Develop obp#2868
Merged
Merged
Conversation
Replace static spec-example responses with real OBP connector calls for the account-access-consents, accounts, balances, and transactions endpoints in UK Open Banking v4.0.1 AccountInfo — the same 9 endpoints that carry real implementations in v3.1, covering the full consent lifecycle plus the 5 endpoints OBP-Hola actually calls. Connector call sequences are carried over from the v3.1 handlers (Http4sUKOBv310AccountAccess/Accounts/Balances/Transactions) since the underlying data access is unchanged between API versions. Response shaping needed a new factory (JSONFactory_UKOpenBanking_401) because the v4.0.1 Account/Balance/Transaction resources changed shape from v3.1 (AccountTypeCode replaces AccountType, single-string SchemeName, added TotalValue/TransactionMutability/Status codes, etc.). getAccounts, getAccountsAccountIdBalances and getAccountsAccountIdTransactions call checkUKConsent, which requires a live Hydra OAuth2 introspection endpoint with no local test double, so those three keep the same "authenticated -> not 401" assertion already used for their v3.1 counterparts. The other 6 endpoints get full scenario coverage: real seeded data, unknown-consent and empty-data paths, and a full create -> get -> delete -> get consent lifecycle.
…MAIL_TEST_MODE
run_tests_parallel.sh unconditionally exports OBP_MAIL_TEST_MODE=true for every
shard, and APIUtil.getPropsValue always checks sys.env before Props/setPropsValues
overrides. That made PasswordResetTest's setPropsValues("mail.test.mode" -> "false", ...)
a no-op locally, so the "SMTP failure must surface as a 500" scenario always got
a 201 sent response instead (CI was unaffected since it only sets a props-file
default, no env var).
Add EnvVarOverride, a test-only trait that mutates the process environment for
the scope of a block and restores it afterward, and use it to force
OBP_MAIL_TEST_MODE=false for that one scenario. On modern JDKs the Unix
ProcessEnvironment backing map is keyed by internal Variable/Value wrapper
types rather than plain Strings, so the override goes through their
valueOf(String) factories instead of assuming a Map[String, String].
…sandbox env var
Same root cause as the PasswordResetTest fix: run_tests_parallel.sh exports
OBP_ALLOW_USER_GENERATED_SCALA_CODE=true for every shard, and that env var
always wins over setPropsValues("allow_user_generated_scala_code" -> "false")
per APIUtil.getPropsValue. The five OFF-state scenarios could never actually
observe the kill-switch disabled locally, so they failed deterministically
under run_tests_parallel.sh (CI was unaffected, since it only sets a
props-file default, no env var).
Reuses the EnvVarOverride trait added for the PasswordResetTest fix to force
the env var out of the way for the scope of each OFF scenario.
Add POST /obp/v5.1.0/banks/BANK_ID/consents/CONSENT_ID/authorise, a user-scoped (role-free) endpoint that authorises a UK Open Banking account-access consent as the current PSU. UK consents are lodged by the TPP via client_credentials and start in AWAITINGAUTHORISATION with no bound user. After the PSU authenticates, this endpoint transitions the consent to AUTHORISED, binds it to the PSU (mUserId) and stamps the PSU into the consent JWT's createdByUserId, supplying the previously missing authorisation-binding step so that subsequent UK data calls whose token carries the consent_id claim pass checkUKConsent. The consent JWT's permission views are preserved.
…batch A user can hold a view/grant on an account that has since been deleted (a dangling BankIdAccountId). LocalMappedConnector.getBankAccounts mapped each id through openOrThrowException, so one orphaned grant would 500 an entire "list my accounts" call. Skip accounts that no longer resolve; callers needing a specific account use getBankAccount(single).
Add POST /obp/v5.1.0/banks/BANK_ID/consents/CONSENT_ID/authorise/challenge to start Strong Customer Authentication for a UK consent, and require the challenge answer on the authorise endpoint before flipping the consent to AUTHORISED. Uses the shared OBP challenge engine (createChallengesC2 / validateChallengeAnswerC4) with ChallengeType.OBP_CONSENT_CHALLENGE — the same engine Berlin Group uses, which is status-agnostic and so works on an AWAITINGAUTHORISATION consent (unlike the INITIATED-only checkAnswer path). The OTP is delivered per suggested_default_sca_method (DUMMY answer "123" in dev, EMAIL/SMS in prod). A wrong answer leaves the consent unauthorised.
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.



No description provided.