public async Task CreateAsync(AuthorisationCallbackDataPublic redirectData) { redirectData.ArgNotNull(nameof(redirectData)); // Load relevant data objects DomesticConsent consent = (await _domesticConsentRepo.GetAsync(dc => dc.State == redirectData.Response.State)) .FirstOrDefault() ?? throw new KeyNotFoundException( $"Consent with redirect state '{redirectData.Response.State}' not found."); ApiProfile apiProfile = await _apiProfileRepo.GetAsync(consent.ApiProfileId) ?? throw new KeyNotFoundException("API profile cannot be found."); BankClientProfile bankClientProfile = await _openBankingClientRepo.GetAsync(apiProfile.BankClientProfileId) ?? throw new KeyNotFoundException("Bank client profile cannot be found."); SoftwareStatementProfile softwareStatementProfile = _softwareStatementProfileService.GetSoftwareStatementProfile( bankClientProfile.SoftwareStatementProfileId); // Obtain token for consent string redirectUrl = softwareStatementProfile.DefaultFragmentRedirectUrl; TokenEndpointResponse tokenEndpointResponse = await PostAuthCodeGrant( authCode : redirectData.Response.Code, redirectUrl : redirectUrl, client : bankClientProfile); // Update consent with token consent.TokenEndpointResponse = tokenEndpointResponse; await _dbContextService.SaveChangesAsync(); }
public async Task <OBWriteDomesticResponse4> CreateAsync(string consentId) { // Load relevant data objects DomesticConsent consent = await _domesticConsentRepo.GetAsync(consentId) ?? throw new KeyNotFoundException("The Consent does not exist."); ApiProfile apiProfile = await _apiProfileRepo.GetAsync(consent.ApiProfileId) ?? throw new KeyNotFoundException("The API Profile does not exist."); BankClientProfile bankClientProfile = await _openBankingClientRepo.GetAsync(apiProfile.BankClientProfileId) ?? throw new KeyNotFoundException( "The Bank Client Profile does not exist."); SoftwareStatementProfile softwareStatementProfile = _softwareStatementProfileService.GetSoftwareStatementProfile( bankClientProfile.SoftwareStatementProfileId); TokenEndpointResponse tokenEndpointResponse = _mapper.Map <TokenEndpointResponse>(consent.TokenEndpointResponse); // Create new Open Banking payment by posting JWT OBWriteDomesticConsent4 obConsent = consent.ObWriteDomesticConsent; OBWriteDomestic2 referencePayment = new OBWriteDomestic2 { Data = new OBWriteDomestic2Data { ConsentId = consent.BankId, Initiation = obConsent.Data.Initiation }, Risk = obConsent.Risk }; // Create new Open Banking payment by posting JWT OBWriteDomesticResponse4 paymentResponse; switch (apiProfile.ApiVersion) { case ApiVersion.V3P1P1: ObModels.PaymentInitiation.V3p1p1.Model.OBWriteDomestic2 newPayment = _mapper.Map <ObModels.PaymentInitiation.V3p1p1.Model.OBWriteDomestic2>(referencePayment); OBWriteDomesticResponse2 rawPaymentResponse = await PostDomesticPayment <ObModels.PaymentInitiation.V3p1p1.Model.OBWriteDomestic2, OBWriteDomesticResponse2>( payment : newPayment, apiProfile : apiProfile, softwareStatementProfile : softwareStatementProfile, bankClientProfile : bankClientProfile, tokenEndpointResponse : tokenEndpointResponse); paymentResponse = _mapper.Map <OBWriteDomesticResponse4>(rawPaymentResponse); break; case ApiVersion.V3P1P2: throw new ArgumentOutOfRangeException(); case ApiVersion.V3P1P4: paymentResponse = await PostDomesticPayment <OBWriteDomestic2, OBWriteDomesticResponse4>( payment : referencePayment, apiProfile : apiProfile, softwareStatementProfile : softwareStatementProfile, bankClientProfile : bankClientProfile, tokenEndpointResponse : tokenEndpointResponse); break; default: throw new ArgumentOutOfRangeException(); } return(paymentResponse); }
public async Task <PaymentConsentResponse> CreateAsync(DomesticPaymentConsent consent) { consent.ArgNotNull(nameof(consent)); // Load relevant objects ApiProfile apiProfile = await _apiProfileRepo.GetAsync(consent.ApiProfileId) ?? throw new KeyNotFoundException("The API Profile does not exist."); BankClientProfile bankClientProfile = await _bankClientProfileRepo.GetAsync(apiProfile.BankClientProfileId) ?? throw new KeyNotFoundException( "The Bank Client Profile does not exist."); SoftwareStatementProfile softwareStatementProfile = _softwareStatementProfileService.GetSoftwareStatementProfile( bankClientProfile.SoftwareStatementProfileId); // Get client credentials grant (we will not cache token for now but simply use to POST consent) TokenEndpointResponse tokenEndpointResponse = await PostClientCredentialsGrant(scope : "payments", client : bankClientProfile); // TODO: validate the response??? // Create new Open Banking consent by posting JWT JwtFactory jwtFactory = new JwtFactory(); OBWriteDomesticConsentResponse4 consentResponse; switch (apiProfile.ApiVersion) { case ApiVersion.V3P1P1: OBWriteDomesticConsent2 newDomesticConsent = _mapper.Map <OBWriteDomesticConsent2>(consent.DomesticConsent); OBWriteDomesticConsentResponse2 rawConsentResponse = await PostDomesticConsent <OBWriteDomesticConsent2, OBWriteDomesticConsentResponse2>( jwtFactory : jwtFactory, softwareStatementProfile : softwareStatementProfile, consent : newDomesticConsent, apiProfile : apiProfile, bankClientProfile : bankClientProfile, tokenEndpointResponse : tokenEndpointResponse); consentResponse = _mapper.Map <OBWriteDomesticConsentResponse4>(rawConsentResponse); break; case ApiVersion.V3P1P2: throw new ArgumentOutOfRangeException(); case ApiVersion.V3P1P4: consentResponse = await PostDomesticConsent <OBWriteDomesticConsent4, OBWriteDomesticConsentResponse4>( jwtFactory : jwtFactory, softwareStatementProfile : softwareStatementProfile, consent : consent.DomesticConsent, apiProfile : apiProfile, bankClientProfile : bankClientProfile, tokenEndpointResponse : tokenEndpointResponse); break; default: throw new ArgumentOutOfRangeException(); } // Generate URL for user auth string consentId = consentResponse.Data.ConsentId; string redirectUrl = softwareStatementProfile.DefaultFragmentRedirectUrl; if (redirectUrl == "") { redirectUrl = bankClientProfile.BankClientRegistrationClaims.RedirectUris[0]; } OAuth2RequestObjectClaims oAuth2RequestObjectClaims = Factories.CreateOAuth2RequestObjectClaims( openBankingClient: bankClientProfile, redirectUrl: redirectUrl, scope: new[] { "openid", "payments" }, intentId: consentId); string requestObjectJwt = jwtFactory.CreateJwt( profile: softwareStatementProfile, claims: oAuth2RequestObjectClaims, useOpenBankingJwtHeaders: false); Dictionary <string, string> keyValuePairs = new Dictionary <string, string> { { "response_type", oAuth2RequestObjectClaims.ResponseType }, { "client_id", oAuth2RequestObjectClaims.ClientId }, { "redirect_uri", oAuth2RequestObjectClaims.RedirectUri }, { "scope", oAuth2RequestObjectClaims.Scope }, { "request", requestObjectJwt }, { "nonce", oAuth2RequestObjectClaims.Nonce }, { "state", oAuth2RequestObjectClaims.State } }; string queryString = keyValuePairs.ToUrlEncoded(); string authUrl = bankClientProfile.OpenIdConfiguration.AuthorizationEndpoint + "?" + queryString; // Create and store persistent object string domesticConsentId = Guid.NewGuid().ToString(); DomesticConsent value = new DomesticConsent { State = oAuth2RequestObjectClaims.State, SoftwareStatementProfileId = bankClientProfile.SoftwareStatementProfileId, IssuerUrl = bankClientProfile.IssuerUrl, ApiProfileId = apiProfile.Id, ObWriteDomesticConsent = consent.DomesticConsent, TokenEndpointResponse = null, Id = domesticConsentId, BankId = consentId }; await _domesticConsentRepo.UpsertAsync(value); await _dbMultiEntityMethods.SaveChangesAsync(); return(new PaymentConsentResponse { AuthUrl = authUrl, ConsentId = domesticConsentId }); }