use of com.forgerock.openbanking.model.oidc.OIDCRegistrationResponse in project openbanking-aspsp by OpenBankingToolkit.
the class DetachedJwsVerifierTest method setupMocksForValidJws.
private void setupMocksForValidJws() throws ParseException, InvalidTokenException, IOException {
DirectorySoftwareStatement ssa = DirectorySoftwareStatementOpenBanking.builder().org_jwks_endpoint("TODO").software_mode("TEST").software_redirect_uris(List.of()).org_status("Active").software_client_id("5f98223fc10e5100103e2c5a").iss("ForgeRock").software_jwks_endpoint("https://service.directory.dev-ob.forgerock.financial:8074/api/software-statement/5f98223fc10e5100103e2c5a/application/jwk_uri").software_id("5f98223fc10e5100103e2c5a").org_contacts(List.of()).build();
Tpp tpp = mock(Tpp.class);
given(tppStoreService.findByClientId(anyString())).willReturn(Optional.of(tpp));
OIDCRegistrationResponse oidcRegistrationResponse = mock(OIDCRegistrationResponse.class);
given(tpp.getRegistrationResponse()).willReturn(oidcRegistrationResponse);
given(tpp.getDirectorySoftwareStatement()).willReturn(ssa);
given(oidcRegistrationResponse.getJwks()).willReturn(null);
given(oidcRegistrationResponse.getJwks_uri()).willReturn(null);
given(cryptoApiClient.validateDetachedJWS(any(), any(), any(), any(), any())).willReturn(null);
}
use of com.forgerock.openbanking.model.oidc.OIDCRegistrationResponse in project openbanking-aspsp by OpenBankingToolkit.
the class TppRegistrationService method updateTpp.
public Tpp updateTpp(ApiClientIdentity clientIdentity, Tpp tpp, String token, RegistrationRequest oidcRegistrationRequest) throws DynamicClientRegistrationException {
log.debug("updateTpp() Updating tpp '{}'", tpp.getClientId());
log.debug("updateTpp() Sending the OAuth2 dynamic registration request to AM");
OIDCRegistrationResponse oidcRegistrationResponse = amoidcRegistrationService.updateOIDCClient(token, oidcRegistrationRequest, tpp.getClientId());
log.debug("updateTpp() Response from AM: {}", oidcRegistrationResponse);
String ssaIssuer = oidcRegistrationRequest.getSsaIssuer();
String directoryId = this.getDirectoryIdFromSsaIssuer(ssaIssuer);
removeSecretIfNeeded(oidcRegistrationResponse);
String officialName = getOrgSoftwareCombinedTppName(oidcRegistrationRequest, oidcRegistrationResponse);
Tpp updatedTpp = Tpp.builder().created(tpp.getCreated()).id(tpp.getId()).certificateCn(tpp.getCertificateCn()).name(oidcRegistrationResponse.getClientName()).officialName(officialName).clientId(oidcRegistrationResponse.getClientId()).types(oidcRegistrationRequest.getSoftwareStatementRoles()).softwareId(oidcRegistrationRequest.getDirectorySoftwareStatement().getSoftware_id()).authorisationNumber(clientIdentity.getAuthorisationNumber().orElse(null)).directorySoftwareStatement(oidcRegistrationRequest.getDirectorySoftwareStatement()).tppRequest(oidcRegistrationRequest.toJson()).registrationResponse(oidcRegistrationResponse).directoryId(directoryId).build();
updateTppMetrics(tpp, false);
return tppStoreService.save(updatedTpp);
}
use of com.forgerock.openbanking.model.oidc.OIDCRegistrationResponse in project openbanking-aspsp by OpenBankingToolkit.
the class ManualOnboardingService method registerApplication.
public OIDCRegistrationResponse registerApplication(JwtAuthentication authentication, String aspspManualOnboardingEndpoint, ManualRegistrationRequest manualRegistrationRequest) {
log.debug("registerApplication() called. aspspManualOnboardingEndpoint is '{}'", aspspManualOnboardingEndpoint);
HttpHeaders httpHeaders = new HttpHeaders();
httpHeaders.set("userId", ((UserDetails) authentication.getPrincipal()).getUsername());
try {
String directoryID = authentication.getJwtClaimsSet().getStringClaim("directoryID");
httpHeaders.set("directoryID", directoryID);
if (directoryID == "EIDAS") {
manualRegistrationRequest.setAppId(authentication.getJwtClaimsSet().getStringClaim("app_id"));
manualRegistrationRequest.setOrganisationId(authentication.getJwtClaimsSet().getStringClaim("org_id"));
manualRegistrationRequest.setPsd2Roles(authentication.getJwtClaimsSet().getStringClaim("psd2_roles"));
}
} catch (ParseException e) {
log.error("Couldn't read claims from user context", e);
}
HttpEntity<ManualRegistrationRequest> request = new HttpEntity<>(manualRegistrationRequest, httpHeaders);
return restTemplate.exchange(aspspManualOnboardingEndpoint, HttpMethod.POST, request, OIDCRegistrationResponse.class).getBody();
}
use of com.forgerock.openbanking.model.oidc.OIDCRegistrationResponse in project openbanking-aspsp by OpenBankingToolkit.
the class ManualRegistrationApiController method ensurePrincipalOwnsTppRegistrations.
private void ensurePrincipalOwnsTppRegistrations(Collection<ManualRegistrationApplication> applications, Principal principal) throws OAuth2InvalidClientException {
log.debug("ensurePrincipalOwnsTppRegistrations() checking that '{}' applications are owned by '{}'", applications.size(), principal.getName());
for (ManualRegistrationApplication application : applications) {
OIDCRegistrationResponse regResponse = application.getOidcRegistrationResponse();
if (regResponse == null) {
String errorString = "Failed to determine if MATLS client cert belongs to the TPP that owns the " + "application with id ";
log.info("principalOwnsTppRegistration() {}'{}'", errorString, application.getId());
throw new OAuth2InvalidClientException(errorString + application.getId() + "'");
}
String oauth2ClientId = regResponse.getClientId();
Tpp tpp = tppRegistrationService.getTpp(oauth2ClientId);
tppRegistrationService.ensureTppOwnsOidcRegistration(tpp, principal.getName());
}
log.debug("ensurePrincipalOwnsTppRegistrations() all application's OAuth2 clients owned by '{}'", principal.getName());
}
use of com.forgerock.openbanking.model.oidc.OIDCRegistrationResponse in project openbanking-aspsp by OpenBankingToolkit.
the class TestHelperFunctions method getValidTpp.
public static Tpp getValidTpp(String clientId, String tppName) {
OIDCRegistrationResponse registrationResponse = new OIDCRegistrationResponse();
registrationResponse.setRegistrationAccessToken("tpps-registration-access-token");
Tpp tpp = new Tpp();
tpp.setRegistrationResponse(registrationResponse);
tpp.setClientId(clientId);
tpp.setName(tppName);
tpp.setAuthorisationNumber(tppName);
return tpp;
}
Aggregations