use of com.forgerock.openbanking.common.model.onboarding.ManualRegistrationApplication in project openbanking-aspsp by OpenBankingToolkit.
the class ManualRegistrationApiController method ensurePrincipalOwnsTppRegistrations.
private void ensurePrincipalOwnsTppRegistrations(Collection<ManualRegistrationApplication> applications, Principal principal) throws OAuth2InvalidClientException {
log.debug("ensurePrincipalOwnsTppRegistrations() checking that '{}' applications are owned by '{}'", applications.size(), principal.getName());
for (ManualRegistrationApplication application : applications) {
OIDCRegistrationResponse regResponse = application.getOidcRegistrationResponse();
if (regResponse == null) {
String errorString = "Failed to determine if MATLS client cert belongs to the TPP that owns the " + "application with id ";
log.info("principalOwnsTppRegistration() {}'{}'", errorString, application.getId());
throw new OAuth2InvalidClientException(errorString + application.getId() + "'");
}
String oauth2ClientId = regResponse.getClientId();
Tpp tpp = tppRegistrationService.getTpp(oauth2ClientId);
tppRegistrationService.ensureTppOwnsOidcRegistration(tpp, principal.getName());
}
log.debug("ensurePrincipalOwnsTppRegistrations() all application's OAuth2 clients owned by '{}'", principal.getName());
}
use of com.forgerock.openbanking.common.model.onboarding.ManualRegistrationApplication in project openbanking-aspsp by OpenBankingToolkit.
the class ManualRegistrationApplicationService method getAllApplications.
public Collection<ManualRegistrationApplication> getAllApplications(String userId) {
ParameterizedTypeReference<Resources<ManualRegistrationApplication>> ptr = new ParameterizedTypeReference<Resources<ManualRegistrationApplication>>() {
};
UriComponentsBuilder builder = UriComponentsBuilder.fromHttpUrl(rsStoreRoot + "/manualRegistrationApplications/search/findByUserId");
builder.queryParam("userId", userId);
URI uri = builder.build().encode().toUri();
return restTemplate.exchange(uri, HttpMethod.GET, null, ptr).getBody().getContent();
}
use of com.forgerock.openbanking.common.model.onboarding.ManualRegistrationApplication in project openbanking-aspsp by OpenBankingToolkit.
the class ManualRegistrationApiController method registerApplication.
@Override
public ResponseEntity<ManualRegistrationApplication> registerApplication(@ApiParam(value = "Registration request", required = true) @Valid @RequestBody ManualRegistrationRequest manualRegistrationRequest, @CookieValue(value = "obri-session", required = true) String obriSession, Principal principal) throws OAuth2InvalidClientException {
log.debug("registerApplication called. manualRegistrationRequest is '{}'", manualRegistrationRequest);
ApiClientIdentity apiClientIdentity = null;
try {
String userNameOfSessionHolder = this.getUserNameFromSession(obriSession);
apiClientIdentity = identityFactory.getApiClientIdentity(principal);
log.debug("ApiClientIdentity is '{}'", apiClientIdentity);
// Prepare the request
String registrationRequestDefaultJsonClaims = getRegistrationRequestDefaultJsonClaims();
RegistrationRequest registrationRequest = registrationRequestFactory.getRegistrationRequestFromManualRegistrationJson(registrationRequestDefaultJsonClaims, manualRegistrationRequest, objectMapper);
registrationRequest.overwriteRegistrationRequestFieldsFromSSAClaims(apiClientIdentity);
log.debug("The OIDC registration request we are going to send to AM {}", registrationRequest);
// Register the TPP
String tppIdentifier = registrationRequest.getSoftwareIdFromSSA();
Tpp tpp = tppRegistrationService.registerTpp(apiClientIdentity, registrationRequest);
log.debug("Successfully performed manual onboarding! the tpp resulting: {}", tpp);
ManualRegistrationApplication manualRegistrationApplication = ManualRegistrationApplication.builder().userId(userNameOfSessionHolder).manualRegistrationRequest(manualRegistrationRequest).description(manualRegistrationRequest.getApplicationDescription()).softwareClientId(tpp.getClientId()).oidcRegistrationResponse(tpp.getRegistrationResponse()).build();
return ResponseEntity.status(HttpStatus.CREATED).body(manualRegistrationApplicationService.createApplication(manualRegistrationApplication));
} catch (ApiClientException e) {
log.info("registerApplication() caught ApiClientException; ", e);
throw new OAuth2InvalidClientException(e.getMessage());
} catch (DynamicClientRegistrationException e) {
log.info("registerApplication() caught DynamicClientRegistrationException; ", e);
throw new OAuth2InvalidClientException(e.getMessage());
}
}
use of com.forgerock.openbanking.common.model.onboarding.ManualRegistrationApplication in project openbanking-aspsp by OpenBankingToolkit.
the class ManualRegistrationApiController method getApplication.
@Override
public ResponseEntity<ManualRegistrationApplication> getApplication(@ApiParam(value = "Unregister application", required = true) @Valid @PathVariable(value = "applicationId") String applicationId, @CookieValue(value = "obri-session", required = true) String obriSession, Principal principal) throws OBErrorResponseException, OAuth2InvalidClientException {
log.info("getApplication() called for applicationId '{}' by tpp '{}'", applicationId, principal.getName());
String userNameOfSessionHolder = this.getUserNameFromSession(obriSession);
log.debug("getApplication() username of session owner is '{}'", userNameOfSessionHolder);
ManualRegistrationApplication application = getManualApplicationIfOwnedBySessionOwner(applicationId, userNameOfSessionHolder);
ensurePrincipalOwnsTppRegistrations(List.of(application), principal);
log.debug("getApplication() returning application id '{}'", application.getId());
return ResponseEntity.ok(application);
}
use of com.forgerock.openbanking.common.model.onboarding.ManualRegistrationApplication in project openbanking-aspsp by OpenBankingToolkit.
the class ManualRegistrationApiController method unregisterApplication.
@Override
public ResponseEntity<ManualRegistrationApplication> unregisterApplication(@ApiParam(value = "Unregister application", required = true) @Valid @PathVariable(value = "applicationId") String applicationId, @CookieValue(value = "obri-session", required = true) String obriSession, Principal principal) throws OBErrorResponseException, OAuth2InvalidClientException, OAuth2BearerTokenUsageMissingAuthInfoException, OAuth2BearerTokenUsageInvalidTokenException {
String methodName = "unregisterApplication()";
log.info("{} called for ClientId '{}', tpp is '{}'", methodName, applicationId, principal.getName());
String userNameOfSessionHolder = this.getUserNameFromSession(obriSession);
ManualRegistrationApplication manualRegistrationApplication = getManualApplicationIfOwnedBySessionOwner(applicationId, userNameOfSessionHolder);
String oauth2ClientId = manualRegistrationApplication.getOidcRegistrationResponse().getClientId();
Tpp tpp = tppRegistrationService.getTpp(oauth2ClientId);
tppRegistrationService.ensureTppOwnsOidcRegistration(tpp, principal.getName());
if (!sessionHolderOwnsManualRegistration(userNameOfSessionHolder, manualRegistrationApplication)) {
log.info("unregisterApplication() logged in user does not own this manual registration application");
throw new OAuth2InvalidClientException("Logged in user does not own this manual registration application");
}
tppRegistrationService.deleteOAuth2RegistrationAndTppRecord(tpp);
log.info("{} Unregistered ClientId '{}'", methodName, applicationId);
manualRegistrationApplicationService.deleteApplication(manualRegistrationApplication);
return ResponseEntity.ok(manualRegistrationApplication);
}
Aggregations