHeaders)
DateTime(org.joda.time.DateTime)
FRUserData(com.forgerock.openbanking.common.model.data.FRUserData)
OBRIErrorType(com.forgerock.openbanking.model.error.OBRIErrorType)
UserDataService(com.forgerock.openbanking.common.services.store.data.UserDataService)
SignedJWT(com.nimbusds.jwt.SignedJWT)
PsuCounterEntryKPIService(com.forgerock.openbanking.analytics.services.PsuCounterEntryKPIService)
OAuth2InvalidClientException(com.forgerock.openbanking.common.error.exception.oauth2.OAuth2InvalidClientException)
OBErrorException(com.forgerock.openbanking.exceptions.OBErrorException)
HttpStatus(org.springframework.http.HttpStatus)
HttpClientErrorException(org.springframework.web.client.HttpClientErrorException)
Slf4j(lombok.extern.slf4j.Slf4j)
List(java.util.List)
Principal(java.security.Principal)
CryptoApiClient(com.forgerock.openbanking.jwt.services.CryptoApiClient)
Optional(java.util.Optional)
ResponseEntity(org.springframework.http.ResponseEntity)
RequestHeader(org.springframework.web.bind.annotation.RequestHeader)
HttpClientErrorException(org.springframework.web.client.HttpClientErrorException)
OBErrorException(com.forgerock.openbanking.exceptions.OBErrorException)
Example 17 with OAuth2InvalidClientException
use of com.forgerock.openbanking.common.error.exception.oauth2.OAuth2InvalidClientException in project openbanking-aspsp by OpenBankingToolkit.
the class DataApiHelperService method getTppName.
/**
* getTppName
* @param principal - A principal representing the TPP that made a request to the service
* @return A <code>String</code> containing the tppName
*/
public String getTppName(Principal principal) throws OAuth2InvalidClientException {
String tppName = null;
Authentication authentication = (Authentication) principal;
if (authentication != null) {
Object authPrincipal = authentication.getPrincipal();
if (authPrincipal != null) {
UserDetails requestApiClient = (UserDetails) authentication.getPrincipal();
if (requestApiClient != null) {
tppName = requestApiClient.getUsername();
log.debug("getTppName() tppName is '{}'", tppName);
return tppName;
} else {
log.info("getTppName() Unable to obtain UserDetails from Principal '{}'", principal.getName());
}
} else {
log.info("getTppName() Unable to obtain authPrincipal from Authentication '{}'", authentication);
}
} else {
log.info("getTppName() Principal is not of type Authentication; '{}'", principal);
}
throw new OAuth2InvalidClientException("Could not obtain tppId from principal " + principal.toString());
}
Also used :
UserDetails(org.springframework.security.core.userdetails.UserDetails)
Authentication(org.springframework.security.core.Authentication)
OAuth2InvalidClientException(com.forgerock.openbanking.common.error.exception.oauth2.OAuth2InvalidClientException)
Example 18 with OAuth2InvalidClientException
use of com.forgerock.openbanking.common.error.exception.oauth2.OAuth2InvalidClientException in project openbanking-aspsp by OpenBankingToolkit.
the class TppRegistrationServiceTest method getTpp_throwsTppNotFound.
@Test
public void getTpp_throwsTppNotFound() throws OAuth2InvalidClientException {
// Given
String clientId = "clientId";
when(tppStoreService.findByClientId(clientId)).thenReturn(Optional.empty());
// When
Exception e = catchThrowableOfType(() -> tppRegistrationService.getTpp(clientId), Exception.class);
// Then
assertThat(e).isNotNull();
assertThat(e).isInstanceOf(OAuth2InvalidClientException.class);
}
Also used :
DynamicClientRegistrationException(com.forgerock.openbanking.common.error.exception.dynamicclientregistration.DynamicClientRegistrationException)
OAuth2InvalidClientException(com.forgerock.openbanking.common.error.exception.oauth2.OAuth2InvalidClientException)
OBErrorException(com.forgerock.openbanking.exceptions.OBErrorException)
OIDCException(com.forgerock.openbanking.exceptions.OIDCException)
Test(org.junit.Test)
Example 19 with OAuth2InvalidClientException
use of com.forgerock.openbanking.common.error.exception.oauth2.OAuth2InvalidClientException in project openbanking-aspsp by OpenBankingToolkit.
the class TppRegistrationServiceTest method getTpp_throwsClientIdIsNull.
@Test
public void getTpp_throwsClientIdIsNull() throws OAuth2InvalidClientException {
// Given
String clientId = null;
when(tppStoreService.findByClientId(clientId)).thenReturn(Optional.empty());
// When
Exception e = catchThrowableOfType(() -> tppRegistrationService.getTpp(clientId), Exception.class);
// Then
assertThat(e).isNotNull();
assertThat(e).isInstanceOf(OAuth2InvalidClientException.class);
}
Also used :
DynamicClientRegistrationException(com.forgerock.openbanking.common.error.exception.dynamicclientregistration.DynamicClientRegistrationException)
OAuth2InvalidClientException(com.forgerock.openbanking.common.error.exception.oauth2.OAuth2InvalidClientException)
OBErrorException(com.forgerock.openbanking.exceptions.OBErrorException)
OIDCException(com.forgerock.openbanking.exceptions.OIDCException)
Test(org.junit.Test)
Aggregations
OAuth2InvalidClientException (com.forgerock.openbanking.common.error.exception.oauth2.OAuth2InvalidClientException)19
Tpp (com.forgerock.openbanking.model.Tpp)9
Test (org.junit.Test)5
DynamicClientRegistrationException (com.forgerock.openbanking.common.error.exception.dynamicclientregistration.DynamicClientRegistrationException)4
ApiClientException (com.forgerock.openbanking.common.services.onboarding.apiclient.ApiClientException)4
ApiClientIdentity (com.forgerock.openbanking.common.services.onboarding.apiclient.ApiClientIdentity)4
OBErrorException (com.forgerock.openbanking.exceptions.OBErrorException)4
ManualRegistrationApplication (com.forgerock.openbanking.common.model.onboarding.ManualRegistrationApplication)3
RegistrationRequest (com.forgerock.openbanking.common.services.onboarding.registrationrequest.RegistrationRequest)3
OIDCException (com.forgerock.openbanking.exceptions.OIDCException)3
OIDCRegistrationResponse (com.forgerock.openbanking.model.oidc.OIDCRegistrationResponse)3
X509Certificate (java.security.cert.X509Certificate)3
ArrayList (java.util.ArrayList)2
NotNull (javax.validation.constraints.NotNull)2
Authentication (org.springframework.security.core.Authentication)2
GrantedAuthority (org.springframework.security.core.GrantedAuthority)2
UserDetails (org.springframework.security.core.userdetails.UserDetails)2
Psd2CertInfo (com.forgerock.cert.Psd2CertInfo)1
PsuCounterEntry (com.forgerock.openbanking.analytics.model.entries.PsuCounterEntry)1
PsuCounterEntryKPIService (com.forgerock.openbanking.analytics.services.PsuCounterEntryKPIService)1
