Closed Heks-dev closed 5 years ago
{ "access": { "availableAccounts": "allAccounts" }, "combinedServiceIndicator": false, "frequencyPerDay": 5, "recurringIndicator": true, "validUntil": "9999-10-10" }
{ "consentStatus": "received", "consentId": "fake-consent-0", "_links": { "self": { "href": "http://localhost:8091/v1/consents/fake-consent-0" }, "status": { "href": "http://localhost:8091/v1/consents/fake-consent-0/status" } }, "psuMessage": "OTP Password required" }
{ "tppMessages": [ { "category": "ERROR", "code": "CONSENT_UNKNOWN", "text": "Please provide correct consentId." } ] }
[DEBUG][13:04:27.589] - org.springframework.security.web.access.intercept.FilterSecurityInterceptor: Previously Authenticated: org.springframework.security.oauth2.provider.OAuth2Authentication@81c57778: Principal: AuthenticatedPrincipal(token=0a3bcd4d-90e9-49ec-8f0d-0f84e7fc9ac4, tokenTtl=600, pwi=user); Credentials: [PROTECTED]; Authenticated: true; Details: remoteAddress=0:0:0:0:0:0:0:1, sessionId=, tokenType=BearertokenValue=; Granted Authorities: ROLE_USER [DEBUG][13:04:27.590] - org.springframework.security.access.vote.AffirmativeBased: Voter: org.springframework.security.web.access.expression.WebExpressionVoter@3a085c5b, returned: 1 [DEBUG][13:04:27.590] - org.springframework.security.web.access.intercept.FilterSecurityInterceptor: Authorization successful [DEBUG][13:04:27.590] - org.springframework.security.web.access.intercept.FilterSecurityInterceptor: RunAsManager did not change Authentication object [DEBUG][13:04:27.590] - org.springframework.security.web.FilterChainProxy: /v1/consents/fake-consent-0/authorisations reached end of additional filter chain; proceeding with original chain [INFO ][13:04:29.253] - access-log: REQUEST - TPP ID: [PSDDE-FAKENCA-87B2AC], TPP IP: [0:0:0:0:0:0:0:1], X-Request-ID: [2f77a125-aa7a-45c0-b414-cea25a116035], URI: [/v1/consents/fake-consent-0/authorisations], Consent ID: [fake-consent-0] [DEBUG][13:04:29.292] - org.springframework.security.oauth2.provider.error.DefaultOAuth2ExceptionRenderer: Written [error="invalid_token", error_description="Invalid access token: 6443f0ef-9d26-4b5a-bdae-0c67817fad6a"] as "application/json;charset=UTF-8" using [org.springframework.http.converter.json.MappingJackson2HttpMessageConverter@1ff9fe46] [DEBUG][13:04:29.292] - org.springframework.security.web.context.SecurityContextPersistenceFilter: SecurityContextHolder now cleared, as request processing completed [INFO ][13:04:34.699] - de.adorsys.psd2.xs2a.service.event.Xs2aEventService: X-REQUEST-ID: [2f77a125-aa7a-45c0-b414-cea25a116035], TPP ID: [PSDDE-FAKENCA-87B2AC]. Couldn't record event from TPP request: Event(timestamp=2019-07-12T13:04:34.699072+03:00, consentId=fake-consent-0, paymentId=null, eventOrigin=TPP, eventType=START_AIS_CONSENT_AUTHORISATION_REQUEST_RECEIVED, instanceId=null, psuIdData=PsuIdData(psuId=aspsp, psuIdType=null, psuCorporateId=null, psuCorporateIdType=null), tppAuthorisationNumber=PSDDE-FAKENCA-87B2AC, xRequestId=2f77a125-aa7a-45c0-b414-cea25a116035, payload=RequestEventPayload(tppInfo=TppInfo(authorisationNumber=PSDDE-FAKENCA-87B2AC, tppName=, tppRoles=[AISP, PISP, PIISP], authorityId=DE-FAKENCA, authorityName=Trust Service Provider AG, country=Germany, organisation=Fictional Corporation AG, organisationUnit=Information Technology, city=Nuremberg, state=Bayern, tppRedirectUri=null, issuerCN=null), tppIp=0:0:0:0:0:0:0:1, uri=/v1/consents/fake-consent-0/authorisations, headers={x-request-id=2f77a125-aa7a-45c0-b414-cea25a116035, content-length=0, cookie=SESSION=OWI2OWI2NjUtMGY0My00OGViLTk1ZDgtYjNkNWZiOTQ0ZjI1, postman-token=01c627f3-0296-41ec-86db-7187bbf79032, accept=application/json, authorization=Bearer 02f51b86-2737-48e4-9585-697114ccae9b, tpp-qwac-certificate=-----BEGIN CERTIFICATE-----MIIFQTCCAymgAwIBAgIESLvdaTANBgkqhkiG9w0BAQsFADB4MQswCQYDVQQGEwJERTEQMA4GA1UECAwHQkFWQVJJQTESMBAGA1UEBwwJTnVyZW1iZXJnMSIwIAYDVQQKDBlUcnVzdCBTZXJ2aWNlIFByb3ZpZGVyIEFHMR8wHQYDVQQLDBZJbmZvcm1hdGlvbiBUZWNobm9sb2d5MB4XDTE5MDMwNTE1MTIwN1oXDTIwMDMwNDAwMDAwMFowgcwxITAfBgNVBAoMGEZpY3Rpb25hbCBDb3Jwb3JhdGlvbiBBRzEJMAcGA1UEAwwAMSUwIwYKCZImiZPyLGQBGRYVcHVibGljLmNvcnBvcmF0aW9uLmRlMR8wHQYDVQQLDBZJbmZvcm1hdGlvbiBUZWNobm9sb2d5MRAwDgYDVQQGEwdHZXJtYW55MQ8wDQYDVQQIDAZCYXllcm4xEjAQBgNVBAcMCU51cmVtYmVyZzEdMBsGA1UEYQwUUFNEREUtRkFLRU5DQS04N0IyQUMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeDcYlVutZeGFtOkonIMGHwway2ASZl8p7/v7USIxeMo/5ppbAa6Ei7i7jH9ORBoHV6qxAwNFkdd8JDneNiNn0NSvoYTemr5mqyXYhwpzLueXth1oBgjLYvcaLFXXQGS0dd6sDcaCTbw9xdDmap+6xYDRzIrdviyiph1ewpUXlrEHNu5Oomk7R5Dpv4gM9uRwYiskRigZdnArfyQ3ZYW4VZvMlFW3t1IVvSiOWvruF24w+j1g3BOHNM7tIAOlOUYQpHV1G1ChcFt5/ICArtsGAd4/ZUzlmujktdO+hNA70fDHUxkG6vQRFQhSnszzJ/C/g632nMTJbAaGtO2OvdL9DAgMBAAGjfjB8MHoGCCsGAQUFBwEDBG4wbAYGBACBmCcCMGIwOTARBgcEAIGYJwEDDAZQU1BfQUkwEQYHBACBmCcBAgwGUFNQX1BJMBEGBwQAgZgnAQQMBlBTUF9JQwwZVHJ1c3QgU2VydmljZSBQcm92aWRlciBBRwwKREUtRkFLRU5DQTANBgkqhkiG9w0BAQsFAAOCAgEAK07yQviS7/zKm1EqQyyGkEbf/1sHb9FLPBr/BicYxc3IQGd4xG1SJ1uLudX37Yq/o6exjixZ8ywib27jNLCpsF1dEQabHNXgS4enojf7CVTyKjDkKqE1mwqPmGeoWWwaWOUsWQ2/Ja/UTW5Bn5iA+nHCXVrkcjFVnRvi+dSsRm4J3E0EdAAwBkSEqHGDZO1ZiAh20YkNExx8MKKiHAVZ0ZFCXzYcaWzaK6yeCarvyPNCb+BAsc1wf3/88tLT9Nof/Ctzv2L9OjGHcalCLf/g/qTr6/50J4IMVdBwoVkg27yRE5EC3RKJE5BFx6TNWeNGs7r8HpAhO/6hLKzVHjrsA8/SAwTWNQNWdP/azSV42DuVMjDi5o5Ax9RkHXRvjsuwTR19AKvIc6nv/8XUtwORjHW+FTXTGa28PqCD1ZACiHytIBXrETevmLIlFuh6ZaWKBYPUc3DmJbFSZkhRFybh1SEtl/WzeQjIKqkRw0MGzDIRwD0sYqeE8ENkJbXJG+Cy4c42mZmEwG6E7HQQtiT9Irt1cnUiFDRe6g+h4GaxhOC5Pluxhij4DaNHCIZm30IHcyA4vZOyj7rXcvvfGMwPgbSdqSdEeNB25FEmFmJnavESxyJKYNx3JONm//0yRpacfWos/MjmbLWynYz8Bv8EK7mCS84bmSlUrUgHoNvDeBc=-----END CERTIFICATE-----, host=localhost:8091, content-type=application/json, connection=keep-alive, cache-control=no-cache, accept-encoding=gzip, deflate, psu-id=aspsp, user-agent=PostmanRuntime/7.13.0}, body=null)) [DEBUG][13:06:37.400] - org.springframework.security.web.header.writers.HstsHeaderWriter: Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@7c155021 [INFO ][13:06:37.420] - access-log: RESPONSE - TPP ID: [PSDDE-FAKENCA-87B2AC], X-Request-ID: [2f77a125-aa7a-45c0-b414-cea25a116035], Status: [403] [DEBUG][13:06:37.421] - org.springframework.security.web.access.ExceptionTranslationFilter: Chain processed normally [DEBUG][13:06:37.421] - org.springframework.security.web.context.SecurityContextPersistenceFilter: SecurityContextHolder now cleared, as request processing completed
Hello, you have wrong aspsp configuration yaml:
Hi, Thank you so much for the rapid response. Regards!
@Heks-dev Pls let us know if this solves your problem, so that we can close the ticket
Place where bug appeared
Current behavior
Expected behavior
Steps to reproduce
SCA approach
Request / Response example
Request POST /v1/consents/
Response
Request POST /v1/consents/fake-consent-0/authorisations
XS2A version(s):
Log files or other additional info
[DEBUG][13:04:27.589] - org.springframework.security.web.access.intercept.FilterSecurityInterceptor: Previously Authenticated: org.springframework.security.oauth2.provider.OAuth2Authentication@81c57778: Principal: AuthenticatedPrincipal(token=0a3bcd4d-90e9-49ec-8f0d-0f84e7fc9ac4, tokenTtl=600, pwi=user); Credentials: [PROTECTED]; Authenticated: true; Details: remoteAddress=0:0:0:0:0:0:0:1, sessionId=, tokenType=BearertokenValue=; Granted Authorities: ROLE_USER
[DEBUG][13:04:27.590] - org.springframework.security.access.vote.AffirmativeBased: Voter: org.springframework.security.web.access.expression.WebExpressionVoter@3a085c5b, returned: 1
[DEBUG][13:04:27.590] - org.springframework.security.web.access.intercept.FilterSecurityInterceptor: Authorization successful
[DEBUG][13:04:27.590] - org.springframework.security.web.access.intercept.FilterSecurityInterceptor: RunAsManager did not change Authentication object
[DEBUG][13:04:27.590] - org.springframework.security.web.FilterChainProxy: /v1/consents/fake-consent-0/authorisations reached end of additional filter chain; proceeding with original chain
[INFO ][13:04:29.253] - access-log: REQUEST - TPP ID: [PSDDE-FAKENCA-87B2AC], TPP IP: [0:0:0:0:0:0:0:1], X-Request-ID: [2f77a125-aa7a-45c0-b414-cea25a116035], URI: [/v1/consents/fake-consent-0/authorisations], Consent ID: [fake-consent-0]
[DEBUG][13:04:29.292] - org.springframework.security.oauth2.provider.error.DefaultOAuth2ExceptionRenderer: Written [error="invalid_token", error_description="Invalid access token: 6443f0ef-9d26-4b5a-bdae-0c67817fad6a"] as "application/json;charset=UTF-8" using [org.springframework.http.converter.json.MappingJackson2HttpMessageConverter@1ff9fe46]
[DEBUG][13:04:29.292] - org.springframework.security.web.context.SecurityContextPersistenceFilter: SecurityContextHolder now cleared, as request processing completed
[INFO ][13:04:34.699] - de.adorsys.psd2.xs2a.service.event.Xs2aEventService: X-REQUEST-ID: [2f77a125-aa7a-45c0-b414-cea25a116035], TPP ID: [PSDDE-FAKENCA-87B2AC]. Couldn't record event from TPP request: Event(timestamp=2019-07-12T13:04:34.699072+03:00, consentId=fake-consent-0, paymentId=null, eventOrigin=TPP, eventType=START_AIS_CONSENT_AUTHORISATION_REQUEST_RECEIVED, instanceId=null, psuIdData=PsuIdData(psuId=aspsp, psuIdType=null, psuCorporateId=null, psuCorporateIdType=null), tppAuthorisationNumber=PSDDE-FAKENCA-87B2AC, xRequestId=2f77a125-aa7a-45c0-b414-cea25a116035, payload=RequestEventPayload(tppInfo=TppInfo(authorisationNumber=PSDDE-FAKENCA-87B2AC, tppName=, tppRoles=[AISP, PISP, PIISP], authorityId=DE-FAKENCA, authorityName=Trust Service Provider AG, country=Germany, organisation=Fictional Corporation AG, organisationUnit=Information Technology, city=Nuremberg, state=Bayern, tppRedirectUri=null, issuerCN=null), tppIp=0:0:0:0:0:0:0:1, uri=/v1/consents/fake-consent-0/authorisations, headers={x-request-id=2f77a125-aa7a-45c0-b414-cea25a116035, content-length=0, cookie=SESSION=OWI2OWI2NjUtMGY0My00OGViLTk1ZDgtYjNkNWZiOTQ0ZjI1, postman-token=01c627f3-0296-41ec-86db-7187bbf79032, accept=application/json, authorization=Bearer 02f51b86-2737-48e4-9585-697114ccae9b, tpp-qwac-certificate=-----BEGIN CERTIFICATE-----MIIFQTCCAymgAwIBAgIESLvdaTANBgkqhkiG9w0BAQsFADB4MQswCQYDVQQGEwJERTEQMA4GA1UECAwHQkFWQVJJQTESMBAGA1UEBwwJTnVyZW1iZXJnMSIwIAYDVQQKDBlUcnVzdCBTZXJ2aWNlIFByb3ZpZGVyIEFHMR8wHQYDVQQLDBZJbmZvcm1hdGlvbiBUZWNobm9sb2d5MB4XDTE5MDMwNTE1MTIwN1oXDTIwMDMwNDAwMDAwMFowgcwxITAfBgNVBAoMGEZpY3Rpb25hbCBDb3Jwb3JhdGlvbiBBRzEJMAcGA1UEAwwAMSUwIwYKCZImiZPyLGQBGRYVcHVibGljLmNvcnBvcmF0aW9uLmRlMR8wHQYDVQQLDBZJbmZvcm1hdGlvbiBUZWNobm9sb2d5MRAwDgYDVQQGEwdHZXJtYW55MQ8wDQYDVQQIDAZCYXllcm4xEjAQBgNVBAcMCU51cmVtYmVyZzEdMBsGA1UEYQwUUFNEREUtRkFLRU5DQS04N0IyQUMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeDcYlVutZeGFtOkonIMGHwway2ASZl8p7/v7USIxeMo/5ppbAa6Ei7i7jH9ORBoHV6qxAwNFkdd8JDneNiNn0NSvoYTemr5mqyXYhwpzLueXth1oBgjLYvcaLFXXQGS0dd6sDcaCTbw9xdDmap+6xYDRzIrdviyiph1ewpUXlrEHNu5Oomk7R5Dpv4gM9uRwYiskRigZdnArfyQ3ZYW4VZvMlFW3t1IVvSiOWvruF24w+j1g3BOHNM7tIAOlOUYQpHV1G1ChcFt5/ICArtsGAd4/ZUzlmujktdO+hNA70fDHUxkG6vQRFQhSnszzJ/C/g632nMTJbAaGtO2OvdL9DAgMBAAGjfjB8MHoGCCsGAQUFBwEDBG4wbAYGBACBmCcCMGIwOTARBgcEAIGYJwEDDAZQU1BfQUkwEQYHBACBmCcBAgwGUFNQX1BJMBEGBwQAgZgnAQQMBlBTUF9JQwwZVHJ1c3QgU2VydmljZSBQcm92aWRlciBBRwwKREUtRkFLRU5DQTANBgkqhkiG9w0BAQsFAAOCAgEAK07yQviS7/zKm1EqQyyGkEbf/1sHb9FLPBr/BicYxc3IQGd4xG1SJ1uLudX37Yq/o6exjixZ8ywib27jNLCpsF1dEQabHNXgS4enojf7CVTyKjDkKqE1mwqPmGeoWWwaWOUsWQ2/Ja/UTW5Bn5iA+nHCXVrkcjFVnRvi+dSsRm4J3E0EdAAwBkSEqHGDZO1ZiAh20YkNExx8MKKiHAVZ0ZFCXzYcaWzaK6yeCarvyPNCb+BAsc1wf3/88tLT9Nof/Ctzv2L9OjGHcalCLf/g/qTr6/50J4IMVdBwoVkg27yRE5EC3RKJE5BFx6TNWeNGs7r8HpAhO/6hLKzVHjrsA8/SAwTWNQNWdP/azSV42DuVMjDi5o5Ax9RkHXRvjsuwTR19AKvIc6nv/8XUtwORjHW+FTXTGa28PqCD1ZACiHytIBXrETevmLIlFuh6ZaWKBYPUc3DmJbFSZkhRFybh1SEtl/WzeQjIKqkRw0MGzDIRwD0sYqeE8ENkJbXJG+Cy4c42mZmEwG6E7HQQtiT9Irt1cnUiFDRe6g+h4GaxhOC5Pluxhij4DaNHCIZm30IHcyA4vZOyj7rXcvvfGMwPgbSdqSdEeNB25FEmFmJnavESxyJKYNx3JONm//0yRpacfWos/MjmbLWynYz8Bv8EK7mCS84bmSlUrUgHoNvDeBc=-----END CERTIFICATE-----, host=localhost:8091, content-type=application/json, connection=keep-alive, cache-control=no-cache, accept-encoding=gzip, deflate, psu-id=aspsp, user-agent=PostmanRuntime/7.13.0}, body=null))
[DEBUG][13:06:37.400] - org.springframework.security.web.header.writers.HstsHeaderWriter: Not injecting HSTS header since it did not match the requestMatcher org.springframework.security.web.header.writers.HstsHeaderWriter$SecureRequestMatcher@7c155021
[INFO ][13:06:37.420] - access-log: RESPONSE - TPP ID: [PSDDE-FAKENCA-87B2AC], X-Request-ID: [2f77a125-aa7a-45c0-b414-cea25a116035], Status: [403]
[DEBUG][13:06:37.421] - org.springframework.security.web.access.ExceptionTranslationFilter: Chain processed normally
[DEBUG][13:06:37.421] - org.springframework.security.web.context.SecurityContextPersistenceFilter: SecurityContextHolder now cleared, as request processing completed