use of com.forgerock.openbanking.common.model.openbanking.persistence.account.FRAccount in project openbanking-aspsp by OpenBankingToolkit.
the class DataApiControllerIT method shouldReturnPayloadTooLargeWhenCreatingNewDataUsingUpdate.
@Test
public void shouldReturnPayloadTooLargeWhenCreatingNewDataUsingUpdate() throws Exception {
// Given
OBAccount6 account = new OBAccount6().accountId(UUID.randomUUID().toString());
List<FRAccountData> accountDatas = Collections.singletonList(FRAccountData.builder().account(account).balances(Arrays.asList(new OBCashBalance1().type(OBBalanceType1Code.INTERIMAVAILABLE), new OBCashBalance1().type(OBBalanceType1Code.INTERIMBOOKED))).build());
FRAccount savedAccount = frAccountRepository.save(FRAccount.builder().id(account.getAccountId()).userID(UUID.randomUUID().toString()).build());
FRUserData userData = new FRUserData();
userData.setAccountDatas(accountDatas);
userData.setUserName(savedAccount.getUserID());
// When
mockMvc.perform(put("/api/data/user").content(mapper.writeValueAsString(userData)).contentType("application/json")).andExpect(status().isPayloadTooLarge());
}
use of com.forgerock.openbanking.common.model.openbanking.persistence.account.FRAccount in project openbanking-aspsp by OpenBankingToolkit.
the class AutodecisionsApiController method autoAccept.
@Override
public ResponseEntity<RedirectionAction> autoAccept(@RequestBody String consentRequestJwt, @CookieValue(value = "${am.cookie.name}") String ssoToken) throws OBErrorException {
try {
log.debug("Parse consent request JWS");
SignedJWT signedJWT = (SignedJWT) JWTParser.parse(consentRequestJwt);
log.debug("Read payment ID from the claims");
// Read the claims
Claims claims = JwsClaimsUtils.getClaims(signedJWT);
if (!claims.getIdTokenClaims().containsKey(OpenBankingConstants.IdTokenClaim.INTENT_ID)) {
return rcsErrorService.error(OBRIErrorType.RCS_CONSENT_REQUEST_INVALID, "No intent ID");
}
String intentId = claims.getIdTokenClaims().get(OpenBankingConstants.IdTokenClaim.INTENT_ID).getValue();
String clientId = signedJWT.getJWTClaimsSet().getStringClaim(RCSConstants.Claims.CLIENT_ID);
String redirectUri = signedJWT.getJWTClaimsSet().getStringClaim(OIDCConstants.OIDCClaim.CONSENT_APPROVAL_REDIRECT_URI);
String csrf = signedJWT.getJWTClaimsSet().getStringClaim(RCSConstants.Claims.CSRF);
List<String> scopes = new ArrayList<>(signedJWT.getJWTClaimsSet().getJSONObjectClaim(RCSConstants.Claims.SCOPES).keySet());
Map<String, String> profile = userProfileService.getProfile(ssoToken, amOpenBankingConfiguration.endpointUserProfile, amOpenBankingConfiguration.cookieName);
String username = profile.get(amOpenBankingConfiguration.userProfileId);
List<FRAccount> accounts = getAccountOrGenerateData(username);
// Call the right decision delegate, cased on the intent type
ConsentDecisionDelegate consentDecisionDelegate = intentTypeService.getConsentDecision(intentId);
consentDecisionDelegate.autoaccept(accounts, username);
log.debug("Redirect the resource owner to the original oauth2/openid request but this time, with the " + "consent response jwt '{}'.", consentRequestJwt);
String consentJwt = rcsService.generateRCSConsentResponse(rcsConfiguration, amOpenBankingConfiguration, csrf, true, scopes, clientId);
ResponseEntity responseEntity = rcsService.sendRCSResponseToAM(ssoToken, RedirectionAction.builder().redirectUri(redirectUri).consentJwt(consentJwt).requestMethod(HttpMethod.POST).build());
log.debug("Response received from AM: {}", responseEntity);
if (responseEntity.getStatusCode() != HttpStatus.FOUND) {
log.error("When sending the consent response {} to AM, it failed to returned a 302", consentJwt, responseEntity);
throw new OBErrorException(OBRIErrorType.RCS_CONSENT_RESPONSE_FAILURE);
}
// TODO: Determine if the id_token needs re-writing!
String location = responseEntity.getHeaders().getFirst(HttpHeaders.LOCATION);
log.debug("The redirection to the consent page should be in the location '{}'", location);
return ResponseEntity.ok(RedirectionAction.builder().redirectUri(location).build());
} catch (JOSEException e) {
log.error("Could not generate consent context JWT", e);
throw new OBErrorException(OBRIErrorType.RCS_CONSENT_RESPONSE_FAILURE);
} catch (ParseException e) {
log.error("Could not parse the JWT", e);
throw new OBErrorException(OBRIErrorType.RCS_CONSENT_REQUEST_FORMAT);
} catch (Exception e) {
log.error("Unexpected error while authorising consent", e);
throw new OBErrorException(OBRIErrorType.RCS_CONSENT_RESPONSE_FAILURE);
}
}
use of com.forgerock.openbanking.common.model.openbanking.persistence.account.FRAccount in project openbanking-aspsp by OpenBankingToolkit.
the class SinglePaymentConsentDecisionDelegate method consentDecision.
@Override
public void consentDecision(String consentDecisionSerialised, boolean decision) throws IOException, OBErrorException {
SinglePaymentConsentDecision singlePaymentConsentDecision = objectMapper.readValue(consentDecisionSerialised, SinglePaymentConsentDecision.class);
if (decision) {
List<FRAccount> accounts = accountsService.get(getUserIDBehindConsent());
Optional<FRAccount> isAny = accounts.stream().filter(account -> account.getId().equals(singlePaymentConsentDecision.getAccountId())).findAny();
if (!isAny.isPresent()) {
log.error("The account selected {} is not own by this user {}. List accounts {}", singlePaymentConsentDecision.getAccountId(), getUserIDBehindConsent(), accounts);
throw new OBErrorException(OBRIErrorType.RCS_CONSENT_DECISION_INVALID_ACCOUNT, getUserIDBehindConsent(), singlePaymentConsentDecision.getAccountId(), accounts);
}
payment.setStatus(ConsentStatusCode.ACCEPTEDCUSTOMERPROFILE);
payment.setAccountId(singlePaymentConsentDecision.getAccountId());
paymentsService.updatePayment(payment);
} else {
log.debug("The current payment '{}' has been deny", payment.getId());
payment.setStatus(ConsentStatusCode.REJECTED);
paymentsService.updatePayment(payment);
}
}
use of com.forgerock.openbanking.common.model.openbanking.persistence.account.FRAccount in project openbanking-aspsp by OpenBankingToolkit.
the class PaymentConsentDecisionUpdaterTest method paymentDecisionAllowed_applyUpdateToConsent.
@Test
public void paymentDecisionAllowed_applyUpdateToConsent() throws Exception {
// Given
FRAccount account = new FRAccount();
account.id = ACCOUNT_ID;
when(accountStoreService.get(USER_ID)).thenReturn(Collections.singletonList(account));
FRDomesticConsent paymentConsent = new FRDomesticConsent();
// When
paymentConsentDecisionUpdater.applyUpdate(USER_ID, ACCOUNT_ID, true, p -> {
}, paymentConsent);
// Then
assertThat(paymentConsent.getStatus()).isEqualTo(ConsentStatusCode.AUTHORISED);
assertThat(paymentConsent.getAccountId()).isEqualTo(ACCOUNT_ID);
}
use of com.forgerock.openbanking.common.model.openbanking.persistence.account.FRAccount in project openbanking-aspsp by OpenBankingToolkit.
the class PaymentConsentDecisionUpdaterTest method paymentDecisionAllowed_butUserDoesNotOwnAccount_rejectWithException.
@Test
public void paymentDecisionAllowed_butUserDoesNotOwnAccount_rejectWithException() {
// Given
FRAccount account = new FRAccount();
account.id = "differentId";
when(accountStoreService.get(USER_ID)).thenReturn(Collections.singletonList(account));
FRDomesticConsent paymentConsent = new FRDomesticConsent();
// When
assertThatThrownBy(() -> paymentConsentDecisionUpdater.applyUpdate(USER_ID, ACCOUNT_ID, true, p -> {
}, paymentConsent)).isExactlyInstanceOf(OBErrorException.class).hasMessage("The PSU user1 is trying to share an account 'acc123' he doesn't own. List of his accounts '[FRAccount(id=differentId, userID=null, account=null, latestStatementId=null, created=null, updated=null)]'");
}
Aggregations