Search in sources :

Example 21 with FRAccount

use of com.forgerock.openbanking.common.model.openbanking.persistence.account.FRAccount in project openbanking-aspsp by OpenBankingToolkit.

the class DataApiControllerIT method shouldReturnPayloadTooLargeWhenCreatingNewDataUsingUpdate.

@Test
public void shouldReturnPayloadTooLargeWhenCreatingNewDataUsingUpdate() throws Exception {
    // Given
    OBAccount6 account = new OBAccount6().accountId(UUID.randomUUID().toString());
    List<FRAccountData> accountDatas = Collections.singletonList(FRAccountData.builder().account(account).balances(Arrays.asList(new OBCashBalance1().type(OBBalanceType1Code.INTERIMAVAILABLE), new OBCashBalance1().type(OBBalanceType1Code.INTERIMBOOKED))).build());
    FRAccount savedAccount = frAccountRepository.save(FRAccount.builder().id(account.getAccountId()).userID(UUID.randomUUID().toString()).build());
    FRUserData userData = new FRUserData();
    userData.setAccountDatas(accountDatas);
    userData.setUserName(savedAccount.getUserID());
    // When
    mockMvc.perform(put("/api/data/user").content(mapper.writeValueAsString(userData)).contentType("application/json")).andExpect(status().isPayloadTooLarge());
}
Also used : FRUserData(com.forgerock.openbanking.common.model.data.FRUserData) OBCashBalance1(uk.org.openbanking.datamodel.account.OBCashBalance1) FRAccount(com.forgerock.openbanking.common.model.openbanking.persistence.account.FRAccount) FRAccountData(com.forgerock.openbanking.common.model.data.FRAccountData) OBAccount6(uk.org.openbanking.datamodel.account.OBAccount6) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 22 with FRAccount

use of com.forgerock.openbanking.common.model.openbanking.persistence.account.FRAccount in project openbanking-aspsp by OpenBankingToolkit.

the class AutodecisionsApiController method autoAccept.

@Override
public ResponseEntity<RedirectionAction> autoAccept(@RequestBody String consentRequestJwt, @CookieValue(value = "${am.cookie.name}") String ssoToken) throws OBErrorException {
    try {
        log.debug("Parse consent request JWS");
        SignedJWT signedJWT = (SignedJWT) JWTParser.parse(consentRequestJwt);
        log.debug("Read payment ID from the claims");
        // Read the claims
        Claims claims = JwsClaimsUtils.getClaims(signedJWT);
        if (!claims.getIdTokenClaims().containsKey(OpenBankingConstants.IdTokenClaim.INTENT_ID)) {
            return rcsErrorService.error(OBRIErrorType.RCS_CONSENT_REQUEST_INVALID, "No intent ID");
        }
        String intentId = claims.getIdTokenClaims().get(OpenBankingConstants.IdTokenClaim.INTENT_ID).getValue();
        String clientId = signedJWT.getJWTClaimsSet().getStringClaim(RCSConstants.Claims.CLIENT_ID);
        String redirectUri = signedJWT.getJWTClaimsSet().getStringClaim(OIDCConstants.OIDCClaim.CONSENT_APPROVAL_REDIRECT_URI);
        String csrf = signedJWT.getJWTClaimsSet().getStringClaim(RCSConstants.Claims.CSRF);
        List<String> scopes = new ArrayList<>(signedJWT.getJWTClaimsSet().getJSONObjectClaim(RCSConstants.Claims.SCOPES).keySet());
        Map<String, String> profile = userProfileService.getProfile(ssoToken, amOpenBankingConfiguration.endpointUserProfile, amOpenBankingConfiguration.cookieName);
        String username = profile.get(amOpenBankingConfiguration.userProfileId);
        List<FRAccount> accounts = getAccountOrGenerateData(username);
        // Call the right decision delegate, cased on the intent type
        ConsentDecisionDelegate consentDecisionDelegate = intentTypeService.getConsentDecision(intentId);
        consentDecisionDelegate.autoaccept(accounts, username);
        log.debug("Redirect the resource owner to the original oauth2/openid request but this time, with the " + "consent response jwt '{}'.", consentRequestJwt);
        String consentJwt = rcsService.generateRCSConsentResponse(rcsConfiguration, amOpenBankingConfiguration, csrf, true, scopes, clientId);
        ResponseEntity responseEntity = rcsService.sendRCSResponseToAM(ssoToken, RedirectionAction.builder().redirectUri(redirectUri).consentJwt(consentJwt).requestMethod(HttpMethod.POST).build());
        log.debug("Response received from AM: {}", responseEntity);
        if (responseEntity.getStatusCode() != HttpStatus.FOUND) {
            log.error("When sending the consent response {} to AM, it failed to returned a 302", consentJwt, responseEntity);
            throw new OBErrorException(OBRIErrorType.RCS_CONSENT_RESPONSE_FAILURE);
        }
        // TODO: Determine if the id_token needs re-writing!
        String location = responseEntity.getHeaders().getFirst(HttpHeaders.LOCATION);
        log.debug("The redirection to the consent page should be in the location '{}'", location);
        return ResponseEntity.ok(RedirectionAction.builder().redirectUri(location).build());
    } catch (JOSEException e) {
        log.error("Could not generate consent context JWT", e);
        throw new OBErrorException(OBRIErrorType.RCS_CONSENT_RESPONSE_FAILURE);
    } catch (ParseException e) {
        log.error("Could not parse the JWT", e);
        throw new OBErrorException(OBRIErrorType.RCS_CONSENT_REQUEST_FORMAT);
    } catch (Exception e) {
        log.error("Unexpected error while authorising consent", e);
        throw new OBErrorException(OBRIErrorType.RCS_CONSENT_RESPONSE_FAILURE);
    }
}
Also used : Claims(com.forgerock.openbanking.model.claim.Claims) FRAccount(com.forgerock.openbanking.common.model.openbanking.persistence.account.FRAccount) ArrayList(java.util.ArrayList) OBErrorException(com.forgerock.openbanking.exceptions.OBErrorException) SignedJWT(com.nimbusds.jwt.SignedJWT) JOSEException(com.nimbusds.jose.JOSEException) ParseException(java.text.ParseException) OBErrorException(com.forgerock.openbanking.exceptions.OBErrorException) HttpClientErrorException(org.springframework.web.client.HttpClientErrorException) ResponseEntity(org.springframework.http.ResponseEntity) ConsentDecisionDelegate(com.forgerock.openbanking.aspsp.rs.rcs.api.rcs.decisions.ConsentDecisionDelegate) ParseException(java.text.ParseException) JOSEException(com.nimbusds.jose.JOSEException)

Example 23 with FRAccount

use of com.forgerock.openbanking.common.model.openbanking.persistence.account.FRAccount in project openbanking-aspsp by OpenBankingToolkit.

the class SinglePaymentConsentDecisionDelegate method consentDecision.

@Override
public void consentDecision(String consentDecisionSerialised, boolean decision) throws IOException, OBErrorException {
    SinglePaymentConsentDecision singlePaymentConsentDecision = objectMapper.readValue(consentDecisionSerialised, SinglePaymentConsentDecision.class);
    if (decision) {
        List<FRAccount> accounts = accountsService.get(getUserIDBehindConsent());
        Optional<FRAccount> isAny = accounts.stream().filter(account -> account.getId().equals(singlePaymentConsentDecision.getAccountId())).findAny();
        if (!isAny.isPresent()) {
            log.error("The account selected {} is not own by this user {}. List accounts {}", singlePaymentConsentDecision.getAccountId(), getUserIDBehindConsent(), accounts);
            throw new OBErrorException(OBRIErrorType.RCS_CONSENT_DECISION_INVALID_ACCOUNT, getUserIDBehindConsent(), singlePaymentConsentDecision.getAccountId(), accounts);
        }
        payment.setStatus(ConsentStatusCode.ACCEPTEDCUSTOMERPROFILE);
        payment.setAccountId(singlePaymentConsentDecision.getAccountId());
        paymentsService.updatePayment(payment);
    } else {
        log.debug("The current payment '{}' has been deny", payment.getId());
        payment.setStatus(ConsentStatusCode.REJECTED);
        paymentsService.updatePayment(payment);
    }
}
Also used : SinglePaymentService(com.forgerock.openbanking.common.services.store.payment.SinglePaymentService) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) OBRIErrorType(com.forgerock.openbanking.model.error.OBRIErrorType) IOException(java.io.IOException) OBErrorException(com.forgerock.openbanking.exceptions.OBErrorException) AccountStoreService(com.forgerock.openbanking.common.services.store.account.AccountStoreService) Slf4j(lombok.extern.slf4j.Slf4j) List(java.util.List) ConsentStatusCode(com.forgerock.openbanking.common.model.openbanking.persistence.payment.ConsentStatusCode) Optional(java.util.Optional) FRPaymentSetup(com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRPaymentSetup) ConsentDecisionDelegate(com.forgerock.openbanking.aspsp.rs.rcs.api.rcs.decisions.ConsentDecisionDelegate) SinglePaymentConsentDecision(com.forgerock.openbanking.common.model.rcs.consentdecision.SinglePaymentConsentDecision) FRAccount(com.forgerock.openbanking.common.model.openbanking.persistence.account.FRAccount) FRAccount(com.forgerock.openbanking.common.model.openbanking.persistence.account.FRAccount) SinglePaymentConsentDecision(com.forgerock.openbanking.common.model.rcs.consentdecision.SinglePaymentConsentDecision) OBErrorException(com.forgerock.openbanking.exceptions.OBErrorException)

Example 24 with FRAccount

use of com.forgerock.openbanking.common.model.openbanking.persistence.account.FRAccount in project openbanking-aspsp by OpenBankingToolkit.

the class PaymentConsentDecisionUpdaterTest method paymentDecisionAllowed_applyUpdateToConsent.

@Test
public void paymentDecisionAllowed_applyUpdateToConsent() throws Exception {
    // Given
    FRAccount account = new FRAccount();
    account.id = ACCOUNT_ID;
    when(accountStoreService.get(USER_ID)).thenReturn(Collections.singletonList(account));
    FRDomesticConsent paymentConsent = new FRDomesticConsent();
    // When
    paymentConsentDecisionUpdater.applyUpdate(USER_ID, ACCOUNT_ID, true, p -> {
    }, paymentConsent);
    // Then
    assertThat(paymentConsent.getStatus()).isEqualTo(ConsentStatusCode.AUTHORISED);
    assertThat(paymentConsent.getAccountId()).isEqualTo(ACCOUNT_ID);
}
Also used : FRAccount(com.forgerock.openbanking.common.model.openbanking.persistence.account.FRAccount) FRDomesticConsent(com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRDomesticConsent) Test(org.junit.Test)

Example 25 with FRAccount

use of com.forgerock.openbanking.common.model.openbanking.persistence.account.FRAccount in project openbanking-aspsp by OpenBankingToolkit.

the class PaymentConsentDecisionUpdaterTest method paymentDecisionAllowed_butUserDoesNotOwnAccount_rejectWithException.

@Test
public void paymentDecisionAllowed_butUserDoesNotOwnAccount_rejectWithException() {
    // Given
    FRAccount account = new FRAccount();
    account.id = "differentId";
    when(accountStoreService.get(USER_ID)).thenReturn(Collections.singletonList(account));
    FRDomesticConsent paymentConsent = new FRDomesticConsent();
    // When
    assertThatThrownBy(() -> paymentConsentDecisionUpdater.applyUpdate(USER_ID, ACCOUNT_ID, true, p -> {
    }, paymentConsent)).isExactlyInstanceOf(OBErrorException.class).hasMessage("The PSU user1 is trying to share an account 'acc123' he doesn't own. List of his accounts '[FRAccount(id=differentId, userID=null, account=null, latestStatementId=null, created=null, updated=null)]'");
}
Also used : InjectMocks(org.mockito.InjectMocks) Mock(org.mockito.Mock) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) RunWith(org.junit.runner.RunWith) Test(org.junit.Test) Mockito.when(org.mockito.Mockito.when) OBErrorException(com.forgerock.openbanking.exceptions.OBErrorException) AccountStoreService(com.forgerock.openbanking.common.services.store.account.AccountStoreService) Assertions.assertThatThrownBy(org.assertj.core.api.Assertions.assertThatThrownBy) ConsentStatusCode(com.forgerock.openbanking.common.model.openbanking.persistence.payment.ConsentStatusCode) FRDomesticConsent(com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRDomesticConsent) MockitoJUnitRunner(org.mockito.junit.MockitoJUnitRunner) Collections(java.util.Collections) FRAccount(com.forgerock.openbanking.common.model.openbanking.persistence.account.FRAccount) FRAccount(com.forgerock.openbanking.common.model.openbanking.persistence.account.FRAccount) FRDomesticConsent(com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRDomesticConsent) OBErrorException(com.forgerock.openbanking.exceptions.OBErrorException) Test(org.junit.Test)

Aggregations

FRAccount (com.forgerock.openbanking.common.model.openbanking.persistence.account.FRAccount)48 Test (org.junit.Test)31 Collections (java.util.Collections)26 Optional (java.util.Optional)25 AccountStoreService (com.forgerock.openbanking.common.services.store.account.AccountStoreService)24 FRAmount (com.forgerock.openbanking.common.model.openbanking.domain.common.FRAmount)23 RunWith (org.junit.runner.RunWith)23 InjectMocks (org.mockito.InjectMocks)23 Mock (org.mockito.Mock)23 MockitoJUnitRunner (org.mockito.junit.MockitoJUnitRunner)23 MoneyService (com.forgerock.openbanking.aspsp.rs.simulator.service.MoneyService)22 PaymentNotificationFacade (com.forgerock.openbanking.aspsp.rs.simulator.service.PaymentNotificationFacade)22 FRCreditDebitIndicator (com.forgerock.openbanking.common.model.openbanking.domain.account.common.FRCreditDebitIndicator)22 FRAccountIdentifier (com.forgerock.openbanking.common.model.openbanking.domain.common.FRAccountIdentifier)22 CurrencyConverterException (com.tunyk.currencyconverter.api.CurrencyConverterException)22 ArgumentMatchers.any (org.mockito.ArgumentMatchers.any)22 ArgumentMatchers.argThat (org.mockito.ArgumentMatchers.argThat)22 ArgumentMatchers.eq (org.mockito.ArgumentMatchers.eq)22 BDDMockito.given (org.mockito.BDDMockito.given)22 Mockito.doThrow (org.mockito.Mockito.doThrow)22