artin/OBP-API
1
0
Fork 0
mirror of https://github.com/OpenBankProject/OBP-API.git synced 2026-02-06 17:37:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2450 from hongwei1/develop

Browse Source 
refactor/added the from account guard for createVRPConsentRequest
This commit is contained in:
Simon Redfern 2024-11-27 11:29:55 +01:00 committed by GitHub
commit 2b69cc6dc5
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
5 changed files with 47 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
obp-api/src/main/scala/code/api/ResourceDocs1_4_0/SwaggerDefinitionsJSON.scala
View File

@ -737,8 +737,8 @@ object SwaggerDefinitionsJSON {
)
val accountRoutingJsonV121 = AccountRoutingJsonV121(
scheme = "AccountNumber",
address = "4930396"
scheme = schemeExample.value,
address = accountIdExample.value
)
val bankAccountRoutingJson = BankAccountRoutingJson(
@ -1007,11 +1007,11 @@ object SwaggerDefinitionsJSON {
val bankRoutingJsonV121 = BankRoutingJsonV121(
scheme = schemeExample.value,
address = addressExample.value
address = bankIdExample.value
)
val bankJSON = BankJSON(
id = "gh.29.uk",
id = bankIdExample.value,
short_name = "short_name ",
full_name = "full_name",
logo = "logo",
@ -1032,7 +1032,7 @@ object SwaggerDefinitionsJSON {
)
val postBankJson400 = PostBankJson400(
id = "gh.29.uk",
id = bankIdExample.value,
short_name = "short_name ",
full_name = "full_name",
logo = "logo",
@ -1040,7 +1040,7 @@ object SwaggerDefinitionsJSON {
bank_routings = List(bankRoutingJsonV121)
)
val bankJson400 = BankJson400(
id = "gh.29.uk",
id = bankIdExample.value,
short_name = "short_name ",
full_name = "full_name",
logo = "logo",
@ -1508,8 +1508,8 @@ object SwaggerDefinitionsJSON {
)
val branchRoutingJsonV141 = BranchRoutingJsonV141(
scheme = "BranchNumber",
address = "678"
scheme = schemeExample.value,
address = branchIdExample.value
)
val branchJson = BranchJson(

30
obp-api/src/main/scala/code/api/util/ExampleValue.scala
View File

@ -1512,8 +1512,8 @@ object ExampleValue {
| "account_access": [
| {
| "account_routing": {
| "scheme": "AccountNumber",
| "address": "4930396"
| "scheme": "${schemeExample.value}",
| "address": "${accountIdExample.value}"
| },
| "view_id": "${Constant.SYSTEM_OWNER_VIEW_ID}"
| }
@ -1529,30 +1529,30 @@ object ExampleValue {
s"""{
| "from_account": {
| "bank_routing": {
| "scheme": "BIC",
| "address": "ABCDED"
| "scheme": "${schemeExample.value}",
| "address": "${bankIdExample.value}"
| },
| "account_routing": {
| "scheme": "AccountNumber",
| "address": "4930396"
| "scheme": "${schemeExample.value}",
| "address": "${accountIdExample.value}"
| },
| "branch_routing": {
| "scheme": "",
| "address": ""
| "scheme": "${schemeExample.value}",
| "address": "${branchIdExample.value}"
| }
| },
| "to_account": {
| "bank_routing": {
| "scheme": "BIC",
| "address": "DDFFFF"
| "scheme": "${schemeExample.value}",
| "address": "${bankIdExample.value}"
| },
| "account_routing": {
| "scheme": "AccountNumber",
| "address": "123567"
| "scheme": "${schemeExample.value}",
| "address": "${accountIdExample.value}"
| },
| "branch_routing": {
| "scheme": "",
| "address": ""
| "scheme": "${schemeExample.value}",
| "address": "${branchIdExample.value}"
| },
| "limit": {
| "currency": "EUR",
@ -1664,7 +1664,7 @@ object ExampleValue {
lazy val dateInsertedExample = ConnectorField(NoExampleProvided,NoDescriptionProvided)
glossaryItems += makeGlossaryItem("date_inserted", dateInsertedExample)
lazy val schemeExample = ConnectorField("scheme value",NoDescriptionProvided)
lazy val schemeExample = ConnectorField("OBP",NoDescriptionProvided)
glossaryItems += makeGlossaryItem("scheme", schemeExample)
lazy val customerAddressIdExample = ConnectorField(NoExampleProvided,NoDescriptionProvided)

4
obp-api/src/main/scala/code/api/v5_0_0/APIMethods500.scala
View File

@ -637,12 +637,14 @@ trait APIMethods500 {
|It is used when applications request an access token to access their own resources, not on behalf of a user.
|
|The client needs to authenticate themselves for this request.
|In case of public client we use client_id and private kew to obtain access token, otherwise we use client_id and client_secret.
|In case of public client we use client_id and private key to obtain access token, otherwise we use client_id and client_secret.
|The obtained access token is used in the HTTP Bearer auth header of our request.
|
|Example:
|Authorization: Bearer eXtneO-THbQtn3zvK_kQtXXfvOZyZFdBCItlPDbR2Bk.dOWqtXCtFX-tqGTVR0YrIjvAolPIVg7GZ-jz83y6nA0
|
|After successfully creating the VRP consent request, you need to call the `Create Consent By CONSENT_REQUEST_ID` endpoint to finalize the consent.
|
|""".stripMargin,
postConsentRequestJsonV500,
consentRequestResponseJson,

18
obp-api/src/main/scala/code/api/v5_1_0/APIMethods510.scala
View File

@ -2161,7 +2161,7 @@ trait APIMethods510 {
| "developer_email": "marko@tesobe.com",
| "redirect_url": "http://localhost:8082"
| }
| Please note that JWT must be signed with the counterpart private kew of the public key used to establish mTLS
| Please note that JWT must be signed with the counterpart private key of the public key used to establish mTLS
|
|""",
ConsumerJwtPostJsonV510("eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJkZXNjcmlwdGlvbiI6IlRQUCBkZXNjcmlwdGlvbiJ9.c5gPPsyUmnVW774y7h2xyLXg0wdtu25nbU2AvOmyzcWa7JTdCKuuy3CblxueGwqYkQDDQIya1Qny4blyAvh_a1Q28LgzEKBcH7Em9FZXerhkvR9v4FWbCC5AgNLdQ7sR8-rUQdShmJcGDKdVmsZjuO4XhY2Zx0nFnkcvYfsU9bccoAvkKpVJATXzwBqdoEOuFlplnbxsMH1wWbAd3hbcPPWTdvO43xavNZTB5ybgrXVDEYjw8D-98_ZkqxS0vfvhJ4cGefHViaFzp6zXm7msdBpcE__O9rFbdl9Gvup_bsMbrHJioIrmc2d15Yc-tTNTF9J4qjD_lNxMRlx5o2TZEw"),
@ -3298,12 +3298,14 @@ trait APIMethods510 {
|It is used when applications request an access token to access their own resources, not on behalf of a user.
|
|The client needs to authenticate themselves for this request.
|In case of public client we use client_id and private kew to obtain access token, otherwise we use client_id and client_secret.
|In case of public client we use client_id and private key to obtain access token, otherwise we use client_id and client_secret.
|The obtained access token is used in the HTTP Bearer auth header of our request.
|
|Example:
|Authorization: Bearer eXtneO-THbQtn3zvK_kQtXXfvOZyZFdBCItlPDbR2Bk.dOWqtXCtFX-tqGTVR0YrIjvAolPIVg7GZ-jz83y6nA0
|
|After successfully creating the VRP consent request, you need to call the `Create Consent By CONSENT_REQUEST_ID` endpoint to finalize the consent.
|
|""".stripMargin,
postVRPConsentRequestJsonV510,
vrpConsentRequestResponseJson,
@ -3325,12 +3327,12 @@ trait APIMethods510 {
(_, callContext) <- applicationAccess(cc)
_ <- passesPsd2Aisp(callContext)
failMsg = s"$InvalidJsonFormat The Json body should be the $PostVRPConsentRequestJsonV510 "
consentRequestJson: PostVRPConsentRequestJsonV510 <- NewStyle.function.tryons(failMsg, 400, callContext) {
postConsentRequestJsonV510: PostVRPConsentRequestJsonV510 <- NewStyle.function.tryons(failMsg, 400, callContext) {
postJson.extract[PostVRPConsentRequestJsonV510]
}
maxTimeToLive = APIUtil.getPropsAsIntValue(nameOfProperty = "consents.max_time_to_live", defaultValue = 3600)
_ <- Helper.booleanToFuture(s"$ConsentMaxTTL ($maxTimeToLive)", cc = callContext) {
consentRequestJson.time_to_live match {
postConsentRequestJsonV510.time_to_live match {
case Some(ttl) => ttl <= maxTimeToLive
case _ => true
}
@ -3338,7 +3340,13 @@ trait APIMethods510 {
// we need to add the consent_type internally, the user does not need to know it.
consentType = json.parse(s"""{"consent_type": "${ConsentType.VRP}"}""")
(_, callContext) <- NewStyle.function.checkBankAccountExists(
BankId(postConsentRequestJsonV510.from_account.bank_routing.address),
AccountId(postConsentRequestJsonV510.from_account.account_routing.address),
callContext
)
createdConsentRequest <- Future(ConsentRequests.consentRequestProvider.vend.createConsentRequest(
callContext.flatMap(_.consumer),
Some(compactRender(postJson merge consentType))

16
obp-api/src/test/scala/code/api/v3_1_0/AccountTest.scala
View File

@ -101,12 +101,12 @@ class AccountTest extends V310ServerSetup with DefaultUsers {
val responsePut1 = makePutRequest(requestPut, write(testPutJsonWithIban))
Then("We should get 200 and updated account routings in the updateAccount response")
responsePut1.code should equal(200)
responsePut1.body.extract[UpdateAccountResponseJsonV310].account_routings should be (testPutJsonWithIban.account_routings)
responsePut1.body.extract[UpdateAccountResponseJsonV310].account_routings.sortBy(_.scheme) should be (testPutJsonWithIban.account_routings.sortBy(_.scheme))
val responseGet1 = makeGetRequest(requestGet)
And("We should get 200 and updated account routings in the getAccount response")
responseGet1.code should equal(200)
responseGet1.body.extract[ModeratedCoreAccountJsonV300].account_routings should be (testPutJsonWithIban.account_routings)
responseGet1.body.extract[ModeratedCoreAccountJsonV300].account_routings.sortBy(_.scheme) should be (testPutJsonWithIban.account_routings.sortBy(_.scheme))
When("We want to remove an account routing scheme (AccountNumber)")
@ -115,13 +115,13 @@ class AccountTest extends V310ServerSetup with DefaultUsers {
val responsePut2 = makePutRequest(requestPut, write(testPutJsonWithoutAccountNumber))
Then("We should get 200 and updated account routings in the updateAccount response")
responsePut2.code should equal(200)
responsePut2.body.extract[UpdateAccountResponseJsonV310].account_routings should be (testPutJsonWithoutAccountNumber.account_routings)
responsePut2.body.extract[UpdateAccountResponseJsonV310].account_routings.sortBy(_.scheme) should be (testPutJsonWithoutAccountNumber.account_routings.sortBy(_.scheme))
val responseGet2 = makeGetRequest(requestGet)
And("We should get 200 and updated account routings in the getAccount response")
responseGet2.code should equal(200)
responseGet2.body.extract[ModeratedCoreAccountJsonV300].account_routings should be (testPutJsonWithoutAccountNumber.account_routings)
responseGet2.body.extract[ModeratedCoreAccountJsonV300].account_routings.sortBy(_.scheme) should be (testPutJsonWithoutAccountNumber.account_routings.sortBy(_.scheme))
When("We want to update an account routing scheme (IBAN)")
@ -131,12 +131,12 @@ class AccountTest extends V310ServerSetup with DefaultUsers {
val responsePut3 = makePutRequest(requestPut, write(testPutJsonWithUpdatedIban))
Then("We should get 200 and updated account routings in the updateAccount response")
responsePut3.code should equal(200)
responsePut3.body.extract[UpdateAccountResponseJsonV310].account_routings should be (testPutJsonWithUpdatedIban.account_routings)
responsePut3.body.extract[UpdateAccountResponseJsonV310].account_routings.sortBy(_.scheme) should be (testPutJsonWithUpdatedIban.account_routings.sortBy(_.scheme))
val responseGet3 = makeGetRequest(requestGet)
And("We should get 200 and updated account routings in the getAccount response")
responseGet3.code should equal(200)
responseGet3.body.extract[ModeratedCoreAccountJsonV300].account_routings should be (testPutJsonWithUpdatedIban.account_routings)
responseGet3.body.extract[ModeratedCoreAccountJsonV300].account_routings.sortBy(_.scheme) should be (testPutJsonWithUpdatedIban.account_routings.sortBy(_.scheme))
When("We want to update an account with a routing scheme duplication")
@ -152,7 +152,7 @@ class AccountTest extends V310ServerSetup with DefaultUsers {
val responseGet4 = makeGetRequest(requestGet)
And("We should get 200 and non-updated account routings on the getAccount response")
responseGet4.code should equal(200)
responseGet4.body.extract[ModeratedCoreAccountJsonV300].account_routings should be (testPutJsonWithUpdatedIban.account_routings)
responseGet4.body.extract[ModeratedCoreAccountJsonV300].account_routings.sortBy(_.scheme) should be (testPutJsonWithUpdatedIban.account_routings.sortBy(_.scheme))
When("We want to add an account routing scheme (IBAN) with an already existing routing scheme (IBAN)")
@ -175,7 +175,7 @@ class AccountTest extends V310ServerSetup with DefaultUsers {
val responseGetOtherAccount_2 = makeGetRequest(requestGetOtherAccount)
And("We should get 200 and non-updated account routings on the second getAccount response")
responseGetOtherAccount_2.code should equal(200)
responseGetOtherAccount_2.body.extract[ModeratedCoreAccountJsonV300].account_routings should be (originalAccountRoutings)
responseGetOtherAccount_2.body.extract[ModeratedCoreAccountJsonV300].account_routings.sortBy(_.scheme) should be (originalAccountRoutings.sortBy(_.scheme))
}
}