API-Explorer-II/server/services/OBPClientService.ts

/*
 * Open Bank Project -  API Explorer II
 * Copyright (C) 2023-2024, TESOBE GmbH
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 *
 * Email: contact@tesobe.com
 * TESOBE GmbH
 * Osloerstrasse 16/17
 * Berlin 13359, Germany
 *
 *   This product includes software developed at
 *   TESOBE (http://www.tesobe.com/)
 *
 */

import { Service } from 'typedi'
import { DEFAULT_OBP_API_VERSION } from '../../shared-constants'

// Custom error class to preserve HTTP status codes
class OBPAPIError extends Error {
  status: number
  constructor(status: number, message: string) {
    super(message)
    this.status = status
    this.name = 'OBPAPIError'
  }
}

// OAuth2 Bearer token configuration
interface OAuth2Config {
  accessToken: string
  tokenType: string
}

// API Client configuration for OAuth2
interface APIClientConfig {
  baseUri: string
  version: string
  oauth2?: OAuth2Config
}

@Service()
/**
 * OBPClientService provides methods for interacting with the Open Bank Project API.
 *
 * This service handles API communication with OBP using OAuth2 Bearer token authentication,
 * making HTTP requests (GET, POST, PUT, DELETE).
 *
 * @class OBPClientService
 *
 * @property {APIClientConfig} clientConfig - API client configuration
 *
 * @example
 * const obpService = new OBPClientService();
 * const response = await obpService.get('/obp/v5.1.0/banks', sessionConfig);
 */
export default class OBPClientService {
  private clientConfig: APIClientConfig

  constructor() {
    if (!process.env.VITE_OBP_API_HOST) throw new Error('VITE_OBP_API_HOST is not set')

    this.clientConfig = {
      baseUri: process.env.VITE_OBP_API_HOST!,
      version: process.env.VITE_OBP_API_VERSION ?? DEFAULT_OBP_API_VERSION
    }
  }
  async get(path: string, clientConfig: any): Promise<any> {
    const config = this.getSessionConfig(clientConfig)

    if (!config.oauth2?.accessToken) {
      throw new Error('OAuth2 access token not found. Please authenticate first.')
    }

    return await this.getWithBearer(path, config.oauth2.accessToken)
  }

  async create(path: string, body: any, clientConfig: any): Promise<any> {
    const config = this.getSessionConfig(clientConfig)

    if (!config.oauth2?.accessToken) {
      throw new Error('OAuth2 access token not found. Please authenticate first.')
    }

    return await this.createWithBearer(path, body, config.oauth2.accessToken)
  }

  async update(path: string, body: any, clientConfig: any): Promise<any> {
    const config = this.getSessionConfig(clientConfig)

    if (!config.oauth2?.accessToken) {
      throw new Error('OAuth2 access token not found. Please authenticate first.')
    }

    return await this.updateWithBearer(path, body, config.oauth2.accessToken)
  }

  async discard(path: string, clientConfig: any): Promise<any> {
    const config = this.getSessionConfig(clientConfig)

    if (!config.oauth2?.accessToken) {
      throw new Error('OAuth2 access token not found. Please authenticate first.')
    }

    return await this.discardWithBearer(path, config.oauth2.accessToken)
  }
  private getSessionConfig(clientConfig: APIClientConfig): APIClientConfig {
    return clientConfig || this.clientConfig
  }

  getOBPVersion(): string {
    return this.clientConfig.version
  }

  getOBPClientConfig(): APIClientConfig {
    return this.clientConfig
  }

  /**
   * Make a GET request with OAuth2 Bearer token authentication
   *
   * @param path - The API endpoint path (e.g., /obp/v5.1.0/banks)
   * @param accessToken - OAuth2 access token
   * @returns Response data from the API
   */
  private async getWithBearer(path: string, accessToken: string): Promise<any> {
    const url = `${this.clientConfig.baseUri}${path}`
    console.log('OBPClientService: GET request with Bearer token to:', url)

    const response = await fetch(url, {
      method: 'GET',
      headers: {
        Authorization: `Bearer ${accessToken}`,
        'Content-Type': 'application/json'
      }
    })

    if (!response.ok) {
      const errorText = await response.text()
      console.error('OBPClientService: GET request failed:', response.status, errorText)
      throw new OBPAPIError(response.status, errorText)
    }

    return await response.json()
  }

  /**
   * Make a POST request with OAuth2 Bearer token authentication
   *
   * @param path - The API endpoint path
   * @param body - Request body data
   * @param accessToken - OAuth2 access token
   * @returns Response data from the API
   */
  private async createWithBearer(path: string, body: any, accessToken: string): Promise<any> {
    const url = `${this.clientConfig.baseUri}${path}`
    console.log('OBPClientService: POST request with Bearer token to:', url)

    const response = await fetch(url, {
      method: 'POST',
      headers: {
        Authorization: `Bearer ${accessToken}`,
        'Content-Type': 'application/json'
      },
      body: JSON.stringify(body)
    })

    if (!response.ok) {
      const errorText = await response.text()
      console.error('OBPClientService: POST request failed:', response.status, errorText)
      throw new OBPAPIError(response.status, errorText)
    }

    return await response.json()
  }

  /**
   * Make a PUT request with OAuth2 Bearer token authentication
   *
   * @param path - The API endpoint path
   * @param body - Request body data
   * @param accessToken - OAuth2 access token
   * @returns Response data from the API
   */
  private async updateWithBearer(path: string, body: any, accessToken: string): Promise<any> {
    const url = `${this.clientConfig.baseUri}${path}`
    console.log('OBPClientService: PUT request with Bearer token to:', url)

    const response = await fetch(url, {
      method: 'PUT',
      headers: {
        Authorization: `Bearer ${accessToken}`,
        'Content-Type': 'application/json'
      },
      body: JSON.stringify(body)
    })

    if (!response.ok) {
      const errorText = await response.text()
      console.error('OBPClientService: PUT request failed:', response.status, errorText)
      throw new OBPAPIError(response.status, errorText)
    }

    return await response.json()
  }

  /**
   * Make a DELETE request with OAuth2 Bearer token authentication
   *
   * @param path - The API endpoint path
   * @param accessToken - OAuth2 access token
   * @returns Response data from the API
   */
  private async discardWithBearer(path: string, accessToken: string): Promise<any> {
    const url = `${this.clientConfig.baseUri}${path}`
    console.log('OBPClientService: DELETE request with Bearer token to:', url)

    const response = await fetch(url, {
      method: 'DELETE',
      headers: {
        Authorization: `Bearer ${accessToken}`,
        'Content-Type': 'application/json'
      }
    })

    if (!response.ok) {
      const errorText = await response.text()
      console.error('OBPClientService: DELETE request failed:', response.status, errorText)
      throw new OBPAPIError(response.status, errorText)
    }

    return await response.json()
  }
}
update copyright notice 2024-05-14 11:41:52 +00:00			`/*`
			`* Open Bank Project - API Explorer II`
			`* Copyright (C) 2023-2024, TESOBE GmbH`
			`*`
			`* This program is free software: you can redistribute it and/or modify`
			`* it under the terms of the GNU Affero General Public License as published by`
			`* the Free Software Foundation, either version 3 of the License, or`
			`* (at your option) any later version.`
			`*`
			`* This program is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU Affero General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU Affero General Public License`
			`* along with this program. If not, see <http://www.gnu.org/licenses/>.`
			`*`
			`* Email: contact@tesobe.com`
			`* TESOBE GmbH`
			`* Osloerstrasse 16/17`
			`* Berlin 13359, Germany`
			`*`
			`* This product includes software developed at`
			`* TESOBE (http://www.tesobe.com/)`
			`*`
			`*/`

REFACTOR: moved obp client to backend 2023-05-03 17:17:01 +00:00			`import { Service } from 'typedi'`
Adding a shared constant for the default API Version which is used if the env variable is not present. 2025-11-07 06:07:17 +00:00			`import { DEFAULT_OBP_API_VERSION } from '../../shared-constants'`
OAuth2 step 2 ok 2025-12-01 10:28:40 +00:00
better error with Request Entitlement and sending user_id 2025-12-02 01:08:16 +00:00			`// Custom error class to preserve HTTP status codes`
			`class OBPAPIError extends Error {`
			`status: number`
			`constructor(status: number, message: string) {`
			`super(message)`
			`this.status = status`
			`this.name = 'OBPAPIError'`
			`}`
			`}`

OAuth2 step 2 ok 2025-12-01 10:28:40 +00:00			`// OAuth2 Bearer token configuration`
			`interface OAuth2Config {`
			`accessToken: string`
			`tokenType: string`
			`}`

			`// API Client configuration for OAuth2`
			`interface APIClientConfig {`
			`baseUri: string`
			`version: string`
			`oauth2?: OAuth2Config`
			`}`
REFACTOR: moved obp client to backend 2023-05-03 17:17:01 +00:00
			`@Service()`
opey consent flow leg 1 working 2025-03-12 12:10:30 +00:00			`/**`
			`* OBPClientService provides methods for interacting with the Open Bank Project API.`
OAuth2 step 2 ok 2025-12-01 10:28:40 +00:00			`*`
			`* This service handles API communication with OBP using OAuth2 Bearer token authentication,`
			`* making HTTP requests (GET, POST, PUT, DELETE).`
			`*`
opey consent flow leg 1 working 2025-03-12 12:10:30 +00:00			`* @class OBPClientService`
OAuth2 step 2 ok 2025-12-01 10:28:40 +00:00			`*`
opey consent flow leg 1 working 2025-03-12 12:10:30 +00:00			`* @property {APIClientConfig} clientConfig - API client configuration`
OAuth2 step 2 ok 2025-12-01 10:28:40 +00:00			`*`
opey consent flow leg 1 working 2025-03-12 12:10:30 +00:00			`* @example`
			`* const obpService = new OBPClientService();`
OAuth2 step 2 ok 2025-12-01 10:28:40 +00:00			`* const response = await obpService.get('/obp/v5.1.0/banks', sessionConfig);`
opey consent flow leg 1 working 2025-03-12 12:10:30 +00:00			`*/`
REFACTOR: moved obp client to backend 2023-05-03 17:17:01 +00:00			`export default class OBPClientService {`
			`private clientConfig: APIClientConfig`
OAuth2 step 2 ok 2025-12-01 10:28:40 +00:00
REFACTOR: moved obp client to backend 2023-05-03 17:17:01 +00:00			`constructor() {`
Making sure important env variables are not null. 2025-11-07 06:15:10 +00:00			`if (!process.env.VITE_OBP_API_HOST) throw new Error('VITE_OBP_API_HOST is not set')`
OAuth2 step 2 ok 2025-12-01 10:28:40 +00:00
REFACTOR: moved obp client to backend 2023-05-03 17:17:01 +00:00			`this.clientConfig = {`
Making sure important env variables are not null. 2025-11-07 06:15:10 +00:00			`baseUri: process.env.VITE_OBP_API_HOST!,`
OAuth2 step 2 ok 2025-12-01 10:28:40 +00:00			`version: process.env.VITE_OBP_API_VERSION ?? DEFAULT_OBP_API_VERSION`
REFACTOR: moved obp client to backend 2023-05-03 17:17:01 +00:00			`}`
			`}`
FIX: user login 2023-06-05 15:32:25 +00:00			`async get(path: string, clientConfig: any): Promise<any> {`
FIX: log off 2023-06-05 15:39:20 +00:00			`const config = this.getSessionConfig(clientConfig)`
OAuth2 step 2 ok 2025-12-01 10:28:40 +00:00
			`if (!config.oauth2?.accessToken) {`
			`throw new Error('OAuth2 access token not found. Please authenticate first.')`
			`}`

			`return await this.getWithBearer(path, config.oauth2.accessToken)`
REFACTOR: moved obp client to backend 2023-05-03 17:17:01 +00:00			`}`
OAuth2 step 2 ok 2025-12-01 10:28:40 +00:00
FIX: user login 2023-06-05 15:32:25 +00:00			`async create(path: string, body: any, clientConfig: any): Promise<any> {`
FIX: log off 2023-06-05 15:39:20 +00:00			`const config = this.getSessionConfig(clientConfig)`
OAuth2 step 2 ok 2025-12-01 10:28:40 +00:00
			`if (!config.oauth2?.accessToken) {`
			`throw new Error('OAuth2 access token not found. Please authenticate first.')`
			`}`

			`return await this.createWithBearer(path, body, config.oauth2.accessToken)`
REFACTOR: moved obp client to backend 2023-05-03 17:17:01 +00:00			`}`
OAuth2 step 2 ok 2025-12-01 10:28:40 +00:00
FIX: user login 2023-06-05 15:32:25 +00:00			`async update(path: string, body: any, clientConfig: any): Promise<any> {`
FIX: log off 2023-06-05 15:39:20 +00:00			`const config = this.getSessionConfig(clientConfig)`
OAuth2 step 2 ok 2025-12-01 10:28:40 +00:00
			`if (!config.oauth2?.accessToken) {`
			`throw new Error('OAuth2 access token not found. Please authenticate first.')`
			`}`

			`return await this.updateWithBearer(path, body, config.oauth2.accessToken)`
REFACTOR: moved obp client to backend 2023-05-03 17:17:01 +00:00			`}`
OAuth2 step 2 ok 2025-12-01 10:28:40 +00:00
FIX: user login 2023-06-05 15:32:25 +00:00			`async discard(path: string, clientConfig: any): Promise<any> {`
FIX: log off 2023-06-05 15:39:20 +00:00			`const config = this.getSessionConfig(clientConfig)`
OAuth2 step 2 ok 2025-12-01 10:28:40 +00:00
			`if (!config.oauth2?.accessToken) {`
			`throw new Error('OAuth2 access token not found. Please authenticate first.')`
			`}`

			`return await this.discardWithBearer(path, config.oauth2.accessToken)`
FIX: log off 2023-06-05 15:39:20 +00:00			`}`
opey consent flow leg 1 working 2025-03-12 12:10:30 +00:00			`private getSessionConfig(clientConfig: APIClientConfig): APIClientConfig {`
FIX: log off 2023-06-05 15:39:20 +00:00			`return clientConfig \|\| this.clientConfig`
REFACTOR: moved obp client to backend 2023-05-03 17:17:01 +00:00			`}`
FIX: home page, login username FEAT:logoff 2023-05-24 21:57:08 +00:00
			`getOBPVersion(): string {`
			`return this.clientConfig.version`
			`}`
FIX: user login 2023-06-05 15:32:25 +00:00
consents flow WIP 2025-03-07 16:21:10 +00:00			`getOBPClientConfig(): APIClientConfig {`
FIX: user login 2023-06-05 15:32:25 +00:00			`return this.clientConfig`
			`}`
Consents WIP, add the obp-api-typescript package 2025-03-07 11:14:28 +00:00
opey consent flow leg 1 working 2025-03-12 12:10:30 +00:00			`/**`
OAuth2 step 2 ok 2025-12-01 10:28:40 +00:00			`* Make a GET request with OAuth2 Bearer token authentication`
			`*`
			`* @param path - The API endpoint path (e.g., /obp/v5.1.0/banks)`
			`* @param accessToken - OAuth2 access token`
			`* @returns Response data from the API`
opey consent flow leg 1 working 2025-03-12 12:10:30 +00:00			`*/`
OAuth2 step 2 ok 2025-12-01 10:28:40 +00:00			`private async getWithBearer(path: string, accessToken: string): Promise<any> {`
			const url = `${this.clientConfig.baseUri}${path}`
			`console.log('OBPClientService: GET request with Bearer token to:', url)`

			`const response = await fetch(url, {`
			`method: 'GET',`
			`headers: {`
			Authorization: `Bearer ${accessToken}`,
			`'Content-Type': 'application/json'`
			`}`
			`})`

			`if (!response.ok) {`
			`const errorText = await response.text()`
			`console.error('OBPClientService: GET request failed:', response.status, errorText)`
better error with Request Entitlement and sending user_id 2025-12-02 01:08:16 +00:00			`throw new OBPAPIError(response.status, errorText)`
opey consent flow leg 1 working 2025-03-12 12:10:30 +00:00			`}`

OAuth2 step 2 ok 2025-12-01 10:28:40 +00:00			`return await response.json()`
			`}`

			`/**`
			`* Make a POST request with OAuth2 Bearer token authentication`
			`*`
			`* @param path - The API endpoint path`
			`* @param body - Request body data`
			`* @param accessToken - OAuth2 access token`
			`* @returns Response data from the API`
			`*/`
			`private async createWithBearer(path: string, body: any, accessToken: string): Promise<any> {`
			const url = `${this.clientConfig.baseUri}${path}`
			`console.log('OBPClientService: POST request with Bearer token to:', url)`

			`const response = await fetch(url, {`
			`method: 'POST',`
			`headers: {`
			Authorization: `Bearer ${accessToken}`,
			`'Content-Type': 'application/json'`
			`},`
			`body: JSON.stringify(body)`
			`})`

			`if (!response.ok) {`
			`const errorText = await response.text()`
			`console.error('OBPClientService: POST request failed:', response.status, errorText)`
better error with Request Entitlement and sending user_id 2025-12-02 01:08:16 +00:00			`throw new OBPAPIError(response.status, errorText)`
OAuth2 step 2 ok 2025-12-01 10:28:40 +00:00			`}`
consents flow WIP 2025-03-07 16:21:10 +00:00
OAuth2 step 2 ok 2025-12-01 10:28:40 +00:00			`return await response.json()`
consents flow WIP 2025-03-07 16:21:10 +00:00			`}`

OAuth2 step 2 ok 2025-12-01 10:28:40 +00:00			`/**`
			`* Make a PUT request with OAuth2 Bearer token authentication`
			`*`
			`* @param path - The API endpoint path`
			`* @param body - Request body data`
			`* @param accessToken - OAuth2 access token`
			`* @returns Response data from the API`
			`*/`
			`private async updateWithBearer(path: string, body: any, accessToken: string): Promise<any> {`
			const url = `${this.clientConfig.baseUri}${path}`
			`console.log('OBPClientService: PUT request with Bearer token to:', url)`
Consents WIP, add the obp-api-typescript package 2025-03-07 11:14:28 +00:00
OAuth2 step 2 ok 2025-12-01 10:28:40 +00:00			`const response = await fetch(url, {`
			`method: 'PUT',`
			`headers: {`
			Authorization: `Bearer ${accessToken}`,
			`'Content-Type': 'application/json'`
			`},`
			`body: JSON.stringify(body)`
			`})`
Consents WIP, add the obp-api-typescript package 2025-03-07 11:14:28 +00:00
OAuth2 step 2 ok 2025-12-01 10:28:40 +00:00			`if (!response.ok) {`
			`const errorText = await response.text()`
			`console.error('OBPClientService: PUT request failed:', response.status, errorText)`
better error with Request Entitlement and sending user_id 2025-12-02 01:08:16 +00:00			`throw new OBPAPIError(response.status, errorText)`
OAuth2 step 2 ok 2025-12-01 10:28:40 +00:00			`}`

			`return await response.json()`
			`}`

			`/**`
			`* Make a DELETE request with OAuth2 Bearer token authentication`
			`*`
			`* @param path - The API endpoint path`
			`* @param accessToken - OAuth2 access token`
			`* @returns Response data from the API`
			`*/`
			`private async discardWithBearer(path: string, accessToken: string): Promise<any> {`
			const url = `${this.clientConfig.baseUri}${path}`
			`console.log('OBPClientService: DELETE request with Bearer token to:', url)`

			`const response = await fetch(url, {`
			`method: 'DELETE',`
Consents WIP, add the obp-api-typescript package 2025-03-07 11:14:28 +00:00			`headers: {`
OAuth2 step 2 ok 2025-12-01 10:28:40 +00:00			Authorization: `Bearer ${accessToken}`,
			`'Content-Type': 'application/json'`
Consents WIP, add the obp-api-typescript package 2025-03-07 11:14:28 +00:00			`}`
			`})`

OAuth2 step 2 ok 2025-12-01 10:28:40 +00:00			`if (!response.ok) {`
			`const errorText = await response.text()`
			`console.error('OBPClientService: DELETE request failed:', response.status, errorText)`
better error with Request Entitlement and sending user_id 2025-12-02 01:08:16 +00:00			`throw new OBPAPIError(response.status, errorText)`
OAuth2 step 2 ok 2025-12-01 10:28:40 +00:00			`}`
Consents WIP, add the obp-api-typescript package 2025-03-07 11:14:28 +00:00
OAuth2 step 2 ok 2025-12-01 10:28:40 +00:00			`return await response.json()`
Consents WIP, add the obp-api-typescript package 2025-03-07 11:14:28 +00:00			`}`
REFACTOR: moved obp client to backend 2023-05-03 17:17:01 +00:00			`}`