feature/add self-revoke consent functionality and update consent management UI

2026-02-06 17:37:00 +00:00 · 2025-05-26 14:46:38 +02:00 · 2025-05-26 14:46:38 +02:00 · 9bdd2b3275
commit 9bdd2b3275
parent 0ad212ce78
3 changed files with 27 additions and 6 deletions
--- a/obp-api/src/main/scala/code/api/util/APIUtil.scala
+++ b/obp-api/src/main/scala/code/api/util/APIUtil.scala
@ -4732,7 +4732,13 @@ object APIUtil extends MdcLoggable with CustomJsonFormats{

    val user = AuthUser.getCurrentUser
    val result = tryo {
-      endpoint(newRequest)(CallContext(user = user))
+      val headers: List[HTTPParam] = addlParams.get(RequestHeader.`Consent-Id`)
+        .map(consentId => List(HTTPParam(RequestHeader.`Consent-Id`, List(consentId))))
+        .getOrElse(Nil)
+      
+      endpoint(newRequest)(CallContext(
+        user = user,
+        requestHeaders = headers))
    }

    val func: ((=> LiftResponse) => Unit) => Unit = result match {
--- a/obp-api/src/main/scala/code/snippet/ConsentScreen.scala
+++ b/obp-api/src/main/scala/code/snippet/ConsentScreen.scala
@ -26,6 +26,7 @@ TESOBE (http://www.tesobe.com/)
  */
 package code.snippet

+import code.api.RequestHeader
 import code.api.util.APIUtil.callEndpoint
 import code.api.util.{CustomJsonFormats, ErrorMessages}
 import code.api.v5_1_0.ConsentsInfoJsonV510
@ -35,7 +36,7 @@ import code.model.dataAccess.AuthUser
 import code.util.Helper.{MdcLoggable, ObpS}
 import code.util.HydraUtil.integrateWithHydra
 import net.liftweb.common.{Failure, Full}
-import net.liftweb.http.{GetRequest, RequestVar, S, SHtml}
+import net.liftweb.http.{DeleteRequest, GetRequest, RequestVar, S, SHtml}
 import net.liftweb.json
 import net.liftweb.json.{Extraction, Formats, JNothing}
 import net.liftweb.util.CssSel
@ -107,7 +108,12 @@ class ConsentScreen extends MdcLoggable {
    )

    val getMyConsentsResult = callEndpoint(Implementations5_1_0.getMyConsents, pathOfEndpoint, GetRequest)
-
+    
+    def selfRevokeConsent(consentId: String) = {
+      val addlParams = Map(RequestHeader.`Consent-Id`-> consentId)
+      callEndpoint(Implementations5_1_0.selfRevokeConsent, List("my", "consent", "current"), DeleteRequest, addlParams=addlParams)
+    }
+    
    getMyConsentsResult match {
      case Left(error) => {
        S.error(error._1)
@ -123,8 +129,17 @@ class ConsentScreen extends MdcLoggable {
                ".jwt-payload *" #> json.prettyRender(consent.jwt_payload.map(Extraction.decompose).openOr(JNothing)) &
                ".status *" #> consent.status &
                ".api-standard *" #> consent.api_standard &
-                ".revoke-form [action]" #> s"/my/consents/consent_id/${consent.consent_id}" &
-                ".consent-id-input [value]" #> consent.consent_id
+                ".revoke-form [action]" #> s"/my/consent/current" &
+                ".consent-id-input [value]" #> consent.consent_id &
+                ".revoke-button-placeholder *" #> SHtml.ajaxButton("Revoke", () => {
+                  selfRevokeConsent(consent.consent_id) match {
+                    case Left(errorMsg) =>
+                      S.error(errorMsg._1)
+                    case Right(_) =>
+                      S.notice("Consent successfully revoked.")
+                  }
+                  S.redirectTo("/consents")
+                })
            }
          case Failure(msg, t, c) =>
            S.error(s"${ErrorMessages.UnknownError} $msg")
--- a/obp-api/src/main/webapp/consents.html
+++ b/obp-api/src/main/webapp/consents.html
@ -47,7 +47,7 @@ Berlin 13359, Germany
                <td>
                    <form class="revoke-form" method="post">
                        <input type="hidden" class="consent-id-input" name="consent_id" value=""/>
-                        <button type="submit" class="btn btn-primary btn-sm btn-red">Revoke</button>
+                        <span class="revoke-button-placeholder "> Revoke </span>
                    </form>
                </td>
            </tr>