search

adorsys / open-banking-gateway

Provides RESTful API, tools, adapters, and connectors for transparent access to open banking API's (for banks that support PSD2 and XS2A as well as HBCI/FinTS)
https://adorsys.github.io/open-banking-gateway
GNU Affero General Public License v3.0
247 stars 93 forks source link

service-session-id without expiry date #789

Open electronicpeter opened 4 years ago

electronicpeter commented 4 years ago

Tpp returns service-session-id which actually has functionality of a consent handle for client. But consent is not valid for all times and has an expiry date. But client does not get this information and is forced to reuse conent untial 503 is returned from server (see https://app.zenhub.com/workspaces/open-banking-gateway-5dd3b3daf010250001260675/issues/adorsys/open-banking-gateway/788).

Client needs to get information of expiry date. Good place to return expiry date would be response of v1/banking/consents/{auth-id}/onfirm method.

nitch2019 commented 3 years ago

check it again with Peter

gatiskalnins commented 3 years ago

https://jira.adorsys.de/browse/OBG-72