use of com.forgerock.openbanking.common.model.openbanking.persistence.account.AccountWithBalance in project openbanking-aspsp by OpenBankingToolkit.
the class RCSDetailsGatewayApiController method details.
@Override
public ResponseEntity details(@RequestBody String consentRequestJwt, @CookieValue(value = "${am.cookie.name}") String ssoToken) throws OBErrorException {
LOGGER.debug("Received a consent request with consent_request='{}'", consentRequestJwt);
try {
// Verify the RCS JWT
LOGGER.debug("Validate consent request JWS");
// TODO disabling this for now as the consent request JWT as a very short period of life
// cryptoApiClient.validateJws(consentRequestJwt, amOpenBankingConfiguration.getIssuerID(), amOpenBankingConfiguration.jwksUri);
LOGGER.debug("Parse consent request JWS");
SignedJWT signedJWT = (SignedJWT) JWTParser.parse(consentRequestJwt);
LOGGER.debug("Read payment ID from the claims");
// Read the claims
Claims claims = JwsClaimsUtils.getClaims(signedJWT);
if (!claims.getIdTokenClaims().containsKey(OpenBankingConstants.IdTokenClaim.INTENT_ID)) {
throw new OBErrorException(OBRIErrorType.RCS_CONSENT_REQUEST_INVALID, "No intent ID");
}
String intentId = claims.getIdTokenClaims().get(OpenBankingConstants.IdTokenClaim.INTENT_ID).getValue();
String clientId = signedJWT.getJWTClaimsSet().getStringClaim(RCSConstants.Claims.CLIENT_ID);
Map<String, String> profile = userProfileService.getProfile(ssoToken, amOpenBankingConfiguration.endpointUserProfile, amOpenBankingConfiguration.cookieName);
String username = profile.get(amOpenBankingConfiguration.userProfileId);
List<AccountWithBalance> accounts = getAccountOrGenerateData(username);
LOGGER.debug("intent Id from the requested claims '{}'", intentId);
return intentTypeService.consentDetails(intentId, consentRequestJwt, accounts, username, clientId);
} catch (ParseException e) {
LOGGER.error("Could not parse the JWT", e);
throw new OBErrorException(OBRIErrorType.RCS_CONSENT_REQUEST_FORMAT);
} catch (OBErrorException e) {
return rcsErrorService.invalidConsentError(consentRequestJwt, e);
}
}
use of com.forgerock.openbanking.common.model.openbanking.persistence.account.AccountWithBalance in project openbanking-aspsp by OpenBankingToolkit.
the class RCSFilePaymentDetailsApiTest method validFilePayment_noAccountSpecified_createConsentDetailsWithAllAccounts.
@Test
public void validFilePayment_noAccountSpecified_createConsentDetailsWithAllAccounts() throws Exception {
// Given
List<AccountWithBalance> accounts = singletonList(DEBTOR_ACCOUNT);
FRWriteFileConsentData data = FRWriteFileConsentData.builder().initiation(getValidOBFile().build()).build();
FRWriteFileConsent writeFileConsent = FRWriteFileConsent.builder().data(data).build();
FRAmount amount = FRAmount.builder().currency("GBP").build();
given(paymentService.getPayment(eq(CONSENT_ID))).willReturn(FRFileConsent.builder().id(CONSENT_ID).writeFileConsent(writeFileConsent).pispId(PISP_ID).pispName(PISP_NAME).payments(Arrays.asList(FRFilePayment.builder().instructedAmount(amount).build())).build());
givenTppExists();
// When
ResponseEntity response = rcsFilePaymentDetailsApi.consentDetails("", accounts, USERNAME, CONSENT_ID, CLIENT_ID);
// Then
assertThat(response.getStatusCode()).isEqualTo(HttpStatus.OK);
FilePaymentConsentDetails consentDetails = (FilePaymentConsentDetails) Objects.requireNonNull(response.getBody());
assertThat(consentDetails.getAccounts()).isEqualTo(accounts);
assertThat(consentDetails.getClientId()).isEqualTo(CLIENT_ID);
assertThat(consentDetails.getNumberOfTransactions()).isEqualTo("19");
assertThat(consentDetails.getMerchantName()).isEqualTo(PISP_NAME);
verify(paymentService, times(1)).getPayment(any());
}
use of com.forgerock.openbanking.common.model.openbanking.persistence.account.AccountWithBalance in project openbanking-aspsp by OpenBankingToolkit.
the class RCSFilePaymentDetailsApiTest method validFilePayment_accountSpecifiedButNotFound_getErrorRedirect.
@Test
public void validFilePayment_accountSpecifiedButNotFound_getErrorRedirect() throws Exception {
// Given
List<AccountWithBalance> accounts = Collections.emptyList();
FRWriteFileDataInitiation validOBFileWithAccount = getValidOBFile().debtorAccount(FRAccountIdentifier.builder().identification("123").build()).build();
FRWriteFileConsent writeFileConsent = FRWriteFileConsent.builder().data(FRWriteFileConsentData.builder().initiation(validOBFileWithAccount).build()).build();
given(paymentService.getPayment(eq(CONSENT_ID))).willReturn(FRFileConsent.builder().id(CONSENT_ID).writeFileConsent(writeFileConsent).pispId(PISP_ID).pispName(PISP_NAME).build());
givenTppExists();
given(accountService.findAccountByIdentification(any(), any())).willReturn(Optional.empty());
given(rcsErrorService.invalidConsentError(any(), any(), any())).willReturn(ResponseEntity.status(HttpStatus.FORBIDDEN).build());
// When
ResponseEntity response = rcsFilePaymentDetailsApi.consentDetails("", accounts, USERNAME, CONSENT_ID, CLIENT_ID);
// Then
assertThat(response.getStatusCode()).isEqualTo(HttpStatus.FORBIDDEN);
}
use of com.forgerock.openbanking.common.model.openbanking.persistence.account.AccountWithBalance in project openbanking-aspsp by OpenBankingToolkit.
the class RCSInternationalPaymentDetailsApiTest method shouldReturnAllAccountsWhenNoDebtor.
@Test
public void shouldReturnAllAccountsWhenNoDebtor() throws OBErrorException {
// Given
List<AccountWithBalance> accounts = JMockData.mock(new TypeReference<>() {
});
FRInternationalConsent consent = JMockData.mock(FRInternationalConsent.class);
consent.getInitiation().setDebtorAccount(null);
given(paymentService.getPayment(any())).willReturn(consent);
given(tppStoreService.findById(consent.getPispId())).willReturn(Optional.of(Tpp.builder().clientId(CLIENT_ID).build()));
// When
ResponseEntity responseEntity = api.consentDetails("abcd", accounts, "testuser", "c123", CLIENT_ID);
// Then
InternationalPaymentConsentDetails body = (InternationalPaymentConsentDetails) Objects.requireNonNull(responseEntity.getBody());
assertThat(responseEntity.getStatusCode()).isEqualTo(HttpStatus.OK);
assertThat(body.getAccounts()).isEqualTo(accounts);
}
use of com.forgerock.openbanking.common.model.openbanking.persistence.account.AccountWithBalance in project openbanking-aspsp by OpenBankingToolkit.
the class RCSInternationalPaymentDetailsApiTest method shouldReturnRequestedAccountWithOnlyMandatoryFields.
@Test
public void shouldReturnRequestedAccountWithOnlyMandatoryFields() throws OBErrorException {
// Given
List<AccountWithBalance> accounts = JMockData.mock(new TypeReference<>() {
});
FRInternationalConsent consent = JMockData.mock(FRInternationalConsent.class);
FRAccountIdentifier firstAccount = accounts.get(0).getAccount().getAccounts().get(0);
consent.getInitiation().getDebtorAccount().setIdentification(firstAccount.getIdentification());
consent.getInitiation().setExchangeRateInformation(null);
consent.getInitiation().setCreditor(null);
consent.getInitiation().setCreditorAgent(null);
consent.getInitiation().setRemittanceInformation(null);
consent.getInitiation().setSupplementaryData(null);
given(paymentService.getPayment(any())).willReturn(consent);
given(tppStoreService.findById(consent.getPispId())).willReturn(Optional.of(Tpp.builder().clientId(CLIENT_ID).build()));
// When
ResponseEntity responseEntity = api.consentDetails("abcd", accounts, "user1", "c123", CLIENT_ID);
// Then
InternationalPaymentConsentDetails body = (InternationalPaymentConsentDetails) Objects.requireNonNull(responseEntity.getBody());
assertThat(responseEntity.getStatusCode()).isEqualTo(HttpStatus.OK);
assertThat(body.getAccounts().size()).isEqualTo(1);
assertThat(body.getAccounts()).containsExactly(accounts.get(0));
}
Aggregations