artin/OBP-API
1
0
Fork 0
mirror of https://github.com/OpenBankProject/OBP-API.git synced 2026-02-06 13:26:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

feature/TPP requests without PSU involvement

Browse Source
This commit is contained in:
Marko Milić 2025-05-08 16:04:44 +02:00
parent 0fefc6f698
commit 61b6fa5a4a
3 changed files with 22 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
obp-api/src/main/scala/code/api/constant/constant.scala
View File

@ -150,6 +150,7 @@ object RequestHeader {
final lazy val `If-None-Match` = "If-None-Match"
final lazy val `PSU-Geo-Location` = "PSU-Geo-Location" // Berlin Group
final lazy val `PSU-Device-Name` = "PSU-Device-Name" // Berlin Group
final lazy val `PSU-Device-ID` = "PSU-Device-ID" // Berlin Group
final lazy val `PSU-IP-Address` = "PSU-IP-Address" // Berlin Group
final lazy val `X-Request-ID` = "X-Request-ID" // Berlin Group

17
obp-api/src/main/scala/code/api/util/BerlinGroupCheck.scala
View File

@ -1,7 +1,8 @@
package code.api.util
import code.api.APIFailureNewStyle
import code.api.{APIFailureNewStyle, RequestHeader}
import code.api.util.APIUtil.{OBPReturnType, fullBoxOrException}
import code.api.util.BerlinGroupSigning.getHeaderValue
import code.util.Helper.MdcLoggable
import com.openbankproject.commons.model.User
import com.openbankproject.commons.util.ApiVersion
@ -43,6 +44,20 @@ object BerlinGroupCheck extends MdcLoggable {
}
}
def isTppRequestsWithoutPsuInvolvement(requestHeaders: List[HTTPParam]): Boolean = {
val psuIpAddress = getHeaderValue(RequestHeader.`PSU-IP-Address`, requestHeaders)
val psuDeviceId = getHeaderValue(RequestHeader.`PSU-Device-ID`, requestHeaders)
val psuDeviceNAme = getHeaderValue(RequestHeader.`PSU-Device-Name`, requestHeaders)
if(psuIpAddress == "0.0.0.0" || psuDeviceId == "no-psu-involved" || psuDeviceNAme == "no-psu-involved") {
logger.debug(s"isTppRequestsWithoutPsuInvolvement.psuIpAddress: $psuIpAddress")
logger.debug(s"isTppRequestsWithoutPsuInvolvement.psuDeviceId: $psuDeviceId")
logger.debug(s"isTppRequestsWithoutPsuInvolvement.psuDeviceNAme: $psuDeviceNAme")
true
} else {
false
}
}
def validate(body: Box[String], verb: String, url: String, reqHeaders: List[HTTPParam], forwardResult: (Box[User], Option[CallContext])): OBPReturnType[Box[User]] = {
if(url.contains(ApiVersion.berlinGroupV13.urlPrefix)) {
validateHeaders(verb, url, reqHeaders, forwardResult) match {

8
obp-api/src/main/scala/code/api/util/ConsentUtil.scala
View File

@ -569,9 +569,11 @@ object Consent extends MdcLoggable {
logger.debug(s"End of net.liftweb.json.parse(jsonAsString).extract[ConsentJWT].checkConsent.consentBox: $consent")
consentBox match { // Check is it Consent-JWT expired
case (Full(true)) => // OK
// Update MappedConsent.usesSoFarTodayCounter field
val consentUpdatedBox = Consents.consentProvider.vend.updateBerlinGroupConsent(consentId, currentCounterState + 1)
logger.debug(s"applyBerlinGroupConsentRulesCommon.consentUpdatedBox: $consentUpdatedBox")
if(BerlinGroupCheck.isTppRequestsWithoutPsuInvolvement(callContext.requestHeaders)) {
// Update MappedConsent.usesSoFarTodayCounter field
val consentUpdatedBox = Consents.consentProvider.vend.updateBerlinGroupConsent(consentId, currentCounterState + 1)
logger.debug(s"applyBerlinGroupConsentRulesCommon.consentUpdatedBox: $consentUpdatedBox")
}
applyConsentRules(consent, updatedCallContext)
case failure@Failure(_, _, _) => // Handled errors
Future(failure, Some(updatedCallContext))