[SG] Deployment guide

[isharailanga]

Description: This issue is to track SG doc requirements. Document the following with regard to $subject.

1. Before deploying the solution, the databases and tables (UK databases are used in SG too) have to be created.
2. The foreign key constraint of the table OB_CONSENT_METADATA should be dropped using the following command. ALTER TABLE OB_CONSENT_METADATA drop foreign key FK_CONSENT_ID_UK_INITIATION;
3. When starting the server (KM), the deployed specification should be set like follows, SG in open_banking.xml,

Suggested Labels: OB140WUM, SG

Affected Product Version: 1.4.0

[Akila94]

One more config change for SG,

4. Remove AccountListRetrievalStep from open_banking.xml and set priorities of OBReportingRetrievalStep and AuthorisationInfoRetrievalStep accordingly.

[DivyaPremanantha]

5. Add the following configuration in identity.xml, under <OAuth>

<IdentityOAuthTokenGenerator>com.wso2.finance.open.banking.identity.extensions.sg.jwt.token.issuer.SGJWTTokenIssuer</IdentityOAuthTokenGenerator>

<SupportedTokenTypes>
            <SupportedTokenType>
                  <TokenTypeName>SG-JWT</TokenTypeName><TokenTypeImplClass>com.wso2.finance.open.banking.identity.extensions.sg.jwt.token.issuer.SGJWTTokenIssuer</TokenTypeImplClass>
                  <PersistAccessTokenAlias>false</PersistAccessTokenAlias>
               </SupportedTokenType>
</SupportedTokenTypes>

[DivyaPremanantha]

Description: Add the following filter configuration under tomcat web.xml

<filter>
    <filter-name>TokenFilter</filter-name>
    <filter-class>com.wso2.finance.open.banking.identity.extensions.sg.filter.TokenFilter</filter-class>
</filter>
<filter-mapping>
    <filter-name>TokenFilter</filter-name>
    <url-pattern>/token/*</url-pattern>
</filter-mapping>
<filter>
    <filter-name>AuthorizationFilter</filter-name>
    <filter-class>com.wso2.finance.open.banking.identity.extensions.sg.filter.AuthorizationFilter</filter-class>
</filter>
<filter-mapping>
    <filter-name>AuthorizationFilter</filter-name>
    <url-pattern>/authorize/*</url-pattern>
</filter-mapping>
    <filter>
    <filter-name>RevokeFilter</filter-name>
    <filter-class>com.wso2.finance.open.banking.identity.extensions.sg.filter.RevokeFilter</filter-class>
</filter>
<filter-mapping>
    <filter-name>RevokeFilter</filter-name>
    <url-pattern>/revoke/*</url-pattern>
</filter-mapping>

[DivyaPremanantha]

Add the following configuration in openbanking.xml

<SG>
        <FISP>test122</FISP>
 </SG>

[DivyaPremanantha]

add the following in api-manager.xml under <ScopeWhitelist>

<Scope>productBalances</Scope>

[DivyaPremanantha]

Add the following in identity.xml, under <OAuth>

<TokenValidators>
  <TokenValidator class="com.wso2.finance.open.banking.identity.extensions.sg.jwt.token.issuer.SGOAuth2JWTTokenValidator" type="jwt"/>
</TokenValidators>

[isharailanga]

All the configs are available in the doc below: https://docs.google.com/document/d/1bv3EsQv3TWXMqFqWPpW-84LqPjCNy-TFDfP85wkColg/edit

[Akila94]

New doc impact,

For the tokens to be revoked when the consent is revoked in the re-authorization flow. The following config in the identity.xml.

In the new config added to identity.xml for SG specific token issuer, set the "PersistAccessTokenAlias" in SupportedTokenType -> SupportedToken to true.

SG-JWT com.wso2.finance.open.banking.identity.extensions.sg.jwt.token.issuer.SGJWTTokenIssuer true

[isharailanga]

Please find the documentation for $subject below. https://docs.wso2.com/display/OB140/Try+Local+Setup+for+SG

[Akila94]

@isharailanga , I think it's better to keep this issue open as there will be more config changes for the SG specification. Just linked issue #84 here.