use of com.forgerock.openbanking.common.model.openbanking.persistence.vrp.FRDomesticVRPConsent in project openbanking-aspsp by OpenBankingToolkit.
the class DomesticVrpsApiControllerIT method createVrpPaymentBreachLimitationMaxAmount.
@Test
public void createVrpPaymentBreachLimitationMaxAmount() throws Exception {
// Given
String jws = jws("payments", OIDCConstants.GrantType.AUTHORIZATION_CODE);
springSecForTest.mockAuthCollector.mockAuthorities(OBRIRole.ROLE_PISP);
given(amResourceServerService.verifyAccessToken("Bearer " + jws)).willReturn(SignedJWT.parse(jws));
FRDomesticVRPConsent frDomesticVRPConsent = aValidFRDomesticVRPConsent(IntentType.DOMESTIC_VRP_PAYMENT_CONSENT.generateIntentId(), ConsentStatusCode.AUTHORISED);
OBDomesticVRPConsentResponse consentResponse = FRDomesticVRPConsentConverter.toOBDomesticVRPConsentResponse(frDomesticVRPConsent);
Double maxAmount = Double.valueOf(consentResponse.getData().getControlParameters().getMaximumIndividualAmount().getAmount());
OBDomesticVRPRequest request = buildAValidOBDomesticVRPRequest(consentResponse);
request.getData().getInstruction().getInstructedAmount().setAmount(Double.toString(Double.sum(maxAmount.doubleValue(), Double.parseDouble("1000.00"))));
given(vrpPaymentConsentService.getVrpPaymentConsent(request.getData().getConsentId())).willReturn(frDomesticVRPConsent);
// When
HttpResponse<ResponseEntity> response = Unirest.post(HOST + port + VRP_CONTXT_PATH).header(OBHeaders.X_FAPI_FINANCIAL_ID, rsConfiguration.financialId).header(OBHeaders.X_IDEMPOTENCY_KEY, IDEMPOTENCY_KEY).header(OBHeaders.X_JWS_SIGNATURE, jws).header(OBHeaders.AUTHORIZATION, "Bearer " + jws).header(OBHeaders.CONTENT_TYPE, ContentType.APPLICATION_JSON.getMimeType()).body(request).asObject(ResponseEntity.class);
// Then
assertThat(response).isNotNull();
assertThat(response.getStatus()).isEqualTo(HttpStatus.BAD_REQUEST.value());
assertThat(response.getParsingError().get().getOriginalBody()).contains("{\"ErrorCode\":\"UK.OBIE.Rules.FailsControlParameters\"");
String expectedMessage = String.format("The field '%s' breach a limitation set by '%s'", VRPErrorControlParametersFields.RequestControlFields.MAX_INDIVIDUAL_AMOUNT, VRPErrorControlParametersFields.ConsentControlFields.MAX_INDIVIDUAL_AMOUNT);
assertThat(response.getParsingError().get().getOriginalBody()).contains(expectedMessage);
}
use of com.forgerock.openbanking.common.model.openbanking.persistence.vrp.FRDomesticVRPConsent in project openbanking-aspsp by OpenBankingToolkit.
the class DomesticVrpsApiControllerIT method createVrpPayment.
@Test
public void createVrpPayment() throws Exception {
// Given
String jws = jws("payments", OIDCConstants.GrantType.AUTHORIZATION_CODE);
springSecForTest.mockAuthCollector.mockAuthorities(OBRIRole.ROLE_PISP);
given(amResourceServerService.verifyAccessToken("Bearer " + jws)).willReturn(SignedJWT.parse(jws));
FRDomesticVRPConsent frDomesticVRPConsent = aValidFRDomesticVRPConsent(IntentType.DOMESTIC_VRP_PAYMENT_CONSENT.generateIntentId(), ConsentStatusCode.AUTHORISED);
OBDomesticVRPConsentResponse consentResponse = FRDomesticVRPConsentConverter.toOBDomesticVRPConsentResponse(frDomesticVRPConsent);
OBDomesticVRPRequest request = buildAValidOBDomesticVRPRequest(consentResponse);
OBDomesticVRPResponse rsStoreResponse = aValidOBDomesticVRPResponse(request);
given(rsStoreGateway.toRsStore(any(), any(), any(), any(), any())).willReturn(ResponseEntity.status(HttpStatus.CREATED).body(rsStoreResponse));
Tpp tpp = new Tpp();
tpp.setAuthorisationNumber("test-tpp");
given(tppStoreService.findByClientId(any())).willReturn(Optional.of(tpp));
given(vrpPaymentConsentService.getVrpPaymentConsent(request.getData().getConsentId())).willReturn(frDomesticVRPConsent);
// When
HttpResponse<OBDomesticVRPResponse> response = Unirest.post(HOST + port + VRP_CONTXT_PATH).header(OBHeaders.X_FAPI_FINANCIAL_ID, rsConfiguration.financialId).header(OBHeaders.X_IDEMPOTENCY_KEY, IDEMPOTENCY_KEY).header(OBHeaders.X_JWS_SIGNATURE, jws).header(OBHeaders.AUTHORIZATION, "Bearer " + jws).header(OBHeaders.CONTENT_TYPE, ContentType.APPLICATION_JSON.getMimeType()).body(request).asObject(OBDomesticVRPResponse.class);
// Then
assertThat(response.getStatus()).isEqualTo(HttpStatus.CREATED.value());
assertThat(response.getBody()).isEqualTo(rsStoreResponse);
}
use of com.forgerock.openbanking.common.model.openbanking.persistence.vrp.FRDomesticVRPConsent in project openbanking-aspsp by OpenBankingToolkit.
the class DomesticVrpsApiControllerIT method aValidFRDomesticVRPConsent.
private FRDomesticVRPConsent aValidFRDomesticVRPConsent(String consentId, ConsentStatusCode consentStatusCode) {
FRDomesticVRPConsentDetails details = toFRDomesticVRPConsentDetails(aValidOBDomesticVRPConsentRequest());
FRDomesticVRPConsent consent = JMockData.mock(FRDomesticVRPConsent.class);
consent.setVrpDetails(details);
consent.setId(consentId);
consent.setIdempotencyKey(UUID.randomUUID().toString());
consent.setStatus(consentStatusCode);
consent.setObVersion(OBVersion.v3_1_8);
return consent;
}
use of com.forgerock.openbanking.common.model.openbanking.persistence.vrp.FRDomesticVRPConsent in project openbanking-aspsp by OpenBankingToolkit.
the class DomesticVrpsApiControllerIT method createVrpPaymentRiskNotMatch.
@Test
public void createVrpPaymentRiskNotMatch() throws Exception {
// Given
String jws = jws("payments", OIDCConstants.GrantType.AUTHORIZATION_CODE);
springSecForTest.mockAuthCollector.mockAuthorities(OBRIRole.ROLE_PISP);
given(amResourceServerService.verifyAccessToken("Bearer " + jws)).willReturn(SignedJWT.parse(jws));
FRDomesticVRPConsent frDomesticVRPConsent = aValidFRDomesticVRPConsent(IntentType.DOMESTIC_VRP_PAYMENT_CONSENT.generateIntentId(), ConsentStatusCode.AUTHORISED);
OBDomesticVRPConsentResponse consentResponse = FRDomesticVRPConsentConverter.toOBDomesticVRPConsentResponse(frDomesticVRPConsent);
OBDomesticVRPRequest request = buildAValidOBDomesticVRPRequest(consentResponse);
request.setRisk(new OBRisk1());
given(vrpPaymentConsentService.getVrpPaymentConsent(request.getData().getConsentId())).willReturn(frDomesticVRPConsent);
// When
HttpResponse<ResponseEntity> response = Unirest.post(HOST + port + VRP_CONTXT_PATH).header(OBHeaders.X_FAPI_FINANCIAL_ID, rsConfiguration.financialId).header(OBHeaders.X_IDEMPOTENCY_KEY, IDEMPOTENCY_KEY).header(OBHeaders.X_JWS_SIGNATURE, jws).header(OBHeaders.AUTHORIZATION, "Bearer " + jws).header(OBHeaders.CONTENT_TYPE, ContentType.APPLICATION_JSON.getMimeType()).body(request).asObject(ResponseEntity.class);
// Then
assertThat(response).isNotNull();
assertThat(response.getStatus()).isEqualTo(HttpStatus.BAD_REQUEST.value());
assertThat(response.getParsingError().get().getOriginalBody()).contains("{\"ErrorCode\":\"UK.OBIE.Resource.ConsentMismatch\"");
assertThat(response.getParsingError().get().getOriginalBody()).contains("The provided risk data differs from that in the matching consent");
}
use of com.forgerock.openbanking.common.model.openbanking.persistence.vrp.FRDomesticVRPConsent in project openbanking-aspsp by OpenBankingToolkit.
the class DomesticVrpsApiControllerIT method createVrpPaymentInstructedCreditorAccountNotProvided.
@Test
public void createVrpPaymentInstructedCreditorAccountNotProvided() throws Exception {
// Given
String jws = jws("payments", OIDCConstants.GrantType.AUTHORIZATION_CODE);
springSecForTest.mockAuthCollector.mockAuthorities(OBRIRole.ROLE_PISP);
given(amResourceServerService.verifyAccessToken("Bearer " + jws)).willReturn(SignedJWT.parse(jws));
FRDomesticVRPConsent frDomesticVRPConsent = aValidFRDomesticVRPConsent(IntentType.DOMESTIC_VRP_PAYMENT_CONSENT.generateIntentId(), ConsentStatusCode.AUTHORISED);
OBDomesticVRPConsentResponse consentResponse = FRDomesticVRPConsentConverter.toOBDomesticVRPConsentResponse(frDomesticVRPConsent);
OBDomesticVRPRequest request = buildAValidOBDomesticVRPRequest(consentResponse);
frDomesticVRPConsent.getVrpDetails().getData().getInitiation().setCreditorAccount(null);
consentResponse.getData().getInitiation().setCreditorAccount(null);
request.getData().getInstruction().setCreditorAccount(null);
given(vrpPaymentConsentService.getVrpPaymentConsent(request.getData().getConsentId())).willReturn(frDomesticVRPConsent);
// When
HttpResponse<ResponseEntity> response = Unirest.post(HOST + port + VRP_CONTXT_PATH).header(OBHeaders.X_FAPI_FINANCIAL_ID, rsConfiguration.financialId).header(OBHeaders.X_IDEMPOTENCY_KEY, IDEMPOTENCY_KEY).header(OBHeaders.X_JWS_SIGNATURE, jws).header(OBHeaders.AUTHORIZATION, "Bearer " + jws).header(OBHeaders.CONTENT_TYPE, ContentType.APPLICATION_JSON.getMimeType()).body(request).asObject(ResponseEntity.class);
// Then
assertThat(response).isNotNull();
assertThat(response.getStatus()).isEqualTo(HttpStatus.BAD_REQUEST.value());
assertThat(response.getParsingError().get().getOriginalBody()).contains("{\"ErrorCode\":\"UK.OBIE.Field.Invalid\"");
assertThat(response.getParsingError().get().getOriginalBody()).contains("data.instruction.creditorAccount");
}
Aggregations