use of com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRDomesticConsent in project openbanking-aspsp by OpenBankingToolkit.
the class DomesticPaymentsApiControllerIT method testMissingConsentOnPaymentInitiationShouldReturnNotFound.
@Test
public void testMissingConsentOnPaymentInitiationShouldReturnNotFound() throws Exception {
// Given
springSecForTest.mockAuthCollector.mockAuthorities(OBRIRole.ROLE_PISP);
FRDomesticConsent consent = JMockData.mock(FRDomesticConsent.class);
consent.setId(IntentType.PAYMENT_DOMESTIC_CONSENT.generateIntentId());
consent.getInitiation().setInstructedAmount(aValidFRAmount());
consent.getInitiation().setCreditorPostalAddress(aValidFRPostalAddress());
consent.getInitiation().setSupplementaryData(FRSupplementaryData.builder().data("{}").build());
consent.getRisk().setMerchantCategoryCode(aValidFRRisk().getMerchantCategoryCode());
consent.getRisk().setDeliveryAddress(aValidFRRisk().getDeliveryAddress());
OBWriteDomestic2 submissionRequest = new OBWriteDomestic2().risk(toOBRisk1(consent.getRisk())).data(new OBWriteDataDomestic2().consentId(consent.getId()).initiation(toOBDomestic2(consent.getInitiation())));
// When
HttpResponse<String> response = Unirest.post("https://rs-store:" + port + "/open-banking/v3.1/pisp/domestic-payments").header(OBHeaders.X_FAPI_FINANCIAL_ID, rsConfiguration.financialId).header(OBHeaders.AUTHORIZATION, "token").header(OBHeaders.X_IDEMPOTENCY_KEY, "x-idempotency-key").header(OBHeaders.X_JWS_SIGNATURE, "x-jws-signature").header(OBHeaders.CONTENT_TYPE, "application/json; charset=utf-8").body(submissionRequest).asObject(String.class);
// Then
assertThat(response.getStatus()).isEqualTo(400);
}
use of com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRDomesticConsent in project openbanking-aspsp by OpenBankingToolkit.
the class DomesticPaymentsApiControllerIT method testDuplicatePaymentInitiationShouldReturnForbidden.
@Test
public void testDuplicatePaymentInitiationShouldReturnForbidden() throws Exception {
// Given
springSecForTest.mockAuthCollector.mockAuthorities(OBRIRole.ROLE_PISP);
FRDomesticConsent consent = saveConsent();
FRDomesticPaymentSubmission submission = savePaymentSubmission(consent, UUID.randomUUID().toString());
OBWriteDomestic2 obWriteDomestic2 = new OBWriteDomestic2();
obWriteDomestic2.risk(toOBRisk1(consent.getRisk()));
obWriteDomestic2.data(new OBWriteDataDomestic2().consentId(submission.getId()).initiation(toOBDomestic2(consent.getInitiation())));
// When
HttpResponse<String> response = Unirest.post("https://rs-store:" + port + "/open-banking/v3.1/pisp/domestic-payments").header(OBHeaders.X_FAPI_FINANCIAL_ID, rsConfiguration.financialId).header(OBHeaders.AUTHORIZATION, "token").header(OBHeaders.X_IDEMPOTENCY_KEY, "differentKey").header(OBHeaders.X_JWS_SIGNATURE, "x-jws-signature").header(OBHeaders.CONTENT_TYPE, "application/json; charset=utf-8").body(obWriteDomestic2).asObject(String.class);
// Then
assertThat(response.getStatus()).isEqualTo(403);
}
use of com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRDomesticConsent in project openbanking-aspsp by OpenBankingToolkit.
the class DomesticPaymentsApiControllerIT method testGetMissingDomesticPaymentSubmissionReturnNotFound.
@Test
public void testGetMissingDomesticPaymentSubmissionReturnNotFound() throws UnirestException {
// Given
springSecForTest.mockAuthCollector.mockAuthorities(OBRIRole.ROLE_PISP);
FRDomesticConsent consent = saveConsent();
FRWriteDomestic submissionRequest = JMockData.mock(FRWriteDomestic.class);
FRDomesticPaymentSubmission submission = FRDomesticPaymentSubmission.builder().id(consent.getId()).domesticPayment(submissionRequest).build();
// When
HttpResponse<String> response = Unirest.get("https://rs-store:" + port + "/open-banking/v3.1/pisp/domestic-payments/" + submission.getId()).header(OBHeaders.X_FAPI_FINANCIAL_ID, rsConfiguration.financialId).header(OBHeaders.AUTHORIZATION, "token").asObject(String.class);
// Then
assertThat(response.getStatus()).isEqualTo(400);
}
use of com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRDomesticConsent in project openbanking-aspsp by OpenBankingToolkit.
the class RCSDomesticPaymentDetailsApiTest method shouldReturnRequestedAccountWhenDebtor.
@Test
public void shouldReturnRequestedAccountWhenDebtor() throws OBErrorException, JsonProcessingException {
// Given
List<AccountWithBalance> accounts = JMockData.mock(new TypeReference<>() {
});
FRDomesticConsent consent = JMockData.mock(FRDomesticConsent.class);
FRAccountIdentifier firstAccount = accounts.get(0).getAccount().getAccounts().get(0);
consent.getInitiation().getDebtorAccount().setIdentification(firstAccount.getIdentification());
given(paymentService.getPayment(any())).willReturn(consent);
given(tppStoreService.findById(consent.getPispId())).willReturn(Optional.of(Tpp.builder().clientId(CLIENT_ID).build()));
// When
ResponseEntity responseEntity = api.consentDetails("abcd", accounts, "user1", "c123", CLIENT_ID);
// Then
DomesticPaymentConsentDetails body = (DomesticPaymentConsentDetails) Objects.requireNonNull(responseEntity.getBody());
ObjectMapper mapper = new ObjectMapper();
mapper.enable(SerializationFeature.INDENT_OUTPUT);
mapper.registerModule(new JodaModule());
mapper.setTimeZone(TimeZone.getDefault());
mapper.disable(SerializationFeature.WRITE_DATES_AS_TIMESTAMPS);
mapper.setSerializationInclusion(JsonInclude.Include.NON_NULL);
mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
String json = mapper.writeValueAsString(body);
log.info("Json Serialize as String \n{}", json);
assertThat(responseEntity.getStatusCode()).isEqualTo(HttpStatus.OK);
assertThat(body.getAccounts().size()).isEqualTo(1);
assertThat(body.getAccounts()).containsExactly(accounts.get(0));
}
use of com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRDomesticConsent in project openbanking-aspsp by OpenBankingToolkit.
the class DomesticPaymentsApiController method createDomesticPayments.
@Override
public ResponseEntity<OBWriteDomesticResponse2> createDomesticPayments(@ApiParam(value = "Default", required = true) @Valid @RequestBody OBWriteDomestic2 obWriteDomestic2, @ApiParam(value = "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB.", required = true) @RequestHeader(value = "x-fapi-financial-id", required = true) String xFapiFinancialId, @ApiParam(value = "An Authorisation Token as per https://tools.ietf.org/html/rfc6750", required = true) @RequestHeader(value = "Authorization", required = true) String authorization, @ApiParam(value = "Every request will be processed only once per x-idempotency-key. The Idempotency Key will be valid for 24 hours.", required = true) @RequestHeader(value = "x-idempotency-key", required = true) String xIdempotencyKey, @ApiParam(value = "A detached JWS signature of the body of the payload.", required = true) @RequestHeader(value = "x-jws-signature", required = true) String xJwsSignature, @ApiParam(value = "The time when the PSU last logged in with the TPP. All dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below: Sun, 10 Sep 2017 19:43:31 UTC") @RequestHeader(value = "x-fapi-customer-last-logged-time", required = false) @DateTimeFormat(pattern = HTTP_DATE_FORMAT) DateTime xFapiCustomerLastLoggedTime, @ApiParam(value = "The PSU's IP address if the PSU is currently logged in with the TPP.") @RequestHeader(value = "x-fapi-customer-ip-address", required = false) String xFapiCustomerIpAddress, @ApiParam(value = "An RFC4122 UID used as a correlation id.") @RequestHeader(value = "x-fapi-interaction-id", required = false) String xFapiInteractionId, @ApiParam(value = "Indicates the user-agent that the PSU is using.") @RequestHeader(value = "x-customer-user-agent", required = false) String xCustomerUserAgent, HttpServletRequest request, Principal principal) throws OBErrorResponseException {
String consentId = obWriteDomestic2.getData().getConsentId();
FRDomesticConsent payment = paymentsService.getPayment(consentId);
return rsEndpointWrapperService.paymentSubmissionEndpoint().authorization(authorization).xFapiFinancialId(xFapiFinancialId).payment(payment).principal(principal).filters(f -> {
f.verifyPaymentIdWithAccessToken();
f.verifyIdempotencyKeyLength(xIdempotencyKey);
f.verifyPaymentStatus();
f.verifyRiskAndInitiation(toFRWriteDomesticDataInitiation(obWriteDomestic2.getData().getInitiation()), toFRRisk(obWriteDomestic2.getRisk()));
f.verifyJwsDetachedSignature(xJwsSignature, request);
}).execute((String tppId) -> {
// Modify the status of the payment
LOGGER.info("Switch status of payment {} to 'accepted settlement in process'.", consentId);
payment.setStatus(ConsentStatusCode.ACCEPTEDSETTLEMENTINPROCESS);
LOGGER.info("Updating payment");
paymentsService.updatePayment(payment);
HttpHeaders additionalHttpHeaders = new HttpHeaders();
additionalHttpHeaders.add("x-ob-payment-id", consentId);
return rsStoreGateway.toRsStore(request, additionalHttpHeaders, Collections.emptyMap(), OBWriteDomesticResponse2.class, obWriteDomestic2);
});
}
Aggregations