artin/OBP-API
1
0
Fork 0
mirror of https://github.com/OpenBankProject/OBP-API.git synced 2026-02-06 18:46:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

merge berlinGroupV1.3.1 to V1.3, remove V1.3.1

Browse Source
This commit is contained in:
hongwei 2019-07-05 12:06:57 +02:00
parent b038746722
commit edebf650ab
12 changed files with 152 additions and 5224 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

205
obp-api/src/main/scala/code/api/berlin/group/v1_3/AccountInformationServiceAISApi.scala
View File

@ -788,16 +788,17 @@ This method returns the SCA status of a consent initiation's authorisation sub-r
getTransactionDetails,
apiVersion,
nameOf(getTransactionDetails),
"GET",
"/accounts/ACCOUNT_ID/transactions/RESOURCEID",
"GET",
"/accounts/ACCOUNT_ID/transactions/TRANSACTIONID",
"Read Transaction Details",
s"""${mockedDataText(true)}
Reads transaction details from a given transaction addressed by "resourceId" on a given account addressed by "account-id".
This call is only available on transactions as reported in a JSON format.
Reads transaction details from a given transaction addressed by "transactionId" on a given account addressed
by "account-id". This call is only available on transactions as reported in a JSON format.
**Remark:** Please note that the PATH might be already given in detail by the corresponding entry of the response
of the "Read Transaction List" call within the _links subfield.
**Remark:** Please note that the PATH might be already given in detail by the corresponding entry of the response of the
"Read Transaction List" call within the _links subfield.
""",
""",
json.parse(""""""),
json.parse("""{
"debtorAccount" : {
@ -819,8 +820,8 @@ This call is only available on transactions as reported in a JSON format.
"valueDate" : "2000-01-23",
"endToEndId" : "endToEndId",
"transactionId" : "transactionId",
"currencyExchange" : "",
"ultimateDebtor" : "Ultimate Debtor",
"exchangeRate" : "",
"creditorAccount" : {
"bban" : "BARC12345612345678",
"maskedPan" : "123456xxxxxx1234",
@ -837,7 +838,7 @@ This call is only available on transactions as reported in a JSON format.
},
"proprietaryBankTransactionCode" : { },
"bookingDate" : { },
"remittanceInformationUnstructured" : "remittanceInformationUnstructured",
"remittanceInformationUnstructured" : "Ref Number Merchant",
"checkId" : "checkId",
"creditorId" : "creditorId",
"entryReference" : "entryReference"
@ -848,7 +849,7 @@ This call is only available on transactions as reported in a JSON format.
)
lazy val getTransactionDetails : OBPEndpoint = {
case "accounts" :: account_id:: "transactions" :: resourceid :: Nil JsonGet _ => {
case "accounts" :: account_id:: "transactions" :: transactionid :: Nil JsonGet _ => {
cc =>
for {
(Full(u), callContext) <- authorizedAccess(cc)
@ -873,8 +874,8 @@ This call is only available on transactions as reported in a JSON format.
"valueDate" : "2000-01-23",
"endToEndId" : "endToEndId",
"transactionId" : "transactionId",
"currencyExchange" : "",
"ultimateDebtor" : "Ultimate Debtor",
"exchangeRate" : "",
"creditorAccount" : {
"bban" : "BARC12345612345678",
"maskedPan" : "123456xxxxxx1234",
@ -891,7 +892,7 @@ This call is only available on transactions as reported in a JSON format.
},
"proprietaryBankTransactionCode" : { },
"bookingDate" : { },
"remittanceInformationUnstructured" : "remittanceInformationUnstructured",
"remittanceInformationUnstructured" : "Ref Number Merchant",
"checkId" : "checkId",
"creditorId" : "creditorId",
"entryReference" : "entryReference"
@ -899,7 +900,7 @@ This call is only available on transactions as reported in a JSON format.
}
}
}
resourceDocs += ResourceDoc(
getTransactionList,
apiVersion,
@ -907,12 +908,13 @@ This call is only available on transactions as reported in a JSON format.
"GET",
"/accounts/ACCOUNT_ID/transactions",
"Read transaction list of an account",
s"""${mockedDataText(false)}
Read transaction reports or transaction lists of a given account ddressed by "account-id", depending on the steering parameter "bookingStatus" together with balances.
s"""${mockedDataText(true)}
Read transaction reports or transaction lists of a given account ddressed by "account-id",
depending on the steering parameter "bookingStatus" together with balances.
For a given account, additional parameters are e.g. the attributes "dateFrom" and "dateTo".
The ASPSP might add balance information, if transaction lists without balances are not supported.
For a given account, additional parameters are e.g. the attributes "dateFrom" and "dateTo".
The ASPSP might add balance information, if transaction lists without balances are not supported.
""",
""",
json.parse(""""""),
json.parse("""{
"account": {
@ -1020,19 +1022,14 @@ The ASPSP might add balance information, if transaction lists without balances a
"/accounts/ACCOUNT_ID",
"Read Account Details",
s"""${mockedDataText(true)}
Reads details about an account, with balances where required.
It is assumed that a consent of the PSU to
this access is already given and stored on the ASPSP system.
The addressed details of this account depends then on the stored consent addressed by consentId,
respectively the OAuth2 access token.
Reads details about an account, with balances where required.
It is assumed that a consent of the PSU to this access is already given and stored on the ASPSP system.
The addressed details of this account depends then on the stored consent addressed by consentId,
respectively the OAuth2 access token. **NOTE:** The account-id can represent a multicurrency account.
In this case the currency code is set to "XXX". Give detailed information about the addressed account.
Give detailed information about the addressed account together with balance information
**NOTE:** The account-id can represent a multicurrency account.
In this case the currency code is set to "XXX".
Give detailed information about the addressed account.
Give detailed information about the addressed account together with balance information
""",
""",
json.parse(""""""),
json.parse("""{
"cashAccountType" : { },
@ -1097,12 +1094,12 @@ Give detailed information about the addressed account together with balance info
"/card-accounts/ACCOUNT_ID",
"Reads details about a card account",
s"""${mockedDataText(true)}
Reads details about a card account.
It is assumed that a consent of the PSU to this access is already given
and stored on the ASPSP system. The addressed details of this account depends
then on the stored consent addressed by consentId, respectively the OAuth2
access token.
""",
Reads details about a card account.
It is assumed that a consent of the PSU to this access is already given and stored on the ASPSP system.
The addressed details of this account depends then on the stored consent addressed by consentId,
respectively the OAuth2 access token.
""",
json.parse(""""""),
json.parse("""{
"balances" : "",
@ -1156,7 +1153,7 @@ access token.
}
}
}
resourceDocs += ResourceDoc(
startConsentAuthorisation,
apiVersion,
@ -1164,39 +1161,34 @@ access token.
"POST",
"/consents/CONSENTID/authorisations",
"Start the authorisation process for a consent",
s"""${mockedDataText(false)}
Create an authorisation sub-resource and start the authorisation process of a consent.
The message might in addition transmit authentication and authorisation related data.
s"""${mockedDataText(true)}
Create an authorisation sub-resource and start the authorisation process of a consent.
The message might in addition transmit authentication and authorisation related data.
his method is iterated n times for a n times SCA authorisation in a corporate context,
each creating an own authorisation sub-endpoint for the corresponding PSU authorising the consent.
The ASPSP might make the usage of this access method unnecessary, since the related authorisation
resource will be automatically created by the ASPSP after the submission of the consent data with the
first POST consents call. The start authorisation process is a process which is needed for creating
a new authorisation or cancellation sub-resource.
This applies in the following scenarios: * The ASPSP has indicated with an 'startAuthorisation' hyperlink
in the preceding Payment Initiation Response that an explicit start of the authorisation process is needed by the TPP.
The 'startAuthorisation' hyperlink can transport more information about data which needs to be uploaded by using
the extended forms.
* 'startAuthorisationWithPsuIdentfication',
* 'startAuthorisationWithPsuAuthentication'
* 'startAuthorisationWithEncryptedPsuAuthentication'
* 'startAuthorisationWithAuthentciationMethodSelection'
* The related payment initiation cannot yet be executed since a multilevel SCA is mandated.
* The ASPSP has indicated with an 'startAuthorisation' hyperlink in the preceding Payment Cancellation
Response that an explicit start of the authorisation process is needed by the TPP.
The 'startAuthorisation' hyperlink can transport more information about data which needs to be uploaded by
using the extended forms as indicated above.
* The related payment cancellation request cannot be applied yet since a multilevel SCA is mandate for executing the cancellation.
* The signing basket needs to be authorised yet.
his method is iterated n times for a n times SCA authorisation in a
corporate context, each creating an own authorisation sub-endpoint for
the corresponding PSU authorising the consent.
The ASPSP might make the usage of this access method unnecessary,
since the related authorisation resource will be automatically created by
the ASPSP after the submission of the consent data with the first POST consents call.
The start authorisation process is a process which is needed for creating a new authorisation
or cancellation sub-resource.
This applies in the following scenarios:
* The ASPSP has indicated with an 'startAuthorisation' hyperlink in the preceeding Payment
Initiation Response that an explicit start of the authorisation process is needed by the TPP.
The 'startAuthorisation' hyperlink can transport more information about data which needs to be
uploaded by using the extended forms.
* 'startAuthorisationWithPsuIdentfication',
* 'startAuthorisationWithPsuAuthentication' #TODO
* 'startAuthorisationWithAuthentciationMethodSelection'
* The related payment initiation cannot yet be executed since a multilevel SCA is mandated.
* The ASPSP has indicated with an 'startAuthorisation' hyperlink in the preceeding
Payment Cancellation Response that an explicit start of the authorisation process is needed by the TPP.
The 'startAuthorisation' hyperlink can transport more information about data which needs to be uploaded
by using the extended forms as indicated above.
* The related payment cancellation request cannot be applied yet since a multilevel SCA is mandate for
executing the cancellation.
* The signing basket needs to be authorised yet.
""",
""",
json.parse(""""""),
json.parse("""{
"scaStatus": "received",
@ -1243,55 +1235,34 @@ This applies in the following scenarios:
"PUT",
"/consents/CONSENTID/authorisations/AUTHORISATIONID",
"Update PSU Data for consents",
s"""${mockedDataText(false)}
This method update PSU data on the consents resource if needed.
It may authorise a consent within the Embedded SCA Approach where needed.
s"""${mockedDataText(true)}
This method update PSU data on the consents resource if needed. It may authorise a consent within the Embedded
SCA Approach where needed. Independently from the SCA Approach it supports
e.g. the selection of the authentication method and a non-SCA PSU authentication.
This methods updates PSU data on the cancellation authorisation resource if needed.
There are several possible Update PSU Data requests in the context of a consent request if needed,
which depends on the SCA approach: * Redirect SCA Approach: A specific Update PSU Data Request is applicable
for
* the selection of authentication methods, before choosing the actual SCA approach.
* Decoupled SCA Approach: A specific Update PSU Data Request is only applicable for
* adding the PSU Identification, if not provided yet in the Payment Initiation Request or the Account Information Consent Request,
or if no OAuth2 access token is used, or
* the selection of authentication methods.
* Embedded SCA Approach: The Update PSU Data Request might be used
* to add credentials as a first factor authentication data of the PSU and
* to select the authentication method and
* transaction authorisation.
The SCA Approach might depend on the chosen SCA method. For that reason,
the following possible Update PSU Data request can apply to all SCA approaches:
* Select an SCA method in case of several SCA methods are available for the customer. There are the following request types on this access path:
* Update PSU Identification * Update PSU Authentication
* Select PSU Autorization Method WARNING: This method need a reduced header, therefore many optional elements are not present.
Maybe in a later version the access path will change.
* Transaction Authorisation WARNING: This method need a reduced header, therefore many optional elements are not present.
Maybe in a later version the access path will change.
Independently from the SCA Approach it supports e.g. the selection of
the authentication method and a non-SCA PSU authentication.
This methods updates PSU data on the cancellation authorisation resource if needed.
There are several possible Update PSU Data requests in the context of a consent request if needed,
which depends on the SCA approach:
* Redirect SCA Approach:
A specific Update PSU Data Request is applicable for
* the selection of authentication methods, before choosing the actual SCA approach.
* Decoupled SCA Approach:
A specific Update PSU Data Request is only applicable for
* adding the PSU Identification, if not provided yet in the Payment Initiation Request or the Account Information Consent Request, or if no OAuth2 access token is used, or
* the selection of authentication methods.
* Embedded SCA Approach:
The Update PSU Data Request might be used
* to add credentials as a first factor authentication data of the PSU and
* to select the authentication method and
* transaction authorisation.
The SCA Approach might depend on the chosen SCA method.
For that reason, the following possible Update PSU Data request can apply to all SCA approaches:
* Select an SCA method in case of several SCA methods are available for the customer.
There are the following request types on this access path:
* Update PSU Identification
* Update PSU Authentication
* Select PSU Autorization Method
WARNING: This method need a reduced header,
therefore many optional elements are not present.
Maybe in a later version the access path will change.
* Transaction Authorisation
WARNING: This method need a reduced header,
therefore many optional elements are not present.
Maybe in a later version the access path will change.
""",
json.parse("""{
"access": {"accounts": []},
"recurringIndicator": false,
"validUntil": "2020-12-31",
"frequencyPerDay": 4,
"combinedServiceIndicator": false
}"""),
""",
json.parse(""""""),
json.parse(""""""""),
List(UserNotLoggedIn, UnknownError),
Catalogs(notCore, notPSD2, notOBWG),

1026
obp-api/src/main/scala/code/api/berlin/group/v1_3/CommonServicesApi.scala
View File

File diff suppressed because it is too large Load Diff

8
obp-api/src/main/scala/code/api/berlin/group/v1_3/ConfirmationOfFundsServicePIISApi.scala
View File

@ -42,9 +42,11 @@ object APIMethods_ConfirmationOfFundsServicePIISApi extends RestHelper {
"POST",
"/funds-confirmations",
"Confirmation of Funds Request",
s"""
Creates a confirmation of funds request at the ASPSP. Checks whether a specific amount is available at point of
time of the request on an account linked to a given tuple card issuer(TPP)/card number, or addressed by IBAN and TPP respectively""",
s""" ${mockedDataText(false)}
Creates a confirmation of funds request at the ASPSP. Checks whether a specific amount is available at point
of time of the request on an account linked to a given tuple card issuer(TPP)/card number, or addressed by
IBAN and TPP respectively. If the related extended services are used a conditional Consent-ID is contained
in the header. This field is contained but commented out in this specification. """,
json.parse(
"""{
"instructedAmount" : {

8
obp-api/src/main/scala/code/api/berlin/group/v1_3/OBP_BERLIN_GROUP_1_3.scala
View File

@ -63,10 +63,10 @@ object OBP_BERLIN_GROUP_1_3 extends OBPRestHelper with MdcLoggable with ScannedA
override val allResourceDocs: ArrayBuffer[ResourceDoc] =
APIMethods_AccountInformationServiceAISApi.resourceDocs ++
APIMethods_ConfirmationOfFundsServicePIISApi.resourceDocs ++
APIMethods_PaymentInitiationServicePISApi.resourceDocs ++
APIMethods_SigningBasketsApi.resourceDocs ++
APIMethods_CommonServicesApi.resourceDocs
APIMethods_ConfirmationOfFundsServicePIISApi.resourceDocs ++
APIMethods_PaymentInitiationServicePISApi.resourceDocs ++
APIMethods_SigningBasketsApi.resourceDocs ++
APIMethods_CommonServicesApi.resourceDocs
private[this] def findResourceDoc(pf: OBPEndpoint): Option[ResourceDoc] = {
allResourceDocs.find(_.partialFunction==pf)

23
obp-api/src/main/scala/code/api/berlin/group/v1_3/PaymentInitiationServicePISApi.scala
View File

@ -62,19 +62,16 @@ object APIMethods_PaymentInitiationServicePISApi extends RestHelper {
"/PAYMENT_SERVICE/PAYMENT_PRODUCT/PAYMENTID",
"Payment Cancellation Request",
s"""${mockedDataText(true)}
This method initiates the cancellation of a payment.
Depending on the payment-service, the payment-product and the ASPSP's implementation,
this TPP call might be sufficient to cancel a payment.
If an authorisation of the payment cancellation is mandated by the ASPSP,
a corresponding hyperlink will be contained in the response message.
This method initiates the cancellation of a payment. Depending on the payment-service, the payment-product
and the ASPSP's implementation, this TPP call might be sufficient to cancel a payment. If an authorisation
of the payment cancellation is mandated by the ASPSP, a corresponding hyperlink will be contained in the
response message. Cancels the addressed payment with resource identification paymentId if applicable to the
payment-service, payment-product and received in product related timelines (e.g. before end of business day
for scheduled payments of the last business day before the scheduled execution day). The response to this
DELETE command will tell the TPP whether the * access method was rejected * access method was successful,
or * access method is generally applicable, but further authorisation processes are needed.
Cancels the addressed payment with resource identification paymentId if applicable to the payment-service, payment-product and received in product related timelines (e.g. before end of business day for scheduled payments of the last business day before the scheduled execution day).
The response to this DELETE command will tell the TPP whether the
* access method was rejected
* access method was successful, or
* access method is generally applicable, but further authorisation processes are needed.
""",
""",
json.parse(""""""),
json.parse("""{
"challengeData" : {
@ -83,7 +80,7 @@ The response to this DELETE command will tell the TPP whether the
"image" : "image",
"imageLink" : "http://example.com/aeiou",
"otpFormat" : "characters",
"data" : "data"
"data" : [ "data", "data" ]
},
"scaMethods" : "",
"_links" : {

2
obp-api/src/main/scala/code/api/berlin/group/v1_3/SigningBasketsApi.scala
View File

@ -63,7 +63,7 @@ The resource identifications of these transactions are contained in the payload
"image" : "image",
"imageLink" : "http://example.com/aeiou",
"otpFormat" : "characters",
"data" : "data"
"data" : [ "data", "data" ]
},
"scaMethods" : "",
"tppMessages" : [ {

1446
obp-api/src/main/scala/code/api/berlin/group/v1_3_1/AccountInformationServiceAISApi.scala
View File

File diff suppressed because it is too large Load Diff

1055
obp-api/src/main/scala/code/api/berlin/group/v1_3_1/CommonServicesApi.scala
View File

File diff suppressed because it is too large Load Diff

76
obp-api/src/main/scala/code/api/berlin/group/v1_3_1/ConfirmationOfFundsServicePIISApi.scala
View File

@ -1,76 +0,0 @@
package code.api.berlin.group.v1_3_1
import code.api.APIFailureNewStyle
import code.api.berlin.group.v1_3.JvalueCaseClass
import net.liftweb.json
import net.liftweb.json._
import code.api.util.APIUtil.{defaultBankId, _}
import code.api.util.{ApiVersion, NewStyle}
import code.api.util.ErrorMessages._
import code.api.util.ApiTag._
import code.api.util.NewStyle.HttpCode
import code.bankconnectors.Connector
import code.model._
import code.util.Helper
import code.views.Views
import net.liftweb.common.Full
import net.liftweb.http.rest.RestHelper
import com.github.dwickern.macros.NameOf.nameOf
import scala.collection.immutable.Nil
import scala.collection.mutable.ArrayBuffer
import scala.concurrent.ExecutionContext.Implicits.global
import scala.concurrent.Future
import code.api.berlin.group.v1_3_1.JSONFactory_BERLIN_GROUP_1_3_3
import code.api.util.ApiTag
object APIMethods_ConfirmationOfFundsServicePIISApi extends RestHelper {
val apiVersion = JSONFactory_BERLIN_GROUP_1_3_3.apiVersion
val resourceDocs = ArrayBuffer[ResourceDoc]()
val apiRelations = ArrayBuffer[ApiRelation]()
protected implicit def JvalueToSuper(what: JValue): JvalueCaseClass = JvalueCaseClass(what)
val endpoints =
checkAvailabilityOfFunds ::
Nil
resourceDocs += ResourceDoc(
checkAvailabilityOfFunds,
apiVersion,
nameOf(checkAvailabilityOfFunds),
"POST",
"/funds-confirmations",
"Confirmation of Funds Request",
s"""${mockedDataText(true)}
Creates a confirmation of funds request at the ASPSP. Checks whether a specific amount is available at point
of time of the request on an account linked to a given tuple card issuer(TPP)/card number, or addressed by
IBAN and TPP respectively. If the related extended services are used a conditional Consent-ID is contained
in the header. This field is contained but commented out in this specification.
""",
json.parse(""""""),
json.parse("""{
"fundsAvailable" : { }
}"""),
List(UserNotLoggedIn, UnknownError),
Catalogs(notCore, notPSD2, notOBWG),
ApiTag("Confirmation of Funds Service (PIIS)") :: apiTagMockedData :: Nil
)
lazy val checkAvailabilityOfFunds : OBPEndpoint = {
case "funds-confirmations" :: Nil JsonPost _ => {
cc =>
for {
(Full(u), callContext) <- authorizedAccess(cc, UserNotLoggedIn)
} yield {
(json.parse("""{
"fundsAvailable" : { }
}"""), callContext)
}
}
}
}

85
obp-api/src/main/scala/code/api/berlin/group/v1_3_1/JSONFactory_BERLIN_GROUP_1_3_3.scala
View File

@ -1,85 +0,0 @@
/**
* Open Bank Project - API
* Copyright (C) 2011-2018, TESOBE Ltd
**
*This program is free software: you can redistribute it and/or modify
*it under the terms of the GNU Affero General Public License as published by
*the Free Software Foundation, either version 3 of the License, or
*(at your option) any later version.
**
*This program is distributed in the hope that it will be useful,
*but WITHOUT ANY WARRANTY; without even the implied warranty of
*MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
*GNU Affero General Public License for more details.
**
*You should have received a copy of the GNU Affero General Public License
*along with this program. If not, see <http://www.gnu.org/licenses/>.
**
*Email: contact@tesobe.com
*TESOBE Ltd
*Osloerstrasse 16/17
*Berlin 13359, Germany
**
*This product includes software developed at
*TESOBE (http://www.tesobe.com/)
* by
*Simon Redfern : simon AT tesobe DOT com
*Stefan Bethge : stefan AT tesobe DOT com
*Everett Sochowski : everett AT tesobe DOT com
*Ayoub Benali: ayoub AT tesobe DOT com
*
*/
package code.api.berlin.group.v1_3_1
import code.api.OBPRestHelper
import code.api.util.APIUtil.{OBPEndpoint, ResourceDoc, getAllowedEndpoints}
import code.api.util.{ScannedApiVersion, ScannedApis}
import code.util.Helper.MdcLoggable
//import code.api.berlin.group.v1_3_1.APIMethods_AccountInformationServiceAISApi
//import code.api.berlin.group.v1_3_1.APIMethods_CommonServicesApi
import code.api.berlin.group.v1_3_1.APIMethods_ConfirmationOfFundsServicePIISApi
//import code.api.berlin.group.v1_3_1.APIMethods_PaymentInitiationServicePISApi
//import code.api.berlin.group.v1_3_1.APIMethods_SigningBasketsSBSApi
import scala.collection.mutable.ArrayBuffer
/*
This file defines which endpoints from all the versions are available in v1
*/
object JSONFactory_BERLIN_GROUP_1_3_3 extends OBPRestHelper with MdcLoggable with ScannedApis {
//please modify these three parameter if it is not correct.
override val apiVersion = ScannedApiVersion("berlin-group", "BG", "v1.3.1")
val versionStatus = "DRAFT"
private[this] val endpoints =
APIMethods_AccountInformationServiceAISApi.endpoints ++
APIMethods_CommonServicesApi.endpoints ++
APIMethods_ConfirmationOfFundsServicePIISApi.endpoints ++
APIMethods_PaymentInitiationServicePISApi.endpoints ++
APIMethods_SigningBasketsSBSApi.endpoints
override val allResourceDocs: ArrayBuffer[ResourceDoc] =
APIMethods_AccountInformationServiceAISApi.resourceDocs ++
APIMethods_CommonServicesApi.resourceDocs ++
APIMethods_ConfirmationOfFundsServicePIISApi.resourceDocs ++
APIMethods_PaymentInitiationServicePISApi.resourceDocs ++
APIMethods_SigningBasketsSBSApi.resourceDocs
private[this] def findResourceDoc(pf: OBPEndpoint): Option[ResourceDoc] = {
allResourceDocs.find(_.partialFunction==pf)
}
// Filter the possible endpoints by the disabled / enabled Props settings and add them together
override val routes : List[OBPEndpoint] = getAllowedEndpoints(endpoints, allResourceDocs)
// Make them available for use!
routes.foreach(route => {
oauthServe((apiVersion.urlPrefix / version.vDottedApiVersion()).oPrefix{route}, findResourceDoc(route))
})
logger.info(s"version $version has been run! There are ${routes.length} routes.")
}

828
obp-api/src/main/scala/code/api/berlin/group/v1_3_1/PaymentInitiationServicePISApi.scala
View File

@ -1,828 +0,0 @@
package code.api.berlin.group.v1_3_1
import code.api.APIFailureNewStyle
import code.api.berlin.group.v1_3.JvalueCaseClass
import net.liftweb.json
import net.liftweb.json._
import code.api.util.APIUtil.{defaultBankId, _}
import code.api.util.{ApiVersion, NewStyle}
import code.api.util.ErrorMessages._
import code.api.util.ApiTag._
import code.api.util.NewStyle.HttpCode
import code.bankconnectors.Connector
import code.model._
import code.util.Helper
import code.views.Views
import net.liftweb.common.Full
import net.liftweb.http.rest.RestHelper
import com.github.dwickern.macros.NameOf.nameOf
import scala.collection.immutable.Nil
import scala.collection.mutable.ArrayBuffer
import scala.concurrent.ExecutionContext.Implicits.global
import scala.concurrent.Future
import code.api.berlin.group.v1_3_1.JSONFactory_BERLIN_GROUP_1_3_3
import code.api.util.ApiTag
object APIMethods_PaymentInitiationServicePISApi extends RestHelper {
val apiVersion = JSONFactory_BERLIN_GROUP_1_3_3.apiVersion
val resourceDocs = ArrayBuffer[ResourceDoc]()
val apiRelations = ArrayBuffer[ApiRelation]()
protected implicit def JvalueToSuper(what: JValue): JvalueCaseClass = JvalueCaseClass(what)
val endpoints =
cancelPayment ::
getPaymentCancellationScaStatus ::
getPaymentInformation ::
getPaymentInitiationAuthorisation ::
getPaymentInitiationCancellationAuthorisationInformation ::
getPaymentInitiationScaStatus ::
getPaymentInitiationStatus ::
initiatePayment ::
startPaymentAuthorisation ::
startPaymentInitiationCancellationAuthorisation ::
updatePaymentCancellationPsuData ::
updatePaymentPsuData ::
Nil
resourceDocs += ResourceDoc(
cancelPayment,
apiVersion,
nameOf(cancelPayment),
"DELETE",
"/PAYMENT_SERVICE/PAYMENT_PRODUCT/PAYMENTID",
"Payment Cancellation Request",
s"""${mockedDataText(true)}
This method initiates the cancellation of a payment. Depending on the payment-service, the payment-product
and the ASPSP's implementation, this TPP call might be sufficient to cancel a payment. If an authorisation
of the payment cancellation is mandated by the ASPSP, a corresponding hyperlink will be contained in the
response message. Cancels the addressed payment with resource identification paymentId if applicable to the
payment-service, payment-product and received in product related timelines (e.g. before end of business day
for scheduled payments of the last business day before the scheduled execution day). The response to this
DELETE command will tell the TPP whether the * access method was rejected * access method was successful,
or * access method is generally applicable, but further authorisation processes are needed.
""",
json.parse(""""""),
json.parse("""{
"challengeData" : {
"otpMaxLength" : 0,
"additionalInformation" : "additionalInformation",
"image" : "image",
"imageLink" : "http://example.com/aeiou",
"otpFormat" : "characters",
"data" : [ "data", "data" ]
},
"scaMethods" : "",
"_links" : {
"startAuthorisationWithEncryptedPsuAuthentication" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithAuthenticationMethodSelection" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithPsuAuthentication" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithPsuIdentification" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisation" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
}
},
"chosenScaMethod" : "",
"transactionStatus" : "ACCP"
}"""),
List(UserNotLoggedIn, UnknownError),
Catalogs(notCore, notPSD2, notOBWG),
ApiTag("Payment Initiation Service (PIS)") :: apiTagMockedData :: Nil
)
lazy val cancelPayment : OBPEndpoint = {
case payment_service :: payment_product :: paymentid :: Nil JsonDelete _ => {
cc =>
for {
(Full(u), callContext) <- authorizedAccess(cc, UserNotLoggedIn)
} yield {
(json.parse("""{
"challengeData" : {
"otpMaxLength" : 0,
"additionalInformation" : "additionalInformation",
"image" : "image",
"imageLink" : "http://example.com/aeiou",
"otpFormat" : "characters",
"data" : [ "data", "data" ]
},
"scaMethods" : "",
"_links" : {
"startAuthorisationWithEncryptedPsuAuthentication" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithAuthenticationMethodSelection" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithPsuAuthentication" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithPsuIdentification" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisation" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
}
},
"chosenScaMethod" : "",
"transactionStatus" : "ACCP"
}"""), callContext)
}
}
}
resourceDocs += ResourceDoc(
getPaymentCancellationScaStatus,
apiVersion,
nameOf(getPaymentCancellationScaStatus),
"GET",
"/PAYMENT_SERVICE/PAYMENT_PRODUCT/PAYMENTID/cancellation-authorisations/CANCELLATIONID",
"Read the SCA status of the payment cancellation's authorisation.",
s"""${mockedDataText(true)}
This method returns the SCA status of a payment initiation's authorisation sub-resource.
""",
json.parse(""""""),
json.parse("""{
"scaStatus" : "psuAuthenticated"
}"""),
List(UserNotLoggedIn, UnknownError),
Catalogs(notCore, notPSD2, notOBWG),
ApiTag("Payment Initiation Service (PIS)") ::ApiTag("Common Services") :: apiTagMockedData :: Nil
)
lazy val getPaymentCancellationScaStatus : OBPEndpoint = {
case payment_service :: payment_product :: paymentid:: "cancellation-authorisations" :: cancellationid :: Nil JsonGet _ => {
cc =>
for {
(Full(u), callContext) <- authorizedAccess(cc, UserNotLoggedIn)
} yield {
(json.parse("""{
"scaStatus" : "psuAuthenticated"
}"""), callContext)
}
}
}
resourceDocs += ResourceDoc(
getPaymentInformation,
apiVersion,
nameOf(getPaymentInformation),
"GET",
"/PAYMENT_SERVICE/PAYMENT_PRODUCT/PAYMENTID",
"Get Payment Information",
s"""${mockedDataText(true)}
Returns the content of a payment object
""",
json.parse(""""""),
json.parse(""""""""),
List(UserNotLoggedIn, UnknownError),
Catalogs(notCore, notPSD2, notOBWG),
ApiTag("Payment Initiation Service (PIS)") :: apiTagMockedData :: Nil
)
lazy val getPaymentInformation : OBPEndpoint = {
case payment_service :: payment_product :: paymentid :: Nil JsonGet _ => {
cc =>
for {
(Full(u), callContext) <- authorizedAccess(cc, UserNotLoggedIn)
} yield {
(json.parse(""""""""), callContext)
}
}
}
resourceDocs += ResourceDoc(
getPaymentInitiationAuthorisation,
apiVersion,
nameOf(getPaymentInitiationAuthorisation),
"GET",
"/PAYMENT_SERVICE/PAYMENT_PRODUCT/PAYMENTID/authorisations",
"Get Payment Initiation Authorisation Sub-Resources Request",
s"""${mockedDataText(true)}
Read a list of all authorisation subresources IDs which have been created. This function returns an array
of hyperlinks to all generated authorisation sub-resources.
""",
json.parse(""""""),
json.parse("""{
"authorisationIds" : ""
}"""),
List(UserNotLoggedIn, UnknownError),
Catalogs(notCore, notPSD2, notOBWG),
ApiTag("Payment Initiation Service (PIS)") ::ApiTag("Common Services") :: apiTagMockedData :: Nil
)
lazy val getPaymentInitiationAuthorisation : OBPEndpoint = {
case payment_service :: payment_product :: paymentid:: "authorisations" :: Nil JsonGet _ => {
cc =>
for {
(Full(u), callContext) <- authorizedAccess(cc, UserNotLoggedIn)
} yield {
(json.parse("""{
"authorisationIds" : ""
}"""), callContext)
}
}
}
resourceDocs += ResourceDoc(
getPaymentInitiationCancellationAuthorisationInformation,
apiVersion,
nameOf(getPaymentInitiationCancellationAuthorisationInformation),
"GET",
"/PAYMENT_SERVICE/PAYMENT_PRODUCT/PAYMENTID/cancellation-authorisations",
"Will deliver an array of resource identifications to all generated cancellation authorisation sub-resources.",
s"""${mockedDataText(true)}
Retrieve a list of all created cancellation authorisation sub-resources.
""",
json.parse(""""""),
json.parse(""""""""),
List(UserNotLoggedIn, UnknownError),
Catalogs(notCore, notPSD2, notOBWG),
ApiTag("Payment Initiation Service (PIS)") :: apiTagMockedData :: Nil
)
lazy val getPaymentInitiationCancellationAuthorisationInformation : OBPEndpoint = {
case payment_service :: payment_product :: paymentid:: "cancellation-authorisations" :: Nil JsonGet _ => {
cc =>
for {
(Full(u), callContext) <- authorizedAccess(cc, UserNotLoggedIn)
} yield {
(json.parse(""""""""), callContext)
}
}
}
resourceDocs += ResourceDoc(
getPaymentInitiationScaStatus,
apiVersion,
nameOf(getPaymentInitiationScaStatus),
"GET",
"/PAYMENT_SERVICE/PAYMENT_PRODUCT/PAYMENTID/authorisations/AUTHORISATIONID",
"Read the SCA Status of the payment authorisation",
s"""${mockedDataText(true)}
This method returns the SCA status of a payment initiation's authorisation sub-resource.
""",
json.parse(""""""),
json.parse("""{
"scaStatus" : "psuAuthenticated"
}"""),
List(UserNotLoggedIn, UnknownError),
Catalogs(notCore, notPSD2, notOBWG),
ApiTag("Payment Initiation Service (PIS)") ::ApiTag("Common Services") :: apiTagMockedData :: Nil
)
lazy val getPaymentInitiationScaStatus : OBPEndpoint = {
case payment_service :: payment_product :: paymentid:: "authorisations" :: authorisationid :: Nil JsonGet _ => {
cc =>
for {
(Full(u), callContext) <- authorizedAccess(cc, UserNotLoggedIn)
} yield {
(json.parse("""{
"scaStatus" : "psuAuthenticated"
}"""), callContext)
}
}
}
resourceDocs += ResourceDoc(
getPaymentInitiationStatus,
apiVersion,
nameOf(getPaymentInitiationStatus),
"GET",
"/PAYMENT_SERVICE/PAYMENT_PRODUCT/PAYMENTID/status",
"Payment initiation status request",
s"""${mockedDataText(true)}
Check the transaction status of a payment initiation.
""",
json.parse(""""""),
json.parse("""{
"transactionStatus" : "ACCP",
"fundsAvailable" : { }
}"""),
List(UserNotLoggedIn, UnknownError),
Catalogs(notCore, notPSD2, notOBWG),
ApiTag("Payment Initiation Service (PIS)") :: apiTagMockedData :: Nil
)
lazy val getPaymentInitiationStatus : OBPEndpoint = {
case payment_service :: payment_product :: paymentid:: "status" :: Nil JsonGet _ => {
cc =>
for {
(Full(u), callContext) <- authorizedAccess(cc, UserNotLoggedIn)
} yield {
(json.parse("""{
"transactionStatus" : "ACCP",
"fundsAvailable" : { }
}"""), callContext)
}
}
}
resourceDocs += ResourceDoc(
initiatePayment,
apiVersion,
nameOf(initiatePayment),
"POST",
"/PAYMENT_SERVICE/PAYMENT_PRODUCT",
"Payment initiation request",
s"""${mockedDataText(true)}
This method is used to initiate a payment at the ASPSP. ## Variants of Payment Initiation Requests
This method to initiate a payment initiation at the ASPSP can be sent with either a JSON body or an pain.001
body depending on the payment product in the path. There are the following
**payment products**:
- Payment products with payment information in *JSON* format:
- ***sepa-credit-transfers***
- ***instant-sepa-credit-transfers***
- ***target-2-payments***
- ***cross-border-credit-transfers***
- Payment products with payment information in *pain.001* XML format:
- ***pain.001-sepa-credit-transfers***
- ***pain.001-instant-sepa-credit-transfers***
- ***pain.001-target-2-payments***
- ***pain.001-cross-border-credit-transfers*** Furthermore the request body depends on the
**payment-service** * ***payments***: A single payment initiation request.
* ***bulk-payments***: A collection of several payment iniatiation requests.
In case of a *pain.001* message there are more than one payments contained in the *pain.001 message.
In case of a *JSON* there are several JSON payment blocks contained in a joining list.
* ***periodic-payments***: Create a standing order initiation resource for recurrent
i.e. periodic payments addressable under {paymentId} with all data relevant for the corresponding payment
product and the execution of the standing order contained in a JSON body. This is the first step in the API
to initiate the related recurring/periodic payment. ## Single and mulitilevel SCA Processes The Payment
Initiation Requests are independent from the need of one ore multilevel SCA processing, i.e. independent
from the number of authorisations needed for the execution of payments. But the response messages are specific
to either one SCA processing or multilevel SCA processing. For payment initiation with multilevel SCA,
this specification requires an explicit start of the authorisation, i.e. links directly associated with
SCA processing like 'scaRedirect' or 'scaOAuth' cannot be contained in the response message of a Payment
Initation Request for a payment, where multiple authorisations are needed. Also if any data is needed for
the next action, like selecting an SCA method is not supported in the response, since all starts of the
multiple authorisations are fully equal. In these cases, first an authorisation sub-resource has to be
generated following the 'startAuthorisation' link.
""",
json.parse(""""""),
json.parse("""{
"challengeData" : {
"otpMaxLength" : 0,
"additionalInformation" : "additionalInformation",
"image" : "image",
"imageLink" : "http://example.com/aeiou",
"otpFormat" : "characters",
"data" : [ "data", "data" ]
},
"scaMethods" : "",
"tppMessages" : [ {
"path" : "path",
"code" : { },
"text" : { },
"category" : { }
}, {
"path" : "path",
"code" : { },
"text" : { },
"category" : { }
} ],
"_links" : {
"scaRedirect" : {
"href" : "https://www.testbank.com/asdfasdfasdf"
},
"self" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
}
},
"chosenScaMethod" : "",
"transactionStatus" : "ACCP",
"paymentId" : "1234-wertiq-983",
"psuMessage" : { },
"transactionFeeIndicator" : { },
"transactionFees" : {
"amount" : "123",
"currency" : "EUR"
}
}"""),
List(UserNotLoggedIn, UnknownError),
Catalogs(notCore, notPSD2, notOBWG),
ApiTag("Payment Initiation Service (PIS)") :: apiTagMockedData :: Nil
)
lazy val initiatePayment : OBPEndpoint = {
case payment_service :: payment_product :: Nil JsonPost _ => {
cc =>
for {
(Full(u), callContext) <- authorizedAccess(cc, UserNotLoggedIn)
} yield {
(json.parse("""{
"challengeData" : {
"otpMaxLength" : 0,
"additionalInformation" : "additionalInformation",
"image" : "image",
"imageLink" : "http://example.com/aeiou",
"otpFormat" : "characters",
"data" : [ "data", "data" ]
},
"scaMethods" : "",
"tppMessages" : [ {
"path" : "path",
"code" : { },
"text" : { },
"category" : { }
}, {
"path" : "path",
"code" : { },
"text" : { },
"category" : { }
} ],
"_links" : {
"scaRedirect" : {
"href" : "https://www.testbank.com/asdfasdfasdf"
},
"self" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
}
},
"chosenScaMethod" : "",
"transactionStatus" : "ACCP",
"paymentId" : "1234-wertiq-983",
"psuMessage" : { },
"transactionFeeIndicator" : { },
"transactionFees" : {
"amount" : "123",
"currency" : "EUR"
}
}"""), callContext)
}
}
}
resourceDocs += ResourceDoc(
startPaymentAuthorisation,
apiVersion,
nameOf(startPaymentAuthorisation),
"POST",
"/PAYMENT_SERVICE/PAYMENT_PRODUCT/PAYMENTID/authorisations",
"Start the authorisation process for a payment initiation",
s"""${mockedDataText(true)}
Create an authorisation sub-resource and start the authorisation process. The message might in addition
transmit authentication and authorisation related data. This method is iterated n times for a n times
SCA authorisation in a corporate context, each creating an own authorisation sub-endpoint for the corresponding
PSU authorising the transaction. The ASPSP might make the usage of this access method unnecessary in case of
only one SCA process needed, since the related authorisation resource might be automatically created by the
ASPSP after the submission of the payment data with the first POST payments/{payment-product} call.
The start authorisation process is a process which is needed for creating a new authorisation or cancellation
sub-resource. This applies in the following scenarios: * The ASPSP has indicated with an 'startAuthorisation'
hyperlink in the preceding Payment Initiation Response that an explicit start of the authorisation process
is needed by the TPP. The 'startAuthorisation' hyperlink can transport more information about data which
needs to be uploaded by using the extended forms.
* 'startAuthorisationWithPsuIdentfication',
* 'startAuthorisationWithPsuAuthentication'
* 'startAuthorisationWithEncryptedPsuAuthentication'
* 'startAuthorisationWithAuthentciationMethodSelection'
* The related payment initiation cannot yet be executed since a multilevel SCA is mandated.
* The ASPSP has indicated with an 'startAuthorisation' hyperlink in the preceding
Payment Cancellation Response that an explicit start of the authorisation process is needed by the TPP.
The 'startAuthorisation' hyperlink can transport more information about data which needs to be uploaded
by using the extended forms as indicated above. * The related payment cancellation request cannot be
applied yet since a multilevel SCA is mandate for executing the cancellation. * The signing basket needs
to be authorised yet.
""",
json.parse(""""""),
json.parse("""{
"authorisationId" : "123auth456",
"challengeData" : {
"otpMaxLength" : 0,
"additionalInformation" : "additionalInformation",
"image" : "image",
"imageLink" : "http://example.com/aeiou",
"otpFormat" : "characters",
"data" : [ "data", "data" ]
},
"scaMethods" : "",
"scaStatus" : "psuAuthenticated",
"_links" : {
"scaStatus" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithEncryptedPsuAuthentication" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"scaRedirect" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"selectAuthenticationMethod" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithPsuAuthentication" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"authoriseTransaction" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"scaOAuth" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"updatePsuIdentification" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
}
},
"chosenScaMethod" : "",
"psuMessage" : { }
}"""),
List(UserNotLoggedIn, UnknownError),
Catalogs(notCore, notPSD2, notOBWG),
ApiTag("Payment Initiation Service (PIS)") ::ApiTag("Common Services") :: apiTagMockedData :: Nil
)
lazy val startPaymentAuthorisation : OBPEndpoint = {
case payment_service :: payment_product :: paymentid:: "authorisations" :: Nil JsonPost _ => {
cc =>
for {
(Full(u), callContext) <- authorizedAccess(cc, UserNotLoggedIn)
} yield {
(json.parse("""{
"authorisationId" : "123auth456",
"challengeData" : {
"otpMaxLength" : 0,
"additionalInformation" : "additionalInformation",
"image" : "image",
"imageLink" : "http://example.com/aeiou",
"otpFormat" : "characters",
"data" : [ "data", "data" ]
},
"scaMethods" : "",
"scaStatus" : "psuAuthenticated",
"_links" : {
"scaStatus" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithEncryptedPsuAuthentication" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"scaRedirect" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"selectAuthenticationMethod" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithPsuAuthentication" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"authoriseTransaction" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"scaOAuth" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"updatePsuIdentification" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
}
},
"chosenScaMethod" : "",
"psuMessage" : { }
}"""), callContext)
}
}
}
resourceDocs += ResourceDoc(
startPaymentInitiationCancellationAuthorisation,
apiVersion,
nameOf(startPaymentInitiationCancellationAuthorisation),
"POST",
"/PAYMENT_SERVICE/PAYMENT_PRODUCT/PAYMENTID/cancellation-authorisations",
"Start the authorisation process for the cancellation of the addressed payment",
s"""${mockedDataText(true)}
Creates an authorisation sub-resource and start the authorisation process of the cancellation of the addressed
payment. The message might in addition transmit authentication and authorisation related data. This method is
iterated n times for a n times SCA authorisation in a corporate context, each creating an own authorisation
sub-endpoint for the corresponding PSU authorising the cancellation-authorisation. The ASPSP might make the
usage of this access method unnecessary in case of only one SCA process needed, since the related authorisation
resource might be automatically created by the ASPSP after the submission of the payment data with the first
POST payments/{payment-product} call. The start authorisation process is a process which is needed for
creating a new authorisation or cancellation sub-resource. This applies in the following scenarios:
* The ASPSP has indicated with an 'startAuthorisation' hyperlink in the preceding Payment Initiation
Response that an explicit start of the authorisation process is needed by the TPP.
The 'startAuthorisation' hyperlink can transport more information about data which needs to be
uploaded by using the extended forms. * 'startAuthorisationWithPsuIdentfication',
* 'startAuthorisationWithPsuAuthentication' * 'startAuthorisationWithAuthentciationMethodSelection'
* The related payment initiation cannot yet be executed since a multilevel SCA is mandated.
* The ASPSP has indicated with an 'startAuthorisation' hyperlink in the preceding Payment Cancellation Response
that an explicit start of the authorisation process is needed by the TPP.
The 'startAuthorisation' hyperlink can transport more information about data which needs to be uploaded by
using the extended forms as indicated above. * The related payment cancellation request cannot be applied
yet since a multilevel SCA is mandate for executing the cancellation. * The signing basket needs to be authorised yet.
""",
json.parse(""""""),
json.parse("""{
"authorisationId" : "123auth456",
"challengeData" : {
"otpMaxLength" : 0,
"additionalInformation" : "additionalInformation",
"image" : "image",
"imageLink" : "http://example.com/aeiou",
"otpFormat" : "characters",
"data" : [ "data", "data" ]
},
"scaMethods" : "",
"scaStatus" : "psuAuthenticated",
"_links" : {
"scaStatus" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithEncryptedPsuAuthentication" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"scaRedirect" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"selectAuthenticationMethod" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithPsuAuthentication" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"authoriseTransaction" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"scaOAuth" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"updatePsuIdentification" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
}
},
"chosenScaMethod" : "",
"psuMessage" : { }
}"""),
List(UserNotLoggedIn, UnknownError),
Catalogs(notCore, notPSD2, notOBWG),
ApiTag("Payment Initiation Service (PIS)") ::ApiTag("Common Services") :: apiTagMockedData :: Nil
)
lazy val startPaymentInitiationCancellationAuthorisation : OBPEndpoint = {
case payment_service :: payment_product :: paymentid:: "cancellation-authorisations" :: Nil JsonPost _ => {
cc =>
for {
(Full(u), callContext) <- authorizedAccess(cc, UserNotLoggedIn)
} yield {
(json.parse("""{
"authorisationId" : "123auth456",
"challengeData" : {
"otpMaxLength" : 0,
"additionalInformation" : "additionalInformation",
"image" : "image",
"imageLink" : "http://example.com/aeiou",
"otpFormat" : "characters",
"data" : [ "data", "data" ]
},
"scaMethods" : "",
"scaStatus" : "psuAuthenticated",
"_links" : {
"scaStatus" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithEncryptedPsuAuthentication" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"scaRedirect" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"selectAuthenticationMethod" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithPsuAuthentication" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"authoriseTransaction" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"scaOAuth" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"updatePsuIdentification" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
}
},
"chosenScaMethod" : "",
"psuMessage" : { }
}"""), callContext)
}
}
}
resourceDocs += ResourceDoc(
updatePaymentCancellationPsuData,
apiVersion,
nameOf(updatePaymentCancellationPsuData),
"PUT",
"/PAYMENT_SERVICE/PAYMENT_PRODUCT/PAYMENTID/cancellation-authorisations/CANCELLATIONID",
"Update PSU Data for payment initiation cancellation",
s"""${mockedDataText(true)}
This method updates PSU data on the cancellation authorisation resource if needed. It may authorise a cancellation
of the payment within the Embedded SCA Approach where needed. Independently from the SCA Approach it supports
e.g. the selection of the authentication method and a non-SCA PSU authentication. This methods updates PSU data
on the cancellation authorisation resource if needed. There are several possible Update PSU Data requests in
the context of a cancellation authorisation within the payment initiation services needed, which depends on
the SCA approach: * Redirect SCA Approach: A specific Update PSU Data Request is applicable for
* the selection of authentication methods, before choosing the actual SCA approach.
* Decoupled SCA Approach: A specific Update PSU Data Request is only applicable for
* adding the PSU Identification, if not provided yet in the Payment Initiation Request or the Account
Information Consent Request, or if no OAuth2 access token is used, or
* the selection of authentication methods.
* Embedded SCA Approach: The Update PSU Data Request might be used
* to add credentials as a first factor authentication data of the PSU and * to select the authentication method and
* transaction authorisation. The SCA Approach might depend on the chosen SCA method. For that reason, the following
possible Update PSU Data request can apply to all SCA approaches: * Select an SCA method in case of several SCA methods
are available for the customer. There are the following request types on this access path:
* Update PSU Identification
* Update PSU Authentication * Select PSU Autorization Method WARNING: This method need a reduced header,
therefore many optional elements are not present. Maybe in a later version the access path will change.
* Transaction Authorisation WARNING: This method need a reduced header, therefore many optional elements are not present.
Maybe in a later version the access path will change.
""",
json.parse(""""""),
json.parse(""""""""),
List(UserNotLoggedIn, UnknownError),
Catalogs(notCore, notPSD2, notOBWG),
ApiTag("Payment Initiation Service (PIS)") ::ApiTag("Common Services") :: apiTagMockedData :: Nil
)
lazy val updatePaymentCancellationPsuData : OBPEndpoint = {
case payment_service :: payment_product :: paymentid:: "cancellation-authorisations" :: cancellationid :: Nil JsonPut _ => {
cc =>
for {
(Full(u), callContext) <- authorizedAccess(cc, UserNotLoggedIn)
} yield {
(json.parse(""""""""), callContext)
}
}
}
resourceDocs += ResourceDoc(
updatePaymentPsuData,
apiVersion,
nameOf(updatePaymentPsuData),
"PUT",
"/PAYMENT_SERVICE/PAYMENT_PRODUCT/PAYMENTID/authorisations/AUTHORISATIONID",
"Update PSU data for payment initiation",
s"""${mockedDataText(true)}
This methods updates PSU data on the authorisation resource if needed. It may authorise a payment within the
Embedded SCA Approach where needed. Independently from the SCA Approach it supports e.g. the selection of
the authentication method and a non-SCA PSU authentication. There are several possible Update PSU Data requests
in the context of payment initiation services needed, which depends on the SCA approach:
* Redirect SCA Approach: A specific Update PSU Data Request is applicable for
* the selection of authentication methods, before choosing the actual SCA approach.
* Decoupled SCA Approach: A specific Update PSU Data Request is only applicable for
* adding the PSU Identification, if not provided yet in the Payment Initiation Request or
the Account Information Consent Request, or if no OAuth2 access token is used, or
* the selection of authentication methods. * Embedded SCA Approach: The Update PSU
Data Request might be used * to add credentials as a first factor authentication data of the PSU and
* to select the authentication method and * transaction authorisation.
The SCA Approach might depend on the chosen SCA method. For that reason, the following possible Update
PSU Data request can apply to all SCA approaches: * Select an SCA method in case of several SCA methods
are available for the customer. There are the following request types on this access path:
* Update PSU Identification * Update PSU Authentication * Select PSU Autorization Method WARNING:
This method need a reduced header, therefore many optional elements are not present. Maybe in a later
version the access path will change. * Transaction Authorisation WARNING: This method need a reduced header,
therefore many optional elements are not present. Maybe in a later version the access path will change.
""",
json.parse(""""""),
json.parse(""""""""),
List(UserNotLoggedIn, UnknownError),
Catalogs(notCore, notPSD2, notOBWG),
ApiTag("Payment Initiation Service (PIS)") ::ApiTag("Common Services") :: apiTagMockedData :: Nil
)
lazy val updatePaymentPsuData : OBPEndpoint = {
case payment_service :: payment_product :: paymentid:: "authorisations" :: authorisationid :: Nil JsonPut _ => {
cc =>
for {
(Full(u), callContext) <- authorizedAccess(cc, UserNotLoggedIn)
} yield {
(json.parse(""""""""), callContext)
}
}
}
}

614
obp-api/src/main/scala/code/api/berlin/group/v1_3_1/SigningBasketsSBSApi.scala
View File

@ -1,614 +0,0 @@
package code.api.berlin.group.v1_3_1
import code.api.APIFailureNewStyle
import code.api.berlin.group.v1_3.JvalueCaseClass
import net.liftweb.json
import net.liftweb.json._
import code.api.util.APIUtil.{defaultBankId, _}
import code.api.util.{ApiVersion, NewStyle}
import code.api.util.ErrorMessages._
import code.api.util.ApiTag._
import code.api.util.NewStyle.HttpCode
import code.bankconnectors.Connector
import code.model._
import code.util.Helper
import code.views.Views
import net.liftweb.common.Full
import net.liftweb.http.rest.RestHelper
import com.github.dwickern.macros.NameOf.nameOf
import scala.collection.immutable.Nil
import scala.collection.mutable.ArrayBuffer
import scala.concurrent.ExecutionContext.Implicits.global
import scala.concurrent.Future
import code.api.berlin.group.v1_3_1.JSONFactory_BERLIN_GROUP_1_3_3
import code.api.util.ApiTag
object APIMethods_SigningBasketsSBSApi extends RestHelper {
val apiVersion = JSONFactory_BERLIN_GROUP_1_3_3.apiVersion
val resourceDocs = ArrayBuffer[ResourceDoc]()
val apiRelations = ArrayBuffer[ApiRelation]()
protected implicit def JvalueToSuper(what: JValue): JvalueCaseClass = JvalueCaseClass(what)
val endpoints =
createSigningBasket ::
deleteSigningBasket ::
getSigningBasket ::
getSigningBasketAuthorisation ::
getSigningBasketScaStatus ::
getSigningBasketStatus ::
startSigningBasketAuthorisation ::
updateSigningBasketPsuData ::
Nil
resourceDocs += ResourceDoc(
createSigningBasket,
apiVersion,
nameOf(createSigningBasket),
"POST",
"/signing-baskets",
"Create a signing basket resource",
s"""${mockedDataText(true)}
Create a signing basket resource for authorising several transactions with one SCA method.
The resource identifications of these transactions are contained in the payload of this access method
""",
json.parse(""""""),
json.parse("""{
"basketId" : "1234-basket-567",
"challengeData" : {
"otpMaxLength" : 0,
"additionalInformation" : "additionalInformation",
"image" : "image",
"imageLink" : "http://example.com/aeiou",
"otpFormat" : "characters",
"data" : [ "data", "data" ]
},
"scaMethods" : "",
"tppMessages" : [ {
"path" : "path",
"code" : { },
"text" : { },
"category" : { }
}, {
"path" : "path",
"code" : { },
"text" : { },
"category" : { }
} ],
"_links" : {
"scaStatus" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithEncryptedPsuAuthentication" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"scaRedirect" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithAuthenticationMethodSelection" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithPsuAuthentication" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"scaOAuth" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"self" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithPsuIdentification" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisation" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithTransactionAuthorisation" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"status" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
}
},
"chosenScaMethod" : "",
"transactionStatus" : "RCVD",
"psuMessage" : { }
}"""),
List(UserNotLoggedIn, UnknownError),
Catalogs(notCore, notPSD2, notOBWG),
ApiTag("Signing Baskets (SBS)") :: apiTagMockedData :: Nil
)
lazy val createSigningBasket : OBPEndpoint = {
case "signing-baskets" :: Nil JsonPost _ => {
cc =>
for {
(Full(u), callContext) <- authorizedAccess(cc, UserNotLoggedIn)
} yield {
(json.parse("""{
"basketId" : "1234-basket-567",
"challengeData" : {
"otpMaxLength" : 0,
"additionalInformation" : "additionalInformation",
"image" : "image",
"imageLink" : "http://example.com/aeiou",
"otpFormat" : "characters",
"data" : [ "data", "data" ]
},
"scaMethods" : "",
"tppMessages" : [ {
"path" : "path",
"code" : { },
"text" : { },
"category" : { }
}, {
"path" : "path",
"code" : { },
"text" : { },
"category" : { }
} ],
"_links" : {
"scaStatus" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithEncryptedPsuAuthentication" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"scaRedirect" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithAuthenticationMethodSelection" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithPsuAuthentication" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"scaOAuth" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"self" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithPsuIdentification" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisation" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithTransactionAuthorisation" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"status" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
}
},
"chosenScaMethod" : "",
"transactionStatus" : "RCVD",
"psuMessage" : { }
}"""), callContext)
}
}
}
resourceDocs += ResourceDoc(
deleteSigningBasket,
apiVersion,
nameOf(deleteSigningBasket),
"DELETE",
"/signing-baskets/BASKETID",
"Delete the signing basket",
s"""${mockedDataText(true)}
Delete the signing basket structure as long as no (partial) authorisation has yet been applied.
The undlerying transactions are not affected by this deletion. Remark: The signing basket as such is not
deletable after a first (partial) authorisation has been applied. Nevertheless, single transactions might
be cancelled on an individual basis on the XS2A interface.
""",
json.parse(""""""),
json.parse(""""""),
List(UserNotLoggedIn, UnknownError),
Catalogs(notCore, notPSD2, notOBWG),
ApiTag("Signing Baskets (SBS)") ::ApiTag("Common Services") :: apiTagMockedData :: Nil
)
lazy val deleteSigningBasket : OBPEndpoint = {
case "signing-baskets" :: basketid :: Nil JsonDelete _ => {
cc =>
for {
(Full(u), callContext) <- authorizedAccess(cc, UserNotLoggedIn)
} yield {
(json.parse(""""""), callContext)
}
}
}
resourceDocs += ResourceDoc(
getSigningBasket,
apiVersion,
nameOf(getSigningBasket),
"GET",
"/signing-baskets/BASKETID",
"Returns the content of an signing basket object.",
s"""${mockedDataText(true)}
Returns the content of an signing basket object.
""",
json.parse(""""""),
json.parse("""{
"_links" : {
"scaStatus" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithEncryptedPsuAuthentication" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"scaRedirect" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithAuthenticationMethodSelection" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithPsuAuthentication" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"scaOAuth" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"self" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithPsuIdentification" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisation" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithTransactionAuthorisation" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"status" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
}
},
"transactionStatus" : "RCVD",
"payments" : "",
"consents" : ""
}"""),
List(UserNotLoggedIn, UnknownError),
Catalogs(notCore, notPSD2, notOBWG),
ApiTag("Signing Baskets (SBS)") :: apiTagMockedData :: Nil
)
lazy val getSigningBasket : OBPEndpoint = {
case "signing-baskets" :: basketid :: Nil JsonGet _ => {
cc =>
for {
(Full(u), callContext) <- authorizedAccess(cc, UserNotLoggedIn)
} yield {
(json.parse("""{
"_links" : {
"scaStatus" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithEncryptedPsuAuthentication" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"scaRedirect" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithAuthenticationMethodSelection" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithPsuAuthentication" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"scaOAuth" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"self" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithPsuIdentification" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisation" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithTransactionAuthorisation" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"status" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
}
},
"transactionStatus" : "RCVD",
"payments" : "",
"consents" : ""
}"""), callContext)
}
}
}
resourceDocs += ResourceDoc(
getSigningBasketAuthorisation,
apiVersion,
nameOf(getSigningBasketAuthorisation),
"GET",
"/signing-baskets/BASKETID/authorisations",
"Get Signing Basket Authorisation Sub-Resources Request",
s"""${mockedDataText(true)}
Read a list of all authorisation subresources IDs which have been created. This function returns an array
of hyperlinks to all generated authorisation sub-resources.
""",
json.parse(""""""),
json.parse("""{
"authorisationIds" : ""
}"""),
List(UserNotLoggedIn, UnknownError),
Catalogs(notCore, notPSD2, notOBWG),
ApiTag("Signing Baskets (SBS)") ::ApiTag("Common Services") :: apiTagMockedData :: Nil
)
lazy val getSigningBasketAuthorisation : OBPEndpoint = {
case "signing-baskets" :: basketid:: "authorisations" :: Nil JsonGet _ => {
cc =>
for {
(Full(u), callContext) <- authorizedAccess(cc, UserNotLoggedIn)
} yield {
(json.parse("""{
"authorisationIds" : ""
}"""), callContext)
}
}
}
resourceDocs += ResourceDoc(
getSigningBasketScaStatus,
apiVersion,
nameOf(getSigningBasketScaStatus),
"GET",
"/signing-baskets/BASKETID/authorisations/AUTHORISATIONID",
"Read the SCA status of the signing basket authorisation",
s"""${mockedDataText(true)}
This method returns the SCA status of a signing basket's authorisation sub-resource.
""",
json.parse(""""""),
json.parse("""{
"scaStatus" : "psuAuthenticated"
}"""),
List(UserNotLoggedIn, UnknownError),
Catalogs(notCore, notPSD2, notOBWG),
ApiTag("Signing Baskets (SBS)") ::ApiTag("Common Services") :: apiTagMockedData :: Nil
)
lazy val getSigningBasketScaStatus : OBPEndpoint = {
case "signing-baskets" :: basketid:: "authorisations" :: authorisationid :: Nil JsonGet _ => {
cc =>
for {
(Full(u), callContext) <- authorizedAccess(cc, UserNotLoggedIn)
} yield {
(json.parse("""{
"scaStatus" : "psuAuthenticated"
}"""), callContext)
}
}
}
resourceDocs += ResourceDoc(
getSigningBasketStatus,
apiVersion,
nameOf(getSigningBasketStatus),
"GET",
"/signing-baskets/BASKETID/status",
"Read the status of the signing basket",
s"""${mockedDataText(true)}
Returns the status of a signing basket object.
""",
json.parse(""""""),
json.parse("""{
"transactionStatus" : "RCVD"
}"""),
List(UserNotLoggedIn, UnknownError),
Catalogs(notCore, notPSD2, notOBWG),
ApiTag("Signing Baskets (SBS)") ::ApiTag("Common Services") :: apiTagMockedData :: Nil
)
lazy val getSigningBasketStatus : OBPEndpoint = {
case "signing-baskets" :: basketid:: "status" :: Nil JsonGet _ => {
cc =>
for {
(Full(u), callContext) <- authorizedAccess(cc, UserNotLoggedIn)
} yield {
(json.parse("""{
"transactionStatus" : "RCVD"
}"""), callContext)
}
}
}
resourceDocs += ResourceDoc(
startSigningBasketAuthorisation,
apiVersion,
nameOf(startSigningBasketAuthorisation),
"POST",
"/signing-baskets/BASKETID/authorisations",
"Start the authorisation process for a signing basket",
s"""${mockedDataText(true)}
Create an authorisation sub-resource and start the authorisation process of a signing basket. The message
might in addition transmit authentication and authorisation related data. This method is iterated n times
for a n times SCA authorisation in a corporate context, each creating an own authorisation sub-endpoint for
the corresponding PSU authorising the signing-baskets. The ASPSP might make the usage of this access method
unnecessary in case of only one SCA process needed, since the related authorisation resource might be
automatically created by the ASPSP after the submission of the payment data with the first POST signing
basket call. The start authorisation process is a process which is needed for creating a new authorisation
or cancellation sub-resource. This applies in the following scenarios: * The ASPSP has indicated with
an 'startAuthorisation' hyperlink in the preceding Payment Initiation Response that an explicit start of
the authorisation process is needed by the TPP. The 'startAuthorisation' hyperlink can transport more
information about data which needs to be uploaded by using the extended forms.
* 'startAuthorisationWithPsuIdentfication',
* 'startAuthorisationWithPsuAuthentication'
* 'startAuthorisationWithEncryptedPsuAuthentication'
* 'startAuthorisationWithAuthentciationMethodSelection'
*The related payment initiation cannot yet be executed since a multilevel SCA is mandated.
* The ASPSP has indicated with an 'startAuthorisation' hyperlink in the preceding Payment Cancellation
Response that an explicit start of the authorisation process is needed by the TPP. The 'startAuthorisation'
hyperlink can transport more information about data which needs to be uploaded by using the extended forms
as indicated above. * The related payment cancellation request cannot be applied yet since a multilevel
SCA is mandate for executing the cancellation. * The signing basket needs to be authorised yet.
""",
json.parse(""""""),
json.parse("""{
"authorisationId" : "123auth456",
"challengeData" : {
"otpMaxLength" : 0,
"additionalInformation" : "additionalInformation",
"image" : "image",
"imageLink" : "http://example.com/aeiou",
"otpFormat" : "characters",
"data" : [ "data", "data" ]
},
"scaMethods" : "",
"scaStatus" : "psuAuthenticated",
"_links" : {
"scaStatus" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithEncryptedPsuAuthentication" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"scaRedirect" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"selectAuthenticationMethod" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithPsuAuthentication" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"authoriseTransaction" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"scaOAuth" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"updatePsuIdentification" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
}
},
"chosenScaMethod" : "",
"psuMessage" : { }
}"""),
List(UserNotLoggedIn, UnknownError),
Catalogs(notCore, notPSD2, notOBWG),
ApiTag("Signing Baskets (SBS)") ::ApiTag("Common Services") :: apiTagMockedData :: Nil
)
lazy val startSigningBasketAuthorisation : OBPEndpoint = {
case "signing-baskets" :: basketid:: "authorisations" :: Nil JsonPost _ => {
cc =>
for {
(Full(u), callContext) <- authorizedAccess(cc, UserNotLoggedIn)
} yield {
(json.parse("""{
"authorisationId" : "123auth456",
"challengeData" : {
"otpMaxLength" : 0,
"additionalInformation" : "additionalInformation",
"image" : "image",
"imageLink" : "http://example.com/aeiou",
"otpFormat" : "characters",
"data" : [ "data", "data" ]
},
"scaMethods" : "",
"scaStatus" : "psuAuthenticated",
"_links" : {
"scaStatus" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithEncryptedPsuAuthentication" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"scaRedirect" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"selectAuthenticationMethod" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"startAuthorisationWithPsuAuthentication" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"authoriseTransaction" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"scaOAuth" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
},
"updatePsuIdentification" : {
"href" : "/v1/payments/sepa-credit-transfers/1234-wertiq-983"
}
},
"chosenScaMethod" : "",
"psuMessage" : { }
}"""), callContext)
}
}
}
resourceDocs += ResourceDoc(
updateSigningBasketPsuData,
apiVersion,
nameOf(updateSigningBasketPsuData),
"PUT",
"/signing-baskets/BASKETID/authorisations/AUTHORISATIONID",
"Update PSU Data for signing basket",
s"""${mockedDataText(true)}
This method update PSU data on the signing basket resource if needed. It may authorise a igning basket within
the Embedded SCA Approach where needed. Independently from the SCA Approach it supports e.g. the selection of
the authentication method and a non-SCA PSU authentication. This methods updates PSU data on the cancellation
authorisation resource if needed. There are several possible Update PSU Data requests in the context of a consent
request if needed, which depends on the SCA approach: * Redirect SCA Approach: A specific Update PSU Data Request
is applicable for * the selection of authentication methods, before choosing the actual SCA approach.
* Decoupled SCA Approach: A specific Update PSU Data Request is only applicable for
* adding the PSU Identification, if not provided yet in the Payment Initiation Request or the Account
Information Consent Request, or if no OAuth2 access token is used, or
* the selection of authentication methods.
* Embedded SCA Approach: The Update PSU Data Request might be used
* to add credentials as a first factor authentication data of the PSU and
* to select the authentication method and * transaction authorisation.
The SCA Approach might depend on the chosen SCA method. For that reason,
the following possible Update PSU Data request can apply to all SCA approaches:
* Select an SCA method in case of several SCA methods are available for the customer.
There are the following request types on this access path: * Update PSU Identification
* Update PSU Authentication * Select PSU Autorization Method WARNING: This method need a reduced header,
therefore many optional elements are not present. Maybe in a later version the access path will change.
* Transaction Authorisation WARNING: This method need a reduced header, therefore many optional elements
are not present. Maybe in a later version the access path will change.
""",
json.parse(""""""),
json.parse(""""""""),
List(UserNotLoggedIn, UnknownError),
Catalogs(notCore, notPSD2, notOBWG),
ApiTag("Signing Baskets (SBS)") ::ApiTag("Common Services") :: apiTagMockedData :: Nil
)
lazy val updateSigningBasketPsuData : OBPEndpoint = {
case "signing-baskets" :: basketid:: "authorisations" :: authorisationid :: Nil JsonPut _ => {
cc =>
for {
(Full(u), callContext) <- authorizedAccess(cc, UserNotLoggedIn)
} yield {
(json.parse(""""""""), callContext)
}
}
}
}