@mojaloop/api-snippets 12.6.4 → 12.6.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (12) hide show
  1. package/CHANGELOG.md +14 -0
  2. package/docs/thirdparty-openapi3-snippets.yaml +158 -124
  3. package/lib/thirdparty/index.d.ts +5 -0
  4. package/lib/thirdparty/openapi.d.ts +72 -63
  5. package/package.json +1 -1
  6. package/tests/dto/thirdparty.test.ts +69 -5
  7. package/thirdparty/openapi3/components/schemas/AuthenticationResponse.yaml +9 -0
  8. package/thirdparty/openapi3/components/schemas/ThirdpartyRequestsAuthorizationsIDPutResponseFIDO.yaml +1 -1
  9. package/thirdparty/openapi3/components/schemas/ThirdpartyRequestsAuthorizationsPostRequest.yaml +8 -5
  10. package/thirdparty/openapi3/components/schemas/ThirdpartyRequestsVerificationsIDPutResponse.yaml +1 -5
  11. package/thirdparty/openapi3/paths/thirdpartyRequests_authorizations_ID.yaml +21 -19
  12. package/thirdparty/openapi3/paths/thirdpartyRequests_verifications_ID.yaml +5 -3
package/CHANGELOG.md CHANGED
@@ -1,4 +1,18 @@
1
1
  # Changelog: [mojaloop/api-snippets](https://github.com/mojaloop/api-snippets)
2
+ ### [12.6.6](https://github.com/mojaloop/api-snippets/compare/v12.6.5...v12.6.6) (2021-08-26)
3
+
4
+
5
+ ### Bug Fixes
6
+
7
+ * **thirdparty:** missing and invalid payloads ([#108](https://github.com/mojaloop/api-snippets/issues/108)) ([3dac4a9](https://github.com/mojaloop/api-snippets/commit/3dac4a93643c2fd31ba5db672707172e173066fe))
8
+
9
+ ### [12.6.5](https://github.com/mojaloop/api-snippets/compare/v12.6.4...v12.6.5) (2021-08-25)
10
+
11
+
12
+ ### Bug Fixes
13
+
14
+ * **payload:** bad use of refs in TPR Authorizations ([#107](https://github.com/mojaloop/api-snippets/issues/107)) ([3414327](https://github.com/mojaloop/api-snippets/commit/34143271c8c3b72c518ec125ece63f2f2f558cce))
15
+
2
16
  ### [12.6.4](https://github.com/mojaloop/api-snippets/compare/v12.6.3...v12.6.4) (2021-08-24)
3
17
 
4
18
 
package/docs/thirdparty-openapi3-snippets.yaml CHANGED
@@ -7248,23 +7248,35 @@ paths:
7248
7248
  type: string
7249
7249
  description: The challenge that the PISP's client is to sign
7250
7250
  transferAmount:
7251
- description: Data model for the complex type Money.
7252
- title: Money
7253
- type: object
7254
- properties: *ref_0
7255
- required: *ref_1
7251
+ allOf:
7252
+ - title: Money
7253
+ type: object
7254
+ description: Data model for the complex type Money.
7255
+ properties: *ref_0
7256
+ required: *ref_1
7257
+ description: >-
7258
+ The amount that will be debited from the sending customer’s
7259
+ account as a consequence of the transaction.
7256
7260
  payeeReceiveAmount:
7257
- description: Data model for the complex type Money.
7258
- title: Money
7259
- type: object
7260
- properties: *ref_0
7261
- required: *ref_1
7261
+ allOf:
7262
+ - title: Money
7263
+ type: object
7264
+ description: Data model for the complex type Money.
7265
+ properties: *ref_0
7266
+ required: *ref_1
7267
+ description: >-
7268
+ The amount that will be credited to the receiving
7269
+ customer’s account as a consequence of the transaction.
7262
7270
  fees:
7263
- description: Data model for the complex type Money.
7264
- title: Money
7265
- type: object
7266
- properties: *ref_0
7267
- required: *ref_1
7271
+ allOf:
7272
+ - title: Money
7273
+ type: object
7274
+ description: Data model for the complex type Money.
7275
+ properties: *ref_0
7276
+ required: *ref_1
7277
+ description: >-
7278
+ The amount of fees that the paying customer will be charged
7279
+ as part of the transaction.
7268
7280
  payer:
7269
7281
  allOf:
7270
7282
  - title: PartyIdInfo
@@ -7292,27 +7304,33 @@ paths:
7292
7304
  properties: *ref_65
7293
7305
  required: *ref_66
7294
7306
  expiration:
7307
+ allOf:
7308
+ - title: DateTime
7309
+ type: string
7310
+ pattern: >-
7311
+ ^(?:[1-9]\d{3}-(?:(?:0[1-9]|1[0-2])-(?:0[1-9]|1\d|2[0-8])|(?:0[13-9]|1[0-2])-(?:29|30)|(?:0[13578]|1[02])-31)|(?:[1-9]\d(?:0[48]|[2468][048]|[13579][26])|(?:[2468][048]|[13579][26])00)-02-29)T(?:[01]\d|2[0-3]):[0-5]\d:[0-5]\d(?:(\.\d{3}))(?:Z|[+-][01]\d:[0-5]\d)$
7312
+ description: >-
7313
+ The API data type DateTime is a JSON String in a lexical
7314
+ format that is restricted by a regular expression for
7315
+ interoperability reasons. The format is according to
7316
+ [ISO
7317
+ 8601](https://www.iso.org/iso-8601-date-and-time-format.html),
7318
+ expressed in a combined date, time and time zone format.
7319
+ A more readable version of the format is
7320
+ yyyy-MM-ddTHH:mm:ss.SSS[-HH:MM]. Examples are
7321
+ "2016-05-24T08:38:08.699-04:00",
7322
+ "2016-05-24T08:38:08.699Z" (where Z indicates Zulu time
7323
+ zone, same as UTC).
7324
+ example: '2016-05-24T08:38:08.699-04:00'
7295
7325
  description: >-
7296
- The API data type DateTime is a JSON String in a lexical
7297
- format that is restricted by a regular expression for
7298
- interoperability reasons. The format is according to [ISO
7299
- 8601](https://www.iso.org/iso-8601-date-and-time-format.html),
7300
- expressed in a combined date, time and time zone format. A
7301
- more readable version of the format is
7302
- yyyy-MM-ddTHH:mm:ss.SSS[-HH:MM]. Examples are
7303
- "2016-05-24T08:38:08.699-04:00", "2016-05-24T08:38:08.699Z"
7304
- (where Z indicates Zulu time zone, same as UTC).
7305
- title: DateTime
7306
- type: string
7307
- pattern: >-
7308
- ^(?:[1-9]\d{3}-(?:(?:0[1-9]|1[0-2])-(?:0[1-9]|1\d|2[0-8])|(?:0[13-9]|1[0-2])-(?:29|30)|(?:0[13578]|1[02])-31)|(?:[1-9]\d(?:0[48]|[2468][048]|[13579][26])|(?:[2468][048]|[13579][26])00)-02-29)T(?:[01]\d|2[0-3]):[0-5]\d:[0-5]\d(?:(\.\d{3}))(?:Z|[+-][01]\d:[0-5]\d)$
7309
- example: '2016-05-24T08:38:08.699-04:00'
7326
+ The time by which the transfer must be completed, set by the
7327
+ payee DFSP.
7310
7328
  extensionList:
7329
+ title: ExtensionList
7330
+ type: object
7311
7331
  description: >-
7312
7332
  Data model for the complex type ExtensionList. An optional
7313
7333
  list of extensions, specific to deployment.
7314
- title: ExtensionList
7315
- type: object
7316
7334
  properties: *ref_2
7317
7335
  required: *ref_3
7318
7336
  required: &ref_153
@@ -7505,86 +7523,87 @@ paths:
7505
7523
 
7506
7524
  **Note:** The API supports a maximum size of 5242880 bytes (5
7507
7525
  Megabytes).
7526
+ requestBody:
7527
+ description: Signed authorization object
7528
+ required: true
7529
+ content:
7530
+ application/json:
7531
+ schema:
7532
+ oneOf:
7533
+ - title: ThirdpartyRequestsAuthorizationsIDPutResponseFIDO
7534
+ type: object
7535
+ description: >-
7536
+ The object sent in the PUT
7537
+ /thirdpartyRequests/authorizations/{ID} callback.
7538
+ properties: &ref_154
7539
+ signedPayloadType:
7540
+ title: SignedPayloadTypeFIDO
7541
+ type: string
7542
+ enum: &ref_74
7543
+ - FIDO
7544
+ description: >-
7545
+ Describes a challenge that has been signed with FIDO
7546
+ Attestation flows
7547
+ signedPayload:
7548
+ title: FIDOPublicKeyCredentialAssertion
7549
+ type: object
7550
+ description: >
7551
+ An object sent in a `PUT
7552
+ /thirdpartyRequests/authorization/{ID}` request.
7553
+
7554
+ based mostly on: https://webauthn.guide/#authentication
7555
+
7556
+ AuthenticatorAssertionResponse
7557
+ properties: *ref_72
7558
+ required: *ref_73
7559
+ additionalProperties: false
7560
+ required: &ref_155
7561
+ - signedPayloadType
7562
+ - signedPayload
7563
+ - title: ThirdpartyRequestsAuthorizationsIDPutResponseGeneric
7564
+ type: object
7565
+ description: >-
7566
+ The object sent in the PUT
7567
+ /thirdpartyRequests/authorizations/{ID} callback.
7568
+ properties: &ref_156
7569
+ signedPayloadType:
7570
+ title: SignedPayloadTypeGeneric
7571
+ type: string
7572
+ enum: &ref_75
7573
+ - GENERIC
7574
+ description: >-
7575
+ Describes a challenge that has been signed with a
7576
+ private key
7577
+ signedPayload:
7578
+ type: string
7579
+ pattern: '^[A-Za-z0-9-_]+[=]{0,2}$'
7580
+ description: >-
7581
+ The API data type BinaryString is a JSON String. The
7582
+ string is a base64url encoding of a string of raw
7583
+ bytes, where padding (character ‘=’) is added at the end
7584
+ of the data if needed to ensure that the string is a
7585
+ multiple of 4 characters. The length restriction
7586
+ indicates the allowed number of characters.
7587
+ required: &ref_157
7588
+ - signedPayloadType
7589
+ - authenticationValue
7590
+ example:
7591
+ signedPayloadType: FIDO
7592
+ signedPayload:
7593
+ id: >-
7594
+ 45c-TkfkjQovQeAWmOy-RLBHEJ_e4jYzQYgD8VdbkePgM5d98BaAadadNYrknxgH0jQEON8zBydLgh1EqoC9DA
7595
+ rawId: >-
7596
+ 45c+TkfkjQovQeAWmOy+RLBHEJ/e4jYzQYgD8VdbkePgM5d98BaAadadNYrknxgH0jQEON8zBydLgh1EqoC9DA==
7597
+ response:
7598
+ authenticatorData: SZYN5YgOjGh0NBcPZHZgW4/krrmihjLHmVzzuoMdl2MBAAAACA==
7599
+ clientDataJSON: >-
7600
+ eyJ0eXBlIjoid2ViYXV0aG4uZ2V0IiwiY2hhbGxlbmdlIjoiQUFBQUFBQUFBQUFBQUFBQUFBRUNBdyIsIm9yaWdpbiI6Imh0dHA6Ly9sb2NhbGhvc3Q6NDIxODEiLCJjcm9zc09yaWdpbiI6ZmFsc2UsIm90aGVyX2tleXNfY2FuX2JlX2FkZGVkX2hlcmUiOiJkbyBub3QgY29tcGFyZSBjbGllbnREYXRhSlNPTiBhZ2FpbnN0IGEgdGVtcGxhdGUuIFNlZSBodHRwczovL2dvby5nbC95YWJQZXgifQ==
7601
+ signature: >-
7602
+ MEUCIDcJRBu5aOLJVc/sPyECmYi23w8xF35n3RNhyUNVwQ2nAiEA+Lnd8dBn06OKkEgAq00BVbmH87ybQHfXlf1Y4RJqwQ8=
7603
+ type: public-key
7508
7604
  responses:
7509
7605
  '200':
7510
- description: |
7511
- information about result of required (via POST) /authorization
7512
- content:
7513
- application/json:
7514
- schema:
7515
- oneOf:
7516
- - title: ThirdpartyRequestsAuthorizationsIDPutResponseFIDO
7517
- type: object
7518
- description: >-
7519
- The object sent in the PUT
7520
- /thirdpartyRequests/authorizations/{ID} callback.
7521
- properties: &ref_154
7522
- signedPayloadType:
7523
- title: SignedPayloadTypeFIDO
7524
- type: string
7525
- enum: &ref_74
7526
- - FIDO
7527
- description: >-
7528
- Describes a challenge that has been signed with FIDO
7529
- Attestation flows
7530
- signedPayload:
7531
- title: FIDOPublicKeyCredentialAssertion
7532
- type: object
7533
- description: >
7534
- An object sent in a `PUT
7535
- /thirdpartyRequests/authorization/{ID}` request.
7536
-
7537
- based mostly on:
7538
- https://webauthn.guide/#authentication
7539
-
7540
- AuthenticatorAssertionResponse
7541
- properties: *ref_72
7542
- required: *ref_73
7543
- additionalProperties: false
7544
- required: &ref_155
7545
- - signedPayloadType
7546
- - authenticationValue
7547
- - title: ThirdpartyRequestsAuthorizationsIDPutResponseGeneric
7548
- type: object
7549
- description: >-
7550
- The object sent in the PUT
7551
- /thirdpartyRequests/authorizations/{ID} callback.
7552
- properties: &ref_156
7553
- signedPayloadType:
7554
- title: SignedPayloadTypeGeneric
7555
- type: string
7556
- enum: &ref_75
7557
- - GENERIC
7558
- description: >-
7559
- Describes a challenge that has been signed with a
7560
- private key
7561
- signedPayload:
7562
- type: string
7563
- pattern: '^[A-Za-z0-9-_]+[=]{0,2}$'
7564
- description: >-
7565
- The API data type BinaryString is a JSON String. The
7566
- string is a base64url encoding of a string of raw
7567
- bytes, where padding (character ‘=’) is added at the
7568
- end of the data if needed to ensure that the string is
7569
- a multiple of 4 characters. The length restriction
7570
- indicates the allowed number of characters.
7571
- required: &ref_157
7572
- - signedPayloadType
7573
- - authenticationValue
7574
- example:
7575
- signedPayloadType: FIDO
7576
- signedPayload:
7577
- id: >-
7578
- 45c-TkfkjQovQeAWmOy-RLBHEJ_e4jYzQYgD8VdbkePgM5d98BaAadadNYrknxgH0jQEON8zBydLgh1EqoC9DA
7579
- rawId: >-
7580
- 45c+TkfkjQovQeAWmOy+RLBHEJ/e4jYzQYgD8VdbkePgM5d98BaAadadNYrknxgH0jQEON8zBydLgh1EqoC9DA==
7581
- response:
7582
- authenticatorData: SZYN5YgOjGh0NBcPZHZgW4/krrmihjLHmVzzuoMdl2MBAAAACA==
7583
- clientDataJSON: >-
7584
- eyJ0eXBlIjoid2ViYXV0aG4uZ2V0IiwiY2hhbGxlbmdlIjoiQUFBQUFBQUFBQUFBQUFBQUFBRUNBdyIsIm9yaWdpbiI6Imh0dHA6Ly9sb2NhbGhvc3Q6NDIxODEiLCJjcm9zc09yaWdpbiI6ZmFsc2UsIm90aGVyX2tleXNfY2FuX2JlX2FkZGVkX2hlcmUiOiJkbyBub3QgY29tcGFyZSBjbGllbnREYXRhSlNPTiBhZ2FpbnN0IGEgdGVtcGxhdGUuIFNlZSBodHRwczovL2dvby5nbC95YWJQZXgifQ==
7585
- signature: >-
7586
- MEUCIDcJRBu5aOLJVc/sPyECmYi23w8xF35n3RNhyUNVwQ2nAiEA+Lnd8dBn06OKkEgAq00BVbmH87ybQHfXlf1Y4RJqwQ8=
7587
- type: public-key
7606
+ description: OK
7588
7607
  '400':
7589
7608
  description: Bad Request
7590
7609
  content: *ref_20
@@ -8211,18 +8230,17 @@ paths:
8211
8230
  - sampled
8212
8231
  operationId: PutThirdpartyRequestsVerificationsById
8213
8232
  summary: PutThirdpartyRequestsVerificationsById
8214
- description: >
8233
+ description: >-
8215
8234
  The HTTP request `PUT /thirdpartyRequests/verifications/{ID}` is used by
8216
- the Auth-Service to inform
8217
-
8218
- the DFSP of a successful result in validating the verification of a
8219
- Thirdparty Transaction Request.
8220
-
8235
+ the Auth-Service to inform the DFSP of a successful result in validating
8236
+ the verification of a Thirdparty Transaction Request.
8221
8237
 
8222
- If the validation fails, The Auth-Service MUST use `PUT
8223
- /thirdpartyRequests/verifications/{ID}/error`
8238
+ If the validation fails, the auth-service will send back `PUT
8239
+ /thirdpartyRequests/verifications/{ID}` with `authenticationResponse:
8240
+ 'REJECTED'`.
8224
8241
 
8225
- instead.
8242
+ In unplanned error cases the Auth-Service MUST use `PUT
8243
+ /thirdpartyRequests/verifications/{ID}/error`.
8226
8244
  parameters:
8227
8245
  - name: Content-Length
8228
8246
  in: header
@@ -8246,13 +8264,21 @@ paths:
8246
8264
  description: >-
8247
8265
  The object sent in the PUT
8248
8266
  /thirdpartyRequests/verifications/{ID} request.
8249
- properties: &ref_162
8267
+ properties: &ref_163
8250
8268
  authenticationResponse:
8269
+ title: AuthenticationResponse
8251
8270
  type: string
8252
- enum:
8271
+ enum: &ref_162
8253
8272
  - VERIFIED
8254
- description: The verification passed
8255
- required: &ref_163
8273
+ - REJECTED
8274
+ description: >-
8275
+ Below are the allowed values for the enumeration
8276
+ AuthenticationResponse.
8277
+
8278
+ - VERIFIED - The challenge was correctly signed.
8279
+
8280
+ - REJECTED - The challenge was not correctly signed.
8281
+ required: &ref_164
8256
8282
  - authenticationResponse
8257
8283
  example:
8258
8284
  authenticationResponse: VERIFIED
@@ -9529,14 +9555,22 @@ components:
9529
9555
  description: The object sent in the POST /thirdpartyRequests/verifications request.
9530
9556
  properties: *ref_160
9531
9557
  required: *ref_161
9558
+ AuthenticationResponse:
9559
+ title: AuthenticationResponse
9560
+ type: string
9561
+ enum: *ref_162
9562
+ description: |-
9563
+ Below are the allowed values for the enumeration AuthenticationResponse.
9564
+ - VERIFIED - The challenge was correctly signed.
9565
+ - REJECTED - The challenge was not correctly signed.
9532
9566
  ThirdpartyRequestsVerificationsIDPutResponse:
9533
9567
  title: ThirdpartyRequestsVerificationsIDPutResponse
9534
9568
  type: object
9535
9569
  description: >-
9536
9570
  The object sent in the PUT /thirdpartyRequests/verifications/{ID}
9537
9571
  request.
9538
- properties: *ref_162
9539
- required: *ref_163
9572
+ properties: *ref_163
9573
+ required: *ref_164
9540
9574
  parameters:
9541
9575
  ID:
9542
9576
  name: ID
package/lib/thirdparty/index.d.ts CHANGED
@@ -6,6 +6,7 @@ export declare namespace Schemas {
6
6
  type AccountsIDPutResponse = components['schemas']['AccountsIDPutResponse'];
7
7
  type Amount = components['schemas']['Amount'];
8
8
  type AmountType = components['schemas']['AmountType'];
9
+ type AuthenticationResponse = components['schemas']['AuthenticationResponse'];
9
10
  type AuthenticationType = components['schemas']['AuthenticationType'];
10
11
  type AuthorizationChannelType = components['schemas']['AuthorizationChannelType'];
11
12
  type AuthorizationResponseType = components['schemas']['AuthorizationResponseType'];
@@ -88,6 +89,10 @@ export declare namespace Schemas {
88
89
  type ThirdpartyRequestsTransactionsIDPatchResponse = components['schemas']['ThirdpartyRequestsTransactionsIDPatchResponse'];
89
90
  type ThirdpartyRequestsTransactionsIDPutResponse = components['schemas']['ThirdpartyRequestsTransactionsIDPutResponse'];
90
91
  type ThirdpartyRequestsTransactionsPostRequest = components['schemas']['ThirdpartyRequestsTransactionsPostRequest'];
92
+ type ThirdpartyRequestsAuthorizationsPostRequest = components['schemas']['ThirdpartyRequestsAuthorizationsPostRequest'];
93
+ type ThirdpartyRequestsAuthorizationsIDPutResponseFIDO = components['schemas']['ThirdpartyRequestsAuthorizationsIDPutResponseFIDO'];
94
+ type ThirdpartyRequestsAuthorizationsIDPutResponseGeneric = components['schemas']['ThirdpartyRequestsAuthorizationsIDPutResponseGeneric'];
95
+ type ThirdpartyRequestsAuthorizationsIDPutResponse = ThirdpartyRequestsAuthorizationsIDPutResponseFIDO | ThirdpartyRequestsAuthorizationsIDPutResponseGeneric;
91
96
  type ThirdpartyRequestsVerificationsIDPutResponse = components['schemas']['ThirdpartyRequestsVerificationsIDPutResponse'];
92
97
  type ThirdpartyRequestsVerificationsPostRequestFIDO = components['schemas']['ThirdpartyRequestsVerificationsPostRequestFIDO'];
93
98
  type ThirdpartyRequestsVerificationsPostRequestGeneric = components['schemas']['ThirdpartyRequestsVerificationsPostRequestGeneric'];
package/lib/thirdparty/openapi.d.ts CHANGED
@@ -16093,7 +16093,7 @@ export interface operations {
16093
16093
  */
16094
16094
  challenge: string;
16095
16095
  /**
16096
- * Data model for the complex type Money.
16096
+ * The amount that will be debited from the sending customer’s account as a consequence of the transaction.
16097
16097
  */
16098
16098
  transferAmount: {
16099
16099
  /**
@@ -16106,7 +16106,7 @@ export interface operations {
16106
16106
  amount: string;
16107
16107
  };
16108
16108
  /**
16109
- * Data model for the complex type Money.
16109
+ * The amount that will be credited to the receiving customer’s account as a consequence of the transaction.
16110
16110
  */
16111
16111
  payeeReceiveAmount: {
16112
16112
  /**
@@ -16119,7 +16119,7 @@ export interface operations {
16119
16119
  amount: string;
16120
16120
  };
16121
16121
  /**
16122
- * Data model for the complex type Money.
16122
+ * The amount of fees that the paying customer will be charged as part of the transaction.
16123
16123
  */
16124
16124
  fees: {
16125
16125
  /**
@@ -16376,7 +16376,7 @@ export interface operations {
16376
16376
  balanceOfPayments?: string;
16377
16377
  };
16378
16378
  /**
16379
- * The API data type DateTime is a JSON String in a lexical format that is restricted by a regular expression for interoperability reasons. The format is according to [ISO 8601](https://www.iso.org/iso-8601-date-and-time-format.html), expressed in a combined date, time and time zone format. A more readable version of the format is yyyy-MM-ddTHH:mm:ss.SSS[-HH:MM]. Examples are "2016-05-24T08:38:08.699-04:00", "2016-05-24T08:38:08.699Z" (where Z indicates Zulu time zone, same as UTC).
16379
+ * The time by which the transfer must be completed, set by the payee DFSP.
16380
16380
  */
16381
16381
  expiration: string;
16382
16382
  /**
@@ -16726,69 +16726,70 @@ export interface operations {
16726
16726
  "Content-Length"?: number;
16727
16727
  };
16728
16728
  };
16729
- responses: {
16730
- /**
16731
- * information about result of required (via POST) /authorization
16732
- */
16733
- "200": {
16734
- "application/json": {
16729
+ requestBody: {
16730
+ "application/json": {
16731
+ /**
16732
+ * Describes a challenge that has been signed with FIDO Attestation flows
16733
+ */
16734
+ signedPayloadType: "FIDO";
16735
+ /**
16736
+ * An object sent in a `PUT /thirdpartyRequests/authorization/{ID}` request.
16737
+ * based mostly on: https://webauthn.guide/#authentication
16738
+ * AuthenticatorAssertionResponse
16739
+ */
16740
+ signedPayload: {
16741
+ /**
16742
+ * credential id: identifier of pair of keys, base64 encoded
16743
+ * https://w3c.github.io/webauthn/#ref-for-dom-credential-id
16744
+ */
16745
+ id: string;
16735
16746
  /**
16736
- * Describes a challenge that has been signed with FIDO Attestation flows
16747
+ * raw credential id: identifier of pair of keys, base64 encoded.
16737
16748
  */
16738
- signedPayloadType: "FIDO";
16749
+ rawId: string;
16739
16750
  /**
16740
- * An object sent in a `PUT /thirdpartyRequests/authorization/{ID}` request.
16741
- * based mostly on: https://webauthn.guide/#authentication
16742
16751
  * AuthenticatorAssertionResponse
16743
16752
  */
16744
- signedPayload?: {
16753
+ response: {
16745
16754
  /**
16746
- * credential id: identifier of pair of keys, base64 encoded
16747
- * https://w3c.github.io/webauthn/#ref-for-dom-credential-id
16755
+ * Authenticator data object.
16748
16756
  */
16749
- id: string;
16757
+ authenticatorData: string;
16750
16758
  /**
16751
- * raw credential id: identifier of pair of keys, base64 encoded.
16759
+ * JSON string with client data.
16752
16760
  */
16753
- rawId: string;
16761
+ clientDataJSON: string;
16754
16762
  /**
16755
- * AuthenticatorAssertionResponse
16763
+ * The signature generated by the private key associated with this credential.
16756
16764
  */
16757
- response: {
16758
- /**
16759
- * Authenticator data object.
16760
- */
16761
- authenticatorData: string;
16762
- /**
16763
- * JSON string with client data.
16764
- */
16765
- clientDataJSON: string;
16766
- /**
16767
- * The signature generated by the private key associated with this credential.
16768
- */
16769
- signature: string;
16770
- /**
16771
- * This field is optionally provided by the authenticator, and
16772
- * represents the user.id that was supplied during registration.
16773
- */
16774
- userHandle?: string;
16775
- };
16765
+ signature: string;
16776
16766
  /**
16777
- * response type, we need only the type of public-key
16767
+ * This field is optionally provided by the authenticator, and
16768
+ * represents the user.id that was supplied during registration.
16778
16769
  */
16779
- type: "public-key";
16770
+ userHandle?: string;
16780
16771
  };
16781
- } | {
16782
- /**
16783
- * Describes a challenge that has been signed with a private key
16784
- */
16785
- signedPayloadType: "GENERIC";
16786
16772
  /**
16787
- * The API data type BinaryString is a JSON String. The string is a base64url encoding of a string of raw bytes, where padding (character ‘=’) is added at the end of the data if needed to ensure that the string is a multiple of 4 characters. The length restriction indicates the allowed number of characters.
16773
+ * response type, we need only the type of public-key
16788
16774
  */
16789
- signedPayload?: string;
16775
+ type: "public-key";
16790
16776
  };
16777
+ } | {
16778
+ /**
16779
+ * Describes a challenge that has been signed with a private key
16780
+ */
16781
+ signedPayloadType: "GENERIC";
16782
+ /**
16783
+ * The API data type BinaryString is a JSON String. The string is a base64url encoding of a string of raw bytes, where padding (character ‘=’) is added at the end of the data if needed to ensure that the string is a multiple of 4 characters. The length restriction indicates the allowed number of characters.
16784
+ */
16785
+ signedPayload?: string;
16791
16786
  };
16787
+ };
16788
+ responses: {
16789
+ /**
16790
+ * OK
16791
+ */
16792
+ "200": unknown;
16792
16793
  /**
16793
16794
  * Bad Request
16794
16795
  */
@@ -17871,11 +17872,9 @@ export interface operations {
17871
17872
  };
17872
17873
  };
17873
17874
  /**
17874
- * The HTTP request `PUT /thirdpartyRequests/verifications/{ID}` is used by the Auth-Service to inform
17875
- * the DFSP of a successful result in validating the verification of a Thirdparty Transaction Request.
17876
- *
17877
- * If the validation fails, The Auth-Service MUST use `PUT /thirdpartyRequests/verifications/{ID}/error`
17878
- * instead.
17875
+ * The HTTP request `PUT /thirdpartyRequests/verifications/{ID}` is used by the Auth-Service to inform the DFSP of a successful result in validating the verification of a Thirdparty Transaction Request.
17876
+ * If the validation fails, the auth-service will send back `PUT /thirdpartyRequests/verifications/{ID}` with `authenticationResponse: 'REJECTED'`.
17877
+ * In unplanned error cases the Auth-Service MUST use `PUT /thirdpartyRequests/verifications/{ID}/error`.
17879
17878
  */
17880
17879
  PutThirdpartyRequestsVerificationsById: {
17881
17880
  parameters: {
@@ -17891,9 +17890,11 @@ export interface operations {
17891
17890
  requestBody: {
17892
17891
  "application/json": {
17893
17892
  /**
17894
- * The verification passed
17893
+ * Below are the allowed values for the enumeration AuthenticationResponse.
17894
+ * - VERIFIED - The challenge was correctly signed.
17895
+ * - REJECTED - The challenge was not correctly signed.
17895
17896
  */
17896
- authenticationResponse: "VERIFIED";
17897
+ authenticationResponse: "VERIFIED" | "REJECTED";
17897
17898
  };
17898
17899
  };
17899
17900
  responses: {
@@ -21671,7 +21672,7 @@ export interface components {
21671
21672
  */
21672
21673
  challenge: string;
21673
21674
  /**
21674
- * Data model for the complex type Money.
21675
+ * The amount that will be debited from the sending customer’s account as a consequence of the transaction.
21675
21676
  */
21676
21677
  transferAmount: {
21677
21678
  /**
@@ -21684,7 +21685,7 @@ export interface components {
21684
21685
  amount: string;
21685
21686
  };
21686
21687
  /**
21687
- * Data model for the complex type Money.
21688
+ * The amount that will be credited to the receiving customer’s account as a consequence of the transaction.
21688
21689
  */
21689
21690
  payeeReceiveAmount: {
21690
21691
  /**
@@ -21697,7 +21698,7 @@ export interface components {
21697
21698
  amount: string;
21698
21699
  };
21699
21700
  /**
21700
- * Data model for the complex type Money.
21701
+ * The amount of fees that the paying customer will be charged as part of the transaction.
21701
21702
  */
21702
21703
  fees: {
21703
21704
  /**
@@ -21954,7 +21955,7 @@ export interface components {
21954
21955
  balanceOfPayments?: string;
21955
21956
  };
21956
21957
  /**
21957
- * The API data type DateTime is a JSON String in a lexical format that is restricted by a regular expression for interoperability reasons. The format is according to [ISO 8601](https://www.iso.org/iso-8601-date-and-time-format.html), expressed in a combined date, time and time zone format. A more readable version of the format is yyyy-MM-ddTHH:mm:ss.SSS[-HH:MM]. Examples are "2016-05-24T08:38:08.699-04:00", "2016-05-24T08:38:08.699Z" (where Z indicates Zulu time zone, same as UTC).
21958
+ * The time by which the transfer must be completed, set by the payee DFSP.
21958
21959
  */
21959
21960
  expiration: string;
21960
21961
  /**
@@ -21993,7 +21994,7 @@ export interface components {
21993
21994
  * based mostly on: https://webauthn.guide/#authentication
21994
21995
  * AuthenticatorAssertionResponse
21995
21996
  */
21996
- signedPayload?: {
21997
+ signedPayload: {
21997
21998
  /**
21998
21999
  * credential id: identifier of pair of keys, base64 encoded
21999
22000
  * https://w3c.github.io/webauthn/#ref-for-dom-credential-id
@@ -22132,14 +22133,22 @@ export interface components {
22132
22133
  */
22133
22134
  signedPayload: string;
22134
22135
  };
22136
+ /**
22137
+ * Below are the allowed values for the enumeration AuthenticationResponse.
22138
+ * - VERIFIED - The challenge was correctly signed.
22139
+ * - REJECTED - The challenge was not correctly signed.
22140
+ */
22141
+ AuthenticationResponse: "VERIFIED" | "REJECTED";
22135
22142
  /**
22136
22143
  * The object sent in the PUT /thirdpartyRequests/verifications/{ID} request.
22137
22144
  */
22138
22145
  ThirdpartyRequestsVerificationsIDPutResponse: {
22139
22146
  /**
22140
- * The verification passed
22147
+ * Below are the allowed values for the enumeration AuthenticationResponse.
22148
+ * - VERIFIED - The challenge was correctly signed.
22149
+ * - REJECTED - The challenge was not correctly signed.
22141
22150
  */
22142
- authenticationResponse: "VERIFIED";
22151
+ authenticationResponse: "VERIFIED" | "REJECTED";
22143
22152
  };
22144
22153
  };
22145
22154
  responses: {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@mojaloop/api-snippets",
3
- "version": "12.6.4",
3
+ "version": "12.6.8",
4
4
  "description": "Mojaloop API specification reusable snippets",
5
5
  "main": "lib/index.js",
6
6
  "types": "lib/index.d.ts",
package/tests/dto/thirdparty.test.ts CHANGED
@@ -110,7 +110,7 @@ describe('thirdparty', () => {
110
110
  origin: 'pisp.mojaloop.io',
111
111
  type: 'webauthn.create'
112
112
  }),
113
- attestationObject: "some-attestation"
113
+ attestationObject: 'some-attestation'
114
114
  },
115
115
  type: 'public-key'
116
116
  }
@@ -447,7 +447,7 @@ describe('thirdparty', () => {
447
447
  origin: 'pisp.mojaloop.io',
448
448
  type: 'webauthn.create'
449
449
  }),
450
- attestationObject: "some-attestation"
450
+ attestationObject: 'some-attestation'
451
451
  },
452
452
  type: 'public-key'
453
453
  }
@@ -464,9 +464,9 @@ describe('thirdparty', () => {
464
464
  origin: 'pisp.mojaloop.io',
465
465
  type: 'webauthn.create'
466
466
  }),
467
- authenticatorData: "some-data",
468
- signature: "some-signature",
469
- userHandle: "some-user-handle"
467
+ authenticatorData: 'some-data',
468
+ signature: 'some-signature',
469
+ userHandle: 'some-user-handle'
470
470
  },
471
471
  type: 'public-key'
472
472
  }
@@ -551,6 +551,70 @@ describe('thirdparty', () => {
551
551
  expect(thirdpartyRequestsTransactionsPostRequest).toBeDefined()
552
552
  })
553
553
 
554
+ test('ThirdpartyRequestsAuthorizationsPostRequest', () => {
555
+ const thirdpartyRequestsAuthorizationPostRequest: Schemas.ThirdpartyRequestsAuthorizationsPostRequest = {
556
+ authorizationRequestId: '5f8ee7f9-290f-4e03-ae1c-1e81ecf398df',
557
+ transactionRequestId: '2cf08eed-3540-489e-85fa-b2477838a8c5',
558
+ challenge: '<base64 encoded binary - the encoded challenge>',
559
+ transferAmount: {
560
+ amount: '100',
561
+ currency: 'USD'
562
+ },
563
+ payeeReceiveAmount: {
564
+ amount: '99',
565
+ currency: 'USD'
566
+ },
567
+ fees: {
568
+ amount: '1',
569
+ currency: 'USD'
570
+ },
571
+ payee: {
572
+ partyIdInfo: {
573
+ partyIdType: 'MSISDN',
574
+ partyIdentifier: '+4412345678',
575
+ fspId: 'dfspb'
576
+ }
577
+ },
578
+ payer: {
579
+ partyIdType: 'THIRD_PARTY_LINK',
580
+ partyIdentifier: 'qwerty-123456',
581
+ fspId: 'dfspa'
582
+ },
583
+ transactionType: {
584
+ scenario: 'TRANSFER',
585
+ initiator: 'PAYER',
586
+ initiatorType: 'CONSUMER'
587
+ },
588
+ expiration: '2020-06-15T12:00:00.000Z'
589
+ }
590
+ expect(thirdpartyRequestsAuthorizationPostRequest).toBeDefined()
591
+ })
592
+
593
+ test('ThirdpartyRequestsAuthorizationsIDPutResponseFIDO', () => {
594
+ const thirdpartyRequestsAuthorizationsIDPutResponseFIDO: Schemas.ThirdpartyRequestsAuthorizationsIDPutResponseFIDO = {
595
+ signedPayloadType: 'FIDO',
596
+ signedPayload: {
597
+ id: '45c-TkfkjQovQeAWmOy-RLBHEJ_e4jYzQYgD8VdbkePgM5d98BaAadadNYrknxgH0jQEON8zBydLgh1EqoC9DA',
598
+ rawId: '45c+TkfkjQovQeAWmOy+RLBHEJ/e4jYzQYgD8VdbkePgM5d98BaAadadNYrknxgH0jQEON8zBydLgh1EqoC9DA==',
599
+ response: {
600
+ authenticatorData: 'SZYN5YgOjGh0NBcPZHZgW4/krrmihjLHmVzzuoMdl2MBAAAACA==',
601
+ clientDataJSON: 'eyJ0eXBlIjoid2ViYXV0aG4uZ2V0IiwiY2hhbGxlbmdlIjoiQUFBQUFBQUFBQUFBQUFBQUFBRUNBdyIsIm9yaWdpbiI6Imh0dHA6Ly9sb2NhbGhvc3Q6NDIxODEiLCJjcm9zc09yaWdpbiI6ZmFsc2UsIm90aGVyX2tleXNfY2FuX2JlX2FkZGVkX2hlcmUiOiJkbyBub3QgY29tcGFyZSBjbGllbnREYXRhSlNPTiBhZ2FpbnN0IGEgdGVtcGxhdGUuIFNlZSBodHRwczovL2dvby5nbC95YWJQZXgifQ==',
602
+ signature: 'MEUCIDcJRBu5aOLJVc/sPyECmYi23w8xF35n3RNhyUNVwQ2nAiEA+Lnd8dBn06OKkEgAq00BVbmH87ybQHfXlf1Y4RJqwQ8='
603
+ },
604
+ type: 'public-key'
605
+ }
606
+ }
607
+ expect(thirdpartyRequestsAuthorizationsIDPutResponseFIDO).toBeDefined()
608
+ })
609
+
610
+ test('ThirdpartyRequestsAuthorizationsIDPutResponseGeneric', () => {
611
+ const thirdpartyRequestsAuthorizationsIDPutResponseGeneric: Schemas.ThirdpartyRequestsAuthorizationsIDPutResponseGeneric = {
612
+ signedPayloadType: 'GENERIC',
613
+ signedPayload: 'some string public key',
614
+ }
615
+ expect(thirdpartyRequestsAuthorizationsIDPutResponseGeneric).toBeDefined()
616
+ })
617
+
554
618
  test('TransactionRequestState', () => {
555
619
  const transactionRequestState: Schemas.TransactionRequestState = 'PENDING'
556
620
  expect(transactionRequestState).toBeDefined()
package/thirdparty/openapi3/components/schemas/AuthenticationResponse.yaml ADDED
@@ -0,0 +1,9 @@
1
+ title: AuthenticationResponse
2
+ type: string
3
+ enum:
4
+ - VERIFIED
5
+ - REJECTED
6
+ description: |-
7
+ Below are the allowed values for the enumeration AuthenticationResponse.
8
+ - VERIFIED - The challenge was correctly signed.
9
+ - REJECTED - The challenge was not correctly signed.
package/thirdparty/openapi3/components/schemas/ThirdpartyRequestsAuthorizationsIDPutResponseFIDO.yaml CHANGED
@@ -8,4 +8,4 @@ properties:
8
8
  $ref: ./FIDOPublicKeyCredentialAssertion.yaml
9
9
  required:
10
10
  - signedPayloadType
11
- - authenticationValue
11
+ - signedPayload
package/thirdparty/openapi3/components/schemas/ThirdpartyRequestsAuthorizationsPostRequest.yaml CHANGED
@@ -10,17 +10,20 @@ properties:
10
10
  type: string
11
11
  description: The challenge that the PISP's client is to sign
12
12
  transferAmount:
13
- $ref: ./Money.yaml
13
+ allOf:
14
+ - $ref: ./Money.yaml
14
15
  description: >-
15
16
  The amount that will be debited from the sending customer’s
16
17
  account as a consequence of the transaction.
17
18
  payeeReceiveAmount:
18
- $ref: ./Money.yaml
19
+ allOf:
20
+ - $ref: ./Money.yaml
19
21
  description: >-
20
22
  The amount that will be credited to the receiving customer’s
21
23
  account as a consequence of the transaction.
22
24
  fees:
23
- $ref: ./Money.yaml
25
+ allOf:
26
+ - $ref: ./Money.yaml
24
27
  description: >-
25
28
  The amount of fees that the paying customer will be charged
26
29
  as part of the transaction.
@@ -35,11 +38,11 @@ properties:
35
38
  transactionType:
36
39
  $ref: '../../../../fspiop/v1_1/openapi3/components/schemas/TransactionType.yaml'
37
40
  expiration:
38
- $ref: ./DateTime.yaml
41
+ allOf:
42
+ - $ref: ./DateTime.yaml
39
43
  description: The time by which the transfer must be completed, set by the payee DFSP.
40
44
  extensionList:
41
45
  $ref: ./ExtensionList.yaml
42
- description: 'Optional extension, specific to deployment.'
43
46
  required:
44
47
  - authorizationRequestId
45
48
  - transactionRequestId
package/thirdparty/openapi3/components/schemas/ThirdpartyRequestsVerificationsIDPutResponse.yaml CHANGED
@@ -3,10 +3,6 @@ type: object
3
3
  description: The object sent in the PUT /thirdpartyRequests/verifications/{ID} request.
4
4
  properties:
5
5
  authenticationResponse:
6
- type: string
7
- enum:
8
- - VERIFIED
9
- description: 'The verification passed'
6
+ $ref: ./AuthenticationResponse.yaml
10
7
  required:
11
8
  - authenticationResponse
12
-
package/thirdparty/openapi3/paths/thirdpartyRequests_authorizations_ID.yaml CHANGED
@@ -22,27 +22,29 @@ put:
22
22
  - authorizations
23
23
  parameters:
24
24
  - $ref: ../components/parameters/Content-Length.yaml
25
+ requestBody:
26
+ description: Signed authorization object
27
+ required: true
28
+ content:
29
+ application/json:
30
+ schema:
31
+ oneOf:
32
+ - $ref: '../components/schemas/ThirdpartyRequestsAuthorizationsIDPutResponseFIDO.yaml'
33
+ - $ref: '../components/schemas/ThirdpartyRequestsAuthorizationsIDPutResponseGeneric.yaml'
34
+ example:
35
+ signedPayloadType: FIDO
36
+ signedPayload:
37
+ id: 45c-TkfkjQovQeAWmOy-RLBHEJ_e4jYzQYgD8VdbkePgM5d98BaAadadNYrknxgH0jQEON8zBydLgh1EqoC9DA
38
+ rawId: 45c+TkfkjQovQeAWmOy+RLBHEJ/e4jYzQYgD8VdbkePgM5d98BaAadadNYrknxgH0jQEON8zBydLgh1EqoC9DA==
39
+ response:
40
+ authenticatorData: SZYN5YgOjGh0NBcPZHZgW4/krrmihjLHmVzzuoMdl2MBAAAACA==
41
+ clientDataJSON: eyJ0eXBlIjoid2ViYXV0aG4uZ2V0IiwiY2hhbGxlbmdlIjoiQUFBQUFBQUFBQUFBQUFBQUFBRUNBdyIsIm9yaWdpbiI6Imh0dHA6Ly9sb2NhbGhvc3Q6NDIxODEiLCJjcm9zc09yaWdpbiI6ZmFsc2UsIm90aGVyX2tleXNfY2FuX2JlX2FkZGVkX2hlcmUiOiJkbyBub3QgY29tcGFyZSBjbGllbnREYXRhSlNPTiBhZ2FpbnN0IGEgdGVtcGxhdGUuIFNlZSBodHRwczovL2dvby5nbC95YWJQZXgifQ==
42
+ signature: MEUCIDcJRBu5aOLJVc/sPyECmYi23w8xF35n3RNhyUNVwQ2nAiEA+Lnd8dBn06OKkEgAq00BVbmH87ybQHfXlf1Y4RJqwQ8=
43
+ type: 'public-key'
44
+
25
45
  responses:
26
46
  200:
27
- description: |
28
- information about result of required (via POST) /authorization
29
- content:
30
- application/json:
31
- schema:
32
- oneOf:
33
- - $ref: '../components/schemas/ThirdpartyRequestsAuthorizationsIDPutResponseFIDO.yaml'
34
- - $ref: '../components/schemas/ThirdpartyRequestsAuthorizationsIDPutResponseGeneric.yaml'
35
- example:
36
- signedPayloadType: FIDO
37
- signedPayload:
38
- id: 45c-TkfkjQovQeAWmOy-RLBHEJ_e4jYzQYgD8VdbkePgM5d98BaAadadNYrknxgH0jQEON8zBydLgh1EqoC9DA
39
- rawId: 45c+TkfkjQovQeAWmOy+RLBHEJ/e4jYzQYgD8VdbkePgM5d98BaAadadNYrknxgH0jQEON8zBydLgh1EqoC9DA==
40
- response:
41
- authenticatorData: SZYN5YgOjGh0NBcPZHZgW4/krrmihjLHmVzzuoMdl2MBAAAACA==
42
- clientDataJSON: eyJ0eXBlIjoid2ViYXV0aG4uZ2V0IiwiY2hhbGxlbmdlIjoiQUFBQUFBQUFBQUFBQUFBQUFBRUNBdyIsIm9yaWdpbiI6Imh0dHA6Ly9sb2NhbGhvc3Q6NDIxODEiLCJjcm9zc09yaWdpbiI6ZmFsc2UsIm90aGVyX2tleXNfY2FuX2JlX2FkZGVkX2hlcmUiOiJkbyBub3QgY29tcGFyZSBjbGllbnREYXRhSlNPTiBhZ2FpbnN0IGEgdGVtcGxhdGUuIFNlZSBodHRwczovL2dvby5nbC95YWJQZXgifQ==
43
- signature: MEUCIDcJRBu5aOLJVc/sPyECmYi23w8xF35n3RNhyUNVwQ2nAiEA+Lnd8dBn06OKkEgAq00BVbmH87ybQHfXlf1Y4RJqwQ8=
44
- type: 'public-key'
45
-
47
+ $ref: ../components/responses/200.yaml
46
48
  400:
47
49
  $ref: ../components/responses/400.yaml
48
50
  401:
package/thirdparty/openapi3/paths/thirdpartyRequests_verifications_ID.yaml CHANGED
@@ -17,12 +17,14 @@ put:
17
17
  - sampled
18
18
  operationId: PutThirdpartyRequestsVerificationsById
19
19
  summary: PutThirdpartyRequestsVerificationsById
20
- description: |
20
+ description: >-
21
21
  The HTTP request `PUT /thirdpartyRequests/verifications/{ID}` is used by the Auth-Service to inform
22
22
  the DFSP of a successful result in validating the verification of a Thirdparty Transaction Request.
23
23
 
24
- If the validation fails, The Auth-Service MUST use `PUT /thirdpartyRequests/verifications/{ID}/error`
25
- instead.
24
+ If the validation fails, the auth-service will send back `PUT /thirdpartyRequests/verifications/{ID}`
25
+ with `authenticationResponse: 'REJECTED'`.
26
+
27
+ In unplanned error cases the Auth-Service MUST use `PUT /thirdpartyRequests/verifications/{ID}/error`.
26
28
  parameters:
27
29
  - $ref: ../components/parameters/Content-Length.yaml
28
30
  requestBody: