java.lang.Object
- de.adorsys.ledgers.oba.rest.server.resource.SCAController

All Implemented Interfaces:: SCAApi

@RestController
@RequestMapping("/sca")
public class SCAController
extends Object
implements SCAApi

Field Summary
- Fields inherited from interface de.adorsys.ledgers.oba.rest.api.resource.SCAApi
  BASE_PATH

Constructor Summary

Constructors
Constructor Description

SCAController()

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`org.springframework.http.ResponseEntity<AuthorizeResponse>`	`login(String login, String pin)`	STEP-P1, STEP-A1: Validates the login and password of a user.
`org.springframework.http.ResponseEntity<AuthorizeResponse>`	`selectMethod(String scaId, String authorisationId, String methodId, String cookies)`	Select a method for sending the authentication code.
`org.springframework.http.ResponseEntity<AuthorizeResponse>`	`validateAuthCode(String scaId, String authorisationId, String authCode, String cookies)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail
- SCAController
```
public SCAController()
```

Method Detail

login
```
public org.springframework.http.ResponseEntity<AuthorizeResponse> login(String login,
                                                                        String pin)
```
STEP-P1, STEP-A1: Validates the login and password of a user. This request is associated with an scaId that is directly bound to the consentId/paymentId used in the xs2a redirect request. BTW the scaId can be the initiating consent id itself or a random id mapping to the consentId (resp. paymentId)
Implementation first validates existence of the consent. If the consent does not exist or has the wrong status, the request is rejected.
Call the backend middleware to obtain a login token. This is a token only valid for the sca process.
Store the login token in a cookie.
If the user has no sca method, then return the consent access token.
If the user has only one sca method, sent authentication code to the user and return the sac method id in the AuthorizeResponse
If the user has more than one sca methods, returns the list of sca methods in the AuthorizeResponse and wait for sca method selection.
Method expects

Specified by:

login in interface SCAApi

Parameters:

login - the customer banking login

pin - the customer banking pin

Returns:

the auth response

selectMethod

public org.springframework.http.ResponseEntity<AuthorizeResponse> selectMethod(String scaId,
                                                                               String authorisationId,
                                                                               String methodId,
                                                                               String cookies)

Select a method for sending the authentication code.

Specified by:: selectMethod in interface SCAApi
Parameters:: scaId - the id of the login process; methodId - the auth method id; authorisationId - the auth id.; cookies - the cookie string
Returns:: the auth response.

validateAuthCode

public org.springframework.http.ResponseEntity<AuthorizeResponse> validateAuthCode(String scaId,
                                                                                   String authorisationId,
                                                                                   String authCode,
                                                                                   String cookies)

Specified by:: validateAuthCode in interface SCAApi

Class SCAController

Field Summary

Fields inherited from interface de.adorsys.ledgers.oba.rest.api.resource.SCAApi

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

SCAController

Method Detail

login

selectMethod

validateAuthCode