FSPIOP API version negotiation not handled - Transfers-service #2536
Labels
bug
Something isn't working or it has wrong behavior on a Mojaloop Core service
oss-core
This is an issue - story or epic related to a feature on a Mojaloop core service or related to it
to-be-refined
This story is ready to be groomed
Milestone
Comments
mdebarros
added
bug
mdebarros
added a commit
to mojaloop/central-services-shared
that referenced
this issue
Oct 18, 2021
…ansfers service (#315) - fix(mojaloop/#2536): fspiop api version negotiation not handled by transfers service - mojaloop/project#2536 - added new convertSupportedVersionToExtensionList to correctly handle the exception use-cases (i.e. provide the configured supported versions in the error extensionList) - added unit tests for convertSupportedVersionToExtensionList - renamed headerValidation/validation.test.js to match the file name (i.e. index.test.js) - split options config for supportedProtocolVersions to supportedProtocolVersions & supportedProtocolAcceptVersions - chore: updated dependencies & fixes to audit-resolve - chore: updated npm test script - removed deprecated faucet dependency (replaced by tap-spec) - added yarn.lock to gitignore BREAKING CHANGE: split options config for supportedProtocolVersions to supportedProtocolVersions & supportedProtocolAcceptVersions of HeaderValidation Hapi Plugin. It should be backward compatible, but forcing a major version bump to reflect this new functionality.
mdebarros
added a commit
to mdebarros/account-lookup-service
that referenced
this issue
Oct 20, 2021
…ansfers service
- chore: updated dependencies
- updated dependencies
- fixes for audit-resolve
- added eslint* to ncurc file due to compatibility-issues with standard
- added get-port to ncurc file due to breaking-changes/compatibility-issues with Node ES version support
- fix(mojaloop/#2536): fspiop api version negotiation not handled by transfers service - mojaloop/project#2536
- added getOptionsForFSPIOPHeaderValidation to the plugin configuration
- added new config key for PROTOCOL_VERSIONS to default and integration configs
- added DEFAULT_PROTOCOL_VERSION for backward compatibility
mdebarros
added a commit
to mojaloop/ml-api-adapter
that referenced
this issue
Nov 5, 2021
…ansfers service (#487) - chore: updated dependencies - chore: ci-cd improvements - updated ci dependency cache to use the commit sha instead of the package.json checksum. this will ensure that builds never re-use stale caches going forward! - added release and git-release jobs to CI-CD pipeline - removed deploy from ci-cd pipeline - added standard-version dev dependency, and npm script for releases - fix(mojaloop/#2536): fspiop api version negotiation not handled by transfers service - mojaloop/project#2536 - added getOptionsForFSPIOPHeaderValidation to the plugin configuration - added new config key for PROTOCOL_VERSIONS to default and integration configs - updated unit/integration tests to use v1.1 protocol - added DEFAULT_PROTOCOL_VERSION for backward compatibility - MLAPI_PROTOCOL_VERSIONS__ACCEPT__VALIDATELIST can be set as follows "[ \"1\", \"1.1\"]" and it will be parsed correctly into a object - Note that MLAPI_PROTOCOL_VERSIONS__ACCEPT__DEFAULT is not currently used by the ML-API-Adapter, I have not included this in the default.json, but it can be set (when implemented in future). I have also added a comment in the config.js to reflect this. - Added unit tests for config changes BREAKING CHANGE: Forcing a major version change for awareness of the config changes. The `LIB_RESOURCE_VERSIONS` env var is now deprecated, and this is now also controlled by the PROTOCOL_VERSIONS config in the default.json. This has been done for consistency between all API services going forward and unifies the config for both inbound and outbound Protocol API validation/transformation features.
|
This is what it looks like when we send an unsupported protocol request to the ml-api-adapter: {
"status": 406,
"statusText": "Not Acceptable",
"body": {
"errorInformation": {
"errorCode": "3001",
"errorDescription": "Unacceptable version requested - The Client requested an unsupported version, see extension list for supported version(s).",
"extensionList": {
"extension": [
{
"key": "1",
"value": "0"
},
{
"key": "1",
"value": "1"
}
]
}
}
},
"headers": {
"content-type": "application/json; charset=utf-8",
"cache-control": "no-cache",
"content-length": "265",
"date": "Tue, 09 Nov 2021 08:32:42 GMT",
"connection": "keep-alive"
}
} |
|
Thanks @mdebarros ; looks good |
mdebarros
added a commit
to mojaloop/testing-toolkit-test-cases
that referenced
this issue
Nov 9, 2021
- Updates for Transfer Service: mojaloop/project#2536
mdebarros
added a commit
to mojaloop/testing-toolkit-test-cases
that referenced
this issue
Dec 14, 2021
- fix: fspiop api version negotiation not handled
- Updates for Transfer Service: mojaloop/project#2536
- fix(mojaloop/#2574): sdk-scheme-adapter is not returning party sub-id
- updated unit tests p2p_happy_path_subid to resolve this issue: mojaloop/project#2574
- Mojaloop-Simulator DFSP API incorrectly set the subIdValue instead of the idSubValue when creating the Party
- feat: update GP tests to use v1.1 by default and v1.0 only for specific test cases #2530 - mojaloop/project#2530
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Summary:
FSPIOP-API Service for ML-API-Adapter (i.e. Transfers-service) is not handling API Negotiation according to the Mojaloop API Specification - Section 3.3.4.3.
Severity:
Medium
Priority:
High
Expected Behavior
acceptrequest headers, and fail withHTTP status 406response to the Source-Participant (i.e. Payer) if the requested version is not supportedSteps to Reproduce
Specifications
Notes:
Tasks for fixing:
The text was updated successfully, but these errors were encountered: