Examples with FRDomesticConsent com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRDomesticConsent used on opensource projects

Example 66 with FRDomesticConsent

use of com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRDomesticConsent in project openbanking-aspsp by OpenBankingToolkit.

the class PaymentConsentDecisionUpdaterTest method paymentDecisionAllowed_applyUpdateToConsent.

@Test
public void paymentDecisionAllowed_applyUpdateToConsent() throws Exception {
    // Given
    FRAccount account = new FRAccount();
    account.id = ACCOUNT_ID;
    when(accountStoreService.get(USER_ID)).thenReturn(Collections.singletonList(account));
    FRDomesticConsent paymentConsent = new FRDomesticConsent();
    // When
    paymentConsentDecisionUpdater.applyUpdate(USER_ID, ACCOUNT_ID, true, p -> {
    }, paymentConsent);
    // Then
    assertThat(paymentConsent.getStatus()).isEqualTo(ConsentStatusCode.AUTHORISED);
    assertThat(paymentConsent.getAccountId()).isEqualTo(ACCOUNT_ID);
}

Example 67 with FRDomesticConsent

use of com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRDomesticConsent in project openbanking-aspsp by OpenBankingToolkit.

the class PaymentConsentDecisionUpdaterTest method paymentDecisionAllowed_butUserDoesNotOwnAccount_rejectWithException.

@Test
public void paymentDecisionAllowed_butUserDoesNotOwnAccount_rejectWithException() {
    // Given
    FRAccount account = new FRAccount();
    account.id = "differentId";
    when(accountStoreService.get(USER_ID)).thenReturn(Collections.singletonList(account));
    FRDomesticConsent paymentConsent = new FRDomesticConsent();
    // When
    assertThatThrownBy(() -> paymentConsentDecisionUpdater.applyUpdate(USER_ID, ACCOUNT_ID, true, p -> {
    }, paymentConsent)).isExactlyInstanceOf(OBErrorException.class).hasMessage("The PSU user1 is trying to share an account 'acc123' he doesn't own. List of his accounts '[FRAccount(id=differentId, userID=null, account=null, latestStatementId=null, created=null, updated=null)]'");
}

Example 68 with FRDomesticConsent

use of com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRDomesticConsent in project openbanking-aspsp by OpenBankingToolkit.

the class PaymentConsentDecisionUpdaterTest method paymentDecisionDeclined_applyRejectedUpdateToConsent.

@Test
public void paymentDecisionDeclined_applyRejectedUpdateToConsent() throws Exception {
    // Given
    FRDomesticConsent paymentConsent = new FRDomesticConsent();
    // When
    paymentConsentDecisionUpdater.applyUpdate(USER_ID, null, false, p -> {
    }, paymentConsent);
    // Then
    assertThat(paymentConsent.getStatus()).isEqualTo(ConsentStatusCode.REJECTED);
}

Example 69 with FRDomesticConsent

use of com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRDomesticConsent in project openbanking-aspsp by OpenBankingToolkit.

the class DomesticPaymentConsentsApiController method createDomesticPaymentConsents.

@Override
public ResponseEntity<OBWriteDomesticConsentResponse2> createDomesticPaymentConsents(@ApiParam(value = "Default", required = true) @Valid @RequestBody OBWriteDomesticConsent2 obWriteDomesticConsent2, @ApiParam(value = "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB.", required = true) @RequestHeader(value = "x-fapi-financial-id", required = true) String xFapiFinancialId, @ApiParam(value = "An Authorisation Token as per https://tools.ietf.org/html/rfc6750", required = true) @RequestHeader(value = "Authorization", required = true) String authorization, @ApiParam(value = "Every request will be processed only once per x-idempotency-key.  The Idempotency Key will be valid for 24 hours.", required = true) @RequestHeader(value = "x-idempotency-key", required = true) String xIdempotencyKey, @ApiParam(value = "A detached JWS signature of the body of the payload.", required = true) @RequestHeader(value = "x-jws-signature", required = true) String xJwsSignature, @ApiParam(value = "The time when the PSU last logged in with the TPP.  All dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below:  Sun, 10 Sep 2017 19:43:31 UTC") @RequestHeader(value = "x-fapi-customer-last-logged-time", required = false) @DateTimeFormat(pattern = HTTP_DATE_FORMAT) DateTime xFapiCustomerLastLoggedTime, @ApiParam(value = "The PSU's IP address if the PSU is currently logged in with the TPP.") @RequestHeader(value = "x-fapi-customer-ip-address", required = false) String xFapiCustomerIpAddress, @ApiParam(value = "An RFC4122 UID used as a correlation id.") @RequestHeader(value = "x-fapi-interaction-id", required = false) String xFapiInteractionId, @ApiParam(value = "Indicates the user-agent that the PSU is using.") @RequestHeader(value = "x-customer-user-agent", required = false) String xCustomerUserAgent, @ApiParam(value = "The PISP ID") @RequestHeader(value = "x-ob-client-id", required = false) String clientId, HttpServletRequest request, Principal principal) throws OBErrorResponseException {
    log.debug("Received: '{}'", obWriteDomesticConsent2);
    FRWriteDomesticConsent frWriteDomesticConsent = toFRWriteDomesticConsent(obWriteDomesticConsent2);
    log.trace("Converted to: '{}'", frWriteDomesticConsent);
    final Tpp tpp = tppRepository.findByClientId(clientId);
    log.debug("Got TPP '{}' for client Id '{}'", tpp, clientId);
    Optional<FRDomesticConsent> consentByIdempotencyKey = domesticConsentRepository.findByIdempotencyKeyAndPispId(xIdempotencyKey, tpp.getId());
    if (consentByIdempotencyKey.isPresent()) {
        validateIdempotencyRequest(xIdempotencyKey, frWriteDomesticConsent, consentByIdempotencyKey.get(), () -> consentByIdempotencyKey.get().getDomesticConsent());
        log.info("Idempotent request is valid. Returning [201 CREATED] but take no further action.");
        return ResponseEntity.status(HttpStatus.CREATED).body(packageResponse(consentByIdempotencyKey.get()));
    }
    log.debug("No consent with matching idempotency key has been found. Creating new consent.");
    FRDomesticConsent domesticConsent = FRDomesticConsent.builder().id(IntentType.PAYMENT_DOMESTIC_CONSENT.generateIntentId()).status(ConsentStatusCode.AWAITINGAUTHORISATION).domesticConsent(frWriteDomesticConsent).pispId(tpp.getId()).pispName(tpp.getOfficialName()).statusUpdate(DateTime.now()).idempotencyKey(xIdempotencyKey).obVersion(VersionPathExtractor.getVersionFromPath(request)).build();
    log.debug("Saving consent: '{}'", domesticConsent);
    consentMetricService.sendConsentActivity(new ConsentStatusEntry(domesticConsent.getId(), domesticConsent.getStatus().name()));
    domesticConsent = domesticConsentRepository.save(domesticConsent);
    log.info("Created consent id: '{}'", domesticConsent.getId());
    return ResponseEntity.status(HttpStatus.CREATED).body(packageResponse(domesticConsent));
}

Example 70 with FRDomesticConsent

use of com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRDomesticConsent in project openbanking-aspsp by OpenBankingToolkit.

the class DomesticPaymentConsentsApiController method getDomesticPaymentConsentsConsentIdFundsConfirmation.

@Override
public ResponseEntity getDomesticPaymentConsentsConsentIdFundsConfirmation(@ApiParam(value = "ConsentId", required = true) @PathVariable("ConsentId") String consentId, @ApiParam(value = "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB.", required = true) @RequestHeader(value = "x-fapi-financial-id", required = true) String xFapiFinancialId, @ApiParam(value = "An Authorisation Token as per https://tools.ietf.org/html/rfc6750", required = true) @RequestHeader(value = "Authorization", required = true) String authorization, @ApiParam(value = "The time when the PSU last logged in with the TPP.  All dates in the HTTP headers are " + "represented as RFC 7231 Full Dates. An example is below:  Sun, 10 Sep 2017 19:43:31 UTC") @RequestHeader(value = "x-fapi-customer-last-logged-time", required = false) @DateTimeFormat(pattern = HTTP_DATE_FORMAT) DateTime xFapiCustomerLastLoggedTime, @ApiParam(value = "The PSU's IP address if the PSU is currently logged in with the TPP.") @RequestHeader(value = "x-fapi-customer-ip-address", required = false) String xFapiCustomerIpAddress, @ApiParam(value = "An RFC4122 UID used as a correlation id.") @RequestHeader(value = "x-fapi-interaction-id", required = false) String xFapiInteractionId, @ApiParam(value = "Indicates the user-agent that the PSU is using.") @RequestHeader(value = "x-customer-user-agent", required = false) String xCustomerUserAgent, @RequestHeader(value = "x-ob-url", required = true) String httpUrl, HttpServletRequest request, Principal principal) throws OBErrorResponseException {
    Optional<FRDomesticConsent> isDomesticConsent = domesticConsentRepository.findById(consentId);
    if (!isDomesticConsent.isPresent()) {
        return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("Domestic consent '" + consentId + "' can't be found");
    }
    FRDomesticConsent domesticConsent = isDomesticConsent.get();
    // Check if funds are available on the account selected in consent
    boolean areFundsAvailable = fundsAvailabilityService.isFundsAvailable(domesticConsent.getAccountId(), domesticConsent.getInitiation().getInstructedAmount().getAmount());
    return ResponseEntity.status(HttpStatus.OK).body(new OBWriteFundsConfirmationResponse1().data(new OBWriteFundsConfirmationResponse1Data().fundsAvailableResult(new OBWriteFundsConfirmationResponse1DataFundsAvailableResult().fundsAvailable(areFundsAvailable).fundsAvailableDateTime(DateTime.now()))).links(PaginationUtil.generateLinksOnePager(httpUrl)).meta(new Meta()));
}