@mojaloop/sdk-scheme-adapter 11.18.8 → 11.18.9

package/CHANGELOG.md

@@ -2,6 +2,8 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+### [11.18.9](https://github.com/mojaloop/sdk-scheme-adapter/compare/v11.18.8...v11.18.9) (2021-10-20)
+
 ### [11.18.8](https://github.com/mojaloop/sdk-scheme-adapter/compare/v11.18.7...v11.18.8) (2021-09-16)
 
 

package/InboundServer/api.yaml

@@ -2559,6 +2559,8 @@ components:
         - XDR
         - XOF
         - XPF
+        - XTS
+        - XXX
         - YER
         - ZAR
         - ZMW

package/InboundServer/handlers.js

@@ -17,7 +17,6 @@ const Model = require('../lib/model').InboundTransfersModel;
 const PartiesModel = require('../lib/model').PartiesModel;
 const QuotesModel = require('../lib/model').QuotesModel;
 const TransfersModel = require('../lib/model').TransfersModel;
-const AuthorizationsModel = require('../lib/model').AuthorizationsModel;
 
 /**
  * Handles a GET /authorizations/{id} request
@@ -303,43 +302,9 @@ const putAuthorizationsById = async (ctx) => {
         data: ctx.request.body,
         headers: ctx.request.headers
     });
-
-    // duplicate publication until legacy code refactored
-    await AuthorizationsModel.triggerDeferredJob({
-        cache: ctx.state.cache,
-        message: ctx.request.body, 
-        args: {
-            transactionRequestId: ctx.state.path.params.ID
-        }
-    });
-
     ctx.response.status = 200;
 };
 
-/**
- * Handles a PUT /authorizations/{ID}/error request. 
- * This is an error response to a POST /authorizations request
- */
-const putAuthorizationsByIdError = async (ctx) => {
-    
-    // publish an event onto the cache for subscribers to action
-    await ctx.state.cache.publish(`otp_${ctx.state.path.params.ID}`, {
-        type: 'authorizationResponseError',
-        data: ctx.request.body,
-    });
-
-    // duplicate publication until legacy code refactored
-    await AuthorizationsModel.triggerDeferredJob({
-        cache: ctx.state.cache,
-        message: ctx.request.body, 
-        args: {
-            transactionRequestId: ctx.state.path.params.ID
-        }
-    });
-    
-    ctx.response.status = 200;
-    ctx.response.body = '';
-};
 
 /**
  * Handles a PUT /participants/{ID}. This is a response to a POST /participants request
@@ -854,9 +819,6 @@ module.exports = {
         get: getAuthorizationsById,
         put: putAuthorizationsById
     },
-    '/authorizations/{ID}/error': {
-        put: putAuthorizationsByIdError
-    },
     '/bulkQuotes': {
         post: postBulkQuotes
     },

package/OutboundServer/api.yaml

@@ -468,27 +468,6 @@ paths:
           $ref: '#/components/responses/simpleTransfersPostSuccess'
         '500':
           $ref: '#/components/responses/simpleTransfersServerError'
-  /authorizations:
-    post:
-      description: >-
-        The HTTP request `POST /authorizations` is used to request the Payer to
-        enter the applicable credentials in the PISP system.
-      summary: Authorizations endpoint
-      operationId: AuthorizationsPost
-      tags:
-        - authorizations
-      requestBody:
-        description: Perform authorization
-        required: true
-        content:
-          application/json:
-            schema:
-              $ref: '#/components/schemas/authorizationsPostRequest'
-      responses:
-        '200':
-          $ref: '#/components/responses/authorizationPostSuccess'
-        '500':
-          $ref: '#/components/responses/authorizationsServerError'
 components:
   schemas:
     TransactionInitiatorType:
@@ -521,11 +500,6 @@ components:
         - CONSENT
         - THIRD_PARTY_LINK
       description: >
-        This is a variant based on FSPIOP `PartyIdType` specification.
-
-        Main difference being the CONSENT and THIRD_PARTY_LINK enums.
-
-
         Below are the allowed values for the enumeration.
 
         - MSISDN - An MSISDN (Mobile Station International Subscriber Directory
@@ -556,7 +530,7 @@ components:
         certificate
 
         number, and national registration number. The identifier number is added
-        in
+        in 
 
         the PartyIdentifier element. The personal identifier type is added in
         the
@@ -613,9 +587,27 @@ components:
 
         by the PartyIdentifier.
 
-        - CONSENT - TBD
+        - CONSENT - A Consent represents an agreement between a PISP, a Customer
+        and
 
-        - THIRD_PARTY_LINK - TBD
+        a DFSP which allows the PISP permission to perform actions on behalf of
+        the 
+
+        customer. A Consent has an authoritative source: either the DFSP who
+        issued 
+
+        the Consent, or an Auth Service which administers the Consent.
+
+        - THIRD_PARTY_LINK - A Third Party Link represents an agreement between
+        a PISP,
+
+        a DFSP, and a specific Customer's account at the DFSP. The content of
+        the link 
+
+        is created by the DFSP at the time when it gives permission to the PISP
+        for 
+
+        specific access to a given account.
       example: PERSONAL_ID
     PartyIdentifier:
       title: PartyIdentifier
@@ -946,6 +938,8 @@ components:
         - XDR
         - XOF
         - XPF
+        - XTS
+        - XXX
         - YER
         - ZAR
         - ZMW
@@ -2281,235 +2275,6 @@ components:
       allOf:
         - $ref: '#/components/schemas/errorResponse'
         - type: object
-    AuthenticationType-2:
-      title: AuthenticationType
-      type: string
-      enum:
-        - OTP
-        - QRCODE
-        - U2F
-      description: |-
-        Below are the allowed values for the enumeration AuthenticationType.
-        - OTP - One-time password generated by the Payer FSP.
-        - QRCODE - QR code used as One Time Password.
-        - U2F - U2F is a new addition isolated to Thirdparty stream.
-    Integer:
-      title: Integer
-      type: string
-      pattern: '^[1-9]\d*$'
-      description: >-
-        The API data type Integer is a JSON String consisting of digits only.
-        Negative numbers and leading zeroes are not allowed. The data type is
-        always limited to a specific number of digits.
-    AuthorizationsPostRequest:
-      title: AuthorizationsPostRequest
-      description: POST /authorizations request object.
-      type: object
-      properties:
-        authenticationType:
-          $ref: '#/components/schemas/AuthenticationType-2'
-        retriesLeft:
-          $ref: '#/components/schemas/Integer'
-        amount:
-          $ref: '#/components/schemas/Money'
-        transactionId:
-          $ref: '#/components/schemas/CorrelationId'
-        transactionRequestId:
-          $ref: '#/components/schemas/CorrelationId'
-        quote:
-          $ref: '#/components/schemas/QuotesIDPutResponse'
-      required:
-        - authenticationType
-        - retriesLeft
-        - amount
-        - transactionId
-        - transactionRequestId
-        - quote
-      additionalProperties: false
-    authorizationsPostRequest:
-      title: AuthorizationsPostRequest
-      description: POST /authorizations Request object
-      type: object
-      properties:
-        fspId:
-          title: destination DFSP
-          $ref: '#/components/schemas/FspId'
-        authorizationsPostRequest:
-          $ref: '#/components/schemas/AuthorizationsPostRequest'
-      required:
-        - fspId
-        - authorizationsPostRequest
-    OtpValue:
-      title: OtpValue
-      type: string
-      pattern: '^\d{3,10}$'
-      description: >-
-        The API data type OtpValue is a JSON String of 3 to 10 characters,
-        consisting of digits only. Negative numbers are not allowed. One or more
-        leading zeros are allowed.
-    QRCODE:
-      title: QRCODE
-      type: string
-      minLength: 1
-      maxLength: 64
-      description: QR code used as a One Time Password.
-    U2FPIN:
-      title: U2FPIN
-      type: string
-      pattern: '^\S{1,64}$'
-      minLength: 1
-      maxLength: 64
-      description: >
-        U2F challenge-response, where payer FSP verifies if the response
-        provided by end-user device matches the previously registered key.
-    U2FPinValue:
-      title: U2FPinValue
-      type: object
-      description: >
-        U2F challenge-response, where payer FSP verifies if the response
-        provided by end-user device matches the previously registered key.
-      properties:
-        pinValue:
-          allOf:
-            - $ref: '#/components/schemas/U2FPIN'
-          description: U2F challenge-response.
-        counter:
-          allOf:
-            - $ref: '#/components/schemas/Integer'
-          description: >-
-            Sequential counter used for cloning detection. Present only for U2F
-            authentication.
-      required:
-        - pinValue
-        - counter
-    FIDOPublicKeyCredentialAssertion:
-      title: FIDOPublicKeyCredentialAssertion
-      type: object
-      description: >
-        An object sent in a `PUT /thirdpartyRequests/authorization/{ID}`
-        request.
-
-        based mostly on: https://webauthn.guide/#authentication
-
-        AuthenticatorAssertionResponse
-      properties:
-        id:
-          type: string
-          description: |
-            credential id: identifier of pair of keys, base64 encoded
-            https://w3c.github.io/webauthn/#ref-for-dom-credential-id
-          minLength: 59
-          maxLength: 118
-        rawId:
-          type: string
-          description: |
-            raw credential id: identifier of pair of keys, base64 encoded.
-          minLength: 59
-          maxLength: 118
-        response:
-          type: object
-          description: |
-            AuthenticatorAssertionResponse
-          properties:
-            authenticatorData:
-              type: string
-              description: |
-                Authenticator data object.
-              minLength: 49
-              maxLength: 256
-            clientDataJSON:
-              type: string
-              description: |
-                JSON string with client data.
-              minLength: 121
-              maxLength: 512
-            signature:
-              type: string
-              description: >
-                The signature generated by the private key associated with this
-                credential.
-              minLength: 59
-              maxLength: 256
-            userHandle:
-              type: string
-              description: |
-                This field is optionally provided by the authenticator, and
-                represents the user.id that was supplied during registration.
-              minLength: 1
-              maxLength: 88
-          required:
-            - authenticatorData
-            - clientDataJSON
-            - signature
-          additionalProperties: false
-        type:
-          type: string
-          description: 'response type, we need only the type of public-key'
-          enum:
-            - public-key
-      required:
-        - id
-        - rawId
-        - response
-        - type
-      additionalProperties: false
-    AuthenticationValue:
-      title: AuthenticationValue
-      anyOf:
-        - $ref: '#/components/schemas/OtpValue'
-        - $ref: '#/components/schemas/QRCODE'
-        - $ref: '#/components/schemas/U2FPinValue'
-        - $ref: '#/components/schemas/FIDOPublicKeyCredentialAssertion'
-      description: >-
-        Contains the authentication value. The format depends on the
-        authentication type used in the AuthenticationInfo complex type.
-    AuthenticationInfo:
-      title: AuthenticationInfo
-      type: object
-      description: Data model for the complex type AuthenticationInfo.
-      properties:
-        authentication:
-          $ref: '#/components/schemas/AuthenticationType-2'
-        authenticationValue:
-          $ref: '#/components/schemas/AuthenticationValue'
-      required:
-        - authentication
-        - authenticationValue
-    AuthorizationResponseType:
-      title: AuthorizationResponseType
-      description: |
-        Enum containing response information; if the customer entered the
-        authentication value, rejected the transaction, or requested a
-        resend of the authentication value.
-      type: string
-      enum:
-        - ENTERED
-        - REJECTED
-        - RESEND
-    authorizationsPostResponse:
-      title: AuthorizationsPostResponse
-      description: POST /authorizations response object
-      type: object
-      properties:
-        authorizations:
-          type: object
-          properties:
-            authenticationInfo:
-              $ref: '#/components/schemas/AuthenticationInfo'
-            responseType:
-              $ref: '#/components/schemas/AuthorizationResponseType'
-          required:
-            - responseType
-        currentState:
-          $ref: '#/components/schemas/async2SyncCurrentState'
-      required:
-        - authorizations
-        - currentState
-      additionalProperties: false
-    errorAuthorizationsResponse:
-      allOf:
-        - $ref: '#/components/schemas/errorResponse'
-        - type: object
   responses:
     transferSuccess:
       description: Transfer completed successfully
@@ -2658,18 +2423,6 @@ components:
         application/json:
           schema:
             $ref: '#/components/schemas/errorSimpleTransfersResponse'
-    authorizationPostSuccess:
-      description: Sync response from POST /authorizations
-      content:
-        application/json:
-          schema:
-            $ref: '#/components/schemas/authorizationsPostResponse'
-    authorizationsServerError:
-      description: An error occurred processing the authorizations request
-      content:
-        application/json:
-          schema:
-            $ref: '#/components/schemas/errorAuthorizationsResponse'
   parameters:
     transferId:
       name: transferId

package/OutboundServer/api_interfaces/openapi.d.ts

@@ -327,10 +327,6 @@ export interface paths {
     /** is used to request a transfer */
     post: operations["SimpleTransfersPost"];
   };
-  "/authorizations": {
-    /** The HTTP request `POST /authorizations` is used to request the Payer to enter the applicable credentials in the PISP system. */
-    post: operations["AuthorizationsPost"];
-  };
 }
 
 export interface components {
@@ -344,9 +340,6 @@ export interface components {
      */
     TransactionInitiatorType: "CONSUMER" | "AGENT" | "BUSINESS" | "DEVICE";
     /**
-     * This is a variant based on FSPIOP `PartyIdType` specification.
-     * Main difference being the CONSENT and THIRD_PARTY_LINK enums.
-     *
      * Below are the allowed values for the enumeration.
      * - MSISDN - An MSISDN (Mobile Station International Subscriber Directory
      * Number, that is, the phone number) is used as reference to a participant.
@@ -382,8 +375,14 @@ export interface components {
      * The ALIAS identifier can be in any format. It is also possible to use the
      * PartySubIdOrType element for identifying an account under an Alias defined
      * by the PartyIdentifier.
-     * - CONSENT - TBD
-     * - THIRD_PARTY_LINK - TBD
+     * - CONSENT - A Consent represents an agreement between a PISP, a Customer and
+     * a DFSP which allows the PISP permission to perform actions on behalf of the
+     * customer. A Consent has an authoritative source: either the DFSP who issued
+     * the Consent, or an Auth Service which administers the Consent.
+     * - THIRD_PARTY_LINK - A Third Party Link represents an agreement between a PISP,
+     * a DFSP, and a specific Customer's account at the DFSP. The content of the link
+     * is created by the DFSP at the time when it gives permission to the PISP for
+     * specific access to a given account.
      */
     PartyIdType:
       | "MSISDN"
@@ -610,6 +609,8 @@ export interface components {
       | "XDR"
       | "XOF"
       | "XPF"
+      | "XTS"
+      | "XXX"
       | "YER"
       | "ZAR"
       | "ZMW"
@@ -1126,99 +1127,6 @@ export interface components {
     errorSimpleTransfersResponse: components["schemas"]["errorResponse"] & {
       [key: string]: unknown;
     };
-    /**
-     * Below are the allowed values for the enumeration AuthenticationType.
-     * - OTP - One-time password generated by the Payer FSP.
-     * - QRCODE - QR code used as One Time Password.
-     * - U2F - U2F is a new addition isolated to Thirdparty stream.
-     */
-    "AuthenticationType-2": "OTP" | "QRCODE" | "U2F";
-    /** The API data type Integer is a JSON String consisting of digits only. Negative numbers and leading zeroes are not allowed. The data type is always limited to a specific number of digits. */
-    Integer: string;
-    /** POST /authorizations request object. */
-    AuthorizationsPostRequest: {
-      authenticationType: components["schemas"]["AuthenticationType-2"];
-      retriesLeft: components["schemas"]["Integer"];
-      amount: components["schemas"]["Money"];
-      transactionId: components["schemas"]["CorrelationId"];
-      transactionRequestId: components["schemas"]["CorrelationId"];
-      quote: components["schemas"]["QuotesIDPutResponse"];
-    };
-    /** POST /authorizations Request object */
-    authorizationsPostRequest: {
-      fspId: components["schemas"]["FspId"];
-      authorizationsPostRequest: components["schemas"]["AuthorizationsPostRequest"];
-    };
-    /** The API data type OtpValue is a JSON String of 3 to 10 characters, consisting of digits only. Negative numbers are not allowed. One or more leading zeros are allowed. */
-    OtpValue: string;
-    /** QR code used as a One Time Password. */
-    QRCODE: string;
-    /** U2F challenge-response, where payer FSP verifies if the response provided by end-user device matches the previously registered key. */
-    U2FPIN: string;
-    /** U2F challenge-response, where payer FSP verifies if the response provided by end-user device matches the previously registered key. */
-    U2FPinValue: {
-      /** U2F challenge-response. */
-      pinValue: components["schemas"]["U2FPIN"];
-      /** Sequential counter used for cloning detection. Present only for U2F authentication. */
-      counter: components["schemas"]["Integer"];
-    };
-    /**
-     * An object sent in a `PUT /thirdpartyRequests/authorization/{ID}` request.
-     * based mostly on: https://webauthn.guide/#authentication
-     * AuthenticatorAssertionResponse
-     */
-    FIDOPublicKeyCredentialAssertion: {
-      /**
-       * credential id: identifier of pair of keys, base64 encoded
-       * https://w3c.github.io/webauthn/#ref-for-dom-credential-id
-       */
-      id: string;
-      /** raw credential id: identifier of pair of keys, base64 encoded. */
-      rawId: string;
-      /** AuthenticatorAssertionResponse */
-      response: {
-        /** Authenticator data object. */
-        authenticatorData: string;
-        /** JSON string with client data. */
-        clientDataJSON: string;
-        /** The signature generated by the private key associated with this credential. */
-        signature: string;
-        /**
-         * This field is optionally provided by the authenticator, and
-         * represents the user.id that was supplied during registration.
-         */
-        userHandle?: string;
-      };
-      /** response type, we need only the type of public-key */
-      type: "public-key";
-    };
-    /** Contains the authentication value. The format depends on the authentication type used in the AuthenticationInfo complex type. */
-    AuthenticationValue: Partial<components["schemas"]["OtpValue"]> &
-      Partial<components["schemas"]["QRCODE"]> &
-      Partial<components["schemas"]["U2FPinValue"]> &
-      Partial<components["schemas"]["FIDOPublicKeyCredentialAssertion"]>;
-    /** Data model for the complex type AuthenticationInfo. */
-    AuthenticationInfo: {
-      authentication: components["schemas"]["AuthenticationType-2"];
-      authenticationValue: components["schemas"]["AuthenticationValue"];
-    };
-    /**
-     * Enum containing response information; if the customer entered the
-     * authentication value, rejected the transaction, or requested a
-     * resend of the authentication value.
-     */
-    AuthorizationResponseType: "ENTERED" | "REJECTED" | "RESEND";
-    /** POST /authorizations response object */
-    authorizationsPostResponse: {
-      authorizations: {
-        authenticationInfo?: components["schemas"]["AuthenticationInfo"];
-        responseType: components["schemas"]["AuthorizationResponseType"];
-      };
-      currentState: components["schemas"]["async2SyncCurrentState"];
-    };
-    errorAuthorizationsResponse: components["schemas"]["errorResponse"] & {
-      [key: string]: unknown;
-    };
   };
   responses: {
     /** Transfer completed successfully */
@@ -1367,18 +1275,6 @@ export interface components {
         "application/json": components["schemas"]["errorSimpleTransfersResponse"];
       };
     };
-    /** Sync response from POST /authorizations */
-    authorizationPostSuccess: {
-      content: {
-        "application/json": components["schemas"]["authorizationsPostResponse"];
-      };
-    };
-    /** An error occurred processing the authorizations request */
-    authorizationsServerError: {
-      content: {
-        "application/json": components["schemas"]["errorAuthorizationsResponse"];
-      };
-    };
   };
   parameters: {
     /** Identifier of the transfer to continue as returned in the response to a `POST /transfers` request. */
@@ -1457,19 +1353,6 @@ export interface operations {
       };
     };
   };
-  /** The HTTP request `POST /authorizations` is used to request the Payer to enter the applicable credentials in the PISP system. */
-  AuthorizationsPost: {
-    responses: {
-      200: components["responses"]["authorizationPostSuccess"];
-      500: components["responses"]["authorizationsServerError"];
-    };
-    /** Perform authorization */
-    requestBody: {
-      content: {
-        "application/json": components["schemas"]["authorizationsPostRequest"];
-      };
-    };
-  };
 }
 
 export interface external {}

package/OutboundServer/api_template/openapi.yaml

@@ -50,6 +50,3 @@ paths:
     $ref: 'paths/quotes.yaml'
   '/simpleTransfers':
     $ref: 'paths/simpleTransfers.yaml'
-  '/authorizations':
-     $ref: 'paths/authorizations.yaml'
-

package/OutboundServer/handlers.js

@@ -23,8 +23,7 @@ const {
     OutboundBulkQuotesModel,
     PartiesModel,
     QuotesModel,
-    TransfersModel,
-    AuthorizationsModel
+    TransfersModel
 } = require('../lib/model');
 
 
@@ -97,9 +96,6 @@ const handleRequestQuotesInformationError = (method, err, ctx) =>
 const handleRequestSimpleTransfersInformationError = (method, err, ctx) =>
     handleError(method, err, ctx, 'requestSimpleTransfersInformationState');
 
-const handleRequestAuthorizationsInformationError = (method, err, ctx) =>
-    handleError(method, err, ctx, 'requestAuthorizationsInformationState');
-
 /**
  * Handler for outbound transfer request initiation
  */
@@ -538,37 +534,6 @@ const postSimpleTransfers = async (ctx) => {
     }
 };
 
-const postAuthorizations = async (ctx) => {
-
-    const authorization = { ...ctx.request.body.authorizationsPostRequest };
-    const fspId = ctx.request.body.fspId;
-    const args = { transactionRequestId: authorization.transactionRequestId, fspId, authorization };
-
-    try {
-        // prepare config
-        const modelConfig = {
-            ...ctx.state.conf,
-            cache: ctx.state.cache,
-            logger: ctx.state.logger,
-            wso2Auth: ctx.state.wso2Auth,
-        };
-
-        const cacheKey = AuthorizationsModel.generateKey(args);
-
-        // use the authorizations model to execute asynchronous stages with the switch
-        const model = await AuthorizationsModel.create({}, cacheKey, modelConfig);
-
-        // run model's workflow
-        const response = await model.run(args);
-
-        // return the result
-        ctx.response.status = 200;
-        ctx.response.body = response;
-    } catch (err) {
-        return handleRequestAuthorizationsInformationError('postAuthorizations', err, ctx);
-    }
-};
-
 module.exports = {
     '/': {
         get: healthCheck
@@ -615,8 +580,5 @@ module.exports = {
     },
     '/simpleTransfers': {
         post: postSimpleTransfers
-    },
-    '/authorizations': {
-        post: postAuthorizations
-    }    
+    }
 };