gert existing consents for opey

Author: nemozak1

server/controllers/OpeyIIController.ts

@@ -303,10 +303,16 @@ export class OpeyController {
 
           // Check if user already has a consent for opey
           // If so, return the consent id
-          const consent = await this.obpConsentsService.getExistingConsent(session)
-          if (consent) {
-              console.log("Existing consent: ", consent)
+          const consentId = await this.obpConsentsService.getExistingOpeyConsentId(session)
+
+          if (consentId) {
+              console.log("Existing consent ID: ", consentId)
+              // If we have a consent id, we can get the consent from OBP
+              const consent = await this.obpConsentsService.getConsentByConsentId(session, consentId)
+
               return response.status(200).json({consent_id: consent.consent_id});
+          } else {
+              console.log("No existing consent ID found")
           }
           // Either here or in this method, we should check if there is already a consent stored in the session
 

server/services/OBPConsentsService.ts

@@ -7,6 +7,28 @@ import axios from 'axios'
 import { Session } from 'express-session'
 
 @Service()
+/**
+ * Service for managing Open Banking Project (OBP) consents functionality.
+ * This class handles the creation of consent clients, consent creation, and retrieval
+ * based on user sessions.
+ * 
+ * @class OBPConsentsService
+ * @description Provides methods to interact with OBP Consent APIs, allowing the application 
+ * to create and manage consents that permit access to user accounts via API Explorer II.
+ * 
+ * Key functionalities:
+ * - Creating consent API clients based on user sessions
+ * - Creating implicit consents for access delegation i.e. for opey
+ * - Retrieving existing consents by ID
+ * - Finding consents associated with specific consumers (e.g., Opey)
+ * 
+ * @requires OBPClientService
+ * @requires Configuration
+ * @requires ConsentApi
+ * @requires InlineResponse2017
+ * @requires ConsentsIMPLICITBody1
+ * @requires axios
+ */
 export default class OBPConsentsService {
     private consentApiConfig: Configuration
     public obpClientService: OBPClientService // This needs to be changed once we migrate away from the old OBP SDK
@@ -106,31 +128,58 @@ export default class OBPConsentsService {
 
     }
 
-    async getExistingConsent(session: Session): Promise<any> {
+
+
+    /**
+     * Retrieves a consent by consent ID for the current user.
+     * 
+     * This method fetches a specific consent using its ID and updates the session
+     * with the retrieved consent data under the opeyConfig property.
+     *
+     * @param session - The user's session object, which must contain clientConfig with valid OAuth tokens
+     * @param consentId - The unique identifier of the consent to retrieve
+     * @returns Promise resolving to the consent data retrieved from OBP API
+     * @throws Error if the user is not logged in (no valid clientConfig or accessToken)
+     * @throws Error if the request to get the consent fails
+     */
+    async getConsentByConsentId(session: Session, consentId: string): Promise<any> {
+
+        const clientConfig = session['clientConfig']
+        if (!clientConfig || !clientConfig.oauthConfig.accessToken) {
+            throw new Error('User is not logged in')
+        }
+
+        try {
+            const response = await this._sendOBPRequest(`/obp/v5.1.0/user/current/consents/${consentId}`, 'GET', clientConfig)
+            
+            session['opeyConfig'] = {
+                authConfig: {
+                    obpConsent: response.data
+                }
+            }
+            
+            return response.data
+        } catch (error) {
+            console.error(error)
+            throw new Error(`Consent with ID ${consentId} not retrieved: ${error}`)
+        }
+    }
+
+    async getExistingOpeyConsentId(session: Session): Promise<any> {
         // Get Consents for the current user, check if any of them are for Opey
         // If so, return the consent
 
         // I.e. this is done by iterating and finding the consent with the correct consumer ID
 
         // Get the Consents API client from the OBP SDK
-        // The OBP SDK is fucked here, so we'll need to use Fetch until the SWAGGER WILL ACTUALLY WORK
+        // The OBP SDK is messed up here, so we'll need to use Fetch until the SWAGGER WILL ACTUALLY WORK
         // const client = await this.createUserConsentsClient(session, '/obp/v5.1.0/my/consents/IMPLICIT', 'POST')
         // if (!client) {
         //     throw new Error('Could not create Consents API client')
         // }
 
 
         // Function to send an OBP request using the logged in user's OAuth1 headers
-        const sendOBPRequest = async (path: string, method: string, clientConfig: any) =>{
-            const oauth1Headers = await this.obpClientService.getOAuthHeader(path, method, clientConfig)
-            const config = {
-                headers: {
-                    'Authorization': oauth1Headers,
-                    'Content-Type': 'application/json',
-                }
-            }
-            return axios.get(`${clientConfig.baseUri}${path}`, config)
-        }
 
         const clientConfig = session['clientConfig']
         if (!clientConfig || !clientConfig.oauthConfig.accessToken) {
@@ -142,19 +191,19 @@ export default class OBPConsentsService {
 
         let opeyConsentId: string | null = null
         try {
-            const response = await sendOBPRequest(consentInfosPath, 'GET', clientConfig)
+            const response = await this._sendOBPRequest(consentInfosPath, 'GET', clientConfig)
             const consents = response.data.consents
 
             const opeyConsumerID = process.env.VITE_OPEY_CONSUMER_ID
             if (!opeyConsumerID) {
                 throw new Error('Opey Consumer ID is missing, please set VITE_OPEY_CONSUMER_ID')
             }
 
-            
+            console.log('consents data: \n', response.data) //DEBUG
 
             for (const consent of consents) {
-                console.log('consent ', consent)
-                if (consent.consumer_id === opeyConsumerID && consent.staus === 'ACCEPTED') {
+                console.log(`consent_consumer_id: ${consent.consumer_id}, opey_consumer_id: ${opeyConsumerID}\n consent_status: ${consent.status}`) //DEBUG
+                if (consent.consumer_id === opeyConsumerID && consent.status === 'ACCEPTED') {
                     opeyConsentId = consent.consent_id
                     break
                 }
@@ -163,30 +212,26 @@ export default class OBPConsentsService {
             if (!opeyConsentId) {
                 console.log('getExistingConsent: No consent found for Opey for current user')
                 return null
+            } else {
+                return opeyConsentId
             }
 
         } catch (error) {
             console.error(error)
             throw new Error(`Could not get existing consent info, ${error}`)
         }
 
-        // Now try to get the consent using the consent ID
-        try {
-            const response = await sendOBPRequest(`/obp/v5.1.0/user/current/consents/${opeyConsentId}`, 'GET', clientConfig)
-            
-            session['opeyConfig'] = {
-                authConfig: {
-                    obpConsent: response.data
-                }
+    }
+
+    async _sendOBPRequest (path: string, method: string, clientConfig: any) {
+        const oauth1Headers = await this.obpClientService.getOAuthHeader(path, method, clientConfig)
+        const config = {
+            headers: {
+                'Authorization': oauth1Headers,
+                'Content-Type': 'application/json',
             }
-            
-            return response.data
-        } catch (error) {
-            console.error(error)
-            throw new Error(`Could not get existing consent, ${error}`)
         }
-
-
+        return axios.get(`${clientConfig.baseUri}${path}`, config)
     }
 
 

server/services/OpeyClientService.ts

@@ -207,6 +207,10 @@ export default class OpeyClientService {
         }
     }
 
+    // async respondToToolApproval(tool_approval_response): Promise<ReadableStream> {
+
+    // }
+
 
     /**
      * Checks if the authentication configuration in the OpeyConfig is valid.

server/test/OBPConsentsService.test.ts

@@ -1,7 +1,10 @@
-import {describe, it, vi, Mock } from 'vitest'
+import {describe, it, vi, Mock, Mocked} from 'vitest'
 import { ConsentApi, InlineResponse2017 } from 'obp-api-typescript'
 import { APIClientConfig, OAuthConfig } from 'obp-typescript';
-import { AxiosResponse } from 'axios'
+import axios, { AxiosResponse } from 'axios'
+
+vi.mock('axios')
+const mockedAxios = axios as Mocked<typeof axios>;
 
 const mockGetOAuthHeader = vi.fn(async () => (`OAuth oauth_consumer_key="jgaawf2fnj4yixqdsfaq4gipt4v1wvgsxgre",oauth_nonce="JiGDBWA3MAyKtsd9qkfWCxfju36bMjsA",oauth_signature_method="HMAC-SHA1",oauth_timestamp="1741364123",oauth_version="1.0",oauth_signature="sa%2FRylnsdfLK8VPZI%2F2WkGFlTKs%3D"`));
 const mockGetDirectLoginToken = vi.fn(async () => {
@@ -22,6 +25,7 @@ vi.mock('../services/OBPClientService', () => {
 })
 
 import OBPConsentsService from '../services/OBPConsentsService';
+import OpeyClientService from '../services/OpeyClientService';
 
 describe('OBPConsentsService.createUserConsentsClient', () => {
     let obpConsentsService: OBPConsentsService;
@@ -155,4 +159,80 @@ describe('OBPConsentsService.createConsent', () => {
         expect(mockSession.opeyConfig.authConfig.obpConsent).toHaveProperty('status', 'INITIATED');
         expect(mockSession.opeyConfig.authConfig.obpConsent).toHaveProperty('jwt', 'asdjfawieofaowbfaowhh2084h02pefhh0.20fh02h0h29eyf09q3h09h.2-hf4-8h284hf0h0h0284r0');
     });
+})
+
+describe('OBPConsentsService.getExistingOpeyConsentId', () => {
+    let obpConsentsService: OBPConsentsService;
+    let mockOBPv310CreateConsentImplicit: Mock
+    let mockConsentApi: ConsentApi;
+    let mockSession: any;
+    let opeyConsumerId: string;
+
+
+    beforeEach(() => {
+        vi.clearAllMocks();
+
+        opeyConsumerId = "06739ada-c316-488e-a8bf-1cafd8a83d98"
+
+        obpConsentsService = new OBPConsentsService();
+        mockSession = {
+            clientConfig: <APIClientConfig>{
+                baseUri: 'https://test.openbankproject.com',
+                version: 'v5.1.0',
+                oauthConfig: <OAuthConfig>{
+                    consumerKey: 'jgaawf2fnj4yixqdsfaq4gipt4v1wvgsxgre',
+                    consumerSecret: 'asdofasdpfjawpefapwehhpfawheofphawfefh',
+                    accessToken: {
+                        key: 'asdhfiwah83o74gha8ygd8020ga8g28eoiahd',
+                        secret: 'hpdasf79a4hahp9h29pphphepuuhu9hwpwufhpuw9eh',
+                    }
+                }
+            }
+        }
+    })
+    it('given a list of consents containing a matching consent_id for opey, return that consent', async () => {
+        // Mock the axios function used in getExistingConsent
+        mockedAxios.get.mockImplementationOnce(() => Promise.resolve(
+            {
+                data: {
+                    consents: [
+                        {
+                            consent_id: 'd225cfa0-7156-4bb8-a538-229dd994ed24',
+                            consumer_id: '06739ada-c316-488e-a8bf-1cafd8a83d98',
+                            created_by_user_id: '38c50591-0210-4c68-8957-8e98d6729a65',
+                            last_action_date: '2025-04-10',
+                            last_usage_date: '2025-04-10T14:13:27Z',
+                            status: 'ACCEPTED',
+                            api_standard: 'obp',
+                            api_version: ''
+                        },
+                        {
+                            consent_id: '3a5ec308-db13-460d-a497-49c1d65da439',
+                            consumer_id: '123hd131-c316-488e-a8bf-1cafd8a83d98',
+                            created_by_user_id: '38c50591-0210-4c68-8957-8e98d6729a65',
+                            last_action_date: '2025-04-10',
+                            last_usage_date: '2025-04-10T13:54:56Z',
+                            status: 'ACCEPTED',
+                            api_standard: 'obp',
+                            api_version: ''
+                        },
+                        {
+                            consent_id: '5bc2f5af-26b5-425e-8506-84c728fb5c1a',
+                            consumer_id: '06739ada-c316-488e-a8bf-1cafd8a83d98',
+                            created_by_user_id: '38c50591-0210-4c68-8957-8e98d6729a65',
+                            last_action_date: '2025-04-10',
+                            last_usage_date: '2025-04-10T13:51:55Z',
+                            status: 'INITIATED',
+                            api_standard: 'obp',
+                            api_version: ''
+                        }
+                    ]
+                }
+            }
+        ))   
+        
+        const consentId = await obpConsentsService.getExistingOpeyConsentId(mockSession)
+
+        expect(consentId).toBe('d225cfa0-7156-4bb8-a538-229dd994ed24')
+    })
 })