Search in sources :

Example 31 with FRFileConsent

use of com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRFileConsent in project openbanking-aspsp by OpenBankingToolkit.

the class FilePaymentConsentsApiControllerIT method testCreateFileConsent.

@Test
public void testCreateFileConsent() throws UnirestException {
    // Given
    springSecForTest.mockAuthCollector.mockAuthorities(OBRIRole.ROLE_PISP);
    setupMockTpp(tppRepository);
    OBWriteFileConsent2 consentRequest = JMockData.mock(OBWriteFileConsent2.class);
    consentRequest.getData().getInitiation().fileHash("dslkjdslkfhsdlkfjlskdj");
    consentRequest.getData().getInitiation().fileReference("123");
    consentRequest.getData().getInitiation().fileType("UK.OBIE.pain.001.001.08");
    consentRequest.getData().getInitiation().numberOfTransactions("100");
    consentRequest.getData().getInitiation().controlSum(new BigDecimal("3000.0"));
    consentRequest.getData().getInitiation().supplementaryData(new OBSupplementaryData1());
    // When
    HttpResponse<OBWriteFileConsentResponse2> response = Unirest.post("https://rs-store:" + port + "/open-banking/v3.1/pisp/file-payment-consents/").header(OBHeaders.X_FAPI_FINANCIAL_ID, rsConfiguration.financialId).header(OBHeaders.AUTHORIZATION, "token").header(OBHeaders.X_IDEMPOTENCY_KEY, UUID.randomUUID().toString()).header(OBHeaders.X_JWS_SIGNATURE, "x-jws-signature").header(CONTENT_TYPE, "application/json").header(ACCEPT, "application/json").header("x-ob-client-id", MOCK_CLIENT_ID).body(consentRequest).asObject(OBWriteFileConsentResponse2.class);
    // Then
    assertThat(response.getStatus()).isEqualTo(201);
    OBWriteFileConsentResponse2 consentResponse = response.getBody();
    FRFileConsent consent = repository.findById(consentResponse.getData().getConsentId()).get();
    assertThat(consent.getPispName()).isEqualTo(MOCK_PISP_NAME);
    assertThat(consent.getPispId()).isEqualTo(MOCK_PISP_ID);
    assertThat(consent.getId()).isEqualTo(consentResponse.getData().getConsentId());
    assertThat(consent.getInitiation()).isEqualTo(toFRWriteFileDataInitiation(consentResponse.getData().getInitiation()));
    assertThat(consent.getStatus().toOBExternalConsentStatus2Code()).isEqualTo(consentResponse.getData().getStatus());
    assertThat(consent.getObVersion()).isEqualTo(OBVersion.v3_1);
}
Also used : OBWriteFileConsentResponse2(uk.org.openbanking.datamodel.payment.OBWriteFileConsentResponse2) FRFileConsent(com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRFileConsent) OBWriteFileConsent2(uk.org.openbanking.datamodel.payment.OBWriteFileConsent2) OBSupplementaryData1(uk.org.openbanking.datamodel.payment.OBSupplementaryData1) BigDecimal(java.math.BigDecimal) SpringBootTest(org.springframework.boot.test.context.SpringBootTest) SpringSecForTest(com.forgerock.openbanking.integration.test.support.SpringSecForTest) Test(org.junit.Test)

Example 32 with FRFileConsent

use of com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRFileConsent in project openbanking-aspsp by OpenBankingToolkit.

the class FilePaymentConsentsApiControllerIT method testGetFileConsentFile.

@Test
public void testGetFileConsentFile() throws Exception {
    // Given
    String fileConsentId = UUID.randomUUID().toString();
    String fileContent = "<sample>test</sample>";
    springSecForTest.mockAuthCollector.mockAuthorities(OBRIRole.ROLE_PISP);
    FRFileConsent consent = JMockData.mock(FRFileConsent.class);
    consent.setStatus(ConsentStatusCode.AWAITINGAUTHORISATION);
    consent.setId(fileConsentId);
    consent.setFileContent(fileContent);
    repository.save(consent);
    // When
    HttpResponse response = Unirest.get("https://rs-store:" + port + "/open-banking/v3.1/pisp/file-payment-consents/" + fileConsentId + "/file").header(OBHeaders.X_FAPI_FINANCIAL_ID, rsConfiguration.financialId).header(OBHeaders.AUTHORIZATION, "token").header(ACCEPT, "plain/xml").header(CONTENT_TYPE, "application/json").asString();
    // Then
    log.debug("Response: {} {}", response.getStatus(), response.getStatusText());
    assertThat(response.getStatus()).isEqualTo(200);
    assertThat(response.getBody().toString()).isEqualTo(fileContent);
}
Also used : FRFileConsent(com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRFileConsent) HttpResponse(kong.unirest.HttpResponse) SpringBootTest(org.springframework.boot.test.context.SpringBootTest) SpringSecForTest(com.forgerock.openbanking.integration.test.support.SpringSecForTest) Test(org.junit.Test)

Example 33 with FRFileConsent

use of com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRFileConsent in project openbanking-aspsp by OpenBankingToolkit.

the class FilePaymentsApiController method getFilePaymentsFilePaymentIdReportFile.

@Override
public ResponseEntity getFilePaymentsFilePaymentIdReportFile(@ApiParam(value = "FilePaymentId", required = true) @PathVariable("FilePaymentId") String filePaymentId, @ApiParam(value = "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB.", required = true) @RequestHeader(value = "x-fapi-financial-id", required = true) String xFapiFinancialId, @ApiParam(value = "An Authorisation Token as per https://tools.ietf.org/html/rfc6750", required = true) @RequestHeader(value = "Authorization", required = true) String authorization, @ApiParam(value = "The time when the PSU last logged in with the TPP.  All dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below:  Sun, 10 Sep 2017 19:43:31 UTC") @RequestHeader(value = "x-fapi-customer-last-logged-time", required = false) @DateTimeFormat(pattern = HTTP_DATE_FORMAT) DateTime xFapiCustomerLastLoggedTime, @ApiParam(value = "The PSU's IP address if the PSU is currently logged in with the TPP.") @RequestHeader(value = "x-fapi-customer-ip-address", required = false) String xFapiCustomerIpAddress, @ApiParam(value = "An RFC4122 UID used as a correlation id.") @RequestHeader(value = "x-fapi-interaction-id", required = false) String xFapiInteractionId, @ApiParam(value = "Indicates the user-agent that the PSU is using.") @RequestHeader(value = "x-customer-user-agent", required = false) String xCustomerUserAgent, HttpServletRequest request, Principal principal) throws OBErrorResponseException {
    FRFileConsent consent = fileConsentRepository.findById(filePaymentId).orElseThrow(() -> new OBErrorResponseException(HttpStatus.BAD_REQUEST, OBRIErrorResponseCategory.REQUEST_INVALID, OBRIErrorType.PAYMENT_ID_NOT_FOUND.toOBError1(filePaymentId)));
    log.debug("Consent '{}' exists with status: {} so generating a report file for type: '{}'", consent.getId(), consent.getStatus(), consent.getFileType());
    try {
        final String reportFile = paymentReportFileService.createPaymentReport(consent);
        log.debug("Generated report file for consent: '{}'", consent.getId());
        return ResponseEntity.ok(reportFile);
    } catch (UnsupportedFileTypeException exception) {
        return ResponseEntity.status(HttpStatus.NOT_IMPLEMENTED).body("{ \"Description\" : \"Report for file type " + consent.getFileType().getFileType() + " not supported\" }");
    }
}
Also used : FRFileConsent(com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRFileConsent) OBErrorResponseException(com.forgerock.openbanking.exceptions.OBErrorResponseException) UnsupportedFileTypeException(com.forgerock.openbanking.common.model.openbanking.forgerock.filepayment.v3_0.UnsupportedFileTypeException)

Example 34 with FRFileConsent

use of com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRFileConsent in project openbanking-aspsp by OpenBankingToolkit.

the class FilePaymentConsentsApiController method createFilePaymentConsentsConsentIdFile.

@Override
public ResponseEntity createFilePaymentConsentsConsentIdFile(@ApiParam(value = "Default", required = true) @Valid @RequestBody String fileParam, @ApiParam(value = "ConsentId", required = true) @PathVariable("ConsentId") String consentId, @ApiParam(value = "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB.", required = true) @RequestHeader(value = "x-fapi-financial-id", required = true) String xFapiFinancialId, @ApiParam(value = "An Authorisation Token as per https://tools.ietf.org/html/rfc6750", required = true) @RequestHeader(value = "Authorization", required = true) String authorization, @ApiParam(value = "Every request will be processed only once per x-idempotency-key.  The Idempotency Key will be valid for 24 hours.", required = true) @RequestHeader(value = "x-idempotency-key", required = true) String xIdempotencyKey, @ApiParam(value = "A detached JWS signature of the body of the payload.", required = true) @RequestHeader(value = "x-jws-signature", required = true) String xJwsSignature, @ApiParam(value = "The time when the PSU last logged in with the TPP.  All dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below:  Sun, 10 Sep 2017 19:43:31 UTC") @RequestHeader(value = "x-fapi-customer-last-logged-time", required = false) @DateTimeFormat(pattern = HTTP_DATE_FORMAT) DateTime xFapiCustomerLastLoggedTime, @ApiParam(value = "The PSU's IP address if the PSU is currently logged in with the TPP.") @RequestHeader(value = "x-fapi-customer-ip-address", required = false) String xFapiCustomerIpAddress, @ApiParam(value = "An RFC4122 UID used as a correlation id.") @RequestHeader(value = "x-fapi-interaction-id", required = false) String xFapiInteractionId, @ApiParam(value = "Indicates the user-agent that the PSU is using.") @RequestHeader(value = "x-customer-user-agent", required = false) String xCustomerUserAgent, HttpServletRequest request, Principal principal) throws OBErrorResponseException {
    log.trace("Received: '{}'", fileParam);
    final FRFileConsent fileConsent = fileConsentRepository.findById(consentId).orElseThrow(() -> new OBErrorResponseException(HttpStatus.BAD_REQUEST, OBRIErrorResponseCategory.REQUEST_INVALID, OBRIErrorType.PAYMENT_ID_NOT_FOUND.toOBError1()));
    // If file already exists it could be idempotent request
    if (!StringUtils.isEmpty(fileConsent.getFileContent())) {
        if (xIdempotencyKey.equals(fileConsent.getIdempotencyKey())) {
            validateIdempotencyRequest(xIdempotencyKey, fileConsent);
            log.info("File already exists for consent: '{}' and has matching idempotent key: '{}'. No action taken but returning 200/OK");
            return ResponseEntity.ok().build();
        } else {
            log.debug("This consent already has a file uploaded and the idempotency key does not match the previous upload so rejecting.");
            throw new OBErrorResponseException(HttpStatus.FORBIDDEN, OBRIErrorResponseCategory.REQUEST_INVALID, OBRIErrorType.PAYMENT_ALREADY_SUBMITTED.toOBError1(fileConsent.getStatus().toOBExternalConsentStatus2Code()));
        }
    }
    // We parse the file and check metadata against the parsed file
    try {
        PaymentFile paymentFile = PaymentFileFactory.createPaymentFile(fileConsent.getFileType(), fileParam);
        log.info("Successfully parsed file of type: '{}' for consent: '{}'", fileConsent.getFileType(), fileConsent.getId());
        FileTransactionCountValidator.validate(fileConsent, paymentFile);
        ControlSumValidator.validate(fileConsent, paymentFile);
        fileConsent.setPayments(paymentFile.getPayments());
        fileConsent.setFileContent(fileParam);
        fileConsent.setUpdated(new Date());
        fileConsent.setStatus(ConsentStatusCode.AWAITINGAUTHORISATION);
        fileConsent.setStatusUpdate(DateTime.now());
        fileConsentRepository.save(fileConsent);
    } catch (OBErrorException e) {
        throw new OBErrorResponseException(e.getObriErrorType().getHttpStatus(), OBRIErrorResponseCategory.REQUEST_INVALID, e.getOBError());
    }
    return ResponseEntity.ok().build();
}
Also used : PaymentFile(com.forgerock.openbanking.common.model.openbanking.forgerock.filepayment.v3_0.PaymentFile) FRFileConsent(com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRFileConsent) OBErrorResponseException(com.forgerock.openbanking.exceptions.OBErrorResponseException) OBErrorException(com.forgerock.openbanking.exceptions.OBErrorException) Date(java.util.Date)

Example 35 with FRFileConsent

use of com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRFileConsent in project openbanking-aspsp by OpenBankingToolkit.

the class FilePaymentConsentsApiController method createFilePaymentConsents.

@Override
public ResponseEntity<OBWriteFileConsentResponse1> createFilePaymentConsents(@ApiParam(value = "Default", required = true) @Valid @RequestBody OBWriteFileConsent1 obWriteFileConsent1, @ApiParam(value = "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB.", required = true) @RequestHeader(value = "x-fapi-financial-id", required = true) String xFapiFinancialId, @ApiParam(value = "An Authorisation Token as per https://tools.ietf.org/html/rfc6750", required = true) @RequestHeader(value = "Authorization", required = true) String authorization, @ApiParam(value = "Every request will be processed only once per x-idempotency-key.  The Idempotency Key will be valid for 24 hours.", required = true) @RequestHeader(value = "x-idempotency-key", required = true) String xIdempotencyKey, @ApiParam(value = "A detached JWS signature of the body of the payload.", required = true) @RequestHeader(value = "x-jws-signature", required = true) String xJwsSignature, @ApiParam(value = "The time when the PSU last logged in with the TPP.  All dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below:  Sun, 10 Sep 2017 19:43:31 UTC") @RequestHeader(value = "x-fapi-customer-last-logged-time", required = false) @DateTimeFormat(pattern = HTTP_DATE_FORMAT) DateTime xFapiCustomerLastLoggedTime, @ApiParam(value = "The PSU's IP address if the PSU is currently logged in with the TPP.") @RequestHeader(value = "x-fapi-customer-ip-address", required = false) String xFapiCustomerIpAddress, @ApiParam(value = "An RFC4122 UID used as a correlation id.") @RequestHeader(value = "x-fapi-interaction-id", required = false) String xFapiInteractionId, @ApiParam(value = "Indicates the user-agent that the PSU is using.") @RequestHeader(value = "x-customer-user-agent", required = false) String xCustomerUserAgent, @ApiParam(value = "The PISP Client ID") @RequestHeader(value = "x-ob-client-id", required = true) String clientId, HttpServletRequest request, Principal principal) throws OBErrorResponseException {
    log.debug("Received: '{}'", obWriteFileConsent1);
    FRWriteFileConsent frWriteFileConsent = toFRWriteFileConsent(obWriteFileConsent1);
    log.trace("Converted to: '{}'", frWriteFileConsent);
    final Tpp tpp = Optional.ofNullable(tppRepository.findByClientId(clientId)).orElseThrow(() -> new OBErrorResponseException(HttpStatus.BAD_REQUEST, OBRIErrorResponseCategory.REQUEST_INVALID, "TPP not found for client id", Collections.singletonList(OBRIErrorType.REQUEST_INVALID_HEADER.toOBError1("x-ob-client-id"))));
    log.debug("Got TPP '{}' for client Id '{}'", tpp, clientId);
    Optional<FRFileConsent> consentByIdempotencyKey = fileConsentRepository.findByIdempotencyKeyAndPispId(xIdempotencyKey, tpp.getId());
    if (consentByIdempotencyKey.isPresent()) {
        validateIdempotencyRequest(xIdempotencyKey, frWriteFileConsent, consentByIdempotencyKey.get(), () -> consentByIdempotencyKey.get().getWriteFileConsent());
        log.info("Idempotent request is valid. Returning [201 CREATED] but take no further action.");
        return ResponseEntity.status(HttpStatus.CREATED).body(packageResponse(consentByIdempotencyKey.get()));
    }
    log.debug("No consent with matching idempotency key has been found. Creating new consent.");
    FRFileConsent fileConsent = FRFileConsent.builder().id(IntentType.PAYMENT_FILE_CONSENT.generateIntentId()).status(ConsentStatusCode.AWAITINGUPLOAD).writeFileConsent(frWriteFileConsent).pispId(tpp.getId()).pispName(tpp.getOfficialName()).created(DateTime.now()).statusUpdate(DateTime.now()).updated(new Date()).idempotencyKey(xIdempotencyKey).obVersion(VersionPathExtractor.getVersionFromPath(request)).build();
    log.debug("Saving consent: '{}'", fileConsent);
    consentMetricService.sendConsentActivity(new ConsentStatusEntry(fileConsent.getId(), fileConsent.getStatus().name()));
    fileConsent = fileConsentRepository.save(fileConsent);
    log.info("Created consent id: '{}'", fileConsent.getId());
    return ResponseEntity.status(HttpStatus.CREATED).body(packageResponse(fileConsent));
}
Also used : FRWriteFileConsent(com.forgerock.openbanking.common.model.openbanking.domain.payment.FRWriteFileConsent) FRWriteFileConsentConverter.toFRWriteFileConsent(com.forgerock.openbanking.common.services.openbanking.converter.payment.FRWriteFileConsentConverter.toFRWriteFileConsent) Tpp(com.forgerock.openbanking.model.Tpp) FRFileConsent(com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRFileConsent) OBErrorResponseException(com.forgerock.openbanking.exceptions.OBErrorResponseException) Date(java.util.Date) ConsentStatusEntry(com.forgerock.openbanking.analytics.model.entries.ConsentStatusEntry)

Aggregations

FRFileConsent (com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRFileConsent)45 OBErrorResponseException (com.forgerock.openbanking.exceptions.OBErrorResponseException)29 FRFilePaymentSubmission (com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRFilePaymentSubmission)13 SpringSecForTest (com.forgerock.openbanking.integration.test.support.SpringSecForTest)12 Date (java.util.Date)12 Test (org.junit.Test)12 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)12 RSEndpointWrapperService (com.forgerock.openbanking.aspsp.rs.wrappper.RSEndpointWrapperService)8 RsStoreGateway (com.forgerock.openbanking.common.services.store.RsStoreGateway)8 FilePaymentService (com.forgerock.openbanking.common.services.store.payment.FilePaymentService)8 Principal (java.security.Principal)8 Collections (java.util.Collections)8 HttpServletRequest (javax.servlet.http.HttpServletRequest)8 DateTime (org.joda.time.DateTime)8 Resource (org.springframework.core.io.Resource)8 HttpHeaders (org.springframework.http.HttpHeaders)8 ResponseEntity (org.springframework.http.ResponseEntity)7 Controller (org.springframework.stereotype.Controller)7 FRWriteFile (com.forgerock.openbanking.common.model.openbanking.domain.payment.FRWriteFile)5 Tpp (com.forgerock.openbanking.model.Tpp)5