Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
77f6655
commit 57b9574
Showing
10 changed files
with
275 additions
and
94 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
87 changes: 87 additions & 0 deletions
87
src/org/webpki/webapps/swedbank_psd2_saturn/OriginalAuthRedirectServlet.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,87 @@ | ||
/* | ||
* Copyright 2006-2019 WebPKI.org (http://webpki.org). | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"); | ||
* you may not use this file except in compliance with the License. | ||
* You may obtain a copy of the License at | ||
* | ||
* https://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, | ||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
* See the License for the specific language governing permissions and | ||
* limitations under the License. | ||
* | ||
*/ | ||
package org.webpki.webapps.swedbank_psd2_saturn; | ||
|
||
import java.io.IOException; | ||
|
||
import javax.servlet.ServletException; | ||
|
||
import javax.servlet.http.HttpServletRequest; | ||
import javax.servlet.http.HttpServletResponse; | ||
|
||
import org.webpki.json.JSONObjectReader; | ||
|
||
// This servlet is only called in the Test mode (using Open Banking GUI) | ||
|
||
public class OriginalAuthRedirectServlet extends RESTBaseServlet { | ||
|
||
private static final long serialVersionUID = 1L; | ||
|
||
@Override | ||
public void doGet(HttpServletRequest request, HttpServletResponse response) | ||
throws IOException, ServletException { | ||
//////////////////////////////////////////////////////////////////////////////// | ||
// This servlet is redirected to by the PSD2 service after a successful user // | ||
// authentication // | ||
//////////////////////////////////////////////////////////////////////////////// | ||
|
||
//////////////////////////////////////////////////////////////////////////////// | ||
// Check that we still have a session // | ||
//////////////////////////////////////////////////////////////////////////////// | ||
OpenBankingSessionData obsd = getObsd(request, response); | ||
if (obsd == null) return; | ||
|
||
//////////////////////////////////////////////////////////////////////////////// | ||
// We should have "code" parameter // | ||
//////////////////////////////////////////////////////////////////////////////// | ||
String code = request.getParameter("code"); | ||
if (code == null) { | ||
throw new IOException("Didn't find 'code' object"); | ||
} | ||
if (LocalIntegrationService.logging) { | ||
logger.info("code=" + code); | ||
} | ||
|
||
//////////////////////////////////////////////////////////////////////////////// | ||
// We got the code, now we need to upgrade it to an oauth2 token // | ||
//////////////////////////////////////////////////////////////////////////////// | ||
getOAuth2Token(obsd, code); | ||
|
||
//////////////////////////////////////////////////////////////////////////////// | ||
// We got the token, now we need a consent for our accounts // | ||
//////////////////////////////////////////////////////////////////////////////// | ||
getConsent(null, obsd, SCA_ACCOUNT_SUCCESS_PATH); | ||
|
||
//////////////////////////////////////////////////////////////////////////////// | ||
// We got the consent, now use it! // | ||
//////////////////////////////////////////////////////////////////////////////// | ||
JSONObjectReader json = getAccountData(false, obsd); | ||
|
||
//////////////////////////////////////////////////////////////////////////////// | ||
// We got an account list, now get more details. For that we need to SCA. // | ||
//////////////////////////////////////////////////////////////////////////////// | ||
String scaRedirectUrl = getConsent(json.getArray("accounts"), | ||
obsd, SCA_ACCOUNT_SUCCESS_PATH); | ||
if (scaRedirectUrl != null) { | ||
if (LocalIntegrationService.logging) { | ||
logger.info("Redirect to:\n" + scaRedirectUrl); | ||
} | ||
response.sendRedirect(scaRedirectUrl); | ||
} | ||
// response.sendRedirect("home"); | ||
} | ||
} |
64 changes: 64 additions & 0 deletions
64
src/org/webpki/webapps/swedbank_psd2_saturn/OriginalAuthorizeServlet.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,64 @@ | ||
/* | ||
* Copyright 2006-2019 WebPKI.org (http://webpki.org). | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"); | ||
* you may not use this file except in compliance with the License. | ||
* You may obtain a copy of the License at | ||
* | ||
* https://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, | ||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
* See the License for the specific language governing permissions and | ||
* limitations under the License. | ||
* | ||
*/ | ||
package org.webpki.webapps.swedbank_psd2_saturn; | ||
|
||
import java.io.IOException; | ||
|
||
import javax.servlet.ServletException; | ||
|
||
import javax.servlet.http.HttpServletRequest; | ||
import javax.servlet.http.HttpServletResponse; | ||
import javax.servlet.http.HttpSession; | ||
|
||
// This servlet MUST only called in the Test mode (using Open Banking GUI) | ||
// and before any other Test mode servlets | ||
|
||
public class OriginalAuthorizeServlet extends RESTBaseServlet { | ||
|
||
private static final long serialVersionUID = 1L; | ||
|
||
@Override | ||
public void doGet(HttpServletRequest request, HttpServletResponse response) | ||
throws IOException, ServletException { | ||
//////////////////////////////////////////////////////////////////////////////// | ||
// Before you can do anything you must be authenticated // | ||
// Note: this servlet is called by the browser from LIS // | ||
// The code below creates a session between LIS and the Open Banking service // | ||
// for a specific user. Note: Swedbank's Sandbox only supports a single user // | ||
// but we do this anyway to obtain consistency between implementations and be // | ||
// closer to a production version using an enhanced Open Banking API // | ||
//////////////////////////////////////////////////////////////////////////////// | ||
HttpSession session = request.getSession(); | ||
OpenBankingSessionData obsd = | ||
new OpenBankingSessionData(DEFAULT_USER, | ||
request.getRemoteAddr(), | ||
request.getHeader(HTTP_HEADER_USER_AGENT)); | ||
session.setAttribute(OBSD, obsd); | ||
|
||
//////////////////////////////////////////////////////////////////////////////// | ||
// Initial LIS to API session creation. // | ||
//////////////////////////////////////////////////////////////////////////////// | ||
String location = initializeApi(); | ||
|
||
//////////////////////////////////////////////////////////////////////////////// | ||
// The returned "Location" is now returned to the browser as a redirect which // | ||
// in turn is supposed to invoke a Web authentication UI which if successful // | ||
// should redirect back to the "redirect_uri" with an authentication code // | ||
//////////////////////////////////////////////////////////////////////////////// | ||
response.sendRedirect(location); | ||
} | ||
} |
Oops, something went wrong.