open-banking-gateway
open-banking-gateway copied to clipboard
adorsys
Provides RESTful API, tools, adapters, and connectors for transparent access to open banking API's (for banks that support PSD2 and XS2A as well as HBCI/FinTS)
Currently API of OBG offers two ways of "consent reusage". For xs2a its ok to send PSUSessionID. If consent is available, it will bereused and consent is retrieved without ConsentUI...
Add tests to validate that one will be redirected back to the FinTech NOK url when canceling consent
When denying HBCI consent NullPointer exception happens ``` java.lang.NullPointerException: null at de.adorsys.opba.protocol.facade.services.FacadeService.execute(FacadeService.java:42) at de.adorsys.opba.consentapi.controller.UpdateAuthConsentServiceController.denyUsingPOST(UpdateAuthConsentServiceController.java:69) at de.adorsys.opba.consentapi.resource.generated.UpdateConsentAuthorizationApi._denyUsingPOST(UpdateConsentAuthorizationApi.java:73) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:190) at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:138) at...
Smoke tests should check HBCI protocol as well due to different environments project is deployed to
Currently, HBCI import is not working because there is no concept of consent for HBCI. See https://github.com/adorsys/open-banking-gateway/tree/feature/firefly-hbci-support for the initial idea. It needs to handle redirections for getting each accounts'...
See i.e. PSU_ID field. It can be Conditional. If our database presumes bank will choose REDIRECT approach, but then suddenly decides to use EMBEDDED approach (although psu id was not...
Merge TppAuthResponseCookieTemplate and TppTokenProperties, so that duration of these entities come from one places
We need to add searching for consent using secret key in FacadeRequireAuthorizationInNoAspspPsuKeyService
Currently constructing these classes requires setting encryption, probably it can be solved better (i.e. custom bean scope for EncryptionService instead of passing it as field)
Currently, i.e. WiremockE2EXs2aProtocolTest is rather permissive on response bodies received from OpenBanking. We need to make more strict OpenBanking responses validation - both for headers and bodies. I.e. user_anton_brueckner_provided_initial_parameters_to_list_accounts_with_all_accounts_consent does...