Merge remote-tracking branch 'upstream/develop' into develop

obp-api/pom.xml

@@ -418,7 +418,7 @@
     <dependency>
       <groupId>com.microsoft.sqlserver</groupId>
       <artifactId>mssql-jdbc</artifactId>
-      <version>8.1.0.jre${java.version}-preview</version>
+      <version>11.2.0.jre${java.version}</version>
     </dependency>
     <!-- scalikejdbc for call stored procedure end-->
 
@@ -530,7 +530,7 @@
           <!-- add src/main/java to source dirs -->
           <groupId>org.codehaus.mojo</groupId>
           <artifactId>build-helper-maven-plugin</artifactId>
-          <version>1.10</version>
+          <version>3.6.0</version>
           <executions>
             <execution>
               <phase>generate-sources</phase>
@@ -552,7 +552,7 @@
         <plugin>
           <groupId>org.apache.maven.plugins</groupId>
           <artifactId>maven-war-plugin</artifactId>
-          <version>2.6</version>
+          <version>3.4.0</version>
           <configuration>
             <webXml>${webXmlPath}</webXml>
           </configuration>
@@ -639,7 +639,7 @@
       <plugin>
         <groupId>org.apache.maven.plugins</groupId>
         <artifactId>maven-compiler-plugin</artifactId>
-        <version>3.8.1</version>
+        <version>3.13.0</version>
         <configuration>
           <release>${java.version}</release>
         </configuration>

obp-api/src/main/resources/i18n/lift-core_es_ES.properties

@@ -718,7 +718,7 @@ OBP-30030 = se pudo insertar el Producto
 OBP-30031 = se ha podido actualizar el Producto
 OBP-30032 = se pudo insertar la tarjeta
 OBP-30033 = se ha podido actualizar la tarjeta
-OBP-30034 = ViewId no es soportado. Sólo admite cuatro ahora':  Owner, Accountant, Auditor, _Public.
+OBP-30034 = ViewId no es soportado. Sólo admite cuatro ahora':  owner, accountant, auditor, _public.
 OBP-30035 = se ha encontrado el enlace con el cliente
 OBP-30036 = se ha podido crear o actualizar CounterpartyMetadata
 OBP-30037 = se han encontrado los metadatos de la contraparte. Por favor, especifique valores válidos para BANK_ID, ACCOUNT_ID y COUNTERPARTY_ID. 

obp-api/src/main/scala/code/api/OAuth2.scala

@@ -181,8 +181,8 @@ object OAuth2Login extends RestHelper with MdcLoggable {
 
       // In case a user is created via OpenID Connect flow implies provider = hydraPublicUrl
       // In case a user is created via GUI of OBP-API implies provider = Constant.localIdentityProvider
-      val user = Users.users.vend.getUserByUserName(introspectOAuth2Token.getIss, introspectOAuth2Token.getSub).or(
-        Users.users.vend.getUserByUserName(Constant.localIdentityProvider, introspectOAuth2Token.getSub)
+      val user = Users.users.vend.getUserByProviderAndUsername(introspectOAuth2Token.getIss, introspectOAuth2Token.getSub).or(
+        Users.users.vend.getUserByProviderAndUsername(Constant.localIdentityProvider, introspectOAuth2Token.getSub)
       )
       user match {
         case Full(u) =>

obp-api/src/main/scala/code/api/ResourceDocs1_4_0/MessageDocsSwaggerDefinitions.scala

@@ -1,5 +1,6 @@
 package code.api.ResourceDocs1_4_0
 
+import code.api.Constant
 import java.util.Date
 
 import code.api.util.APIUtil._
@@ -23,7 +24,7 @@ object MessageDocsSwaggerDefinitions
     balanceAmount = balanceAmountExample.value,
     balanceCurrency = currencyExample.value,
     owners = List(owner1Example.value),
-    viewsToGenerate = List("Owner", "Accountant", "Auditor"),
+    viewsToGenerate = List(Constant.SYSTEM_OWNER_VIEW_ID, Constant.SYSTEM_ACCOUNTANT_VIEW_ID,Constant.SYSTEM_AUDITOR_VIEW_ID),
     bankRoutingScheme = bankRoutingSchemeExample.value,
     bankRoutingAddress = bankRoutingAddressExample.value,
     branchRoutingScheme = branchRoutingSchemeExample.value,

obp-api/src/main/scala/code/api/ResourceDocs1_4_0/SwaggerDefinitionsJSON.scala

@@ -345,8 +345,8 @@ object SwaggerDefinitionsJSON {
     hide_metadata_if_alias_used = hideMetadataIfAliasUsedExample.value.toBoolean,
     allowed_actions = allowedActionsV500,
     // Version 5.0.0
-    can_grant_access_to_views = Some(List(viewIdExample.value)),
-    can_revoke_access_to_views = Some(List(viewIdExample.value))
+    can_grant_access_to_views = Some(List(Constant.SYSTEM_OWNER_VIEW_ID)),
+    can_revoke_access_to_views = Some(List(Constant.SYSTEM_OWNER_VIEW_ID))
   )
 
   val updateCustomViewJson = UpdateCustomViewJson(
@@ -447,8 +447,8 @@ object SwaggerDefinitionsJSON {
     hide_metadata_if_alias_used = true,
     allowed_actions = allowedActionsV500,
     // Version 5.0.0
-    can_grant_access_to_views = Some(List("owner")),
-    can_revoke_access_to_views = Some(List("owner"))
+    can_grant_access_to_views = Some(List(Constant.SYSTEM_OWNER_VIEW_ID)),
+    can_revoke_access_to_views = Some(List(Constant.SYSTEM_OWNER_VIEW_ID))
   )
   lazy val updateSystemViewJson500 = updateViewJsonV500.copy(is_public = false, is_firehose = Some(false))
 
@@ -3079,15 +3079,15 @@ object SwaggerDefinitionsJSON {
     can_see_bank_account_credit_limit = true,
     can_create_direct_debit = true,
     can_create_standing_order = true,
-    can_grant_access_to_views = List("Owner"),
-    can_revoke_access_to_views = List("Owner")
+    can_grant_access_to_views = List(Constant.SYSTEM_OWNER_VIEW_ID),
+    can_revoke_access_to_views = List(Constant.SYSTEM_OWNER_VIEW_ID)
   )
 
   val viewsJsonV500 = ViewsJsonV500(
     views = List(viewJsonV500)
   )
 
-  val viewIdJsonV500 = ViewIdJsonV500(id = "owner")
+  val viewIdJsonV500 = ViewIdJsonV500(id = Constant.SYSTEM_OWNER_VIEW_ID)
   val viewIdsJsonV500 = ViewsIdsJsonV500(
     views = List(viewIdJsonV500)
   )

obp-api/src/main/scala/code/api/berlin/group/v1_3/PaymentInitiationServicePISApi.scala

@@ -1,5 +1,6 @@
 package code.api.builder.PaymentInitiationServicePISApi
 
+import code.api.Constant
 import code.api.ResourceDocs1_4_0.SwaggerDefinitionsJSON.sepaCreditTransfersBerlinGroupV13
 import code.api.berlin.group.v1_3.JSONFactory_BERLIN_GROUP_1_3.{CancelPaymentResponseJson,
   CancelPaymentResponseLinks, LinkHrefJson, UpdatePaymentPsuDataJson, checkUpdatePsuAuthentication,checkAuthorisationConfirmation,
@@ -590,7 +591,7 @@ Check the transaction status of a payment initiation.""",
           for {
             (createdTransactionRequest, callContext) <- NewStyle.function.createTransactionRequestv400(
               u,
-              ViewId("Owner"), //This is the default
+              ViewId(Constant.SYSTEM_OWNER_VIEW_ID), //This is the default
               fromAccount,
               toAccount,
               TransactionRequestType(transactionRequestTypes.toString),

obp-api/src/main/scala/code/api/constant/constant.scala

@@ -13,7 +13,7 @@ object Constant extends MdcLoggable {
 
   object Pagination {
     final val offset = 0
-    final val limit = 500
+    final val limit = 50
   }
 
   final val shortEndpointTimeoutInMillis = APIUtil.getPropsAsLongValue(nameOfProperty = "short_endpoint_timeout", 1L * 1000L)
@@ -62,24 +62,35 @@ object Constant extends MdcLoggable {
   final val SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID = "ReadTransactionsBerlinGroup"
 
   //TODO, this need to be double check
-  final val ALL_SYSTEM_VIEWS_CREATED_FROM_BOOT = List(
-    SYSTEM_OWNER_VIEW_ID,
-    SYSTEM_AUDITOR_VIEW_ID,
-    SYSTEM_ACCOUNTANT_VIEW_ID,
-    SYSTEM_FIREHOSE_VIEW_ID,
-    SYSTEM_STANDARD_VIEW_ID,
-    SYSTEM_STAGE_ONE_VIEW_ID,
-    SYSTEM_MANAGE_CUSTOM_VIEWS_VIEW_ID,
-    SYSTEM_READ_ACCOUNTS_BASIC_VIEW_ID,
-    SYSTEM_READ_ACCOUNTS_DETAIL_VIEW_ID,
-    SYSTEM_READ_BALANCES_VIEW_ID,
-    SYSTEM_READ_TRANSACTIONS_BASIC_VIEW_ID,
-    SYSTEM_READ_TRANSACTIONS_DEBITS_VIEW_ID,
-    SYSTEM_READ_TRANSACTIONS_DETAIL_VIEW_ID,
-    SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID,
-    SYSTEM_READ_BALANCES_BERLIN_GROUP_VIEW_ID,
-    SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID
-  ) 
+  final val ALL_SYSTEM_VIEWS_CREATED_FROM_BOOT = 
+    SYSTEM_OWNER_VIEW_ID::
+    SYSTEM_AUDITOR_VIEW_ID::
+    SYSTEM_ACCOUNTANT_VIEW_ID::
+    SYSTEM_FIREHOSE_VIEW_ID::
+    SYSTEM_STANDARD_VIEW_ID::
+    SYSTEM_STAGE_ONE_VIEW_ID::
+    SYSTEM_MANAGE_CUSTOM_VIEWS_VIEW_ID::
+    SYSTEM_READ_ACCOUNTS_BASIC_VIEW_ID::
+    SYSTEM_READ_ACCOUNTS_DETAIL_VIEW_ID::
+    SYSTEM_READ_BALANCES_VIEW_ID::
+    SYSTEM_READ_TRANSACTIONS_BASIC_VIEW_ID::
+    SYSTEM_READ_TRANSACTIONS_DEBITS_VIEW_ID::
+    SYSTEM_READ_TRANSACTIONS_DETAIL_VIEW_ID::
+    SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID::
+    SYSTEM_READ_BALANCES_BERLIN_GROUP_VIEW_ID::
+    SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID :: Nil
+
+  final val ALL_SYSTEM_VIEWS_CREATED_FROM_CBS = 
+    SYSTEM_OWNER_VIEW_ID::
+    SYSTEM_ACCOUNTANT_VIEW_ID::
+    SYSTEM_AUDITOR_VIEW_ID::
+    SYSTEM_STAGE_ONE_VIEW_ID::
+    SYSTEM_STANDARD_VIEW_ID::
+    SYSTEM_MANAGE_CUSTOM_VIEWS_VIEW_ID::
+    SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID::
+    SYSTEM_READ_BALANCES_BERLIN_GROUP_VIEW_ID::
+    SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID :: Nil
+
   //These are the default incoming and outgoing account ids. we will create both during the boot.scala.
   final val INCOMING_SETTLEMENT_ACCOUNT_ID = "OBP-INCOMING-SETTLEMENT-ACCOUNT"    
   final val OUTGOING_SETTLEMENT_ACCOUNT_ID = "OBP-OUTGOING-SETTLEMENT-ACCOUNT"    

obp-api/src/main/scala/code/api/directlogin.scala

@@ -491,14 +491,9 @@ object DirectLogin extends RestHelper with MdcLoggable {
     val username = directLoginParameters.getOrElse("username", "")
     val password = directLoginParameters.getOrElse("password", "")
 
-    var userId = for {id <- AuthUser.getResourceUserId(username, password)} yield id
-
-    if (userId.isEmpty) {
-      if ( ! AuthUser.externalUserHelper(username, password).isEmpty)
-      	userId = for {id <- AuthUser.getResourceUserId(username, password)} yield id
-    }
-
-    userId
+    //we first try to get the userId from local, if not find, we try to get it from external 
+    AuthUser.getResourceUserId(username, password)
+        .or(AuthUser.externalUserHelper(username, password).map(_.user.get))
   }
 
 

obp-api/src/main/scala/code/api/util/ErrorMessages.scala

@@ -338,14 +338,7 @@ object ErrorMessages {
   val CreateCardError = "OBP-30032: Could not insert the Card"
   val UpdateCardError = "OBP-30033: Could not update the Card"
 
-  val ViewIdNotSupported = s"OBP-30034: This ViewId is not supported. Only the following can be used: " +
-    s"$SYSTEM_OWNER_VIEW_ID, " +
-    s"$SYSTEM_ACCOUNTANT_VIEW_ID, " +
-    s"$SYSTEM_AUDITOR_VIEW_ID, " +
-    s"$SYSTEM_STAGE_ONE_VIEW_ID, " +
-    s"$SYSTEM_STANDARD_VIEW_ID, " +
-    s"$SYSTEM_MANAGE_CUSTOM_VIEWS_VIEW_ID, " +
-    s"$CUSTOM_PUBLIC_VIEW_ID."
+  val ViewIdNotSupported = s"OBP-30034: This ViewId is not supported. Only the following can be used: " 
 
   val UserCustomerLinkNotFound = "OBP-30035: User Customer Link not found"
 

obp-api/src/main/scala/code/api/util/ExampleValue.scala

@@ -1,6 +1,7 @@
 package code.api.util
 
 
+import code.api.Constant
 import code.api.util.APIUtil.{DateWithMs, DateWithMsExampleString, formatDate, oneYearAgo, oneYearAgoDate, parseDate}
 import code.api.util.ErrorMessages.{InvalidJsonFormat, UnknownError, UserHasMissingRoles, UserNotLoggedIn}
 import net.liftweb.json.JsonDSL._
@@ -331,10 +332,10 @@ object ExampleValue {
   lazy val owner1Example = ConnectorField("SusanSmith", "A username that is the owner of the account.")
   glossaryItems += makeGlossaryItem("Account.owner", owner1Example)
 
-  lazy val viewIdExample = ConnectorField("owner", "A viewId can be owner, accountant, public ....")
+  lazy val viewIdExample = ConnectorField(Constant.SYSTEM_OWNER_VIEW_ID, "A viewId can be owner, accountant ....")
   glossaryItems += makeGlossaryItem("view.id", viewIdExample)
 
-  lazy val viewNameExample = ConnectorField("Owner","A viewName can be Owner, Accountant, Public ....")
+  lazy val viewNameExample = ConnectorField(Constant.SYSTEM_OWNER_VIEW_ID,"A viewName can be owner, accountant ....")
   glossaryItems += makeGlossaryItem("view.name",viewNameExample)
 
   lazy val viewDescriptionExample = ConnectorField("This view is for the owner for the account.", "A description for this view.")
@@ -1497,15 +1498,15 @@ object ExampleValue {
   glossaryItems += makeGlossaryItem("basket_id", basketIdExample)
 
   lazy val consentRequestPayloadExample = ConnectorField(
-    """{
+    s"""{
       |  "everything": false,
       |  "account_access": [
       |    {
       |      "account_routing": {
       |        "scheme": "AccountNumber",
       |        "address": "4930396"
       |      },
-      |      "view_id": "owner"
+      |      "view_id": "${Constant.SYSTEM_OWNER_VIEW_ID}"
       |    }
       |  ],
       |  "phone_number": "+44 07972 444 876",

obp-api/src/main/scala/code/api/util/Glossary.scala

@@ -1,7 +1,7 @@
 package code.api.util
 
 import java.io.File
-
+import code.api.Constant
 import code.api.Constant.{PARAM_LOCALE, directLoginHeaderName}
 import code.api.util.APIUtil.{getObpApiRoot, getServerUrl}
 import code.api.util.ExampleValue.{accountIdExample, bankIdExample, customerIdExample, userIdExample}
@@ -739,7 +739,16 @@ object Glossary extends MdcLoggable  {
 		s"""
 		  |The "consumer" of the API, i.e. the web, mobile or serverside "App" that calls on the OBP API on behalf of the end user (or system).
 		  |
-		  |Each Consumer has a consumer key and secrect which allows it to enter into secure communication with the API server.
+		  |Each Consumer has a consumer key and secret which allows it to enter into secure communication with the API server.
+			|
+			|A Consumer is given a Consumer ID (a UUID) which appears in logs and messages to the backend.
+			|
+			|A Consumer may be pinned to an mTLS certificate i.e. the consumer record in the database is given a field which matches the PEM representation of the certificate.
+			|
+			|After pinning, the consumer must present the certificate in all communication with the server.
+			|
+			|There is a one to one relationship between a Consumer and its certificate. i.e. OBP does not (currently) store the history of certificates bound to a Consumer. If a certificate expires, the third party provider (TPP) must generate a new consumer using a new certificate. In this case, related resources such as rate limits and scopes must be copied from the old consumer to the new consumer. In the future, OBP may store multiple certificates for a consumer, but a certificate will always identify only one consumer record.
+			|
 		""")
 
 	  glossaryItems += GlossaryItem(
@@ -1752,7 +1761,7 @@ object Glossary extends MdcLoggable  {
 |
 |Body:
 |
-|	{  "everything":false,  "views":[{    "bank_id":"gh.29.uk",    "account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",    "view_id":"owner"  }],  "entitlements":[{    "bank_id":"gh.29.uk",    "role_name":"CanGetCustomer"  }],  "consumer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",  "phone_number":"+44 07972 444 876",  "valid_from":"2022-04-29T10:40:03Z",  "time_to_live":3600}
+|	{  "everything":false,  "views":[{    "bank_id":"gh.29.uk",    "account_id":"8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0",    "view_id":${Constant.SYSTEM_OWNER_VIEW_ID}],  "entitlements":[{    "bank_id":"gh.29.uk",    "role_name":"CanGetCustomer"  }],  "consumer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",  "phone_number":"+44 07972 444 876",  "valid_from":"2022-04-29T10:40:03Z",  "time_to_live":3600}
 |
 |Headers:
 |

obp-api/src/main/scala/code/api/util/NewStyle.scala

@@ -80,6 +80,7 @@ import code.endpointMapping.{EndpointMappingProvider, EndpointMappingT}
 import code.endpointTag.EndpointTagT
 import code.util.Helper.MdcLoggable
 import code.views.system.AccountAccess
+import com.openbankproject.commons.model.enums.SuppliedAnswerType
 import net.liftweb.mapper.By
 
 object NewStyle extends MdcLoggable{
@@ -408,7 +409,7 @@ object NewStyle extends MdcLoggable{
     }
 
     def getBankAccountByAccountId(accountId : AccountId, callContext: Option[CallContext]) : OBPReturnType[BankAccount] = {
-      Connector.connector.vend.getBankAccountByAccountId(accountId : AccountId, callContext: Option[CallContext]) map { i =>
+      Connector.connector.vend.checkBankAccountExists(BankId(defaultBankId), accountId : AccountId, callContext: Option[CallContext]) map { i =>
         (unboxFullOrFail(i._1, callContext,s"$BankAccountNotFoundByAccountId Current account_id is $accountId", 404 ), i._2)
       }
     }
@@ -1300,9 +1301,8 @@ object NewStyle extends MdcLoggable{
       }
     }
 
-
-    def validateChallengeAnswer(challengeId: String, hashOfSuppliedAnswer: String, callContext: Option[CallContext]): OBPReturnType[Boolean] = 
-     Connector.connector.vend.validateChallengeAnswer(challengeId: String, hashOfSuppliedAnswer: String, callContext: Option[CallContext]) map { i =>
+    def validateChallengeAnswer(challengeId: String, suppliedAnswer: String, suppliedAnswerType:SuppliedAnswerType.Value,  callContext: Option[CallContext]): OBPReturnType[Boolean] = 
+     Connector.connector.vend.validateChallengeAnswerV2(challengeId, suppliedAnswer, suppliedAnswerType, callContext) map { i =>
        (unboxFullOrFail(i._1, callContext, s"${
          InvalidChallengeAnswer
            .replace("answer may be expired.", s"answer may be expired (${transactionRequestChallengeTtl} seconds).")
@@ -1330,6 +1330,7 @@ object NewStyle extends MdcLoggable{
        (unboxFullOrFail(i._1, callContext, s"$InvalidConnectorResponse() "), i._2)
       }
 
+    //At moment this method is used for Berlin Group Payments
     def validateChallengeAnswerC2(
       challengeType: ChallengeType.Value,
       transactionRequestId: Option[String], 
@@ -1358,6 +1359,8 @@ object NewStyle extends MdcLoggable{
         }
       }
     }
+
+    //At moment this method is used for Berlin Group SigningBasketsApi.scala
     def validateChallengeAnswerC3(
       challengeType: ChallengeType.Value,
       transactionRequestId: Option[String],

obp-api/src/main/scala/code/api/util/migration/Migration.scala

@@ -584,8 +584,15 @@ object Migration extends MdcLoggable {
             val tableName = table.dbTableName
             val sdf = new SimpleDateFormat("yyyy_MM_dd_HH_mm_ss_SSS")
             val resultDate = new Date(System.currentTimeMillis())
-            DB.prepareStatement(s"CREATE TABLE ${tableName}_backup_${sdf.format(resultDate)} AS (SELECT * FROM $tableName); ", conn){
-              stmt => stmt.executeQuery()
+            val dbDriver = APIUtil.getPropsValue("db.driver","org.h2.Driver")
+            val sqlQuery = if (dbDriver.contains("com.microsoft.sqlserver.jdbc.SQLServerDriver")) {
+              s"SELECT * INTO ${tableName}_backup_${sdf.format(resultDate)} FROM $tableName;"
+            }else{
+              s"CREATE TABLE ${tableName}_backup_${sdf.format(resultDate)} AS (SELECT * FROM $tableName);"
+            }
+            DB.prepareStatement(sqlQuery, conn){
+              stmt => stmt.execute() //statement.executeQuery() expects a resultset and you don't get one.
+              // Use statement.execute() for an ALTER-statement to avoid this issue.
             }
             true
           } catch {

obp-api/src/main/scala/code/api/util/migration/MigrationInfoOfAccoutHolders.scala

@@ -1,5 +1,6 @@
 package code.api.util.migration
 
+import code.api.Constant
 import java.time.format.DateTimeFormatter
 import java.time.{ZoneId, ZonedDateTime}
 
@@ -42,7 +43,7 @@ object BankAccountHoldersAndOwnerViewAccess {
             ownerViewAccess = AccountAccess.findAll(
               By(AccountAccess.bank_id, bankId),
               By(AccountAccess.account_id, accountId),
-              ByList(AccountAccess.view_id, List("owner", "_owner"))
+              ByList(AccountAccess.view_id, List(Constant.SYSTEM_OWNER_VIEW_ID, "_owner"))
             )
           } yield {
             (bankId, accountId, ownerViewAccess.size > 0)