artin/OBP-API
1
0
Fork 0
mirror of https://github.com/OpenBankProject/OBP-API.git synced 2026-02-06 17:17:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Consent-Id POC - added props

Browse Source
This commit is contained in:
Marko Milić 2019-03-20 17:46:10 +01:00
parent ebb22fbded
commit 5ae96ef9fc
2 changed files with 14 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
obp-api/src/main/resources/props/sample.props.template
View File

@ -559,4 +559,10 @@ featured_apis=elasticSearchWarehouseV300
# Database scheduler interval in seconds.
# Scheduler would not be started if delay is not set.
database_messages_scheduler_interval=3600
# ---------------------------------------------------
# ---------------------------------------------------
# -- Consents -----------------------------------------------
# In case isn't defined default value is "false"
# consents.allowed=true
# consents.jwt_secret=Cannot get your at least 256 bit secret
# -----------------------------------------------------------

11
obp-api/src/main/scala/code/api/util/ConsentUtil.scala
View File

@ -1,5 +1,6 @@
package code.api.util
import code.api.util.ErrorMessages.attemptedToOpenAnEmptyBox
import code.consumer.Consumers
import code.entitlement.Entitlement
import code.users.Users
@ -84,7 +85,7 @@ case class Consent(createdByUserId: String,
object Consent {
private def verifyHmacSignedJwt(jwtToken: String): Boolean = {
val secret = APIUtil.getPropsValue("consent.jwt_secret", "Cannot get your at least 256 bit secret")
val secret = APIUtil.getPropsValue("consents.jwt_secret").openOrThrowException(attemptedToOpenAnEmptyBox)
JwtUtil.verifyHmacSignedJwt(jwtToken, secret)
}
@ -225,9 +226,11 @@ object Consent {
}
def applyRules(consentId: Option[String], callContext: Option[CallContext]): Future[(Box[User], Option[CallContext])] = {
consentId match {
case Some(consentId) => hasConsent(consentId, callContext)
case None => Future((Failure("Cannot get Consent-Id"), callContext))
val allowed = APIUtil.getPropsAsBoolValue(nameOfProperty="consents.allowed", defaultValue=false)
(consentId, allowed) match {
case (Some(consentId), true) => hasConsent(consentId, callContext)
case (_, false) => Future((Failure("Consents are not allowed at this instance."), callContext))
case (None, _) => Future((Failure("Cannot get Consent-Id"), callContext))
}
}