From 56289ed029e0d63c3166d8899a87ba52e0e4275d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marko=20Mili=C4=87?= <marko@tesobe.com>
Date: Mon, 4 Aug 2025 11:58:25 +0200
Subject: [PATCH 01/30] feature/Add props use_tpp_signature_revocation_list

---
 obp-api/src/main/resources/props/sample.props.template      | 4 ++++
 .../src/main/scala/code/api/util/CertificateVerifier.scala  | 6 +++++-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/obp-api/src/main/resources/props/sample.props.template b/obp-api/src/main/resources/props/sample.props.template
index 64c7733d3..6560b0a12 100644
--- a/obp-api/src/main/resources/props/sample.props.template
+++ b/obp-api/src/main/resources/props/sample.props.template
@@ -165,6 +165,10 @@ jwt.use.ssl=false
 
 # Bypass TPP signature validation
 # bypass_tpp_signature_validation = false
+## Use TPP signature revocation list
+## - CRLs (Certificate Revocation Lists), or
+## - OCSP (Online Certificate Status Protocol).
+# use_tpp_signature_revocation_list = true
 
 ## Reject Berlin Group TRANSACTIONS with status "received" after a defined time (in seconds)
 # berlin_group_outdated_transactions_time_in_seconds = 300
diff --git a/obp-api/src/main/scala/code/api/util/CertificateVerifier.scala b/obp-api/src/main/scala/code/api/util/CertificateVerifier.scala
index 019aabd6e..4cc0a408f 100644
--- a/obp-api/src/main/scala/code/api/util/CertificateVerifier.scala
+++ b/obp-api/src/main/scala/code/api/util/CertificateVerifier.scala
@@ -80,7 +80,11 @@ object CertificateVerifier extends MdcLoggable {
 
       // Set up PKIX parameters for validation
       val pkixParams = new PKIXParameters(trustAnchors)
-      pkixParams.setRevocationEnabled(false) // Disable CRL checks
+      if(APIUtil.getPropsAsBoolValue("use_tpp_signature_revocation_list", defaultValue = true)) {
+        pkixParams.setRevocationEnabled(true) // Enable CRL checks
+      } else {
+        pkixParams.setRevocationEnabled(false) // Disable CRL checks
+      }
 
       // Validate certificate chain
       val certPath = CertificateFactory.getInstance("X.509").generateCertPath(Collections.singletonList(certificate))

From 6341584e228e7b124b6d4539155dcd7207fb5101 Mon Sep 17 00:00:00 2001
From: Hongwei <hongwei@tesobe.com>
Date: Mon, 4 Aug 2025 16:19:50 +0200
Subject: [PATCH 02/30] refactor/Change status field to Option type for better
 null handling

---
 .../api/ResourceDocs1_4_0/MessageDocsSwaggerDefinitions.scala | 2 +-
 .../bankconnectors/rabbitmq/RabbitMQConnector_vOct2024.scala  | 4 ++--
 .../code/bankconnectors/rest/RestConnector_vMar2019.scala     | 4 ++--
 .../storedprocedure/StoredProcedureConnector_vDec2019.scala   | 4 ++--
 obp-api/src/main/scala/code/model/ModeratedBankingData.scala  | 2 +-
 obp-api/src/main/scala/code/model/View.scala                  | 2 +-
 .../src/main/scala/code/transaction/MappedTransaction.scala   | 2 +-
 .../berlin/group/v1_3/JSONFactory_BERLIN_GROUP_1_3Test.scala  | 2 +-
 .../scala/com/openbankproject/commons/model/CommonModel.scala | 2 +-
 9 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/obp-api/src/main/scala/code/api/ResourceDocs1_4_0/MessageDocsSwaggerDefinitions.scala b/obp-api/src/main/scala/code/api/ResourceDocs1_4_0/MessageDocsSwaggerDefinitions.scala
index e7dc68c5c..2decaab96 100644
--- a/obp-api/src/main/scala/code/api/ResourceDocs1_4_0/MessageDocsSwaggerDefinitions.scala
+++ b/obp-api/src/main/scala/code/api/ResourceDocs1_4_0/MessageDocsSwaggerDefinitions.scala
@@ -232,7 +232,7 @@ object MessageDocsSwaggerDefinitions
     startDate = DateWithDayExampleObject,
     finishDate = Some(DateWithDayExampleObject),
     balance = BigDecimal(balanceAmountExample.value),
-    status = transactionStatusExample.value,
+    status = Some(transactionStatusExample.value),
   )
   
   val accountRouting = AccountRouting("","")
diff --git a/obp-api/src/main/scala/code/bankconnectors/rabbitmq/RabbitMQConnector_vOct2024.scala b/obp-api/src/main/scala/code/bankconnectors/rabbitmq/RabbitMQConnector_vOct2024.scala
index d03236dd0..c644945b7 100644
--- a/obp-api/src/main/scala/code/bankconnectors/rabbitmq/RabbitMQConnector_vOct2024.scala
+++ b/obp-api/src/main/scala/code/bankconnectors/rabbitmq/RabbitMQConnector_vOct2024.scala
@@ -1552,7 +1552,7 @@ trait RabbitMQConnector_vOct2024 extends Connector with MdcLoggable {
       startDate=toDate(transactionStartDateExample),
       finishDate=Some(toDate(transactionFinishDateExample)),
       balance=BigDecimal(balanceExample.value),
-      status=transactionStatusExample.value
+      status=Some(transactionStatusExample.value)
       )))
     ),
     adapterImplementation = Some(AdapterImplementation("- Core", 1))
@@ -1687,7 +1687,7 @@ trait RabbitMQConnector_vOct2024 extends Connector with MdcLoggable {
       startDate=toDate(transactionStartDateExample),
       finishDate=Some(toDate(transactionFinishDateExample)),
       balance=BigDecimal(balanceExample.value),
-      status=transactionStatusExample.value))
+      status=Some(transactionStatusExample.value)))
     ),
     adapterImplementation = Some(AdapterImplementation("- Core", 1))
   )
diff --git a/obp-api/src/main/scala/code/bankconnectors/rest/RestConnector_vMar2019.scala b/obp-api/src/main/scala/code/bankconnectors/rest/RestConnector_vMar2019.scala
index 6bfee72bd..53a3b7200 100644
--- a/obp-api/src/main/scala/code/bankconnectors/rest/RestConnector_vMar2019.scala
+++ b/obp-api/src/main/scala/code/bankconnectors/rest/RestConnector_vMar2019.scala
@@ -1500,7 +1500,7 @@ trait RestConnector_vMar2019 extends Connector with MdcLoggable {
       startDate=toDate(transactionStartDateExample),
       finishDate=Some(toDate(transactionFinishDateExample)),
       balance=BigDecimal(balanceExample.value),
-      status=transactionStatusExample.value)))
+      status=Some(transactionStatusExample.value))))
     ),
     adapterImplementation = Some(AdapterImplementation("- Core", 1))
   )
@@ -1634,7 +1634,7 @@ trait RestConnector_vMar2019 extends Connector with MdcLoggable {
       startDate=toDate(transactionStartDateExample),
       finishDate=Some(toDate(transactionFinishDateExample)),
       balance=BigDecimal(balanceExample.value),
-      status=transactionStatusExample.value))
+      status=Some(transactionStatusExample.value)))
     ),
     adapterImplementation = Some(AdapterImplementation("- Core", 1))
   )
diff --git a/obp-api/src/main/scala/code/bankconnectors/storedprocedure/StoredProcedureConnector_vDec2019.scala b/obp-api/src/main/scala/code/bankconnectors/storedprocedure/StoredProcedureConnector_vDec2019.scala
index 0ab7b583b..d3a89839a 100644
--- a/obp-api/src/main/scala/code/bankconnectors/storedprocedure/StoredProcedureConnector_vDec2019.scala
+++ b/obp-api/src/main/scala/code/bankconnectors/storedprocedure/StoredProcedureConnector_vDec2019.scala
@@ -1481,7 +1481,7 @@ trait StoredProcedureConnector_vDec2019 extends Connector with MdcLoggable {
       startDate=toDate(transactionStartDateExample),
       finishDate=Some(toDate(transactionFinishDateExample)),
       balance=BigDecimal(balanceExample.value),
-      status=transactionStatusExample.value)))
+      status=Some(transactionStatusExample.value))))
     ),
     adapterImplementation = Some(AdapterImplementation("- Core", 1))
   )
@@ -1615,7 +1615,7 @@ trait StoredProcedureConnector_vDec2019 extends Connector with MdcLoggable {
       startDate=toDate(transactionStartDateExample),
       finishDate=Some(toDate(transactionFinishDateExample)),
       balance=BigDecimal(balanceExample.value),
-      status=transactionStatusExample.value))
+      status=Some(transactionStatusExample.value)))
     ),
     adapterImplementation = Some(AdapterImplementation("- Core", 1))
   )
diff --git a/obp-api/src/main/scala/code/model/ModeratedBankingData.scala b/obp-api/src/main/scala/code/model/ModeratedBankingData.scala
index 7314db295..569b48f99 100644
--- a/obp-api/src/main/scala/code/model/ModeratedBankingData.scala
+++ b/obp-api/src/main/scala/code/model/ModeratedBankingData.scala
@@ -57,7 +57,7 @@ class ModeratedTransaction(
                             //the filteredBlance type in this class is a string rather than Big decimal like in Transaction trait for snippet (display) reasons.
                             //the view should be able to return a sign (- or +) or the real value. casting signs into big decimal is not possible
                             val balance : String,
-                            val status : String
+                            val status : Moderated[String]
 ) {
 
   def dateOption2JString(date: Option[Date]) : JString = {
diff --git a/obp-api/src/main/scala/code/model/View.scala b/obp-api/src/main/scala/code/model/View.scala
index 8f653f891..1ced4ecf8 100644
--- a/obp-api/src/main/scala/code/model/View.scala
+++ b/obp-api/src/main/scala/code/model/View.scala
@@ -178,7 +178,7 @@ case class ViewExtended(val view: View) {
 
       val transactionStatus =
         if (viewPermissions.exists(_ == CAN_SEE_TRANSACTION_STATUS)) transaction.status
-        else ""
+        else None
 
       new ModeratedTransaction(
         UUID = transactionUUID,
diff --git a/obp-api/src/main/scala/code/transaction/MappedTransaction.scala b/obp-api/src/main/scala/code/transaction/MappedTransaction.scala
index d17879a24..378f74dd7 100644
--- a/obp-api/src/main/scala/code/transaction/MappedTransaction.scala
+++ b/obp-api/src/main/scala/code/transaction/MappedTransaction.scala
@@ -156,7 +156,7 @@ class MappedTransaction extends LongKeyedMapper[MappedTransaction] with IdPK wit
                             tStartDate.get,
                             Some(tFinishDate.get),
                             newBalance,
-                            status.get))
+                            Some(status.get)))
     }
   }
   
diff --git a/obp-api/src/test/scala/code/api/berlin/group/v1_3/JSONFactory_BERLIN_GROUP_1_3Test.scala b/obp-api/src/test/scala/code/api/berlin/group/v1_3/JSONFactory_BERLIN_GROUP_1_3Test.scala
index 8e0cda195..7b77900ba 100644
--- a/obp-api/src/test/scala/code/api/berlin/group/v1_3/JSONFactory_BERLIN_GROUP_1_3Test.scala
+++ b/obp-api/src/test/scala/code/api/berlin/group/v1_3/JSONFactory_BERLIN_GROUP_1_3Test.scala
@@ -91,7 +91,7 @@ class JSONFactory_BERLIN_GROUP_1_3Test extends FeatureSpec with Matchers with Gi
           startDate = Some(new java.util.Date()),
           finishDate = Some(new java.util.Date()),
           balance = "900.00",
-          status = "booked"
+          status = Some("booked")
         )
       }
       
diff --git a/obp-commons/src/main/scala/com/openbankproject/commons/model/CommonModel.scala b/obp-commons/src/main/scala/com/openbankproject/commons/model/CommonModel.scala
index 5a300bf6a..c81aac363 100644
--- a/obp-commons/src/main/scala/com/openbankproject/commons/model/CommonModel.scala
+++ b/obp-commons/src/main/scala/com/openbankproject/commons/model/CommonModel.scala
@@ -1141,7 +1141,7 @@ case class Transaction(
                    finishDate : Option[Date],
                    //the new balance for the bank account
                    balance :  BigDecimal,
-                   status: String
+                   status : Option[String]
                  ) {
 
   val bankId = thisAccount.bankId

From 578bd99fe6fb3659203fb991f5655bea63198c6d Mon Sep 17 00:00:00 2001
From: Hongwei <hongwei@tesobe.com>
Date: Mon, 4 Aug 2025 16:21:11 +0200
Subject: [PATCH 03/30] refactor/Change status field to Option type

---
 .../RestConnector_vMar2019_frozen_meta_data   | Bin 123942 -> 123950 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)

diff --git a/obp-api/src/test/scala/code/connector/RestConnector_vMar2019_frozen_meta_data b/obp-api/src/test/scala/code/connector/RestConnector_vMar2019_frozen_meta_data
index a802ceacdccc8c15da1964eb466c7446957eae1b..ffdf640c9c70fc3370b5af47b5710df002a7869b 100644
GIT binary patch
delta 26
icmZ2>f_>cy_J%Et+fPq#5n>day!o2Q_A93ugCqc`FbmoM

delta 31
ncmZ2?f_>Qu_J%Et+fPsCS;aZsMwXF#x_<#9=k`0N8G|GM)r|}x


From ba36503a1efbc47c293a733e5b70baf1703d43c8 Mon Sep 17 00:00:00 2001
From: hongwei <hongwei@tesobe.com>
Date: Tue, 5 Aug 2025 10:40:02 +0200
Subject: [PATCH 04/30] feature/used Apache Commons Email instead of LiftMail-
 step1

---
 obp-api/pom.xml                               |   6 +
 .../code/api/util/CommonsEmailWrapper.scala   | 201 ++++++++++++++++++
 .../scala/code/api/v4_0_0/APIMethods400.scala |  54 ++++-
 3 files changed, 257 insertions(+), 4 deletions(-)
 create mode 100644 obp-api/src/main/scala/code/api/util/CommonsEmailWrapper.scala

diff --git a/obp-api/pom.xml b/obp-api/pom.xml
index 1227da21a..92bf9c7df 100644
--- a/obp-api/pom.xml
+++ b/obp-api/pom.xml
@@ -101,6 +101,12 @@
       <artifactId>commons-text</artifactId>
       <version>1.10.0</version>
     </dependency>
+    <!-- https://mvnrepository.com/artifact/org.apache.commons/commons-email -->
+    <dependency>
+      <groupId>org.apache.commons</groupId>
+      <artifactId>commons-email</artifactId>
+      <version>1.5</version>
+    </dependency>
     <dependency>
       <groupId>org.postgresql</groupId>
       <artifactId>postgresql</artifactId>
diff --git a/obp-api/src/main/scala/code/api/util/CommonsEmailWrapper.scala b/obp-api/src/main/scala/code/api/util/CommonsEmailWrapper.scala
new file mode 100644
index 000000000..bd695b819
--- /dev/null
+++ b/obp-api/src/main/scala/code/api/util/CommonsEmailWrapper.scala
@@ -0,0 +1,201 @@
+package code.api.util
+
+import org.apache.commons.mail.{Email, SimpleEmail, HtmlEmail, MultiPartEmail, EmailAttachment, DefaultAuthenticator}
+import java.io.File
+import java.net.URL
+import code.util.Helper.MdcLoggable
+import net.liftweb.common.{Box, Empty, Full}
+import net.liftweb.util.Helpers.now
+
+/**
+ * Apache Commons Email Wrapper for OBP-API
+ * This wrapper provides a simple interface to send emails using Apache Commons Email
+ * instead of Lift Web's Mailer
+ */
+object CommonsEmailWrapper extends MdcLoggable {
+
+  /**
+   * Email configuration case class
+   */
+  case class EmailConfig(
+    smtpHost: String,
+    smtpPort: Int,
+    username: String,
+    password: String,
+    useTLS: Boolean = true,
+    useSSL: Boolean = false,
+    debug: Boolean = false
+  )
+
+  /**
+   * Email content case class
+   */
+  case class EmailContent(
+    from: String,
+    to: List[String],
+    cc: List[String] = List.empty,
+    bcc: List[String] = List.empty,
+    subject: String,
+    textContent: Option[String] = None,
+    htmlContent: Option[String] = None,
+    attachments: List[EmailAttachment] = List.empty
+  )
+
+  /**
+   * Send simple text email
+   */
+  def sendTextEmail(config: EmailConfig, content: EmailContent): Box[String] = {
+    try {
+      logger.info(s"Sending text email from ${content.from} to ${content.to.mkString(", ")}")
+      
+      val email = new SimpleEmail()
+      configureEmail(email, config, content)
+      
+      // Set text content
+      content.textContent match {
+        case Some(text) => email.setMsg(text)
+        case None => email.setMsg("")
+      }
+      
+      val messageId = email.send()
+      logger.info(s"Email sent successfully with Message-ID: $messageId")
+      Full(messageId)
+    } catch {
+      case e: Exception =>
+        logger.error(s"Failed to send text email: ${e.getMessage}", e)
+        Empty
+    }
+  }
+
+  /**
+   * Send HTML email
+   */
+  def sendHtmlEmail(config: EmailConfig, content: EmailContent): Box[String] = {
+    try {
+      logger.info(s"Sending HTML email from ${content.from} to ${content.to.mkString(", ")}")
+      
+      val email = new HtmlEmail()
+      configureEmail(email, config, content)
+      
+      // Set HTML content
+      content.htmlContent match {
+        case Some(html) => email.setHtmlMsg(html)
+        case None => email.setHtmlMsg("<html><body>No content</body></html>")
+      }
+      
+      // Set text content as fallback
+      content.textContent.foreach(email.setTextMsg)
+      
+      val messageId = email.send()
+      logger.info(s"HTML email sent successfully with Message-ID: $messageId")
+      Full(messageId)
+    } catch {
+      case e: Exception =>
+        logger.error(s"Failed to send HTML email: ${e.getMessage}", e)
+        Empty
+    }
+  }
+
+  /**
+   * Send email with attachments
+   */
+  def sendEmailWithAttachments(config: EmailConfig, content: EmailContent): Box[String] = {
+    try {
+      logger.info(s"Sending email with attachments from ${content.from} to ${content.to.mkString(", ")}")
+      
+      val email = new MultiPartEmail()
+      configureEmail(email, config, content)
+      
+      // Set text content
+      content.textContent.foreach(email.setMsg)
+      
+      // Add attachments
+      content.attachments.foreach(email.attach)
+      
+      val messageId = email.send()
+      logger.info(s"Email with attachments sent successfully with Message-ID: $messageId")
+      Full(messageId)
+    } catch {
+      case e: Exception =>
+        logger.error(s"Failed to send email with attachments: ${e.getMessage}", e)
+        Empty
+    }
+  }
+
+  /**
+   * Configure email with common settings
+   */
+  private def configureEmail(email: Email, config: EmailConfig, content: EmailContent): Unit = {
+    // SMTP Configuration
+    email.setHostName(config.smtpHost)
+    email.setSmtpPort(config.smtpPort)
+    email.setAuthenticator(new DefaultAuthenticator(config.username, config.password))
+    email.setSSLOnConnect(config.useSSL)
+    email.setStartTLSEnabled(config.useTLS)
+    email.setDebug(config.debug)
+    
+    // Set charset
+    email.setCharset("UTF-8")
+    
+    // Set sender
+    email.setFrom(content.from)
+    
+    // Set recipients
+    content.to.foreach(email.addTo)
+    content.cc.foreach(email.addCc)
+    content.bcc.foreach(email.addBcc)
+    
+    // Set subject
+    email.setSubject(content.subject)
+  }
+
+  /**
+   * Create email attachment from file
+   */
+  def createFileAttachment(filePath: String, name: Option[String] = None): EmailAttachment = {
+    val attachment = new EmailAttachment()
+    attachment.setPath(filePath)
+    attachment.setDisposition(EmailAttachment.ATTACHMENT)
+    name.foreach(attachment.setName)
+    attachment
+  }
+
+  /**
+   * Create email attachment from URL
+   */
+  def createUrlAttachment(url: String, name: String): EmailAttachment = {
+    val attachment = new EmailAttachment()
+    attachment.setURL(new URL(url))
+    attachment.setDisposition(EmailAttachment.ATTACHMENT)
+    attachment.setName(name)
+    attachment
+  }
+  
+  /**
+   * Test MailHog configuration, this for testing 
+   */
+  def testMailHogConfig(): Unit = {
+    val config = EmailConfig(
+      smtpHost = "localhost",
+      smtpPort = 1025,
+      username = "",
+      password = "",
+      useTLS = false,
+      debug = true
+    )
+
+    val content = EmailContent(
+      from = "test@localhost",
+      to = List("receive@mailhog.local"),
+      subject = "Test MailHog with Apache Commons Email",
+      textContent = Some("This is a test email sent to MailHog using Apache Commons Email wrapper.")
+    )
+
+    logger.info("Testing MailHog configuration with Apache Commons Email...")
+    
+    sendTextEmail(config, content) match {
+      case Full(messageId) => logger.info(s"MailHog email sent successfully: $messageId")
+      case Empty => logger.error("Failed to send MailHog email")
+    }
+  }
+} 
\ No newline at end of file
diff --git a/obp-api/src/main/scala/code/api/v4_0_0/APIMethods400.scala b/obp-api/src/main/scala/code/api/v4_0_0/APIMethods400.scala
index c2e98117b..70ae47c69 100644
--- a/obp-api/src/main/scala/code/api/v4_0_0/APIMethods400.scala
+++ b/obp-api/src/main/scala/code/api/v4_0_0/APIMethods400.scala
@@ -83,8 +83,8 @@ import net.liftweb.json.JsonDSL._
 import net.liftweb.json.Serialization.write
 import net.liftweb.json._
 import net.liftweb.util.Helpers.{now, tryo}
-import net.liftweb.util.Mailer.{From, PlainMailBodyType, Subject, To, XHTMLMailBodyType}
-import net.liftweb.util.{Helpers, Mailer, StringHelpers}
+import net.liftweb.util.{Helpers, StringHelpers}
+import code.api.util.CommonsEmailWrapper._
 import org.apache.commons.lang3.StringUtils
 
 import java.net.URLEncoder
@@ -3368,7 +3368,30 @@ trait APIMethods400 extends MdcLoggable {
                 .replace(WebUIPlaceholder.activateYourAccount, link)
               logger.debug(s"customHtmlText: ${customHtmlText}")
               logger.debug(s"Before send user invitation by email. Purpose: ${UserInvitationPurpose.DEVELOPER}")
-              Mailer.sendMail(From(from), Subject(subject), To(invitation.email), PlainMailBodyType(customText), XHTMLMailBodyType(XML.loadString(customHtmlText)))
+              
+              // Use Apache Commons Email wrapper instead of Lift Mailer
+              val emailConfig = EmailConfig(
+                smtpHost = APIUtil.getPropsValue("mail.smtp.host", "localhost"),
+                smtpPort = APIUtil.getPropsValue("mail.smtp.port", "1025").toInt,
+                username = APIUtil.getPropsValue("mail.smtp.user", ""),
+                password = APIUtil.getPropsValue("mail.smtp.password", ""),
+                useTLS = APIUtil.getPropsValue("mail.smtp.starttls.enable", "false").toBoolean,
+                debug = APIUtil.getPropsValue("mail.debug", "false").toBoolean
+              )
+              
+              val emailContent = EmailContent(
+                from = from,
+                to = List(invitation.email),
+                subject = subject,
+                textContent = Some(customText),
+                htmlContent = Some(customHtmlText)
+              )
+              
+              sendHtmlEmail(emailConfig, emailContent) match {
+                case Full(messageId) => logger.debug(s"Email sent successfully with Message-ID: $messageId")
+                case Empty => logger.error("Failed to send user invitation email")
+              }
+              
               logger.debug(s"After send user invitation by email. Purpose: ${UserInvitationPurpose.DEVELOPER}")
             } else {
               val subject = getWebUiPropsValue("webui_customer_user_invitation_email_subject", "Welcome to the API Playground")
@@ -3380,7 +3403,30 @@ trait APIMethods400 extends MdcLoggable {
                 .replace(WebUIPlaceholder.activateYourAccount, link)
               logger.debug(s"customHtmlText: ${customHtmlText}")
               logger.debug(s"Before send user invitation by email.")
-              Mailer.sendMail(From(from), Subject(subject), To(invitation.email), PlainMailBodyType(customText), XHTMLMailBodyType(XML.loadString(customHtmlText)))
+              
+              // Use Apache Commons Email wrapper instead of Lift Mailer
+              val emailConfig = EmailConfig(
+                smtpHost = APIUtil.getPropsValue("mail.smtp.host", "localhost"),
+                smtpPort = APIUtil.getPropsValue("mail.smtp.port", "1025").toInt,
+                username = APIUtil.getPropsValue("mail.smtp.user", ""),
+                password = APIUtil.getPropsValue("mail.smtp.password", ""),
+                useTLS = APIUtil.getPropsValue("mail.smtp.starttls.enable", "false").toBoolean,
+                debug = APIUtil.getPropsValue("mail.debug", "false").toBoolean
+              )
+              
+              val emailContent = EmailContent(
+                from = from,
+                to = List(invitation.email),
+                subject = subject,
+                textContent = Some(customText),
+                htmlContent = Some(customHtmlText)
+              )
+              
+              sendHtmlEmail(emailConfig, emailContent) match {
+                case Full(messageId) => logger.debug(s"Email sent successfully with Message-ID: $messageId")
+                case Empty => logger.error("Failed to send user invitation email")
+              }
+              
               logger.debug(s"After send user invitation by email.")
             }
             (JSONFactory400.createUserInvitationJson(invitation), HttpCode.`201`(callContext))

From da1bf7e615bba737329677d259a6ddeaf5d764ee Mon Sep 17 00:00:00 2001
From: hongwei <hongwei@tesobe.com>
Date: Tue, 5 Aug 2025 10:42:02 +0200
Subject: [PATCH 05/30] refactor/ comment out unused scalaxb-maven-plugin in
 pom.xml

---
 obp-api/pom.xml | 37 +++++++++++++++++++------------------
 1 file changed, 19 insertions(+), 18 deletions(-)

diff --git a/obp-api/pom.xml b/obp-api/pom.xml
index 92bf9c7df..553a843c5 100644
--- a/obp-api/pom.xml
+++ b/obp-api/pom.xml
@@ -667,24 +667,25 @@
           <release>${java.version}</release>
         </configuration>
       </plugin>
-      <plugin>
-        <groupId>org.scalaxb</groupId>
-        <artifactId>scalaxb-maven-plugin</artifactId>
-        <version>1.7.5</version>
-        <configuration>
-          <packageName>code.adapter.soap</packageName>
-          <wsdlDirectory>src/main/resources/custom_webapp/wsdl</wsdlDirectory>
-          <xsdDirectory>src/main/resources/custom_webapp/xsd</xsdDirectory>
-        </configuration>
-        <executions>
-          <execution>
-            <id>scalaxb</id>
-            <goals>
-              <goal>generate</goal>
-            </goals>
-          </execution>
-        </executions>
-      </plugin>
+      <!--soap related plugin begin-->
+<!--      <plugin>-->
+<!--        <groupId>org.scalaxb</groupId>-->
+<!--        <artifactId>scalaxb-maven-plugin</artifactId>-->
+<!--        <version>1.7.5</version>-->
+<!--        <configuration>-->
+<!--          <packageName>code.adapter.soap</packageName>-->
+<!--          <wsdlDirectory>src/main/resources/custom_webapp/wsdl</wsdlDirectory>-->
+<!--          <xsdDirectory>src/main/resources/custom_webapp/xsd</xsdDirectory>-->
+<!--        </configuration>-->
+<!--        <executions>-->
+<!--          <execution>-->
+<!--            <id>scalaxb</id>-->
+<!--            <goals>-->
+<!--              <goal>generate</goal>-->
+<!--            </goals>-->
+<!--          </execution>-->
+<!--        </executions>-->
+<!--      </plugin>-->
       <!--grpc related plugin begin-->
       <!-- currently not need, enable this plugin when need generate new grpc code.
       <plugin>

From ffe53c9622703a4da0c5904bfd3956ba8a333262 Mon Sep 17 00:00:00 2001
From: hongwei <hongwei@tesobe.com>
Date: Tue, 5 Aug 2025 11:06:25 +0200
Subject: [PATCH 06/30] refactor/used Apache Commons Email instead of LiftMail-
 step2

---
 .../code/api/util/CommonsEmailWrapper.scala   | 81 +++++++++++++++++--
 .../scala/code/api/v4_0_0/APIMethods400.scala | 25 +-----
 2 files changed, 78 insertions(+), 28 deletions(-)

diff --git a/obp-api/src/main/scala/code/api/util/CommonsEmailWrapper.scala b/obp-api/src/main/scala/code/api/util/CommonsEmailWrapper.scala
index bd695b819..6a48c659b 100644
--- a/obp-api/src/main/scala/code/api/util/CommonsEmailWrapper.scala
+++ b/obp-api/src/main/scala/code/api/util/CommonsEmailWrapper.scala
@@ -1,11 +1,10 @@
 package code.api.util
 
-import org.apache.commons.mail.{Email, SimpleEmail, HtmlEmail, MultiPartEmail, EmailAttachment, DefaultAuthenticator}
-import java.io.File
-import java.net.URL
 import code.util.Helper.MdcLoggable
 import net.liftweb.common.{Box, Empty, Full}
-import net.liftweb.util.Helpers.now
+import org.apache.commons.mail._
+
+import java.net.URL
 
 /**
  * Apache Commons Email Wrapper for OBP-API
@@ -41,6 +40,42 @@ object CommonsEmailWrapper extends MdcLoggable {
     attachments: List[EmailAttachment] = List.empty
   )
 
+  /**
+   * Get default email configuration from OBP-API properties
+   */
+  def getDefaultEmailConfig(): EmailConfig = {
+    EmailConfig(
+      smtpHost = APIUtil.getPropsValue("mail.smtp.host", "localhost"),
+      smtpPort = APIUtil.getPropsValue("mail.smtp.port", "1025").toInt,
+      username = APIUtil.getPropsValue("mail.smtp.user", ""),
+      password = APIUtil.getPropsValue("mail.smtp.password", ""),
+      useTLS = APIUtil.getPropsValue("mail.smtp.starttls.enable", "false").toBoolean,
+      useSSL = APIUtil.getPropsValue("mail.smtp.ssl.enable", "false").toBoolean,
+      debug = APIUtil.getPropsValue("mail.debug", "false").toBoolean
+    )
+  }
+
+  /**
+   * Send simple text email with default configuration
+   */
+  def sendTextEmail(content: EmailContent): Box[String] = {
+    sendTextEmail(getDefaultEmailConfig(), content)
+  }
+
+  /**
+   * Send HTML email with default configuration
+   */
+  def sendHtmlEmail(content: EmailContent): Box[String] = {
+    sendHtmlEmail(getDefaultEmailConfig(), content)
+  }
+
+  /**
+   * Send email with attachments using default configuration
+   */
+  def sendEmailWithAttachments(content: EmailContent): Box[String] = {
+    sendEmailWithAttachments(getDefaultEmailConfig(), content)
+  }
+
   /**
    * Send simple text email
    */
@@ -170,9 +205,43 @@ object CommonsEmailWrapper extends MdcLoggable {
     attachment.setName(name)
     attachment
   }
-  
+
   /**
-   * Test MailHog configuration, this for testing 
+   * Test Gmail configuration
+   */
+  def testGmailConfig(): Unit = {
+    val config = EmailConfig(
+      smtpHost = "smtp.gmail.com",
+      smtpPort = 587,
+      username = "zhw55wyl@gmail.com",
+      password = "yqmadztqynmasrpm",
+      useTLS = true,
+      debug = true
+    )
+
+    val content = EmailContent(
+      from = "zhw55wyl@gmail.com",
+      to = List("zhw110@hotmail.com"),
+      subject = "Test Apache Commons Email Wrapper",
+      textContent = Some("This is a test email sent using Apache Commons Email wrapper."),
+      htmlContent = Some("<html><body><h1>Test Email</h1><p>This is a test email sent using Apache Commons Email wrapper.</p></body></html>")
+    )
+
+    logger.info("Testing Gmail configuration with Apache Commons Email...")
+    
+    sendTextEmail(config, content) match {
+      case Full(messageId) => logger.info(s"Text email sent successfully: $messageId")
+      case Empty => logger.error("Failed to send text email")
+    }
+
+    sendHtmlEmail(config, content) match {
+      case Full(messageId) => logger.info(s"HTML email sent successfully: $messageId")
+      case Empty => logger.error("Failed to send HTML email")
+    }
+  }
+
+  /**
+   * Test MailHog configuration
    */
   def testMailHogConfig(): Unit = {
     val config = EmailConfig(
diff --git a/obp-api/src/main/scala/code/api/v4_0_0/APIMethods400.scala b/obp-api/src/main/scala/code/api/v4_0_0/APIMethods400.scala
index 70ae47c69..a1d6f4ccd 100644
--- a/obp-api/src/main/scala/code/api/v4_0_0/APIMethods400.scala
+++ b/obp-api/src/main/scala/code/api/v4_0_0/APIMethods400.scala
@@ -12,6 +12,7 @@ import code.api.dynamic.entity.helper.DynamicEntityInfo
 import code.api.util.APIUtil.{fullBoxOrException, _}
 import code.api.util.ApiRole._
 import code.api.util.ApiTag._
+import code.api.util.CommonsEmailWrapper._
 import code.api.util.DynamicUtil.Validation
 import code.api.util.ErrorMessages.{BankNotFound, _}
 import code.api.util.ExampleValue._
@@ -84,7 +85,6 @@ import net.liftweb.json.Serialization.write
 import net.liftweb.json._
 import net.liftweb.util.Helpers.{now, tryo}
 import net.liftweb.util.{Helpers, StringHelpers}
-import code.api.util.CommonsEmailWrapper._
 import org.apache.commons.lang3.StringUtils
 
 import java.net.URLEncoder
@@ -96,7 +96,6 @@ import scala.collection.immutable.{List, Nil}
 import scala.collection.mutable.ArrayBuffer
 import scala.concurrent.Future
 import scala.jdk.CollectionConverters.collectionAsScalaIterableConverter
-import scala.xml.XML
 
 trait APIMethods400 extends MdcLoggable {
   self: RestHelper =>
@@ -3370,15 +3369,6 @@ trait APIMethods400 extends MdcLoggable {
               logger.debug(s"Before send user invitation by email. Purpose: ${UserInvitationPurpose.DEVELOPER}")
               
               // Use Apache Commons Email wrapper instead of Lift Mailer
-              val emailConfig = EmailConfig(
-                smtpHost = APIUtil.getPropsValue("mail.smtp.host", "localhost"),
-                smtpPort = APIUtil.getPropsValue("mail.smtp.port", "1025").toInt,
-                username = APIUtil.getPropsValue("mail.smtp.user", ""),
-                password = APIUtil.getPropsValue("mail.smtp.password", ""),
-                useTLS = APIUtil.getPropsValue("mail.smtp.starttls.enable", "false").toBoolean,
-                debug = APIUtil.getPropsValue("mail.debug", "false").toBoolean
-              )
-              
               val emailContent = EmailContent(
                 from = from,
                 to = List(invitation.email),
@@ -3387,7 +3377,7 @@ trait APIMethods400 extends MdcLoggable {
                 htmlContent = Some(customHtmlText)
               )
               
-              sendHtmlEmail(emailConfig, emailContent) match {
+              sendHtmlEmail(emailContent) match {
                 case Full(messageId) => logger.debug(s"Email sent successfully with Message-ID: $messageId")
                 case Empty => logger.error("Failed to send user invitation email")
               }
@@ -3405,15 +3395,6 @@ trait APIMethods400 extends MdcLoggable {
               logger.debug(s"Before send user invitation by email.")
               
               // Use Apache Commons Email wrapper instead of Lift Mailer
-              val emailConfig = EmailConfig(
-                smtpHost = APIUtil.getPropsValue("mail.smtp.host", "localhost"),
-                smtpPort = APIUtil.getPropsValue("mail.smtp.port", "1025").toInt,
-                username = APIUtil.getPropsValue("mail.smtp.user", ""),
-                password = APIUtil.getPropsValue("mail.smtp.password", ""),
-                useTLS = APIUtil.getPropsValue("mail.smtp.starttls.enable", "false").toBoolean,
-                debug = APIUtil.getPropsValue("mail.debug", "false").toBoolean
-              )
-              
               val emailContent = EmailContent(
                 from = from,
                 to = List(invitation.email),
@@ -3422,7 +3403,7 @@ trait APIMethods400 extends MdcLoggable {
                 htmlContent = Some(customHtmlText)
               )
               
-              sendHtmlEmail(emailConfig, emailContent) match {
+              sendHtmlEmail(emailContent) match {
                 case Full(messageId) => logger.debug(s"Email sent successfully with Message-ID: $messageId")
                 case Empty => logger.error("Failed to send user invitation email")
               }

From 1d2067e9311cf26c103068851b27ae9bb1cba747 Mon Sep 17 00:00:00 2001
From: hongwei <hongwei@tesobe.com>
Date: Tue, 5 Aug 2025 12:21:13 +0200
Subject: [PATCH 07/30] refactor/used Apache Commons Email instead of LiftMail-
 step3

---
 .../code/model/dataAccess/AuthUser.scala      | 53 ++++++++++++++++---
 1 file changed, 45 insertions(+), 8 deletions(-)

diff --git a/obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala b/obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala
index 29db243af..83b8e34c7 100644
--- a/obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala
+++ b/obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala
@@ -597,10 +597,29 @@ import net.liftweb.util.Helpers._
         val resetPasswordLinkProps = Constant.HostName
         val resetPasswordLink = APIUtil.getPropsValue("portal_hostname", resetPasswordLinkProps)+
           passwordResetPath.mkString("/", "/", "/")+urlEncode(u.getUniqueId())
-        Mailer.sendMail(From(emailFrom),Subject(passwordResetEmailSubject + " - " + u.username),
-          To(u.getEmail) ::
-            generateResetEmailBodies(u, resetPasswordLink) :::
-            (bccEmail.toList.map(BCC(_))) :_*)
+        logger.error("2222222222222222222222222222222222222223333:"+classOf[javax.activation.DataSource].getProtectionDomain.getCodeSource)
+        // Use Apache Commons Email wrapper instead of Lift Mailer
+        val emailBodies = generateResetEmailBodies(u, resetPasswordLink)
+        
+        // Extract text and HTML content from email bodies
+        val textContent = emailBodies.find(_.isInstanceOf[net.liftweb.util.Mailer.PlainMailBodyType])
+          .map(_.asInstanceOf[net.liftweb.util.Mailer.PlainMailBodyType].toString.replace("PlainMailBodyType(", "").replace(")", ""))
+        val htmlContent = emailBodies.find(_.isInstanceOf[net.liftweb.util.Mailer.XHTMLMailBodyType])
+          .map(_.asInstanceOf[net.liftweb.util.Mailer.XHTMLMailBodyType].toString.replace("XHTMLMailBodyType(", "").replace(")", ""))
+        
+        val emailContent = EmailContent(
+          from = emailFrom,
+          to = List(u.getEmail),
+          bcc = bccEmail.toList,
+          subject = passwordResetEmailSubject + " - " + u.username,
+          textContent = textContent,
+          htmlContent = htmlContent
+        )
+        
+        sendHtmlEmail(emailContent) match {
+          case Full(messageId) => logger.debug(s"Password reset email sent successfully with Message-ID: $messageId")
+          case Empty => logger.error("Failed to send password reset email")
+        }
       case u =>
         sendValidationEmail(u)
     }
@@ -645,10 +664,28 @@ import net.liftweb.util.Helpers._
 
     val msgXml = signupMailBody(user, resetLink)
 
-    Mailer.sendMail(From(emailFrom),Subject(signupMailSubject),
-      To(user.getEmail) ::
-        generateValidationEmailBodies(user, resetLink) :::
-        (bccEmail.toList.map(BCC(_))) :_* )
+    // Use Apache Commons Email wrapper instead of Lift Mailer
+    val emailBodies: List[Mailer.MailBodyType] = generateValidationEmailBodies(user, resetLink)
+    
+    // Extract text and HTML content from email bodies
+    val textContent = emailBodies.find(_.isInstanceOf[net.liftweb.util.Mailer.PlainMailBodyType])
+      .map(_.asInstanceOf[net.liftweb.util.Mailer.PlainMailBodyType].toString.replace("PlainMailBodyType(", "").replace(")", ""))
+    val htmlContent = emailBodies.find(_.isInstanceOf[net.liftweb.util.Mailer.XHTMLMailBodyType])
+      .map(_.asInstanceOf[net.liftweb.util.Mailer.XHTMLMailBodyType].toString.replace("XHTMLMailBodyType(", "").replace(")", ""))
+    
+    val emailContent = EmailContent(
+      from = emailFrom,
+      to = List(user.getEmail),
+      bcc = bccEmail.toList,
+      subject = signupMailSubject,
+      textContent = textContent,
+      htmlContent = htmlContent
+    )
+    
+    sendHtmlEmail(emailContent) match {
+      case Full(messageId) => logger.debug(s"Validation email sent successfully with Message-ID: $messageId")
+      case Empty => logger.error("Failed to send validation email")
+    }
   }
 
    def grantDefaultEntitlementsToAuthUser(user: TheUserType) = {

From 2efbf0696bc1f59281c4ef4b1b22aea64285f148 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marko=20Mili=C4=87?= <marko@tesobe.com>
Date: Tue, 5 Aug 2025 16:02:31 +0200
Subject: [PATCH 08/30] feature/Improve error handling at applyAccessTokenRules

---
 obp-api/src/main/scala/code/api/OAuth2.scala | 19 +++++++++++++++----
 1 file changed, 15 insertions(+), 4 deletions(-)

diff --git a/obp-api/src/main/scala/code/api/OAuth2.scala b/obp-api/src/main/scala/code/api/OAuth2.scala
index a464be47f..1d0a742e2 100644
--- a/obp-api/src/main/scala/code/api/OAuth2.scala
+++ b/obp-api/src/main/scala/code/api/OAuth2.scala
@@ -410,10 +410,21 @@ object OAuth2Login extends RestHelper with MdcLoggable {
       validateAccessToken(token) match {
         case Full(_) =>
           val user = getOrCreateResourceUser(token)
-          val consumer = getOrCreateConsumer(token, user.map(_.userId), Some("OAuth 2.0"))
-          LoginAttempt.userIsLocked(user.map(_.provider).getOrElse(""), user.map(_.name).getOrElse("")) match {
-            case true => ((Failure(UsernameHasBeenLocked), Some(cc.copy(consumer = consumer))))
-            case false => (user, Some(cc.copy(consumer = consumer)))
+          val consumer: Box[Consumer] = getOrCreateConsumer(token, user.map(_.userId), Some("OAuth 2.0"))
+          consumer match {
+            case Full(_) =>
+              LoginAttempt.userIsLocked(user.map(_.provider).getOrElse(""), user.map(_.name).getOrElse("")) match {
+                case true => ((Failure(UsernameHasBeenLocked), Some(cc.copy(consumer = consumer))))
+                case false => (user, Some(cc.copy(consumer = consumer)))
+              }
+            case ParamFailure(msg, exception, chain, apiFailure: APIFailure) =>
+              logger.debug(s"ParamFailure - message: $msg, param: $apiFailure, exception: ${exception.map(_.getMessage).openOr("none")}, chain: ${chain.map(_.msg).openOr("none")}")
+              (ParamFailure(msg, exception, chain, apiFailure: APIFailure), Some(cc))
+            case Failure(msg, exception, c) =>
+              logger.error(s"Failure - message: $msg, exception: ${exception.map(_.getMessage).openOr("none")}")
+              (Failure(msg, exception, c), Some(cc))
+            case _ =>
+              (Failure(CreateConsumerError), Some(cc))
           }
         case ParamFailure(a, b, c, apiFailure: APIFailure) =>
           (ParamFailure(a, b, c, apiFailure: APIFailure), Some(cc))

From a4395967eee84dbd3f1d2a1ccd267c8aa5bfa933 Mon Sep 17 00:00:00 2001
From: hongwei <hongwei@tesobe.com>
Date: Tue, 5 Aug 2025 17:22:31 +0200
Subject: [PATCH 09/30] refactor/used Apache Commons Email instead of LiftMail-
 step4

---
 obp-api/src/main/scala/bootstrap/liftweb/Boot.scala      | 7 +++----
 .../main/scala/code/api/util/CommonsEmailWrapper.scala   | 7 +++++--
 .../src/main/scala/code/model/dataAccess/AuthUser.scala  | 9 ++++++---
 3 files changed, 14 insertions(+), 9 deletions(-)

diff --git a/obp-api/src/main/scala/bootstrap/liftweb/Boot.scala b/obp-api/src/main/scala/bootstrap/liftweb/Boot.scala
index 3f607ecc8..64dd6fc2c 100644
--- a/obp-api/src/main/scala/bootstrap/liftweb/Boot.scala
+++ b/obp-api/src/main/scala/bootstrap/liftweb/Boot.scala
@@ -151,7 +151,6 @@ import org.apache.commons.io.FileUtils
 import java.io.{File, FileInputStream}
 import java.util.stream.Collectors
 import java.util.{Locale, TimeZone}
-import javax.mail.internet.MimeMessage
 import scala.concurrent.ExecutionContext
 
 /**
@@ -693,9 +692,9 @@ class Boot extends MdcLoggable {
       case e: ExceptionInInitializerError => logger.warn(s"BankAccountCreationListener Exception: $e")
     }
 
-    Mailer.devModeSend.default.set( (m : MimeMessage) => {
-      logger.info("Would have sent email if not in dev mode: " + m.getContent)
-    })
+//    Mailer.devModeSend.default.set( (m : MimeMessage) => {
+//      logger.info("Would have sent email if not in dev mode: " + m.getContent)
+//    })
     
     LiftRules.exceptionHandler.prepend{
       case(_, r, e) if e.isInstanceOf[NullPointerException] && e.getMessage.contains("Looking for Connection Identifier") => {
diff --git a/obp-api/src/main/scala/code/api/util/CommonsEmailWrapper.scala b/obp-api/src/main/scala/code/api/util/CommonsEmailWrapper.scala
index 6a48c659b..e56e0ff73 100644
--- a/obp-api/src/main/scala/code/api/util/CommonsEmailWrapper.scala
+++ b/obp-api/src/main/scala/code/api/util/CommonsEmailWrapper.scala
@@ -23,7 +23,8 @@ object CommonsEmailWrapper extends MdcLoggable {
     password: String,
     useTLS: Boolean = true,
     useSSL: Boolean = false,
-    debug: Boolean = false
+    debug: Boolean = false,
+    tlsProtocols: String = "TLSv1.2"  // TLS protocols to use
   )
 
   /**
@@ -51,7 +52,8 @@ object CommonsEmailWrapper extends MdcLoggable {
       password = APIUtil.getPropsValue("mail.smtp.password", ""),
       useTLS = APIUtil.getPropsValue("mail.smtp.starttls.enable", "false").toBoolean,
       useSSL = APIUtil.getPropsValue("mail.smtp.ssl.enable", "false").toBoolean,
-      debug = APIUtil.getPropsValue("mail.debug", "false").toBoolean
+      debug = APIUtil.getPropsValue("mail.debug", "false").toBoolean,
+      tlsProtocols = APIUtil.getPropsValue("mail.smtp.ssl.protocols", "TLSv1.2")
     )
   }
 
@@ -168,6 +170,7 @@ object CommonsEmailWrapper extends MdcLoggable {
     email.setSSLOnConnect(config.useSSL)
     email.setStartTLSEnabled(config.useTLS)
     email.setDebug(config.debug)
+    email.getMailSession.getProperties.setProperty("mail.smtp.ssl.protocols", config.tlsProtocols)
     
     // Set charset
     email.setCharset("UTF-8")
diff --git a/obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala b/obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala
index 83b8e34c7..8677da4db 100644
--- a/obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala
+++ b/obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala
@@ -33,6 +33,7 @@ import code.api.cache.Caching
 import code.api.dynamic.endpoint.helper.DynamicEndpointHelper
 import code.api.util.APIUtil._
 import code.api.util.CommonFunctions.validUri
+import code.api.util.CommonsEmailWrapper._
 import code.api.util.ErrorMessages._
 import code.api.util._
 import code.bankconnectors.Connector
@@ -55,7 +56,6 @@ import net.liftweb.http.S.fmapFunc
 import net.liftweb.http._
 import net.liftweb.mapper._
 import net.liftweb.sitemap.Loc.{If, LocParam, Template}
-import net.liftweb.util.Mailer.{BCC, From, Subject, To}
 import net.liftweb.util._
 import org.apache.commons.lang3.StringUtils
 import sh.ory.hydra.api.AdminApi
@@ -597,7 +597,7 @@ import net.liftweb.util.Helpers._
         val resetPasswordLinkProps = Constant.HostName
         val resetPasswordLink = APIUtil.getPropsValue("portal_hostname", resetPasswordLinkProps)+
           passwordResetPath.mkString("/", "/", "/")+urlEncode(u.getUniqueId())
-        logger.error("2222222222222222222222222222222222222223333:"+classOf[javax.activation.DataSource].getProtectionDomain.getCodeSource)
+        logger.error("222222222222222222222222222222222222222444:"+classOf[javax.activation.DataSource].getProtectionDomain.getCodeSource)
         // Use Apache Commons Email wrapper instead of Lift Mailer
         val emailBodies = generateResetEmailBodies(u, resetPasswordLink)
         
@@ -615,11 +615,14 @@ import net.liftweb.util.Helpers._
           textContent = textContent,
           htmlContent = htmlContent
         )
-        
         sendHtmlEmail(emailContent) match {
           case Full(messageId) => logger.debug(s"Password reset email sent successfully with Message-ID: $messageId")
           case Empty => logger.error("Failed to send password reset email")
         }
+//        Mailer.sendMail(From(emailFrom),Subject(passwordResetEmailSubject + " - " + u.username),
+//          To(u.getEmail) ::
+//            generateResetEmailBodies(u, resetPasswordLink) :::
+//            (bccEmail.toList.map(BCC(_))) :_*)
       case u =>
         sendValidationEmail(u)
     }

From 2a7f039f958e6a26012f3b9d7eb94d53259126af Mon Sep 17 00:00:00 2001
From: hongwei <hongwei@tesobe.com>
Date: Tue, 5 Aug 2025 17:27:50 +0200
Subject: [PATCH 10/30] refactor/used Apache Commons Email instead of LiftMail-
 step5

---
 .../code/model/dataAccess/AuthUser.scala      | 25 +++++++++++--------
 1 file changed, 15 insertions(+), 10 deletions(-)

diff --git a/obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala b/obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala
index 8677da4db..daed89179 100644
--- a/obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala
+++ b/obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala
@@ -616,19 +616,20 @@ import net.liftweb.util.Helpers._
           htmlContent = htmlContent
         )
         sendHtmlEmail(emailContent) match {
-          case Full(messageId) => logger.debug(s"Password reset email sent successfully with Message-ID: $messageId")
-          case Empty => logger.error("Failed to send password reset email")
+          case Full(messageId) => 
+            logger.debug(s"Password reset email sent successfully with Message-ID: $messageId")
+            S.notice("Password reset email sent successfully. Please check your email.")
+            S.redirectTo(homePage)
+          case Empty => 
+            logger.error("Failed to send password reset email")
+            S.error("Failed to send password reset email. Please try again.")
+            S.redirectTo(homePage)
         }
-//        Mailer.sendMail(From(emailFrom),Subject(passwordResetEmailSubject + " - " + u.username),
-//          To(u.getEmail) ::
-//            generateResetEmailBodies(u, resetPasswordLink) :::
-//            (bccEmail.toList.map(BCC(_))) :_*)
       case u =>
         sendValidationEmail(u)
     }
     // In order to prevent any leakage of information we use the same message for all cases
-    S.notice(userNameNotFoundString)
-    S.redirectTo(homePage)
+    // Note: Individual success/error messages are now handled in the email sending logic above
   }
 
   override def lostPasswordXhtml = {
@@ -686,8 +687,12 @@ import net.liftweb.util.Helpers._
     )
     
     sendHtmlEmail(emailContent) match {
-      case Full(messageId) => logger.debug(s"Validation email sent successfully with Message-ID: $messageId")
-      case Empty => logger.error("Failed to send validation email")
+      case Full(messageId) => 
+        logger.debug(s"Validation email sent successfully with Message-ID: $messageId")
+        S.notice("Validation email sent successfully. Please check your email.")
+      case Empty => 
+        logger.error("Failed to send validation email")
+        S.error("Failed to send validation email. Please try again.")
     }
   }
 

From e59f006b2716c1add20a9da70b980469d7b285b0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marko=20Mili=C4=87?= <marko@tesobe.com>
Date: Wed, 6 Aug 2025 09:23:22 +0200
Subject: [PATCH 11/30] feature/Change type of Consumer.aud from char 250 to
 text

---
 .../code/api/util/migration/Migration.scala   |  7 +++
 .../util/migration/MigrationOfConsumer.scala  | 52 ++++++++++++++++++-
 obp-api/src/main/scala/code/model/OAuth.scala |  2 +-
 3 files changed, 58 insertions(+), 3 deletions(-)

diff --git a/obp-api/src/main/scala/code/api/util/migration/Migration.scala b/obp-api/src/main/scala/code/api/util/migration/Migration.scala
index 182f39a70..7da81d82c 100644
--- a/obp-api/src/main/scala/code/api/util/migration/Migration.scala
+++ b/obp-api/src/main/scala/code/api/util/migration/Migration.scala
@@ -100,6 +100,7 @@ object Migration extends MdcLoggable {
 //      populateViewDefinitionCanSeeTransactionStatus()
       alterCounterpartyLimitFieldType()
       populateMigrationOfViewPermissions(startedBeforeSchemifier)
+      changeTypeOfAudFieldAtConsumerTable()
     }
     
     private def dummyScript(): Boolean = {
@@ -254,6 +255,12 @@ object Migration extends MdcLoggable {
         MigrationOfConsumer.populateAzpAndSub(name)
       }
     }
+    private def changeTypeOfAudFieldAtConsumerTable(): Boolean = {
+      val name = nameOf(changeTypeOfAudFieldAtConsumerTable)
+      runOnce(name) {
+        MigrationOfConsumer.alterTypeofAud(name)
+      }
+    }
     private def alterTableMappedUserAuthContext(startedBeforeSchemifier: Boolean): Boolean = {
       if(startedBeforeSchemifier == true) {
         logger.warn(s"Migration.database.alterTableMappedUserAuthContext(true) cannot be run before Schemifier.")
diff --git a/obp-api/src/main/scala/code/api/util/migration/MigrationOfConsumer.scala b/obp-api/src/main/scala/code/api/util/migration/MigrationOfConsumer.scala
index 47e7e2ff6..1bd25bd2f 100644
--- a/obp-api/src/main/scala/code/api/util/migration/MigrationOfConsumer.scala
+++ b/obp-api/src/main/scala/code/api/util/migration/MigrationOfConsumer.scala
@@ -2,11 +2,11 @@ package code.api.util.migration
 
 import java.time.format.DateTimeFormatter
 import java.time.{ZoneId, ZonedDateTime}
-
 import code.api.util.APIUtil
 import code.api.util.migration.Migration.{DbFunction, saveLog}
 import code.model.{AppType, Consumer}
-import net.liftweb.mapper.DB
+import net.liftweb.common.Full
+import net.liftweb.mapper.{DB, Schemifier}
 import net.liftweb.util.{DefaultConnectionIdentifier, Helpers}
 
 object MigrationOfConsumer {
@@ -107,4 +107,52 @@ object MigrationOfConsumer {
         isSuccessful
     }
   }
+
+
+  def alterTypeofAud(name: String): Boolean = {
+    DbFunction.tableExists(Consumer) match {
+      case true =>
+        val startDate = System.currentTimeMillis()
+        val commitId: String = APIUtil.gitCommit
+        var isSuccessful = false
+
+        val executedSql =
+          DbFunction.maybeWrite(true, Schemifier.infoF _) {
+            APIUtil.getPropsValue("db.driver") match {
+              case Full(dbDriver) if dbDriver.contains("com.microsoft.sqlserver.jdbc.SQLServerDriver") =>
+                () =>
+                  """
+                    |ALTER TABLE consumer ALTER COLUMN aud VARCHAR(MAX) NULL;
+                    |""".stripMargin
+              case _ =>
+                () =>
+                  """
+                    |ALTER TABLE consumer ALTER COLUMN aud TYPE text;
+                    |""".stripMargin
+            }
+
+          }
+
+        val endDate = System.currentTimeMillis()
+        val comment: String =
+          s"""Executed SQL:
+             |$executedSql
+             |""".stripMargin
+        isSuccessful = true
+        saveLog(name, commitId, isSuccessful, startDate, endDate, comment)
+        isSuccessful
+
+      case false =>
+        val startDate = System.currentTimeMillis()
+        val commitId: String = APIUtil.gitCommit
+        val isSuccessful = false
+        val endDate = System.currentTimeMillis()
+        val comment: String =
+          s"""${Consumer._dbTableNameLC} table does not exist""".stripMargin
+        saveLog(name, commitId, isSuccessful, startDate, endDate, comment)
+        isSuccessful
+    }
+  }
+
+
 }
diff --git a/obp-api/src/main/scala/code/model/OAuth.scala b/obp-api/src/main/scala/code/model/OAuth.scala
index bf23e5719..f5b1b8c65 100644
--- a/obp-api/src/main/scala/code/model/OAuth.scala
+++ b/obp-api/src/main/scala/code/model/OAuth.scala
@@ -541,7 +541,7 @@ class Consumer extends LongKeyedMapper[Consumer] with CreatedUpdated{
     // because different databases treat unique indexes on NULL values differently.
     override def defaultValue = APIUtil.generateUUID() 
   }
-  object aud extends MappedString(this, 250) {
+  object aud extends MappedText(this) {
     override def defaultValue = null
   }  
   object iss extends MappedString(this, 250) {

From db98592214c20c563086fe2f26b979c1c057a887 Mon Sep 17 00:00:00 2001
From: hongwei <hongwei@tesobe.com>
Date: Tue, 5 Aug 2025 23:58:29 +0200
Subject: [PATCH 12/30] refactor/update RabbitMQConnectionPool to use typed
 GenericObjectPoolConfig and add commons-pool2 dependency

---
 obp-api/pom.xml                                     |  5 +++++
 .../rabbitmq/RabbitMQConnectionPool.scala           | 13 +++++--------
 2 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/obp-api/pom.xml b/obp-api/pom.xml
index 553a843c5..f2a4bd51b 100644
--- a/obp-api/pom.xml
+++ b/obp-api/pom.xml
@@ -184,6 +184,11 @@
       <artifactId>httpclient</artifactId>
       <version>4.5.13</version>
     </dependency>
+    <dependency>
+      <groupId>org.apache.commons</groupId>
+      <artifactId>commons-pool2</artifactId>
+      <version>2.11.1</version>
+    </dependency>
     <dependency>
       <groupId>org.eclipse.jetty</groupId>
       <artifactId>jetty-util</artifactId>
diff --git a/obp-api/src/main/scala/code/bankconnectors/rabbitmq/RabbitMQConnectionPool.scala b/obp-api/src/main/scala/code/bankconnectors/rabbitmq/RabbitMQConnectionPool.scala
index 501264a95..5e52d9227 100644
--- a/obp-api/src/main/scala/code/bankconnectors/rabbitmq/RabbitMQConnectionPool.scala
+++ b/obp-api/src/main/scala/code/bankconnectors/rabbitmq/RabbitMQConnectionPool.scala
@@ -2,14 +2,11 @@ package code.bankconnectors.rabbitmq
 
 
 
-import code.api.util.APIUtil
-import com.rabbitmq.client.{Connection, ConnectionFactory}
-import org.apache.commons.pool2.impl.{GenericObjectPool, GenericObjectPoolConfig}
-import org.apache.commons.pool2.BasePooledObjectFactory
-import org.apache.commons.pool2.PooledObject
-import org.apache.commons.pool2.impl.DefaultPooledObject
+import code.api.util.{APIUtil, ErrorMessages}
 import code.bankconnectors.rabbitmq.RabbitMQUtils._
-import code.api.util.ErrorMessages
+import com.rabbitmq.client.{Connection, ConnectionFactory}
+import org.apache.commons.pool2.{BasePooledObjectFactory, PooledObject}
+import org.apache.commons.pool2.impl.{DefaultPooledObject, GenericObjectPool, GenericObjectPoolConfig}
 
 class RabbitMQConnectionFactory extends BasePooledObjectFactory[Connection] {
   
@@ -59,7 +56,7 @@ class RabbitMQConnectionFactory extends BasePooledObjectFactory[Connection] {
 
 // Pool to manage RabbitMQ connections
 object RabbitMQConnectionPool {
-  private val poolConfig = new GenericObjectPoolConfig()
+  private val poolConfig = new GenericObjectPoolConfig[Connection]()
   poolConfig.setMaxTotal(5)           // Maximum number of connections
   poolConfig.setMinIdle(2)             // Minimum number of idle connections
   poolConfig.setMaxIdle(5)             // Maximum number of idle connections

From 8fc937a8ad35037dac05cf1f0814cef44399889e Mon Sep 17 00:00:00 2001
From: hongwei <hongwei@tesobe.com>
Date: Wed, 6 Aug 2025 12:55:41 +0200
Subject: [PATCH 13/30] refactor/remove testGmailConfig method from
 CommonsEmailWrapper to clean up unused code

---
 .../code/api/util/CommonsEmailWrapper.scala   | 34 -------------------
 1 file changed, 34 deletions(-)

diff --git a/obp-api/src/main/scala/code/api/util/CommonsEmailWrapper.scala b/obp-api/src/main/scala/code/api/util/CommonsEmailWrapper.scala
index e56e0ff73..27e486147 100644
--- a/obp-api/src/main/scala/code/api/util/CommonsEmailWrapper.scala
+++ b/obp-api/src/main/scala/code/api/util/CommonsEmailWrapper.scala
@@ -209,40 +209,6 @@ object CommonsEmailWrapper extends MdcLoggable {
     attachment
   }
 
-  /**
-   * Test Gmail configuration
-   */
-  def testGmailConfig(): Unit = {
-    val config = EmailConfig(
-      smtpHost = "smtp.gmail.com",
-      smtpPort = 587,
-      username = "zhw55wyl@gmail.com",
-      password = "yqmadztqynmasrpm",
-      useTLS = true,
-      debug = true
-    )
-
-    val content = EmailContent(
-      from = "zhw55wyl@gmail.com",
-      to = List("zhw110@hotmail.com"),
-      subject = "Test Apache Commons Email Wrapper",
-      textContent = Some("This is a test email sent using Apache Commons Email wrapper."),
-      htmlContent = Some("<html><body><h1>Test Email</h1><p>This is a test email sent using Apache Commons Email wrapper.</p></body></html>")
-    )
-
-    logger.info("Testing Gmail configuration with Apache Commons Email...")
-    
-    sendTextEmail(config, content) match {
-      case Full(messageId) => logger.info(s"Text email sent successfully: $messageId")
-      case Empty => logger.error("Failed to send text email")
-    }
-
-    sendHtmlEmail(config, content) match {
-      case Full(messageId) => logger.info(s"HTML email sent successfully: $messageId")
-      case Empty => logger.error("Failed to send HTML email")
-    }
-  }
-
   /**
    * Test MailHog configuration
    */

From c3504dea6e8a98dbdb261a45dd9168e8fe6bdb79 Mon Sep 17 00:00:00 2001
From: hongwei <hongwei@tesobe.com>
Date: Wed, 6 Aug 2025 13:25:40 +0200
Subject: [PATCH 14/30] refactor/used Apache Commons Email instead of LiftMail-
 step6

---
 .../build_container_develop_branch.yml        |  2 +-
 .../main/scala/bootstrap/liftweb/Boot.scala   | 23 ++++++------
 .../code/api/util/NotificationUtil.scala      | 17 +++++----
 .../bankconnectors/LocalMappedConnector.scala | 32 +++++++++++------
 .../code/snippet/ConsumerRegistration.scala   | 35 +++++++++----------
 5 files changed, 57 insertions(+), 52 deletions(-)

diff --git a/.github/workflows/build_container_develop_branch.yml b/.github/workflows/build_container_develop_branch.yml
index d3f355042..4400d8cd3 100644
--- a/.github/workflows/build_container_develop_branch.yml
+++ b/.github/workflows/build_container_develop_branch.yml
@@ -6,7 +6,7 @@ on:
   workflow_dispatch:
   push:
     branches:
-      - develop
+      - *
 
 env:
   ## Sets environment variable
diff --git a/obp-api/src/main/scala/bootstrap/liftweb/Boot.scala b/obp-api/src/main/scala/bootstrap/liftweb/Boot.scala
index 64dd6fc2c..9ae42172e 100644
--- a/obp-api/src/main/scala/bootstrap/liftweb/Boot.scala
+++ b/obp-api/src/main/scala/bootstrap/liftweb/Boot.scala
@@ -46,6 +46,7 @@ import code.api.util.ApiRole.CanCreateEntitlementAtAnyBank
 import code.api.util.ErrorMessages.MandatoryPropertyIsNotSet
 import code.api.util._
 import code.api.util.migration.Migration
+import code.api.util.CommonsEmailWrapper
 import code.api.util.migration.Migration.DbFunction
 import code.apicollection.ApiCollection
 import code.apicollectionendpoint.ApiCollectionEndpoint
@@ -692,10 +693,6 @@ class Boot extends MdcLoggable {
       case e: ExceptionInInitializerError => logger.warn(s"BankAccountCreationListener Exception: $e")
     }
 
-//    Mailer.devModeSend.default.set( (m : MimeMessage) => {
-//      logger.info("Would have sent email if not in dev mode: " + m.getContent)
-//    })
-    
     LiftRules.exceptionHandler.prepend{
       case(_, r, e) if e.isInstanceOf[NullPointerException] && e.getMessage.contains("Looking for Connection Identifier") => {
         logger.error(s"Exception being returned to browser when processing url is ${r.request.uri}, method is ${r.request.method}, exception detail is $e", e)
@@ -879,7 +876,7 @@ class Boot extends MdcLoggable {
   }
 
   private def sendExceptionEmail(exception: Throwable): Unit = {
-    import Mailer.{From, PlainMailBodyType, Subject, To}
+    
     import net.liftweb.util.Helpers.now
 
     val outputStream = new java.io.ByteArrayOutputStream
@@ -898,18 +895,18 @@ class Boot extends MdcLoggable {
 
       //technically doesn't work for all valid email addresses so this will mess up if someone tries to send emails to "foo,bar"@example.com
       val to = toAddressesString.split(",").toList
-      val toParams = to.map(To(_))
-      val params = PlainMailBodyType(error) :: toParams
 
-      //this is an async call
-      Mailer.sendMail(
-        From(from),
-        Subject(s"you got an exception on $host"),
-        params :_*
+      val emailContent = CommonsEmailWrapper.EmailContent(
+        from = from,
+        to = to,
+        subject = s"you got an exception on $host",
+        textContent = Some(error)
       )
+
+      //this is an async call∆∆
+      CommonsEmailWrapper.sendTextEmail(emailContent)
     }
 
-    //if Mailer.sendMail wasn't called (note: this actually isn't checking if the mail failed to send as that is being done asynchronously)
     if(mailSent.isEmpty)
       logger.warn(s"Exception notification failed: $mailSent")
   }
diff --git a/obp-api/src/main/scala/code/api/util/NotificationUtil.scala b/obp-api/src/main/scala/code/api/util/NotificationUtil.scala
index 8b8f95e4a..cc2e52160 100644
--- a/obp-api/src/main/scala/code/api/util/NotificationUtil.scala
+++ b/obp-api/src/main/scala/code/api/util/NotificationUtil.scala
@@ -6,8 +6,7 @@ import code.users.Users
 import code.util.Helper.MdcLoggable
 import com.openbankproject.commons.model.User
 import net.liftweb.common.Box
-import net.liftweb.util.Mailer
-import net.liftweb.util.Mailer._
+
 
 import scala.collection.immutable.List
 
@@ -27,14 +26,14 @@ object NotificationUtil extends MdcLoggable {
                                       |
                                       |Cheers
                                       |""".stripMargin
-      val params = PlainMailBodyType(bodyOfMessage) :: List(To(user.emailAddress))
-      val subjectOfMessage = "You have been granted the role"
-      //this is an async call
-      Mailer.sendMail(
-        From(from),
-        Subject(subjectOfMessage),
-        params :_*
+      val emailContent = CommonsEmailWrapper.EmailContent(
+        from = from,
+        to = List(user.emailAddress),
+        subject = s"You have been granted the role: ${entitlement.roleName}",
+        textContent = Some(bodyOfMessage)
       )
+      //this is an async call
+      CommonsEmailWrapper.sendTextEmail(emailContent)
     }
     if(mailSent.isEmpty) {
       val info =
diff --git a/obp-api/src/main/scala/code/bankconnectors/LocalMappedConnector.scala b/obp-api/src/main/scala/code/bankconnectors/LocalMappedConnector.scala
index 19fcd715f..8b121c586 100644
--- a/obp-api/src/main/scala/code/bankconnectors/LocalMappedConnector.scala
+++ b/obp-api/src/main/scala/code/bankconnectors/LocalMappedConnector.scala
@@ -79,8 +79,7 @@ import net.liftweb.json
 import net.liftweb.json.{JArray, JBool, JObject, JValue}
 import net.liftweb.mapper._
 import net.liftweb.util.Helpers.{hours, now, time, tryo}
-import net.liftweb.util.Mailer.{From, PlainMailBodyType, Subject, To}
-import net.liftweb.util.{Helpers, Mailer}
+import net.liftweb.util.Helpers
 import org.mindrot.jbcrypt.BCrypt
 import scalikejdbc.DB.CPContext
 import scalikejdbc.{ConnectionPool, ConnectionPoolSettings, MultipleConnectionPoolContext, DB => scalikeDB, _}
@@ -381,8 +380,13 @@ object LocalMappedConnector extends Connector with MdcLoggable {
         val hashedPassword = createHashedPassword(challengeAnswer)
         APIUtil.getEmailsByUserId(userId) map {
           pair =>
-            val params = PlainMailBodyType(s"Your OTP challenge : ${challengeAnswer}") :: List(To(pair._2))
-            Mailer.sendMail(From("challenge@tesobe.com"), Subject("Challenge"), params: _*)
+            val emailContent = CommonsEmailWrapper.EmailContent(
+              from = "challenge@tesobe.com",
+              to = List(pair._2),
+              subject = "Challenge",
+              textContent = Some(s"Your OTP challenge : ${challengeAnswer}")
+            )
+            CommonsEmailWrapper.sendTextEmail(emailContent)
         }
         hashedPassword
       case Some(StrongCustomerAuthentication.SMS) | Some(StrongCustomerAuthentication.SMS_OTP) =>
@@ -5183,12 +5187,13 @@ object LocalMappedConnector extends Connector with MdcLoggable {
       _ <- Future{
         scaMethod match {
           case v if v == StrongCustomerAuthentication.EMAIL.toString => // Send the email
-            val params = PlainMailBodyType(userAuthContextUpdate.challenge) :: List(To(customer.email))
-            Mailer.sendMail(
-            From("challenge@tesobe.com"),
-            Subject("Challenge request"),
-            params :_*
+            val emailContent = CommonsEmailWrapper.EmailContent(
+              from = "challenge@tesobe.com",
+              to = List(customer.email),
+              subject = "Challenge request",
+              textContent = Some(userAuthContextUpdate.challenge)
             )
+            CommonsEmailWrapper.sendTextEmail(emailContent)
           case v if v == StrongCustomerAuthentication.SMS.toString => // Not implemented
           case _ => // Not handled
         }
@@ -5209,8 +5214,13 @@ object LocalMappedConnector extends Connector with MdcLoggable {
     callContext: Option[CallContext]
   ): OBPReturnType[Box[String]] = {
     if (scaMethod == StrongCustomerAuthentication.EMAIL){ // Send the email
-      val params = PlainMailBodyType(message) :: List(To(recipient))
-      Mailer.sendMail(From("challenge@tesobe.com"), Subject("OBP Consent Challenge"), params :_*)
+      val emailContent = CommonsEmailWrapper.EmailContent(
+        from = "challenge@tesobe.com",
+        to = List(recipient),
+        subject = "OBP Consent Challenge",
+        textContent = Some(message)
+      )
+      CommonsEmailWrapper.sendTextEmail(emailContent)
       Future{(Full("Success"), callContext)}
     } else if (scaMethod == StrongCustomerAuthentication.SMS){ // Send the SMS
       for {
diff --git a/obp-api/src/main/scala/code/snippet/ConsumerRegistration.scala b/obp-api/src/main/scala/code/snippet/ConsumerRegistration.scala
index 0e25cf923..b79da7d55 100644
--- a/obp-api/src/main/scala/code/snippet/ConsumerRegistration.scala
+++ b/obp-api/src/main/scala/code/snippet/ConsumerRegistration.scala
@@ -28,7 +28,7 @@ package code.snippet
 
 import java.util
 import code.api.{Constant, DirectLogin}
-import code.api.util.{APIUtil, ErrorMessages, KeycloakAdmin, X509}
+import code.api.util.{APIUtil, ErrorMessages, KeycloakAdmin, X509, CommonsEmailWrapper}
 import code.consumer.Consumers
 import code.model.dataAccess.AuthUser
 import code.model.{Consumer, _}
@@ -424,18 +424,19 @@ class ConsumerRegistration extends MdcLoggable {
         s"Direct Login Documentation: ${oauthDocumentationUrl} \n" +
         s"$registrationMoreInfoText: $registrationMoreInfoUrl"
 
-      val params = PlainMailBodyType(registrationMessage) :: List(To(registered.developerEmail.get))
-
       val webuiRegisterConsumerSuccessMssageEmail : String = getWebUiPropsValue(
         "webui_register_consumer_success_message_email", 
         "Thank you for registering to use the Open Bank Project API.") 
 
-      //this is an async call
-      Mailer.sendMail(
-        From(from),
-        Subject(webuiRegisterConsumerSuccessMssageEmail),
-        params :_*
+      val emailContent = CommonsEmailWrapper.EmailContent(
+        from = from,
+        to = List(registered.developerEmail.get),
+        subject = webuiRegisterConsumerSuccessMssageEmail,
+        textContent = Some(registrationMessage)
       )
+
+      //this is an async call
+      CommonsEmailWrapper.sendTextEmail(emailContent)
     }
 
     if(mailSent.isEmpty)
@@ -445,8 +446,6 @@ class ConsumerRegistration extends MdcLoggable {
 
   // This is to let the system administrators / API managers know that someone has registered a consumer key.
   def notifyRegistrationOccurred(registered : Consumer) = {
-    import net.liftweb.util.Mailer
-    import net.liftweb.util.Mailer._
 
     val mailSent = for {
       // e.g mail.api.consumer.registered.sender.address=no-reply@example.com
@@ -465,18 +464,18 @@ class ConsumerRegistration extends MdcLoggable {
 
       //technically doesn't work for all valid email addresses so this will mess up if someone tries to send emails to "foo,bar"@example.com
       val to = toAddressesString.split(",").toList
-      val toParams = to.map(To(_))
-      val params = PlainMailBodyType(registrationMessage) :: toParams
+
+      val emailContent = CommonsEmailWrapper.EmailContent(
+        from = from,
+        to = to,
+        subject = s"New API user registered on $thisApiInstance",
+        textContent = Some(registrationMessage)
+      )
 
       //this is an async call
-      Mailer.sendMail(
-        From(from),
-        Subject(s"New API user registered on $thisApiInstance"),
-        params :_*
-      )
+      CommonsEmailWrapper.sendTextEmail(emailContent)
     }
 
-    //if Mailer.sendMail wasn't called (note: this actually isn't checking if the mail failed to send as that is being done asynchronously)
     if(mailSent.isEmpty)
       this.logger.warn(s"API consumer registration failed: $mailSent")
 

From 61bb51dfeba97be9773223cc726075d97d419706 Mon Sep 17 00:00:00 2001
From: hongwei <hongwei@tesobe.com>
Date: Wed, 6 Aug 2025 13:27:19 +0200
Subject: [PATCH 15/30] refactor/update branch pattern in
 build_container_develop_branch.yml to use double asterisks

---
 .github/workflows/build_container_develop_branch.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/build_container_develop_branch.yml b/.github/workflows/build_container_develop_branch.yml
index 4400d8cd3..5d772da82 100644
--- a/.github/workflows/build_container_develop_branch.yml
+++ b/.github/workflows/build_container_develop_branch.yml
@@ -6,7 +6,7 @@ on:
   workflow_dispatch:
   push:
     branches:
-      - *
+      - '**'
 
 env:
   ## Sets environment variable

From e8890602270d47331b08055555242e8b843f4611 Mon Sep 17 00:00:00 2001
From: hongwei <hongwei@tesobe.com>
Date: Wed, 6 Aug 2025 13:31:05 +0200
Subject: [PATCH 16/30] refactor/update branch pattern in
 build_container_develop_branch.yml to restrict to develop branch

---
 .github/workflows/build_container_develop_branch.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/build_container_develop_branch.yml b/.github/workflows/build_container_develop_branch.yml
index 5d772da82..d3f355042 100644
--- a/.github/workflows/build_container_develop_branch.yml
+++ b/.github/workflows/build_container_develop_branch.yml
@@ -6,7 +6,7 @@ on:
   workflow_dispatch:
   push:
     branches:
-      - '**'
+      - develop
 
 env:
   ## Sets environment variable

From d282d266f85a10a4c9e647f11de0dbd9a3bf5caf Mon Sep 17 00:00:00 2001
From: hongwei <hongwei@tesobe.com>
Date: Wed, 6 Aug 2025 14:34:20 +0200
Subject: [PATCH 17/30] refactor/used Apache Commons Email instead of LiftMail-
 step7

---
 .../resources/props/sample.props.template     | 74 ++++++++++++++++---
 1 file changed, 62 insertions(+), 12 deletions(-)

diff --git a/obp-api/src/main/resources/props/sample.props.template b/obp-api/src/main/resources/props/sample.props.template
index 6560b0a12..639b2e72c 100644
--- a/obp-api/src/main/resources/props/sample.props.template
+++ b/obp-api/src/main/resources/props/sample.props.template
@@ -270,20 +270,70 @@ dev.port=8080
 #Default value is obp (very highly recomended)
 apiPathZero=obp
 
-## Sending mail out
-## Not need in dev mode, but important for production
-mail.api.consumer.registered.sender.address=no-reply@example.com
-mail.api.consumer.registered.notification.addresses=you@example.com
-## Not need in dev mode, but important for production
-## We send an email after any exception
-# mail.exception.sender.address=no-reply@example.com
-# mail.exception.registered.notification.addresses=notify@example.com,notify2@example.com,notify3@example.com
-# This property allows sending API registration data to developer's email.
-#mail.api.consumer.registered.notification.send=false
-We only send consumer keys and secret if this is true
-#mail.api.consumer.registered.notification.send.sensistive=false
+## Email Configuration (CommonsEmailWrapper)
+## ===========================================
+## 
+## This section configures email sending using CommonsEmailWrapper instead of Lift Mailer.
+## All email functionality (password reset, validation, notifications) now uses these settings.
+##
+## SMTP Server Configuration
+## -------------------------
+## Basic SMTP settings
 mail.smtp.host=127.0.0.1
 mail.smtp.port=25
+mail.smtp.auth=false
+mail.smtp.user=
+mail.smtp.password=
+
+## TLS/SSL Configuration
+## ---------------------
+## Enable STARTTLS (recommended for most SMTP servers)
+mail.smtp.starttls.enable=false
+## Enable SSL (use with port 465)
+mail.smtp.ssl.enable=false
+## TLS protocols to use (recommended: TLSv1.2)
+mail.smtp.ssl.protocols=TLSv1.2
+## Trust all certificates (for development only)
+#mail.smtp.ssl.trust=*
+
+## Debug Configuration
+## ------------------
+## Enable email debugging (shows SMTP communication)
+mail.debug=false
+
+## Email Sender Configuration
+## -------------------------
+## Default sender address for all emails
+mail.users.userinfo.sender.address=no-reply@example.com
+
+## Consumer Registration Email
+## --------------------------
+## Enable/disable consumer registration notifications
+mail.api.consumer.registered.notification.send=false
+## Sender address for consumer registration emails
+mail.api.consumer.registered.sender.address=no-reply@example.com
+## Recipient addresses for consumer registration notifications (comma-separated)
+mail.api.consumer.registered.notification.addresses=you@example.com
+## Send sensitive information (consumer keys/secrets) via email
+mail.api.consumer.registered.notification.send.sensistive=false
+
+## Exception Notification Email
+## ---------------------------
+## Sender address for exception notifications
+mail.exception.sender.address=no-reply@example.com
+## Recipient addresses for exception notifications (comma-separated)
+mail.exception.registered.notification.addresses=notify@example.com,notify2@example.com,notify3@example.com
+
+## Tesobe Mail Server:
+## mail.smtp.host=mail.tesobe.com
+## mail.smtp.port=25
+## mail.smtp.auth=true
+## mail.smtp.user=your-email@tesobe.com
+## mail.smtp.password=your-password
+## mail.smtp.starttls.enable=true
+## mail.smtp.ssl.enable=false
+## mail.smtp.ssl.protocols=TLSv1.2
+
 
 ## Oauth token timeout
 token_expiration_weeks=4

From 3161b5f3efe14bddf2c665431ef597ff0ea864f0 Mon Sep 17 00:00:00 2001
From: hongwei <hongwei@tesobe.com>
Date: Wed, 6 Aug 2025 14:39:49 +0200
Subject: [PATCH 18/30] refactor/used Apache Commons Email instead of LiftMail-
 step8

---
 release_notes.md | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/release_notes.md b/release_notes.md
index 373143b9b..03a17f3ed 100644
--- a/release_notes.md
+++ b/release_notes.md
@@ -3,6 +3,20 @@
 ### Most recent changes at top of file
 ```
 Date          Commit        Action
+04/08/2025    d282d266      Enhanced Email Configuration with CommonsEmailWrapper
+                            Replaced Lift Mailer with Apache Commons Email for improved email functionality.
+                            Added comprehensive SMTP configuration options:
+                            - mail.smtp.auth (authentication support)
+                            - mail.smtp.user (SMTP username)
+                            - mail.smtp.password (SMTP password)
+                            - mail.smtp.starttls.enable (STARTTLS support)
+                            - mail.smtp.ssl.enable (SSL support)
+                            - mail.smtp.ssl.protocols (TLS protocol selection)
+                            - mail.smtp.ssl.trust (certificate trust options)
+                            - mail.debug (SMTP debugging)
+                            - mail.users.userinfo.sender.address (default sender)
+                            Added configuration examples forTesobe mail servers.
+                            All email functionality (password reset, validation, notifications) now uses CommonsEmailWrapper.
 25/06/2025    e49ebb4f      Added props BG_remove_sign_of_amounts, default is false.
                             If set to true, the sign of amounts will be removed in the BGv1.3 getTransaction endpoints. 
 17/03/2025    166e4f2a      Removed Kafka commits: 166e4f2a,7f24802e,6f0a3b53,f22763c3,

From 81a54f51794e0711c6d6c748bbedfa517c6da6ed Mon Sep 17 00:00:00 2001
From: hongwei <hongwei@tesobe.com>
Date: Wed, 6 Aug 2025 17:09:10 +0200
Subject: [PATCH 19/30] refactor/remove commented-out Tesobe Mail Server
 configuration from sample.props.template

---
 .../src/main/resources/props/sample.props.template    | 11 -----------
 1 file changed, 11 deletions(-)

diff --git a/obp-api/src/main/resources/props/sample.props.template b/obp-api/src/main/resources/props/sample.props.template
index 639b2e72c..e430d6553 100644
--- a/obp-api/src/main/resources/props/sample.props.template
+++ b/obp-api/src/main/resources/props/sample.props.template
@@ -324,17 +324,6 @@ mail.exception.sender.address=no-reply@example.com
 ## Recipient addresses for exception notifications (comma-separated)
 mail.exception.registered.notification.addresses=notify@example.com,notify2@example.com,notify3@example.com
 
-## Tesobe Mail Server:
-## mail.smtp.host=mail.tesobe.com
-## mail.smtp.port=25
-## mail.smtp.auth=true
-## mail.smtp.user=your-email@tesobe.com
-## mail.smtp.password=your-password
-## mail.smtp.starttls.enable=true
-## mail.smtp.ssl.enable=false
-## mail.smtp.ssl.protocols=TLSv1.2
-
-
 ## Oauth token timeout
 token_expiration_weeks=4
 

From 16e74f6089300c22331c0776a6dc41531636a077 Mon Sep 17 00:00:00 2001
From: hongwei <hongwei@tesobe.com>
Date: Wed, 6 Aug 2025 17:17:04 +0200
Subject: [PATCH 20/30] refactor/update email sender address in
 LocalMappedConnector to use dynamic configuration

---
 .../scala/code/bankconnectors/LocalMappedConnector.scala    | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/obp-api/src/main/scala/code/bankconnectors/LocalMappedConnector.scala b/obp-api/src/main/scala/code/bankconnectors/LocalMappedConnector.scala
index 8b121c586..8c112f5ee 100644
--- a/obp-api/src/main/scala/code/bankconnectors/LocalMappedConnector.scala
+++ b/obp-api/src/main/scala/code/bankconnectors/LocalMappedConnector.scala
@@ -381,7 +381,7 @@ object LocalMappedConnector extends Connector with MdcLoggable {
         APIUtil.getEmailsByUserId(userId) map {
           pair =>
             val emailContent = CommonsEmailWrapper.EmailContent(
-              from = "challenge@tesobe.com",
+              from = mailUsersUserinfoSenderAddress,
               to = List(pair._2),
               subject = "Challenge",
               textContent = Some(s"Your OTP challenge : ${challengeAnswer}")
@@ -5188,7 +5188,7 @@ object LocalMappedConnector extends Connector with MdcLoggable {
         scaMethod match {
           case v if v == StrongCustomerAuthentication.EMAIL.toString => // Send the email
             val emailContent = CommonsEmailWrapper.EmailContent(
-              from = "challenge@tesobe.com",
+              from = mailUsersUserinfoSenderAddress,
               to = List(customer.email),
               subject = "Challenge request",
               textContent = Some(userAuthContextUpdate.challenge)
@@ -5215,7 +5215,7 @@ object LocalMappedConnector extends Connector with MdcLoggable {
   ): OBPReturnType[Box[String]] = {
     if (scaMethod == StrongCustomerAuthentication.EMAIL){ // Send the email
       val emailContent = CommonsEmailWrapper.EmailContent(
-        from = "challenge@tesobe.com",
+        from = mailUsersUserinfoSenderAddress,
         to = List(recipient),
         subject = "OBP Consent Challenge",
         textContent = Some(message)

From 80d09907c213ad06c0f843d1cc0d19ab621799a6 Mon Sep 17 00:00:00 2001
From: hongwei <hongwei@tesobe.com>
Date: Wed, 6 Aug 2025 17:20:17 +0200
Subject: [PATCH 21/30] refactor/remove testMailHogConfig method from
 CommonsEmailWrapper to clean up unused code

---
 .../code/api/util/CommonsEmailWrapper.scala   | 27 -------------------
 1 file changed, 27 deletions(-)

diff --git a/obp-api/src/main/scala/code/api/util/CommonsEmailWrapper.scala b/obp-api/src/main/scala/code/api/util/CommonsEmailWrapper.scala
index 27e486147..3b57e9747 100644
--- a/obp-api/src/main/scala/code/api/util/CommonsEmailWrapper.scala
+++ b/obp-api/src/main/scala/code/api/util/CommonsEmailWrapper.scala
@@ -209,31 +209,4 @@ object CommonsEmailWrapper extends MdcLoggable {
     attachment
   }
 
-  /**
-   * Test MailHog configuration
-   */
-  def testMailHogConfig(): Unit = {
-    val config = EmailConfig(
-      smtpHost = "localhost",
-      smtpPort = 1025,
-      username = "",
-      password = "",
-      useTLS = false,
-      debug = true
-    )
-
-    val content = EmailContent(
-      from = "test@localhost",
-      to = List("receive@mailhog.local"),
-      subject = "Test MailHog with Apache Commons Email",
-      textContent = Some("This is a test email sent to MailHog using Apache Commons Email wrapper.")
-    )
-
-    logger.info("Testing MailHog configuration with Apache Commons Email...")
-    
-    sendTextEmail(config, content) match {
-      case Full(messageId) => logger.info(s"MailHog email sent successfully: $messageId")
-      case Empty => logger.error("Failed to send MailHog email")
-    }
-  }
 } 
\ No newline at end of file

From 01e601a87faaac454615f0e9b5e65658a4049417 Mon Sep 17 00:00:00 2001
From: hongwei <hongwei@tesobe.com>
Date: Wed, 6 Aug 2025 17:53:56 +0200
Subject: [PATCH 22/30] refactor/update import statement for
 CannotCompileException to use javassist package

---
 obp-api/src/main/scala/code/api/util/APIUtil.scala | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/obp-api/src/main/scala/code/api/util/APIUtil.scala b/obp-api/src/main/scala/code/api/util/APIUtil.scala
index db5049469..141538a1b 100644
--- a/obp-api/src/main/scala/code/api/util/APIUtil.scala
+++ b/obp-api/src/main/scala/code/api/util/APIUtil.scala
@@ -71,7 +71,7 @@ import code.util.{Helper, JsonSchemaUtil}
 import code.views.system.AccountAccess
 import code.views.{MapperViews, Views}
 import code.webuiprops.MappedWebUiPropsProvider.getWebUiPropsValue
-import com.alibaba.ttl.internal.javassist.CannotCompileException
+import javassist.CannotCompileException
 import com.github.dwickern.macros.NameOf.{nameOf, nameOfType}
 import com.openbankproject.commons.ExecutionContext.Implicits.global
 import com.openbankproject.commons.model._

From 3dddae39749ceac04909e3a5819be6ba2e81d387 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marko=20Mili=C4=87?= <marko@tesobe.com>
Date: Thu, 7 Aug 2025 17:22:46 +0200
Subject: [PATCH 23/30] feature/Add more debug information

---
 obp-api/src/main/scala/code/api/util/APIUtil.scala     | 2 ++
 obp-api/src/main/scala/code/api/util/ConsentUtil.scala | 1 +
 2 files changed, 3 insertions(+)

diff --git a/obp-api/src/main/scala/code/api/util/APIUtil.scala b/obp-api/src/main/scala/code/api/util/APIUtil.scala
index db5049469..6a82893e6 100644
--- a/obp-api/src/main/scala/code/api/util/APIUtil.scala
+++ b/obp-api/src/main/scala/code/api/util/APIUtil.scala
@@ -3020,6 +3020,7 @@ object APIUtil extends MdcLoggable with CustomJsonFormats{
 
     // Identify consumer via certificate
     val consumerByCertificate = Consent.getCurrentConsumerViaTppSignatureCertOrMtls(callContext = cc)
+    logger.debug(s"consumerByCertificate: $consumerByCertificate")
     val method = APIUtil.getPropsValue(nameOfProperty = "consumer_validation_method_for_consent", defaultValue = "CONSUMER_CERTIFICATE")
     val consumerByConsumerKey = getConsumerKey(reqHeaders) match {
       case Some(consumerKey) if method == "CONSUMER_KEY_VALUE" =>
@@ -3027,6 +3028,7 @@ object APIUtil extends MdcLoggable with CustomJsonFormats{
       case None =>
         Empty
     }
+    logger.debug(s"consumerByConsumerKey: $consumerByConsumerKey")
 
     val res =
       if (authHeadersWithEmptyValues.nonEmpty) { // Check Authorization Headers Empty Values
diff --git a/obp-api/src/main/scala/code/api/util/ConsentUtil.scala b/obp-api/src/main/scala/code/api/util/ConsentUtil.scala
index cad5fa3c2..937c892de 100644
--- a/obp-api/src/main/scala/code/api/util/ConsentUtil.scala
+++ b/obp-api/src/main/scala/code/api/util/ConsentUtil.scala
@@ -238,6 +238,7 @@ object Consent extends MdcLoggable {
 
   private def tppIsConsentHolder(consumerIdFromConsent: String, callContext: CallContext): Boolean = {
     val consumerIdFromCurrentCall = callContext.consumer.map(_.consumerId.get).orNull
+    logger.debug(s"consumerIdFromConsent == consumerIdFromCurrentCall ($consumerIdFromConsent == $consumerIdFromCurrentCall)")
     consumerIdFromConsent == consumerIdFromCurrentCall
   }
 

From 7fb61717c2715c94f4a31b497081be4630c3f8c8 Mon Sep 17 00:00:00 2001
From: hongwei <hongwei@tesobe.com>
Date: Thu, 7 Aug 2025 23:20:37 +0200
Subject: [PATCH 24/30] refactor/update dependencies to exclude
 javax.activation and clean up code

---
 obp-api/pom.xml                                 | 17 ++++++++++++++++-
 .../scala/code/model/dataAccess/AuthUser.scala  |  1 -
 obp-commons/pom.xml                             | 10 ++++++++++
 3 files changed, 26 insertions(+), 2 deletions(-)

diff --git a/obp-api/pom.xml b/obp-api/pom.xml
index f2a4bd51b..867840a7c 100644
--- a/obp-api/pom.xml
+++ b/obp-api/pom.xml
@@ -101,7 +101,6 @@
       <artifactId>commons-text</artifactId>
       <version>1.10.0</version>
     </dependency>
-    <!-- https://mvnrepository.com/artifact/org.apache.commons/commons-email -->
     <dependency>
       <groupId>org.apache.commons</groupId>
       <artifactId>commons-email</artifactId>
@@ -408,6 +407,12 @@
       <groupId>org.asynchttpclient</groupId>
       <artifactId>async-http-client</artifactId>
       <version>2.10.4</version>
+        <exclusions>
+            <exclusion>
+                <artifactId>javax.activation</artifactId>
+                <groupId>com.sun.activation</groupId>
+            </exclusion>
+        </exclusions>
     </dependency>
     <!-- grpc related end-->
 
@@ -416,6 +421,16 @@
       <groupId>org.scalikejdbc</groupId>
       <artifactId>scalikejdbc_${scala.version}</artifactId>
       <version>3.4.0</version>
+      <exclusions>
+        <exclusion>
+          <groupId>com.sun.activation</groupId>
+          <artifactId>javax.activation</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>javax.activation</groupId>
+          <artifactId>activation</artifactId>
+        </exclusion>
+      </exclusions>
     </dependency>
     <dependency>
       <groupId>com.microsoft.sqlserver</groupId>
diff --git a/obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala b/obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala
index daed89179..fa21830e2 100644
--- a/obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala
+++ b/obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala
@@ -597,7 +597,6 @@ import net.liftweb.util.Helpers._
         val resetPasswordLinkProps = Constant.HostName
         val resetPasswordLink = APIUtil.getPropsValue("portal_hostname", resetPasswordLinkProps)+
           passwordResetPath.mkString("/", "/", "/")+urlEncode(u.getUniqueId())
-        logger.error("222222222222222222222222222222222222222444:"+classOf[javax.activation.DataSource].getProtectionDomain.getCodeSource)
         // Use Apache Commons Email wrapper instead of Lift Mailer
         val emailBodies = generateResetEmailBodies(u, resetPasswordLink)
         
diff --git a/obp-commons/pom.xml b/obp-commons/pom.xml
index c7f68bad4..b41909faf 100644
--- a/obp-commons/pom.xml
+++ b/obp-commons/pom.xml
@@ -29,6 +29,16 @@
         <dependency>
             <groupId>net.liftweb</groupId>
             <artifactId>lift-util_${scala.version}</artifactId>
+            <exclusions>
+                <exclusion>
+                    <groupId>javax.activation</groupId>
+                    <artifactId>activation</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>javax.mail</groupId>
+                    <artifactId>mail</artifactId>
+                </exclusion>
+            </exclusions>
         </dependency>
         <dependency>
             <groupId>net.liftweb</groupId>

From 328975f436884a2e8289c9c94ea99183686434a6 Mon Sep 17 00:00:00 2001
From: hongwei <hongwei@tesobe.com>
Date: Thu, 7 Aug 2025 23:20:48 +0200
Subject: [PATCH 25/30] refactor/update logging level in CommonsEmailWrapper to
 debug for email sending operations

---
 .../scala/code/api/util/CommonsEmailWrapper.scala  | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/obp-api/src/main/scala/code/api/util/CommonsEmailWrapper.scala b/obp-api/src/main/scala/code/api/util/CommonsEmailWrapper.scala
index 3b57e9747..d83657110 100644
--- a/obp-api/src/main/scala/code/api/util/CommonsEmailWrapper.scala
+++ b/obp-api/src/main/scala/code/api/util/CommonsEmailWrapper.scala
@@ -79,11 +79,11 @@ object CommonsEmailWrapper extends MdcLoggable {
   }
 
   /**
-   * Send simple text email
+   * Send a simple text email
    */
   def sendTextEmail(config: EmailConfig, content: EmailContent): Box[String] = {
     try {
-      logger.info(s"Sending text email from ${content.from} to ${content.to.mkString(", ")}")
+      logger.debug(s"Sending text email from ${content.from} to ${content.to.mkString(", ")}")
       
       val email = new SimpleEmail()
       configureEmail(email, config, content)
@@ -95,7 +95,7 @@ object CommonsEmailWrapper extends MdcLoggable {
       }
       
       val messageId = email.send()
-      logger.info(s"Email sent successfully with Message-ID: $messageId")
+      logger.debug(s"Email sent successfully with Message-ID: $messageId")
       Full(messageId)
     } catch {
       case e: Exception =>
@@ -109,7 +109,7 @@ object CommonsEmailWrapper extends MdcLoggable {
    */
   def sendHtmlEmail(config: EmailConfig, content: EmailContent): Box[String] = {
     try {
-      logger.info(s"Sending HTML email from ${content.from} to ${content.to.mkString(", ")}")
+      logger.debug(s"Sending HTML email from ${content.from} to ${content.to.mkString(", ")}")
       
       val email = new HtmlEmail()
       configureEmail(email, config, content)
@@ -124,7 +124,7 @@ object CommonsEmailWrapper extends MdcLoggable {
       content.textContent.foreach(email.setTextMsg)
       
       val messageId = email.send()
-      logger.info(s"HTML email sent successfully with Message-ID: $messageId")
+      logger.debug(s"HTML email sent successfully with Message-ID: $messageId")
       Full(messageId)
     } catch {
       case e: Exception =>
@@ -138,7 +138,7 @@ object CommonsEmailWrapper extends MdcLoggable {
    */
   def sendEmailWithAttachments(config: EmailConfig, content: EmailContent): Box[String] = {
     try {
-      logger.info(s"Sending email with attachments from ${content.from} to ${content.to.mkString(", ")}")
+      logger.debug(s"Sending email with attachments from ${content.from} to ${content.to.mkString(", ")}")
       
       val email = new MultiPartEmail()
       configureEmail(email, config, content)
@@ -150,7 +150,7 @@ object CommonsEmailWrapper extends MdcLoggable {
       content.attachments.foreach(email.attach)
       
       val messageId = email.send()
-      logger.info(s"Email with attachments sent successfully with Message-ID: $messageId")
+      logger.debug(s"Email with attachments sent successfully with Message-ID: $messageId")
       Full(messageId)
     } catch {
       case e: Exception =>

From a141dca5a7990171f48779cf2eaeec1499e011b8 Mon Sep 17 00:00:00 2001
From: hongwei <hongwei@tesobe.com>
Date: Fri, 8 Aug 2025 00:36:07 +0200
Subject: [PATCH 26/30] refactor/used jakarta Email instead of Apache Commons
 Email - step9

---
 obp-api/pom.xml                               |  15 +-
 .../code/api/util/CommonsEmailWrapper.scala   | 215 ++++++++----------
 2 files changed, 108 insertions(+), 122 deletions(-)

diff --git a/obp-api/pom.xml b/obp-api/pom.xml
index 867840a7c..9955f4ad7 100644
--- a/obp-api/pom.xml
+++ b/obp-api/pom.xml
@@ -101,11 +101,6 @@
       <artifactId>commons-text</artifactId>
       <version>1.10.0</version>
     </dependency>
-    <dependency>
-      <groupId>org.apache.commons</groupId>
-      <artifactId>commons-email</artifactId>
-      <version>1.5</version>
-    </dependency>
     <dependency>
       <groupId>org.postgresql</groupId>
       <artifactId>postgresql</artifactId>
@@ -524,6 +519,16 @@
       <scope>test</scope>
     </dependency>
 
+    <dependency>
+        <groupId>com.sun.mail</groupId>
+        <artifactId>jakarta.mail</artifactId>
+        <version>2.0.1</version>
+    </dependency>
+    <dependency>
+        <groupId>jakarta.activation</groupId>
+        <artifactId>jakarta.activation-api</artifactId>
+        <version>2.0.1</version>
+    </dependency>
     <dependency>
       <groupId>com.sun.activation</groupId>
       <artifactId>jakarta.activation</artifactId>
diff --git a/obp-api/src/main/scala/code/api/util/CommonsEmailWrapper.scala b/obp-api/src/main/scala/code/api/util/CommonsEmailWrapper.scala
index d83657110..f4cf89b56 100644
--- a/obp-api/src/main/scala/code/api/util/CommonsEmailWrapper.scala
+++ b/obp-api/src/main/scala/code/api/util/CommonsEmailWrapper.scala
@@ -1,21 +1,21 @@
 package code.api.util
 
 import code.util.Helper.MdcLoggable
+import jakarta.activation.{DataHandler, FileDataSource, URLDataSource}
+import jakarta.mail._
+import jakarta.mail.internet._
 import net.liftweb.common.{Box, Empty, Full}
-import org.apache.commons.mail._
 
+import java.io.File
 import java.net.URL
+import java.util.Properties
 
 /**
- * Apache Commons Email Wrapper for OBP-API
- * This wrapper provides a simple interface to send emails using Apache Commons Email
- * instead of Lift Web's Mailer
+ * Jakarta Mail Wrapper for OBP-API
+ * This wrapper provides a simple interface to send emails using Jakarta Mail
  */
 object CommonsEmailWrapper extends MdcLoggable {
 
-  /**
-   * Email configuration case class
-   */
   case class EmailConfig(
     smtpHost: String,
     smtpPort: Int,
@@ -24,12 +24,9 @@ object CommonsEmailWrapper extends MdcLoggable {
     useTLS: Boolean = true,
     useSSL: Boolean = false,
     debug: Boolean = false,
-    tlsProtocols: String = "TLSv1.2"  // TLS protocols to use
+    tlsProtocols: String = "TLSv1.2"
   )
 
-  /**
-   * Email content case class
-   */
   case class EmailContent(
     from: String,
     to: List[String],
@@ -41,9 +38,12 @@ object CommonsEmailWrapper extends MdcLoggable {
     attachments: List[EmailAttachment] = List.empty
   )
 
-  /**
-   * Get default email configuration from OBP-API properties
-   */
+  case class EmailAttachment(
+    filePath: Option[String] = None,
+    url: Option[String] = None,
+    name: Option[String] = None
+  )
+
   def getDefaultEmailConfig(): EmailConfig = {
     EmailConfig(
       smtpHost = APIUtil.getPropsValue("mail.smtp.host", "localhost"),
@@ -57,46 +57,27 @@ object CommonsEmailWrapper extends MdcLoggable {
     )
   }
 
-  /**
-   * Send simple text email with default configuration
-   */
   def sendTextEmail(content: EmailContent): Box[String] = {
     sendTextEmail(getDefaultEmailConfig(), content)
   }
 
-  /**
-   * Send HTML email with default configuration
-   */
   def sendHtmlEmail(content: EmailContent): Box[String] = {
     sendHtmlEmail(getDefaultEmailConfig(), content)
   }
 
-  /**
-   * Send email with attachments using default configuration
-   */
   def sendEmailWithAttachments(content: EmailContent): Box[String] = {
     sendEmailWithAttachments(getDefaultEmailConfig(), content)
   }
 
-  /**
-   * Send a simple text email
-   */
   def sendTextEmail(config: EmailConfig, content: EmailContent): Box[String] = {
     try {
       logger.debug(s"Sending text email from ${content.from} to ${content.to.mkString(", ")}")
-      
-      val email = new SimpleEmail()
-      configureEmail(email, config, content)
-      
-      // Set text content
-      content.textContent match {
-        case Some(text) => email.setMsg(text)
-        case None => email.setMsg("")
-      }
-      
-      val messageId = email.send()
-      logger.debug(s"Email sent successfully with Message-ID: $messageId")
-      Full(messageId)
+      val session = createSession(config)
+      val message = new MimeMessage(session)
+      setCommonHeaders(message, content)
+      message.setText(content.textContent.getOrElse(""), "UTF-8")
+      Transport.send(message)
+      Full(message.getMessageID)
     } catch {
       case e: Exception =>
         logger.error(s"Failed to send text email: ${e.getMessage}", e)
@@ -104,28 +85,28 @@ object CommonsEmailWrapper extends MdcLoggable {
     }
   }
 
-  /**
-   * Send HTML email
-   */
   def sendHtmlEmail(config: EmailConfig, content: EmailContent): Box[String] = {
     try {
       logger.debug(s"Sending HTML email from ${content.from} to ${content.to.mkString(", ")}")
-      
-      val email = new HtmlEmail()
-      configureEmail(email, config, content)
-      
-      // Set HTML content
-      content.htmlContent match {
-        case Some(html) => email.setHtmlMsg(html)
-        case None => email.setHtmlMsg("<html><body>No content</body></html>")
+      val session = createSession(config)
+      val message = new MimeMessage(session)
+      setCommonHeaders(message, content)
+      val multipart = {
+        new MimeMultipart("alternative")
       }
-      
-      // Set text content as fallback
-      content.textContent.foreach(email.setTextMsg)
-      
-      val messageId = email.send()
-      logger.debug(s"HTML email sent successfully with Message-ID: $messageId")
-      Full(messageId)
+      content.textContent.foreach { text =>
+        val textPart = new MimeBodyPart()
+        textPart.setText(text, "UTF-8")
+        multipart.addBodyPart(textPart)
+      }
+      content.htmlContent.foreach { html =>
+        val htmlPart = new MimeBodyPart()
+        htmlPart.setContent(html, "text/html; charset=UTF-8")
+        multipart.addBodyPart(htmlPart)
+      }
+      message.setContent(multipart)
+      Transport.send(message)
+      Full(message.getMessageID)
     } catch {
       case e: Exception =>
         logger.error(s"Failed to send HTML email: ${e.getMessage}", e)
@@ -133,25 +114,45 @@ object CommonsEmailWrapper extends MdcLoggable {
     }
   }
 
-  /**
-   * Send email with attachments
-   */
   def sendEmailWithAttachments(config: EmailConfig, content: EmailContent): Box[String] = {
     try {
       logger.debug(s"Sending email with attachments from ${content.from} to ${content.to.mkString(", ")}")
-      
-      val email = new MultiPartEmail()
-      configureEmail(email, config, content)
-      
-      // Set text content
-      content.textContent.foreach(email.setMsg)
-      
+      val session = createSession(config)
+      val message = new MimeMessage(session)
+      setCommonHeaders(message, content)
+      val multipart = new MimeMultipart()
+      // Add text or HTML part
+      (content.htmlContent, content.textContent) match {
+        case (Some(html), _) =>
+          val htmlPart = new MimeBodyPart()
+          htmlPart.setContent(html, "text/html; charset=UTF-8")
+          multipart.addBodyPart(htmlPart)
+        case (None, Some(text)) =>
+          val textPart = new MimeBodyPart()
+          textPart.setText(text, "UTF-8")
+          multipart.addBodyPart(textPart)
+        case _ =>
+          val textPart = new MimeBodyPart()
+          textPart.setText("", "UTF-8")
+          multipart.addBodyPart(textPart)
+      }
       // Add attachments
-      content.attachments.foreach(email.attach)
-      
-      val messageId = email.send()
-      logger.debug(s"Email with attachments sent successfully with Message-ID: $messageId")
-      Full(messageId)
+      content.attachments.foreach { att =>
+        val attachPart = new MimeBodyPart()
+        if (att.filePath.isDefined) {
+          val fds = new FileDataSource(new File(att.filePath.get))
+          attachPart.setDataHandler(new DataHandler(fds))
+          attachPart.setFileName(att.name.getOrElse(new File(att.filePath.get).getName))
+        } else if (att.url.isDefined) {
+          val uds = new URLDataSource(new URL(att.url.get))
+          attachPart.setDataHandler(new DataHandler(uds))
+          attachPart.setFileName(att.name.getOrElse(att.url.get.split('/').last))
+        }
+        multipart.addBodyPart(attachPart)
+      }
+      message.setContent(multipart)
+      Transport.send(message)
+      Full(message.getMessageID)
     } catch {
       case e: Exception =>
         logger.error(s"Failed to send email with attachments: ${e.getMessage}", e)
@@ -159,54 +160,34 @@ object CommonsEmailWrapper extends MdcLoggable {
     }
   }
 
-  /**
-   * Configure email with common settings
-   */
-  private def configureEmail(email: Email, config: EmailConfig, content: EmailContent): Unit = {
-    // SMTP Configuration
-    email.setHostName(config.smtpHost)
-    email.setSmtpPort(config.smtpPort)
-    email.setAuthenticator(new DefaultAuthenticator(config.username, config.password))
-    email.setSSLOnConnect(config.useSSL)
-    email.setStartTLSEnabled(config.useTLS)
-    email.setDebug(config.debug)
-    email.getMailSession.getProperties.setProperty("mail.smtp.ssl.protocols", config.tlsProtocols)
-    
-    // Set charset
-    email.setCharset("UTF-8")
-    
-    // Set sender
-    email.setFrom(content.from)
-    
-    // Set recipients
-    content.to.foreach(email.addTo)
-    content.cc.foreach(email.addCc)
-    content.bcc.foreach(email.addBcc)
-    
-    // Set subject
-    email.setSubject(content.subject)
+  private def createSession(config: EmailConfig): Session = {
+    val props = new Properties()
+    props.put("mail.smtp.host", config.smtpHost)
+    props.put("mail.smtp.port", config.smtpPort.toString)
+    props.put("mail.smtp.auth", "true")
+    props.put("mail.smtp.starttls.enable", config.useTLS.toString)
+    props.put("mail.smtp.ssl.enable", config.useSSL.toString)
+    props.put("mail.debug", config.debug.toString)
+    props.put("mail.smtp.ssl.protocols", config.tlsProtocols)
+    val authenticator = new Authenticator() {
+      override def getPasswordAuthentication: PasswordAuthentication =
+        new PasswordAuthentication(config.username, config.password)
+    }
+    Session.getInstance(props, authenticator)
   }
 
-  /**
-   * Create email attachment from file
-   */
-  def createFileAttachment(filePath: String, name: Option[String] = None): EmailAttachment = {
-    val attachment = new EmailAttachment()
-    attachment.setPath(filePath)
-    attachment.setDisposition(EmailAttachment.ATTACHMENT)
-    name.foreach(attachment.setName)
-    attachment
+  private def setCommonHeaders(message: MimeMessage, content: EmailContent): Unit = {
+    message.setFrom(new InternetAddress(content.from))
+    content.to.foreach(addr => message.addRecipient(Message.RecipientType.TO, new InternetAddress(addr)))
+    content.cc.foreach(addr => message.addRecipient(Message.RecipientType.CC, new InternetAddress(addr)))
+    content.bcc.foreach(addr => message.addRecipient(Message.RecipientType.BCC, new InternetAddress(addr)))
+    message.setSubject(content.subject, "UTF-8")
   }
 
-  /**
-   * Create email attachment from URL
-   */
-  def createUrlAttachment(url: String, name: String): EmailAttachment = {
-    val attachment = new EmailAttachment()
-    attachment.setURL(new URL(url))
-    attachment.setDisposition(EmailAttachment.ATTACHMENT)
-    attachment.setName(name)
-    attachment
-  }
+  def createFileAttachment(filePath: String, name: Option[String] = None): EmailAttachment =
+    EmailAttachment(filePath = Some(filePath), url = None, name = name)
+
+  def createUrlAttachment(url: String, name: String): EmailAttachment =
+    EmailAttachment(filePath = None, url = Some(url), name = Some(name))
 
 } 
\ No newline at end of file

From 9fdfa7e34cd24a9c0ce14f2b6f6443ee3682394d Mon Sep 17 00:00:00 2001
From: hongwei <hongwei@tesobe.com>
Date: Fri, 8 Aug 2025 00:44:08 +0200
Subject: [PATCH 27/30] refactor/used jakarta Email instead of Apache Commons
 Email - step10 replaced Lift Mailer with JakartaMail for password reset and
 validation emails, simplifying email content generation

---
 .../code/model/dataAccess/AuthUser.scala      | 36 ++++---------------
 1 file changed, 6 insertions(+), 30 deletions(-)

diff --git a/obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala b/obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala
index fa21830e2..0d9334ff5 100644
--- a/obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala
+++ b/obp-api/src/main/scala/code/model/dataAccess/AuthUser.scala
@@ -589,23 +589,14 @@ import net.liftweb.util.Helpers._
    */
   override def sendPasswordReset(name: String) {
     findAuthUserByUsernameLocallyLegacy(name).toList ::: findUsersByEmailLocally(name) map {
-      // reason of case parameter name is "u" instead of "user": trait AuthUser have constant mumber name is "user"
-      // So if the follow case paramter name is "user" will cause compile warnings
       case u if u.validated_? =>
         u.resetUniqueId().save
-        //NOTE: here, if server_mode = portal, so we need modify the resetLink to portal_hostname, then developer can get proper response..
         val resetPasswordLinkProps = Constant.HostName
         val resetPasswordLink = APIUtil.getPropsValue("portal_hostname", resetPasswordLinkProps)+
           passwordResetPath.mkString("/", "/", "/")+urlEncode(u.getUniqueId())
-        // Use Apache Commons Email wrapper instead of Lift Mailer
-        val emailBodies = generateResetEmailBodies(u, resetPasswordLink)
-        
-        // Extract text and HTML content from email bodies
-        val textContent = emailBodies.find(_.isInstanceOf[net.liftweb.util.Mailer.PlainMailBodyType])
-          .map(_.asInstanceOf[net.liftweb.util.Mailer.PlainMailBodyType].toString.replace("PlainMailBodyType(", "").replace(")", ""))
-        val htmlContent = emailBodies.find(_.isInstanceOf[net.liftweb.util.Mailer.XHTMLMailBodyType])
-          .map(_.asInstanceOf[net.liftweb.util.Mailer.XHTMLMailBodyType].toString.replace("XHTMLMailBodyType(", "").replace(")", ""))
-        
+        // Directly generate content using JakartaMail/CommonsEmailWrapper
+        val textContent = Some(s"Please use the following link to reset your password: $resetPasswordLink")
+        val htmlContent = Some(s"<p>Please use the following link to reset your password:</p><p><a href='$resetPasswordLink'>$resetPasswordLink</a></p>")
         val emailContent = EmailContent(
           from = emailFrom,
           to = List(u.getEmail),
@@ -627,8 +618,6 @@ import net.liftweb.util.Helpers._
       case u =>
         sendValidationEmail(u)
     }
-    // In order to prevent any leakage of information we use the same message for all cases
-    // Note: Individual success/error messages are now handled in the email sending logic above
   }
 
   override def lostPasswordXhtml = {
@@ -660,22 +649,10 @@ import net.liftweb.util.Helpers._
    * Overridden to use the hostname set in the props file
    */
   override def sendValidationEmail(user: TheUserType) {
-    val resetLink = Constant.HostName+"/"+validateUserPath.mkString("/")+
-      "/"+urlEncode(user.getUniqueId())
-
+    val resetLink = Constant.HostName+"/"+validateUserPath.mkString("/")+"/"+urlEncode(user.getUniqueId())
     val email: String = user.getEmail
-
-    val msgXml = signupMailBody(user, resetLink)
-
-    // Use Apache Commons Email wrapper instead of Lift Mailer
-    val emailBodies: List[Mailer.MailBodyType] = generateValidationEmailBodies(user, resetLink)
-    
-    // Extract text and HTML content from email bodies
-    val textContent = emailBodies.find(_.isInstanceOf[net.liftweb.util.Mailer.PlainMailBodyType])
-      .map(_.asInstanceOf[net.liftweb.util.Mailer.PlainMailBodyType].toString.replace("PlainMailBodyType(", "").replace(")", ""))
-    val htmlContent = emailBodies.find(_.isInstanceOf[net.liftweb.util.Mailer.XHTMLMailBodyType])
-      .map(_.asInstanceOf[net.liftweb.util.Mailer.XHTMLMailBodyType].toString.replace("XHTMLMailBodyType(", "").replace(")", ""))
-    
+    val textContent = Some(s"Welcome! Please validate your account by clicking the following link: $resetLink")
+    val htmlContent = Some(s"<p>Welcome! Please validate your account by clicking the following link:</p><p><a href='$resetLink'>$resetLink</a></p>")
     val emailContent = EmailContent(
       from = emailFrom,
       to = List(user.getEmail),
@@ -684,7 +661,6 @@ import net.liftweb.util.Helpers._
       textContent = textContent,
       htmlContent = htmlContent
     )
-    
     sendHtmlEmail(emailContent) match {
       case Full(messageId) => 
         logger.debug(s"Validation email sent successfully with Message-ID: $messageId")

From a55824fbc33fc2e7d7f73ac24ec2bacb54dddbb6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marko=20Mili=C4=87?= <marko@tesobe.com>
Date: Wed, 13 Aug 2025 09:54:19 +0200
Subject: [PATCH 28/30] feature/Add query param withBalance at BG endpoint Read
 Account Details

---
 .../AccountInformationServiceAISApi.scala     | 27 ++++++++++++++++++-
 .../v1_3/JSONFactory_BERLIN_GROUP_1_3.scala   | 18 +++++++++++--
 2 files changed, 42 insertions(+), 3 deletions(-)

diff --git a/obp-api/src/main/scala/code/api/berlin/group/v1_3/AccountInformationServiceAISApi.scala b/obp-api/src/main/scala/code/api/berlin/group/v1_3/AccountInformationServiceAISApi.scala
index bba14b21c..d3684b268 100644
--- a/obp-api/src/main/scala/code/api/berlin/group/v1_3/AccountInformationServiceAISApi.scala
+++ b/obp-api/src/main/scala/code/api/berlin/group/v1_3/AccountInformationServiceAISApi.scala
@@ -1036,17 +1036,27 @@ Give detailed information about the addressed account together with balance info
          cc =>
            for {
              (Full(u), callContext) <- authenticatedAccess(cc)
+             withBalanceParam <- NewStyle.function.tryons(s"$InvalidUrlParameters withBalance parameter can only take two values: TRUE or FALSE!", 400, callContext) {
+               val withBalance = APIUtil.getHttpRequestUrlParam(cc.url, "withBalance")
+               if (withBalance.isEmpty) Some(false) else Some(withBalance.toBoolean)
+             }
              _ <- passesPsd2Aisp(callContext)
              (account: BankAccount, callContext) <- NewStyle.function.getBankAccountByAccountId(AccountId(accountId), callContext)
              (canReadBalancesAccounts, callContext) <- NewStyle.function.getAccountCanReadBalancesOfBerlinGroup(u, callContext)
              (canReadTransactionsAccounts, callContext) <- NewStyle.function.getAccountCanReadTransactionsOfBerlinGroup(u, callContext)
              _ <- checkAccountAccess(ViewId(SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID), u, account, callContext)
+             (accountBalances, callContext) <- code.api.util.newstyle.BankAccountBalanceNewStyle.getBankAccountBalances(
+               AccountId(accountId),
+               callContext
+             )
            } yield {
              (
                JSONFactory_BERLIN_GROUP_1_3.createAccountDetailsJson(
                  account,
                  canReadBalancesAccounts,
                  canReadTransactionsAccounts,
+                 withBalanceParam,
+                 accountBalances,
                  u
                ),
                callContext
@@ -1105,8 +1115,23 @@ respectively the OAuth2 access token.
              (canReadBalancesAccounts, callContext) <- NewStyle.function.getAccountCanReadBalancesOfBerlinGroup(u, callContext)
              (canReadTransactionsAccounts, callContext) <- NewStyle.function.getAccountCanReadTransactionsOfBerlinGroup(u, callContext)
              _ <- checkAccountAccess(ViewId(SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID), u, account, callContext)
+             withBalanceParam <- NewStyle.function.tryons(s"$InvalidUrlParameters withBalance parameter can only take two values: TRUE or FALSE!", 400, callContext) {
+               val withBalance = APIUtil.getHttpRequestUrlParam(cc.url, "withBalance")
+               if (withBalance.isEmpty) Some(false) else Some(withBalance.toBoolean)
+             }
+             (accountBalances, callContext) <- code.api.util.newstyle.BankAccountBalanceNewStyle.getBankAccountBalances(
+               AccountId(accountId),
+               callContext
+             )
            } yield {
-             (JSONFactory_BERLIN_GROUP_1_3.createCardAccountDetailsJson(account, canReadBalancesAccounts, canReadTransactionsAccounts, u), callContext)
+             (JSONFactory_BERLIN_GROUP_1_3.createCardAccountDetailsJson(
+               account,
+               canReadBalancesAccounts,
+               canReadTransactionsAccounts,
+               withBalanceParam,
+               accountBalances,
+               u
+             ), callContext)
            }
        }
      }
diff --git a/obp-api/src/main/scala/code/api/berlin/group/v1_3/JSONFactory_BERLIN_GROUP_1_3.scala b/obp-api/src/main/scala/code/api/berlin/group/v1_3/JSONFactory_BERLIN_GROUP_1_3.scala
index f7857a00d..52d78bfb3 100644
--- a/obp-api/src/main/scala/code/api/berlin/group/v1_3/JSONFactory_BERLIN_GROUP_1_3.scala
+++ b/obp-api/src/main/scala/code/api/berlin/group/v1_3/JSONFactory_BERLIN_GROUP_1_3.scala
@@ -93,6 +93,7 @@ object JSONFactory_BERLIN_GROUP_1_3 extends CustomJsonFormats with MdcLoggable{
                              product: String,
                              cashAccountType: String,
                              name: Option[String],
+                             balances: Option[List[CoreAccountBalanceJson]] = None,
                              _links: AccountDetailsLinksJsonV13,
                            )
 
@@ -407,14 +408,18 @@ object JSONFactory_BERLIN_GROUP_1_3 extends CustomJsonFormats with MdcLoggable{
   def createCardAccountDetailsJson(bankAccount: BankAccount,
                                    canReadBalancesAccounts: List[BankIdAccountId],
                                    canReadTransactionsAccounts: List[BankIdAccountId],
+                                   withBalanceParam: Option[Boolean],
+                                   balances: List[BankAccountBalanceTrait],
                                    user: User): CardAccountDetailsJsonV13 = {
-    val accountDetailsJsonV13 = createAccountDetailsJson(bankAccount, canReadBalancesAccounts, canReadTransactionsAccounts, user)
+    val accountDetailsJsonV13 = createAccountDetailsJson(bankAccount, canReadBalancesAccounts, canReadTransactionsAccounts, withBalanceParam, balances, user)
     CardAccountDetailsJsonV13(accountDetailsJsonV13.account)
   }
   
   def createAccountDetailsJson(bankAccount: BankAccount,
                                canReadBalancesAccounts: List[BankIdAccountId],
                                canReadTransactionsAccounts: List[BankIdAccountId],
+                               withBalanceParam: Option[Boolean],
+                               balances: List[BankAccountBalanceTrait],
                                user: User): AccountDetailsJsonV13 = {
     val (iBan: String, bBan: String) = getIbanAndBban(bankAccount)
     val commonPath = s"${OBP_BERLIN_GROUP_1_3.apiVersion.urlPrefix}/${OBP_BERLIN_GROUP_1_3.version}/accounts/${bankAccount.accountId.value}"
@@ -423,7 +428,15 @@ object JSONFactory_BERLIN_GROUP_1_3 extends CustomJsonFormats with MdcLoggable{
     val transactionRef = LinkHrefJson(s"/$commonPath/transactions")
     val canReadTransactions = canReadTransactionsAccounts.map(_.accountId.value).contains(bankAccount.accountId.value)
     val cashAccountType = bankAccount.attributes.getOrElse(Nil).filter(_.name== "cashAccountType").map(_.value).headOption.getOrElse("")
-
+    val accountBalances = if (withBalanceParam.contains(true)) {
+      Some(balances.filter(_.accountId.equals(bankAccount.accountId)).flatMap(balance => (List(CoreAccountBalanceJson(
+        balanceAmount = AmountOfMoneyV13(bankAccount.currency, balance.balanceAmount.toString()),
+        balanceType = balance.balanceType,
+        lastChangeDateTime = balance.lastChangeDateTime.map(APIUtil.DateWithMsAndTimeZoneOffset.format(_))
+      )))))
+    } else {
+      None
+    }
 
     val account = AccountJsonV13(
       resourceId = bankAccount.accountId.value,
@@ -432,6 +445,7 @@ object JSONFactory_BERLIN_GROUP_1_3 extends CustomJsonFormats with MdcLoggable{
       name = if(APIUtil.getPropsAsBoolValue("BG_v1312_show_account_name", defaultValue = true)) Some(bankAccount.name) else None,
       cashAccountType = cashAccountType,
       product = bankAccount.accountType,
+      balances = if(canReadBalances) accountBalances else None,
       _links = AccountDetailsLinksJsonV13(
         balances = if (canReadBalances) Some(balanceRef) else None,
         transactions = if (canReadTransactions) Some(transactionRef) else None,

From 01393cec64ee5e231954fc9a1100444d5d310c9e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marko=20Mili=C4=87?= <marko@tesobe.com>
Date: Thu, 14 Aug 2025 14:32:34 +0200
Subject: [PATCH 29/30] feature/Add query param cbs_user_id at Get Consents
 endpoint

---
 .../src/main/scala/code/api/util/APIUtil.scala  |  7 +++++--
 .../src/main/scala/code/api/util/OBPParam.scala |  1 +
 .../code/api/v5_1_0/JSONFactory5.1.0.scala      | 16 +++++++++++++---
 .../main/scala/code/consent/MappedConsent.scala | 17 +++++++++++++++--
 4 files changed, 34 insertions(+), 7 deletions(-)

diff --git a/obp-api/src/main/scala/code/api/util/APIUtil.scala b/obp-api/src/main/scala/code/api/util/APIUtil.scala
index 7e6e9561e..2fade7e73 100644
--- a/obp-api/src/main/scala/code/api/util/APIUtil.scala
+++ b/obp-api/src/main/scala/code/api/util/APIUtil.scala
@@ -1147,6 +1147,7 @@ object APIUtil extends MdcLoggable with CustomJsonFormats{
         case "iss" => Full(OBPIss(values.head))
         case "consent_id" => Full(OBPConsentId(values.head))
         case "user_id" => Full(OBPUserId(values.head))
+        case "cbs_user_id" => Full(CBSUserId(values.head))
         case "bank_id" => Full(OBPBankId(values.head))
         case "account_id" => Full(OBPAccountId(values.head))
         case "url" => Full(OBPUrl(values.head))
@@ -1198,6 +1199,7 @@ object APIUtil extends MdcLoggable with CustomJsonFormats{
       iss <- getHttpParamValuesByName(httpParams,"iss")
       consentId <- getHttpParamValuesByName(httpParams,"consent_id")
       userId <- getHttpParamValuesByName(httpParams, "user_id")
+      cbsUserId <- getHttpParamValuesByName(httpParams, "cbs_user_id")
       bankId <- getHttpParamValuesByName(httpParams, "bank_id")
       accountId <- getHttpParamValuesByName(httpParams, "account_id")
       url <- getHttpParamValuesByName(httpParams, "url")
@@ -1233,7 +1235,7 @@ object APIUtil extends MdcLoggable with CustomJsonFormats{
       val ordering = OBPOrdering(None, sortDirection)
       //This guarantee the order 
       List(limit, offset, ordering, sortBy, fromDate, toDate,
-        anon, status, consumerId, azp, iss, consentId, userId, url, appName, implementedByPartialFunction, implementedInVersion,
+        anon, status, consumerId, azp, iss, consentId, userId, cbsUserId, url, appName, implementedByPartialFunction, implementedInVersion,
         verb, correlationId, duration, excludeAppNames, excludeUrlPattern, excludeImplementedByPartialfunctions,
         includeAppNames, includeUrlPattern, includeImplementedByPartialfunctions, 
         connectorName,functionName, bankId, accountId, customerId, lockedStatus, deletedStatus
@@ -1276,6 +1278,7 @@ object APIUtil extends MdcLoggable with CustomJsonFormats{
     val azp =  getHttpRequestUrlParam(httpRequestUrl,"azp")
     val consentId =  getHttpRequestUrlParam(httpRequestUrl,"consent_id")
     val userId =  getHttpRequestUrlParam(httpRequestUrl, "user_id")
+    val cbsUserId =  getHttpRequestUrlParam(httpRequestUrl, "cbs_user_id")
     val bankId =  getHttpRequestUrlParam(httpRequestUrl, "bank_id")
     val accountId =  getHttpRequestUrlParam(httpRequestUrl, "account_id")
     val url =  getHttpRequestUrlParam(httpRequestUrl, "url")
@@ -1305,7 +1308,7 @@ object APIUtil extends MdcLoggable with CustomJsonFormats{
 
     Full(List(
       HTTPParam("sort_by",sortBy), HTTPParam("sort_direction",sortDirection), HTTPParam("from_date",fromDate), HTTPParam("to_date", toDate), HTTPParam("limit",limit), HTTPParam("offset",offset),
-      HTTPParam("anon", anon), HTTPParam("status", status), HTTPParam("consumer_id", consumerId), HTTPParam("azp", azp), HTTPParam("iss", iss), HTTPParam("consent_id", consentId), HTTPParam("user_id", userId), HTTPParam("url", url), HTTPParam("app_name", appName),
+      HTTPParam("anon", anon), HTTPParam("status", status), HTTPParam("consumer_id", consumerId), HTTPParam("azp", azp), HTTPParam("iss", iss), HTTPParam("consent_id", consentId), HTTPParam("user_id", userId), HTTPParam("cbs_user_id", cbsUserId), HTTPParam("url", url), HTTPParam("app_name", appName),
       HTTPParam("implemented_by_partial_function",implementedByPartialFunction), HTTPParam("implemented_in_version",implementedInVersion), HTTPParam("verb", verb),
       HTTPParam("correlation_id", correlationId), HTTPParam("duration", duration), HTTPParam("exclude_app_names", excludeAppNames),
       HTTPParam("exclude_url_patterns", excludeUrlPattern),HTTPParam("exclude_implemented_by_partial_functions", excludeImplementedByPartialfunctions), 
diff --git a/obp-api/src/main/scala/code/api/util/OBPParam.scala b/obp-api/src/main/scala/code/api/util/OBPParam.scala
index 49bd62193..a4587e88e 100644
--- a/obp-api/src/main/scala/code/api/util/OBPParam.scala
+++ b/obp-api/src/main/scala/code/api/util/OBPParam.scala
@@ -31,6 +31,7 @@ case class OBPAzp(value: String) extends OBPQueryParam
 case class OBPIss(value: String) extends OBPQueryParam
 case class OBPConsentId(value: String) extends OBPQueryParam
 case class OBPUserId(value: String) extends OBPQueryParam
+case class CBSUserId(value: String) extends OBPQueryParam
 case class OBPStatus(value: String) extends OBPQueryParam
 case class OBPBankId(value: String) extends OBPQueryParam
 case class OBPAccountId(value: String) extends OBPQueryParam
diff --git a/obp-api/src/main/scala/code/api/v5_1_0/JSONFactory5.1.0.scala b/obp-api/src/main/scala/code/api/v5_1_0/JSONFactory5.1.0.scala
index db1354069..b05898569 100644
--- a/obp-api/src/main/scala/code/api/v5_1_0/JSONFactory5.1.0.scala
+++ b/obp-api/src/main/scala/code/api/v5_1_0/JSONFactory5.1.0.scala
@@ -46,12 +46,13 @@ import code.consent.MappedConsent
 import code.metrics.APIMetric
 import code.model.Consumer
 import code.users.{UserAttribute, Users}
+import code.util.Helper.MdcLoggable
 import code.views.system.{AccountAccess, ViewDefinition, ViewPermission}
 import com.openbankproject.commons.model._
 import com.openbankproject.commons.util.ApiVersion
 import net.liftweb.common.{Box, Full}
 import net.liftweb.json
-import net.liftweb.json.{JString, JValue, parse, parseOpt}
+import net.liftweb.json.{JString, JValue, MappingException, parse, parseOpt}
 
 import java.text.SimpleDateFormat
 import java.util.Date
@@ -676,7 +677,7 @@ case class ViewPermissionJson(
   extra_data: Option[List[String]]
 )
 
-object JSONFactory510 extends CustomJsonFormats {
+object JSONFactory510 extends CustomJsonFormats with MdcLoggable {
 
   def createTransactionRequestJson(tr : TransactionRequest, transactionRequestAttributes: List[TransactionRequestAttributeTrait] ) : TransactionRequestJsonV510 = {
     TransactionRequestJsonV510(
@@ -980,7 +981,16 @@ object JSONFactory510 extends CustomJsonFormats {
   def createConsentsJsonV510(consents: List[MappedConsent]): ConsentsJsonV510 = {
     ConsentsJsonV510(
       consents.map { c =>
-        val jwtPayload = JwtUtil.getSignedPayloadAsJson(c.jsonWebToken).map(parse(_).extract[ConsentJWT]).toOption
+        val jwtPayload = JwtUtil
+          .getSignedPayloadAsJson(c.jsonWebToken)
+          .flatMap { payload =>
+            Try(parse(payload).extract[ConsentJWT]).recover {
+              case e: MappingException =>
+                logger.warn(s"Invalid JWT payload: ${e.getMessage}")
+                null
+            }.toOption
+          }.toOption
+
         AllConsentJsonV510(
           consent_reference_id = c.consentReferenceId,
           consumer_id = c.consumerId,
diff --git a/obp-api/src/main/scala/code/consent/MappedConsent.scala b/obp-api/src/main/scala/code/consent/MappedConsent.scala
index 21f5bca8a..e1e4c00c9 100644
--- a/obp-api/src/main/scala/code/consent/MappedConsent.scala
+++ b/obp-api/src/main/scala/code/consent/MappedConsent.scala
@@ -1,9 +1,10 @@
 package code.consent
 
 import java.util.Date
-import code.api.util.{APIUtil, Consent, ErrorMessages, OBPBankId, OBPConsentId, OBPConsumerId, OBPLimit, OBPOffset, OBPQueryParam, OBPSortBy, OBPStatus, OBPUserId, SecureRandomUtil}
+import code.api.util.{APIUtil, CBSUserId, Consent, ErrorMessages, OBPBankId, OBPConsentId, OBPConsumerId, OBPLimit, OBPOffset, OBPQueryParam, OBPSortBy, OBPStatus, OBPUserId, SecureRandomUtil}
 import code.consent.ConsentStatus.ConsentStatus
 import code.model.Consumer
+import code.model.dataAccess.ResourceUser
 import code.util.MappedUUID
 import com.openbankproject.commons.model.User
 import com.openbankproject.commons.util.ApiStandards
@@ -71,6 +72,18 @@ object MappedConsentProvider extends ConsentProvider {
     // The optional variables:
     val consumerId = queryParams.collectFirst { case OBPConsumerId(value) => By(MappedConsent.mConsumerId, value) }
     val consentId = queryParams.collectFirst { case OBPConsentId(value) => By(MappedConsent.mConsentId, value) }
+    val cbsUserId: Option[Cmp[MappedConsent, String]] = queryParams.collectFirst {
+      case CBSUserId(value) =>
+        ResourceUser.findAll(By(ResourceUser.providerId, value)) match {
+          case Nil =>
+            Some(By(MappedConsent.mUserId, "-1")) // no result
+          case x :: Nil => // exactly one
+            Some(By(MappedConsent.mUserId, x.userId))
+          case moreThanOneRow => // more than one
+            None
+        }
+    }.flatten
+
     val userId = queryParams.collectFirst { case OBPUserId(value) => By(MappedConsent.mUserId, value) }
     val status = queryParams.collectFirst {
       case OBPStatus(value) =>
@@ -96,7 +109,7 @@ object MappedConsentProvider extends ConsentProvider {
       offset.toSeq,
       limit.toSeq,
       status.toSeq,
-      userId.toSeq,
+      userId.orElse(cbsUserId).toSeq,
       consentId.toSeq,
       consumerId.toSeq
     ).flatten

From 253327c937f36a32ab39c5572154d55348d5b17e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marko=20Mili=C4=87?= <marko@tesobe.com>
Date: Fri, 15 Aug 2025 12:17:46 +0200
Subject: [PATCH 30/30] feature/Add query param provider_provider_id at Get
 Consents endpoint

---
 .../main/scala/code/api/util/APIUtil.scala    | 12 +++++-----
 .../main/scala/code/api/util/OBPParam.scala   |  2 +-
 .../scala/code/api/v5_1_0/APIMethods510.scala |  4 ++++
 .../scala/code/consent/MappedConsent.scala    | 22 +++++++++++--------
 4 files changed, 24 insertions(+), 16 deletions(-)

diff --git a/obp-api/src/main/scala/code/api/util/APIUtil.scala b/obp-api/src/main/scala/code/api/util/APIUtil.scala
index 2fade7e73..176726d85 100644
--- a/obp-api/src/main/scala/code/api/util/APIUtil.scala
+++ b/obp-api/src/main/scala/code/api/util/APIUtil.scala
@@ -1147,7 +1147,7 @@ object APIUtil extends MdcLoggable with CustomJsonFormats{
         case "iss" => Full(OBPIss(values.head))
         case "consent_id" => Full(OBPConsentId(values.head))
         case "user_id" => Full(OBPUserId(values.head))
-        case "cbs_user_id" => Full(CBSUserId(values.head))
+        case "provider_provider_id" => Full(ProviderProviderId(values.head))
         case "bank_id" => Full(OBPBankId(values.head))
         case "account_id" => Full(OBPAccountId(values.head))
         case "url" => Full(OBPUrl(values.head))
@@ -1199,7 +1199,7 @@ object APIUtil extends MdcLoggable with CustomJsonFormats{
       iss <- getHttpParamValuesByName(httpParams,"iss")
       consentId <- getHttpParamValuesByName(httpParams,"consent_id")
       userId <- getHttpParamValuesByName(httpParams, "user_id")
-      cbsUserId <- getHttpParamValuesByName(httpParams, "cbs_user_id")
+      providerProviderId <- getHttpParamValuesByName(httpParams, "provider_provider_id")
       bankId <- getHttpParamValuesByName(httpParams, "bank_id")
       accountId <- getHttpParamValuesByName(httpParams, "account_id")
       url <- getHttpParamValuesByName(httpParams, "url")
@@ -1233,9 +1233,9 @@ object APIUtil extends MdcLoggable with CustomJsonFormats{
        */
       //val sortBy = json.header("obp_sort_by")
       val ordering = OBPOrdering(None, sortDirection)
-      //This guarantee the order 
+      //This guarantee the order
       List(limit, offset, ordering, sortBy, fromDate, toDate,
-        anon, status, consumerId, azp, iss, consentId, userId, cbsUserId, url, appName, implementedByPartialFunction, implementedInVersion,
+        anon, status, consumerId, azp, iss, consentId, userId, providerProviderId, url, appName, implementedByPartialFunction, implementedInVersion,
         verb, correlationId, duration, excludeAppNames, excludeUrlPattern, excludeImplementedByPartialfunctions,
         includeAppNames, includeUrlPattern, includeImplementedByPartialfunctions, 
         connectorName,functionName, bankId, accountId, customerId, lockedStatus, deletedStatus
@@ -1278,7 +1278,7 @@ object APIUtil extends MdcLoggable with CustomJsonFormats{
     val azp =  getHttpRequestUrlParam(httpRequestUrl,"azp")
     val consentId =  getHttpRequestUrlParam(httpRequestUrl,"consent_id")
     val userId =  getHttpRequestUrlParam(httpRequestUrl, "user_id")
-    val cbsUserId =  getHttpRequestUrlParam(httpRequestUrl, "cbs_user_id")
+    val providerProviderId =  getHttpRequestUrlParam(httpRequestUrl, "provider_provider_id")
     val bankId =  getHttpRequestUrlParam(httpRequestUrl, "bank_id")
     val accountId =  getHttpRequestUrlParam(httpRequestUrl, "account_id")
     val url =  getHttpRequestUrlParam(httpRequestUrl, "url")
@@ -1308,7 +1308,7 @@ object APIUtil extends MdcLoggable with CustomJsonFormats{
 
     Full(List(
       HTTPParam("sort_by",sortBy), HTTPParam("sort_direction",sortDirection), HTTPParam("from_date",fromDate), HTTPParam("to_date", toDate), HTTPParam("limit",limit), HTTPParam("offset",offset),
-      HTTPParam("anon", anon), HTTPParam("status", status), HTTPParam("consumer_id", consumerId), HTTPParam("azp", azp), HTTPParam("iss", iss), HTTPParam("consent_id", consentId), HTTPParam("user_id", userId), HTTPParam("cbs_user_id", cbsUserId), HTTPParam("url", url), HTTPParam("app_name", appName),
+      HTTPParam("anon", anon), HTTPParam("status", status), HTTPParam("consumer_id", consumerId), HTTPParam("azp", azp), HTTPParam("iss", iss), HTTPParam("consent_id", consentId), HTTPParam("user_id", userId), HTTPParam("provider_provider_id", providerProviderId), HTTPParam("url", url), HTTPParam("app_name", appName),
       HTTPParam("implemented_by_partial_function",implementedByPartialFunction), HTTPParam("implemented_in_version",implementedInVersion), HTTPParam("verb", verb),
       HTTPParam("correlation_id", correlationId), HTTPParam("duration", duration), HTTPParam("exclude_app_names", excludeAppNames),
       HTTPParam("exclude_url_patterns", excludeUrlPattern),HTTPParam("exclude_implemented_by_partial_functions", excludeImplementedByPartialfunctions), 
diff --git a/obp-api/src/main/scala/code/api/util/OBPParam.scala b/obp-api/src/main/scala/code/api/util/OBPParam.scala
index a4587e88e..bc42c0465 100644
--- a/obp-api/src/main/scala/code/api/util/OBPParam.scala
+++ b/obp-api/src/main/scala/code/api/util/OBPParam.scala
@@ -31,7 +31,7 @@ case class OBPAzp(value: String) extends OBPQueryParam
 case class OBPIss(value: String) extends OBPQueryParam
 case class OBPConsentId(value: String) extends OBPQueryParam
 case class OBPUserId(value: String) extends OBPQueryParam
-case class CBSUserId(value: String) extends OBPQueryParam
+case class ProviderProviderId(value: String) extends OBPQueryParam
 case class OBPStatus(value: String) extends OBPQueryParam
 case class OBPBankId(value: String) extends OBPQueryParam
 case class OBPAccountId(value: String) extends OBPQueryParam
diff --git a/obp-api/src/main/scala/code/api/v5_1_0/APIMethods510.scala b/obp-api/src/main/scala/code/api/v5_1_0/APIMethods510.scala
index 32f8ce6c2..01851b749 100644
--- a/obp-api/src/main/scala/code/api/v5_1_0/APIMethods510.scala
+++ b/obp-api/src/main/scala/code/api/v5_1_0/APIMethods510.scala
@@ -1707,6 +1707,10 @@ trait APIMethods510 {
          |
          |7 bank_id  (ignore if omitted)
          |
+         |8 provider_provider_id  (ignore if omitted)
+         |provider and provider_id values are separated by pipe char
+         |eg: provider_provider_id=http%3A%2F%2Flocalhost%3A7070%2Frealms%2Fmaster|7837ee9c-3446-4d8c-9b90-301a52b4851d
+         |
          |eg:/management/consents?consumer_id=78&limit=10&offset=10
          |
       """.stripMargin,
diff --git a/obp-api/src/main/scala/code/consent/MappedConsent.scala b/obp-api/src/main/scala/code/consent/MappedConsent.scala
index e1e4c00c9..6fa453465 100644
--- a/obp-api/src/main/scala/code/consent/MappedConsent.scala
+++ b/obp-api/src/main/scala/code/consent/MappedConsent.scala
@@ -1,7 +1,7 @@
 package code.consent
 
 import java.util.Date
-import code.api.util.{APIUtil, CBSUserId, Consent, ErrorMessages, OBPBankId, OBPConsentId, OBPConsumerId, OBPLimit, OBPOffset, OBPQueryParam, OBPSortBy, OBPStatus, OBPUserId, SecureRandomUtil}
+import code.api.util.{APIUtil, Consent, ErrorMessages, OBPBankId, OBPConsentId, OBPConsumerId, OBPLimit, OBPOffset, OBPQueryParam, OBPSortBy, OBPStatus, OBPUserId, ProviderProviderId, SecureRandomUtil}
 import code.consent.ConsentStatus.ConsentStatus
 import code.model.Consumer
 import code.model.dataAccess.ResourceUser
@@ -9,10 +9,12 @@ import code.util.MappedUUID
 import com.openbankproject.commons.model.User
 import com.openbankproject.commons.util.ApiStandards
 import net.liftweb.common.{Box, Empty, Failure, Full}
-import net.liftweb.mapper.{MappedString, _}
+import net.liftweb.mapper._
 import net.liftweb.util.Helpers.{now, tryo}
 import org.mindrot.jbcrypt.BCrypt
 
+import java.net.URLDecoder
+import java.nio.charset.StandardCharsets
 import scala.collection.immutable.List
 
 object MappedConsentProvider extends ConsentProvider {
@@ -72,14 +74,16 @@ object MappedConsentProvider extends ConsentProvider {
     // The optional variables:
     val consumerId = queryParams.collectFirst { case OBPConsumerId(value) => By(MappedConsent.mConsumerId, value) }
     val consentId = queryParams.collectFirst { case OBPConsentId(value) => By(MappedConsent.mConsentId, value) }
-    val cbsUserId: Option[Cmp[MappedConsent, String]] = queryParams.collectFirst {
-      case CBSUserId(value) =>
-        ResourceUser.findAll(By(ResourceUser.providerId, value)) match {
-          case Nil =>
-            Some(By(MappedConsent.mUserId, "-1")) // no result
+    val providerProviderId: Option[Cmp[MappedConsent, String]] = queryParams.collectFirst {
+      case ProviderProviderId(value) =>
+        val (provider, providerId) = value.split("\\|") match { // split by literal '|'
+          case Array(a, b) => (a, b)
+          case _ => ("", "") // fallback if format is unexpected
+        }
+        ResourceUser.findAll(By(ResourceUser.provider_, provider), By(ResourceUser.providerId, providerId)) match {
           case x :: Nil => // exactly one
             Some(By(MappedConsent.mUserId, x.userId))
-          case moreThanOneRow => // more than one
+          case _ =>
             None
         }
     }.flatten
@@ -109,7 +113,7 @@ object MappedConsentProvider extends ConsentProvider {
       offset.toSeq,
       limit.toSeq,
       status.toSeq,
-      userId.orElse(cbsUserId).toSeq,
+      userId.orElse(providerProviderId).toSeq,
       consentId.toSeq,
       consumerId.toSeq
     ).flatten