open-banking-gateway
open-banking-gateway copied to clipboard
adorsys
Provides RESTful API, tools, adapters, and connectors for transparent access to open banking API's (for banks that support PSD2 and XS2A as well as HBCI/FinTS)
As xs2a-adapter supports (should support from version 0.0.8) real request signing for Sandbox API, we need to make: 0. mock-qwac-certificate of Sandbox is complete security bypass, we should drop it....
opba-protocol-api should be highly independent of higher levels, so we need to move classes it uses from opba-facade-protocol-api-shared ** Note ** Only directly used DTO classes should be moved
Now we're using temporary solution which allows all other resources @CrossOrigin(origins = "*") For better security it should be handled at gateway level
The call /v1/banking/pis/payments/{payment-product} has one field service-session-id in header which is the clients handle to the consent the payment information is requested for. It would make sense to have a...
There is disabled test in HbciSandboxConsentE2EHbciProtocolTest which works separately and doesn't work when it run together with other tests. this behaviour should be fixed.
Tpp returns service-session-id which actually has functionality of a consent handle for client. But consent is not valid for all times and has an expiry date. But client does not...
We need to enable `adorsys.request_signing.enabled` in xs2a-adapter properties and `tppSignatureRequired` in Sandbox profile (and anything else) to ensure that all xs2a-adapter->Sandbox requests are signed
Add README.md to each module that explains what module does, key actions and interactions
When Initiate payment is done with post /v1/banking/pis/payments/{payment-product} any get /v1/banking/pis/payments/{payment-product} to returned handle fails as long as redirect has not finished. Of course bank may not know payment, as...
Redirect approach in FintechServer is currently implemented like that: ``` FinTechUI: - defines (ok,nok url) which are real endpoints in UI - sends (ok,nok url) to FinTechServer FintechServer: - stores...