Search in sources :

Example 56 with OBErrorException

use of com.forgerock.openbanking.exceptions.OBErrorException in project openbanking-aspsp by OpenBankingToolkit.

the class DetachedJwsVerifierTest method shouldFailToVerifyB64HeaderGivenVersionBefore3_1_4AndB64HeaderIsNonBoolean.

@Test
public void shouldFailToVerifyB64HeaderGivenVersionBefore3_1_4AndB64HeaderIsNonBoolean() throws ParseException, IOException, OBErrorException {
    // Given
    String detachedJws = "eyJiNjQiOiJub3RfZmFsc2UiLCJodHRwOlwvXC9vcGVuYmFua2luZy5vcmcudWtcL2lhdCI6MTU5ODQzNjgxMiwiaHR0cDpcL1wvb3BlbmJhbmtpbmcub3JnLnVrXC90YW4iOiJvcGVuYmFua2luZy5vcmcudWsiLCJjcml0IjpbImI2NCIsImh0dHA6XC9cL29wZW5iYW5raW5nLm9yZy51a1wvaWF0IiwiaHR0cDpcL1wvb3BlbmJhbmtpbmcub3JnLnVrXC90YW4iLCJodHRwOlwvXC9vcGVuYmFua2luZy5vcmcudWtcL2lzcyJdLCJraWQiOiJ0X0l1NnhYWUV0Mnhod01Bc19ybGFjR3hrRVkiLCJodHRwOlwvXC9vcGVuYmFua2luZy5vcmcudWtcL2lzcyI6Imh0dHA6XC9cL29wZW5iYW5raW5nLm9yZy51a1wvaWF0IiwiYWxnIjoiUFMyNTYifQ..G3SB5PVYpdeh9G_ihr-WKVb0JZPERG6AkvgmprD7NfrXnyiOYNowJzAPyIB4AqEZepzAxUsynL5yYBkCKT411YUjj7BcWnwDVeUeohoBxGIx3dM15Jz4KTaVS6qepNFfigwuovhO9avg498xKwOeLUULrRPJ9Er2Sy5h52UUV2mdJe_7xxzC1scET49hYqwdwrEaseN0HoCUno6-93rx7SSa6Btcz-bnTu6erLB1PUsTHB9pRzauxpf6AZ2YwC9a8lu4z0sz1hb6Y5RqUgToXTTj-MMl8win65WNV3puMmhuPIQI4Ij6iYwiC32qRyipfaqspfpp7s9kq_EMw6-Wrw";
    HttpServletRequest request = setupHttpServletRequestMock();
    // When
    OBErrorException exception = catchThrowableOfType(() -> detachedJwsVerifier.verifyDetachedJws(detachedJws, OBVersion.v3_1_3, request, OAUTH2_CLIENT_ID), OBErrorException.class);
    // Then
    assertThat(exception).hasMessage("Invalid detached signature " + detachedJws + ". Reason: Invalid JWS header: Unexpected type of JSON object member with key \"b64\"");
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) OBErrorException(com.forgerock.openbanking.exceptions.OBErrorException) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) Test(org.junit.Test)

Example 57 with OBErrorException

use of com.forgerock.openbanking.exceptions.OBErrorException in project openbanking-aspsp by OpenBankingToolkit.

the class DetachedJwsVerifierTest method shouldFailToVerifyB64HeaderGivenVersionBefore3_1_4AndB64HeaderIsMissing.

@Test
public void shouldFailToVerifyB64HeaderGivenVersionBefore3_1_4AndB64HeaderIsMissing() throws Exception {
    // Given
    String detachedJws = "eyJodHRwOlwvXC9vcGVuYmFua2luZy5vcmcudWtcL2lhdCI6MTU5ODQzNjcwOCwiaHR0cDpcL1wvb3BlbmJhbmtpbmcub3JnLnVrXC90YW4iOiJvcGVuYmFua2luZy5vcmcudWsiLCJodHRwOlwvXC9vcGVuYmFua2luZy5vcmcudWtcL2lzcyI6Imh0dHA6XC9cL29wZW5iYW5raW5nLm9yZy51a1wvaWF0IiwiY3JpdCI6WyJodHRwOlwvXC9vcGVuYmFua2luZy5vcmcudWtcL2lhdCIsImh0dHA6XC9cL29wZW5iYW5raW5nLm9yZy51a1wvdGFuIiwiaHR0cDpcL1wvb3BlbmJhbmtpbmcub3JnLnVrXC9pc3MiXSwiYWxnIjoiUFMyNTYiLCJraWQiOiJ0X0l1NnhYWUV0Mnhod01Bc19ybGFjR3hrRVkifQ..cxZkqGmnxApJcU8oKgNP3PVXhAVtO37ULnCIaNo6ayZrbaQp_6u4Ap4mTXOCvPtl6AfE_SF89xcAqipJV6l_hsOL4UKrmmcT5TNgXnHTOGFwx1lCrdFl0dZWXYvyT4WUctc3laLLmrQjyAfZqsmScT9b63ewx6R6aJ6qwe171OOFVSSFbpKVLXkPevcIltdmpX9rn_m_6nVYRrzRG4eeaTYAmd-nTZxHiJ0FWJ348G4y8E9WW7so4fwooYfoAjWq716ZTwNC7iEsJuGO6X8JpQYn66bYlYSeiyV-q41V5cu9R_QmAwKs2leYsB34YiHp6VteilcmyF9H19zRTkyTeg";
    HttpServletRequest request = setupHttpServletRequestMock();
    // When
    OBErrorException exception = catchThrowableOfType(() -> detachedJwsVerifier.verifyDetachedJws(detachedJws, OBVersion.v3_1_3, request, OAUTH2_CLIENT_ID), OBErrorException.class);
    // Then
    assertThat(exception).hasMessage("Invalid detached signature " + detachedJws + ". Reason: b64 claim header not set to false");
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) OBErrorException(com.forgerock.openbanking.exceptions.OBErrorException) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) Test(org.junit.Test)

Example 58 with OBErrorException

use of com.forgerock.openbanking.exceptions.OBErrorException in project openbanking-aspsp by OpenBankingToolkit.

the class AccountsApiEndpointWrapperTest method testMatls_failMatlsCheck.

@Test
public void testMatls_failMatlsCheck() {
    // Given
    String authorisatioNumber = "PSDGB-OB-2345343";
    String clientId = "clientId";
    FRAccountRequest accountRequest = new FRAccountRequest();
    accountRequest.setClientId(clientId);
    wrapper.accountRequest = accountRequest;
    Collection<? extends GrantedAuthority> authorities = Collections.emptyList();
    Authentication authentication = new X509Authentication(authorisatioNumber, authorities, null);
    wrapper.principal = authentication;
    Tpp tpp = new Tpp();
    tpp.setAuthorisationNumber("PSDGB-OB-45434324");
    given(this.tppStoreService.findByClientId(clientId)).willReturn(Optional.of(tpp));
    // Then
    OBErrorException exception = catchThrowableOfType(() -> wrapper.verifyMatlsFromAccountRequest(), OBErrorException.class);
    assertThat(exception.getObriErrorType()).isEqualTo(MATLS_TPP_AUTHENTICATION_INVALID_FROM_ACCOUNT_REQUEST);
}
Also used : FRAccountRequest(com.forgerock.openbanking.common.model.openbanking.persistence.account.FRAccountRequest) Tpp(com.forgerock.openbanking.model.Tpp) X509Authentication(com.forgerock.spring.security.multiauth.model.authentication.X509Authentication) Authentication(org.springframework.security.core.Authentication) OBErrorException(com.forgerock.openbanking.exceptions.OBErrorException) X509Authentication(com.forgerock.spring.security.multiauth.model.authentication.X509Authentication) Test(org.junit.Test)

Example 59 with OBErrorException

use of com.forgerock.openbanking.exceptions.OBErrorException in project openbanking-aspsp by OpenBankingToolkit.

the class AccountsApiEndpointWrapperTest method testMatls_failOauth2RegistrationDeleted.

@Test
public void testMatls_failOauth2RegistrationDeleted() {
    // Given
    String authorisatioNumber = "PSDGB-OB-2345343";
    String clientId = "clientId";
    FRAccountRequest accountRequest = new FRAccountRequest();
    accountRequest.setClientId(clientId);
    wrapper.accountRequest = accountRequest;
    Collection<? extends GrantedAuthority> authorities = Collections.emptyList();
    Authentication authentication = new X509Authentication(authorisatioNumber, authorities, null);
    wrapper.principal = authentication;
    given(this.tppStoreService.findByClientId(clientId)).willReturn(Optional.empty());
    // Then
    OBErrorException exception = catchThrowableOfType(() -> wrapper.verifyMatlsFromAccountRequest(), OBErrorException.class);
    assertThat(exception.getObriErrorType()).isEqualTo(MATLS_TPP_AUTHENTICATION_INVALID_FROM_ACCOUNT_REQUEST);
}
Also used : FRAccountRequest(com.forgerock.openbanking.common.model.openbanking.persistence.account.FRAccountRequest) X509Authentication(com.forgerock.spring.security.multiauth.model.authentication.X509Authentication) Authentication(org.springframework.security.core.Authentication) OBErrorException(com.forgerock.openbanking.exceptions.OBErrorException) X509Authentication(com.forgerock.spring.security.multiauth.model.authentication.X509Authentication) Test(org.junit.Test)

Example 60 with OBErrorException

use of com.forgerock.openbanking.exceptions.OBErrorException in project openbanking-aspsp by OpenBankingToolkit.

the class DomesticVrpPaymentsEndpointWrapperTest method fail_checkRequestAndConsentInitiationMatch.

@Test
public void fail_checkRequestAndConsentInitiationMatch() throws OBErrorException {
    // Given
    DomesticVrpPaymentsEndpointWrapper domesticVrpPaymentsEndpointWrapper = new DomesticVrpPaymentsEndpointWrapper(endpointWrapperService, tppStoreService, riskValidator);
    // Create the request data
    OBDomesticVRPInitiation requestInitiation = OBDomesticVRPCommonTestDataFactory.aValidOBDomesticVRPInitiation();
    // Create an FR Consent with slightly differing initiation data
    FRDomesticVRPConsent frConsent = FRVrpTestDataFactory.aValidFRDomesticVRPConsent();
    FRWriteDomesticVRPDataInitiation differentInitiationData = (FRWriteDomesticVRPDataInitiation) FRDomesticVRPConverters.toFRDomesticVRPInitiation(requestInitiation);
    differentInitiationData.getDebtorAccount().setIdentification("mismatched identification");
    frConsent.getVrpDetails().getData().setInitiation(differentInitiationData);
    // When
    OBErrorException exception = catchThrowableOfType(() -> domesticVrpPaymentsEndpointWrapper.checkRequestAndConsentInitiationMatch(requestInitiation, frConsent), OBErrorException.class);
    // Then
    assertThat(exception.getObriErrorType()).isEqualTo(OBRIErrorType.REQUEST_VRP_INITIATION_DOESNT_MATCH_CONSENT);
    assertThat(exception.getOBError().getErrorCode()).isEqualTo(OBStandardErrorCodes1.UK_OBIE_RESOURCE_CONSENT_MISMATCH.toString());
}
Also used : OBDomesticVRPInitiation(uk.org.openbanking.datamodel.vrp.OBDomesticVRPInitiation) OBErrorException(com.forgerock.openbanking.exceptions.OBErrorException) FRDomesticVRPConsent(com.forgerock.openbanking.common.model.openbanking.persistence.vrp.FRDomesticVRPConsent) FRWriteDomesticVRPDataInitiation(com.forgerock.openbanking.common.model.openbanking.persistence.vrp.FRWriteDomesticVRPDataInitiation) Test(org.junit.Test)

Aggregations

OBErrorException (com.forgerock.openbanking.exceptions.OBErrorException)69 Test (org.junit.Test)20 ParseException (java.text.ParseException)19 IOException (java.io.IOException)13 OBErrorResponseException (com.forgerock.openbanking.exceptions.OBErrorResponseException)9 SignedJWT (com.nimbusds.jwt.SignedJWT)9 ResponseEntity (org.springframework.http.ResponseEntity)9 InvalidTokenException (com.forgerock.openbanking.jwt.exceptions.InvalidTokenException)8 Tpp (com.forgerock.openbanking.model.Tpp)8 HttpClientErrorException (org.springframework.web.client.HttpClientErrorException)6 PaymentConsent (com.forgerock.openbanking.common.model.openbanking.persistence.payment.PaymentConsent)5 List (java.util.List)5 HttpServletRequest (javax.servlet.http.HttpServletRequest)5 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)4 AccountRequest (com.forgerock.openbanking.common.model.openbanking.persistence.account.AccountRequest)4 OIDCConstants (com.forgerock.openbanking.constants.OIDCConstants)4 JWTClaimsSet (com.nimbusds.jwt.JWTClaimsSet)4 PermissionDenyException (com.forgerock.openbanking.common.error.exception.PermissionDenyException)3 OAuth2BearerTokenUsageInvalidTokenException (com.forgerock.openbanking.common.error.exception.oauth2.OAuth2BearerTokenUsageInvalidTokenException)3 OAuth2InvalidClientException (com.forgerock.openbanking.common.error.exception.oauth2.OAuth2InvalidClientException)3