Skip to content

Commit

Permalink
temp
Browse files Browse the repository at this point in the history
  • Loading branch information
@cyberphone
cyberphone committed Oct 10, 2019
1 parent 77f6655 commit 57b9574
Show file tree
Hide file tree
Showing 10 changed files with 275 additions and 94 deletions.
1 change: 0 additions & 1 deletion build.xml
View file
Expand Up @@ -80,7 +80,6 @@
</classpath>
</javac>
<replace file="${temp.dir}/web.xml">
<replacefilter token="@emulation-mode@" value="${emulation_mode}"/>
<replacefilter token="@oauth2-client-id@" value="${oauth2_client_id}"/>
<replacefilter token="@oauth2-client-secret@" value="${oauth2_client_secret}"/>
<replacefilter token="@base-uri@" value="${base_uri}"/>
Expand Down
1 change: 0 additions & 1 deletion public.properties
View file
Expand Up @@ -5,4 +5,3 @@ base_uri=${service_host}/${service_path}
openkeystore=../openkeystore
keypassword=foo123
kg2kmk=kg2kmk.p12
emulation_mode=true
15 changes: 2 additions & 13 deletions src/org/webpki/webapps/swedbank_psd2_saturn/AuthRedirectServlet.java
View file
Expand Up @@ -25,8 +25,6 @@

import org.webpki.json.JSONObjectReader;

import org.webpki.net.HTTPSWrapper;

public class AuthRedirectServlet extends RESTBaseServlet {

private static final long serialVersionUID = 1L;
Expand Down Expand Up @@ -59,16 +57,7 @@ public void doGet(HttpServletRequest request, HttpServletResponse response)
////////////////////////////////////////////////////////////////////////////////
// We got the code, now we need to upgrade it to a oauth2 token //
////////////////////////////////////////////////////////////////////////////////
FormData formData = new FormData()
.addElement("grant_type", "authorization_code")
.addElement("client_id", LocalIntegrationService.oauth2ClientId)
.addElement("client_secret", LocalIntegrationService.oauth2ClientSecret)
.addElement("code", code)
.addElement("redirect_uri", LocalIntegrationService.baseUri + OAUTH2_REDIRECT_PATH);
HTTPSWrapper wrapper = getHTTPSWrapper();
wrapper.makePostRequest(OPEN_BANKING_HOST + "/psd2/token", formData.toByteArray());
JSONObjectReader json = getJsonData(wrapper);
obsd.oauth2Token = json.getString("access_token");
getOAuth2Token(obsd, code);

////////////////////////////////////////////////////////////////////////////////
// We got the token, now we need a consent for our accounts //
Expand All @@ -78,7 +67,7 @@ public void doGet(HttpServletRequest request, HttpServletResponse response)
////////////////////////////////////////////////////////////////////////////////
// We got the consent, now use it! //
////////////////////////////////////////////////////////////////////////////////
json = getAccountData(false, obsd);
JSONObjectReader json = getAccountData(false, obsd);

////////////////////////////////////////////////////////////////////////////////
// We got an account list, now get more details. For that we need to SCA. //
Expand Down
68 changes: 6 additions & 62 deletions src/org/webpki/webapps/swedbank_psd2_saturn/AuthorizeServlet.java
View file
Expand Up @@ -24,7 +24,6 @@
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.webpki.net.HTTPSWrapper;

public class AuthorizeServlet extends RESTBaseServlet {

Expand All @@ -42,67 +41,12 @@ public void doPost(HttpServletRequest request, HttpServletResponse response)
// closer to a production version using an enhanced Open Banking API //
////////////////////////////////////////////////////////////////////////////////
HttpSession session = request.getSession();
OpenBankingSessionData obsd = new OpenBankingSessionData();
obsd.userAgent = request.getHeader(HTTP_HEADER_USER_AGENT);
obsd.clientIpAddress = request.getRemoteAddr();
OpenBankingSessionData obsd =
new OpenBankingSessionData(DEFAULT_USER,
request.getRemoteAddr(),
request.getHeader(HTTP_HEADER_USER_AGENT));
session.setAttribute(OBSD, obsd);

////////////////////////////////////////////////////////////////////////////////
// Initial LIS to API session creation. //
////////////////////////////////////////////////////////////////////////////////
String location = initializeApi();

////////////////////////////////////////////////////////////////////////////////
// The returned "Location" is now returned to the browser as a redirect which //
// in turn is supposed to invoke a Web authentication UI which if successful //
// should redirect back to the "redirect_uri" with an authentication code //
////////////////////////////////////////////////////////////////////////////////
if (LocalIntegrationService.emulationMode) {
HTTPSWrapper wrapper = getBrowserEmulator(obsd);
wrapper.makeGetRequest(location);
Scraper scraper = new Scraper(wrapper);
scraper.scanTo("<form ");
RESTUrl restUrl = new RESTUrl(combineUrl(location, scraper.findWithin("action")))
.addScrapedNameValue(scraper, "sessionID")
.addScrapedNameValue(scraper, "sessionData")
.addScrapedNameValue(scraper, "bic")
.addParameter("userId", "55");
location = restUrl.toString();
String setCookie = wrapper.getHeaderValue("set-cookie");
String cookie = setCookie.substring(0, setCookie.indexOf(';'));

wrapper = getBrowserEmulator(obsd);
wrapper.setHeader("cookie", cookie);
logger.info(location);
wrapper.makeGetRequest(location);
scraper = new Scraper(wrapper);
scraper.scanTo("<form ");
restUrl = new RESTUrl(combineUrl(location, scraper.findWithin("action")))
.addScrapedNameValue(scraper, "sessionID")
.addScrapedNameValue(scraper, "sessionData")
.addScrapedNameValue(scraper, "bic");
location = restUrl.toString();

wrapper = getBrowserEmulator(obsd);
wrapper.setHeader("cookie", cookie);
logger.info(location);
wrapper.makeGetRequest(location);
logger.info(String.valueOf(wrapper.getResponseCode()));
scraper = new Scraper(wrapper);
scraper.scanTo("<form ");
location = combineUrl(location, scraper.findWithin("action"));
FormData formData = new FormData()
.addScrapedNameValue(scraper, "sessionID")
.addScrapedNameValue(scraper, "sessionData")
.addScrapedNameValue(scraper, "action")
.addScrapedNameValue(scraper, "bic");

wrapper = getBrowserEmulator(obsd);
wrapper.setHeader("cookie", cookie);
logger.info(location);
wrapper.makePostRequest(location, formData.toByteArray());
location = getLocation(wrapper);
}
response.sendRedirect(location);

emulatedAuthorize(obsd);
}
}
7 changes: 0 additions & 7 deletions src/org/webpki/webapps/swedbank_psd2_saturn/LocalIntegrationService.java
View file
Expand Up @@ -49,8 +49,6 @@ public class LocalIntegrationService extends InitPropertyReader implements Servl

static boolean logging;

static boolean emulationMode;

static String oauth2ClientId;

static String oauth2ClientSecret;
Expand Down Expand Up @@ -89,11 +87,6 @@ public void contextDestroyed(ServletContextEvent event) {
public void contextInitialized(ServletContextEvent event) {
initProperties(event);
try {
/////////////////////////////////////////////////////////////////////////////////////////////
// Using "Web Scraping" to emulate the needed Open Banking functionality
/////////////////////////////////////////////////////////////////////////////////////////////
emulationMode = getPropertyBoolean(EMULATION_MODE);

/////////////////////////////////////////////////////////////////////////////////////////////
// Core Open Banking/OAuth2 elements
/////////////////////////////////////////////////////////////////////////////////////////////
Expand Down
11 changes: 11 additions & 0 deletions src/org/webpki/webapps/swedbank_psd2_saturn/OpenBankingSessionData.java
View file
Expand Up @@ -21,8 +21,19 @@

public class OpenBankingSessionData implements Serializable {

static final String DEFAULT_BROWSER = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) " +
"AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36";

OpenBankingSessionData(String userId, String clientIpAddress, String userAgent) {
this.userId = userId;
this.clientIpAddress = clientIpAddress;
this.userAgent = userAgent == null ? DEFAULT_BROWSER : userAgent;
}

private static final long serialVersionUID = 1L;

String userId;

String userAgent;

String clientIpAddress;
Expand Down
87 changes: 87 additions & 0 deletions src/org/webpki/webapps/swedbank_psd2_saturn/OriginalAuthRedirectServlet.java
View file
@@ -0,0 +1,87 @@
/*
* Copyright 2006-2019 WebPKI.org (http://webpki.org).
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
package org.webpki.webapps.swedbank_psd2_saturn;

import java.io.IOException;

import javax.servlet.ServletException;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.webpki.json.JSONObjectReader;

// This servlet is only called in the Test mode (using Open Banking GUI)

public class OriginalAuthRedirectServlet extends RESTBaseServlet {

private static final long serialVersionUID = 1L;

@Override
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws IOException, ServletException {
////////////////////////////////////////////////////////////////////////////////
// This servlet is redirected to by the PSD2 service after a successful user //
// authentication //
////////////////////////////////////////////////////////////////////////////////

////////////////////////////////////////////////////////////////////////////////
// Check that we still have a session //
////////////////////////////////////////////////////////////////////////////////
OpenBankingSessionData obsd = getObsd(request, response);
if (obsd == null) return;

////////////////////////////////////////////////////////////////////////////////
// We should have "code" parameter //
////////////////////////////////////////////////////////////////////////////////
String code = request.getParameter("code");
if (code == null) {
throw new IOException("Didn't find 'code' object");
}
if (LocalIntegrationService.logging) {
logger.info("code=" + code);
}

////////////////////////////////////////////////////////////////////////////////
// We got the code, now we need to upgrade it to an oauth2 token //
////////////////////////////////////////////////////////////////////////////////
getOAuth2Token(obsd, code);

////////////////////////////////////////////////////////////////////////////////
// We got the token, now we need a consent for our accounts //
////////////////////////////////////////////////////////////////////////////////
getConsent(null, obsd, SCA_ACCOUNT_SUCCESS_PATH);

////////////////////////////////////////////////////////////////////////////////
// We got the consent, now use it! //
////////////////////////////////////////////////////////////////////////////////
JSONObjectReader json = getAccountData(false, obsd);

////////////////////////////////////////////////////////////////////////////////
// We got an account list, now get more details. For that we need to SCA. //
////////////////////////////////////////////////////////////////////////////////
String scaRedirectUrl = getConsent(json.getArray("accounts"),
obsd, SCA_ACCOUNT_SUCCESS_PATH);
if (scaRedirectUrl != null) {
if (LocalIntegrationService.logging) {
logger.info("Redirect to:\n" + scaRedirectUrl);
}
response.sendRedirect(scaRedirectUrl);
}
// response.sendRedirect("home");
}
}
64 changes: 64 additions & 0 deletions src/org/webpki/webapps/swedbank_psd2_saturn/OriginalAuthorizeServlet.java
View file
@@ -0,0 +1,64 @@
/*
* Copyright 2006-2019 WebPKI.org (http://webpki.org).
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
package org.webpki.webapps.swedbank_psd2_saturn;

import java.io.IOException;

import javax.servlet.ServletException;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

// This servlet MUST only called in the Test mode (using Open Banking GUI)
// and before any other Test mode servlets

public class OriginalAuthorizeServlet extends RESTBaseServlet {

private static final long serialVersionUID = 1L;

@Override
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws IOException, ServletException {
////////////////////////////////////////////////////////////////////////////////
// Before you can do anything you must be authenticated //
// Note: this servlet is called by the browser from LIS //
// The code below creates a session between LIS and the Open Banking service //
// for a specific user. Note: Swedbank's Sandbox only supports a single user //
// but we do this anyway to obtain consistency between implementations and be //
// closer to a production version using an enhanced Open Banking API //
////////////////////////////////////////////////////////////////////////////////
HttpSession session = request.getSession();
OpenBankingSessionData obsd =
new OpenBankingSessionData(DEFAULT_USER,
request.getRemoteAddr(),
request.getHeader(HTTP_HEADER_USER_AGENT));
session.setAttribute(OBSD, obsd);

////////////////////////////////////////////////////////////////////////////////
// Initial LIS to API session creation. //
////////////////////////////////////////////////////////////////////////////////
String location = initializeApi();

////////////////////////////////////////////////////////////////////////////////
// The returned "Location" is now returned to the browser as a redirect which //
// in turn is supposed to invoke a Web authentication UI which if successful //
// should redirect back to the "redirect_uri" with an authentication code //
////////////////////////////////////////////////////////////////////////////////
response.sendRedirect(location);
}
}

0 comments on commit 57b9574

Please sign in to comment.