Search in sources :

Example 11 with FRDomesticConsent

use of com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRDomesticConsent in project openbanking-aspsp by OpenBankingToolkit.

the class DomesticPaymentConsentsApiController method getDomesticPaymentConsentsConsentIdFundsConfirmation.

@Override
public ResponseEntity getDomesticPaymentConsentsConsentIdFundsConfirmation(@ApiParam(value = "ConsentId", required = true) @PathVariable("ConsentId") String consentId, @ApiParam(value = "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB.", required = true) @RequestHeader(value = "x-fapi-financial-id", required = true) String xFapiFinancialId, @ApiParam(value = "An Authorisation Token as per https://tools.ietf.org/html/rfc6750", required = true) @RequestHeader(value = "Authorization", required = true) String authorization, @ApiParam(value = "The time when the PSU last logged in with the TPP.  All dates in the HTTP headers are " + "represented as RFC 7231 Full Dates. An example is below:  Sun, 10 Sep 2017 19:43:31 UTC") @RequestHeader(value = "x-fapi-customer-last-logged-time", required = false) @DateTimeFormat(pattern = HTTP_DATE_FORMAT) DateTime xFapiCustomerLastLoggedTime, @ApiParam(value = "The PSU's IP address if the PSU is currently logged in with the TPP.") @RequestHeader(value = "x-fapi-customer-ip-address", required = false) String xFapiCustomerIpAddress, @ApiParam(value = "An RFC4122 UID used as a correlation id.") @RequestHeader(value = "x-fapi-interaction-id", required = false) String xFapiInteractionId, @ApiParam(value = "Indicates the user-agent that the PSU is using.") @RequestHeader(value = "x-customer-user-agent", required = false) String xCustomerUserAgent, HttpServletRequest request, Principal principal) throws OBErrorResponseException {
    FRDomesticConsent payment = paymentsService.getPayment(consentId);
    return rsEndpointWrapperService.paymentEndpoint().authorization(authorization).xFapiFinancialId(xFapiFinancialId).payment(payment).principal(principal).isFundsConfirmationRequest(true).filters(f -> {
        f.verifyConsentStatusForConfirmationOfFund();
    }).execute((String tppId) -> {
        HttpHeaders additionalHttpHeaders = new HttpHeaders();
        additionalHttpHeaders.add("x-ob-url", new ServletServerHttpRequest(request).getURI().toString());
        return rsStoreGateway.toRsStore(request, additionalHttpHeaders, OBWriteFundsConfirmationResponse1.class);
    });
}
Also used : PathVariable(org.springframework.web.bind.annotation.PathVariable) OBWriteFundsConfirmationResponse1(uk.org.openbanking.datamodel.payment.OBWriteFundsConfirmationResponse1) RsStoreGateway(com.forgerock.openbanking.common.services.store.RsStoreGateway) LoggerFactory(org.slf4j.LoggerFactory) ApiParam(io.swagger.annotations.ApiParam) Autowired(org.springframework.beans.factory.annotation.Autowired) Controller(org.springframework.stereotype.Controller) DateTimeFormat(org.springframework.format.annotation.DateTimeFormat) RequestBody(org.springframework.web.bind.annotation.RequestBody) Valid(javax.validation.Valid) HttpServletRequest(javax.servlet.http.HttpServletRequest) HTTP_DATE_FORMAT(com.forgerock.openbanking.constants.OpenBankingConstants.HTTP_DATE_FORMAT) RSEndpointWrapperService(com.forgerock.openbanking.aspsp.rs.wrappper.RSEndpointWrapperService) DomesticPaymentService(com.forgerock.openbanking.common.services.store.payment.DomesticPaymentService) Logger(org.slf4j.Logger) OBWriteDomesticConsent2(uk.org.openbanking.datamodel.payment.OBWriteDomesticConsent2) HttpHeaders(org.springframework.http.HttpHeaders) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) OBErrorResponseException(com.forgerock.openbanking.exceptions.OBErrorResponseException) DateTime(org.joda.time.DateTime) Principal(java.security.Principal) ServletServerHttpRequest(org.springframework.http.server.ServletServerHttpRequest) OBWriteDomesticConsentResponse2(uk.org.openbanking.datamodel.payment.OBWriteDomesticConsentResponse2) ResponseEntity(org.springframework.http.ResponseEntity) RequestHeader(org.springframework.web.bind.annotation.RequestHeader) FRDomesticConsent(com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRDomesticConsent) Collections(java.util.Collections) HttpHeaders(org.springframework.http.HttpHeaders) ServletServerHttpRequest(org.springframework.http.server.ServletServerHttpRequest) FRDomesticConsent(com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRDomesticConsent)

Example 12 with FRDomesticConsent

use of com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRDomesticConsent in project openbanking-aspsp by OpenBankingToolkit.

the class DomesticPaymentsApiController method createDomesticPayments.

@Override
public ResponseEntity<OBWriteDomesticResponse1> createDomesticPayments(@ApiParam(value = "Default", required = true) @Valid @RequestBody OBWriteDomestic1 obWriteDomestic1, @ApiParam(value = "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB.", required = true) @RequestHeader(value = "x-fapi-financial-id", required = true) String xFapiFinancialId, @ApiParam(value = "An Authorisation Token as per https://tools.ietf.org/html/rfc6750", required = true) @RequestHeader(value = "Authorization", required = true) String authorization, @ApiParam(value = "Every request will be processed only once per x-idempotency-key.  The Idempotency Key will be valid for 24 hours.", required = true) @RequestHeader(value = "x-idempotency-key", required = true) String xIdempotencyKey, @ApiParam(value = "A detached JWS signature of the body of the payload.", required = true) @RequestHeader(value = "x-jws-signature", required = true) String xJwsSignature, @ApiParam(value = "The time when the PSU last logged in with the TPP.  All dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below:  Sun, 10 Sep 2017 19:43:31 UTC") @RequestHeader(value = "x-fapi-customer-last-logged-time", required = false) @DateTimeFormat(pattern = HTTP_DATE_FORMAT) DateTime xFapiCustomerLastLoggedTime, @ApiParam(value = "The PSU's IP address if the PSU is currently logged in with the TPP.") @RequestHeader(value = "x-fapi-customer-ip-address", required = false) String xFapiCustomerIpAddress, @ApiParam(value = "An RFC4122 UID used as a correlation id.") @RequestHeader(value = "x-fapi-interaction-id", required = false) String xFapiInteractionId, @ApiParam(value = "Indicates the user-agent that the PSU is using.") @RequestHeader(value = "x-customer-user-agent", required = false) String xCustomerUserAgent, HttpServletRequest request, Principal principal) throws OBErrorResponseException {
    String consentId = obWriteDomestic1.getData().getConsentId();
    FRDomesticConsent paymentConsent = paymentsService.getPayment(consentId);
    return rsEndpointWrapperService.paymentSubmissionEndpoint().authorization(authorization).xFapiFinancialId(xFapiFinancialId).payment(paymentConsent).principal(principal).filters(f -> {
        f.verifyPaymentIdWithAccessToken();
        f.verifyIdempotencyKeyLength(xIdempotencyKey);
        f.verifyPaymentStatus();
        f.verifyRiskAndInitiation(toFRWriteDomesticDataInitiation(obWriteDomestic1.getData().getInitiation()), toFRRisk(obWriteDomestic1.getRisk()));
        f.verifyJwsDetachedSignature(xJwsSignature, request);
    }).execute((String tppId) -> {
        // Modify the status of the payment
        LOGGER.info("Switch status of payment {} to 'accepted settlement in process'.", consentId);
        paymentConsent.setStatus(ConsentStatusCode.ACCEPTEDSETTLEMENTINPROCESS);
        LOGGER.info("Updating payment");
        paymentsService.updatePayment(paymentConsent);
        HttpHeaders additionalHttpHeaders = new HttpHeaders();
        additionalHttpHeaders.add("x-ob-payment-id", consentId);
        return rsStoreGateway.toRsStore(request, additionalHttpHeaders, Collections.emptyMap(), OBWriteDomesticResponse1.class, obWriteDomestic1);
    });
}
Also used : PathVariable(org.springframework.web.bind.annotation.PathVariable) RsStoreGateway(com.forgerock.openbanking.common.services.store.RsStoreGateway) OBWriteDomesticResponse1(uk.org.openbanking.datamodel.payment.OBWriteDomesticResponse1) LoggerFactory(org.slf4j.LoggerFactory) ApiParam(io.swagger.annotations.ApiParam) Controller(org.springframework.stereotype.Controller) DateTimeFormat(org.springframework.format.annotation.DateTimeFormat) RequestBody(org.springframework.web.bind.annotation.RequestBody) Valid(javax.validation.Valid) HttpServletRequest(javax.servlet.http.HttpServletRequest) ConsentStatusCode(com.forgerock.openbanking.common.model.openbanking.persistence.payment.ConsentStatusCode) HTTP_DATE_FORMAT(com.forgerock.openbanking.constants.OpenBankingConstants.HTTP_DATE_FORMAT) RSEndpointWrapperService(com.forgerock.openbanking.aspsp.rs.wrappper.RSEndpointWrapperService) FRWriteDomesticConsentConverter.toFRWriteDomesticDataInitiation(com.forgerock.openbanking.common.services.openbanking.converter.payment.FRWriteDomesticConsentConverter.toFRWriteDomesticDataInitiation) DomesticPaymentService(com.forgerock.openbanking.common.services.store.payment.DomesticPaymentService) Logger(org.slf4j.Logger) HttpHeaders(org.springframework.http.HttpHeaders) OBErrorResponseException(com.forgerock.openbanking.exceptions.OBErrorResponseException) DateTime(org.joda.time.DateTime) Principal(java.security.Principal) ResponseEntity(org.springframework.http.ResponseEntity) RequestHeader(org.springframework.web.bind.annotation.RequestHeader) FRDomesticConsent(com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRDomesticConsent) FRPaymentRiskConverter.toFRRisk(com.forgerock.openbanking.common.services.openbanking.converter.payment.FRPaymentRiskConverter.toFRRisk) Collections(java.util.Collections) OBWriteDomestic1(uk.org.openbanking.datamodel.payment.OBWriteDomestic1) HttpHeaders(org.springframework.http.HttpHeaders) FRDomesticConsent(com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRDomesticConsent)

Example 13 with FRDomesticConsent

use of com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRDomesticConsent in project openbanking-aspsp by OpenBankingToolkit.

the class DomesticPaymentConsentsApiController method createDomesticPaymentConsents.

@Override
public ResponseEntity<OBWriteDomesticConsentResponse1> createDomesticPaymentConsents(@ApiParam(value = "Default", required = true) @Valid @RequestBody OBWriteDomesticConsent1 obWriteDomesticConsent1, @ApiParam(value = "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB.", required = true) @RequestHeader(value = "x-fapi-financial-id", required = true) String xFapiFinancialId, @ApiParam(value = "An Authorisation Token as per https://tools.ietf.org/html/rfc6750", required = true) @RequestHeader(value = "Authorization", required = true) String authorization, @ApiParam(value = "Every request will be processed only once per x-idempotency-key.  The Idempotency Key will be valid for 24 hours.", required = true) @RequestHeader(value = "x-idempotency-key", required = true) String xIdempotencyKey, @ApiParam(value = "A detached JWS signature of the body of the payload.", required = true) @RequestHeader(value = "x-jws-signature", required = true) String xJwsSignature, @ApiParam(value = "The time when the PSU last logged in with the TPP.  All dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below:  Sun, 10 Sep 2017 19:43:31 UTC") @RequestHeader(value = "x-fapi-customer-last-logged-time", required = false) @DateTimeFormat(pattern = HTTP_DATE_FORMAT) DateTime xFapiCustomerLastLoggedTime, @ApiParam(value = "The PSU's IP address if the PSU is currently logged in with the TPP.") @RequestHeader(value = "x-fapi-customer-ip-address", required = false) String xFapiCustomerIpAddress, @ApiParam(value = "An RFC4122 UID used as a correlation id.") @RequestHeader(value = "x-fapi-interaction-id", required = false) String xFapiInteractionId, @ApiParam(value = "Indicates the user-agent that the PSU is using.") @RequestHeader(value = "x-customer-user-agent", required = false) String xCustomerUserAgent, @ApiParam(value = "The PISP ID") @RequestHeader(value = "x-ob-client-id", required = false) String clientId, HttpServletRequest request, Principal principal) throws OBErrorResponseException {
    log.debug("Received: '{}'", obWriteDomesticConsent1);
    FRWriteDomesticConsent frWriteDomesticConsent = toFRWriteDomesticConsent(obWriteDomesticConsent1);
    log.trace("Converted to: '{}'", frWriteDomesticConsent);
    final Tpp tpp = tppRepository.findByClientId(clientId);
    log.debug("Got TPP '{}' for client Id '{}'", tpp, clientId);
    Optional<FRDomesticConsent> consentByIdempotencyKey = domesticConsentRepository.findByIdempotencyKeyAndPispId(xIdempotencyKey, tpp.getId());
    if (consentByIdempotencyKey.isPresent()) {
        validateIdempotencyRequest(xIdempotencyKey, frWriteDomesticConsent, consentByIdempotencyKey.get(), () -> consentByIdempotencyKey.get().getDomesticConsent());
        log.info("Idempotent request is valid. Returning [201 CREATED] but take no further action.");
        return ResponseEntity.status(HttpStatus.CREATED).body(packageResponse(consentByIdempotencyKey.get()));
    }
    log.debug("No consent with matching idempotency key has been found. Creating new consent.");
    FRDomesticConsent domesticConsent = FRDomesticConsent.builder().id(IntentType.PAYMENT_DOMESTIC_CONSENT.generateIntentId()).status(ConsentStatusCode.AWAITINGAUTHORISATION).domesticConsent(frWriteDomesticConsent).pispId(tpp.getId()).pispName(tpp.getOfficialName()).statusUpdate(DateTime.now()).created(DateTime.now()).idempotencyKey(xIdempotencyKey).obVersion(VersionPathExtractor.getVersionFromPath(request)).build();
    log.debug("Saving consent: '{}'", domesticConsent);
    consentMetricService.sendConsentActivity(new ConsentStatusEntry(domesticConsent.getId(), domesticConsent.getStatus().name()));
    domesticConsent = domesticConsentRepository.save(domesticConsent);
    log.info("Created consent id: '{}'", domesticConsent.getId());
    return ResponseEntity.status(HttpStatus.CREATED).body(packageResponse(domesticConsent));
}
Also used : Tpp(com.forgerock.openbanking.model.Tpp) FRDomesticConsent(com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRDomesticConsent) FRWriteDomesticConsent(com.forgerock.openbanking.common.model.openbanking.domain.payment.FRWriteDomesticConsent) FRWriteDomesticConsentConverter.toFRWriteDomesticConsent(com.forgerock.openbanking.common.services.openbanking.converter.payment.FRWriteDomesticConsentConverter.toFRWriteDomesticConsent) ConsentStatusEntry(com.forgerock.openbanking.analytics.model.entries.ConsentStatusEntry)

Example 14 with FRDomesticConsent

use of com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRDomesticConsent in project openbanking-aspsp by OpenBankingToolkit.

the class DomesticPaymentConsentsApiController method getDomesticPaymentConsentsConsentId.

@Override
public ResponseEntity getDomesticPaymentConsentsConsentId(@ApiParam(value = "ConsentId", required = true) @PathVariable("ConsentId") String consentId, @ApiParam(value = "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB.", required = true) @RequestHeader(value = "x-fapi-financial-id", required = true) String xFapiFinancialId, @ApiParam(value = "An Authorisation Token as per https://tools.ietf.org/html/rfc6750", required = true) @RequestHeader(value = "Authorization", required = true) String authorization, @ApiParam(value = "The time when the PSU last logged in with the TPP.  All dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below:  Sun, 10 Sep 2017 19:43:31 UTC") @RequestHeader(value = "x-fapi-customer-last-logged-time", required = false) @DateTimeFormat(pattern = HTTP_DATE_FORMAT) DateTime xFapiCustomerLastLoggedTime, @ApiParam(value = "The PSU's IP address if the PSU is currently logged in with the TPP.") @RequestHeader(value = "x-fapi-customer-ip-address", required = false) String xFapiCustomerIpAddress, @ApiParam(value = "An RFC4122 UID used as a correlation id.") @RequestHeader(value = "x-fapi-interaction-id", required = false) String xFapiInteractionId, @ApiParam(value = "Indicates the user-agent that the PSU is using.") @RequestHeader(value = "x-customer-user-agent", required = false) String xCustomerUserAgent, HttpServletRequest request, Principal principal) throws OBErrorResponseException {
    Optional<FRDomesticConsent> isDomesticConsent = domesticConsentRepository.findById(consentId);
    if (!isDomesticConsent.isPresent()) {
        // OB specifies a 400 when the id does not match an existing consent
        return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("Domestic consent '" + consentId + "' can't be found");
    }
    FRDomesticConsent domesticConsent = isDomesticConsent.get();
    return ResponseEntity.ok(packageResponse(domesticConsent));
}
Also used : FRDomesticConsent(com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRDomesticConsent)

Example 15 with FRDomesticConsent

use of com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRDomesticConsent in project openbanking-aspsp by OpenBankingToolkit.

the class DomesticPaymentsApiController method createDomesticPayments.

@Override
public ResponseEntity createDomesticPayments(@ApiParam(value = "Default", required = true) @Valid @RequestBody OBWriteDomestic1 obWriteDomestic1, @ApiParam(value = "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB.", required = true) @RequestHeader(value = "x-fapi-financial-id", required = true) String xFapiFinancialId, @ApiParam(value = "An Authorisation Token as per https://tools.ietf.org/html/rfc6750", required = true) @RequestHeader(value = "Authorization", required = true) String authorization, @ApiParam(value = "Every request will be processed only once per x-idempotency-key.  The Idempotency Key will be valid for 24 hours.", required = true) @RequestHeader(value = "x-idempotency-key", required = true) String xIdempotencyKey, @ApiParam(value = "A detached JWS signature of the body of the payload.", required = true) @RequestHeader(value = "x-jws-signature", required = true) String xJwsSignature, @ApiParam(value = "The time when the PSU last logged in with the TPP.  All dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below:  Sun, 10 Sep 2017 19:43:31 UTC") @RequestHeader(value = "x-fapi-customer-last-logged-time", required = false) @DateTimeFormat(pattern = HTTP_DATE_FORMAT) DateTime xFapiCustomerLastLoggedTime, @ApiParam(value = "The PSU's IP address if the PSU is currently logged in with the TPP.") @RequestHeader(value = "x-fapi-customer-ip-address", required = false) String xFapiCustomerIpAddress, @ApiParam(value = "An RFC4122 UID used as a correlation id.") @RequestHeader(value = "x-fapi-interaction-id", required = false) String xFapiInteractionId, @ApiParam(value = "Indicates the user-agent that the PSU is using.") @RequestHeader(value = "x-customer-user-agent", required = false) String xCustomerUserAgent, HttpServletRequest request, Principal principal) throws OBErrorResponseException {
    log.debug("Received payment submission: '{}'", obWriteDomestic1);
    FRWriteDomestic frDomesticPayment = toFRWriteDomestic(obWriteDomestic1);
    log.trace("Converted to: '{}'", frDomesticPayment);
    String paymentId = obWriteDomestic1.getData().getConsentId();
    FRDomesticConsent paymentConsent = domesticConsentRepository.findById(paymentId).orElseThrow(() -> new OBErrorResponseException(// OB specifies a 400 when the id does not match an existing consent
    HttpStatus.BAD_REQUEST, OBRIErrorResponseCategory.REQUEST_INVALID, OBRIErrorType.PAYMENT_CONSENT_BEHIND_SUBMISSION_NOT_FOUND.toOBError1(paymentId)));
    log.debug("Found consent '{}' to match this payment id: {} ", paymentConsent, paymentId);
    FRDomesticPaymentSubmission frPaymentSubmission = FRDomesticPaymentSubmission.builder().id(obWriteDomestic1.getData().getConsentId()).domesticPayment(frDomesticPayment).created(new Date()).updated(new Date()).idempotencyKey(xIdempotencyKey).obVersion(VersionPathExtractor.getVersionFromPath(request)).build();
    frPaymentSubmission = new IdempotentRepositoryAdapter<>(domesticPaymentSubmissionRepository).idempotentSave(frPaymentSubmission);
    return ResponseEntity.status(HttpStatus.CREATED).body(responseEntity(frPaymentSubmission, paymentConsent));
}
Also used : IdempotentRepositoryAdapter(com.forgerock.openbanking.aspsp.rs.store.repository.IdempotentRepositoryAdapter) FRDomesticConsent(com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRDomesticConsent) FRDomesticPaymentSubmission(com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRDomesticPaymentSubmission) OBErrorResponseException(com.forgerock.openbanking.exceptions.OBErrorResponseException) FRWriteDomestic(com.forgerock.openbanking.common.model.openbanking.domain.payment.FRWriteDomestic) FRWriteDomesticConverter.toFRWriteDomestic(com.forgerock.openbanking.common.services.openbanking.converter.payment.FRWriteDomesticConverter.toFRWriteDomestic) Date(java.util.Date)

Aggregations

FRDomesticConsent (com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRDomesticConsent)105 Test (org.junit.Test)62 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)50 SpringSecForTest (com.forgerock.openbanking.integration.test.support.SpringSecForTest)49 FRDomesticPaymentSubmission (com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRDomesticPaymentSubmission)37 Collections (java.util.Collections)15 OBErrorResponseException (com.forgerock.openbanking.exceptions.OBErrorResponseException)14 FRWriteDomesticConverter.toOBWriteDomestic2 (com.forgerock.openbanking.common.services.openbanking.converter.payment.FRWriteDomesticConverter.toOBWriteDomestic2)13 DomesticPaymentService (com.forgerock.openbanking.common.services.store.payment.DomesticPaymentService)13 ResponseEntity (org.springframework.http.ResponseEntity)12 ConsentStatusCode (com.forgerock.openbanking.common.model.openbanking.persistence.payment.ConsentStatusCode)11 RSEndpointWrapperService (com.forgerock.openbanking.aspsp.rs.wrappper.RSEndpointWrapperService)9 FRWriteDomestic (com.forgerock.openbanking.common.model.openbanking.domain.payment.FRWriteDomestic)9 FRWriteDomesticConsent (com.forgerock.openbanking.common.model.openbanking.domain.payment.FRWriteDomesticConsent)9 RsStoreGateway (com.forgerock.openbanking.common.services.store.RsStoreGateway)9 Principal (java.security.Principal)9 FRAccount (com.forgerock.openbanking.common.model.openbanking.persistence.account.FRAccount)7 HttpServletRequest (javax.servlet.http.HttpServletRequest)7 DateTime (org.joda.time.DateTime)7 HttpHeaders (org.springframework.http.HttpHeaders)7