mirror of
https://github.com/OpenBankProject/OBP-API.git
synced 2026-02-06 15:27:01 +00:00
test/Fix ConsentTest and ConsentObpTest failures
This commit is contained in:
Marko Milić
parent
f9f932ea31
commit
e6ce527569
@ -3542,11 +3542,11 @@ trait APIMethods310 {
|
||||
}
|
||||
)
|
||||
}
|
||||
(consumerId, applicationText) <- consentJson.consumer_id match {
|
||||
(consumerId, applicationText, consumer) <- consentJson.consumer_id match {
|
||||
case Some(id) => NewStyle.function.checkConsumerByConsumerId(id, callContext) map {
|
||||
c => (Some(c.consumerId.get), c.description)
|
||||
c => (Some(c.consumerId.get), c.description, Some(c))
|
||||
}
|
||||
case None => Future(None, "Any application")
|
||||
case None => Future(None, "Any application", None)
|
||||
}
|
||||
|
||||
|
||||
@ -3554,7 +3554,7 @@ trait APIMethods310 {
|
||||
case Props.RunModes.Test => Consent.challengeAnswerAtTestEnvironment
|
||||
case _ => SecureRandomUtil.numeric()
|
||||
}
|
||||
createdConsent <- Future(Consents.consentProvider.vend.createObpConsent(user, challengeAnswer, None)) map {
|
||||
createdConsent <- Future(Consents.consentProvider.vend.createObpConsent(user, challengeAnswer, None, consumer)) map {
|
||||
i => connectorEmptyResponse(i, callContext)
|
||||
}
|
||||
consentJWT =
|
||||
|
||||
@ -2161,8 +2161,7 @@ trait APIMethods510 {
|
||||
consentJson,
|
||||
createdConsent.secret,
|
||||
createdConsent.consentId,
|
||||
consumerFromRequestBody.map(_.consumerId.get)
|
||||
.orElse(cc.consumer.map(_.consumerId.get)), // Consumer from current call
|
||||
consumerFromRequestBody.map(_.consumerId.get),
|
||||
consentJson.valid_from,
|
||||
consentJson.time_to_live.getOrElse(3600),
|
||||
None,
|
||||
|
||||
@ -57,6 +57,8 @@ class ConsentTest extends V310ServerSetup {
|
||||
object VersionOfApi2 extends Tag(ApiVersion.v3_0_0.toString)
|
||||
object ApiEndpoint3 extends Tag(nameOf(APIMethods300.Implementations3_0_0.getUserByUserId))
|
||||
|
||||
val validHeaderConsumerKey = List((RequestHeader.`Consumer-Key`, user1.map(_._1.key).getOrElse("SHOULD_NOT_HAPPEN")))
|
||||
|
||||
lazy val bankId = randomBankId
|
||||
lazy val bankAccount = randomPrivateAccount(bankId)
|
||||
lazy val entitlements = List(PostConsentEntitlementJsonV310("", CanGetAnyUser.toString()))
|
||||
@ -140,7 +142,7 @@ class ConsentTest extends V310ServerSetup {
|
||||
// Create a consent as the user1.
|
||||
// Must fail because we try to assign a role other that user already have access to the request
|
||||
val request400 = (v3_1_0_Request / "banks" / bankId / "my" / "consents" / "EMAIL").POST <@ (user1)
|
||||
val response400 = makePostRequest(request400, write(postConsentEmailJsonV310))
|
||||
val response400 = makePostRequest(request400, write(postConsentEmailJsonV310), validHeaderConsumerKey)
|
||||
Then("We should get a 400")
|
||||
response400.code should equal(400)
|
||||
response400.body.extract[ErrorMessage].message should equal(RolesAllowedInConsent)
|
||||
@ -148,7 +150,7 @@ class ConsentTest extends V310ServerSetup {
|
||||
Then("We grant the role and test it again")
|
||||
Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, CanGetAnyUser.toString)
|
||||
// Create a consent as the user1. The consent is in status INITIATED
|
||||
val secondResponse400 = makePostRequest(request400, write(postConsentEmailJsonV310))
|
||||
val secondResponse400 = makePostRequest(request400, write(postConsentEmailJsonV310), validHeaderConsumerKey)
|
||||
Then("We should get a 201")
|
||||
secondResponse400.code should equal(201)
|
||||
|
||||
@ -158,7 +160,7 @@ class ConsentTest extends V310ServerSetup {
|
||||
|
||||
// Make a request with the consent which is NOT in status ACCEPTED
|
||||
val requestGetUserByUserId400 = (v3_1_0_Request / "users" / "current").GET
|
||||
val responseGetUserByUserId400 = makeGetRequest(requestGetUserByUserId400, header)
|
||||
val responseGetUserByUserId400 = makeGetRequest(requestGetUserByUserId400, header ::: validHeaderConsumerKey)
|
||||
APIUtil.getPropsAsBoolValue(nameOfProperty = "consents.allowed", defaultValue = false) match {
|
||||
case true =>
|
||||
// Due to the wrong status of the consent the request must fail
|
||||
@ -175,16 +177,15 @@ class ConsentTest extends V310ServerSetup {
|
||||
// Make a request WITHOUT the request header "Consumer-Key: SOME_VALUE"
|
||||
// Due to missing value the request must fail
|
||||
makeGetRequest(requestGetUserByUserId400, header)
|
||||
.body.extract[ErrorMessage].message should include(ConsumerKeyHeaderMissing)
|
||||
.body.extract[ErrorMessage].message should include(ConsentNotFound)
|
||||
|
||||
// Make a request WITH the request header "Consumer-Key: NON_EXISTING_VALUE"
|
||||
// Due to non existing value the request must fail
|
||||
val headerConsumerKey = List((RequestHeader.`Consumer-Key`, "NON_EXISTING_VALUE"))
|
||||
makeGetRequest(requestGetUserByUserId400, header ::: headerConsumerKey)
|
||||
.body.extract[ErrorMessage].message should include(ConsentDoesNotMatchConsumer)
|
||||
.body.extract[ErrorMessage].message should include(ConsentNotFound)
|
||||
|
||||
// Make a request WITH the request header "Consumer-Key: EXISTING_VALUE"
|
||||
val validHeaderConsumerKey = List((RequestHeader.`Consumer-Key`, user1.map(_._1.key).getOrElse("SHOULD_NOT_HAPPEN")))
|
||||
val response = makeGetRequest((v3_1_0_Request / "users" / "current").GET, header ::: validHeaderConsumerKey)
|
||||
val user = response.body.extract[UserJsonV300]
|
||||
val assignedEntitlements: Seq[PostConsentEntitlementJsonV310] = user.entitlements.list.flatMap(
|
||||
@ -237,7 +238,7 @@ class ConsentTest extends V310ServerSetup {
|
||||
|
||||
// Make a request with the consent which is NOT in status ACCEPTED
|
||||
val requestGetUserByUserId400 = (v3_1_0_Request / "users" / "current").GET
|
||||
val responseGetUserByUserId400 = makeGetRequest(requestGetUserByUserId400, header)
|
||||
val responseGetUserByUserId400 = makeGetRequest(requestGetUserByUserId400, header ::: validHeaderConsumerKey)
|
||||
APIUtil.getPropsAsBoolValue(nameOfProperty = "consents.allowed", defaultValue = false) match {
|
||||
case true =>
|
||||
// Due to the wrong status of the consent the request must fail
|
||||
@ -254,13 +255,13 @@ class ConsentTest extends V310ServerSetup {
|
||||
// Make a request WITHOUT the request header "Consumer-Key: SOME_VALUE"
|
||||
// Due to missing value the request must fail
|
||||
makeGetRequest(requestGetUserByUserId400, header)
|
||||
.body.extract[ErrorMessage].message should include(ConsumerKeyHeaderMissing)
|
||||
.body.extract[ErrorMessage].message should include(ConsentNotFound)
|
||||
|
||||
// Make a request WITH the request header "Consumer-Key: NON_EXISTING_VALUE"
|
||||
// Due to non existing value the request must fail
|
||||
val headerConsumerKey = List((RequestHeader.`Consumer-Key`, "NON_EXISTING_VALUE"))
|
||||
makeGetRequest(requestGetUserByUserId400, header ::: headerConsumerKey)
|
||||
.body.extract[ErrorMessage].message should include(ConsentDoesNotMatchConsumer)
|
||||
.body.extract[ErrorMessage].message should include(ConsentNotFound)
|
||||
|
||||
// Make a request WITH the request header "Consumer-Key: EXISTING_VALUE"
|
||||
val validHeaderConsumerKey = List((RequestHeader.`Consumer-Key`, user1.map(_._1.key).getOrElse("SHOULD_NOT_HAPPEN")))
|
||||
|
||||
@ -58,17 +58,19 @@ class ConsentObpTest extends V510ServerSetup {
|
||||
object VersionOfApi2 extends Tag(ApiVersion.v3_0_0.toString)
|
||||
object GetUserByUserId extends Tag(nameOf(APIMethods300.Implementations3_0_0.getUserByUserId))
|
||||
|
||||
val validHeaderConsumerKey = List((RequestHeader.`Consumer-Key`, user1.map(_._1.key).getOrElse("SHOULD_NOT_HAPPEN")))
|
||||
|
||||
lazy val bankId = randomBankId
|
||||
lazy val bankAccount = randomPrivateAccount(bankId)
|
||||
lazy val entitlements = List(PostConsentEntitlementJsonV310("", CanGetAnyUser.toString()))
|
||||
lazy val views = List(PostConsentViewJsonV310(bankId, bankAccount.id, Constant.SYSTEM_OWNER_VIEW_ID))
|
||||
lazy val postConsentEmailJsonV310 = SwaggerDefinitionsJSON.postConsentEmailJsonV310
|
||||
.copy(entitlements=entitlements)
|
||||
.copy(consumer_id=None)
|
||||
.copy(consumer_id=Some(testConsumer.consumerId.get))
|
||||
.copy(views=views)
|
||||
lazy val postConsentImplicitJsonV310 = SwaggerDefinitionsJSON.postConsentImplicitJsonV310
|
||||
.copy(entitlements=entitlements)
|
||||
.copy(consumer_id=None)
|
||||
.copy(consumer_id=Some(testConsumer.consumerId.get))
|
||||
.copy(views=views)
|
||||
|
||||
val maxTimeToLive = APIUtil.getPropsAsIntValue(nameOfProperty="consents.max_time_to_live", defaultValue=3600)
|
||||
@ -111,7 +113,7 @@ class ConsentObpTest extends V510ServerSetup {
|
||||
// Create a consent as the user1.
|
||||
// Must fail because we try to assign a role other that user already have access to the request
|
||||
val request = (v5_1_0_Request / "my" / "consents" / "IMPLICIT").POST <@ (user1)
|
||||
val response = makePostRequest(request, write(postConsentImplicitJsonV310))
|
||||
val response = makePostRequest(request, write(postConsentImplicitJsonV310), validHeaderConsumerKey)
|
||||
Then("We should get a 400")
|
||||
response.code should equal(400)
|
||||
response.body.extract[ErrorMessage].message should equal(RolesAllowedInConsent)
|
||||
@ -119,7 +121,7 @@ class ConsentObpTest extends V510ServerSetup {
|
||||
Then("We grant the role and test it again")
|
||||
Entitlement.entitlement.vend.addEntitlement("", resourceUser1.userId, CanGetAnyUser.toString)
|
||||
// Create a consent as the user1. The consent is in status INITIATED
|
||||
val secondResponse = makePostRequest(request, write(postConsentImplicitJsonV310))
|
||||
val secondResponse = makePostRequest(request, write(postConsentImplicitJsonV310), validHeaderConsumerKey)
|
||||
Then("We should get a 201")
|
||||
secondResponse.code should equal(201)
|
||||
|
||||
@ -129,7 +131,7 @@ class ConsentObpTest extends V510ServerSetup {
|
||||
|
||||
// Make a request with the consent which is NOT in status ACCEPTED
|
||||
val requestGetUserByUserId = (v5_1_0_Request / "users" / "current").GET
|
||||
val responseGetUserByUserId = makeGetRequest(requestGetUserByUserId, header)
|
||||
val responseGetUserByUserId = makeGetRequest(requestGetUserByUserId, header ::: validHeaderConsumerKey)
|
||||
APIUtil.getPropsAsBoolValue(nameOfProperty = "consents.allowed", defaultValue = false) match {
|
||||
case true =>
|
||||
// Due to the wrong status of the consent the request must fail
|
||||
@ -146,16 +148,15 @@ class ConsentObpTest extends V510ServerSetup {
|
||||
// Make a request WITHOUT the request header "Consumer-Key: SOME_VALUE"
|
||||
// Due to missing value the request must fail
|
||||
makeGetRequest(requestGetUserByUserId, header)
|
||||
.body.extract[ErrorMessage].message should include(ConsumerKeyHeaderMissing)
|
||||
.body.extract[ErrorMessage].message should include(ConsentNotFound)
|
||||
|
||||
// Make a request WITH the request header "Consumer-Key: NON_EXISTING_VALUE"
|
||||
// Due to non existing value the request must fail
|
||||
val headerConsumerKey = List((RequestHeader.`Consumer-Key`, "NON_EXISTING_VALUE"))
|
||||
makeGetRequest(requestGetUserByUserId, header ::: headerConsumerKey)
|
||||
.body.extract[ErrorMessage].message should include(ConsentDoesNotMatchConsumer)
|
||||
.body.extract[ErrorMessage].message should include(ConsentNotFound)
|
||||
|
||||
// Make a request WITH the request header "Consumer-Key: EXISTING_VALUE"
|
||||
val validHeaderConsumerKey = List((RequestHeader.`Consumer-Key`, user1.map(_._1.key).getOrElse("SHOULD_NOT_HAPPEN")))
|
||||
val response2 = makeGetRequest((v5_1_0_Request / "users" / "current").GET, header ::: validHeaderConsumerKey)
|
||||
val user = response2.body.extract[UserJsonV300]
|
||||
val assignedEntitlements: Seq[PostConsentEntitlementJsonV310] = user.entitlements.list.flatMap(
|
||||
|
||||
Loading…
Reference in New Issue
Block a user