artin/OBP-API
1
0
Fork 0
mirror of https://github.com/OpenBankProject/OBP-API.git synced 2026-02-06 17:37:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

feature/TPP Access Control for Berlin Group Endpoints 2

Browse Source
This commit is contained in:
Marko Milić 2025-07-17 10:15:40 +02:00
parent bd57de4a4b
commit b68e26fa67
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
obp-api/src/main/scala/code/api/util/ConsentUtil.scala
View File

@ -236,9 +236,9 @@ object Consent extends MdcLoggable {
}
}
private def tppIsNotConsentHolder(consumerIdFromConsent: String, callContext: CallContext): Boolean = {
private def tppIsConsentHolder(consumerIdFromConsent: String, callContext: CallContext): Boolean = {
val consumerIdFromCurrentCall = callContext.consumer.map(_.consumerId.get).getOrElse("None")
consumerIdFromConsent != consumerIdFromCurrentCall
consumerIdFromConsent == consumerIdFromCurrentCall
}
private def checkConsent(consent: ConsentJWT, consentIdAsJwt: String, callContext: CallContext): Box[Boolean] = {
@ -247,7 +247,7 @@ object Consent extends MdcLoggable {
logger.debug(s"code.api.util.Consent.checkConsent.getConsentByConsentId: consentBox($consentBox)")
val result = consentBox match {
case Full(c) =>
if (tppIsNotConsentHolder(c.mConsumerId.get, callContext)) { // Always check TPP first
if (!tppIsConsentHolder(c.mConsumerId.get, callContext)) { // Always check TPP first
ErrorUtil.apiFailureToBox(ErrorMessages.ConsentNotFound, 401)(Some(callContext))
} else if (!verifyHmacSignedJwt(consentIdAsJwt, c)) { // verify signature
Failure(ErrorMessages.ConsentVerificationIssue)