Search in sources :

Example 1 with ManualRegistrationApplication

use of com.forgerock.openbanking.common.model.onboarding.ManualRegistrationApplication in project openbanking-aspsp by OpenBankingToolkit.

the class ManualRegistrationApiController method ensurePrincipalOwnsTppRegistrations.

private void ensurePrincipalOwnsTppRegistrations(Collection<ManualRegistrationApplication> applications, Principal principal) throws OAuth2InvalidClientException {
    log.debug("ensurePrincipalOwnsTppRegistrations() checking that '{}' applications are owned by '{}'", applications.size(), principal.getName());
    for (ManualRegistrationApplication application : applications) {
        OIDCRegistrationResponse regResponse = application.getOidcRegistrationResponse();
        if (regResponse == null) {
            String errorString = "Failed to determine if MATLS client cert belongs to the TPP that owns the " + "application with id ";
            log.info("principalOwnsTppRegistration() {}'{}'", errorString, application.getId());
            throw new OAuth2InvalidClientException(errorString + application.getId() + "'");
        }
        String oauth2ClientId = regResponse.getClientId();
        Tpp tpp = tppRegistrationService.getTpp(oauth2ClientId);
        tppRegistrationService.ensureTppOwnsOidcRegistration(tpp, principal.getName());
    }
    log.debug("ensurePrincipalOwnsTppRegistrations() all application's OAuth2 clients owned by '{}'", principal.getName());
}
Also used : Tpp(com.forgerock.openbanking.model.Tpp) OIDCRegistrationResponse(com.forgerock.openbanking.model.oidc.OIDCRegistrationResponse) OAuth2InvalidClientException(com.forgerock.openbanking.common.error.exception.oauth2.OAuth2InvalidClientException) ManualRegistrationApplication(com.forgerock.openbanking.common.model.onboarding.ManualRegistrationApplication)

Example 2 with ManualRegistrationApplication

use of com.forgerock.openbanking.common.model.onboarding.ManualRegistrationApplication in project openbanking-aspsp by OpenBankingToolkit.

the class ManualRegistrationApplicationService method getAllApplications.

public Collection<ManualRegistrationApplication> getAllApplications(String userId) {
    ParameterizedTypeReference<Resources<ManualRegistrationApplication>> ptr = new ParameterizedTypeReference<Resources<ManualRegistrationApplication>>() {
    };
    UriComponentsBuilder builder = UriComponentsBuilder.fromHttpUrl(rsStoreRoot + "/manualRegistrationApplications/search/findByUserId");
    builder.queryParam("userId", userId);
    URI uri = builder.build().encode().toUri();
    return restTemplate.exchange(uri, HttpMethod.GET, null, ptr).getBody().getContent();
}
Also used : ParameterizedTypeReference(org.springframework.core.ParameterizedTypeReference) UriComponentsBuilder(org.springframework.web.util.UriComponentsBuilder) Resources(org.springframework.hateoas.Resources) URI(java.net.URI) ManualRegistrationApplication(com.forgerock.openbanking.common.model.onboarding.ManualRegistrationApplication)

Example 3 with ManualRegistrationApplication

use of com.forgerock.openbanking.common.model.onboarding.ManualRegistrationApplication in project openbanking-aspsp by OpenBankingToolkit.

the class ManualRegistrationApiController method registerApplication.

@Override
public ResponseEntity<ManualRegistrationApplication> registerApplication(@ApiParam(value = "Registration request", required = true) @Valid @RequestBody ManualRegistrationRequest manualRegistrationRequest, @CookieValue(value = "obri-session", required = true) String obriSession, Principal principal) throws OAuth2InvalidClientException {
    log.debug("registerApplication called. manualRegistrationRequest is '{}'", manualRegistrationRequest);
    ApiClientIdentity apiClientIdentity = null;
    try {
        String userNameOfSessionHolder = this.getUserNameFromSession(obriSession);
        apiClientIdentity = identityFactory.getApiClientIdentity(principal);
        log.debug("ApiClientIdentity is '{}'", apiClientIdentity);
        // Prepare the request
        String registrationRequestDefaultJsonClaims = getRegistrationRequestDefaultJsonClaims();
        RegistrationRequest registrationRequest = registrationRequestFactory.getRegistrationRequestFromManualRegistrationJson(registrationRequestDefaultJsonClaims, manualRegistrationRequest, objectMapper);
        registrationRequest.overwriteRegistrationRequestFieldsFromSSAClaims(apiClientIdentity);
        log.debug("The OIDC registration request we are going to send to AM {}", registrationRequest);
        // Register the TPP
        String tppIdentifier = registrationRequest.getSoftwareIdFromSSA();
        Tpp tpp = tppRegistrationService.registerTpp(apiClientIdentity, registrationRequest);
        log.debug("Successfully performed manual onboarding! the tpp resulting: {}", tpp);
        ManualRegistrationApplication manualRegistrationApplication = ManualRegistrationApplication.builder().userId(userNameOfSessionHolder).manualRegistrationRequest(manualRegistrationRequest).description(manualRegistrationRequest.getApplicationDescription()).softwareClientId(tpp.getClientId()).oidcRegistrationResponse(tpp.getRegistrationResponse()).build();
        return ResponseEntity.status(HttpStatus.CREATED).body(manualRegistrationApplicationService.createApplication(manualRegistrationApplication));
    } catch (ApiClientException e) {
        log.info("registerApplication() caught ApiClientException; ", e);
        throw new OAuth2InvalidClientException(e.getMessage());
    } catch (DynamicClientRegistrationException e) {
        log.info("registerApplication() caught DynamicClientRegistrationException; ", e);
        throw new OAuth2InvalidClientException(e.getMessage());
    }
}
Also used : Tpp(com.forgerock.openbanking.model.Tpp) ApiClientException(com.forgerock.openbanking.common.services.onboarding.apiclient.ApiClientException) DynamicClientRegistrationException(com.forgerock.openbanking.common.error.exception.dynamicclientregistration.DynamicClientRegistrationException) OAuth2InvalidClientException(com.forgerock.openbanking.common.error.exception.oauth2.OAuth2InvalidClientException) ApiClientIdentity(com.forgerock.openbanking.common.services.onboarding.apiclient.ApiClientIdentity) ManualRegistrationRequest(com.forgerock.openbanking.common.model.onboarding.ManualRegistrationRequest) RegistrationRequest(com.forgerock.openbanking.common.services.onboarding.registrationrequest.RegistrationRequest) ManualRegistrationApplication(com.forgerock.openbanking.common.model.onboarding.ManualRegistrationApplication)

Example 4 with ManualRegistrationApplication

use of com.forgerock.openbanking.common.model.onboarding.ManualRegistrationApplication in project openbanking-aspsp by OpenBankingToolkit.

the class ManualRegistrationApiController method getApplication.

@Override
public ResponseEntity<ManualRegistrationApplication> getApplication(@ApiParam(value = "Unregister application", required = true) @Valid @PathVariable(value = "applicationId") String applicationId, @CookieValue(value = "obri-session", required = true) String obriSession, Principal principal) throws OBErrorResponseException, OAuth2InvalidClientException {
    log.info("getApplication() called for applicationId '{}' by tpp '{}'", applicationId, principal.getName());
    String userNameOfSessionHolder = this.getUserNameFromSession(obriSession);
    log.debug("getApplication() username of session owner is '{}'", userNameOfSessionHolder);
    ManualRegistrationApplication application = getManualApplicationIfOwnedBySessionOwner(applicationId, userNameOfSessionHolder);
    ensurePrincipalOwnsTppRegistrations(List.of(application), principal);
    log.debug("getApplication() returning application id '{}'", application.getId());
    return ResponseEntity.ok(application);
}
Also used : ManualRegistrationApplication(com.forgerock.openbanking.common.model.onboarding.ManualRegistrationApplication)

Example 5 with ManualRegistrationApplication

use of com.forgerock.openbanking.common.model.onboarding.ManualRegistrationApplication in project openbanking-aspsp by OpenBankingToolkit.

the class ManualRegistrationApiController method unregisterApplication.

@Override
public ResponseEntity<ManualRegistrationApplication> unregisterApplication(@ApiParam(value = "Unregister application", required = true) @Valid @PathVariable(value = "applicationId") String applicationId, @CookieValue(value = "obri-session", required = true) String obriSession, Principal principal) throws OBErrorResponseException, OAuth2InvalidClientException, OAuth2BearerTokenUsageMissingAuthInfoException, OAuth2BearerTokenUsageInvalidTokenException {
    String methodName = "unregisterApplication()";
    log.info("{} called for ClientId '{}', tpp is '{}'", methodName, applicationId, principal.getName());
    String userNameOfSessionHolder = this.getUserNameFromSession(obriSession);
    ManualRegistrationApplication manualRegistrationApplication = getManualApplicationIfOwnedBySessionOwner(applicationId, userNameOfSessionHolder);
    String oauth2ClientId = manualRegistrationApplication.getOidcRegistrationResponse().getClientId();
    Tpp tpp = tppRegistrationService.getTpp(oauth2ClientId);
    tppRegistrationService.ensureTppOwnsOidcRegistration(tpp, principal.getName());
    if (!sessionHolderOwnsManualRegistration(userNameOfSessionHolder, manualRegistrationApplication)) {
        log.info("unregisterApplication() logged in user does not own this manual registration application");
        throw new OAuth2InvalidClientException("Logged in user does not own this manual registration application");
    }
    tppRegistrationService.deleteOAuth2RegistrationAndTppRecord(tpp);
    log.info("{} Unregistered ClientId '{}'", methodName, applicationId);
    manualRegistrationApplicationService.deleteApplication(manualRegistrationApplication);
    return ResponseEntity.ok(manualRegistrationApplication);
}
Also used : Tpp(com.forgerock.openbanking.model.Tpp) OAuth2InvalidClientException(com.forgerock.openbanking.common.error.exception.oauth2.OAuth2InvalidClientException) ManualRegistrationApplication(com.forgerock.openbanking.common.model.onboarding.ManualRegistrationApplication)

Aggregations

ManualRegistrationApplication (com.forgerock.openbanking.common.model.onboarding.ManualRegistrationApplication)8 OAuth2InvalidClientException (com.forgerock.openbanking.common.error.exception.oauth2.OAuth2InvalidClientException)3 Tpp (com.forgerock.openbanking.model.Tpp)3 URI (java.net.URI)3 UriComponentsBuilder (org.springframework.web.util.UriComponentsBuilder)3 HttpClientErrorException (org.springframework.web.client.HttpClientErrorException)2 DynamicClientRegistrationException (com.forgerock.openbanking.common.error.exception.dynamicclientregistration.DynamicClientRegistrationException)1 ManualRegistrationRequest (com.forgerock.openbanking.common.model.onboarding.ManualRegistrationRequest)1 ApiClientException (com.forgerock.openbanking.common.services.onboarding.apiclient.ApiClientException)1 ApiClientIdentity (com.forgerock.openbanking.common.services.onboarding.apiclient.ApiClientIdentity)1 RegistrationRequest (com.forgerock.openbanking.common.services.onboarding.registrationrequest.RegistrationRequest)1 OBErrorResponseException (com.forgerock.openbanking.exceptions.OBErrorResponseException)1 OIDCRegistrationResponse (com.forgerock.openbanking.model.oidc.OIDCRegistrationResponse)1 ParameterizedTypeReference (org.springframework.core.ParameterizedTypeReference)1 Resources (org.springframework.hateoas.Resources)1