Search in sources :

Example 1 with FRAccountAccessConsent

use of com.forgerock.openbanking.common.model.openbanking.persistence.account.FRAccountAccessConsent in project openbanking-aspsp by OpenBankingToolkit.

the class AccountAccessConsentApiController method createAccountAccessConsent.

@Override
public ResponseEntity<OBReadConsentResponse1> createAccountAccessConsent(@ApiParam(value = "Create an Account Request", required = true) @Valid @RequestBody OBReadRequest1 body, @ApiParam(value = "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB.", required = true) @RequestHeader(value = "x-fapi-financial-id", required = true) String xFapiFinancialId, @ApiParam(value = "An Authorisation Token as per https://tools.ietf.org/html/rfc6750", required = true) @RequestHeader(value = "Authorization", required = true) String authorization, @ApiParam(value = "Header containing a detached JWS signature of the body of the payload.", required = true) @RequestHeader(value = "x-jws-signature", required = false) String xJwsSignature, @ApiParam(value = "The time when the PSU last logged in with the TPP.  All dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below:  Sun, 10 Sep 2017 19:43:31 UTC") @RequestHeader(value = "x-fapi-customer-last-logged-time", required = false) @DateTimeFormat(pattern = HTTP_DATE_FORMAT) DateTime xFapiCustomerLastLoggedTime, @ApiParam(value = "The PSU's IP address if the PSU is currently logged in with the TPP.") @RequestHeader(value = "x-fapi-customer-ip-address", required = false) String xFapiCustomerIpAddress, @ApiParam(value = "An RFC4122 UID used as a correlation id.") @RequestHeader(value = "x-fapi-interaction-id", required = false) String xFapiInteractionId, @ApiParam(value = "Indicates the user-agent that the PSU is using.") @RequestHeader(value = "x-customer-user-agent", required = false) String xCustomerUserAgent, @ApiParam(value = "The AISP ID") @RequestHeader(value = "x-ob-aisp_id", required = false) String aispId, HttpServletRequest request) throws OBErrorResponseException {
    log.info("Received a new account access consent");
    String consentId = createNewConsentId(body);
    log.info("Create a new Account access consent ID {}", consentId);
    OBReadConsentResponse1 response = new OBReadConsentResponse1().data(new OBReadConsentResponse1Data().consentId(consentId).status(OBExternalRequestStatus1Code.AWAITINGAUTHORISATION).creationDateTime(DateTime.now()).permissions(body.getData().getPermissions()).expirationDateTime(body.getData().getExpirationDateTime()).statusUpdateDateTime(DateTime.now()).transactionFromDateTime(body.getData().getTransactionFromDateTime()).transactionToDateTime(body.getData().getTransactionToDateTime())).risk(body.getRisk());
    FRAccountAccessConsent accountAccessConsent = new FRAccountAccessConsent();
    accountAccessConsent.setId(consentId);
    accountAccessConsent.setConsentId(consentId);
    accountAccessConsent.setAccountAccessConsent(toFRReadConsentResponse(response));
    accountAccessConsent.setAisp(tppRepository.findByClientId(aispId));
    accountAccessConsent.setObVersion(VersionPathExtractor.getVersionFromPath(request));
    consentMetricService.sendConsentActivity(new ConsentStatusEntry(accountAccessConsent.getId(), accountAccessConsent.getStatus().name()));
    accountAccessConsent = frAccountAccessConsentRepository.save(accountAccessConsent);
    log.debug("Account access consent created {}", accountAccessConsent.getAccountAccessConsent());
    return ResponseEntity.status(HttpStatus.CREATED).body(response);
}
Also used : FRAccountAccessConsent(com.forgerock.openbanking.common.model.openbanking.persistence.account.FRAccountAccessConsent) FRReadConsentResponseConverter.toOBReadConsentResponse1(com.forgerock.openbanking.common.services.openbanking.converter.account.FRReadConsentResponseConverter.toOBReadConsentResponse1) ConsentStatusEntry(com.forgerock.openbanking.analytics.model.entries.ConsentStatusEntry)

Example 2 with FRAccountAccessConsent

use of com.forgerock.openbanking.common.model.openbanking.persistence.account.FRAccountAccessConsent in project openbanking-aspsp by OpenBankingToolkit.

the class AccountRequestStoreServiceImpl method getAccountAccessConsent.

private Optional<FRAccountAccessConsent> getAccountAccessConsent(String consentId) {
    ParameterizedTypeReference<Optional<FRAccountAccessConsent>> ptr = new ParameterizedTypeReference<Optional<FRAccountAccessConsent>>() {
    };
    UriComponentsBuilder builder = UriComponentsBuilder.fromHttpUrl(rsStoreRoot + "/api/account-access-consents/" + consentId);
    URI uri = builder.build().encode().toUri();
    return restTemplate.exchange(uri, HttpMethod.GET, null, ptr).getBody();
}
Also used : FRAccountAccessConsent(com.forgerock.openbanking.common.model.openbanking.persistence.account.FRAccountAccessConsent) Optional(java.util.Optional) ParameterizedTypeReference(org.springframework.core.ParameterizedTypeReference) UriComponentsBuilder(org.springframework.web.util.UriComponentsBuilder) URI(java.net.URI)

Example 3 with FRAccountAccessConsent

use of com.forgerock.openbanking.common.model.openbanking.persistence.account.FRAccountAccessConsent in project openbanking-aspsp by OpenBankingToolkit.

the class RCSCustomerInfoDetailsApiTest method shouldReturnRedirectActionWhenCustomerInfoNotFound.

@Test
public void shouldReturnRedirectActionWhenCustomerInfoNotFound() throws OBErrorException {
    FRAccountAccessConsent frAccountAccessConsent = JMockData.mock(FRAccountAccessConsent.class);
    frAccountAccessConsent.setConsentId(IntentType.CUSTOMER_INFO_CONSENT.generateIntentId());
    frAccountAccessConsent.setCustomerInfo(null);
    given(tppStoreService.findById(frAccountAccessConsent.getAispId())).willReturn(Optional.of(Tpp.builder().clientId(frAccountAccessConsent.getClientId()).build()));
    given(accountRequestStoreService.get(any())).willReturn(Optional.ofNullable(frAccountAccessConsent));
    given(customerInfoRepository.findByUserID(any())).willReturn(null);
    given(rcsErrorService.invalidConsentError(any(), any())).willReturn(ResponseEntity.ok(RedirectionAction.builder().redirectUri("redirect_uri_value").build()));
    ResponseEntity<RedirectionAction> response = api.consentDetails("asdfasdc", Collections.EMPTY_LIST, frAccountAccessConsent.getUserId(), frAccountAccessConsent.getConsentId(), frAccountAccessConsent.getClientId());
    RedirectionAction redirectionAction = response.getBody();
    assertThat(response.getStatusCode()).isEqualTo(HttpStatus.OK);
    assertThat(redirectionAction.getRedirectUri()).isNotNull();
}
Also used : FRAccountAccessConsent(com.forgerock.openbanking.common.model.openbanking.persistence.account.FRAccountAccessConsent) RedirectionAction(com.forgerock.openbanking.common.model.rcs.RedirectionAction) Test(org.junit.Test)

Example 4 with FRAccountAccessConsent

use of com.forgerock.openbanking.common.model.openbanking.persistence.account.FRAccountAccessConsent in project openbanking-aspsp by OpenBankingToolkit.

the class RCSCustomerInfoDetailsApiTest method shouldReturnCustomerInfoDetails.

@Test
public void shouldReturnCustomerInfoDetails() throws OBErrorException {
    FRAccountAccessConsent frAccountAccessConsent = JMockData.mock(FRAccountAccessConsent.class);
    frAccountAccessConsent.setConsentId(IntentType.CUSTOMER_INFO_CONSENT.generateIntentId());
    FRCustomerInfo customerInfo = JMockData.mock(FRCustomerInfo.class);
    given(tppStoreService.findById(frAccountAccessConsent.getAispId())).willReturn(Optional.of(Tpp.builder().clientId(frAccountAccessConsent.getClientId()).build()));
    given(accountRequestStoreService.get(any())).willReturn(Optional.ofNullable(frAccountAccessConsent));
    given(customerInfoRepository.findByUserID(any())).willReturn(customerInfo);
    ResponseEntity<CustomerInfoConsentDetails> response = api.consentDetails("asdfas", Collections.EMPTY_LIST, frAccountAccessConsent.getUserId(), frAccountAccessConsent.getConsentId(), frAccountAccessConsent.getClientId());
    CustomerInfoConsentDetails details = response.getBody();
    assertThat(response.getStatusCode()).isEqualTo(HttpStatus.OK);
    assertThat(details.getCustomerInfo()).isNotNull();
}
Also used : FRAccountAccessConsent(com.forgerock.openbanking.common.model.openbanking.persistence.account.FRAccountAccessConsent) CustomerInfoConsentDetails(com.forgerock.openbanking.common.model.rcs.consentdetails.CustomerInfoConsentDetails) FRCustomerInfo(com.forgerock.openbanking.common.model.data.FRCustomerInfo) Test(org.junit.Test)

Example 5 with FRAccountAccessConsent

use of com.forgerock.openbanking.common.model.openbanking.persistence.account.FRAccountAccessConsent in project openbanking-aspsp by OpenBankingToolkit.

the class RCSCustomerInfoDetailsApi method consentDetails.

@Override
public ResponseEntity consentDetails(String remoteConsentRequest, List<AccountWithBalance> accounts, String username, String consentId, String clientId) throws OBErrorException {
    log.debug("Received a Customer info account consent request with consent_request='{}'", remoteConsentRequest);
    log.debug("=> The Customer info account consent id '{}'", consentId);
    Optional<AccountRequest> isCustomerInfoConsent = accountRequestStoreService.get(consentId);
    if (!isCustomerInfoConsent.isPresent()) {
        log.error("The AISP '{}' is referencing an customer info account request {} that doesn't exist", clientId, consentId);
        return rcsErrorService.error(OBRIErrorType.RCS_CONSENT_REQUEST_UNKNOWN_ACCOUNT_REQUEST, clientId, consentId);
    }
    FRAccountAccessConsent customerInfoAccountConsent = (FRAccountAccessConsent) isCustomerInfoConsent.get();
    // Verify the aisp is the same than the one that created this customer info accountRequest ^
    if (!clientId.equals(customerInfoAccountConsent.getClientId())) {
        log.error("The AISP '{}' created the customer info account request '{}' but it's AISP '{}' that is " + "trying to get consent for it.", customerInfoAccountConsent.getClientId(), consentId, clientId);
        return rcsErrorService.error(OBRIErrorType.RCS_CONSENT_REQUEST_INVALID_CONSENT, customerInfoAccountConsent.getClientId(), clientId, consentId);
    }
    Optional<Tpp> isTpp = tppStoreService.findById(customerInfoAccountConsent.getAispId());
    if (!isTpp.isPresent()) {
        log.error("The TPP '{}' (Client ID {}) that created this customer info account consent id '{}' " + "doesn't exist anymore.", customerInfoAccountConsent.getAispId(), clientId, customerInfoAccountConsent.getId());
        return rcsErrorService.error(OBRIErrorType.RCS_CONSENT_REQUEST_NOT_FOUND_TPP, clientId, customerInfoAccountConsent.getId());
    }
    Tpp tpp = isTpp.get();
    log.debug("Populate the customer info model with details data");
    customerInfoAccountConsent.setUserId(username);
    accountRequestStoreService.save(customerInfoAccountConsent);
    log.debug("Populate the model with the customer info and consent data");
    log.debug("get the customer info to add it in account consent data.");
    FRCustomerInfo customerInfo = customerInfoRepository.findByUserID(username);
    log.debug("customer info data {}", customerInfo);
    if (customerInfo == null) {
        return rcsErrorService.invalidConsentError(remoteConsentRequest, new OBErrorException(OBRIErrorType.CUSTOMER_INFO_NOT_FOUND));
    }
    customerInfoAccountConsent.setCustomerInfo(customerInfo);
    log.debug("customer info to added in account consent data {}", consentId);
    return ok(CustomerInfoConsentDetails.builder().username(username).merchantName(customerInfoAccountConsent.getAispName()).logo(tpp.getLogo()).clientId(clientId).customerInfo(customerInfoAccountConsent.getCustomerInfo()).build());
}
Also used : FRAccountAccessConsent(com.forgerock.openbanking.common.model.openbanking.persistence.account.FRAccountAccessConsent) AccountRequest(com.forgerock.openbanking.common.model.openbanking.persistence.account.AccountRequest) Tpp(com.forgerock.openbanking.model.Tpp) FRCustomerInfo(com.forgerock.openbanking.common.model.data.FRCustomerInfo) OBErrorException(com.forgerock.openbanking.exceptions.OBErrorException)

Aggregations

FRAccountAccessConsent (com.forgerock.openbanking.common.model.openbanking.persistence.account.FRAccountAccessConsent)8 ConsentStatusEntry (com.forgerock.openbanking.analytics.model.entries.ConsentStatusEntry)2 FRCustomerInfo (com.forgerock.openbanking.common.model.data.FRCustomerInfo)2 FRReadConsentResponseConverter.toOBReadConsentResponse1 (com.forgerock.openbanking.common.services.openbanking.converter.account.FRReadConsentResponseConverter.toOBReadConsentResponse1)2 Test (org.junit.Test)2 AccountRequest (com.forgerock.openbanking.common.model.openbanking.persistence.account.AccountRequest)1 RedirectionAction (com.forgerock.openbanking.common.model.rcs.RedirectionAction)1 CustomerInfoConsentDetails (com.forgerock.openbanking.common.model.rcs.consentdetails.CustomerInfoConsentDetails)1 AccountRequestStoreService (com.forgerock.openbanking.common.services.store.accountrequest.AccountRequestStoreService)1 OBErrorException (com.forgerock.openbanking.exceptions.OBErrorException)1 Tpp (com.forgerock.openbanking.model.Tpp)1 URI (java.net.URI)1 Optional (java.util.Optional)1 Before (org.junit.Before)1 ParameterizedTypeReference (org.springframework.core.ParameterizedTypeReference)1 HttpHeaders (org.springframework.http.HttpHeaders)1 ResponseEntity (org.springframework.http.ResponseEntity)1 UriComponentsBuilder (org.springframework.web.util.UriComponentsBuilder)1