use of com.forgerock.openbanking.exceptions.OBErrorResponseException in project openbanking-aspsp by OpenBankingToolkit.
the class InternationalStandingOrderConsentsApiController method createInternationalStandingOrderConsents.
public ResponseEntity<OBWriteInternationalStandingOrderConsentResponse7> createInternationalStandingOrderConsents(OBWriteInternationalStandingOrderConsent6 obWriteInternationalStandingOrderConsent6, String authorization, String xIdempotencyKey, String xJwsSignature, DateTime xFapiAuthDate, String xFapiCustomerIpAddress, String xFapiInteractionId, String xCustomerUserAgent, HttpServletRequest request, Principal principal) throws OBErrorResponseException {
return rsEndpointWrapperService.paymentEndpoint().authorization(authorization).xFapiFinancialId(rsEndpointWrapperService.rsConfiguration.financialId).principal(principal).obVersion(getOBVersion(request.getRequestURI())).filters(f -> {
f.verifyIdempotencyKeyLength(xIdempotencyKey);
f.verifyJwsDetachedSignature(xJwsSignature, request);
f.validateRisk(obWriteInternationalStandingOrderConsent6.getRisk());
}).execute((String tppId) -> {
HttpHeaders additionalHttpHeaders = new HttpHeaders();
additionalHttpHeaders.add("x-ob-client-id", tppId);
return rsStoreGateway.toRsStore(request, additionalHttpHeaders, Collections.emptyMap(), OBWriteInternationalStandingOrderConsentResponse7.class, obWriteInternationalStandingOrderConsent6);
});
}
use of com.forgerock.openbanking.exceptions.OBErrorResponseException in project openbanking-aspsp by OpenBankingToolkit.
the class InternationalStandingOrdersApiController method createInternationalStandingOrders.
public ResponseEntity<OBWriteInternationalStandingOrderResponse7> createInternationalStandingOrders(OBWriteInternationalStandingOrder4 obWriteInternationalStandingOrder4, String authorization, String xIdempotencyKey, String xJwsSignature, DateTime xFapiAuthDate, String xFapiCustomerIpAddress, String xFapiInteractionId, String xCustomerUserAgent, HttpServletRequest request, Principal principal) throws OBErrorResponseException {
String consentId = obWriteInternationalStandingOrder4.getData().getConsentId();
FRInternationalStandingOrderConsent payment = paymentsService.getPayment(consentId);
return rsEndpointWrapperService.paymentSubmissionEndpoint().authorization(authorization).xFapiFinancialId(rsEndpointWrapperService.rsConfiguration.financialId).payment(payment).principal(principal).obVersion(getOBVersion(request.getRequestURI())).filters(f -> {
f.verifyPaymentIdWithAccessToken();
f.verifyIdempotencyKeyLength(xIdempotencyKey);
f.verifyPaymentStatus();
f.verifyRiskAndInitiation(toFRWriteInternationalStandingOrderDataInitiation(obWriteInternationalStandingOrder4.getData().getInitiation()), toFRRisk(obWriteInternationalStandingOrder4.getRisk()));
f.verifyJwsDetachedSignature(xJwsSignature, request);
}).execute((String tppId) -> {
// Modify the status of the payment
log.info("Switch status of payment {} to 'accepted settlement in process'.", consentId);
payment.setStatus(ConsentStatusCode.ACCEPTEDSETTLEMENTCOMPLETED);
log.info("Updating payment");
paymentsService.updatePayment(payment);
FRWriteInternationalStandingOrderDataInitiation initiation = payment.getInitiation();
FRStandingOrderData standingOrder = FRStandingOrderData.builder().accountId(payment.getAccountId()).standingOrderStatusCode(FRStandingOrderData.FRStandingOrderStatus.ACTIVE).creditorAccount(initiation.getCreditorAccount()).frequency(initiation.getFrequency()).reference(initiation.getReference()).firstPaymentDateTime(initiation.getFirstPaymentDateTime()).firstPaymentAmount(initiation.getInstructedAmount()).nextPaymentAmount(initiation.getInstructedAmount()).nextPaymentDateTime(frequencyService.getNextDateTime(initiation.getFirstPaymentDateTime(), initiation.getFrequency())).finalPaymentDateTime(initiation.getFinalPaymentDateTime()).finalPaymentAmount(initiation.getInstructedAmount()).standingOrderId(payment.getId()).build();
String pispId = tppStoreService.findPispIdByTppId(tppId);
standingOrderService.createStandingOrder(standingOrder, pispId);
HttpHeaders additionalHttpHeaders = new HttpHeaders();
additionalHttpHeaders.add("x-ob-payment-id", consentId);
return rsStoreGateway.toRsStore(request, additionalHttpHeaders, Collections.emptyMap(), OBWriteInternationalStandingOrderResponse7.class, obWriteInternationalStandingOrder4);
});
}
use of com.forgerock.openbanking.exceptions.OBErrorResponseException in project openbanking-aspsp by OpenBankingToolkit.
the class DomesticVrpConsentsApiController method domesticVrpConsentsFundsConfirmation.
@Override
public ResponseEntity domesticVrpConsentsFundsConfirmation(String consentId, String authorization, String xJwsSignature, OBVRPFundsConfirmationRequest obVRPFundsConfirmationRequest, String xFapiAuthDate, String xFapiCustomerIpAddress, String xFapiInteractionId, String xCustomerUserAgent, HttpServletRequest request, Principal principal) throws OBErrorResponseException {
log.debug("Request to get a VRP funds confirmation, consentId '{}'", consentId);
if (!consentId.equals(obVRPFundsConfirmationRequest.getData().getConsentId())) {
log.error("The consent ID '{}' path parameter does not match with the consent ID '{}' requested to confirm the funds.", consentId, obVRPFundsConfirmationRequest.getData().getConsentId());
return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("The consent ID '" + consentId + "' path parameter does not match with the consent ID '" + obVRPFundsConfirmationRequest.getData().getConsentId() + "' requested to confirm the funds.");
}
log.debug("(domesticVrpConsentsFundsConfirmation) Request mode test: '{}'", StringUtils.hasLength(request.getHeader(OpenBankingHttpHeaders.X_OB_MODE_TEST)));
return rsEndpointWrapperService.vrpPaymentEndpoint().authorization(authorization).xFapiFinancialId(xFapiInteractionId).principal(principal).isAuthorizationCodeGrantType(true).obVersion(OBVersion.v3_1_8).filters(f -> {
f.verifyJwsDetachedSignature(xJwsSignature, request);
}).execute((String tppId) -> {
HttpHeaders additionalHeaders = new HttpHeaders();
return rsStoreGateway.toRsStore(request, additionalHeaders, Collections.emptyMap(), OBVRPFundsConfirmationResponse.class, obVRPFundsConfirmationRequest);
});
}
use of com.forgerock.openbanking.exceptions.OBErrorResponseException in project openbanking-aspsp by OpenBankingToolkit.
the class StatementsApiController method getAccountStatementFile.
@Override
public ResponseEntity<Resource> getAccountStatementFile(@ApiParam(value = "A unique identifier used to identify the account resource.", required = true) @PathVariable("AccountId") String accountId, @ApiParam(value = "Page number.", required = false, defaultValue = "0") @RequestParam(value = "page", defaultValue = "0") int page, @ApiParam(value = "A unique identifier used to identify the statement resource.", required = true) @PathVariable("StatementId") String statementId, @ApiParam(value = "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB.", required = true) @RequestHeader(value = "x-fapi-financial-id", required = true) String xFapiFinancialId, @ApiParam(value = "An Authorisation Token as per https://tools.ietf.org/html/rfc6750", required = true) @RequestHeader(value = "Authorization", required = true) String authorization, @ApiParam(value = "The time when the PSU last logged in with the TPP. " + "All dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below: " + " Sun, 10 Sep 2017 19:43:31 UTC") @RequestHeader(value = "x-fapi-customer-last-logged-time", required = false) @DateTimeFormat(pattern = HTTP_DATE_FORMAT) DateTime xFapiCustomerLastLoggedTime, @ApiParam(value = "The PSU's IP address if the PSU is currently logged in with the TPP.") @RequestHeader(value = "x-fapi-customer-ip-address", required = false) String xFapiCustomerIpAddress, @ApiParam(value = "An RFC4122 UID used as a correlation id.") @RequestHeader(value = "x-fapi-interaction-id", required = false) String xFapiInteractionId, @ApiParam(value = "HTTP accept header. Statements only implemented for certain media types.", required = true) @RequestHeader(value = "Accept", required = true) String accept) throws OBErrorResponseException {
log.info("Received a statement file download request for account: {} (Accept: {}). Interaction Id: {}", accountId, accept, xFapiInteractionId);
/*
* Issue related: https://github.com/ForgeCloud/ob-reference-implementation/issues/1583
* The AISP endpoint '/statements/{statementId}/file' has been implemented to return a fixed PDF file for all statement file requests.
* A PDF file will only be returned if the "Accept: application/pdf" header is supplied in the request
* and a PDF has been provided by the customer and configured on the sandbox bucket.
*/
if (!accept.contains(MediaType.APPLICATION_PDF_VALUE)) {
// No other file type is implemented apart from PDF
throw new OBErrorResponseException(HttpStatus.BAD_REQUEST, OBRIErrorResponseCategory.REQUEST_INVALID, OBRIErrorType.REQUEST_INVALID_HEADER.toOBError1("Invalid header 'Accept' the only supported value for this operation is '" + MediaType.APPLICATION_PDF_VALUE + "'"));
}
// Get the statement file from GCP bucket
Optional<Resource> statement = statementPDFService.getPdfStatement();
if (statement.isPresent()) {
try {
return ResponseEntity.ok().contentLength(statement.get().contentLength()).contentType(MediaType.APPLICATION_PDF).body(statement.get());
} catch (IOException exception) {
log.warn("We found a statement PDF file '{}' for ASPSP but could no get content-length with error", statement.get().getDescription(), exception);
OBError1 obError1 = new OBError1().errorCode(HttpStatus.INTERNAL_SERVER_ERROR.toString()).message("We found a statement PDF file '" + statement.get().getDescription() + "' for ASPSP but could no get content-length with error");
throw new OBErrorResponseException(OBRIErrorType.SERVER_ERROR.getHttpStatus(), OBRIErrorResponseCategory.SERVER_INTERNAL_ERROR, obError1);
}
}
// this will happen when the statement resource not found in the GCP bucket or IOException happens
return ResponseEntity.notFound().build();
}
use of com.forgerock.openbanking.exceptions.OBErrorResponseException in project openbanking-aspsp by OpenBankingToolkit.
the class TransactionsApiController method getAccountStatementTransactions.
@Override
public ResponseEntity<OBReadTransaction2> getAccountStatementTransactions(@ApiParam(value = "A unique identifier used to identify the account resource.", required = true) @PathVariable("AccountId") String accountId, @ApiParam(value = "Page number.", required = false, defaultValue = "0") @RequestParam(value = "page", defaultValue = "0") int page, @ApiParam(value = "A unique identifier used to identify the statement resource.", required = true) @PathVariable("StatementId") String statementId, @ApiParam(value = "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB.", required = true) @RequestHeader(value = "x-fapi-financial-id", required = true) String xFapiFinancialId, @ApiParam(value = "An Authorisation Token as per https://tools.ietf.org/html/rfc6750", required = true) @RequestHeader(value = "Authorization", required = true) String authorization, @ApiParam(value = "The UTC ISO 8601 Date Time to filter transactions FROM NB Time component is optional " + "- set to 00:00:00 for just Date. The parameter must NOT have a timezone set") @RequestParam(value = FROM_BOOKING_DATE_TIME, required = false) @DateTimeFormat(pattern = BOOKED_TIME_DATE_FORMAT) DateTime fromBookingDateTime, @ApiParam(value = "The UTC ISO 8601 Date Time to filter transactions TO NB Time component is optional " + "- set to 00:00:00 for just Date. The parameter must NOT have a timezone set") @RequestParam(value = TO_BOOKING_DATE_TIME, required = false) @DateTimeFormat(pattern = BOOKED_TIME_DATE_FORMAT) DateTime toBookingDateTime, @ApiParam(value = "The time when the PSU last logged in with the TPP. " + "All dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below: " + "Sun, 10 Sep 2017 19:43:31 UTC") @RequestHeader(value = "x-fapi-customer-last-logged-time", required = false) @DateTimeFormat(pattern = HTTP_DATE_FORMAT) DateTime xFapiCustomerLastLoggedTime, @ApiParam(value = "The PSU's IP address if the PSU is currently logged in with the TPP.") @RequestHeader(value = "x-fapi-customer-ip-address", required = false) String xFapiCustomerIpAddress, @ApiParam(value = "An RFC4122 UID used as a correlation id.") @RequestHeader(value = "x-fapi-interaction-id", required = false) String xFapiInteractionId, @ApiParam(value = "Indicates the user-agent that the PSU is using.") @RequestHeader(value = "x-customer-user-agent", required = false) String xCustomerUserAgent, @RequestHeader(value = "x-ob-first-available-date", required = false) @DateTimeFormat(pattern = AVAILABLE_DATE_FORMAT) DateTime firstAvailableDate, @RequestHeader(value = "x-ob-last-available-date", required = false) @DateTimeFormat(pattern = AVAILABLE_DATE_FORMAT) DateTime lastAvailableDate, @RequestHeader(value = "x-ob-permissions", required = true) List<OBExternalPermissions1Code> permissions, @RequestHeader(value = "x-ob-url", required = true) String httpUrl) throws OBErrorResponseException {
LOGGER.info("Reading transations from account id {}, statement id {}, fromBookingDate {} toBookingDate {} " + "minimumPermissions {} pageNumber {} ", accountId, statementId, fromBookingDateTime, toBookingDateTime, permissions, page);
if (toBookingDateTime == null) {
toBookingDateTime = DateTime.now();
}
if (fromBookingDateTime == null) {
fromBookingDateTime = toBookingDateTime.minusYears(100);
}
Page<FRTransaction> response = frTransactionRepository.byAccountIdAndStatementIdAndBookingDateTimeBetweenWithPermissions(accountId, statementId, fromBookingDateTime, toBookingDateTime, toFRExternalPermissionsCodeList(permissions), PageRequest.of(page, PAGE_LIMIT_TRANSACTIONS, Sort.Direction.ASC, "bookingDateTime"));
List<OBTransaction2> transactions = response.getContent().stream().map(t -> toOBTransaction2(t.getTransaction())).collect(Collectors.toList());
// Package the answer
int totalPages = response.getTotalPages();
return ResponseEntity.ok(new OBReadTransaction2().data(new OBReadTransaction2Data().transaction(transactions)).links(PaginationUtil.generateLinks(httpUrl, page, totalPages)).meta(PaginationUtil.generateMetaData(totalPages, firstAvailableDate, lastAvailableDate)));
}
Aggregations