From 9774e7b3cd3e1a80af11ea6481ca47b4bd627ad6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mili=C4=87?= Date: Thu, 22 May 2025 21:35:59 +0200 Subject: [PATCH 1/8] test/Tweak tag names to be more descriptive --- .../scala/code/api/v5_1_0/ConsumerTest.scala | 30 +++++++++---------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/obp-api/src/test/scala/code/api/v5_1_0/ConsumerTest.scala b/obp-api/src/test/scala/code/api/v5_1_0/ConsumerTest.scala index 6bc95ef20..be1d2fe8a 100644 --- a/obp-api/src/test/scala/code/api/v5_1_0/ConsumerTest.scala +++ b/obp-api/src/test/scala/code/api/v5_1_0/ConsumerTest.scala @@ -47,27 +47,27 @@ class ConsumerTest extends V510ServerSetup { * This is made possible by the scalatest maven plugin */ object VersionOfApi extends Tag(ApiVersion.v5_1_0.toString) - object ApiEndpoint1 extends Tag(nameOf(Implementations5_1_0.createConsumer)) - object ApiEndpoint2 extends Tag(nameOf(Implementations5_1_0.getConsumers)) - object ApiEndpoint3 extends Tag(nameOf(Implementations5_1_0.updateConsumerRedirectURL)) - object ApiEndpoint4 extends Tag(nameOf(Implementations5_1_0.updateConsumerLogoURL)) + object CreateConsumer extends Tag(nameOf(Implementations5_1_0.createConsumer)) + object GetConsumers extends Tag(nameOf(Implementations5_1_0.getConsumers)) + object UpdateConsumerRedirectURL extends Tag(nameOf(Implementations5_1_0.updateConsumerRedirectURL)) + object UpdateConsumerLogoURL extends Tag(nameOf(Implementations5_1_0.updateConsumerLogoURL)) object UpdateConsumerName extends Tag(nameOf(Implementations5_1_0.updateConsumerName)) object UpdateConsumerCertificate extends Tag(nameOf(Implementations5_1_0.updateConsumerCertificate)) object GetConsumer extends Tag(nameOf(Implementations5_1_0.getConsumer)) feature("Test all error cases ") { - scenario("We test the authentication errors", UpdateConsumerName, GetConsumer, ApiEndpoint1, ApiEndpoint2, ApiEndpoint3, ApiEndpoint4, UpdateConsumerCertificate, VersionOfApi) { + scenario("We test the authentication errors", UpdateConsumerName, GetConsumer, CreateConsumer, GetConsumers, UpdateConsumerRedirectURL, UpdateConsumerLogoURL, UpdateConsumerCertificate, VersionOfApi) { When("We make a request v5.1.0") lazy val postApiCollectionJson = SwaggerDefinitionsJSON.postApiCollectionJson400 val requestApiEndpoint1 = (v5_1_0_Request / "management" / "consumers").POST val responseApiEndpoint1 = makePostRequest(requestApiEndpoint1, write(postApiCollectionJson)) - val requestApiEndpoint2 = (v5_1_0_Request / "management" / "consumers").GET + val requestApiEndpoint2 = (v5_1_0_Request / "management" / "consumers").GET val responseApiEndpoint2 = makeGetRequest(requestApiEndpoint2) val requestApiEndpoint3= (v5_1_0_Request / "management" / "consumers" / "CONSUMER_ID" / "consumer" / "redirect_url").PUT val responseApiEndpoint3 = makePutRequest(requestApiEndpoint3, write(postApiCollectionJson)) - + val requestApiEndpoint4 = (v5_1_0_Request /"management" / "consumers" / "CONSUMER_ID" / "consumer" / "logo_url").PUT val responseApiEndpoint4 = makePutRequest(requestApiEndpoint4, write(postApiCollectionJson)) @@ -99,8 +99,8 @@ class ConsumerTest extends V510ServerSetup { responseApiEndpoint5.code should equal(401) responseApiEndpoint5.body.toString contains(s"$UserNotLoggedIn") should be (true) } - - scenario("We test the missing roles errors", UpdateConsumerName, GetConsumer, ApiEndpoint1, ApiEndpoint2, ApiEndpoint3, ApiEndpoint4, UpdateConsumerCertificate, VersionOfApi) { + + scenario("We test the missing roles errors", UpdateConsumerName, GetConsumer, CreateConsumer, GetConsumers, UpdateConsumerRedirectURL, UpdateConsumerLogoURL, UpdateConsumerCertificate, VersionOfApi) { When("We make a request v5.1.0") lazy val wrongJsonForTesting = SwaggerDefinitionsJSON.routing @@ -112,7 +112,7 @@ class ConsumerTest extends V510ServerSetup { val requestApiEndpoint3= (v5_1_0_Request / "management" / "consumers" / "CONSUMER_ID" / "consumer" / "redirect_url").PUT<@ (user1) val responseApiEndpoint3 = makePutRequest(requestApiEndpoint3, write(wrongJsonForTesting)) - + val requestApiEndpoint4 = (v5_1_0_Request /"management" / "consumers" / "CONSUMER_ID" / "consumer" / "logo_url").PUT<@ (user1) val responseApiEndpoint4 = makePutRequest(requestApiEndpoint4, write(wrongJsonForTesting)) @@ -143,8 +143,8 @@ class ConsumerTest extends V510ServerSetup { responseApiEndpoint5.code should equal(403) responseApiEndpoint5.body.toString contains (s"$canGetConsumers") should be(true) } - - scenario("We added the proper roles, but wrong json", UpdateConsumerName, ApiEndpoint1, ApiEndpoint2, ApiEndpoint3, ApiEndpoint4, VersionOfApi) { + + scenario("We added the proper roles, but wrong json", UpdateConsumerName, CreateConsumer, GetConsumers, UpdateConsumerRedirectURL, UpdateConsumerLogoURL, VersionOfApi) { When("we first grant the missing roles:") Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, canCreateConsumer.toString) Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, canUpdateConsumerLogoUrl.toString) @@ -159,7 +159,7 @@ class ConsumerTest extends V510ServerSetup { val requestApiEndpoint3= (v5_1_0_Request / "management" / "consumers" / "CONSUMER_ID" / "consumer" / "redirect_url").PUT<@ (user1) val responseApiEndpoint3 = makePutRequest(requestApiEndpoint3, write(wrongJsonForTesting)) - + val requestApiEndpoint4 = (v5_1_0_Request /"management" / "consumers" / "CONSUMER_ID" / "consumer" / "logo_url").PUT<@ (user1) val responseApiEndpoint4 = makePutRequest(requestApiEndpoint4, write(wrongJsonForTesting)) @@ -183,9 +183,9 @@ class ConsumerTest extends V510ServerSetup { responseApiUpdateConsumerCertificate.body.toString contains(s"$InvalidJsonFormat") should be (true) } } - + feature(s"test all successful cases") { - scenario("we create, update and get consumers", UpdateConsumerName, GetConsumer, ApiEndpoint1, ApiEndpoint2, ApiEndpoint3, ApiEndpoint4, VersionOfApi) { + scenario("we create, update and get consumers", UpdateConsumerName, GetConsumer, CreateConsumer, GetConsumers, UpdateConsumerRedirectURL, UpdateConsumerLogoURL, VersionOfApi) { When("we first grant the missing roles:") Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, canCreateConsumer.toString) From deef8b5db46dbcd13c0d1cf165f14034a682254b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mili=C4=87?= Date: Mon, 26 May 2025 07:28:26 +0200 Subject: [PATCH 2/8] test/set consent status to 'EXPIRED' when consents reach end of life via background job --- obp-api/src/main/resources/props/sample.props.template | 2 ++ 1 file changed, 2 insertions(+) diff --git a/obp-api/src/main/resources/props/sample.props.template b/obp-api/src/main/resources/props/sample.props.template index 66362085b..f5a5c6a6e 100644 --- a/obp-api/src/main/resources/props/sample.props.template +++ b/obp-api/src/main/resources/props/sample.props.template @@ -179,6 +179,8 @@ jwt.use.ssl=false ## Expire OBP consents with status "ACCEPTED" +## If this props is not set corresponding job is not started +## Unit is a second # obp_expired_consents_interval_in_seconds = From 258df1bbf09cc7871b8a5bf42711b5dbdf5744d3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mili=C4=87?= Date: Mon, 26 May 2025 07:33:31 +0200 Subject: [PATCH 3/8] docfix/Tweak docs for endpoint getConsentInfosByBank --- obp-api/src/main/scala/code/api/v4_0_0/APIMethods400.scala | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/obp-api/src/main/scala/code/api/v4_0_0/APIMethods400.scala b/obp-api/src/main/scala/code/api/v4_0_0/APIMethods400.scala index 01ea36639..a10ac2177 100644 --- a/obp-api/src/main/scala/code/api/v4_0_0/APIMethods400.scala +++ b/obp-api/src/main/scala/code/api/v4_0_0/APIMethods400.scala @@ -8195,10 +8195,10 @@ trait APIMethods400 extends MdcLoggable { nameOf(getConsentInfosByBank), "GET", "/banks/BANK_ID/my/consent-infos", - "Get My Consents Info By Bank", + "Get My Consents Info At Bank", s""" | - |This endpoint gets the Consents that the current User created. + |This endpoint gets the Consents that the current User created at bank. | |${userAuthenticationMessage(true)} | From 88dc790dea43d4182d9be31b4d4b4fd3c0b52c78 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mili=C4=87?= Date: Mon, 26 May 2025 07:40:41 +0200 Subject: [PATCH 4/8] docfix/Modify error messaging with getConsentByConsentIdViaConsumer --- obp-api/src/main/scala/code/api/v5_1_0/APIMethods510.scala | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/obp-api/src/main/scala/code/api/v5_1_0/APIMethods510.scala b/obp-api/src/main/scala/code/api/v5_1_0/APIMethods510.scala index 37c91d520..861cd342a 100644 --- a/obp-api/src/main/scala/code/api/v5_1_0/APIMethods510.scala +++ b/obp-api/src/main/scala/code/api/v5_1_0/APIMethods510.scala @@ -1772,8 +1772,7 @@ trait APIMethods510 { consent <- Future { Consents.consentProvider.vend.getConsentByConsentId(consentId)} map { unboxFullOrFail(_, cc.callContext, ConsentNotFound, 404) } - errorMessage = s" ${consent.mConsumerId.get} != ${cc.consumer.map(_.consumerId.get).getOrElse("None")}" - _ <- Helper.booleanToFuture(failMsg = ConsentNotFound + errorMessage, failCode = 404, cc = cc.callContext) { + _ <- Helper.booleanToFuture(failMsg = ConsentNotFound, failCode = 404, cc = cc.callContext) { consent.mConsumerId.get == cc.consumer.map(_.consumerId.get).getOrElse("None") } } yield { From 4093bc501f1a3ff220edb6f48ca135ed7c4d42b4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mili=C4=87?= Date: Tue, 27 May 2025 17:05:25 +0200 Subject: [PATCH 5/8] docfix/Add more logging to function getRequestHeadersBerlinGroup --- obp-api/src/main/scala/code/api/util/APIUtil.scala | 2 ++ 1 file changed, 2 insertions(+) diff --git a/obp-api/src/main/scala/code/api/util/APIUtil.scala b/obp-api/src/main/scala/code/api/util/APIUtil.scala index 8f2ac4bd6..dd5943572 100644 --- a/obp-api/src/main/scala/code/api/util/APIUtil.scala +++ b/obp-api/src/main/scala/code/api/util/APIUtil.scala @@ -560,6 +560,8 @@ object APIUtil extends MdcLoggable with CustomJsonFormats{ def getRequestHeadersBerlinGroup(callContext: Option[CallContextLight]): CustomResponseHeaders = { val aspspScaApproach = getPropsValue("berlin_group_aspsp_sca_approach", defaultValue = "redirect") + logger.debug(s"ConstantsBG.berlinGroupVersion1.urlPrefix: ${ConstantsBG.berlinGroupVersion1.urlPrefix}") + logger.debug(s"callContext.map(_.url): ${callContext.map(_.url)}") callContext match { case Some(cc) if cc.url.contains(ConstantsBG.berlinGroupVersion1.urlPrefix) && cc.url.endsWith("/consents") => CustomResponseHeaders(List( From c802dd2a88e634e1dbf2dc0baa2d20cb61b3fc88 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mili=C4=87?= Date: Wed, 28 May 2025 09:42:30 +0200 Subject: [PATCH 6/8] feature/Add consumer secret to json response of createConsumer v5.1.0 --- .../code/api/ResourceDocs1_4_0/SwaggerDefinitionsJSON.scala | 1 + obp-api/src/main/scala/code/api/v5_1_0/JSONFactory5.1.0.scala | 2 ++ 2 files changed, 3 insertions(+) diff --git a/obp-api/src/main/scala/code/api/ResourceDocs1_4_0/SwaggerDefinitionsJSON.scala b/obp-api/src/main/scala/code/api/ResourceDocs1_4_0/SwaggerDefinitionsJSON.scala index 49a9728c2..166b4c503 100644 --- a/obp-api/src/main/scala/code/api/ResourceDocs1_4_0/SwaggerDefinitionsJSON.scala +++ b/obp-api/src/main/scala/code/api/ResourceDocs1_4_0/SwaggerDefinitionsJSON.scala @@ -2714,6 +2714,7 @@ object SwaggerDefinitionsJSON { lazy val consumerJsonV510: ConsumerJsonV510 = ConsumerJsonV510( consumer_id = consumerIdExample.value, consumer_key = consumerKeyExample.value, + consumer_secret = consumerSecretExample.value, app_name = appNameExample.value, app_type = appTypeExample.value, description = descriptionExample.value, diff --git a/obp-api/src/main/scala/code/api/v5_1_0/JSONFactory5.1.0.scala b/obp-api/src/main/scala/code/api/v5_1_0/JSONFactory5.1.0.scala index 8d4980bb2..0eb3441ab 100644 --- a/obp-api/src/main/scala/code/api/v5_1_0/JSONFactory5.1.0.scala +++ b/obp-api/src/main/scala/code/api/v5_1_0/JSONFactory5.1.0.scala @@ -445,6 +445,7 @@ case class ConsumerPostJsonV510(app_name: Option[String], ) case class ConsumerJsonV510(consumer_id: String, consumer_key: String, + consumer_secret: String, app_name: String, app_type: String, description: String, @@ -1080,6 +1081,7 @@ object JSONFactory510 extends CustomJsonFormats { ConsumerJsonV510( consumer_id = c.consumerId.get, consumer_key = c.key.get, + consumer_secret = c.secret.get, app_name = c.name.get, app_type = c.appType.toString(), description = c.description.get, From 8ec252dbe3eedfcd341163bed1bf5d0a16f923a0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mili=C4=87?= Date: Wed, 28 May 2025 11:04:42 +0200 Subject: [PATCH 7/8] bugfix/Add consumer by certificate during OAuth 2 authentication --- obp-api/src/main/scala/code/api/util/APIUtil.scala | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/obp-api/src/main/scala/code/api/util/APIUtil.scala b/obp-api/src/main/scala/code/api/util/APIUtil.scala index 16fa9ea36..924093e8e 100644 --- a/obp-api/src/main/scala/code/api/util/APIUtil.scala +++ b/obp-api/src/main/scala/code/api/util/APIUtil.scala @@ -3045,10 +3045,10 @@ object APIUtil extends MdcLoggable with CustomJsonFormats{ } } } else if (hasAnOAuthHeader(cc.authReqHeaderField)) { // OAuth 1 - getUserFromOAuthHeaderFuture(cc) + getUserFromOAuthHeaderFuture(cc.copy(consumer = consumerByCertificate)) } else if (hasAnOAuth2Header(cc.authReqHeaderField)) { // OAuth 2 for { - (user, callContext) <- OAuth2Login.getUserFuture(cc) + (user, callContext) <- OAuth2Login.getUserFuture(cc.copy(consumer = consumerByCertificate)) } yield { (user, callContext) } From 4ed3ba76f9e318854c44ce12ac18ef013979268f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mili=C4=87?= Date: Wed, 28 May 2025 12:41:02 +0200 Subject: [PATCH 8/8] Revert "feature/Add consumer secret to json response of createConsumer v5.1.0" This reverts commit c802dd2a88e634e1dbf2dc0baa2d20cb61b3fc88. --- .../code/api/ResourceDocs1_4_0/SwaggerDefinitionsJSON.scala | 1 - obp-api/src/main/scala/code/api/v5_1_0/JSONFactory5.1.0.scala | 2 -- 2 files changed, 3 deletions(-) diff --git a/obp-api/src/main/scala/code/api/ResourceDocs1_4_0/SwaggerDefinitionsJSON.scala b/obp-api/src/main/scala/code/api/ResourceDocs1_4_0/SwaggerDefinitionsJSON.scala index 166b4c503..49a9728c2 100644 --- a/obp-api/src/main/scala/code/api/ResourceDocs1_4_0/SwaggerDefinitionsJSON.scala +++ b/obp-api/src/main/scala/code/api/ResourceDocs1_4_0/SwaggerDefinitionsJSON.scala @@ -2714,7 +2714,6 @@ object SwaggerDefinitionsJSON { lazy val consumerJsonV510: ConsumerJsonV510 = ConsumerJsonV510( consumer_id = consumerIdExample.value, consumer_key = consumerKeyExample.value, - consumer_secret = consumerSecretExample.value, app_name = appNameExample.value, app_type = appTypeExample.value, description = descriptionExample.value, diff --git a/obp-api/src/main/scala/code/api/v5_1_0/JSONFactory5.1.0.scala b/obp-api/src/main/scala/code/api/v5_1_0/JSONFactory5.1.0.scala index 0eb3441ab..8d4980bb2 100644 --- a/obp-api/src/main/scala/code/api/v5_1_0/JSONFactory5.1.0.scala +++ b/obp-api/src/main/scala/code/api/v5_1_0/JSONFactory5.1.0.scala @@ -445,7 +445,6 @@ case class ConsumerPostJsonV510(app_name: Option[String], ) case class ConsumerJsonV510(consumer_id: String, consumer_key: String, - consumer_secret: String, app_name: String, app_type: String, description: String, @@ -1081,7 +1080,6 @@ object JSONFactory510 extends CustomJsonFormats { ConsumerJsonV510( consumer_id = c.consumerId.get, consumer_key = c.key.get, - consumer_secret = c.secret.get, app_name = c.name.get, app_type = c.appType.toString(), description = c.description.get,