Search in sources :

Example 66 with OBErrorException

use of com.forgerock.openbanking.exceptions.OBErrorException in project openbanking-aspsp by OpenBankingToolkit.

the class DataApiController method createUserData.

@Override
public ResponseEntity createUserData(@ApiParam(value = "PSU User session") @CookieValue(value = "obri-session", required = true) String obriSession, @ApiParam(value = "The access token") @RequestHeader(name = HttpHeaders.AUTHORIZATION, required = true) String authorization, @ApiParam(value = "User financial data", required = true) @RequestBody FRUserData userData, Principal principal) throws OBErrorException, OAuth2InvalidClientException, OAuth2BearerTokenUsageInvalidTokenException {
    try {
        log.debug("createUserData() called");
        String tppName = psd2WithSessionApiHelperService.getTppName(principal);
        String psuName = psd2WithSessionApiHelperService.getPsuNameFromSession(obriSession);
        verifyAccessTokenAndVerifyTppIdentity(authorization, tppName);
        log.info("createUserData() called with session for psu '{}' by tpp '{}'", psuName, tppName);
        userData.setUserName(psuName);
        if (!userDataService.hasData(psuName)) {
            psuCounterEntryKPIService.pushPsuCounterEntry(PsuCounterEntry.builder().count(1l).day(DateTime.now()).build());
        }
        return ResponseEntity.status(HttpStatus.CREATED).body(userDataService.createUserData(userData));
    } catch (HttpClientErrorException e) {
        if (e.getStatusCode() == HttpStatus.BAD_REQUEST) {
            log.debug("TPP bad request: {}", e.getResponseBodyAsString(), e);
            throw new OBErrorException(OBRIErrorType.DATA_INVALID_REQUEST, e.getResponseBodyAsString());
        } else {
            log.error("Internal server: {}", e.getResponseBodyAsString(), e);
            throw new OBErrorException(OBRIErrorType.SERVER_ERROR);
        }
    }
}
Also used : HttpClientErrorException(org.springframework.web.client.HttpClientErrorException) OBErrorException(com.forgerock.openbanking.exceptions.OBErrorException)

Example 67 with OBErrorException

use of com.forgerock.openbanking.exceptions.OBErrorException in project openbanking-aspsp by OpenBankingToolkit.

the class DataApiController method updateUserData.

@Override
public ResponseEntity updateUserData(@ApiParam(value = "PSU User session") @CookieValue(value = "obri-session", required = true) String obriSession, @ApiParam(value = "The access token") @RequestHeader(name = HttpHeaders.AUTHORIZATION, required = true) String authorization, @ApiParam(value = "User financial data", required = true) @RequestBody FRUserData userData, Principal principal) throws OBErrorException, OAuth2InvalidClientException, OAuth2BearerTokenUsageInvalidTokenException {
    try {
        log.debug("updateUserData() called");
        String tppName = psd2WithSessionApiHelperService.getTppName(principal);
        String psuName = psd2WithSessionApiHelperService.getPsuNameFromSession(obriSession);
        verifyAccessTokenAndVerifyTppIdentity(authorization, tppName);
        log.info("updateUserData() called with session for psu '{}' by tpp '{}'", psuName, tppName);
        userData.setUserName(psuName);
        if (!userDataService.hasData(psuName)) {
            psuCounterEntryKPIService.pushPsuCounterEntry(PsuCounterEntry.builder().count(1l).day(DateTime.now()).build());
        }
        return ResponseEntity.ok(userDataService.updateUserData(userData));
    } catch (HttpClientErrorException e) {
        if (e.getStatusCode() == HttpStatus.BAD_REQUEST) {
            log.debug("TPP bad request: {}", e.getResponseBodyAsString(), e);
            throw new OBErrorException(OBRIErrorType.DATA_INVALID_REQUEST, e.getResponseBodyAsString());
        } else {
            log.error("Internal server: {}", e.getResponseBodyAsString(), e);
            throw new OBErrorException(OBRIErrorType.SERVER_ERROR);
        }
    }
}
Also used : HttpClientErrorException(org.springframework.web.client.HttpClientErrorException) OBErrorException(com.forgerock.openbanking.exceptions.OBErrorException)

Example 68 with OBErrorException

use of com.forgerock.openbanking.exceptions.OBErrorException in project openbanking-aspsp by OpenBankingToolkit.

the class DataApiHelperService method getPsuNameFromSession.

public String getPsuNameFromSession(String obriSession) throws OBErrorException {
    try {
        SignedJWT session = cryptoApiClient.decryptJwe(obriSession);
        String psuName = session.getJWTClaimsSet().getSubject();
        log.debug("getPsuNameFromSession returning '{}'", psuName);
        return psuName;
    } catch (Exception e) {
        log.info("getPsuNameFromSession() caught exception getting psu name from session '{};", obriSession, e);
    }
    throw new OBErrorException(OBRIErrorType.SESSION_TOKEN_INVALID_FORMAT);
}
Also used : OBErrorException(com.forgerock.openbanking.exceptions.OBErrorException) SignedJWT(com.nimbusds.jwt.SignedJWT) OAuth2InvalidClientException(com.forgerock.openbanking.common.error.exception.oauth2.OAuth2InvalidClientException) OBErrorException(com.forgerock.openbanking.exceptions.OBErrorException)

Example 69 with OBErrorException

use of com.forgerock.openbanking.exceptions.OBErrorException in project openbanking-aspsp by OpenBankingToolkit.

the class FilePaymentConsentsApiController method createFilePaymentConsentsConsentIdFile.

public ResponseEntity<Void> createFilePaymentConsentsConsentIdFile(String fileParam, String consentId, String authorization, String xIdempotencyKey, String xJwsSignature, DateTime xFapiAuthDate, String xFapiCustomerIpAddress, String xFapiInteractionId, String xCustomerUserAgent, HttpServletRequest request, Principal principal) throws OBErrorResponseException {
    log.trace("Received: '{}'", fileParam);
    FRFileConsent fileConsent = fileConsentRepository.findById(consentId).orElseThrow(() -> new OBErrorResponseException(HttpStatus.BAD_REQUEST, OBRIErrorResponseCategory.REQUEST_INVALID, OBRIErrorType.PAYMENT_ID_NOT_FOUND.toOBError1()));
    // If file already exists it could be idempotent request
    if (!StringUtils.isEmpty(fileConsent.getFileContent())) {
        if (xIdempotencyKey.equals(fileConsent.getIdempotencyKey())) {
            validateIdempotencyRequest(xIdempotencyKey, fileConsent);
            log.info("File already exists for consent: '{}' and has matching idempotent key: '{}'. No action taken but returning 200/OK");
            return ResponseEntity.ok().build();
        } else {
            log.debug("This consent already has a file uploaded and the idempotency key does not match the previous upload so rejecting.");
            throw new OBErrorResponseException(HttpStatus.FORBIDDEN, OBRIErrorResponseCategory.REQUEST_INVALID, OBRIErrorType.PAYMENT_ALREADY_SUBMITTED.toOBError1(fileConsent.getStatus().toOBExternalConsentStatus2Code()));
        }
    }
    // We parse the file and check metadata against the parsed file
    try {
        PaymentFile paymentFile = PaymentFileFactory.createPaymentFile(fileConsent.getFileType(), fileParam);
        log.info("Successfully parsed file of type: '{}' for consent: '{}'", fileConsent.getFileType(), fileConsent.getId());
        FileTransactionCountValidator.validate(fileConsent, paymentFile);
        ControlSumValidator.validate(fileConsent, paymentFile);
        fileConsent.setPayments(paymentFile.getPayments());
        fileConsent.setFileContent(fileParam);
        fileConsent.setUpdated(new Date());
        fileConsent.setStatus(ConsentStatusCode.AWAITINGAUTHORISATION);
        fileConsent.setStatusUpdate(DateTime.now());
        fileConsentRepository.save(fileConsent);
    } catch (OBErrorException e) {
        throw new OBErrorResponseException(e.getObriErrorType().getHttpStatus(), OBRIErrorResponseCategory.REQUEST_INVALID, e.getOBError());
    }
    return ResponseEntity.ok().build();
}
Also used : PaymentFile(com.forgerock.openbanking.common.model.openbanking.forgerock.filepayment.v3_0.PaymentFile) FRFileConsent(com.forgerock.openbanking.common.model.openbanking.persistence.payment.FRFileConsent) OBErrorResponseException(com.forgerock.openbanking.exceptions.OBErrorResponseException) OBErrorException(com.forgerock.openbanking.exceptions.OBErrorException) Date(java.util.Date)

Aggregations

OBErrorException (com.forgerock.openbanking.exceptions.OBErrorException)69 Test (org.junit.Test)20 ParseException (java.text.ParseException)19 IOException (java.io.IOException)13 OBErrorResponseException (com.forgerock.openbanking.exceptions.OBErrorResponseException)9 SignedJWT (com.nimbusds.jwt.SignedJWT)9 ResponseEntity (org.springframework.http.ResponseEntity)9 InvalidTokenException (com.forgerock.openbanking.jwt.exceptions.InvalidTokenException)8 Tpp (com.forgerock.openbanking.model.Tpp)8 HttpClientErrorException (org.springframework.web.client.HttpClientErrorException)6 PaymentConsent (com.forgerock.openbanking.common.model.openbanking.persistence.payment.PaymentConsent)5 List (java.util.List)5 HttpServletRequest (javax.servlet.http.HttpServletRequest)5 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)4 AccountRequest (com.forgerock.openbanking.common.model.openbanking.persistence.account.AccountRequest)4 OIDCConstants (com.forgerock.openbanking.constants.OIDCConstants)4 JWTClaimsSet (com.nimbusds.jwt.JWTClaimsSet)4 PermissionDenyException (com.forgerock.openbanking.common.error.exception.PermissionDenyException)3 OAuth2BearerTokenUsageInvalidTokenException (com.forgerock.openbanking.common.error.exception.oauth2.OAuth2BearerTokenUsageInvalidTokenException)3 OAuth2InvalidClientException (com.forgerock.openbanking.common.error.exception.oauth2.OAuth2InvalidClientException)3