From 0c51cb8a7de9a3c2f2c883c8cd6332ba012dc556 Mon Sep 17 00:00:00 2001 From: Nemo Godebski-Pedersen Date: Fri, 28 Mar 2025 16:30:11 +0000 Subject: [PATCH] add existing consent checking --- server/controllers/OpeyIIController.ts | 8 +++ server/services/OBPConsentsService.ts | 90 +++++++++++++++++++++++++- src/obp/common-functions.ts | 13 ---- 3 files changed, 97 insertions(+), 14 deletions(-) diff --git a/server/controllers/OpeyIIController.ts b/server/controllers/OpeyIIController.ts index 0baa6db..d796c3c 100644 --- a/server/controllers/OpeyIIController.ts +++ b/server/controllers/OpeyIIController.ts @@ -297,7 +297,15 @@ export class OpeyController { const opeyConfig = await this.opeyClientService.getOpeyConfig() session['opeyConfig'] = opeyConfig + // Check if user already has a consent for opey + // If so, return the consent id + const consent = await this.obpConsentsService.getExistingConsent(session) + if (consent) { + console.log("Existing consent: ", consent) + return response.status(200).json({consent_id: consent.consent_id}); + } // Either here or in this method, we should check if there is already a consent stored in the session + await this.obpConsentsService.createConsent(session) console.log("Consent at controller: ", session['opeyConfig']) diff --git a/server/services/OBPConsentsService.ts b/server/services/OBPConsentsService.ts index 5113753..aa333fc 100644 --- a/server/services/OBPConsentsService.ts +++ b/server/services/OBPConsentsService.ts @@ -36,7 +36,6 @@ export default class OBPConsentsService { // Get the OAuth1 headers for the logged in user to use in the API call const oauth1Headers = await this.obpClientService.getOAuthHeader(path, method, clientConfig) - console.log(`OAuth1 Headers: ${oauth1Headers}`) // Set config for the Consents API client from the new typescript SDK this.consentApiConfig = new Configuration({ @@ -106,7 +105,96 @@ export default class OBPConsentsService { } } + + async getExistingConsent(session: Session): Promise { + // Get Consents for the current user, check if any of them are for Opey + // If so, return the consent + + // I.e. this is done by iterating and finding the consent with the correct consumer ID + + // Get the Consents API client from the OBP SDK + // The OBP SDK is fucked here, so we'll need to use Fetch until the SWAGGER WILL ACTUALLY WORK + // const client = await this.createUserConsentsClient(session, '/obp/v5.1.0/my/consents/IMPLICIT', 'POST') + // if (!client) { + // throw new Error('Could not create Consents API client') + // } + + + // Function to send an OBP request using the logged in user's OAuth1 headers + const sendOBPRequest = async (path: string, method: string, clientConfig: any) =>{ + const oauth1Headers = await this.obpClientService.getOAuthHeader(path, method, clientConfig) + const config = { + headers: { + 'Authorization': oauth1Headers, + 'Content-Type': 'application/json', + } + } + return axios.get(`${clientConfig.baseUri}${path}`, config) + } + + const clientConfig = session['clientConfig'] + if (!clientConfig || !clientConfig.oauthConfig.accessToken) { + throw new Error('User is not logged in') + } + + + const consentInfosPath = '/obp/v5.1.0/my/consent-infos' + + let opeyConsentId: string | null = null + try { + const response = await sendOBPRequest(consentInfosPath, 'GET', clientConfig) + const consents = response.data.consents + + const opeyConsumerID = process.env.VITE_OPEY_CONSUMER_ID + if (!opeyConsumerID) { + throw new Error('Opey Consumer ID is missing, please set VITE_OPEY_CONSUMER_ID') + } + + + + for (const consent of consents) { + console.log('consent ', consent) + if (consent.consumer_id === opeyConsumerID && consent.staus === 'ACCEPTED') { + opeyConsentId = consent.consent_id + break + } + } + + if (!opeyConsentId) { + console.log('getExistingConsent: No consent found for Opey for current user') + return null + } + + } catch (error) { + console.error(error) + throw new Error(`Could not get existing consent info, ${error}`) + } + + // Now try to get the consent using the consent ID + try { + const response = await sendOBPRequest(`/obp/v5.1.0/user/current/consents/${opeyConsentId}`, 'GET', clientConfig) + + session['opeyConfig'] = { + authConfig: { + obpConsent: response.data + } + } + + return response.data + } catch (error) { + console.error(error) + throw new Error(`Could not get existing consent, ${error}`) + } + + + } + + + + + + // Probably not needed, but will keep for later // async createConsentRequest(): Promise { diff --git a/src/obp/common-functions.ts b/src/obp/common-functions.ts index 18ccaf0..3748269 100644 --- a/src/obp/common-functions.ts +++ b/src/obp/common-functions.ts @@ -72,19 +72,6 @@ export async function getCacheStorageInfo() { return message } -export async function getOpeyJWT() { - const response = await axios.post('/api/opey/token').catch((error) => { - if (error.response) { - throw new Error(`getOpeyJWT returned an error: ${error.toJSON()}`); - - } else { - throw new Error(`getOpeyJWT returned an error: ${error.message}`); - } - }); - const token = String(response?.data?.token) - return token -} - export async function getobpConsent() { // Get consent from the Opey API try {