feature/Add ASPSP-SCA-Approach to POST Consent response Headers

2026-02-06 17:37:00 +00:00 · 2025-05-19 14:38:30 +02:00 · 2025-05-19 14:38:30 +02:00 · 259fc6a3cd
commit 259fc6a3cd
parent 26221d7952
3 changed files with 19 additions and 2 deletions
--- a/obp-api/src/main/resources/props/sample.props.template
+++ b/obp-api/src/main/resources/props/sample.props.template
@ -1160,6 +1160,9 @@ default_auth_context_update_request_key=CUSTOMER_NUMBER
 ## Berlin Group Create Consent Frequency per Day Upper Limit
 #berlin_group_frequency_per_day_upper_limit = 4

+## Berlin Group Create Consent ASPSP-SCA-Approach response header value
+#berlin_group_aspsp_sca_approach = redirect
+
 # Support multiple brands on one instance. Note this needs checking on a clustered environment 
 #brands_enabled=false

--- a/obp-api/src/main/scala/code/api/constant/constant.scala
+++ b/obp-api/src/main/scala/code/api/constant/constant.scala
@ -175,6 +175,7 @@ object RequestHeader {
  final lazy val `If-Modified-Since` = "If-Modified-Since"
 }
 object ResponseHeader {
+  final lazy val `ASPSP-SCA-Approach` = "ASPSP-SCA-Approach" // Berlin Group
  final lazy val `Correlation-Id` = "Correlation-Id"
  final lazy val `WWW-Authenticate` = "WWW-Authenticate"
  final lazy val ETag = "ETag"
--- a/obp-api/src/main/scala/code/api/util/APIUtil.scala
+++ b/obp-api/src/main/scala/code/api/util/APIUtil.scala
@ -449,8 +449,9 @@ object APIUtil extends MdcLoggable with CustomJsonFormats{

  private def getHeadersNewStyle(cc: Option[CallContextLight]) = {
    CustomResponseHeaders(
-      getGatewayLoginHeader(cc).list ::: 
-        getRateLimitHeadersNewStyle(cc).list ::: 
+      getGatewayLoginHeader(cc).list :::
+        getRequestHeadersBerlinGroup(cc).list :::
+        getRateLimitHeadersNewStyle(cc).list :::
        getPaginationHeadersNewStyle(cc).list ::: 
        getRequestHeadersToMirror(cc).list :::
        getRequestHeadersToEcho(cc).list
@ -556,6 +557,18 @@ object APIUtil extends MdcLoggable with CustomJsonFormats{
        CustomResponseHeaders(Nil)
    }
  }
+
+  def getRequestHeadersBerlinGroup(callContext: Option[CallContextLight]): CustomResponseHeaders = {
+    val aspspScaApproach = getPropsValue("berlin_group_aspsp_sca_approach", defaultValue = "redirect")
+    callContext match {
+      case Some(cc) if cc.url.contains(ConstantsBG.berlinGroupVersion1.urlPrefix) && cc.url.endsWith("/consents") =>
+        CustomResponseHeaders(List(
+          (ResponseHeader.`ASPSP-SCA-Approach`, aspspScaApproach)
+        ))
+      case _ =>
+        CustomResponseHeaders(Nil)
+    }
+  }
  /**
   *
   * @param jwt is a JWT value extracted from GatewayLogin Authorization Header.