artin/OBP-API
1
0
Fork 0
mirror of https://github.com/OpenBankProject/OBP-API.git synced 2026-02-06 15:56:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor/ Enhanced logging for consent validation, including warnings for empty consumer validation method.

Browse Source
This commit is contained in:
hongwei 2025-11-21 16:28:20 +01:00
parent f3d0bf9f63
commit 7f9c1e94c6
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
obp-api/src/main/scala/code/api/util/ConsentUtil.scala
View File

@ -251,7 +251,11 @@ object Consent extends MdcLoggable {
if (!tppIsConsentHolder(c.mConsumerId.get, callContext)) { // Always check TPP first
val consentConsumerId = c.mConsumerId.get
val requestConsumerId = callContext.consumer.map(_.consumerId.get).getOrElse("NONE")
logger.info(s"ConsentNotFound: TPP/Consumer mismatch. Consent holder consumer_id=$consentConsumerId, Request consumer_id=$requestConsumerId, consent_id=${consent.jti}")
val consumerValidationMethodForConsent = APIUtil.getPropsValue("consumer_validation_method_for_consent").openOr("")
if(requestConsumerId == "NONE" || consumerValidationMethodForConsent.isEmpty) {
logger.warn(s"consumer_validation_method_for_consent is empty while request consumer_id=NONE - consent_id=${consent.jti}, aud=${consent.aud}")
}
logger.debug(s"ConsentNotFound: TPP/Consumer mismatch. Consent holder consumer_id=$consentConsumerId, Request consumer_id=$requestConsumerId, consent_id=${consent.jti}")
ErrorUtil.apiFailureToBox(ErrorMessages.ConsentNotFound, 401)(Some(callContext))
} else if (!verifyHmacSignedJwt(consentIdAsJwt, c)) { // verify signature
Failure(ErrorMessages.ConsentVerificationIssue)