use of com.forgerock.openbanking.common.model.openbanking.domain.payment.FRWriteFileConsent in project openbanking-aspsp by OpenBankingToolkit.
the class FilePaymentConsentsApiController method createFilePaymentConsents.
public ResponseEntity<OBWriteFileConsentResponse4> createFilePaymentConsents(OBWriteFileConsent3 obWriteFileConsent3, String authorization, String xIdempotencyKey, String xJwsSignature, DateTime xFapiAuthDate, String xFapiCustomerIpAddress, String xFapiInteractionId, String xCustomerUserAgent, String clientId, HttpServletRequest request, Principal principal) throws OBErrorResponseException {
log.debug("Received: '{}'", obWriteFileConsent3);
FRWriteFileConsent frWriteFileConsent = toFRWriteFileConsent(obWriteFileConsent3);
log.trace("Converted to: '{}'", frWriteFileConsent);
final Tpp tpp = Optional.ofNullable(tppRepository.findByClientId(clientId)).orElseThrow(() -> new OBErrorResponseException(HttpStatus.BAD_REQUEST, OBRIErrorResponseCategory.REQUEST_INVALID, "TPP not found for client id", Collections.singletonList(OBRIErrorType.REQUEST_INVALID_HEADER.toOBError1("x-ob-client-id"))));
log.debug("Got TPP '{}' for client Id '{}'", tpp, clientId);
Optional<FRFileConsent> consentByIdempotencyKey = fileConsentRepository.findByIdempotencyKeyAndPispId(xIdempotencyKey, tpp.getId());
if (consentByIdempotencyKey.isPresent()) {
validateIdempotencyRequest(xIdempotencyKey, frWriteFileConsent, consentByIdempotencyKey.get(), () -> consentByIdempotencyKey.get().getWriteFileConsent());
log.info("Idempotent request is valid. Returning [201 CREATED] but take no further action.");
return ResponseEntity.status(HttpStatus.CREATED).body(packageResponse(consentByIdempotencyKey.get()));
}
log.debug("No consent with matching idempotency key has been found. Creating new consent.");
FRFileConsent fileConsent = FRFileConsent.builder().id(IntentType.PAYMENT_FILE_CONSENT.generateIntentId()).status(ConsentStatusCode.AWAITINGUPLOAD).writeFileConsent(frWriteFileConsent).pispId(tpp.getId()).pispName(tpp.getOfficialName()).statusUpdate(DateTime.now()).updated(new Date()).idempotencyKey(xIdempotencyKey).obVersion(VersionPathExtractor.getVersionFromPath(request)).build();
log.debug("Saving consent: '{}'", fileConsent);
consentMetricService.sendConsentActivity(new ConsentStatusEntry(fileConsent.getId(), fileConsent.getStatus().name()));
fileConsent = fileConsentRepository.save(fileConsent);
log.info("Created consent id: '{}'", fileConsent.getId());
return ResponseEntity.status(HttpStatus.CREATED).body(packageResponse(fileConsent));
}
use of com.forgerock.openbanking.common.model.openbanking.domain.payment.FRWriteFileConsent in project openbanking-aspsp by OpenBankingToolkit.
the class FilePaymentConsentsApiController method createFilePaymentConsents.
@Override
public ResponseEntity<OBWriteFileConsentResponse2> createFilePaymentConsents(@ApiParam(value = "Default", required = true) @Valid @RequestBody OBWriteFileConsent2 obWriteFileConsent2, @ApiParam(value = "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB.", required = true) @RequestHeader(value = "x-fapi-financial-id", required = true) String xFapiFinancialId, @ApiParam(value = "An Authorisation Token as per https://tools.ietf.org/html/rfc6750", required = true) @RequestHeader(value = "Authorization", required = true) String authorization, @ApiParam(value = "Every request will be processed only once per x-idempotency-key. The Idempotency Key will be valid for 24 hours.", required = true) @RequestHeader(value = "x-idempotency-key", required = true) String xIdempotencyKey, @ApiParam(value = "A detached JWS signature of the body of the payload.", required = true) @RequestHeader(value = "x-jws-signature", required = true) String xJwsSignature, @ApiParam(value = "The time when the PSU last logged in with the TPP. All dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below: Sun, 10 Sep 2017 19:43:31 UTC") @RequestHeader(value = "x-fapi-customer-last-logged-time", required = false) @DateTimeFormat(pattern = HTTP_DATE_FORMAT) DateTime xFapiCustomerLastLoggedTime, @ApiParam(value = "The PSU's IP address if the PSU is currently logged in with the TPP.") @RequestHeader(value = "x-fapi-customer-ip-address", required = false) String xFapiCustomerIpAddress, @ApiParam(value = "An RFC4122 UID used as a correlation id.") @RequestHeader(value = "x-fapi-interaction-id", required = false) String xFapiInteractionId, @ApiParam(value = "Indicates the user-agent that the PSU is using.") @RequestHeader(value = "x-customer-user-agent", required = false) String xCustomerUserAgent, @ApiParam(value = "The PISP Client ID") @RequestHeader(value = "x-ob-client-id", required = true) String clientId, HttpServletRequest request, Principal principal) throws OBErrorResponseException {
log.debug("Received: '{}'", obWriteFileConsent2);
FRWriteFileConsent frWriteFileConsent = toFRWriteFileConsent(obWriteFileConsent2);
log.trace("Converted to: '{}'", frWriteFileConsent);
final Tpp tpp = Optional.ofNullable(tppRepository.findByClientId(clientId)).orElseThrow(() -> new OBErrorResponseException(HttpStatus.BAD_REQUEST, OBRIErrorResponseCategory.REQUEST_INVALID, "TPP not found for client id", Collections.singletonList(OBRIErrorType.REQUEST_INVALID_HEADER.toOBError1("x-ob-client-id"))));
log.debug("Got TPP '{}' for client Id '{}'", tpp, clientId);
Optional<FRFileConsent> consentByIdempotencyKey = fileConsentRepository.findByIdempotencyKeyAndPispId(xIdempotencyKey, tpp.getId());
if (consentByIdempotencyKey.isPresent()) {
validateIdempotencyRequest(xIdempotencyKey, frWriteFileConsent, consentByIdempotencyKey.get(), () -> consentByIdempotencyKey.get().getWriteFileConsent());
log.info("Idempotent request is valid. Returning [201 CREATED] but take no further action.");
return ResponseEntity.status(HttpStatus.CREATED).body(packageResponse(consentByIdempotencyKey.get()));
}
log.debug("No consent with matching idempotency key has been found. Creating new consent.");
FRFileConsent fileConsent = FRFileConsent.builder().id(IntentType.PAYMENT_FILE_CONSENT.generateIntentId()).status(ConsentStatusCode.AWAITINGUPLOAD).writeFileConsent(frWriteFileConsent).pispId(tpp.getId()).pispName(tpp.getOfficialName()).statusUpdate(DateTime.now()).updated(new Date()).idempotencyKey(xIdempotencyKey).obVersion(VersionPathExtractor.getVersionFromPath(request)).build();
log.debug("Saving consent: '{}'", fileConsent);
consentMetricService.sendConsentActivity(new ConsentStatusEntry(fileConsent.getId(), fileConsent.getStatus().name()));
fileConsent = fileConsentRepository.save(fileConsent);
log.info("Created consent id: '{}'", fileConsent.getId());
return ResponseEntity.status(HttpStatus.CREATED).body(packageResponse(fileConsent));
}
use of com.forgerock.openbanking.common.model.openbanking.domain.payment.FRWriteFileConsent in project openbanking-aspsp by OpenBankingToolkit.
the class RCSFilePaymentDetailsApiTest method validFilePayment_noAccountSpecified_createConsentDetailsWithAllAccounts.
@Test
public void validFilePayment_noAccountSpecified_createConsentDetailsWithAllAccounts() throws Exception {
// Given
List<AccountWithBalance> accounts = singletonList(DEBTOR_ACCOUNT);
FRWriteFileConsentData data = FRWriteFileConsentData.builder().initiation(getValidOBFile().build()).build();
FRWriteFileConsent writeFileConsent = FRWriteFileConsent.builder().data(data).build();
FRAmount amount = FRAmount.builder().currency("GBP").build();
given(paymentService.getPayment(eq(CONSENT_ID))).willReturn(FRFileConsent.builder().id(CONSENT_ID).writeFileConsent(writeFileConsent).pispId(PISP_ID).pispName(PISP_NAME).payments(Arrays.asList(FRFilePayment.builder().instructedAmount(amount).build())).build());
givenTppExists();
// When
ResponseEntity response = rcsFilePaymentDetailsApi.consentDetails("", accounts, USERNAME, CONSENT_ID, CLIENT_ID);
// Then
assertThat(response.getStatusCode()).isEqualTo(HttpStatus.OK);
FilePaymentConsentDetails consentDetails = (FilePaymentConsentDetails) Objects.requireNonNull(response.getBody());
assertThat(consentDetails.getAccounts()).isEqualTo(accounts);
assertThat(consentDetails.getClientId()).isEqualTo(CLIENT_ID);
assertThat(consentDetails.getNumberOfTransactions()).isEqualTo("19");
assertThat(consentDetails.getMerchantName()).isEqualTo(PISP_NAME);
verify(paymentService, times(1)).getPayment(any());
}
use of com.forgerock.openbanking.common.model.openbanking.domain.payment.FRWriteFileConsent in project openbanking-aspsp by OpenBankingToolkit.
the class RCSFilePaymentDetailsApiTest method validFilePayment_accountSpecifiedButNotFound_getErrorRedirect.
@Test
public void validFilePayment_accountSpecifiedButNotFound_getErrorRedirect() throws Exception {
// Given
List<AccountWithBalance> accounts = Collections.emptyList();
FRWriteFileDataInitiation validOBFileWithAccount = getValidOBFile().debtorAccount(FRAccountIdentifier.builder().identification("123").build()).build();
FRWriteFileConsent writeFileConsent = FRWriteFileConsent.builder().data(FRWriteFileConsentData.builder().initiation(validOBFileWithAccount).build()).build();
given(paymentService.getPayment(eq(CONSENT_ID))).willReturn(FRFileConsent.builder().id(CONSENT_ID).writeFileConsent(writeFileConsent).pispId(PISP_ID).pispName(PISP_NAME).build());
givenTppExists();
given(accountService.findAccountByIdentification(any(), any())).willReturn(Optional.empty());
given(rcsErrorService.invalidConsentError(any(), any(), any())).willReturn(ResponseEntity.status(HttpStatus.FORBIDDEN).build());
// When
ResponseEntity response = rcsFilePaymentDetailsApi.consentDetails("", accounts, USERNAME, CONSENT_ID, CLIENT_ID);
// Then
assertThat(response.getStatusCode()).isEqualTo(HttpStatus.FORBIDDEN);
}
use of com.forgerock.openbanking.common.model.openbanking.domain.payment.FRWriteFileConsent in project openbanking-aspsp by OpenBankingToolkit.
the class RCSFilePaymentDetailsApiTest method validFilePayment_accountSpecifiedAndFound_createConsentDetailsWithAllAccounts.
@Test
public void validFilePayment_accountSpecifiedAndFound_createConsentDetailsWithAllAccounts() throws Exception {
// Given
List<AccountWithBalance> accounts = singletonList(DEBTOR_ACCOUNT);
FRWriteFileDataInitiation validOBFileWithAccount = getValidOBFile().debtorAccount(FRAccountIdentifier.builder().identification("123").build()).build();
FRWriteFileConsent frWriteFileConsent = FRWriteFileConsent.builder().data(FRWriteFileConsentData.builder().initiation(validOBFileWithAccount).build()).build();
FRAmount amount = FRAmount.builder().currency("GBP").build();
given(paymentService.getPayment(eq(CONSENT_ID))).willReturn(FRFileConsent.builder().id(CONSENT_ID).writeFileConsent(frWriteFileConsent).pispId(PISP_ID).pispName(PISP_NAME).payments(singletonList(FRFilePayment.builder().instructedAmount(amount).build())).build());
givenTppExists();
given(accountService.findAccountByIdentification(any(), any())).willReturn(Optional.of(DEBTOR_ACCOUNT));
// When
ResponseEntity response = rcsFilePaymentDetailsApi.consentDetails("", accounts, USERNAME, CONSENT_ID, CLIENT_ID);
// Then
assertThat(response.getStatusCode()).isEqualTo(HttpStatus.OK);
FilePaymentConsentDetails consentDetails = (FilePaymentConsentDetails) Objects.requireNonNull(response.getBody());
assertThat(consentDetails.getAccounts()).isEqualTo(accounts);
assertThat(consentDetails.getClientId()).isEqualTo(CLIENT_ID);
assertThat(consentDetails.getNumberOfTransactions()).isEqualTo("19");
assertThat(consentDetails.getMerchantName()).isEqualTo(PISP_NAME);
verify(paymentService, times(1)).getPayment(any());
}
Aggregations