diff --git a/README.md b/README.md index a19d69c1..889dfc49 100644 --- a/README.md +++ b/README.md @@ -16,7 +16,17 @@ This document is organized into the following sections - [Getting Started](#getting-started) - [Installation](#installation) - [Test](#Test) -- [Developer Portal](#developer-portal) + +[Developer Portal](#developer-portal) + +- [Developer Portal Setup](#developer-portal-setup) + +[Data](#data) + +[Notes for Implementors](#notes-for-implementors) + +- [Client App Developers](#client-app-developers) +- [API Deployment](#api-deployment) [Changelog](#changelog) @@ -219,9 +229,37 @@ run tests gulp test ``` -### Developer Portal -Developer Portal setup is detailed in a separate [document](./src/devportal/README.md) +## Developer Portal +Every API provider must be able to educate developers and successfully expose their APIs. A developer portal is the face of your API program, providing everything that internal, partner, and third party developers need. + +Developers need to interact with the Banks and with each other. Enable your developer community to provide feedback, make support and feature requests, and submit their own content that can be accessed by other developers with the right developer portal. + +Apigee Edge provides with a Developer Services portal that you can use to build and launch your own customized website to provide all of these services to your development community. One has the option to create their own developer portal, either in the cloud or on-premises. + +The below picture depicts how a dev portal looks like + +![developer-portal](images/openbank.png) + +### Developer Portal Setup +The detailed instructions for developer portal setup for openbank solution can be found [Here](./src/devportal/README.md). + +## Data +The dummy Backend system is created by the deploy script for this OpenBank solution and is hosted on [Baas 2.0](http://apibaas.apigee.com/) in your org. You can find the dummy data under `./setup/data` folder + +## Notes for Implementors + +### Client App Developers + +- The APIs use Public/Private Key pair for doing JWS signing of the Payload. The Public Key of the sample bank and Private Key for the sample TPP (Client App) are present in `./test` folder. + +### API Deployment + +- You can find two sets of Public/Private Key Pair under `./test` folder; you could use it for configuring the APIs to use them for signing/verifying the responses/requests. +- Private key for the bank has to be provided during deployment. It is recommended to define a Prompt in config.yml and use it as value for the private key. +- For Production access, a Mutual TSL connectivity needs to be configured as defined [here](http://docs.apigee.com/api-services/content/creating-virtual-host). +- While running `gulp deploy` please do make sure there are no custom APIs defined with the same names; otherwise those APIs will be overwritten with a new revision. + ## Changelog diff --git a/config.yml b/config.yml index 3924255c..7c7403cc 100644 --- a/config.yml +++ b/config.yml @@ -200,7 +200,7 @@ resources: type: app items: - name: AISP_App - payload: '{"name":"AISP_App","attributes":[{"name":"tppId","value":"12345"},{"name":"publicKey","value":"-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZhaB6ciF8hzzHkv3tkl20LS8KfWgRb/V4I6pB9ADNPBNgrceSf+mLoIWxrRDgTSYqyYYXmj3Fy9B1mG4lpUvrClt4hHKaBvsRZKn4/r2dPxUo0ggI+ruxQaQoKf2v8sEJe6Sx7btBvBxTqOMlIxP1GDNYJICaXo8jsBeNVDtCeFP2e9QJUmNvYGY7IfB8vUqFFcHushNmKmdR5H6pUg/JOsheFyi41UT05Zu3FvMHBAJab4OnybOLrovCVshu3Q7BOFkQVkYF4HrD0IM4GDojGt4OfMqESnLvG7+UywNjs/zjmdX0mn1wG7mZjlXfgh0DKo/MeWCW+gEQdPejCrBwIDAQAB -----END PUBLIC KEY-----"}],"callback":"http://localhost/","email":"openbank@apigee.net","apiProducts":"account_apis"}' + payload: '{"name":"AISP_App","attributes":[{"name":"tppId","value":"12345"},{"name":"publicKey","value":"-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZhaB6ciF8hzzHkv3tkl20LS8KfWgRb/V4I6pB9ADNPBNgrceSf+mLoIWxrRDgTSYqyYYXmj3Fy9B1mG4lpUvrClt4hHKaBvsRZKn4/r2dPxUo0ggI+ruxQaQoKf2v8sEJe6Sx7btBvBxTqOMlIxP1GDNYJICaXo8jsBeNVDtCeFP2e9QJUmNvYGY7IfB8vUqFFcHushNmKmdR5H6pUg/JOsheFyi41UT05Zu3FvMHBAJab4OnybOLrovCVshu3Q7BOFkQVkYF4HrD0IM4GDojGt4OfMqESnLvG7+UywNjs/zjmdX0mn1wG7mZjlXfgh0DKo/MeWCW+gEQdPejCrBwIDAQAB -----END PUBLIC KEY-----"}],"callback":"http://localhost/,https://api.enterprise.apigee.com/v1/o/{{ org }}/apimodels/accounts-apis-v1-0/templateauths/PSUOAuth2Security/callback","email":"openbank@apigee.net","apiProducts":"account_apis"}' assignResponse: - from: credentials.0.consumerKey to: apiKey_AISP @@ -209,7 +209,7 @@ resources: - from: appId to: appId_AISP - name: PISP_App - payload: '{"name":"PISP_App","attributes":[{"name":"tppId","value":"12345"},{"name":"publicKey","value":"-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZhaB6ciF8hzzHkv3tkl20LS8KfWgRb/V4I6pB9ADNPBNgrceSf+mLoIWxrRDgTSYqyYYXmj3Fy9B1mG4lpUvrClt4hHKaBvsRZKn4/r2dPxUo0ggI+ruxQaQoKf2v8sEJe6Sx7btBvBxTqOMlIxP1GDNYJICaXo8jsBeNVDtCeFP2e9QJUmNvYGY7IfB8vUqFFcHushNmKmdR5H6pUg/JOsheFyi41UT05Zu3FvMHBAJab4OnybOLrovCVshu3Q7BOFkQVkYF4HrD0IM4GDojGt4OfMqESnLvG7+UywNjs/zjmdX0mn1wG7mZjlXfgh0DKo/MeWCW+gEQdPejCrBwIDAQAB -----END PUBLIC KEY-----"}],"callback":"http://localhost/","email":"openbank@apigee.net","apiProducts":"payment_apis"}' + payload: '{"name":"PISP_App","attributes":[{"name":"tppId","value":"12345"},{"name":"publicKey","value":"-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZhaB6ciF8hzzHkv3tkl20LS8KfWgRb/V4I6pB9ADNPBNgrceSf+mLoIWxrRDgTSYqyYYXmj3Fy9B1mG4lpUvrClt4hHKaBvsRZKn4/r2dPxUo0ggI+ruxQaQoKf2v8sEJe6Sx7btBvBxTqOMlIxP1GDNYJICaXo8jsBeNVDtCeFP2e9QJUmNvYGY7IfB8vUqFFcHushNmKmdR5H6pUg/JOsheFyi41UT05Zu3FvMHBAJab4OnybOLrovCVshu3Q7BOFkQVkYF4HrD0IM4GDojGt4OfMqESnLvG7+UywNjs/zjmdX0mn1wG7mZjlXfgh0DKo/MeWCW+gEQdPejCrBwIDAQAB -----END PUBLIC KEY-----"}],"callback":"http://localhost/,https://api.enterprise.apigee.com/v1/o/{{ org }}/apimodels/payments-apis-v1-0/templateauths/PSUOAuth2Security/callback","email":"openbank@apigee.net","apiProducts":"payment_apis"}' assignResponse: - from: credentials.0.consumerKey to: apiKey_PISP diff --git a/init_openapis.js b/init_openapis.js index ab1bd193..7660ae54 100644 --- a/init_openapis.js +++ b/init_openapis.js @@ -17,7 +17,7 @@ var mustache = require('mustache'); var path = require('path'); var fs = require('fs-extra'); -var jwt = require('jsonwebtoken'); +//var jwt = require('jsonwebtoken'); var prompt_lib = require('prompt'); var request = require('request'); @@ -32,7 +32,7 @@ var request = require('request'); node install_tmp.js */ -var files_list = ['src/devportal/all/modules/custom/openbank_swagger/swaggers/accountsinfov2.json.template','src/devportal/all/modules/custom/openbank_swagger/swaggers/authv2.json.template','src/devportal/all/modules/custom/openbank_swagger/swaggers/userinfov2.json.template','src/devportal/all/modules/custom/openbank_swagger/swaggers/opendata-locations.json.template','src/devportal/all/modules/custom/openbank_swagger/swaggers/paymentsV2.json.template','src/devportal/all/modules/custom/openbank_swagger/swaggers/opendata-products.json.template'] +var files_list = ['src/devportal/all/modules/custom/openbank_swagger/swaggers/oauthv1-0.json.template','src/devportal/all/modules/custom/openbank_swagger/swaggers/accountv1-0.json.template','src/devportal/all/modules/custom/openbank_swagger/swaggers/paymentv1-0.json.template','src/devportal/all/themes/dbank/js/smartdocsDynamic.js.template']; var inject_object = {} @@ -98,6 +98,10 @@ function post_prompt(err, results) { } inject_object.org = results['org']; + if(results['env']) + { + inject_object.env = results['env']; + } var org = results['org'] var username = results['username']; var password = results['password']; @@ -131,12 +135,12 @@ function post_prompt(err, results) { - get_app_details('AISP_App_v2', edge_host, org, username, password, function (aisp_details) { + get_app_details('AISP_App', edge_host, org, username, password, function (aisp_details) { secret_aisp = aisp_details.credentials[0].consumerSecret; client_id_aisp = aisp_details.credentials[0].consumerKey; redirect_uri_aisp = aisp_details.callbackUrl; - get_app_details('PISP_App_v2', edge_host, org, username, password, function (pisp_details) { + get_app_details('PISP_App', edge_host, org, username, password, function (pisp_details) { secret_pisp = pisp_details.credentials[0].consumerSecret; client_id_pisp = pisp_details.credentials[0].consumerKey; redirect_uri_pisp = pisp_details.callbackUrl; @@ -146,8 +150,8 @@ function post_prompt(err, results) { inject_object.client_id_aisp = client_id_aisp; inject_object.client_id_pisp = client_id_pisp; inject_object.redirect_uri_pisp = redirect_uri_pisp; - - get_app_details('Opendata_App_v2', edge_host, org, username, password, function (opendata_details) { + replace_variables(paths, inject_object); + /*get_app_details('Opendata_App_v2', edge_host, org, username, password, function (opendata_details) { secret_openid = opendata_details.credentials[0].consumerSecret; client_id_openid = opendata_details.credentials[0].consumerKey; redirect_uri_openid = opendata_details.callbackUrl; @@ -158,7 +162,7 @@ function post_prompt(err, results) { replace_variables(paths, inject_object) - }); + });*/ }); diff --git a/openapi/accountv1-0.json b/openapi/accountv1-0.json new file mode 100644 index 00000000..2e66c13e --- /dev/null +++ b/openapi/accountv1-0.json @@ -0,0 +1,2864 @@ +{ + "swagger": "2.0", + "host": "testdemorrai-test.apigee.net", + "info": { + "title": "Account Information APIs", + "description": "Swagger specification for Account Information APIs", + "termsOfService": "https://www.openbanking.org.uk/terms", + "contact": { + "name": "Craig Greenhouse", + "email": "Craig.Greenhouse@openbanking.org.uk" + }, + "license": { + "name": "open-licence", + "url": "https://www.openbanking.org.uk/open-licence" + }, + "version": "v1.0.0" + }, + "basePath": "/ais/open-banking/v1.0", + "schemes": [ + "https" + ], + "produces": [ + "application/json" + ], + "paths": { + "/account-requests": { + "post": { + "summary": "Create an account request", + "description": "Create an account request", + "operationId": "CreateAccountRequest", + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "body", + "in": "body", + "description": "Create an Account Request", + "required": true, + "schema": { + + "$ref": "#/definitions/AccountRequest" + + } + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "required": true, + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + }, + { + "in": "header", + "name": "x-jws-signature", + "type": "string", + "required": true, + "description": "Header containig a detached JWS signature of the body of the payload." + } + ], + "responses": { + "201": { + "description": "Account Request resource successfully created", + "schema": { + "$ref": "#/definitions/CreateAccountRequest" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containig a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + } + } + }, + "/account-requests/{AccountRequestId}": { + "get": { + "summary": "Get an account request", + "description": "Get an account request", + "operationId": "GetAccountRequest", + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "AccountRequestId", + "in": "path", + "description": "Unique identification as assigned by the ASPSP to uniquely identify the account request resource.", + "required": true, + "type": "string" + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "required": true, + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Account Request resource successfully retrieved", + "schema": { + "$ref": "#/definitions/CreateAccountRequest" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + } + }, + "delete": { + "summary": "Delete an account request", + "description": "Delete an account request", + "operationId": "DeleteAccountRequest", + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "AccountRequestId", + "in": "path", + "description": "Unique identification as assigned by the ASPSP to uniquely identify the account request resource.", + "required": true, + "type": "string" + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "required": true, + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + } + ], + "responses": { + "204": { + "description": "Account Request resource successfully deleted", + "headers": { + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + } + } + }, + "/accounts": { + "get": { + "summary": "Get Accounts", + "description": "Get a list of accounts", + "operationId": "GetAccounts", + "produces": [ + "application/json" + ], + "parameters": [ + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Accounts successfully retrieved", + "schema": { + "$ref": "#/definitions/AccountInfo" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/accounts/{AccountId}": { + "get": { + "summary": "Get Account", + "description": "Get an account", + "operationId": "GetAccount", + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "AccountId", + "in": "path", + "description": "A unique identifier used to identify the account resource.", + "required": true, + "type": "string" + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Account resource successfully retrieved", + "schema": { + "$ref": "#/definitions/AccountInfo" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/accounts/{AccountId}/transactions": { + "get": { + "summary": "Get Account Transactions", + "description": "Get transactions related to an account", + "operationId": "GetAccountTransactions", + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "AccountId", + "in": "path", + "description": "A unique identifier used to identify the account resource.", + "required": true, + "type": "string" + }, + { + "in": "query", + "name": "fromBookingDateTime", + "type": "string", + "format": "date-time", + "description": "The UTC ISO 8601 Date Time to filter transactions FROM - NB Time component is optional - set to 00:00:00 for just Date" + }, + { + "in": "query", + "name": "toBookingDateTime", + "type": "string", + "format": "date-time", + "description": "The UTC ISO 8601 Date Time to filter transactions TO - NB Time component is optional - set to 00:00:00 for just Date" + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Account Transactions successfully retrieved", + "schema": { + + "$ref": "#/definitions/AccountTransactions" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/accounts/{AccountId}/beneficiaries": { + "get": { + "summary": "Get Account Beneficiaries", + "description": "Get Beneficiaries related to an account", + "operationId": "GetAccountBeneficiaries", + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "AccountId", + "in": "path", + "description": "A unique identifier used to identify the account resource.", + "required": true, + "type": "string" + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Account Beneficiaries successfully retrieved", + "schema": { + + "$ref": "#/definitions/AccountBeneficiaries" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/accounts/{AccountId}/balances": { + "get": { + "summary": "Get Account Balances", + "description": "Get Balances related to an account", + "operationId": "GetAccountBalances", + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "AccountId", + "in": "path", + "description": "A unique identifier used to identify the account resource.", + "required": true, + "type": "string" + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Account Beneficiaries successfully retrieved", + "schema": { + + "$ref": "#/definitions/AccountBalance" + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/accounts/{AccountId}/direct-debits": { + "get": { + "summary": "Get Account Direct Debits", + "description": "Get Direct Debits related to an account", + "operationId": "GetAccountDirectDebits", + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "AccountId", + "in": "path", + "description": "A unique identifier used to identify the account resource.", + "required": true, + "type": "string" + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Account Direct Debits successfully retrieved", + "schema": { + + "$ref": "#/definitions/AccountDirectDebits" + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/accounts/{AccountId}/standing-orders": { + "get": { + "summary": "Get Account Standing Orders", + "description": "Get Standing Orders related to an account", + "operationId": "GetAccountStandingOrders", + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "AccountId", + "in": "path", + "description": "A unique identifier used to identify the account resource.", + "required": true, + "type": "string" + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Account Standing Orders successfully retrieved", + "schema": { + + "$ref": "#/definitions/AccountStandingOrders" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/accounts/{AccountId}/product": { + "get": { + "summary": "Get Account Product", + "description": "Get Product related to an account", + "operationId": "GetAccountProduct", + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "AccountId", + "in": "path", + "description": "A unique identifier used to identify the account resource.", + "required": true, + "type": "string" + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Account Product successfully retrieved", + "schema": { + "$ref": "#/definitions/AccountProduct" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/standing-orders": { + "get": { + "summary": "Get Standing Orders", + "description": "Get Standing Orders", + "operationId": "GetStandingOrders", + "produces": [ + "application/json" + ], + "parameters": [ + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Standing Orders successfully retrieved", + "schema": { + + "$ref": "#/definitions/AccountStandingOrders" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/direct-debits": { + "get": { + "summary": "Get Direct Debits", + "description": "Get Direct Debits", + "operationId": "GetDirectDebits", + "produces": [ + "application/json" + ], + "parameters": [ + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Direct Debits successfully retrieved", + "schema": { + + "$ref": "#/definitions/AccountDirectDebits" + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/beneficiaries": { + "get": { + "summary": "Get Beneficiaries", + "description": "Get Beneficiaries", + "operationId": "GetBeneficiaries", + "produces": [ + "application/json" + ], + "parameters": [ + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Beneficiaries successfully retrieved", + "schema": { + + "$ref": "#/definitions/AccountBeneficiaries" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/transactions": { + "get": { + "summary": "Get Transactions", + "description": "Get Transactions", + "operationId": "GetTransactions", + "produces": [ + "application/json" + ], + "parameters": [ + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + }, + { + "in": "query", + "name": "fromBookingDateTime", + "type": "string", + "format": "date-time", + "description": "The UTC ISO 8601 Date Time to filter transactions FROM - NB Time component is optional - set to 00:00:00 for just Date" + }, + { + "in": "query", + "name": "toBookingDateTime", + "type": "string", + "format": "date-time", + "description": "The UTC ISO 8601 Date Time to filter transactions TO - NB Time component is optional - set to 00:00:00 for just Date" + } + ], + "responses": { + "200": { + "description": "Transactions successfully retrieved", + "schema": { + + "$ref": "#/definitions/AccountTransactions" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/balances": { + "get": { + "summary": "Get Balances", + "description": "Get Balances", + "operationId": "GetBalances", + "produces": [ + "application/json" + ], + "parameters": [ + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Balances successfully retrieved", + "schema": { + + "$ref": "#/definitions/AccountBalance" + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + } + }, + "responses": { + "400ErrorResponse": { + "description": "Bad Request" + }, + "401ErrorResponse": { + "description": "Unauthorized" + }, + "403ErrorResponse": { + "description": "Forbidden" + }, + "429ErrorResponse": { + "description": "Too Many Requests" + } + }, + "securityDefinitions": { + "PSUOAuth2Security": { + "type": "oauth2", + "flow": "accessCode", + "tokenUrl": "https://testdemorrai-test.apigee.net/apis/v1.0/oauth/token", + "authorizationUrl": "https://testdemorrai-test.apigee.net/apis/v1.0/oauth/authorize?response_type=code&client_id=zPq1BGV4OlLV7hJR1DsbfTI1t3orbDmD&state=abcd1234&scope=openid accounts&redirect_uri=https://api.enterprise.apigee.com/v1/o/testdemorrai/apimodels/accounts-apis-v1-0/templateauths/PSUOAuth2Security/callback", + "scopes": { + "accounts": "Ability to read Accounts information", + "openid" : "openId" + }, + "description": "OAuth flow, it is required when the PSU needs to perform SCA with the ASPSP when a TPP wants to access an ASPSP resource owned by the PSU" + } + }, + "definitions": + { + "CreateAccountRequest" : + { + "title": "Account Request POST response", + "type": "object", + "properties": { + "Data": { + "title": "Data", + "type": "object", + "properties": { + "AccountRequestId": { + "description": "Unique identification as assigned to identify the account request resource.", + "type": "string", + "minLength": 1, + "maxLength": 128 + }, + "Status": { + "description": "Specifies the status of the account request resource.", + "type": "string", + "enum": [ + "Authorised", + "AwaitingAuthorisation", + "Rejected", + "Revoked" + ] + }, + "CreationDateTime": { + "description": "Date and time at which the resource was created.", + "type": "string", + "format": "date-time" + }, + "Permissions": { + "description": "Specifies the Open Banking account request types. This is a list of the data clusters being consented by the PSU, and requested for authorisation with the ASPSP.", + "type": "array", + "items": { + "description": "Specifies the Open Banking account request types. This is a list of the data clusters being consented by the PSU, and requested for authorisation with the ASPSP.", + "type": "string", + "enum": [ + "ReadAccountsBasic", + "ReadAccountsDetail", + "ReadBalances", + "ReadBeneficiariesBasic", + "ReadBeneficiariesDetail", + "ReadDirectDebits", + "ReadProducts", + "ReadStandingOrdersBasic", + "ReadStandingOrdersDetail", + "ReadTransactionsBasic", + "ReadTransactionsCredits", + "ReadTransactionsDebits", + "ReadTransactionsDetail" + ] + }, + "minProperties": 1, + "additionalProperties": false + }, + "ExpirationDateTime": { + "description": "Specified date and time the permissions will expire. If this is not populated, the permissions will be open ended.", + "type": "string", + "format": "date-time" + }, + "TransactionFromDateTime": { + "description": "Specified start date and time for the transaction query period. If this is not populated, the start date will be open ended, and data will be returned from the earliest available transaction.", + "type": "string", + "format": "date-time" + }, + "TransactionToDateTime": { + "description": "Specified end date and time for the transaction query period. If this is not populated, the end date will be open ended, and data will be returned to the latest available transaction.", + "type": "string", + "format": "date-time" + } + }, + "additionalProperties": false, + "required": [ + "AccountRequestId", + "CreationDateTime", + "Permissions" + ] + }, + "Risk": { + "title": "Risk", + "type": "object", + "description": "The Risk payload is sent by the initiating party to the ASPSP. It is used to specify additional details for risk scoring for Account Info.", + "properties": {}, + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": [ + "Data", + "Risk" + ] + }, + "AccountInfo": + { + "title": "Account GET response", + "type": "object", + "properties": { + "Data": { + "title": "Account", + "type": "array", + "items": { + "type": "object", + "title": "Account", + "description": "Account", + "properties": { + "AccountId": { + "description": "A unique and immutable identifier used to identify the account resource. This identifier has no meaning to the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "Currency": { + "description": "Identification of the currency in which the account is held. Usage: Currency should only be used in case one and the same account number covers several currencies and the initiating party needs to identify which currency needs to be used for settlement on the account.", + "type": "string", + "pattern": "^[A-Z]{3}$" + }, + "Nickname": { + "description": "The nickname of the account, assigned by the account owner in order to provide an additional means of identification of the account.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "Account": { + "description": "Provides the details to identify an account.", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "type": "string", + "enum": [ + "BBAN", + "IBAN" + ] + }, + "Identification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + }, + "Name": { + "description": "Name of the account, as assigned by the account servicing institution, in agreement with the account owner in order to provide an additional means of identification of the account. Usage: The account name is different from the account owner name. The account name is used in certain user communities to provide a means of identifying the account, in addition to the account owner's identity and the account number.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "SecondaryIdentification": { + "description": "This is secondary identification of the account, as assigned by the account servicing institution. This can be used by building societies to additionally identify accounts with a roll number (in addition to a sort code and account number combination).", + "type": "string", + "minLength": 1, + "maxLength": 34 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "Servicer": { + "description": "Party that manages the account on behalf of the account owner, that is manages the registration and booking of entries on the account, calculates balances on the account and provides information about the account.", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "type": "string", + "enum": [ + "BICFI", + "UKSortCode" + ] + }, + "Identification": { + "description": "Unique and unambiguous identification of the servicing institution.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": [ + "AccountId", + "Currency" + ] + } + }, + "Links": { + "title": "Links", + "type": "object", + "description": "Links relevant to the payload", + "properties": { + "self": { + "type": "string", + "format": "uri" + }, + "first": { + "type": "string", + "format": "uri" + }, + "prev": { + "type": "string", + "format": "uri" + }, + "next": { + "type": "string", + "format": "uri" + }, + "last": { + "type": "string", + "format": "uri" + } + }, + "additionalProperties": false, + "required": [ + "self" + ] + }, + "Meta": { + "title": "Meta Data", + "type": "object", + "description": "Meta Data relevant to the payload", + "properties": { + "total-pages": { + "type": "integer", + "format": "int32" + } + }, + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": [ + "Data", + "Links", + "Meta" + ] + }, + "AccountTransactions" : + { + "title": "Account Transactions GET response", + "type": "object", + "properties": { + "Data": { + "title": "Transaction", + "description": "Data Section of the Payload", + "type": "array", + "items": { + "type": "object", + "properties": { + "AccountId": { + "description": "A unique and immutable identifier used to identify the account resource. This identifier has no meaning to the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "TransactionId": { + "description": "Unique identifier for the transaction within an servicing institution. This identifier is both unique and immutable.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "TransactionReference": { + "description": "Unique reference for the transaction. This reference is optionally populated, and may as an example be the FPID in the Faster Payments context.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "Amount": { + "description": "Amount of money in the cash entry.", + "type": "object", + "properties": { + "Amount": { + "type": "string", + "pattern": "^-?\\d{1,13}\\.\\d{1,5}$" + }, + "Currency": { + "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 'Codes for the representation of currencies and funds'", + "type": "string", + "pattern": "^[A-Z]{3}$" + } + }, + "required": [ + "Amount", + "Currency" + ], + "additionalProperties": false + }, + "CreditDebitIndicator": { + "description": "Indicates whether the transaction is a credit or a debit entry.", + "type": "string", + "enum": [ + "Credit", + "Debit" + ] + }, + "Status": { + "description": "Status of a transaction entry on the books of the account servicer.", + "type": "string", + "enum": [ + "Booked", + "Pending" + ] + }, + "BookingDateTime": { + "description": "Date and time when a transaction entry is posted to an account on the account servicer's books. Usage: Booking date is the expected booking date, unless the status is booked, in which case it is the actual booking date.", + "type": "string", + "format": "date-time" + }, + "ValueDateTime": { + "description": "Date and time at which assets become available to the account owner in case of a credit entry, or cease to be available to the account owner in case of a debit entry. Usage: If entry status is pending and value date is present, then the value date refers to an expected/requested value date. For entries subject to availability/float and for which availability information is provided, the value date must not be used. In this case the availability component identifies the number of availability days.", + "type": "string", + "format": "date-time" + }, + "TransactionInformation": { + "description": "Further details of the transaction. This is the transaction narrative, which is unstructured text.", + "type": "string", + "minLength": 1, + "maxLength": 500 + }, + "AddressLine": { + "description": "Information that locates and identifies a specific address, as defined by postal services, that is presented in free format text.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "BankTransactionCode": { + "description": "Set of elements used to fully identify the type of underlying transaction resulting in an entry.", + "type": "object", + "properties": { + "Code": { + "description": "Specifies the family within a domain.", + "type": "string" + }, + "SubCode": { + "description": "Specifies the sub-product family within a specific family.", + "type": "string" + } + }, + "required": [ + "Code", + "SubCode" + ], + "additionalProperties": false + }, + "ProprietaryBankTransactionCode": { + "description": "Set of elements to fully identify a proprietary bank transaction code.", + "type": "object", + "properties": { + "Code": { + "description": "Proprietary bank transaction code to identify the underlying transaction.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "Issuer": { + "description": "Identification of the issuer of the proprietary bank transaction code.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "required": [ + "Code" + ], + "additionalProperties": false + }, + "Balance": { + "description": "Set of elements used to define the balance as a numerical representation of the net increases and decreases in an account after a transaction entry is applied to the account.", + "type": "object", + "properties": { + "Amount": { + "description": "Amount of money of the cash balance after a transaction entry is applied to the account..", + "type": "object", + "properties": { + "Amount": { + "type": "string", + "pattern": "^-?\\d{1,13}\\.\\d{1,5}$" + }, + "Currency": { + "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 'Codes for the representation of currencies and funds'", + "type": "string", + "pattern": "^[A-Z]{3}$" + } + }, + "required": [ + "Amount", + "Currency" + ], + "additionalProperties": false + }, + "CreditDebitIndicator": { + "description": "Indicates whether the balance is a credit or a debit balance. Usage: A zero balance is considered to be a credit balance.", + "type": "string", + "enum": [ + "Credit", + "Debit" + ] + }, + "Type": { + "description": "Balance type, in a coded form.", + "type": "string", + "enum": [ + "ClosingAvailable", + "ClosingBooked", + "Expected", + "ForwardAvailable", + "Information", + "InterimAvailable", + "InterimBooked", + "OpeningAvailable", + "OpeningBooked", + "PreviouslyClosedBooked" + ] + } + }, + "additionalProperties": false, + "required": [ + "Amount", + "CreditDebitIndicator", + "Type" + ] + }, + "MerchantDetails": { + "description": "Details of the merchant involved in the transaction.", + "type": "object", + "properties": { + "MerchantName": { + "description": "Name by which the merchant is known.", + "type": "string", + "minLength": 1, + "maxLength": 350 + }, + "MerchantCategoryCode": { + "description": "Category code conform to ISO 18245, related to the type of services or goods the merchant provides for the transaction.", + "type": "string", + "minLength": 3, + "maxLength": 4 + } + }, + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": [ + "AccountId", + "Amount", + "CreditDebitIndicator", + "Status", + "BookingDateTime" + ] + } + }, + "Links": { + "title": "Links", + "type": "object", + "description": "Links relevant to the payload", + "properties": { + "self": { + "type": "string", + "format": "uri" + }, + "first": { + "type": "string", + "format": "uri" + }, + "prev": { + "type": "string", + "format": "uri" + }, + "next": { + "type": "string", + "format": "uri" + }, + "last": { + "type": "string", + "format": "uri" + } + }, + "additionalProperties": false, + "required": [ + "self" + ] + }, + "Meta": { + "title": "Meta", + "type": "object", + "description": "Meta Data relevant to the payload", + "properties": { + "total-pages": { + "type": "integer", + "format": "int32" + } + }, + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": [ + "Data", + "Links", + "Meta" + ] + }, + "AccountBeneficiaries" : + { + "title": "Beneficiaries GET response", + "type": "object", + "properties": { + "Data": { + "title": "Beneficiary", + "type": "array", + "items": { + "type": "object", + "title": "Beneficiary", + "description": "Beneficiary", + "properties": { + "AccountId": { + "description": "A unique and immutable identifier used to identify the account resource. This identifier has no meaning to the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "BeneficiaryId": { + "description": "A unique and immutable identifier used to identify the beneficiary resource. This identifier has no meaning to the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "Reference": { + "description": "Unique reference, as assigned by the creditor, to unambiguously refer to the payment transaction. Usage: If available, the initiating party should provide this reference in the structured remittance information, to enable reconciliation by the creditor upon receipt of the amount of money. If the business context requires the use of a creditor reference or a payment remit identification, and only one identifier can be passed through the end-to-end chain, the creditor's reference or payment remittance identification should be quoted in the end-to-end transaction identification.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "Servicer": { + "description": "Party that manages the account on behalf of the account owner, that is manages the registration and booking of entries on the account, calculates balances on the account and provides information about the account. This is the servicer of the beneficiary account.", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "type": "string", + "enum": [ + "BICFI", + "UKSortCode" + ] + }, + "Identification": { + "description": "Unique and unambiguous identification of the servicing institution.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "CreditorAccount": { + "description": "Provides the details to identify the beneficiary account.", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "type": "string", + "enum": [ + "BBAN", + "IBAN" + ] + }, + "Identification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + }, + "Name": { + "description": "Name of the account, as assigned by the account servicing institution, in agreement with the account owner in order to provide an additional means of identification of the account. Usage: The account name is different from the account owner name. The account name is used in certain user communities to provide a means of identifying the account, in addition to the account owner's identity and the account number.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "SecondaryIdentification": { + "description": "This is secondary identification of the account, as assigned by the account servicing institution. This can be used by building societies to additionally identify accounts with a roll number (in addition to a sort code and account number combination).", + "type": "string", + "minLength": 1, + "maxLength": 34 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + } + }, + "additionalProperties": false + } + }, + "Links": { + "title": "Links", + "type": "object", + "description": "Links relevant to the payload", + "properties": { + "self": { + "type": "string", + "format": "uri" + }, + "first": { + "type": "string", + "format": "uri" + }, + "prev": { + "type": "string", + "format": "uri" + }, + "next": { + "type": "string", + "format": "uri" + }, + "last": { + "type": "string", + "format": "uri" + } + }, + "additionalProperties": false, + "required": [ + "self" + ] + }, + "Meta": { + "title": "Meta Data", + "type": "object", + "description": "Meta Data relevant to the payload", + "properties": { + "total-pages": { + "type": "integer", + "format": "int32" + } + }, + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": [ + "Data", + "Links", + "Meta" + ] + }, + "AccountBalance": + { + "title": "Balances GET response", + "type": "object", + "properties": { + "Data": { + "title": "Balance", + "type": "array", + "items": { + "type": "object", + "title": "Balance", + "description": "Balance", + "properties": { + "AccountId": { + "description": "A unique and immutable identifier used to identify the account resource. This identifier has no meaning to the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "Amount": { + "description": "Amount of money of the cash balance.", + "type": "object", + "properties": { + "Amount": { + "type": "string", + "pattern": "^-?\\d{1,13}\\.\\d{1,5}$" + }, + "Currency": { + "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 'Codes for the representation of currencies and funds'", + "type": "string", + "pattern": "^[A-Z]{3}$" + } + }, + "required": [ + "Amount", + "Currency" + ], + "additionalProperties": false + }, + "CreditDebitIndicator": { + "description": "Indicates whether the balance is a credit or a debit balance. Usage: A zero balance is considered to be a credit balance.", + "type": "string", + "enum": [ + "Credit", + "Debit" + ] + }, + "Type": { + "description": "Balance type, in a coded form.", + "type": "string", + "enum": [ + "ClosingAvailable", + "ClosingBooked", + "Expected", + "ForwardAvailable", + "Information", + "InterimAvailable", + "InterimBooked", + "OpeningAvailable", + "OpeningBooked", + "PreviouslyClosedBooked" + ] + }, + "DateTime": { + "description": "Indicates the date (and time) of the balance.", + "type": "string", + "format": "date-time" + }, + "CreditLine": { + "type": "object", + "properties": { + "Included": { + "description": "Indicates whether or not the credit line is included in the balance of the account. Usage: If not present, credit line is not included in the balance amount of the account.", + "type": "boolean" + }, + "Amount": { + "description": "Active Or Historic Currency Code and Amount", + "type": "object", + "properties": { + "Amount": { + "type": "string", + "pattern": "^-?\\d{1,13}\\.\\d{1,5}$" + }, + "Currency": { + "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 'Codes for the representation of currencies and funds'", + "type": "string", + "pattern": "^[A-Z]{3}$" + } + }, + "required": [ + "Amount", + "Currency" + ], + "additionalProperties": false + }, + "Type": { + "description": "Limit type, in a coded form.", + "type": "string", + "enum": [ + "Pre-Agreed", + "Emergency", + "Temporary" + ] + } + }, + "additionalProperties": false, + "required": [ + "Included" + ] + } + }, + "additionalProperties": false, + "required": [ + "AccountId", + "Amount", + "CreditDebitIndicator", + "DateTime", + "Type" + ] + }, + "minItems": 1 + }, + "Links": { + "title": "Links", + "type": "object", + "description": "Links relevant to the payload", + "properties": { + "self": { + "type": "string", + "format": "uri" + }, + "first": { + "type": "string", + "format": "uri" + }, + "prev": { + "type": "string", + "format": "uri" + }, + "next": { + "type": "string", + "format": "uri" + }, + "last": { + "type": "string", + "format": "uri" + } + }, + "additionalProperties": false, + "required": [ + "self" + ] + }, + "Meta": { + "title": "Meta Data", + "type": "object", + "description": "Meta Data relevant to the payload", + "properties": { + "total-pages": { + "type": "integer", + "format": "int32" + } + }, + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": [ + "Data", + "Links", + "Meta" + ] + }, + "AccountDirectDebits": + {"title": "Account GET response", + "type": "object", + "properties": { + "Data": { + "title": "DirectDebit", + "type": "array", + "items": { + "type": "object", + "title": "Direct Debit", + "description": "Direct Debit", + "properties": { + "AccountId": { + "description": "A unique and immutable identifier used to identify the account resource. This identifier has no meaning to the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "DirectDebitId": { + "description": "A unique and immutable identifier used to identify the direct debit resource. This identifier has no meaning to the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "MandateIdentification": { + "description": "Direct Debit reference. For AUDDIS service users provide Core Reference. For non AUDDIS service users provide Core reference if possible or last used reference.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "DirectDebitStatusCode": { + "description": "Specifies the status of the direct debit in code form.", + "type": "string", + "enum": [ + "Active", + "Inactive" + ] + }, + "Name": { + "description": "Name of Service User", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "PreviousPaymentDateTime": { + "description": "Date of most recent direct debit collection.", + "type": "string", + "format": "date-time" + }, + "PreviousPaymentAmount": { + "description": "The amount of the most recent direct debit collection.", + "type": "object", + "properties": { + "Amount": { + "type": "string", + "pattern": "^-?\\d{1,13}\\.\\d{1,5}$" + }, + "Currency": { + "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 'Codes for the representation of currencies and funds'", + "type": "string", + "pattern": "^[A-Z]{3}$" + } + }, + "required": [ + "Amount", + "Currency" + ], + "additionalProperties": false + } + }, + "required": [ + "AccountId", + "MandateIdentification", + "Name" + ], + "additionalProperties": false + } + }, + "Links": { + "title": "Links", + "type": "object", + "description": "Links relevant to the payload", + "properties": { + "self": { + "type": "string", + "format": "uri" + }, + "first": { + "type": "string", + "format": "uri" + }, + "prev": { + "type": "string", + "format": "uri" + }, + "next": { + "type": "string", + "format": "uri" + }, + "last": { + "type": "string", + "format": "uri" + } + }, + "additionalProperties": false, + "required": [ + "self" + ] + }, + "Meta": { + "title": "Meta Data", + "type": "object", + "description": "Meta Data relevant to the payload", + "properties": { + "total-pages": { + "type": "integer", + "format": "int32" + } + }, + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": [ + "Data", + "Links", + "Meta" + ] + }, + "AccountStandingOrders" : + { + "title": "Standing Orders GET response", + "type": "object", + "properties": { + "Data": { + "title": "StandingOrder", + "type": "array", + "items": { + "type": "object", + "title": "Standing Order", + "description": "Standing Order", + "properties": { + "AccountId": { + "description": "The date on which the first payment for a Standing Order schedule will be made.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "StandingOrderId": { + "description": "A unique and immutable identifier used to identify the standing order resource. This identifier has no meaning to the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "Frequency": { + "description": "EvryWorkgDay - PSC070 IntrvlWkDay:PSC110:PSC080 (PSC070 code + PSC110 + PSC080) WkInMnthDay:PSC100:PSC080 (PSC070 code + PSC100 + PSC080) IntrvlMnthDay:PSC120:PSC090 (PSC070 code + PSC120 + PSC090) QtrDay: + either (ENGLISH, SCOTTISH or RECEIVED) PSC070 + PSC130 The following response codes may be generated by this data element: PSC070: T221 - Schedule code must be a valid enumeration value. PSC070: T245 - Must be provided for standing order only. PSC080: T222 - Day in week must be within defined bounds (range 1 to 5). PSC080: T229 - Must be present if Schedule Code = IntrvlWkDay. PSC080: T231 - Must be present if Schedule Code = WkInMnthDay. PSC090: T223 - Day in month must be within defined bounds (range -5 to 31 excluding: 0 & 00). PSC090: T233 - Must be present if Schedule Code = IntrvlMnthDay. PSC100: T224 - Week in month must be within defined bounds (range 1 to 5). PSC100: T232 - Must be present if Schedule Code = WkInMnthDay. PSC110: T225 - Interval in weeks must be within defined bounds (range 1 to 9). PSC110: T230 - Must be present if Schedule Code = IntrvlWkDay. PSC120: T226 - Interval in months must be a valid enumeration value (range 1 to 6, 12 and 24). PSC120: T234 - Must be present if Schedule Code = IntrvlMnthDay. PSC130: T227 - Quarter Day must be a valid enumeration value. PSC130: T235 - Must be present if Schedule Code = QtrDay. The regular expression for this element combines five smaller versions for each permitted pattern. To aid legibility - the components are presented individually here: EvryWorkgDay IntrvlWkDay:0[1-9]:0[1-5] WkInMnthDay:0[1-5]:0[1-5] IntrvlMnthDay:(0[1-6]|12|24):(-0[1-5]|0[1-9]|[12][0-9]|3[01]) QtrDay:(ENGLISH|SCOTTISH|RECEIVED) Mandatory/Conditional/Optional/Parent/Leaf: OL Type: 35 char string Regular Expression(s): (EvryWorkgDay)|(IntrvlWkDay:0[1-9]:0[1-5])|(WkInMnthDay:0[1-5]:0[1-5])|(IntrvlMnthDay:(0[1- 6]|12|24):(-0[1-5]|0[1-9]|[12][0-9]|3[01]))|(QtrDay:(ENGLISH|SCOTTISH|RECEIVED))", + "type": "string", + "pattern": "^((EvryWorkgDay)|(IntrvlWkDay:0[1-9]:0[1-5])|(WkInMnthDay:0[1-5]:0[1-5])|(IntrvlMnthDay:(0[1-6]|12|24):(-0[1-5]|0[1-9]|[12][0-9]|3[01]))|(QtrDay:(ENGLISH|SCOTTISH|RECEIVED)))$" + }, + "Reference": { + "description": "Unique reference, as assigned by the creditor, to unambiguously refer to the payment transaction. Usage: If available, the initiating party should provide this reference in the structured remittance information, to enable reconciliation by the creditor upon receipt of the amount of money. If the business context requires the use of a creditor reference or a payment remit identification, and only one identifier can be passed through the end-to-end chain, the creditor's reference or payment remittance identification should be quoted in the end-to-end transaction identification.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "FirstPaymentDateTime": { + "description": "The date on which the first payment for a Standing Order schedule will be made.", + "type": "string", + "format": "date-time" + }, + "FirstPaymentAmount": { + "description": "The amount of the first Standing Order", + "type": "object", + "properties": { + "Amount": { + "type": "string", + "pattern": "^-?\\d{1,13}\\.\\d{1,5}$" + }, + "Currency": { + "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 'Codes for the representation of currencies and funds'", + "type": "string", + "pattern": "^[A-Z]{3}$" + } + }, + "required": [ + "Amount", + "Currency" + ], + "additionalProperties": false + }, + "NextPaymentDateTime": { + "description": "The date on which the next payment for a Standing Order schedule will be made.", + "type": "string", + "format": "date-time" + }, + "NextPaymentAmount": { + "description": "The amount of the next Standing Order", + "type": "object", + "properties": { + "Amount": { + "type": "string", + "pattern": "^-?\\d{1,13}\\.\\d{1,5}$" + }, + "Currency": { + "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 'Codes for the representation of currencies and funds'", + "type": "string", + "pattern": "^[A-Z]{3}$" + } + }, + "required": [ + "Amount", + "Currency" + ], + "additionalProperties": false + }, + "FinalPaymentDateTime": { + "description": "The date on which the final payment for a Standing Order schedule will be made.", + "type": "string", + "format": "date-time" + }, + "FinalPaymentAmount": { + "description": "The amount of the final Standing Order", + "type": "object", + "properties": { + "Amount": { + "type": "string", + "pattern": "^-?\\d{1,13}\\.\\d{1,5}$" + }, + "Currency": { + "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 'Codes for the representation of currencies and funds'", + "type": "string", + "pattern": "^[A-Z]{3}$" + } + }, + "required": [ + "Amount", + "Currency" + ], + "additionalProperties": false + }, + "Servicer": { + "description": "Party that manages the account on behalf of the account owner, that is manages the registration and booking of entries on the account, calculates balances on the account and provides information about the account. This is the servicer of the beneficiary account", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "type": "string", + "enum": [ + "BICFI", + "UKSortCode" + ] + }, + "Identification": { + "description": "Unique and unambiguous identification of the servicing institution.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "CreditorAccount": { + "description": "Provides the details to identify the beneficiary account.", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "type": "string", + "enum": [ + "BBAN", + "IBAN" + ] + }, + "Identification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + }, + "Name": { + "description": "Name of the account, as assigned by the account servicing institution, in agreement with the account owner in order to provide an additional means of identification of the account. Usage: The account name is different from the account owner name. The account name is used in certain user communities to provide a means of identifying the account, in addition to the account owner's identity and the account number.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "SecondaryIdentification": { + "description": "This is secondary identification of the account, as assigned by the account servicing institution. This can be used by building societies to additionally identify accounts with a roll number (in addition to a sort code and account number combination).", + "type": "string", + "minLength": 1, + "maxLength": 34 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + } + }, + "required": [ + "AccountId", + "Frequency", + "NextPaymentDateTime", + "NextPaymentAmount" + ], + "additionalProperties": false + } + }, + "Links": { + "title": "Links", + "type": "object", + "description": "Links relevant to the payload", + "properties": { + "self": { + "type": "string", + "format": "uri" + }, + "first": { + "type": "string", + "format": "uri" + }, + "prev": { + "type": "string", + "format": "uri" + }, + "next": { + "type": "string", + "format": "uri" + }, + "last": { + "type": "string", + "format": "uri" + } + }, + "additionalProperties": false, + "required": [ + "self" + ] + }, + "Meta": { + "title": "Meta Data", + "type": "object", + "description": "Meta Data relevant to the payload", + "properties": { + "total-pages": { + "type": "integer", + "format": "int32" + } + }, + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": [ + "Data", + "Links", + "Meta" + ] + }, + "AccountProduct" : + { + "title": "Product GET response", + "type": "object", + "properties": { + "Data": { + "title": "Product", + "type": "array", + "items": { + "type": "object", + "title": "Product", + "description": "Product", + "properties": { + "AccountId": { + "description": "A unique and immutable identifier used to identify the account resource. This identifier has no meaning to the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "ProductIdentifier": { + "description": "Identifier within the parent organisation for the product. Must be unique in the organisation.", + "type": "string" + }, + "ProductType": { + "description": "Descriptive code for the product category.", + "type": "string", + "enum": [ + "BCA", + "PCA" + ] + }, + "ProductName": { + "description": "The name of the product used for marketing purposes from a customer perspective. I.e. what the customer would recognise.", + "type": "string" + }, + "SecondaryProductIdentifier": { + "description": "Identifier within the parent organisation for the product. Must be unique in the organisation.", + "type": "string" + } + }, + "additionalProperties": false, + "required": [ + "AccountId", + "ProductIdentifier", + "ProductType" + ] + } + }, + "Links": { + "title": "Links", + "type": "object", + "description": "Links relevant to the payload", + "properties": { + "self": { + "type": "string", + "format": "uri" + }, + "first": { + "type": "string", + "format": "uri" + }, + "prev": { + "type": "string", + "format": "uri" + }, + "next": { + "type": "string", + "format": "uri" + }, + "last": { + "type": "string", + "format": "uri" + } + }, + "additionalProperties": false, + "required": [ + "self" + ] + }, + "Meta": { + "title": "Meta Data", + "type": "object", + "description": "Meta Data relevant to the payload", + "properties": { + "total-pages": { + "type": "integer", + "format": "int32" + } + }, + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": [ + "Data", + "Links", + "Meta" + ] + }, + "AccountRequest" : + { + "title": "Account Request POST request", + "description": "Allows setup of an account access request", + "type": "object", + "properties": { + "Data": { + "title": "Data", + "description": "Allows setup of an account access request", + "type": "object", + "properties": { + "Permissions": { + "description": "Specifies the Open Banking account request types. This is a list of the data clusters being consented by the PSU, and requested for authorisation with the ASPSP.", + "type": "array", + "items": { + "description": "Specifies the Open Banking account request types. This is a list of the data clusters being consented by the PSU, and requested for authorisation with the ASPSP.", + "type": "string", + "enum": [ + "ReadAccountsBasic", + "ReadAccountsDetail", + "ReadBalances", + "ReadBeneficiariesBasic", + "ReadBeneficiariesDetail", + "ReadDirectDebits", + "ReadProducts", + "ReadStandingOrdersBasic", + "ReadStandingOrdersDetail", + "ReadTransactionsBasic", + "ReadTransactionsCredits", + "ReadTransactionsDebits", + "ReadTransactionsDetail" + ] + }, + "minProperties": 1, + "additionalProperties": false + }, + "ExpirationDateTime": { + "description": "Specified date and time the permissions will expire. If this is not populated, the permissions will be open ended.", + "type": "string", + "format": "date-time" + }, + "TransactionFromDateTime": { + "description": "Specified start date and time for the transaction query period. If this is not populated, the start date will be open ended, and data will be returned from the earliest available transaction.", + "type": "string", + "format": "date-time" + }, + "TransactionToDateTime": { + "description": "Specified end date and time for the transaction query period. If this is not populated, the end date will be open ended, and data will be returned to the latest available transaction.", + "type": "string", + "format": "date-time" + } + }, + "additionalProperties": false, + "required": [ + "Permissions" + ] + }, + "Risk": { + "title": "Risk", + "type": "object", + "description": "The Risk payload is sent by the initiating party to the ASPSP. It is used to specify additional details for risk scoring for Account Info.", + "properties": {}, + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": [ + "Data", + "Risk" + ] + } + } +} \ No newline at end of file diff --git a/src/devportal/all/modules/custom/openbank_swagger/swaggers/authv2.json b/openapi/oauthv1-0.json similarity index 64% rename from src/devportal/all/modules/custom/openbank_swagger/swaggers/authv2.json rename to openapi/oauthv1-0.json index 84718650..4e6b63f4 100644 --- a/src/devportal/all/modules/custom/openbank_swagger/swaggers/authv2.json +++ b/openapi/oauthv1-0.json @@ -9,7 +9,7 @@ "title": "Generate Access Token", "version": "0.0.1" }, - "basePath": "/apis/v2/oauth", + "basePath": "/apis/v1.0/oauth", "paths": { "/authorize": { "get": { @@ -28,37 +28,46 @@ } }, "security": [], - "parameters": [ - { + "parameters": [{ "in": "query", "name": "client_id", - "description": "Client ID of the registered App.", + "description": "TPPs MUST provide this value and set it to the client id issued to them.", "type": "string", + "default": "zPq1BGV4OlLV7hJR1DsbfTI1t3orbDmD", "required": true }, { "in": "query", "name": "redirect_uri", - "description": "Redirect URI defined with your registered App.", + "description": "Redirect URI defined with your registered App. This MUST be a valid, absolute URL that was registered during Client Registration.", + "type": "string", + "default" : "http://localhost/", + "required": true + }, + { + "in": "query", + "name": "nonce", + "description": "A nonce value", "type": "string", "required": true }, { "in": "query", "name": "response_type", - "description": "The value must be one of 'code' for requesting an authorization code or 'token' for requesting an access token (implicit grant). The redirect url is passed with query params state and code.", + "description": "OAuth 2.0 requires that this parameter is provided. Value is set to ‘code id_token’ or ‘code’. The values for these parameters MUST match those in the Request Object, if present.", "type": "string", "required": true, "enum": [ + "code id_token", + "code", "token", - "code" - ], - "default": "token" + "token id_token" + ] }, { "in": "query", "name": "state", - "description": "Unique id to maintain state between asynchronous requests.", + "description": "TPPs MAY provide a state parameter. An Unique id to maintain state between asynchronous requests at the Client.", "type": "string", "required": true, "default": "af0ifjsldkj" @@ -66,31 +75,19 @@ { "in": "query", "name": "scope", - "description": "Scope of the access token requested.", + "description": "The scopes MUST be a sub-set of the scopes that were registered during Client Registration. At a minimum the scope parameter MUST contain openid. Other valid scopes are: accounts, payments", "type": "string", "required": true, "enum": [ - "accounts", - "payments", + "openid accounts", + "openid payments", "openid" ] }, { "in": "query", - "name": "acr_values", - "description": "Determines the level of security for authentication. A value of 2 will require only Customer Id and Password. A value of 3 will request for OTP.", - "type": "string", - "required": true, - "enum": [ - "2", - "3" - ], - "default": "2" - }, - { - "in": "query", - "name": "request_id", - "description": "Request Id for which Authorization Flow need to be executed", + "name": "request", + "description": "The parameter MUST contain a JWS that is signed by the TPP. The JWS payload MUST consist of a JSON object containing a request object as per OIDC Core 6.1.

The request object MUST contain a claims section that includes as a minimum

  • openbanking_intent_id that identifies the intent id for which this authorisation is requested", "type": "string", "required": true @@ -118,19 +115,20 @@ } }, "security": [], - "parameters": [ - { + "parameters": [{ "in": "formData", "name": "client_id", - "description": "Client ID of the registered App.", + "description": "Client ID of the registered App - for non-authenticated requests and Optional for client-assertion requests", "type": "string", - "required": true + "default": "zPq1BGV4OlLV7hJR1DsbfTI1t3orbDmD", + "required": false }, { "in": "formData", "name": "redirect_uri", "description": "Redirect URI defined with your registered App. This is verified against the redirect uri that is registered when the App is created. If found to be different this call fails to return the access token.", "type": "string", + "default" : "http://localhost/", "required": true }, { @@ -142,8 +140,7 @@ "enum": [ "client_credentials", "authorization_code" - ], - "default": "authorization_code" + ] }, { "in": "formData", @@ -157,8 +154,36 @@ "name": "Authorization", "description": "Base 64 encoded string with client_id:client_secret.", "type": "string", - "required": true - }] + "required": false + }, + { + "in": "formData", + "name": "scope", + "description": "The scopes is used for grant_type 'client_credentials'", + "type": "string", + "enum": [ + "accounts", + "payments" + ] + }, + { + "in": "formData", + "name": "client_assertion_type", + "description": "Required for client_assertion based authentication. The value MUST be 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer'", + "type": "string", + "required": false, + "enum": [ + "urn:ietf:params:oauth:client-assertion-type:jwt-bearer" + ] + }, + { + "in": "formData", + "name": "client_assertion", + "description": "Authentication JWT token containing clientId as iss and signed using the private key of the TPP", + "type": "string", + "required": false + } + ] } } }, diff --git a/openapi/paymentv1-0.json b/openapi/paymentv1-0.json new file mode 100644 index 00000000..69495141 --- /dev/null +++ b/openapi/paymentv1-0.json @@ -0,0 +1,1666 @@ +{ + "swagger": "2.0", + "host": "testdemorrai-test.apigee.net", + "info": { + "title": "Payment Initiation API Specification", + "description": "Swagger for Payment Initiation API Specification", + "termsOfService": "https://www.openbanking.org.uk/terms", + "contact": { + "name": "Service Desk", + "email": "ServiceDesk@openbanking.org.uk" + }, + "license": { + "name": "open-licence", + "url": "https://www.openbanking.org.uk/open-licence" + }, + "version": "v1.1.0" + }, + "basePath": "/pis/open-banking/v1.0", + "schemes": [ + "https" + ], + "produces": [ + "application/json; charset=utf-8" + ], + "paths": { + "/payments": { + "post": { + "tags": [ + "Payments" + ], + "summary": "Create a single immediate payment", + "description": "Create a single immediate payment", + "operationId": "CreateSingleImmediatePayment", + "consumes": [ + "application/json; charset=utf-8" + ], + "produces": [ + "application/json; charset=utf-8" + ], + "parameters": [ + { + "name": "x-idempotency-key", + "in": "header", + "description": "Every request will be processed only once per x-idempotency-key. The Idempotency Key will be valid for 24 hours.", + "required": true, + "type": "string", + "default" : "12345", + "pattern": "^(?!\\s)(.*)(\\S)$", + "maxLength": 40 + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP. \nAll dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below: \nSun, 10 Sep 2017 19:43:31 UTC", + "pattern": "^(Mon|Tue|Wed|Thu|Fri|Sat|Sun), \\d{2} (Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec) \\d{4} \\d{2}:\\d{2}:\\d{2} (GMT|UTC)$" + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "required": false, + "default" : "10.20.30.40", + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + }, + { + "in": "header", + "name": "x-jws-signature", + "type": "string", + "required": true, + "description": "Header containing a detached JWS signature of the body of the payload." + }, + { + "name": "body", + "in": "body", + "description": "Setup a single immediate payment", + "required": true, + "schema": { + "$ref": "#/definitions/PaymentRequest" + } + } + ], + "responses": { + "201": { + "description": "Payment setup resource successfully created", + "schema": { + + "$ref": "#/definitions/PaymentResponse" + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "405": { + "description": "Method Not Allowed" + }, + "406": { + "description": "Not Acceptable" + }, + "429": { + "description": "Too Many Requests", + "headers": { + "Retry-After": { + "description": "Number in seconds to wait", + "type": "integer" + } + } + } + } + } + }, + "/payments/{PaymentId}": { + "get": { + "tags": [ + "Payments" + ], + "summary": "Get a single immediate payment", + "description": "Get a single immediate payment", + "operationId": "GetSingleImmediatePayment", + "produces": [ + "application/json; charset=utf-8" + ], + "parameters": [ + { + "name": "PaymentId", + "in": "path", + "description": "Unique identification as assigned by the ASPSP to uniquely identify the payment setup resource.", + "required": true, + "type": "string" + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP. \nAll dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below: \nSun, 10 Sep 2017 19:43:31 UTC", + "pattern": "^(Mon|Tue|Wed|Thu|Fri|Sat|Sun), \\d{2} (Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec) \\d{4} \\d{2}:\\d{2}:\\d{2} (GMT|UTC)$" + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "required": false, + "default" : "10.20.30.40", + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Payment resource successfully retrieved", + "schema": { + + "$ref": "#/definitions/PaymentResponse" + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "405": { + "description": "Method Not Allowed" + }, + "406": { + "description": "Not Acceptable" + }, + "429": { + "description": "Too Many Requests", + "headers": { + "Retry-After": { + "description": "Number in seconds to wait", + "type": "integer" + } + } + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "payments" + ] + } + ] + } + }, + "/payment-submissions": { + "post": { + "tags": [ + "Payments" + ], + "summary": "Create a payment submission", + "description": "Submit a previously setup payment", + "operationId": "CreatePaymentSubmission", + "consumes": [ + "application/json; charset=utf-8" + ], + "produces": [ + "application/json; charset=utf-8" + ], + "parameters": [ + { + "name": "x-idempotency-key", + "in": "header", + "description": "Every request will be processed only once per x-idempotency-key. The Idempotency Key will be valid for 24 hours.", + "required": true, + "type": "string", + "default" : "12345", + "pattern": "^(?!\\s)(.*)(\\S)$", + "maxLength": 40 + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "default" : "123456", + "required": true, + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP. \nAll dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below: \nSun, 10 Sep 2017 19:43:31 UTC", + "pattern": "^(Mon|Tue|Wed|Thu|Fri|Sat|Sun), \\d{2} (Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec) \\d{4} \\d{2}:\\d{2}:\\d{2} (GMT|UTC)$" + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "required": false, + "default" : "10.20.30.40", + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + }, + { + "in": "header", + "name": "x-jws-signature", + "type": "string", + "required": true, + "description": "Header containing a detached JWS signature of the body of the payload." + }, + { + "name": "body", + "in": "body", + "description": "Setup a single immediate payment", + "required": true, + "schema": { + "$ref": "#/definitions/PaymentSubmissionRequest" + } + } + ], + "responses": { + "201": { + "description": "Payment submit resource successfully created", + "schema": { + + "$ref": "#/definitions/PaymentSubmissionResponse" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "405": { + "description": "Method Not Allowed" + }, + "406": { + "description": "Not Acceptable" + }, + "429": { + "description": "Too Many Requests", + "headers": { + "Retry-After": { + "description": "Number in seconds to wait", + "type": "integer" + } + } + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "payments", "openid" + ] + } + ] + } + }, + "/payment-submissions/{PaymentSubmissionId}": { + "get": { + "tags": [ + "Payments" + ], + "summary": "Get a payment submission", + "description": "Get payment submission", + "operationId": "GetPaymentSubmission", + "produces": [ + "application/json; charset=utf-8" + ], + "parameters": [ + { + "name": "PaymentSubmissionId", + "in": "path", + "description": "Unique identification as assigned by the ASPSP to uniquely identify the payment submission resource.", + "required": true, + "type": "string" + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "default":"123456", + "required": true, + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP. \nAll dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below: \nSun, 10 Sep 2017 19:43:31 UTC", + "pattern": "^(Mon|Tue|Wed|Thu|Fri|Sat|Sun), \\d{2} (Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec) \\d{4} \\d{2}:\\d{2}:\\d{2} (GMT|UTC)$" + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Payment resource successfully retrieved", + "schema": { + + "$ref": "#/definitions/PaymentSubmissionResponse" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "405": { + "description": "Method Not Allowed" + }, + "406": { + "description": "Not Acceptable" + }, + "429": { + "description": "Too Many Requests", + "headers": { + "Retry-After": { + "description": "Number in seconds to wait", + "type": "integer" + } + } + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "payments" + ] + } + ] + } + } + }, + "securityDefinitions": { + "PSUOAuth2Security": { + "type": "oauth2", + "flow": "accessCode", + "tokenUrl": "https://testdemorrai-test.apigee.net/apis/v1.0/oauth/token", + "authorizationUrl": "https://testdemorrai-test.apigee.net/apis/v1.0/oauth/authorize?response_type=code&client_id=WN6WqzK7iMrexdi7wGMGMx77eRVbYWKG&state=abcd1234&scope=openid payments&redirect_uri=https://api.enterprise.apigee.com/v1/o/testdemorrai/apimodels/payments-apis-v1-0/templateauths/PSUOAuth2Security/callback", + "scopes": { + "payments": "Generic payment scope", + "openid" : "openId" + }, + "description": "OAuth flow, it is required when the PSU needs to perform SCA with the ASPSP when a TPP wants to access an ASPSP resource owned by the PSU" + } + }, + "tags": [ + { + "name": "Payments", + "description": "Payments endpoints" + } + ], + "responses": { + "400ErrorResponse": { + "description": "Bad Request" + }, + "401ErrorResponse": { + "description": "Unauthorized" + }, + "403ErrorResponse": { + "description": "Forbidden" + }, + "405ErrorResponse": { + "description": "Method Not Allowed" + }, + "406ErrorResponse": { + "description": "Not Acceptable" + }, + "429ErrorResponse": { + "description": "Too Many Requests", + "headers": { + "Retry-After": { + "description": "Number in seconds to wait", + "type": "integer" + } + } + } + }, + "definitions": + { + "PaymentResponse": + { + "title": "Payment setup POST response", + "type": "object", + "properties": { + "Data": { + "description": "Reflection of The Main Data Payload, with Created Resource ID, Status and Timestamp", + "title": "PaymentSetupResponse", + "type": "object", + "properties": { + "PaymentId": { + "description": "OB: Unique identification as assigned by the ASPSP to uniquely identify the payment setup resource.", + "type": "string", + "minLength": 1, + "maxLength": 128 + }, + "Status": { + "description": "Specifies the status of the payment resource.", + "title": "PaymentStatusCode", + "type": "string", + "enum": [ + "AcceptedCustomerProfile", + "AcceptedTechnicalValidation", + "Pending", + "Rejected" + ] + }, + "CreationDateTime": { + "description": "Date and time at which the resource was created. \nAll dates in the JSON payloads are represented in ISO 8601 date-time format. \nAll date-time fields in responses must include the timezone. An example is below:\n2017-04-05T10:43:07+00:00", + "type": "string", + "format": "date-time" + }, + "Initiation": { + "description": "The Initiation payload is sent by the initiating party to the ASPSP. It is used to request movement of funds from the debtor account to a creditor.", + "type": "object", + "properties": { + "InstructionIdentification": { + "description": "Unique identification as assigned by an instructing party for an instructed party to unambiguously identify the instruction. Usage: the instruction identification is a point to point reference that can be used between the instructing party and the instructed party to refer to the individual instruction. It can be included in several messages related to the instruction.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "EndToEndIdentification": { + "description": "Unique identification assigned by the initiating party to unambiguously identify the transaction. This identification is passed on, unchanged, throughout the entire end-to-end chain. Usage: The end-to-end identification can be used for reconciliation or to link tasks relating to the transaction. It can be included in several messages related to the transaction. OB: The Faster Payments Scheme can only access 31 characters for the EndToEndIdentification field.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "InstructedAmount": { + "description": "Amount of money to be moved between the debtor and creditor, before deduction of charges, expressed in the currency as ordered by the initiating party. Usage: This amount has to be transported unchanged through the transaction chain.", + "type": "object", + "properties": { + "Amount": { + "type": "string", + "pattern": "^\\d{1,13}\\.\\d{1,5}$" + }, + "Currency": { + "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 - Codes for the representation of currencies and funds.", + "type": "string", + "pattern": "^[A-Z]{3,3}$" + } + }, + "required": [ + "Amount", + "Currency" + ], + "additionalProperties": false + }, + "DebtorAgent": { + "description": "Financial institution servicing an account for the debtor.", + "title": "DebtorAgent", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "BICFI" + ] + }, + "Identification": { + "description": "Unique and unambiguous identification of a person.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "DebtorAccount": { + "description": "Unambiguous identification of the account of the debtor to which a debit entry will be made as a result of the transaction.", + "title": "DebtorAccount", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "IBAN", + "SortCodeAccountNumber" + ] + }, + "Identification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + }, + "Name": { + "description": "Name of the account, as assigned by the account servicing institution, in agreement with the account owner in order to provide an additional means of identification of the account. Usage: The account name is different from the account owner name. The account name is used in certain user communities to provide a means of identifying the account, in addition to the account owner's identity and the account number.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "SecondaryIdentification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "CreditorAgent": { + "description": "Financial institution servicing an account for the creditor.", + "title": "CreditorAgent", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "BICFI" + ] + }, + "Identification": { + "description": "Unique and unambiguous identification of a person.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "CreditorAccount": { + "description": "Unambiguous identification of the account of the creditor to which a credit entry will be posted as a result of the payment transaction.", + "title": "CreditorAccount", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "IBAN", + "SortCodeAccountNumber" + ] + }, + "Identification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + }, + "Name": { + "description": "Name of the account, as assigned by the account servicing institution, in agreement with the account owner in order to provide an additional means of identification of the account. Usage: The account name is different from the account owner name. The account name is used in certain user communities to provide a means of identifying the account, in addition to the account owner's identity and the account number. ASPSPs may carry out name validation for Confirmation of Payee, but it is not mandatory.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "SecondaryIdentification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + } + }, + "required": [ + "SchemeName", + "Identification", + "Name" + ], + "additionalProperties": false + }, + "RemittanceInformation": { + "description": "Information supplied to enable the matching of an entry with the items that the transfer is intended to settle, such as commercial invoices in an accounts' receivable system.", + "title": "RemittanceInformation", + "type": "object", + "properties": { + "Unstructured": { + "description": "Information supplied to enable the matching/reconciliation of an entry with the items that the payment is intended to settle, such as commercial invoices in an accounts' receivable system, in an unstructured form.", + "type": "string", + "minLength": 1, + "maxLength": 140 + }, + "Reference": { + "description": "Unique reference, as assigned by the creditor, to unambiguously refer to the payment transaction. Usage: If available, the initiating party should provide this reference in the structured remittance information, to enable reconciliation by the creditor upon receipt of the amount of money. If the business context requires the use of a creditor reference or a payment remit identification, and only one identifier can be passed through the end-to-end chain, the creditor's reference or payment remittance identification should be quoted in the end-to-end transaction identification. OB: The Faster Payments Scheme can only accept 18 characters for the ReferenceInformation field - which is where this ISO field will be mapped.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "additionalProperties": false + } + }, + "required": [ + "InstructionIdentification", + "EndToEndIdentification", + "InstructedAmount", + "CreditorAccount" + ], + "additionalProperties": false + } + }, + "required": [ + "PaymentId", + "CreationDateTime", + "Initiation" + ], + "additionalProperties": false + }, + "Risk": { + "description": "Reflection of POSTed Risk profile ", + "title": "Risk", + "type": "object", + "properties": { + "PaymentContextCode": { + "description": "Specifies the payment context", + "title": "PaymentContextCode", + "type": "string", + "enum": [ + "BillPayment", + "EcommerceGoods", + "EcommerceServices", + "Other", + "PersonToPerson" + ] + }, + "MerchantCategoryCode": { + "description": "Category code conforms to ISO 18245, related to the type of services or goods the merchant provides for the transaction", + "type": "string", + "minLength": 3, + "maxLength": 4 + }, + "MerchantCustomerIdentification": { + "description": "The unique customer identifier of the PSU with the merchant.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "DeliveryAddress": { + "description": "Information that locates and identifies a specific address, as defined by postal services or in free format text.", + "type": "object", + "properties": { + "AddressLine": { + "description": "Information that locates and identifies a specific address, as defined by postal services, that is presented in free format text.", + "type": "array", + "items": { + "description": "maxLength 70 text", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "minItems": 0, + "maxItems": 2 + }, + "StreetName": { + "description": "Name of a street or thoroughfare", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "BuildingNumber": { + "description": "Number that identifies the position of a building on a street.", + "type": "string", + "minLength": 1, + "maxLength": 16 + }, + "PostCode": { + "description": "Identifier consisting of a group of letters and/or numbers that is added to a postal address to assist the sorting of mail", + "type": "string", + "minLength": 1, + "maxLength": 16 + }, + "TownName": { + "description": "Name of a built-up area, with defined boundaries, and a local government.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "CountrySubDivision": { + "description": "Identifies a subdivision of a country, for instance state, region, county.", + "type": "array", + "items": { + "description": "maxLength 35 text", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "minItems": 0, + "maxItems": 2 + }, + "Country": { + "description": "Nation with its own government, occupying a particular territory.", + "type": "string", + "pattern": "^[A-Z]{2,2}$" + } + }, + "required": [ + "TownName", + "Country" + ], + "additionalProperties": false + } + }, + "additionalProperties": false + }, + "Links": { + "type": "object", + "description": "Link URIs relevant to the payload", + "properties": { + "Self": { + "type": "string", + "format": "uri" + }, + "First": { + "type": "string", + "format": "uri" + }, + "Prev": { + "type": "string", + "format": "uri" + }, + "Next": { + "type": "string", + "format": "uri" + }, + "Last": { + "type": "string", + "format": "uri" + } + }, + "additionalProperties": false, + "required": [ + "Self" + ] + }, + "Meta": { + "type": "object", + "description": "Meta Data Relevant to the payload", + "properties": { + "TotalPages": { + "type": "integer", + "format": "int32" + } + }, + "additionalProperties": false + } + }, + "required": [ + "Data", + "Risk", + "Links", + "Meta" + ], + "additionalProperties": false + }, + "PaymentSubmissionResponse" : + { + "title": "Payment Submit POST 201 Response", + "type": "object", + "properties": { + "Data": { + "description": "Reflection of The Main Data Payload, with Created Resource ID, Status and Timestamp", + "title": "PaymentSetupResponse", + "type": "object", + "properties": { + "PaymentSubmissionId": { + "description": "OB: Unique identification as assigned by the ASPSP to uniquely identify the payment submission resource.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "PaymentId": { + "description": "OB: Unique identification as assigned by the ASPSP to uniquely identify the payment setup resource.", + "type": "string", + "minLength": 1, + "maxLength": 128 + }, + "Status": { + "description": "Specifies the status of the payment resource.", + "title": "PaymentSubmissionStatusCode", + "type": "string", + "enum": [ + "AcceptedSettlementCompleted", + "AcceptedSettlementInProcess", + "Pending", + "Rejected" + ] + }, + "CreationDateTime": { + "description": "Date and time at which the resource was created. \nAll dates in the JSON payloads are represented in ISO 8601 date-time format. \nAll date-time fields in responses must include the timezone. An example is below:\n2017-04-05T10:43:07+00:00", + "type": "string", + "format": "date-time" + } + }, + "required": [ + "PaymentSubmissionId", + "PaymentId", + "CreationDateTime" + ], + "additionalProperties": false + }, + "Links": { + "type": "object", + "description": "Link URIs relevant to the payload", + "properties": { + "Self": { + "type": "string", + "format": "uri" + }, + "First": { + "type": "string", + "format": "uri" + }, + "Prev": { + "type": "string", + "format": "uri" + }, + "Next": { + "type": "string", + "format": "uri" + }, + "Last": { + "type": "string", + "format": "uri" + } + }, + "additionalProperties": false, + "required": [ + "Self" + ] + }, + "Meta": { + "type": "object", + "description": "Meta Data Relevant to the payload", + "properties": { + "TotalPages": { + "type": "integer", + "format": "int32" + } + }, + "additionalProperties": false + } + }, + "required": [ + "Data", + "Links", + "Meta" + ], + "additionalProperties": false + + }, + "PaymentRequest" : { + "title": "Payment setup POST request", + "description": "Allows setup of a payment", + "type": "object", + "properties": { + "Data": { + "description": "", + "title": "PaymentSetup", + "type": "object", + "properties": { + "Initiation": { + "description": "", + "type": "object", + "properties": { + "InstructionIdentification": { + "description": "Unique identification as assigned by an instructing party for an instructed party to unambiguously identify the instruction. Usage: the instruction identification is a point to point reference that can be used between the instructing party and the instructed party to refer to the individual instruction. It can be included in several messages related to the instruction.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "EndToEndIdentification": { + "description": "Unique identification assigned by the initiating party to unambiguously identify the transaction. This identification is passed on, unchanged, throughout the entire end-to-end chain. Usage: The end-to-end identification can be used for reconciliation or to link tasks relating to the transaction. It can be included in several messages related to the transaction. OB: The Faster Payments Scheme can only access 31 characters for the EndToEndIdentification field.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "InstructedAmount": { + "description": "Amount of money to be moved between the debtor and creditor, before deduction of charges, expressed in the currency as ordered by the initiating party. Usage: This amount has to be transported unchanged through the transaction chain.", + "type": "object", + "properties": { + "Amount": { + "type": "string", + "pattern": "^\\d{1,13}\\.\\d{1,5}$" + }, + "Currency": { + "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 - Codes for the representation of currencies and funds.", + "type": "string", + "pattern": "^[A-Z]{3,3}$" + } + }, + "required": [ + "Amount", + "Currency" + ], + "additionalProperties": false + }, + "DebtorAgent": { + "description": "Financial institution servicing an account for the debtor.", + "title": "DebtorAgent", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "BICFI" + ] + }, + "Identification": { + "description": "Unique and unambiguous identification of a person.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "DebtorAccount": { + "description": "Unambiguous identification of the account of the debtor to which a debit entry will be made as a result of the transaction.", + "title": "DebtorAccount", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "IBAN", + "SortCodeAccountNumber" + ] + }, + "Identification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + }, + "Name": { + "description": "Name of the account, as assigned by the account servicing institution, in agreement with the account owner in order to provide an additional means of identification of the account. Usage: The account name is different from the account owner name. The account name is used in certain user communities to provide a means of identifying the account, in addition to the account owner's identity and the account number.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "SecondaryIdentification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "CreditorAgent": { + "description": "Financial institution servicing an account for the creditor.", + "title": "CreditorAgent", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "BICFI" + ] + }, + "Identification": { + "description": "Unique and unambiguous identification of a person.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "CreditorAccount": { + "description": "Unambiguous identification of the account of the creditor to which a credit entry will be posted as a result of the payment transaction.", + "title": "CreditorAccount", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "IBAN", + "SortCodeAccountNumber" + ] + }, + "Identification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + }, + "Name": { + "description": "Name of the account, as assigned by the account servicing institution, in agreement with the account owner in order to provide an additional means of identification of the account. Usage: The account name is different from the account owner name. The account name is used in certain user communities to provide a means of identifying the account, in addition to the account owner's identity and the account number. ASPSPs may carry out name validation for Confirmation of Payee, but it is not mandatory.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "SecondaryIdentification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + } + }, + "required": [ + "SchemeName", + "Identification", + "Name" + ], + "additionalProperties": false + }, + "RemittanceInformation": { + "description": "Information supplied to enable the matching of an entry with the items that the transfer is intended to settle, such as commercial invoices in an accounts' receivable system.", + "title": "RemittanceInformation", + "type": "object", + "properties": { + "Unstructured": { + "description": "Information supplied to enable the matching/reconciliation of an entry with the items that the payment is intended to settle, such as commercial invoices in an accounts' receivable system, in an unstructured form.", + "type": "string", + "minLength": 1, + "maxLength": 140 + }, + "Reference": { + "description": "Unique reference, as assigned by the creditor, to unambiguously refer to the payment transaction. Usage: If available, the initiating party should provide this reference in the structured remittance information, to enable reconciliation by the creditor upon receipt of the amount of money. If the business context requires the use of a creditor reference or a payment remit identification, and only one identifier can be passed through the end-to-end chain, the creditor's reference or payment remittance identification should be quoted in the end-to-end transaction identification. OB: The Faster Payments Scheme can only accept 18 characters for the ReferenceInformation field - which is where this ISO field will be mapped.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "additionalProperties": false + } + }, + "required": [ + "InstructionIdentification", + "EndToEndIdentification", + "InstructedAmount", + "CreditorAccount" + ], + "additionalProperties": false + } + }, + "required": [ + "Initiation" + ], + "additionalProperties": false + }, + "Risk": { + "description": "", + "title": "Risk", + "type": "object", + "properties": { + "PaymentContextCode": { + "description": "Specifies the payment context", + "title": "PaymentContextCode", + "type": "string", + "enum": [ + "BillPayment", + "EcommerceGoods", + "EcommerceServices", + "Other", + "PersonToPerson" + ] + }, + "MerchantCategoryCode": { + "description": "Category code conforms to ISO 18245, related to the type of services or goods the merchant provides for the transaction", + "type": "string", + "minLength": 3, + "maxLength": 4 + }, + "MerchantCustomerIdentification": { + "description": "The unique customer identifier of the PSU with the merchant.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "DeliveryAddress": { + "description": "Information that locates and identifies a specific address, as defined by postal services or in free format text.", + "type": "object", + "properties": { + "AddressLine": { + "description": "Information that locates and identifies a specific address, as defined by postal services, that is presented in free format text.", + "type": "array", + "items": { + "description": "maxLength 70 text", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "minItems": 0, + "maxItems": 2 + }, + "StreetName": { + "description": "Name of a street or thoroughfare", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "BuildingNumber": { + "description": "Number that identifies the position of a building on a street.", + "type": "string", + "minLength": 1, + "maxLength": 16 + }, + "PostCode": { + "description": "Identifier consisting of a group of letters and/or numbers that is added to a postal address to assist the sorting of mail", + "type": "string", + "minLength": 1, + "maxLength": 16 + }, + "TownName": { + "description": "Name of a built-up area, with defined boundaries, and a local government.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "CountrySubDivision": { + "description": "Identifies a subdivision of a country, for instance state, region, county.", + "type": "array", + "items": { + "description": "maxLength 35 text", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "minItems": 0, + "maxItems": 2 + }, + "Country": { + "description": "Nation with its own government, occupying a particular territory.", + "type": "string", + "pattern": "^[A-Z]{2,2}$" + } + }, + "required": [ + "TownName", + "Country" + ], + "additionalProperties": false + } + }, + "additionalProperties": false + } + }, + "required": [ + "Data", + "Risk" + ], + "additionalProperties": false + }, + "PaymentSubmissionRequest" : + { + "title": "Payment Submission POST request", + "description": "Allows Submission of a payment", + "type": "object", + "properties": { + "Data": { + "description": "", + "title": "PaymentSubmission", + "type": "object", + "properties": { + "PaymentId": { + "description": "OB: Unique identification as assigned by the ASPSP to uniquely identify the payment setup resource.", + "type": "string", + "minLength": 1, + "maxLength": 128 + }, + "Initiation": { + "description": "The Initiation payload is sent by the initiating party to the ASPSP. It is used to request movement of funds from the debtor account to a creditor.", + "type": "object", + "properties": { + "InstructionIdentification": { + "description": "Unique identification as assigned by an instructing party for an instructed party to unambiguously identify the instruction. Usage: the instruction identification is a point to point reference that can be used between the instructing party and the instructed party to refer to the individual instruction. It can be included in several messages related to the instruction.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "EndToEndIdentification": { + "description": "Unique identification assigned by the initiating party to unambiguously identify the transaction. This identification is passed on, unchanged, throughout the entire end-to-end chain. Usage: The end-to-end identification can be used for reconciliation or to link tasks relating to the transaction. It can be included in several messages related to the transaction. OB: The Faster Payments Scheme can only access 31 characters for the EndToEndIdentification field.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "InstructedAmount": { + "description": "Amount of money to be moved between the debtor and creditor, before deduction of charges, expressed in the currency as ordered by the initiating party. Usage: This amount has to be transported unchanged through the transaction chain.", + "type": "object", + "properties": { + "Amount": { + "type": "string", + "pattern": "^\\d{1,13}\\.\\d{1,5}$" + }, + "Currency": { + "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 - Codes for the representation of currencies and funds.", + "type": "string", + "pattern": "^[A-Z]{3,3}$" + } + }, + "required": [ + "Amount", + "Currency" + ], + "additionalProperties": false + }, + "DebtorAgent": { + "description": "Financial institution servicing an account for the debtor.", + "title": "DebtorAgent", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "BICFI" + ] + }, + "Identification": { + "description": "Unique and unambiguous identification of a person.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "DebtorAccount": { + "description": "Unambiguous identification of the account of the debtor to which a debit entry will be made as a result of the transaction.", + "title": "DebtorAccount", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "IBAN", + "SortCodeAccountNumber" + ] + }, + "Identification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + }, + "Name": { + "description": "Name of the account, as assigned by the account servicing institution, in agreement with the account owner in order to provide an additional means of identification of the account. Usage: The account name is different from the account owner name. The account name is used in certain user communities to provide a means of identifying the account, in addition to the account owner's identity and the account number.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "SecondaryIdentification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "CreditorAgent": { + "description": "Financial institution servicing an account for the creditor.", + "title": "CreditorAgent", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "BICFI" + ] + }, + "Identification": { + "description": "Unique and unambiguous identification of a person.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "CreditorAccount": { + "description": "Unambiguous identification of the account of the creditor to which a credit entry will be posted as a result of the payment transaction.", + "title": "CreditorAccount", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "IBAN", + "SortCodeAccountNumber" + ] + }, + "Identification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + }, + "Name": { + "description": "Name of the account, as assigned by the account servicing institution, in agreement with the account owner in order to provide an additional means of identification of the account. Usage: The account name is different from the account owner name. The account name is used in certain user communities to provide a means of identifying the account, in addition to the account owner's identity and the account number. ASPSPs may carry out name validation for Confirmation of Payee, but it is not mandatory.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "SecondaryIdentification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + } + }, + "required": [ + "SchemeName", + "Identification", + "Name" + ], + "additionalProperties": false + }, + "RemittanceInformation": { + "description": "Information supplied to enable the matching of an entry with the items that the transfer is intended to settle, such as commercial invoices in an accounts' receivable system.", + "title": "RemittanceInformation", + "type": "object", + "properties": { + "Unstructured": { + "description": "Information supplied to enable the matching/reconciliation of an entry with the items that the payment is intended to settle, such as commercial invoices in an accounts' receivable system, in an unstructured form.", + "type": "string", + "minLength": 1, + "maxLength": 140 + }, + "Reference": { + "description": "Unique reference, as assigned by the creditor, to unambiguously refer to the payment transaction. Usage: If available, the initiating party should provide this reference in the structured remittance information, to enable reconciliation by the creditor upon receipt of the amount of money. If the business context requires the use of a creditor reference or a payment remit identification, and only one identifier can be passed through the end-to-end chain, the creditor's reference or payment remittance identification should be quoted in the end-to-end transaction identification. OB: The Faster Payments Scheme can only accept 18 characters for the ReferenceInformation field - which is where this ISO field will be mapped.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "additionalProperties": false + } + }, + "required": [ + "InstructionIdentification", + "EndToEndIdentification", + "InstructedAmount", + "CreditorAccount" + ], + "additionalProperties": false + } + }, + "required": [ + "PaymentId", + "Initiation" + ], + "additionalProperties": false + }, + "Risk": { + "description": "", + "title": "Risk", + "type": "object", + "properties": { + "PaymentContextCode": { + "description": "Specifies the payment context", + "title": "PaymentContextCode", + "type": "string", + "enum": [ + "BillPayment", + "EcommerceGoods", + "EcommerceServices", + "Other", + "PersonToPerson" + ] + }, + "MerchantCategoryCode": { + "description": "Category code conforms to ISO 18245, related to the type of services or goods the merchant provides for the transaction", + "type": "string", + "minLength": 3, + "maxLength": 4 + }, + "MerchantCustomerIdentification": { + "description": "The unique customer identifier of the PSU with the merchant.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "DeliveryAddress": { + "description": "Information that locates and identifies a specific address, as defined by postal services or in free format text.", + "type": "object", + "properties": { + "AddressLine": { + "description": "Information that locates and identifies a specific address, as defined by postal services, that is presented in free format text.", + "type": "array", + "items": { + "description": "maxLength 70 text", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "minItems": 0, + "maxItems": 2 + }, + "StreetName": { + "description": "Name of a street or thoroughfare", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "BuildingNumber": { + "description": "Number that identifies the position of a building on a street.", + "type": "string", + "minLength": 1, + "maxLength": 16 + }, + "PostCode": { + "description": "Identifier consisting of a group of letters and/or numbers that is added to a postal address to assist the sorting of mail", + "type": "string", + "minLength": 1, + "maxLength": 16 + }, + "TownName": { + "description": "Name of a built-up area, with defined boundaries, and a local government.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "CountrySubDivision": { + "description": "Identifies a subdivision of a country, for instance state, region, county.", + "type": "array", + "items": { + "description": "maxLength 35 text", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "minItems": 0, + "maxItems": 2 + }, + "Country": { + "description": "Nation with its own government, occupying a particular territory.", + "type": "string", + "pattern": "^[A-Z]{2,2}$" + } + }, + "required": [ + "TownName", + "Country" + ], + "additionalProperties": false + } + }, + "additionalProperties": false + } + }, + "required": [ + "Data", + "Risk" + ], + "additionalProperties": false + } + } +} \ No newline at end of file diff --git a/src/devportal/all/modules/all_component_features/all_component_features.features.node_export_features.inc b/src/devportal/all/modules/all_component_features/all_component_features.features.node_export_features.inc index c9866870..0b309945 100644 --- a/src/devportal/all/modules/all_component_features/all_component_features.features.node_export_features.inc +++ b/src/devportal/all/modules/all_component_features/all_component_features.features.node_export_features.inc @@ -412,10 +412,10 @@ function all_component_features_node_export_features_default() { \'body\' => array( \'und\' => array( array( - \'value\' => "

    Bring Bank APIs to life with our reference apps.

    \\r\\n\\r\\n

     

    \\r\\n\\r\\n

     

    \\r\\n\\r\\n\\r\\n\\t\\r\\n\\t\\t\\r\\n\\t\\t\\t\\r\\n\\t\\t\\t\\r\\n\\t\\t\\t\\r\\n\\t\\t\\t\\r\\n\\t\\t\\r\\n\\t\\r\\n
    \\"\\"  \\r\\n\\t\\t\\t

    BigZ app (third-party payment initiation)

    \\r\\n\\r\\n\\t\\t\\t

     

    \\r\\n\\r\\n\\t\\t\\t

    This scenario demonstrates a payment made through a PISP without using cash, credit card, or debit card:

    \\r\\n\\r\\n\\t\\t\\t

     

    \\r\\n\\r\\n\\t\\t\\t

    Kathie is living in London and occupied with her work. She needs to buy a new cellphone. Laura logs on to BigZ online shopping mobile app,selects the product, and pays for it online without even stepping out of her workplace.

    \\r\\n\\r\\n\\t\\t\\t

     

    \\r\\n\\r\\n\\t\\t\\t

    Download and try the app

    \\r\\n\\r\\n\\t\\t\\t

     

    \\r\\n\\r\\n\\t\\t\\t

     

    \\r\\n\\r\\n\\t\\t\\t

     

    \\r\\n\\r\\n\\t\\t\\t

     

    \\r\\n\\t\\t\\t    		\\r\\n\\t\\t\\t

     

    \\r\\n\\t\\t\\t
    \\r\\n\\r\\n

     

    \\r\\n\\r\\n

     

    \\r\\n\\r\\n\\r\\n\\t\\r\\n\\t\\t\\r\\n\\t\\t\\t\\r\\n\\t\\t\\t\\r\\n\\t\\t\\t\\r\\n\\t\\t\\t\\r\\n\\t\\t\\r\\n\\t\\r\\n
    \\r\\n\\t\\t\\t
    \\r\\n\\t\\t\\t
    \\r\\n\\t\\t\\t

    aisp.jpg

    \\r\\n\\r\\n\\t\\t\\t
    \\"\\"
    \\r\\n\\t\\t\\t
    \\r\\n\\t\\t\\t
    \\r\\n\\t\\t\\t    		  \\r\\n\\t\\t\\t

    PepperMint app (account information service provider)

    \\r\\n\\r\\n\\t\\t\\t

     

    \\r\\n\\r\\n\\t\\t\\t

    Enjoy visibility of your funds across all your accounts, in one place. Advanced spendilytics at your finger tips:

    \\r\\n\\r\\n\\t\\t\\t

     

    \\r\\n\\r\\n\\t\\t\\t

    Sam is living in California and would like to track and monitor his monthly spending across his accounts. He logs on to his new PepperMint app, which provides him a consolidated view of his accounts, financials and expenditure.

    \\r\\n\\r\\n\\t\\t\\t

    Download and try the app

    \\r\\n\\r\\n\\t\\t\\t

     

    \\r\\n\\r\\n\\t\\t\\t

     

    \\r\\n\\r\\n\\t\\t\\t

     

    \\r\\n\\r\\n\\t\\t\\t

     

    \\r\\n\\t\\t\\t    		\\r\\n\\t\\t\\t

     

    \\r\\n\\t\\t\\t
    \\r\\n\\r\\n

     

    \\r\\n\\r\\n

     

    \\r\\n", + \'value\' => "

    Bring Bank APIs to life with our reference apps.

    \\r\\n\\r\\n

     

    \\r\\n\\r\\n

     

    \\r\\n\\r\\n\\r\\n\\t\\r\\n\\t\\t\\r\\n\\t\\t\\t\\r\\n\\t\\t\\t\\r\\n\\t\\t\\t\\r\\n\\t\\t\\t\\r\\n\\t\\t\\r\\n\\t\\r\\n
    \\"\\"  \\r\\n\\t\\t\\t

    BigZ app (third-party payment initiation)

    \\r\\n\\r\\n\\t\\t\\t

     

    \\r\\n\\r\\n\\t\\t\\t

    This scenario demonstrates a payment made through a PISP without using cash, credit card, or debit card:

    \\r\\n\\r\\n\\t\\t\\t

     

    \\r\\n\\r\\n\\t\\t\\t

    Kathie is living in London and occupied with her work. She needs to buy a new cellphone. Laura logs on to BigZ online shopping mobile app,selects the product, and pays for it online without even stepping out of her workplace.

    \\r\\n\\r\\n\\t\\t\\t

     

    \\r\\n\\r\\n\\t\\t\\t

    Download and try the app

    \\r\\n\\r\\n\\t\\t\\t

     

    \\r\\n\\r\\n\\t\\t\\t

     

    \\r\\n\\r\\n\\t\\t\\t

     

    \\r\\n\\r\\n\\t\\t\\t

     

    \\r\\n\\t\\t\\t    		\\r\\n\\t\\t\\t

     

    \\r\\n\\t\\t\\t
    \\r\\n\\r\\n\\r\\n\\t\\r\\n\\t\\t\\r\\n\\t\\t\\t\\r\\n\\t\\t\\t\\r\\n\\t\\t\\t\\r\\n\\t\\t\\t\\r\\n\\t\\t\\r\\n\\t\\r\\n
    \\r\\n\\t\\t\\t
    \\r\\n\\t\\t\\t
    \\r\\n\\t\\t\\t

     

    \\r\\n\\r\\n\\t\\t\\t
     
    \\r\\n\\t\\t\\t
    \\r\\n\\t\\t\\t
    \\r\\n\\t\\t\\t    		  \\r\\n\\t\\t\\t

     

    \\r\\n\\r\\n\\t\\t\\t

     

    \\r\\n\\r\\n\\t\\t\\t

     

    \\r\\n\\r\\n\\t\\t\\t

     

    \\r\\n\\r\\n\\t\\t\\t

     

    \\r\\n\\t\\t\\t    		\\r\\n\\t\\t\\t

     

    \\r\\n\\t\\t\\t
    \\r\\n\\r\\n

     

    \\r\\n\\r\\n

     

    \\r\\n", \'summary\' => \'\', \'format\' => \'full_html\', - \'safe_value\' => "

    Bring Bank APIs to life with our reference apps.

    \\n

     

    \\n

     

    \\n\\n\\n\\n\\n
    \\n\\n

    pispapp.jpg

    \\n \\n \\n
    \\n \\"\\"
    \\n\\n \\n
    \\n
    		  \\n

    BigZ app (third-party payment initiation)

    \\n

     

    \\n

    This scenario demonstrates a payment made through a PISP without using cash, credit card, or debit card:

    \\n

     

    \\n

    Kathie is living in London and occupied with her work. She needs to buy a new cellphone. Laura logs on to BigZ online shopping mobile app,selects the product, and pays for it online without even stepping out of her workplace.

    \\n

     

    \\n

    Download and try the app

    \\n

     

    \\n

     

    \\n

     

    \\n

     

    \\n    		\\n

     

    \\n

     

    \\n

     

    \\n\\n\\n\\n\\n
    \\n
    \\n
    \\n

    aisp.jpg

    \\n
    \\"\\"
    \\n
    \\n
    \\n    		  \\n

    PepperMint app (account information service provider)

    \\n

     

    \\n

    Enjoy visibility of your funds across all your accounts, in one place. Advanced spendilytics at your finger tips:

    \\n

     

    \\n

    Sam is living in California and would like to track and monitor his monthly spending across his accounts. He logs on to his new PepperMint app, which provides him a consolidated view of his accounts, financials and expenditure.

    \\n

    Download and try the app

    \\n

     

    \\n

     

    \\n

     

    \\n

     

    \\n    		\\n

     

    \\n

     

    \\n

     

    \\n", + \'safe_value\' => "

    Bring Bank APIs to life with our reference apps.

    \\n

     

    \\n

     

    \\n\\n\\n\\n\\n
    \\"\\"  \\n

    BigZ app (third-party payment initiation)

    \\n

     

    \\n

    This scenario demonstrates a payment made through a PISP without using cash, credit card, or debit card:

    \\n

     

    \\n

    Kathie is living in London and occupied with her work. She needs to buy a new cellphone. Laura logs on to BigZ online shopping mobile app,selects the product, and pays for it online without even stepping out of her workplace.

    \\n

     

    \\n

    Download and try the app

    \\n

     

    \\n

     

    \\n

     

    \\n

     

    \\n    		\\n

     

    \\n
    \\n\\n\\n\\n
    \\n
    \\n
    \\n

     

    \\n
     
    \\n
    \\n
    \\n    		  \\n

     

    \\n

     

    \\n

     

    \\n

     

    \\n

     

    \\n    		\\n

     

    \\n

     

    \\n

     

    \\n", \'safe_summary\' => \'\', ), ), @@ -1905,10 +1905,10 @@ function all_component_features_node_export_features_default() { \'body\' => array( \'und\' => array( array( - \'value\' => "

    API Catalogue

    \\r\\n\\r\\n

    API products are available through various subsciption plans. These plans will be made available after enrollment and verification. Once you've subscribed to a plan, you can use the APIs using the app credentials. APIs are categorized into these API products:

    \\r\\n\\r\\n

     

    \\r\\n\\r\\n

    Account information APIs

    \\r\\n\\r\\n

    Account information APIs provide information for accounts held by the bank customer. Information is categorized into:

    \\r\\n\\r\\n
      \\r\\n\\t
    1. Information
      2. \\r\\n\\t
    2. Balance
      3. \\r\\n\\t
    3. Transactions 
      4. \\r\\n\\t
    4. Beneficiaries
      5. \\r\\n\\t
    5. Standing Orders
      6. \\r\\n\\t
    6. Direct Debits
      7. \\r\\n
    \\r\\n\\r\\n

    An API end point is provided for each type of information.

    \\r\\n\\r\\n

    Banking APIs provide developers with the information needed to create innovative fintech apps for consumers. While you probably have some use cases in mind, there are a few obvious ones worth mentioning:

    \\r\\n\\r\\n\\r\\n\\r\\n

     

    \\r\\n\\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n\\r\\n
    Single Account information\\r\\n\\r\\n

    /{AccountId}

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n\\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n\\r\\n
    Single Account transactions\\r\\n\\r\\n

    /{AccountId}/transactions

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n\\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n\\r\\n
    Single Account Balance\\r\\n\\r\\n

    /{AccountId}/balance

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n\\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n\\r\\n
    Single Account Beneficiaries\\r\\n\\r\\n

    /{AccountId}/beneficiaries

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n\\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n\\r\\n
    Single Account Standing Orders\\r\\n\\r\\n

    /{AccountId}/standing-orders

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n\\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n\\r\\n
    Single Account Direct Debits\\r\\n\\r\\n

    /{AccountId}/direct-debits

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n\\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n\\r\\n
    Customer's Accounts information\\r\\n\\r\\n

    /

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n\\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n\\r\\n
    Customer's Accounts Balance\\r\\n\\r\\n

    /balance

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n\\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n\\r\\n
    Customer's Accounts Transactions\\r\\n\\r\\n

    /transactions

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n\\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n\\r\\n
    Customer's Accounts Beneficiaries\\r\\n\\r\\n

    /beneficiaries

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n\\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n\\r\\n
    Customer's Accounts Standing Orders\\r\\n\\r\\n

    /standing-orders

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n\\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n\\r\\n
    Customer's Account Direct Debits\\r\\n\\r\\n

    /direct-betits

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n\\r\\n

     

    \\r\\n\\r\\n

    Authorization APIs

    \\r\\n\\r\\n

    For accessing account access API end points and payment API end points, the app will first make a call to the OAuth API, so that it can get an access token. The OAuth APIs support the implicit grant flow wherein the access token is returned directly to the app once the user has been authenticated. To keep the authentication more secure (it should do this, unless the app is trusted), the app could also use the authorization code flow wherein a code is returned back to the app. The app should then exchange it for an access token.

    \\r\\n\\r\\n

    The two flows are differentiated by specifying the response_code parameter as ‘code’ for the three-legged authorization code flow and as ‘token’ for the implicit grant.

    \\r\\n\\r\\n

    The app can then use this access token to make the calls to the accounts APIs, userinfo API, and payment APIs. When the API is called, the customer and request id is retrieved from the access token to proceed with the API call flow.

    \\r\\n\\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    POST

    \\r\\n
    \\r\\n\\r\\n
    token\\r\\n\\r\\n

    /token

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n\\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n\\r\\n
    authorize\\r\\n\\r\\n

    /authorize

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n\\r\\n

     

    \\r\\n\\r\\n

    Payment APIs

    \\r\\n\\r\\n


    \\r\\nPayment APIs enable the transfer of funds from a consumer's account to a recipient. The initation of transfer is done by the consumer and the recipient's account number is provided by the third-party payment provider (TPPs or PISPs).

    \\r\\n\\r\\n

    For initiating a transfer the user will have to provide the payment request Id and will have to authenticate using two-factor authentication following which an access token will be generated

    \\r\\n\\r\\n

    Using the Access token generated, one-time payment submission can be done. Take a look at some of the use cases:

    \\r\\n\\r\\n\\r\\n\\r\\n

     

    \\r\\n\\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    POST

    \\r\\n
    \\r\\n\\r\\n
    Payment Request\\r\\n\\r\\n

    /payments

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n\\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n\\r\\n
    Payment Request\\r\\n\\r\\n

    /payments

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n\\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    POST

    \\r\\n
    \\r\\n\\r\\n
    Payment Submission\\r\\n\\r\\n

    /payment-submissions

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n\\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n\\r\\n
    Payment Submission\\r\\n\\r\\n

    /payment-submissions

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n\\r\\n

     

    \\r\\n\\r\\n

    Userinfo APIs

    \\r\\n\\r\\n


    \\r\\nUserindo APIs enable getting basic details of the customer.

    \\r\\n\\r\\n

    For initiating this call, the user will have to authenticate using two-factor authentication following which an access token will be generated

    \\r\\n\\r\\n

    Using the Access token generated, user details can be fetched.

    \\r\\n\\r\\n

     

    \\r\\n\\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n\\r\\n
    User Information\\r\\n\\r\\n

    /userinfo/acr:token

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n\\r\\n

     

    \\r\\n\\r\\n

     Open Data APIs

    \\r\\n\\r\\n


    \\r\\nOpen Data APIs are a category of APIs that provide general information of a Bank. These are not customer-specific, but bank-specific: locations, products, URLs, and events, for example. These APIs are not subjected to user-level authentication, but are are protected to be used only by signed apps. A valid client credential is essential to invoke these APIs.

    \\r\\n\\r\\n

    Using this category of APIs, a wide variety of new value-added solutions can be provided to consumers. Coupled with customer-specific information, potential new solutions include product and offer recommendations.

    \\r\\n\\r\\n

     

    \\r\\n
    \\r\\n
    \\r\\n\\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n\\r\\n
    atms\\r\\n\\r\\n

    /atms

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n\\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n\\r\\n
    products\\r\\n\\r\\n

    /products

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n\\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n\\r\\n
    branches\\r\\n\\r\\n

    /branches

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n", + \'value\' => "

    API Catalogue

    \\r\\n\\r\\n

    API products are available through various subsciption plans. These plans will be made available after enrollment and verification. Once you\'ve subscribed to a plan, you can use the APIs using the app credentials. APIs are categorized into these API products:

    \\r\\n

     

    \\r\\n

    Account information APIs

    \\r\\n

    Account information APIs provide information for accounts held by the bank customer. Information is categorized into:

    \\r\\n
      \\r\\n
    1. Information
      2. \\r\\n
    2. Balance
      3. \\r\\n
    3. Transactions 
      4. \\r\\n
    4. Beneficiaries
      5. \\r\\n
    5. Standing Orders
      6. \\r\\n
    6. Direct Debits
      7. \\r\\n
    7. Product
      8. \\r\\n
    \\r\\n

    An API end point is provided for each type of information.

    \\r\\n

    Banking APIs provide developers with the information needed to create innovative fintech apps for consumers. While you probably have some use cases in mind, there are a few obvious ones worth mentioning:

    \\r\\n\\r\\n

     

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    POST

    \\r\\n
    \\r\\n
    Account Request\\r\\n

    /account-requests

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n
    Account Request\\r\\n

    /account-requests/{AccountRequestId}

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    DELETE

    \\r\\n
    \\r\\n
    Account Request\\r\\n

    /account-requests/{AccountRequestId}

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n
    Single Account information\\r\\n

    /accounts/{AccountId}

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n
    Single Account transactions\\r\\n

    /accounts/{AccountId}/transactions

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n
    Single Account Balance\\r\\n

    /accounts/{AccountId}/balances

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n
    Single Account Beneficiaries\\r\\n

    /accounts/{AccountId}/beneficiaries

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n
    Single Account Standing Orders\\r\\n

    /accounts/{AccountId}/standing-orders

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n
    Single Account Direct Debits\\r\\n

    /accounts/{AccountId}/direct-debits

    \\r\\n
     
    \\r\\n
     
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n
    Customer\'s Accounts information\\r\\n

    /accounts

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n
    Customer\'s Accounts Balance\\r\\n

    /balances

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n
    Customer\'s Accounts Transactions\\r\\n

    /transactions

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n
    Customer\'s Accounts Beneficiaries\\r\\n

    /beneficiaries

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n
    Customer\'s Accounts Standing Orders\\r\\n

    /standing-orders

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n
    Single Account\'s Product\\r\\n

    /accounts/{AccountId}/product

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n
    Customer\'s Account Direct Debits\\r\\n

    /direct-betits

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

     

    \\r\\n

    Authorization APIs

    \\r\\n

    For accessing account access API end points and payment API end points, the app will first make a call to the OAuth API, so that it can get an access token. The OAuth APIs support the implicit grant flow wherein the access token is returned directly to the app once the user has been authenticated. To keep the authentication more secure (it should do this, unless the app is trusted), the app could also use the authorization code flow wherein a code is returned back to the app. The app should then exchange it for an access token.

    \\r\\n

    The two flows are differentiated by specifying the response_code parameter as ‘code’ for the three-legged authorization code flow and as ‘token’ for the implicit grant.

    \\r\\n

    The app can then use this access token to make the calls to the accounts APIs, userinfo API, and payment APIs. When the API is called, the customer and request id is retrieved from the access token to proceed with the API call flow.

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    POST

    \\r\\n
    \\r\\n
    token\\r\\n

    /token

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n
    authorize\\r\\n

    /authorize

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

     

    \\r\\n

    Payment APIs

    \\r\\n


    Payment APIs enable the transfer of funds from a consumer\'s account to a recipient. The initation of transfer is done by the consumer and the recipient\'s account number is provided by the third-party payment provider (TPPs or PISPs).

    \\r\\n

    For initiating a transfer the user will have to provide the payment request Id and will have to authenticate using two-factor authentication following which an access token will be generated

    \\r\\n

    Using the Access token generated, one-time payment submission can be done. Take a look at some of the use cases:

    \\r\\n\\r\\n

     

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    POST

    \\r\\n
    \\r\\n
    Payment Request\\r\\n

    /payments

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n
    Payment Request\\r\\n

    /payments

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    POST

    \\r\\n
    \\r\\n
    Payment Submission\\r\\n

    /payment-submissions

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n

    GET

    \\r\\n
    \\r\\n
    Payment Submission\\r\\n

    /payment-submissions

    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
     
    \\r\\n
     
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    \\r\\n
    ", \'summary\' => \'\', \'format\' => \'full_html\', - \'safe_value\' => "

    API Catalogue

    \\n

    API products are available through various subsciption plans. These plans will be made available after enrollment and verification. Once you\'ve subscribed to a plan, you can use the APIs using the app credentials. APIs are categorized into these API products:

    \\n

     

    \\n

    Account information APIs

    \\n

    Account information APIs provide information for accounts held by the bank customer. Information is categorized into:

    \\n
    1. Information
      2. \\n
    2. Balance
      3. \\n
    3. Transactions 
      4. \\n
    4. Beneficiaries
      5. \\n
    5. Standing Orders
      6. \\n
    6. Direct Debits
      7. \\n

    An API end point is provided for each type of information.

    \\n

    Banking APIs provide developers with the information needed to create innovative fintech apps for consumers. While you probably have some use cases in mind, there are a few obvious ones worth mentioning:

    \\n

     

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    Single Account information\\n

    /{AccountId}

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    Single Account transactions\\n

    /{AccountId}/transactions

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    Single Account Balance\\n

    /{AccountId}/balance

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    Single Account Beneficiaries\\n

    /{AccountId}/beneficiaries

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    Single Account Standing Orders\\n

    /{AccountId}/standing-orders

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    Single Account Direct Debits\\n

    /{AccountId}/direct-debits

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    Customer\'s Accounts information\\n

    /

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    Customer\'s Accounts Balance\\n

    /balance

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    Customer\'s Accounts Transactions\\n

    /transactions

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    Customer\'s Accounts Beneficiaries\\n

    /beneficiaries

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    Customer\'s Accounts Standing Orders\\n

    /standing-orders

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    Customer\'s Account Direct Debits\\n

    /direct-betits

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

     

    \\n

    Authorization APIs

    \\n

    For accessing account access API end points and payment API end points, the app will first make a call to the OAuth API, so that it can get an access token. The OAuth APIs support the implicit grant flow wherein the access token is returned directly to the app once the user has been authenticated. To keep the authentication more secure (it should do this, unless the app is trusted), the app could also use the authorization code flow wherein a code is returned back to the app. The app should then exchange it for an access token.

    \\n

    The two flows are differentiated by specifying the response_code parameter as ‘code’ for the three-legged authorization code flow and as ‘token’ for the implicit grant.

    \\n

    The app can then use this access token to make the calls to the accounts APIs, userinfo API, and payment APIs. When the API is called, the customer and request id is retrieved from the access token to proceed with the API call flow.

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    POST

    \\n
    \\n
    token\\n

    /token

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    authorize\\n

    /authorize

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

     

    \\n

    Payment APIs

    \\n

    \\nPayment APIs enable the transfer of funds from a consumer\'s account to a recipient. The initation of transfer is done by the consumer and the recipient\'s account number is provided by the third-party payment provider (TPPs or PISPs).

    \\n

    For initiating a transfer the user will have to provide the payment request Id and will have to authenticate using two-factor authentication following which an access token will be generated

    \\n

    Using the Access token generated, one-time payment submission can be done. Take a look at some of the use cases:

    \\n

     

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    POST

    \\n
    \\n
    Payment Request\\n

    /payments

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    Payment Request\\n

    /payments

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    POST

    \\n
    \\n
    Payment Submission\\n

    /payment-submissions

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    Payment Submission\\n

    /payment-submissions

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

     

    \\n

    Userinfo APIs

    \\n

    \\nUserindo APIs enable getting basic details of the customer.

    \\n

    For initiating this call, the user will have to authenticate using two-factor authentication following which an access token will be generated

    \\n

    Using the Access token generated, user details can be fetched.

    \\n

     

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    User Information\\n

    /userinfo/acr:token

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

     

    \\n

     Open Data APIs

    \\n

    \\nOpen Data APIs are a category of APIs that provide general information of a Bank. These are not customer-specific, but bank-specific: locations, products, URLs, and events, for example. These APIs are not subjected to user-level authentication, but are are protected to be used only by signed apps. A valid client credential is essential to invoke these APIs.

    \\n

    Using this category of APIs, a wide variety of new value-added solutions can be provided to consumers. Coupled with customer-specific information, potential new solutions include product and offer recommendations.

    \\n

     

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    atms\\n

    /atms

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    products\\n

    /products

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    branches\\n

    /branches

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n", + \'safe_value\' => "

    API Catalogue

    \\n

    API products are available through various subsciption plans. These plans will be made available after enrollment and verification. Once you\'ve subscribed to a plan, you can use the APIs using the app credentials. APIs are categorized into these API products:

    \\n

     

    \\n

    Account information APIs

    \\n

    Account information APIs provide information for accounts held by the bank customer. Information is categorized into:

    \\n
    1. Information
      2. \\n
    2. Balance
      3. \\n
    3. Transactions 
      4. \\n
    4. Beneficiaries
      5. \\n
    5. Standing Orders
      6. \\n
    6. Direct Debits
      7. \\n
    7. Product
      8. \\n

    An API end point is provided for each type of information.

    \\n

    Banking APIs provide developers with the information needed to create innovative fintech apps for consumers. While you probably have some use cases in mind, there are a few obvious ones worth mentioning:

    \\n

     

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    POST

    \\n
    \\n
    Account Request\\n

    /account-requests

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    Account Request\\n

    /account-requests/{AccountRequestId}

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    DELETE

    \\n
    \\n
    Account Request\\n

    /account-requests/{AccountRequestId}

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    Single Account information\\n

    /accounts/{AccountId}

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    Single Account transactions\\n

    /accounts/{AccountId}/transactions

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    Single Account Balance\\n

    /accounts/{AccountId}/balances

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    Single Account Beneficiaries\\n

    /accounts/{AccountId}/beneficiaries

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    Single Account Standing Orders\\n

    /accounts/{AccountId}/standing-orders

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    Single Account Direct Debits\\n

    /accounts/{AccountId}/direct-debits

    \\n
     
    \\n
     
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    Customer\'s Accounts information\\n

    /accounts

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    Customer\'s Accounts Balance\\n

    /balances

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    Customer\'s Accounts Transactions\\n

    /transactions

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    Customer\'s Accounts Beneficiaries\\n

    /beneficiaries

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    Customer\'s Accounts Standing Orders\\n

    /standing-orders

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    Single Account\'s Product\\n

    /accounts/{AccountId}/product

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    Customer\'s Account Direct Debits\\n

    /direct-betits

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

     

    \\n

    Authorization APIs

    \\n

    For accessing account access API end points and payment API end points, the app will first make a call to the OAuth API, so that it can get an access token. The OAuth APIs support the implicit grant flow wherein the access token is returned directly to the app once the user has been authenticated. To keep the authentication more secure (it should do this, unless the app is trusted), the app could also use the authorization code flow wherein a code is returned back to the app. The app should then exchange it for an access token.

    \\n

    The two flows are differentiated by specifying the response_code parameter as ‘code’ for the three-legged authorization code flow and as ‘token’ for the implicit grant.

    \\n

    The app can then use this access token to make the calls to the accounts APIs, userinfo API, and payment APIs. When the API is called, the customer and request id is retrieved from the access token to proceed with the API call flow.

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    POST

    \\n
    \\n
    token\\n

    /token

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    authorize\\n

    /authorize

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

     

    \\n

    Payment APIs

    \\n

    Payment APIs enable the transfer of funds from a consumer\'s account to a recipient. The initation of transfer is done by the consumer and the recipient\'s account number is provided by the third-party payment provider (TPPs or PISPs).

    \\n

    For initiating a transfer the user will have to provide the payment request Id and will have to authenticate using two-factor authentication following which an access token will be generated

    \\n

    Using the Access token generated, one-time payment submission can be done. Take a look at some of the use cases:

    \\n

     

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    POST

    \\n
    \\n
    Payment Request\\n

    /payments

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    Payment Request\\n

    /payments

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    POST

    \\n
    \\n
    Payment Submission\\n

    /payment-submissions

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n

    GET

    \\n
    \\n
    Payment Submission\\n

    /payment-submissions

    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n
     
    \\n
     
    \\n
    \\n
    \\n
    \\n
    \\n
    \\n", \'safe_summary\' => \'\', ), ), @@ -3188,10 +3188,10 @@ function all_component_features_node_export_features_default() { \'body\' => array( \'und\' => array( array( - \'value\' => "

    Create an app

    \\r\\n\\r\\n

    Step 1) After your have registered and logged in, click the "Add a new app" button.

    \\r\\n\\r\\n

     

    \\r\\n\\r\\n

    [[{\\"fid\\":\\"168\\",\\"view_mode\\":\\"default\\",\\"type\\":\\"media\\",\\"attributes\\":{\\"height\\":\\"428\\",\\"width\\":\\"1223\\",\\"class\\":\\"media-element file-default\\"}}]]

    \\r\\n\\r\\n

     

    \\r\\n\\r\\n

    Step 2) Enter the name of your app and choose the API product you need. Refer to the API catalogue to learn more about the API products and the APIs bundled in the product. Redirect URI is the URL to which the authorize call will be redirected. The redirect URI needs to match what is entered here to return the auth code.

    \\r\\n\\r\\n

    [[{\\"fid\\":\\"163\\",\\"view_mode\\":\\"default\\",\\"type\\":\\"media\\",\\"attributes\\":{\\"height\\":\\"503\\",\\"width\\":\\"677\\",\\"class\\":\\"media-element file-default\\"}}]]

    \\r\\n\\r\\n

     

    \\r\\n\\r\\n

    Step 3) Click on "Create app." You will see the message that says "app created" and see a link to your app.

    \\r\\n\\r\\n

     

    \\r\\n\\r\\n

    [[{\\"fid\\":\\"168\\",\\"view_mode\\":\\"default\\",\\"type\\":\\"media\\",\\"attributes\\":{\\"height\\":\\"428\\",\\"width\\":\\"1223\\",\\"class\\":\\"media-element file-default\\"}}]]

    \\r\\n\\r\\n

     

    \\r\\n\\r\\n

    Step 4) To get client credentials and click on your app. You will also see details and traffic dashboards.

    \\r\\n\\r\\n

     

    \\r\\n\\r\\n

    [[{\\"fid\\":\\"170\\",\\"view_mode\\":\\"default\\",\\"type\\":\\"media\\",\\"attributes\\":{\\"height\\":\\"496\\",\\"width\\":\\"824\\",\\"class\\":\\"media-element file-default\\"}}]]

    \\r\\n\\r\\n

     

    \\r\\n\\r\\n

    To view the analytics dashboards on traffic, errors, and other information, click on the analytics tab.

    \\r\\n\\r\\n

     

    \\r\\n\\r\\n

    [[{\\"fid\\":\\"167\\",\\"view_mode\\":\\"default\\",\\"type\\":\\"media\\",\\"attributes\\":{\\"height\\":\\"491\\",\\"width\\":\\"1168\\",\\"class\\":\\"media-element file-default\\"}}]]

    \\r\\n", + \'value\' => "

    Create an app

    \\r\\n\\r\\n

    Step 1) After your have registered and logged in, click the \\"Add a new app\\" button.

    \\r\\n

     

    \\r\\n

    Step 2) Enter the name of your app and choose the API product you need. Refer to the API catalogue to learn more about the API products and the APIs bundled in the product. Redirect URI is the URL to which the authorize call will be redirected. The redirect URI needs to match what is entered here to return the auth code.

    \\r\\n

     

    \\r\\n

    Step 3) Click on \\"Create app.\\" You will see the message that says \\"app created\\" and see a link to your app.

    \\r\\n

     

    \\r\\n

    Step 4) To get client credentials and click on your app. You will also see details and traffic dashboards.

    \\r\\n

     

    \\r\\n

    To view the analytics dashboards on traffic, errors, and other information, click on the analytics tab.

    ", \'summary\' => \'\', \'format\' => \'full_html\', - \'safe_value\' => "

    Create an app

    \\n

    Step 1) After your have registered and logged in, click the \\"Add a new app\\" button.

    \\n

     

    \\n

    \\n\\n

    2addapp1.png

    \\n \\n \\n
    \\n \\"\\"
    \\n\\n \\n
    \\n

    \\n

     

    \\n

    Step 2) Enter the name of your app and choose the API product you need. Refer to the API catalogue to learn more about the API products and the APIs bundled in the product. Redirect URI is the URL to which the authorize call will be redirected. The redirect URI needs to match what is entered here to return the auth code.

    \\n

    \\n\\n

    addapp2.png

    \\n \\n \\n
    \\n \\"\\"
    \\n\\n \\n
    \\n

    \\n

     

    \\n

    Step 3) Click on \\"Create app.\\" You will see the message that says \\"app created\\" and see a link to your app.

    \\n

     

    \\n

    \\n\\n

    2addapp1.png

    \\n \\n \\n
    \\n \\"\\"
    \\n\\n \\n
    \\n

    \\n

     

    \\n

    Step 4) To get client credentials and click on your app. You will also see details and traffic dashboards.

    \\n

     

    \\n

    \\n\\n

    2addapp3.png

    \\n \\n \\n
    \\n \\"\\"
    \\n\\n \\n
    \\n

    \\n

     

    \\n

    To view the analytics dashboards on traffic, errors, and other information, click on the analytics tab.

    \\n

     

    \\n

    \\n\\n

    addapp4.png

    \\n \\n \\n
    \\n \\"\\"
    \\n\\n \\n
    \\n

    \\n", + \'safe_value\' => "

    Create an app

    \\n

    Step 1) After your have registered and logged in, click the \\"Add a new app\\" button.

    \\n

     

    \\n

    Step 2) Enter the name of your app and choose the API product you need. Refer to the API catalogue to learn more about the API products and the APIs bundled in the product. Redirect URI is the URL to which the authorize call will be redirected. The redirect URI needs to match what is entered here to return the auth code.

    \\n

     

    \\n

    Step 3) Click on \\"Create app.\\" You will see the message that says \\"app created\\" and see a link to your app.

    \\n

     

    \\n

    Step 4) To get client credentials and click on your app. You will also see details and traffic dashboards.

    \\n

     

    \\n

    To view the analytics dashboards on traffic, errors, and other information, click on the analytics tab.

    \\n", \'safe_summary\' => \'\', ), ), @@ -3806,10 +3806,10 @@ function all_component_features_node_export_features_default() { \'body\' => array( \'und\' => array( array( - \'value\' => "

    Authentication

    \\r\\n\\r\\n

    Authentication is based on OpenID Connect, which is based on OAuth 2.0. 

    \\r\\n\\r\\n

    The user will have to authenticate with the bank using two-factor authentication, which will then provide the client application with a unique and time-bound access token. The client app can use this unique token to make calls to the bank on the behalf of the user.

    \\r\\n\\r\\n

    Generally, these access tokens are specific to a single account of a user and are valid over a longer duration (up to 30 days, for example).

    \\r\\n\\r\\n

    For the payment API, users need to authenticate their accounts each time a transfer is made because these API calls need to meet higher security requirements.

    \\r\\n\\r\\n

    The end user authenticates the account and provides access to the app to carry out the transaction via a two-step verification on the bank site. The following steps are done to provide authentication:

    \\r\\n\\r\\n\\r\\n\\r\\n

     

    \\r\\n\\r\\n

    Using APIs in your app

    \\r\\n\\r\\n

    You will create the app and provide the required details to enable support for the OAuth 2.0 three-legged flows, such as the callback/redirect url.

    \\r\\n\\r\\n

    In order for the app to make any API calls, it will have to present its client ID and secret. This is to ensure that only authenticated apps can make API calls. 

    \\r\\n\\r\\n

    For accessing the accounts API, the app will first make a call to the OAuth API, so that the app can get an access token to access a single account on behalf of the user. The OAuth APIs support both the implicit grant flow wherein the access token is returned directly to the app once the user has authenticated. If the app wishes to keep the authentication more secure (which it should, unless it is a trusted app), then the app could also use the authorization code flow wherein a code is returned back to the app.  It should then exchange it for an access token.

    \\r\\n\\r\\n

    The two flows are differentiated by specifying the response_code parameter as ‘code’ for the three-legged authorization code flow and as ‘token’ for the implicit grant.

    \\r\\n\\r\\n

    The App can then use this access token to make the calls to the accounts APIs. When the API is called, the customer and account information is retrieved from the access token and the account information is then presented to the user.

    \\r\\n\\r\\n

    In the case of transfers, the app can directly make a call to the payment API wherein the bank will directly request for authentication information from the user including OTP verification and asking for consent after which the bank allows the app to make a one-time transfer on behalf of the user. In order to initiate the transfer the app has to provide information related to the payee as a JWT token. More details about how this JWT token is created is provided in the Payments API section.

    \\r\\n\\r\\n

     

    \\r\\n\\r\\n

    Account Access APIs

    \\r\\n\\r\\n

    For accessing this API endpoint, the app will first make a call to the OAuth API, so that the app can get an access token to access a single account on behalf of the user. The OAuth APIs support both the implicit grant flow wherein the access token is returned directly to the app once the user has authenticated. If the app wishes to keep the authentication more secure (which it should unless it is a trusted app), then the app could also use the authorization code flow wherein a code is returned back to the app and it should then exchange it for an access token.

    \\r\\n\\r\\n

    The two flows are differentiated by specifying the response_code parameter as ‘code’ for the three-legged authorization code flow and as ‘token’ for the implicit grant.

    \\r\\n\\r\\n

    The App can then use this access token to make the calls to the accounts APIs. When the API is called, the customer and account information is retrieved from the access token and the account information is then presented to the user.

    \\r\\n\\r\\n

     

    \\r\\n\\r\\n

    Payment transfer APIs

    \\r\\n\\r\\n

    Assume a hypothetical scenario where the user has made a purchase from an online merchant. The user now wishes to make a payment via the payment provider (PISP) supported by this online merchant. 

    \\r\\n\\r\\n

    The merchant has provided the transaction-related information to the PISP and the PISP now initiates a call to the payment API. The transfer details are sent to the API in the form of a signed JWT. The JWT is signed with the client secret of the app; the API will then verify this JWT by comparing it with the signature of the app that made this request. This ensures that the token has not been tampered with. The payment information is also shown to the user while requesting consent so that the user can verify the details.

    \\r\\n\\r\\n

    The JWT is composed of three sections: header, payload, and signature

    \\r\\n\\r\\n

    A sample header shown below. It indicates that it is a JWT token and specified the signature used for encoding the payload.

    \\r\\n\\r\\n

    {

    \\r\\n\\r\\n

        "alg": "HS256",

    \\r\\n\\r\\n

        "typ": "JWT"

    \\r\\n\\r\\n

    }

    \\r\\n\\r\\n

    The payload contains the payee information as a set of payment claims. The token contains some reserved claims that are supposed to be in a JWT payload and some private claims that specify the payment details.

    \\r\\n\\r\\n
    \\r\\n{\\r\\n   "iss": "https://accenture.co.uk", //url of the JWT issuer\\r\\n   "aud": "https://apis-bank-dev.apigee.net", //url of the party it is intended for\\r\\n   "client_id": "grOmvYA89jsdhkshdIYhGtpvztofAAjz", //client id of the registered app\\r\\n   "redirect_uri": "http://localhost/", //redirect uri of the app\\r\\n   "scope": "openid accounts payment", //requested scopes for this call\\r\\n   "state": "af0ifjsldkj", //unique state to connect request and response\\r\\n   "acr_values": "3", // request acr_values; 2 for only authentication, and 3 for OTP flow\\r\\n   "claims": {\\r\\n       "paymentinfo": {\\r\\n           "type": "sepa_credit_transfer", //transfer type\\r\\n           "to": {\\r\\n               "account_number": "62136000", //receiver account id\\r\\n               "remote_bic": "RBOSGB2109H", //receiver remote bic code\\r\\n               "remote_IBAN": "GB32ESSE40486562136016", //receiver remote iban code\\r\\n               "remote_name": "BigZ online store" //receiver name\\r\\n           },\\r\\n           "value": {\\r\\n               "currency": "GBP", //transfer currency\\r\\n               "amount": "200" //transfer amount\\r\\n           },\\r\\n           "additional": {\\r\\n               "subject": "Online Purchase", //transfer description\\r\\n               "booking_code": "2SFBJ28553", //transfer booking code\\r\\n               "booking_date": "1462517645809", //transfer booking date\\r\\n               "value_date": "1462517645809" //transfer value date\\r\\n           },\\r\\n           "challenge_type": "SANDBOX_TAN" //challenge for additional security\\r\\n       }\\r\\n   }\\r\\n}
    \\r\\n\\r\\n

    Then, the JWT token is signed with the client secret of the registered app to ensure that it isn't tampered with.

    \\r\\n\\r\\n

    To form the full token, the header and the payload is Base64Url encoded and concatenated, separated by a dot (.). This string is signed in the following way using a JWS library. There are libraries available for many languages in order to sign a JWT.

    \\r\\n\\r\\n

    HMACSHA256( base64UrlEncode(header) + "." + base64UrlEncode(payload), secret)

    \\r\\n\\r\\n

    Finally the following JWT token is obtained.

    \\r\\n\\r\\n

     

    \\r\\n\\r\\n
    \\r\\neyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwczovL2FjY2VudHVyZS5jby51ayIsImF1ZCI6Imh0dHBzOi8vYXBpcy1iYW5rLWRldi5hcGlnZWUubmV0IiwiY2xpZW50X2lkIjoiZ3JPbXZZQWVpOGFCQVJ6RVZJWWhHdHB2enRvZkFBanoiLCJyZWRpcmVjdF91cmkiOiJodHRwOi8vbG9jYWxob3N0LyIsInNjb3BlIjoib3BlbmlkIGFjY291bnRzIHBheW1lbnQiLCJzdGF0ZSI6ImFmMGlmanNsZGtqIiwiYWNyX3ZhbHVlcyI6IjMiLCJjbGFpbXMiOnsicGF5bWVudGluZm8iOnsidHlwZSI6InNlcGFfY3JlZGl0X3RyYW5zZmVyIiwidG8iOnsiYWNjb3VudF9pZCI6IjYyMTM2MDAwIiwicmVtb3RlX2JpYyI6IlJCT1NHQjIxMDlIIiwicmVtb3RlX0lCQU4iOiJHQjMyRVNTRTQwNDg2NTYyMTM2MDE2IiwicmVtb3RlX25hbWUiOiJCaWdaIG9ubGluZSBzdG9yZSJ9LCJ2YWx1ZSI6eyJjdXJyZW5jeSI6IkdCUCIsImFtb3VudCI6IjIwMCJ9LCJhZGRpdGlvbmFsIjp7InN1YmplY3QiOiJPbmxpbmUgUHVyY2hhc2UiLCJib29raW5nX2NvZGUiOiIyU0ZCSjI4NTUzIiwiYm9va2luZ19kYXRlIjoiMTQ2MjUxNzY0NTgwOSIsInZhbHVlX2RhdGUiOiIxNDYyNTE3NjQ1ODA5In0sImNoYWxsZW5nZV90eXBlIjoiU0FOREJPWF9UQU4ifX0sImlhdCI6MTQ2MjUxODk4NH0.iD7jP_l8lBxnExWWSXAcI48n6urvvmd-goNSRwGwJYg
    \\r\\n\\r\\n

     

    \\r\\n\\r\\n

    Please refer to https://jwt.io/introduction/ to read more about the JWT specification, how to construct a token and the available libraries.

    \\r\\n\\r\\n

     

    \\r\\n\\r\\n

    Open data APIs

    \\r\\n\\r\\n

    Open data APIs are a category of APIs that provide non-customer specific information from a bank. These offer bank-specific information, such as ATM locations, products, URLs, and events. These APIs are not subjected to user-level authenication, but are protected to be used only by signed apps. A valid client credential is essential to make these API calls.

    \\r\\n", + \'value\' => "

    Authentication

    \\r\\n\\r\\n

    Authentication is based on OpenID Connect, which is based on OAuth 2.0. 

    \\r\\n

    The user will have to authenticate with the bank using two-factor authentication, which will then provide the client application with a unique and time-bound access token. The client app can use this unique token to make calls to the bank on the behalf of the user.

    \\r\\n

    Generally, these access tokens are specific to a single account of a user and are valid over a longer duration (up to 30 days, for example).

    \\r\\n

    For the accounts and payment APIs, users need to authenticate their accounts each time an API call is made because these API calls need to meet higher security requirements.

    \\r\\n

    The end user authenticates the account and provides access to the app to carry out the transaction via a two-step verification on the bank site. The following steps are done to provide authentication:

    \\r\\n\\r\\n

     

    \\r\\n

    Using APIs in your app

    \\r\\n

    You will create the app and provide the required details to enable support for the OAuth 2.0 three-legged flows, such as the callback/redirect url.

    \\r\\n

    In order for the app to make any API calls, it will have to present its client ID and secret. This is to ensure that only authenticated apps can make API calls. 

    \\r\\n

    For accessing the accounts and payments APIs, the app will first make a call to the OAuth API, so that the app can get an access token to access account(s) on behalf of the user. The OAuth APIs support both the implicit grant flow wherein the access token is returned directly to the app once the user has authenticated. If the app wishes to keep the authentication more secure (which it should, unless it is a trusted app), then the app could also use the authorization code flow wherein a code is returned back to the app.  It should then exchange it for an access token.

    \\r\\n

    The two flows are differentiated by specifying the response_code parameter as ‘code’ for the three-legged authorization code flow and as ‘token’ for the implicit grant.

    \\r\\n

    The App can then use this access token to make the calls to the accounts/payments APIs. When the API is called, the customer and account information is retrieved from the access token and the account information is then presented to the user.

    \\r\\n

    Account Access APIs

    \\r\\n

    For accessing this API endpoint, the app will first make a call to the OAuth API to get a client_credential access token, then create an account request which will have the details of the access required.

    \\r\\n

    The account request contains the information like account information permissions, the permission expiration time etc. 

    \\r\\n

    Once the Account request is created, the app requests for an access token for the account request created. While providing the consent, the user selects the list of accounts it wants the app to get access to.

    \\r\\n

    The app now gets an access token to access account(s) on behalf of the user. The OAuth APIs support both the implicit grant flow wherein the access token is returned directly to the app once the user has authenticated. If the app wishes to keep the authentication more secure (which it should unless it is a trusted app), then the app could also use the authorization code flow wherein a code is returned back to the app and it should then exchange it for an access token.

    \\r\\n

    The two flows are differentiated by specifying the response_code parameter as ‘code’ for the three-legged authorization code flow and as ‘token’ for the implicit grant.

    \\r\\n

    The App can then use this access token to make the calls to the accounts APIs. When the API is called, the customer information is retrieved from the access token and the account information is then presented to the user.

    \\r\\n

     

    \\r\\n

    Payment transfer APIs

    \\r\\n

    For accessing this API endpoint, the app will first make a call to the OAuth API to get a client_credential access token, then create a payment request which will have the details of the payment initiation.

    \\r\\n

    The payment request contains the information like creditor details, debitor details, the amount to be transfered, merchant details etc. 

    \\r\\n

    Once the payment request is created, the app requests for an access token for the payment request made by the app. While providing the consent, the user selects the debit account through which the payment has to be made.

    \\r\\n

    The app now gets an access token to submit one time single payment on behalf of the user. The OAuth APIs support both the implicit grant flow wherein the access token is returned directly to the app once the user has authenticated. If the app wishes to keep the authentication more secure (which it should unless it is a trusted app), then the app could also use the authorization code flow wherein a code is returned back to the app and it should then exchange it for an access token.

    \\r\\n

    The two flows are differentiated by specifying the response_code parameter as ‘code’ for the three-legged authorization code flow and as ‘token’ for the implicit grant.

    \\r\\n

    The App can then use this access token to submit the payment. When the API is called, the payment is submitted according to the payment request Id for which the access token was generated.

    \\r\\n

     

    \\r\\n

    Open data APIs

    \\r\\n

    Open data APIs are a category of APIs that provide non-customer specific information from a bank. These offer bank-specific information, such as ATM locations, products, URLs, and events. These APIs are not subjected to user-level authenication, but are protected to be used only by signed apps. A valid client credential is essential to make these API calls.

    ", \'summary\' => \'\', \'format\' => \'full_html\', - \'safe_value\' => "

    Authentication

    \\n

    Authentication is based on OpenID Connect, which is based on OAuth 2.0. 

    \\n

    The user will have to authenticate with the bank using two-factor authentication, which will then provide the client application with a unique and time-bound access token. The client app can use this unique token to make calls to the bank on the behalf of the user.

    \\n

    Generally, these access tokens are specific to a single account of a user and are valid over a longer duration (up to 30 days, for example).

    \\n

    For the payment API, users need to authenticate their accounts each time a transfer is made because these API calls need to meet higher security requirements.

    \\n

    The end user authenticates the account and provides access to the app to carry out the transaction via a two-step verification on the bank site. The following steps are done to provide authentication:

    \\n

     

    \\n

    Using APIs in your app

    \\n

    You will create the app and provide the required details to enable support for the OAuth 2.0 three-legged flows, such as the callback/redirect url.

    \\n

    In order for the app to make any API calls, it will have to present its client ID and secret. This is to ensure that only authenticated apps can make API calls. 

    \\n

    For accessing the accounts API, the app will first make a call to the OAuth API, so that the app can get an access token to access a single account on behalf of the user. The OAuth APIs support both the implicit grant flow wherein the access token is returned directly to the app once the user has authenticated. If the app wishes to keep the authentication more secure (which it should, unless it is a trusted app), then the app could also use the authorization code flow wherein a code is returned back to the app.  It should then exchange it for an access token.

    \\n

    The two flows are differentiated by specifying the response_code parameter as ‘code’ for the three-legged authorization code flow and as ‘token’ for the implicit grant.

    \\n

    The App can then use this access token to make the calls to the accounts APIs. When the API is called, the customer and account information is retrieved from the access token and the account information is then presented to the user.

    \\n

    In the case of transfers, the app can directly make a call to the payment API wherein the bank will directly request for authentication information from the user including OTP verification and asking for consent after which the bank allows the app to make a one-time transfer on behalf of the user. In order to initiate the transfer the app has to provide information related to the payee as a JWT token. More details about how this JWT token is created is provided in the Payments API section.

    \\n

     

    \\n

    Account Access APIs

    \\n

    For accessing this API endpoint, the app will first make a call to the OAuth API, so that the app can get an access token to access a single account on behalf of the user. The OAuth APIs support both the implicit grant flow wherein the access token is returned directly to the app once the user has authenticated. If the app wishes to keep the authentication more secure (which it should unless it is a trusted app), then the app could also use the authorization code flow wherein a code is returned back to the app and it should then exchange it for an access token.

    \\n

    The two flows are differentiated by specifying the response_code parameter as ‘code’ for the three-legged authorization code flow and as ‘token’ for the implicit grant.

    \\n

    The App can then use this access token to make the calls to the accounts APIs. When the API is called, the customer and account information is retrieved from the access token and the account information is then presented to the user.

    \\n

     

    \\n

    Payment transfer APIs

    \\n

    Assume a hypothetical scenario where the user has made a purchase from an online merchant. The user now wishes to make a payment via the payment provider (PISP) supported by this online merchant. 

    \\n

    The merchant has provided the transaction-related information to the PISP and the PISP now initiates a call to the payment API. The transfer details are sent to the API in the form of a signed JWT. The JWT is signed with the client secret of the app; the API will then verify this JWT by comparing it with the signature of the app that made this request. This ensures that the token has not been tampered with. The payment information is also shown to the user while requesting consent so that the user can verify the details.

    \\n

    The JWT is composed of three sections: header, payload, and signature

    \\n

    A sample header shown below. It indicates that it is a JWT token and specified the signature used for encoding the payload.

    \\n

    {

    \\n

        \\"alg\\": \\"HS256\\",

    \\n

        \\"typ\\": \\"JWT\\"

    \\n

    }

    \\n

    The payload contains the payee information as a set of payment claims. The token contains some reserved claims that are supposed to be in a JWT payload and some private claims that specify the payment details.

    \\n
    \\n{\\n   \\"iss\\": \\"https://accenture.co.uk\\", //url of the JWT issuer\\n   \\"aud\\": \\"https://apis-bank-dev.apigee.net\\", //url of the party it is intended for\\n   \\"client_id\\": \\"grOmvYA89jsdhkshdIYhGtpvztofAAjz\\", //client id of the registered app\\n   \\"redirect_uri\\": \\"http://localhost/\\", //redirect uri of the app\\n   \\"scope\\": \\"openid accounts payment\\", //requested scopes for this call\\n   \\"state\\": \\"af0ifjsldkj\\", //unique state to connect request and response\\n   \\"acr_values\\": \\"3\\", // request acr_values; 2 for only authentication, and 3 for OTP flow\\n   \\"claims\\": {\\n       \\"paymentinfo\\": {\\n           \\"type\\": \\"sepa_credit_transfer\\", //transfer type\\n           \\"to\\": {\\n               \\"account_number\\": \\"62136000\\", //receiver account id\\n               \\"remote_bic\\": \\"RBOSGB2109H\\", //receiver remote bic code\\n               \\"remote_IBAN\\": \\"GB32ESSE40486562136016\\", //receiver remote iban code\\n               \\"remote_name\\": \\"BigZ online store\\" //receiver name\\n           },\\n           \\"value\\": {\\n               \\"currency\\": \\"GBP\\", //transfer currency\\n               \\"amount\\": \\"200\\" //transfer amount\\n           },\\n           \\"additional\\": {\\n               \\"subject\\": \\"Online Purchase\\", //transfer description\\n               \\"booking_code\\": \\"2SFBJ28553\\", //transfer booking code\\n               \\"booking_date\\": \\"1462517645809\\", //transfer booking date\\n               \\"value_date\\": \\"1462517645809\\" //transfer value date\\n           },\\n           \\"challenge_type\\": \\"SANDBOX_TAN\\" //challenge for additional security\\n       }\\n   }\\n}

    Then, the JWT token is signed with the client secret of the registered app to ensure that it isn\'t tampered with.

    \\n

    To form the full token, the header and the payload is Base64Url encoded and concatenated, separated by a dot (.). This string is signed in the following way using a JWS library. There are libraries available for many languages in order to sign a JWT.

    \\n

    HMACSHA256( base64UrlEncode(header) + \\".\\" + base64UrlEncode(payload), secret)

    \\n

    Finally the following JWT token is obtained.

    \\n

     

    \\n
    \\neyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwczovL2FjY2VudHVyZS5jby51ayIsImF1ZCI6Imh0dHBzOi8vYXBpcy1iYW5rLWRldi5hcGlnZWUubmV0IiwiY2xpZW50X2lkIjoiZ3JPbXZZQWVpOGFCQVJ6RVZJWWhHdHB2enRvZkFBanoiLCJyZWRpcmVjdF91cmkiOiJodHRwOi8vbG9jYWxob3N0LyIsInNjb3BlIjoib3BlbmlkIGFjY291bnRzIHBheW1lbnQiLCJzdGF0ZSI6ImFmMGlmanNsZGtqIiwiYWNyX3ZhbHVlcyI6IjMiLCJjbGFpbXMiOnsicGF5bWVudGluZm8iOnsidHlwZSI6InNlcGFfY3JlZGl0X3RyYW5zZmVyIiwidG8iOnsiYWNjb3VudF9pZCI6IjYyMTM2MDAwIiwicmVtb3RlX2JpYyI6IlJCT1NHQjIxMDlIIiwicmVtb3RlX0lCQU4iOiJHQjMyRVNTRTQwNDg2NTYyMTM2MDE2IiwicmVtb3RlX25hbWUiOiJCaWdaIG9ubGluZSBzdG9yZSJ9LCJ2YWx1ZSI6eyJjdXJyZW5jeSI6IkdCUCIsImFtb3VudCI6IjIwMCJ9LCJhZGRpdGlvbmFsIjp7InN1YmplY3QiOiJPbmxpbmUgUHVyY2hhc2UiLCJib29raW5nX2NvZGUiOiIyU0ZCSjI4NTUzIiwiYm9va2luZ19kYXRlIjoiMTQ2MjUxNzY0NTgwOSIsInZhbHVlX2RhdGUiOiIxNDYyNTE3NjQ1ODA5In0sImNoYWxsZW5nZV90eXBlIjoiU0FOREJPWF9UQU4ifX0sImlhdCI6MTQ2MjUxODk4NH0.iD7jP_l8lBxnExWWSXAcI48n6urvvmd-goNSRwGwJYg

     

    \\n

    Please refer to https://jwt.io/introduction/ to read more about the JWT specification, how to construct a token and the available libraries.

    \\n

     

    \\n

    Open data APIs

    \\n

    Open data APIs are a category of APIs that provide non-customer specific information from a bank. These offer bank-specific information, such as ATM locations, products, URLs, and events. These APIs are not subjected to user-level authenication, but are protected to be used only by signed apps. A valid client credential is essential to make these API calls.

    \\n", + \'safe_value\' => "

    Authentication

    \\n

    Authentication is based on OpenID Connect, which is based on OAuth 2.0. 

    \\n

    The user will have to authenticate with the bank using two-factor authentication, which will then provide the client application with a unique and time-bound access token. The client app can use this unique token to make calls to the bank on the behalf of the user.

    \\n

    Generally, these access tokens are specific to a single account of a user and are valid over a longer duration (up to 30 days, for example).

    \\n

    For the accounts and payment APIs, users need to authenticate their accounts each time an API call is made because these API calls need to meet higher security requirements.

    \\n

    The end user authenticates the account and provides access to the app to carry out the transaction via a two-step verification on the bank site. The following steps are done to provide authentication:

    \\n

     

    \\n

    Using APIs in your app

    \\n

    You will create the app and provide the required details to enable support for the OAuth 2.0 three-legged flows, such as the callback/redirect url.

    \\n

    In order for the app to make any API calls, it will have to present its client ID and secret. This is to ensure that only authenticated apps can make API calls. 

    \\n

    For accessing the accounts and payments APIs, the app will first make a call to the OAuth API, so that the app can get an access token to access account(s) on behalf of the user. The OAuth APIs support both the implicit grant flow wherein the access token is returned directly to the app once the user has authenticated. If the app wishes to keep the authentication more secure (which it should, unless it is a trusted app), then the app could also use the authorization code flow wherein a code is returned back to the app.  It should then exchange it for an access token.

    \\n

    The two flows are differentiated by specifying the response_code parameter as ‘code’ for the three-legged authorization code flow and as ‘token’ for the implicit grant.

    \\n

    The App can then use this access token to make the calls to the accounts/payments APIs. When the API is called, the customer and account information is retrieved from the access token and the account information is then presented to the user.

    \\n

    Account Access APIs

    \\n

    For accessing this API endpoint, the app will first make a call to the OAuth API to get a client_credential access token, then create an account request which will have the details of the access required.

    \\n

    The account request contains the information like account information permissions, the permission expiration time etc. 

    \\n

    Once the Account request is created, the app requests for an access token for the account request created. While providing the consent, the user selects the list of accounts it wants the app to get access to.

    \\n

    The app now gets an access token to access account(s) on behalf of the user. The OAuth APIs support both the implicit grant flow wherein the access token is returned directly to the app once the user has authenticated. If the app wishes to keep the authentication more secure (which it should unless it is a trusted app), then the app could also use the authorization code flow wherein a code is returned back to the app and it should then exchange it for an access token.

    \\n

    The two flows are differentiated by specifying the response_code parameter as ‘code’ for the three-legged authorization code flow and as ‘token’ for the implicit grant.

    \\n

    The App can then use this access token to make the calls to the accounts APIs. When the API is called, the customer information is retrieved from the access token and the account information is then presented to the user.

    \\n

     

    \\n

    Payment transfer APIs

    \\n

    For accessing this API endpoint, the app will first make a call to the OAuth API to get a client_credential access token, then create a payment request which will have the details of the payment initiation.

    \\n

    The payment request contains the information like creditor details, debitor details, the amount to be transfered, merchant details etc. 

    \\n

    Once the payment request is created, the app requests for an access token for the payment request made by the app. While providing the consent, the user selects the debit account through which the payment has to be made.

    \\n

    The app now gets an access token to submit one time single payment on behalf of the user. The OAuth APIs support both the implicit grant flow wherein the access token is returned directly to the app once the user has authenticated. If the app wishes to keep the authentication more secure (which it should unless it is a trusted app), then the app could also use the authorization code flow wherein a code is returned back to the app and it should then exchange it for an access token.

    \\n

    The two flows are differentiated by specifying the response_code parameter as ‘code’ for the three-legged authorization code flow and as ‘token’ for the implicit grant.

    \\n

    The App can then use this access token to submit the payment. When the API is called, the payment is submitted according to the payment request Id for which the access token was generated.

    \\n

     

    \\n

    Open data APIs

    \\n

    Open data APIs are a category of APIs that provide non-customer specific information from a bank. These offer bank-specific information, such as ATM locations, products, URLs, and events. These APIs are not subjected to user-level authenication, but are protected to be used only by signed apps. A valid client credential is essential to make these API calls.

    \\n", \'safe_summary\' => \'\', ), ), @@ -8098,10 +8098,10 @@ function all_component_features_node_export_features_default() { \'body\' => array( \'und\' => array( array( - \'value\' => "

    Overview

    \\r\\n\\r\\n

    We have created a sandbox environment that behaves like the APIs of a live bank. We offer all the APIs that are listed in the catalogue and data of two sample banks. Here is some key sample data that you can use in your app.

    \\r\\n\\r\\n

     

    \\r\\n\\r\\n

    Sample data

    \\r\\n\\r\\n

    Sandbox is preloaded with two banks and customers and accounts.

    \\r\\n\\r\\n\\r\\n\\t\\r\\n\\t\\t\\r\\n\\t\\t\\t\\r\\n\\t\\t\\t\\r\\n\\t\\t\\t\\r\\n\\t\\t\\r\\n\\t\\t\\r\\n\\t\\t\\t\\r\\n\\t\\t\\t\\r\\n\\t\\t\\t\\r\\n\\t\\t\\r\\n\\t\\r\\n
    BankCustomerAccount
    Bank\\r\\n\\t\\t\\t

    123456789

    \\r\\n\\r\\n\\t\\t\\t

    46582398

    \\r\\n\\r\\n\\t\\t\\t

    62936395

    \\r\\n\\r\\n\\t\\t\\t

    84487942

    \\r\\n\\t\\t\\t    		\\r\\n\\t\\t\\t

    2139531801

    \\r\\n\\r\\n\\t\\t\\t

    1039531801

    \\r\\n\\r\\n\\t\\t\\t

    17109552631

    \\r\\n\\r\\n\\t\\t\\t

    74379891646

    \\r\\n\\t\\t\\t
    \\r\\n\\r\\n

     

    \\r\\n\\r\\n

    Note: Some customer numbers are marked in blue. These customer numbers are not configured with registered mobile numbers, so during the consent flow you can enter a mobile number to receive the OTP. This enables the user to experience the complete flow without having to update the customer number with phone numbers. During a real flow the OTP is sent to the registered mobile number only and the mobile number is confidential and known only to the bank.

    \\r\\n\\r\\n

    Trying the APIs

    \\r\\n\\r\\n

    Each API can be tried using the API explorer. You can use the sample data mentioned above and to try and test the APIs. To try the APIs, click on the particular API in the menu. You will see a tab that says "Try it." This section describes the APIs and provides the ability to make API calls.

    \\r\\n\\r\\n

     

    \\r\\n\\r\\n

    Authentication and consent

    \\r\\n\\r\\n

    To enable live interaction with APIs in the sandbox, we've provided an implementation of the authentication and consent app. APIs such as account information or payment transfer require explicit end-user consent. Follow these steps to authorize before you can fire the APIs. 

    \\r\\n\\r\\n

    Note: Autho​rization calls require a client ID. In this case, however, we have preconfigured the flow with a client ID, so the consent app flow is demonstrated without using a client ID.

    \\r\\n\\r\\n

     

    \\r\\n\\r\\n

    Step 1) Initiate authorization

    \\r\\n\\r\\n

    Each API is provided with a section under API explorer where you can run the API and see the results. When an API is configured to have authorization completed (i.e. to present an access token), you will see a button titled "OAuth 2.0 Set." Clicking on this button will start the OAuth flow and consent app flow.

    \\r\\n\\r\\n

    [[{\\"fid\\":\\"150\\",\\"view_mode\\":\\"default\\",\\"type\\":\\"media\\",\\"attributes\\":{\\"height\\":\\"295\\",\\"width\\":\\"420\\",\\"class\\":\\"media-element file-default\\"}}]]

    \\r\\n\\r\\n

    Step 2) Enter credentials

    \\r\\n\\r\\n

    Enter the customer number given the sample data section above. You can type any password.

    \\r\\n\\r\\n

    [[{\\"fid\\":\\"171\\",\\"view_mode\\":\\"default\\",\\"type\\":\\"media\\",\\"attributes\\":{\\"height\\":\\"386\\",\\"width\\":\\"488\\",\\"class\\":\\"media-element file-default\\"}}]]

    \\r\\n\\r\\n

    Step 3) Provide a mobile phone for two-factor authentication

    \\r\\n\\r\\n

    Two-factor authentication is mandatory to secure an API. You can enter your mobile number in +<country code><mobile number> format to receive an OTP. The OTP is sent as a text message to the mobile phone. Please note that you may not receive the OTP if DND or any other such feature is enabled in your country.

    \\r\\n\\r\\n

    Note: This step does not occur in real scenarios. The mobile number to which the OTP is sent is known to the consent app and is kept confidential. An OTP will be directly sent the registered mobile number. However, to try the APIs easily and for the purposes of the sandbox we have modified the flow to accept the mobile number as input.

    \\r\\n\\r\\n

    [[{\\"fid\\":\\"172\\",\\"view_mode\\":\\"default\\",\\"type\\":\\"media\\",\\"attributes\\":{\\"height\\":\\"420\\",\\"width\\":\\"481\\",\\"class\\":\\"media-element file-default\\"}}]]

    \\r\\n\\r\\n

    Step 4) Enter the OTP

    \\r\\n\\r\\n

    Enter the OTP received on your mobile.

    \\r\\n\\r\\n

    [[{\\"fid\\":\\"173\\",\\"view_mode\\":\\"default\\",\\"type\\":\\"media\\",\\"attributes\\":{\\"height\\":\\"411\\",\\"width\\":\\"486\\",\\"class\\":\\"media-element file-default\\"}}]]

    \\r\\n\\r\\n

    Step 5) Give consent on the account ID

    \\r\\n\\r\\n

    At this time all account IDs that this customer owns with the bank will be presented. You will need to choose one of them. Consent will be given only for account access or payment.

    \\r\\n\\r\\n

    [[{\\"fid\\":\\"174\\",\\"view_mode\\":\\"default\\",\\"type\\":\\"media\\",\\"attributes\\":{\\"height\\":\\"448\\",\\"width\\":\\"482\\",\\"class\\":\\"media-element file-default\\"}}]]

    \\r\\n\\r\\n

    After the completion of this flow you will see the button "OAuth 2.0 Set" turn into "OAuth 2.0 Authenticated." This means the API explorer has the access token that it will present when you fire the APIs. To remove the authentication click on the "x" on this button. 

    \\r\\n", + \'value\' => "

    Overview

    \\r\\n\\r\\n

    We have created a sandbox environment that behaves like the APIs of a live bank. We offer all the APIs that are listed in the catalogue and data of two sample banks. Here is some key sample data that you can use in your app.

    \\r\\n

     

    \\r\\n

    Sample data

    \\r\\n

    Sandbox is preloaded with two banks and customers and accounts.

    \\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n\\r\\n
    BankCustomerIdAccount
    Bank\\r\\n

    10203040

    \\r\\n

    10203040

    \\r\\n

    10203040

    \\r\\n    		\\r\\n

    987654321

    \\r\\n

    111111111

    \\r\\n

    123459876

    \\r\\n
    \\r\\n

     

    \\r\\n

    Note: Customer numbers are marked in blue. These customer numbers are not configured with registered mobile numbers. So the OTP entered during the consent flow can be any random number. During a real flow the OTP is sent to the registered mobile number only and the mobile number is confidential and known only to the bank.

    \\r\\n

    Trying the APIs

    \\r\\n

    Each API can be tried using the API explorer. You can use the sample data mentioned above and to try and test the APIs. To try the APIs, click on the particular API in the menu. You will see a tab that says \\"Try it.\\" This section describes the APIs and provides the ability to make API calls.

    \\r\\n

     

    \\r\\n

    Authentication and consent

    \\r\\n

    To enable live interaction with APIs in the sandbox, we\'ve provided an implementation of the authentication and consent app. APIs such as account information or payment transfer require explicit end-user consent. Follow these steps to authorize before you can fire the APIs. 

    \\r\\n

    Note: Autho​rization calls require a client ID. In this case, however, we have preconfigured the flow with a client ID, so the consent app flow is demonstrated without using a client ID.

    \\r\\n

     

    \\r\\n

    Step 1) Initiate authorization

    \\r\\n

    Each API is provided with a section under API explorer where you can run the API and see the results. When an API is configured to have authorization completed (i.e. to present an access token), you will see a button titled \\"OAuth 2.0 Set.\\" Clicking on this button will start the OAuth flow and consent app flow.

    \\r\\n

    Step 2) Enter credentials

    \\r\\n

    Enter the customer number and password.

    \\r\\n

     

    \\r\\n

    Step 3) Give consent on the account ID

    \\r\\n

    At this time all account IDs that this customer owns with the bank will be presented. You will need to choose one of them. Consent will be given only for account access or payment.

    \\r\\n

    After the completion of this flow you will see the button \\"OAuth 2.0 Set\\" turn into \\"OAuth 2.0 Authenticated.\\" This means the API explorer has the access token that it will present when you fire the APIs. To remove the authentication click on the \\"x\\" on this button. 

    \\r\\n

    Step 4) Enter the OTP

    \\r\\n

    Enter the OTP (any random nuber) .

    \\r\\n

     

    ", \'summary\' => \'\', \'format\' => \'full_html\', - \'safe_value\' => "

    Overview

    \\n

    We have created a sandbox environment that behaves like the APIs of a live bank. We offer all the APIs that are listed in the catalogue and data of two sample banks. Here is some key sample data that you can use in your app.

    \\n

     

    \\n

    Sample data

    \\n

    Sandbox is preloaded with two banks and customers and accounts.

    \\n\\n\\n\\n\\n\\n\\n
    BankCustomerAccount
    Bank\\n

    123456789

    \\n

    46582398

    \\n

    62936395

    \\n

    84487942

    \\n    		\\n

    2139531801

    \\n

    1039531801

    \\n

    17109552631

    \\n

    74379891646

    \\n

     

    \\n

    Note: Some customer numbers are marked in blue. These customer numbers are not configured with registered mobile numbers, so during the consent flow you can enter a mobile number to receive the OTP. This enables the user to experience the complete flow without having to update the customer number with phone numbers. During a real flow the OTP is sent to the registered mobile number only and the mobile number is confidential and known only to the bank.

    \\n

    Trying the APIs

    \\n

    Each API can be tried using the API explorer. You can use the sample data mentioned above and to try and test the APIs. To try the APIs, click on the particular API in the menu. You will see a tab that says \\"Try it.\\" This section describes the APIs and provides the ability to make API calls.

    \\n

     

    \\n

    Authentication and consent

    \\n

    To enable live interaction with APIs in the sandbox, we\'ve provided an implementation of the authentication and consent app. APIs such as account information or payment transfer require explicit end-user consent. Follow these steps to authorize before you can fire the APIs. 

    \\n

    Note: Autho​rization calls require a client ID. In this case, however, we have preconfigured the flow with a client ID, so the consent app flow is demonstrated without using a client ID.

    \\n

     

    \\n

    Step 1) Initiate authorization

    \\n

    Each API is provided with a section under API explorer where you can run the API and see the results. When an API is configured to have authorization completed (i.e. to present an access token), you will see a button titled \\"OAuth 2.0 Set.\\" Clicking on this button will start the OAuth flow and consent app flow.

    \\n

    \\n\\n

    2consent-0.png

    \\n \\n \\n
    \\n \\"\\"
    \\n\\n \\n
    \\n

    \\n

    Step 2) Enter credentials

    \\n

    Enter the customer number given the sample data section above. You can type any password.

    \\n

    \\n\\n

    4consent.png

    \\n \\n \\n
    \\n \\"\\"
    \\n\\n \\n
    \\n

    \\n

    Step 3) Provide a mobile phone for two-factor authentication

    \\n

    Two-factor authentication is mandatory to secure an API. You can enter your mobile number in +<country code><mobile number> format to receive an OTP. The OTP is sent as a text message to the mobile phone. Please note that you may not receive the OTP if DND or any other such feature is enabled in your country.

    \\n

    Note: This step does not occur in real scenarios. The mobile number to which the OTP is sent is known to the consent app and is kept confidential. An OTP will be directly sent the registered mobile number. However, to try the APIs easily and for the purposes of the sandbox we have modified the flow to accept the mobile number as input.

    \\n

    \\n\\n

    4consent2.png

    \\n \\n \\n
    \\n \\"\\"
    \\n\\n \\n
    \\n

    \\n

    Step 4) Enter the OTP

    \\n

    Enter the OTP received on your mobile.

    \\n

    \\n\\n

    4consent3.png

    \\n \\n \\n
    \\n \\"\\"
    \\n\\n \\n
    \\n

    \\n

    Step 5) Give consent on the account ID

    \\n

    At this time all account IDs that this customer owns with the bank will be presented. You will need to choose one of them. Consent will be given only for account access or payment.

    \\n

    \\n\\n

    4consent4.png

    \\n \\n \\n
    \\n \\"\\"
    \\n\\n \\n
    \\n

    \\n

    After the completion of this flow you will see the button \\"OAuth 2.0 Set\\" turn into \\"OAuth 2.0 Authenticated.\\" This means the API explorer has the access token that it will present when you fire the APIs. To remove the authentication click on the \\"x\\" on this button. 

    \\n", + \'safe_value\' => "

    Overview

    \\n

    We have created a sandbox environment that behaves like the APIs of a live bank. We offer all the APIs that are listed in the catalogue and data of two sample banks. Here is some key sample data that you can use in your app.

    \\n

     

    \\n

    Sample data

    \\n

    Sandbox is preloaded with two banks and customers and accounts.

    \\n\\n\\n\\n\\n\\n\\n
    BankCustomerIdAccount
    Bank\\n

    10203040

    \\n

    10203040

    \\n

    10203040

    \\n    		\\n

    987654321

    \\n

    111111111

    \\n

    123459876

    \\n

     

    \\n

    Note: Customer numbers are marked in blue. These customer numbers are not configured with registered mobile numbers. So the OTP entered during the consent flow can be any random number. During a real flow the OTP is sent to the registered mobile number only and the mobile number is confidential and known only to the bank.

    \\n

    Trying the APIs

    \\n

    Each API can be tried using the API explorer. You can use the sample data mentioned above and to try and test the APIs. To try the APIs, click on the particular API in the menu. You will see a tab that says \\"Try it.\\" This section describes the APIs and provides the ability to make API calls.

    \\n

     

    \\n

    Authentication and consent

    \\n

    To enable live interaction with APIs in the sandbox, we\'ve provided an implementation of the authentication and consent app. APIs such as account information or payment transfer require explicit end-user consent. Follow these steps to authorize before you can fire the APIs. 

    \\n

    Note: Autho​rization calls require a client ID. In this case, however, we have preconfigured the flow with a client ID, so the consent app flow is demonstrated without using a client ID.

    \\n

     

    \\n

    Step 1) Initiate authorization

    \\n

    Each API is provided with a section under API explorer where you can run the API and see the results. When an API is configured to have authorization completed (i.e. to present an access token), you will see a button titled \\"OAuth 2.0 Set.\\" Clicking on this button will start the OAuth flow and consent app flow.

    \\n

    Step 2) Enter credentials

    \\n

    Enter the customer number and password.

    \\n

     

    \\n

    Step 3) Give consent on the account ID

    \\n

    At this time all account IDs that this customer owns with the bank will be presented. You will need to choose one of them. Consent will be given only for account access or payment.

    \\n

    After the completion of this flow you will see the button \\"OAuth 2.0 Set\\" turn into \\"OAuth 2.0 Authenticated.\\" This means the API explorer has the access token that it will present when you fire the APIs. To remove the authentication click on the \\"x\\" on this button. 

    \\n

    Step 4) Enter the OTP

    \\n

    Enter the OTP (any random nuber) .

    \\n

     

    \\n", \'safe_summary\' => \'\', ), ), diff --git a/src/devportal/all/modules/all_component_features/all_component_features.quicktabs.inc b/src/devportal/all/modules/all_component_features/all_component_features.quicktabs.inc index 639b4ce6..9eba04cd 100644 --- a/src/devportal/all/modules/all_component_features/all_component_features.quicktabs.inc +++ b/src/devportal/all/modules/all_component_features/all_component_features.quicktabs.inc @@ -20,7 +20,7 @@ function all_component_features_quicktabs_default_quicktabs() { $quicktabs->title = 'API Documentation'; $quicktabs->tabs = array( 0 => array( - 'vid' => 'oauthapisv2_methods', + 'vid' => 'oauth-apis-v1-0_methods', 'display' => 'frontpage', 'args' => '', 'title' => 'OAuth 2.0', @@ -28,45 +28,21 @@ function all_component_features_quicktabs_default_quicktabs() { 'type' => 'view', ), 1 => array( - 'vid' => 'accountsapisv2_methods', + 'vid' => 'accounts-apis-v1-0_methods', 'display' => 'frontpage', 'args' => '', - 'title' => 'Account Access', + 'title' => 'Accounts APIs', 'weight' => '-99', 'type' => 'view', ), 2 => array( - 'vid' => 'paymentsapisv2_methods', + 'vid' => 'payments-apis-v1-0_methods', 'display' => 'frontpage', 'args' => '', - 'title' => 'Payment Transfer', + 'title' => 'Payments APIs', 'weight' => '-98', 'type' => 'view', ), - 3 => array( - 'vid' => 'open-dataapis_methods', - 'display' => 'frontpage', - 'args' => '', - 'title' => 'Open Data', - 'weight' => '-97', - 'type' => 'view', - ), - 4 => array( - 'vid' => 'userinfoapis_methods', - 'display' => 'frontpage', - 'args' => '', - 'title' => 'User Info', - 'weight' => '-96', - 'type' => 'view', - ), - 5 => array( - 'vid' => 'productapis_methods', - 'display' => 'frontpage', - 'args' => '', - 'title' => 'Products', - 'weight' => '-95', - 'type' => 'view', - ), ); $quicktabs->renderer = 'accordion'; $quicktabs->style = 'default'; diff --git a/src/devportal/all/modules/custom/openbank_swagger/openbank_swagger.module b/src/devportal/all/modules/custom/openbank_swagger/openbank_swagger.module index 02b206db..475045ee 100755 --- a/src/devportal/all/modules/custom/openbank_swagger/openbank_swagger.module +++ b/src/devportal/all/modules/custom/openbank_swagger/openbank_swagger.module @@ -4,12 +4,13 @@ require_once DRUPAL_ROOT . '/profiles/apigee/modules/custom/devconnect/lib/Crypt //define('SMARTDOCS_SAMPLE_PETSTORE_MODEL', 'petstore example'); //define('SMARTDOCS_SAMPLE_WEATHER_MODEL', 'weather example'); -define('SMARTDOCS_OAUTH_MODEL', 'oauthapisv2'); -define('SMARTDOCS_ACCOUNTS_MODEL', 'accountsapisv2'); -define('SMARTDOCS_OPENDATA_MODEL', 'open-dataapis'); -define('SMARTDOCS_PAYMENT_MODEL', 'paymentsapisv2'); +define('SMARTDOCS_OAUTH_MODEL', 'oauth-apis-v1-0'); +define('SMARTDOCS_ACCOUNTS_MODEL', 'accounts-apis-v1-0'); +define('SMARTDOCS_PAYMENT_MODEL', 'payments-apis-v1-0'); + +/*define('SMARTDOCS_OPENDATA_MODEL', 'open-dataapis'); define('SMARTDOCS_USERINFO_MODEL', 'userinfoapis'); -define('SMARTDOCS_PRODUCTS_MODEL', 'productapis'); +define('SMARTDOCS_PRODUCTS_MODEL', 'productapis');*/ ini_set('arg_separator.output', '&'); @@ -89,7 +90,8 @@ function custom_apigee_smartdocs_import_model_content() { ); */ - $model_display_name = 'oauthapisv2'; + // oauth APIs + $model_display_name = 'OAuth APIs V1.0'; $model_description = 'OAuth API documentation.'; $operations[] = array( 'custom_apigee_batch_smartdocs_create_model', @@ -100,7 +102,7 @@ function custom_apigee_smartdocs_import_model_content() { ), ); - $model_import_file = drupal_get_path('module', 'openbank_swagger') . '/swaggers/authv2.json'; + $model_import_file = drupal_get_path('module', 'openbank_swagger') . '/swaggers/oauthv1-0.json'; $operations[] = array( 'custom_apigee_batch_smartdocs_import_model', array( @@ -114,7 +116,7 @@ function custom_apigee_smartdocs_import_model_content() { // Account APIs - $model_display_name = 'accountsapisv2'; + $model_display_name = 'Accounts APIs V1.0'; $model_description = 'Accounts API documentation.'; $operations[] = array( 'custom_apigee_batch_smartdocs_create_model', @@ -125,7 +127,7 @@ function custom_apigee_smartdocs_import_model_content() { ), ); - $model_import_file = drupal_get_path('module', 'openbank_swagger') . '/swaggers/accountsinfov2.json'; + $model_import_file = drupal_get_path('module', 'openbank_swagger') . '/swaggers/accountv1-0.json'; $operations[] = array( 'custom_apigee_batch_smartdocs_import_model', array( @@ -139,7 +141,7 @@ function custom_apigee_smartdocs_import_model_content() { // Opendata APIS - $model_display_name = 'open-dataapis'; + /*$model_display_name = 'open-dataapis'; $model_description = 'OpenData API documentation.'; $operations[] = array( 'custom_apigee_batch_smartdocs_create_model', @@ -159,11 +161,11 @@ function custom_apigee_smartdocs_import_model_content() { 'swagger', 'application/json', ), - ); + );*/ // Payment APIs - $model_display_name = 'paymentsapisv2'; + $model_display_name = 'Payments APIs V1.0'; $model_description = 'Payment API documentation.'; $operations[] = array( 'custom_apigee_batch_smartdocs_create_model', @@ -174,7 +176,7 @@ function custom_apigee_smartdocs_import_model_content() { ), ); - $model_import_file = drupal_get_path('module', 'openbank_swagger') . '/swaggers/paymentsV2.json'; + $model_import_file = drupal_get_path('module', 'openbank_swagger') . '/swaggers/paymentv1-0.json'; $operations[] = array( 'custom_apigee_batch_smartdocs_import_model', array( @@ -186,7 +188,7 @@ function custom_apigee_smartdocs_import_model_content() { ); // UserInfo APIs - $model_display_name = 'userinfoapis'; + /*$model_display_name = 'userinfoapis'; $model_description = 'User information API documentation.'; $operations[] = array( 'custom_apigee_batch_smartdocs_create_model', @@ -206,11 +208,11 @@ function custom_apigee_smartdocs_import_model_content() { 'swagger', 'application/json', ), - ); + );*/ //products model - $model_display_name = 'productapis'; + /*$model_display_name = 'productapis'; $model_description = 'User information API documentation.'; $operations[] = array( 'custom_apigee_batch_smartdocs_create_model', @@ -230,7 +232,7 @@ function custom_apigee_smartdocs_import_model_content() { 'swagger', 'application/json', ), - ); + );*/ @@ -270,9 +272,9 @@ function custom_apigee_smartdocs_render_model_content() { $batch_oauth = custom_get_smartdocs_render_batch(SMARTDOCS_OAUTH_MODEL); $batch_accounts = custom_get_smartdocs_render_batch(SMARTDOCS_ACCOUNTS_MODEL); $batch_payment = custom_get_smartdocs_render_batch(SMARTDOCS_PAYMENT_MODEL); - $batch_opendata = custom_get_smartdocs_render_batch(SMARTDOCS_OPENDATA_MODEL); - $batch_userinfo = custom_get_smartdocs_render_batch(SMARTDOCS_USERINFO_MODEL); - $batch_products = custom_get_smartdocs_render_batch(SMARTDOCS_PRODUCTS_MODEL); + // $batch_opendata = custom_get_smartdocs_render_batch(SMARTDOCS_OPENDATA_MODEL); + //$batch_userinfo = custom_get_smartdocs_render_batch(SMARTDOCS_USERINFO_MODEL); + //$batch_products = custom_get_smartdocs_render_batch(SMARTDOCS_PRODUCTS_MODEL); $operations = array(); @@ -291,7 +293,9 @@ function custom_apigee_smartdocs_render_model_content() { if ($batch_payment != NULL) { $operations = array_merge($operations, $batch_payment['operations']); } - if ($batch_opendata != NULL) { + + + /*if ($batch_opendata != NULL) { $operations = array_merge($operations, $batch_opendata['operations']); } if ($batch_userinfo != NULL) { @@ -299,7 +303,7 @@ function custom_apigee_smartdocs_render_model_content() { } if ($batch_products != NULL) { $operations = array_merge($operations, $batch_products['operations']); - } + }*/ // Get batches to render model nodes complete. ############################################################# // Merge batches to return. diff --git a/src/devportal/all/modules/custom/openbank_swagger/swaggers/accountsinfov2.json b/src/devportal/all/modules/custom/openbank_swagger/swaggers/accountsinfov2.json deleted file mode 100644 index 9920791d..00000000 --- a/src/devportal/all/modules/custom/openbank_swagger/swaggers/accountsinfov2.json +++ /dev/null @@ -1,1297 +0,0 @@ -{ - "swagger": "2.0", - "host": "testdemorrai-test.apigee.net", - "schemes": [ - "https" - ], - "info": { - "description": "Customer Bank Account Information", - "title": "Account Information", - "version": "0.0.1", - "termsOfService": "http://example.com/about/terms", - "contact": { - "name": "API Docs", - "url": "http://example.com/contact", - "email": "solution-ninjas@google.com" - }, - "license": { - "name": "Apache 2.0", - "url": "http://example.com" - } - }, - "basePath": "/apis/v2/accounts", - "paths": { - "/accounts-requests": { - "post": { - "description": "

    Create a new account Request

    ", - "summary": "Create a new Account Request", - "operationId": "Create AccountRequest", - "tags": [ - "Create AccountRequest" - ], - "consumes": ["application/json"], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AccReqResponse" - } - }, - "400": { - "description": "Bad Request" - }, - "401": { - "description": "Unauthorized access" - } - }, - "parameters": [{ - "name": "Authorization", - "in": "header", - "description": "This is Mandatory parameter. Authorization Bearer {token}; token obtained using grant_type as 'client_credentials' (App credential based authorization) using Oauth API", - "type": "string", - "required": true - }, - { - "name": "Content-Type", - "in": "header", - "description": "Content-Type application/json", - "type": "string", - "default": "application/json", - "required": true - }, - { - "name": "AccountRequest", - "in": "body", - "description": "Account Request details", - "schema": { - "$ref": "#/definitions/NewAccountRequest" - }, - "required": true - } - ] - } - }, - "/accounts-requests/{accountRequestId}": { - "get": { - "description": "

    This will return the account request details related to a specific account request Id provided in the path parameter

    ", - "summary": "get Account Request ", - "operationId": "Get Account Request", - "tags": [ - "Get AccountRequest" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AccReqResponse" - } - }, - "400": { - "description": "Bad Request" - } - }, - - "parameters": [{ - "name": "Authorization", - "in": "header", - "description": "Authorization Bearer Token", - "type": "string", - "required": true - }, - { - "name": "accountRequestId", - "in": "path", - "description": "Account Request Id ", - "type": "string", - "required": true - } - ] - } - }, - "/{AccountId}/balance": { - "get": { - "description": "

    This will return the account balance of a specific account of the user provided in the path parameter

    ", - "summary": "Account Balance ", - "operationId": "Account Balance", - "tags": [ - "AccountBalance" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AccountBalance" - } - }, - "400": { - "description": "Bad Request" - } - }, - "security": [{ - "aisp_auth": ["accounts"] - }], - "parameters": [{ - "name": "Authorization", - "in": "header", - "description": "Authorization Bearer Token", - "type": "string" - }, - { - "name": "AccountId", - "in": "path", - "description": "Account Id of the customer", - "type": "string", - "required": true - } - ] - } - }, - "/{AccountId}": { - "get": { - "description": "

    This will return the account Information of a specific account of the user provided in the path parameter

    ", - "summary": "Account Information ", - "operationId": "Account Information", - "tags": [ - "AccountInformation" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AccountInformation" - } - }, - "400": { - "description": "Bad Request" - } - }, - "security": [{ - "aisp_auth": ["accounts"] - }], - "parameters": [{ - "name": "Authorization", - "in": "header", - "description": "Authorization Bearer Token", - "type": "string" - }, - { - "name": "AccountId", - "in": "path", - "description": "Account Id of the customer", - "type": "string", - "required": true - } - ] - } - }, - "/{AccountId}/transactions": { - "get": { - "description": "

    This will return list of all the transactions of a specific account of the user provided in the path parameter

    ", - "summary": "Account Transactions ", - "operationId": "Account Transactions", - "tags": [ - "AccountTransactions" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AccountTransactions" - } - }, - "400": { - "description": "Bad Request" - } - }, - "security": [{ - "aisp_auth": ["accounts"] - }], - "parameters": [{ - "name": "Authorization", - "in": "header", - "description": "Authorization Bearer Token", - "type": "string" - }, - { - "name": "AccountId", - "in": "path", - "description": "Account Id of the customer", - "type": "string", - "required": true - } - ] - } - }, - "/{AccountId}/beneficiaries": { - "get": { - "description": "

    This will return list of all the beneficiaries of a specific account of the customer provided in the path parameter

    ", - "summary": "Account Beneficiaries ", - "operationId": "Account Beneficiaries", - "tags": [ - "AccountBeneficiaries" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AccountBeneficiaries" - } - }, - "400": { - "description": "Bad Request" - } - }, - "security": [{ - "aisp_auth": ["accounts"] - }], - "parameters": [{ - "name": "Authorization", - "in": "header", - "description": "Authorization Bearer Token", - "type": "string" - }, - { - "name": "AccountId", - "in": "path", - "description": "Account Id of the customer", - "type": "string", - "required": true - } - ] - } - }, - "/{AccountId}/standing-orders": { - "get": { - "description": "

    This will return list of all the standing orders of a specific account of the user provided in the path parameter

    ", - "summary": "Account StandingOrders ", - "operationId": "Account StandingOrders", - "tags": [ - "AccountStandingOrders" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AccountStandingOrders" - } - }, - "400": { - "description": "Bad Request" - } - }, - "security": [{ - "aisp_auth": ["accounts"] - }], - "parameters": [{ - "name": "Authorization", - "in": "header", - "description": "Authorization Bearer Token", - "type": "string" - }, - { - "name": "AccountId", - "in": "path", - "description": "Account Id of the customer", - "type": "string", - "required": true - } - ] - } - }, - "/{AccountId}/direct-debits": { - "get": { - "description": "

    This will return list of all the direct debits of a specific account of the user provided in the path parameter

    ", - "summary": "Account DirectDebits ", - "operationId": "Account DirectDebits", - "tags": [ - "AccountDirectDebits" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AccountDirectDebits" - } - }, - "400": { - "description": "Bad Request" - } - }, - "security": [{ - "aisp_auth": ["accounts"] - }], - "parameters": [{ - "name": "Authorization", - "in": "header", - "description": "Authorization Bearer Token", - "type": "string" - }, - { - "name": "AccountId", - "in": "path", - "description": "Account Id of the customer", - "type": "string", - "required": true - } - ] - } - }, - "/": { - "get": { - "description": "

    This will return account information of all accounts of the user provided in the account request

    ", - "summary": "Customer Info ", - "operationId": "Customer Info", - "tags": [ - "CustomerInfo" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/CustomerInfo" - } - }, - "400": { - "description": "Bad Request" - } - }, - "security": [{ - "aisp_auth": ["accounts"] - }], - "parameters": [{ - "name": "Authorization", - "in": "header", - "description": "Authorization Bearer Token", - "type": "string" - }] - } - }, - "/balance": { - "get": { - "description": "

    This will return balance information of all accounts of the user provided in the account request

    ", - "summary": "Customer Balance ", - "operationId": "Customer Balance", - "tags": [ - "CustomerBalance" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AccountBalance" - } - }, - "400": { - "description": "Bad Request" - } - }, - "security": [{ - "aisp_auth": ["accounts"] - }], - "parameters": [{ - "name": "Authorization", - "in": "header", - "description": "Authorization Bearer Token", - "type": "string" - }] - } - }, - "/transactions": { - "get": { - "description": "

    This will return list of transactions of all accounts of the user provided in the account request

    ", - "summary": "Customer Transactions ", - "operationId": "Customer Transactions", - "tags": [ - "CustomerTransactions" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AccountTransactions" - } - }, - "400": { - "description": "Bad Request" - } - }, - "security": [{ - "aisp_auth": ["accounts"] - }], - "parameters": [{ - "name": "Authorization", - "in": "header", - "description": "Authorization Bearer Token", - "type": "string" - }] - } - }, - "/beneficiaries": { - "get": { - "description": "

    This will return list of beneficiaries associated with all accounts of the user provided in the account request

    ", - "summary": "Customer Beneficiaries ", - "operationId": "Customer Beneficiaries", - "tags": [ - "CustomerBeneficiaries" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AccountBeneficiaries" - } - }, - "400": { - "description": "Bad Request" - } - }, - "security": [{ - "aisp_auth": ["accounts"] - }], - "parameters": [{ - "name": "Authorization", - "in": "header", - "description": "Authorization Bearer Token", - "type": "string" - }] - } - }, - "/standing-orders": { - "get": { - "description": "

    This will return list of standing orders associated with all accounts of the user provided in the account request

    ", - "summary": "Customer StandingOrders ", - "operationId": "Customer StandingOrders", - "tags": [ - "CustomerStandingOrders" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AccountStandingOrders" - } - }, - "400": { - "description": "Bad Request" - } - }, - "security": [{ - "aisp_auth": ["accounts"] - }], - "parameters": [{ - "name": "Authorization", - "in": "header", - "description": "Authorization Bearer Token", - "type": "string" - }] - } - }, - "/direct-debits": { - "get": { - "description": "

    This will return list of direct debits associated with all accounts of the user provided in the account request

    ", - "summary": "Customer DirectDebits ", - "operationId": "Customer DirectDebits", - "tags": [ - "CustomerDirectDebits" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AccountDirectDebits" - } - }, - "400": { - "description": "Bad Request" - } - }, - "security": [{ - "aisp_auth": ["accounts"] - }], - "parameters": [{ - "name": "Authorization", - "in": "header", - "description": "Authorization Bearer Token", - "type": "string" - }] - } - } - }, - - "securityDefinitions": { - "aisp_auth": { - "type": "oauth2", - "authorizationUrl": "https://testdemorrai-test.apigee.net/apis/v2/oauth/authorize?client_id=bkJ2TvlHG2xw0kg59WLDTxzJrXPi8mHh&redirect_uri=http://localhost/&response_type=code&state=af0ifjsldkj&scope=accounts&acr_values=2&request_id=firstaccountrequest", - "tokenUrl": "https://testdemorrai-test.apigee.net/apis/v2/oauth/token", - "flow": "accessCode", - "scopes": { - "accounts": "AISP apis" - } - } - }, - "definitions": { - "NewAccountRequest": { - "type": "object", - "description": "New Accounts Request", - "properties": { - "ExpiresAt": { - "type": "string", - "description": "Determines what time the Request Expires" - }, - "Permissions": { - "type": "array", - "items" : - { - "type": "string" - }, - "description": "Permissions being Requested" - }, - "PermissionsExpirationDateTime": { - "type": "string", - "description": "Expiritaion Time for Permissions" - }, - "TransactionFromDateTime": { - "type": "string", - "description": "Transaction From DateTime" - }, - "TransactionToDateTime": { - "type": "string", - "description": "Transaction To DateTime" - }, - - "SelectedAccounts": { - "type": "array", - "description": "Accounts for which Account Request is made", - "items": { - "type": "object", - "properties": { - "Account": { - "type": "object", - "description": "Accounts Details", - "properties": { - "Name": { - "type": "string", - "description": "Name of account" - }, - "SchemeName": { - "type": "string", - "description": "SchemeName of account" - }, - "Identification": { - "type": "string", - "description": "Identification of account" - }, - "SecondaryIdentification": { - "type": "string", - "description": "Secondary Identification of account" - } - - } - }, - "Servicer": { - "type": "object", - "description": "Servicer", - "properties": { - "SchemeName": { - "type": "string", - "description": "Scheme Name of Servicer" - }, - "Identification": { - "type": "string", - "description": "Identification of Servicer" - } - - } - - } - } - } - } - } - }, - "CustomerInfo": { - "description": "Account Information Object", - "type": "object", - "properties": { - "AccountId": { - "type": "string", - "description": "A unique identifier used to identify the account resource. This identifier has no meaning to the account owner" - }, - "Currency": { - "type": "string", - "description": "Identification of the currency in which the account is held. Usage: Currency should only be used in case one and the same account number covers several currencies and the initiating party needs to identify which currency needs to be used for settlement on the account." - }, - "Nickname": { - "type": "string", - "description": "The nickname of the account, assigned by the account owner in order to provide an additional means of identification of the account." - }, - "Account": { - "type": "object", - "properties": { - "SecondaryIdentification": { - "type": "string", - "description": "This is secondary identification of the account, as assigned by the account servicing institution. This can be used by building societies to additionally identify accounts with a roll number" - }, - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of the servicing institution." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - }, - "Name": { - "type": "string", - "description": "Name of the account, as assigned by the account servicing institution" - } - } - - }, - "Servicer": { - "type": "object", - "properties": { - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of the servicing institution." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - } - } - } - }, - "xml": { - "name": "CustomerInfo" - } - }, - "AccountInformation": { - "description": "Account Information Object", - "type": "object", - "properties": { - "AccountId": { - "type": "string", - "description": "A unique identifier used to identify the account resource. This identifier has no meaning to the account owner" - }, - "Currency": { - "type": "string", - "description": "Identification of the currency in which the account is held. Usage: Currency should only be used in case one and the same account number covers several currencies and the initiating party needs to identify which currency needs to be used for settlement on the account." - }, - "Nickname": { - "type": "string", - "description": "The nickname of the account, assigned by the account owner in order to provide an additional means of identification of the account." - }, - "Account": { - "type": "object", - "properties": { - "SecondaryIdentification": { - "type": "string", - "description": "This is secondary identification of the account, as assigned by the account servicing institution. This can be used by building societies to additionally identify accounts with a roll number" - }, - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of the servicing institution." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - }, - "Name": { - "type": "string", - "description": "Name of the account, as assigned by the account servicing institution" - } - } - - }, - "Servicer": { - "type": "object", - "properties": { - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of the servicing institution." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - } - } - } - }, - "xml": { - "name": "CustomerInfo" - } - }, - "AccountBalance": { - "description": "Account Balance Object", - "type": "object", - "properties": { - "AccountId": { - "type": "string", - "description": "A unique identifier used to identify the account resource. This identifier has no meaning to the account owner." - }, - "CreditDebitIndicator": { - "type": "string", - "description": "Indicates whether the balance is a credit or a debit balance. Usage: A zero balance is considered to be a credit balance." - }, - "Type": { - "type": "string", - "description": "Balance type, in a coded form." - }, - "Amount": { - "type": "object", - "properties": { - "Amount": { - "type": "string", - "description": "Amount To be transferred" - }, - "Currency": { - "type": "string", - "description": "A code allocated to a currency by a Maintenance Agency " - } - } - }, - "Date": { - "type": "object", - "properties": { - "Date": { - "type": "string", - "description": "ISO Date YYYY-MM-DD" - }, - "DateTime": { - "type": "string", - "description": "1SO Date YYYY-MM-DD hh:mm:ss" - } - } - }, - "CreditLine": { - "type": "object", - "properties": { - "Included": { - "type": "boolean", - "description": "Indicates whether or not the credit line is included in the balance of the account" - }, - "Type": { - "type": "string", - "description": "Limit type, in a coded form." - }, - - "Amount": { - "type": "object", - "properties": { - "Amount": { - "type": "string", - "description": "Amount To be transferred" - }, - "Currency": { - "type": "string", - "description": "A code allocated to a currency by a Maintenance Agency " - } - } - } - } - } - }, - "xml": { - "name": "AccountBalance" - } - }, - "AccountTransactions": { - "description": "Account Transaction Object", - "type": "object", - "properties": { - "AccountId": { - "type": "string", - "description": "Account number to be used for the purposes of display. It does not give the complete account number but an obfuscated version only showing last 4 digits. Leading digits are replaced by ‘X’." - }, - "TransactionId": { - "type": "string", - "description": "maxLength 40 text" - }, - "TransactionReference": { - "type": "string", - "description": "Unique reference for the transaction" - }, - "CreditDebitIndicator": { - "type": "string", - "description": "Indicates whether the entry is a credit or a debit entry" - }, - "Status": { - "type": "string", - "description": "Status of an entry on the books of the account servicer." - }, - "TransactionInformation": { - "type": "string", - "description": "Further details of the transaction" - }, - "AddressLine": { - "type": "string", - "description": "Information that locates and identifies a specific address" - }, - "Amount": { - "type": "object", - "properties": { - "Amount": { - "type": "string", - "description": "Amount To be transferred" - }, - "Currency": { - "type": "string", - "description": "A code allocated to a currency by a Maintenance Agency " - } - } - }, - "BookingDate": { - "type": "object", - "properties": { - "Date": { - "type": "string", - "description": "ISO Date YYYY-MM-DD" - }, - "DateTime": { - "type": "string", - "description": "1SO Date YYYY-MM-DD hh:mm:ss" - } - } - }, - "ValueDate": { - "type": "object", - "properties": { - "Date": { - "type": "string", - "description": "ISO Date YYYY-MM-DD" - }, - "DateTime": { - "type": "string", - "description": "1SO Date YYYY-MM-DD hh:mm:ss" - } - } - }, - "BankTransactionCode": { - "type": "object", - "properties": { - "Code": { - "type": "string", - "description": "Proprietary bank transaction code to identify the underlying transaction." - }, - "SubCode": { - "type": "string", - "description": "Identification of the issuer of the proprietary bank transaction code" - } - } - }, - "Balance": { - "type": "object", - "properties": { - "CreditDebitIndicator": { - "type": "string", - "description": "Indicates whether the balance is a credit or a debit balance" - }, - "Type": { - "type": "string", - "description": "Balance type, in a coded form." - }, - - "Amount": { - "type": "object", - "properties": { - "Amount": { - "type": "string", - "description": "Amount To be transferred" - }, - "Currency": { - "type": "string", - "description": "A code allocated to a currency by a Maintenance Agency " - } - } - } - } - }, - "ProprietaryBankTransactionCode": { - "type": "object", - "properties": { - "Code": { - "type": "string", - "description": "Proprietary bank transaction code to identify the underlying transaction." - }, - "Issuer": { - "type": "string", - "description": "Identification of the issuer of the proprietary bank transaction code." - } - } - }, - "MerchantDetails": { - "type": "object", - "properties": { - "Name": { - "type": "string", - "description": "Name by which the merchant is known." - }, - "MerchantCategoryCode": { - "type": "string", - "description": "Category code conform to ISO 18245, related to the type of services or goods the merchant provides for the transaction." - } - } - } - }, - "xml": { - "name": "AccountTransactions" - } - }, - "AccountBeneficiaries": { - "description": "Account Beneficiary Object", - "type": "object", - "properties": { - "AccountId": { - "type": "string", - "description": "Account number to be used for the purposes of display. It does not give the complete account number but an obfuscated version only showing last 4 digits. Leading digits are replaced by ‘X’." - }, - "BeneficiaryId": { - "type": "string", - "description": "maxLength 40 text" - }, - "CreditorReferenceInformation": { - "type": "string", - "description": "Unique reference for the transaction" - }, - "CreditorAccount": { - "type": "object", - "properties": { - "SecondaryIdentification": { - "type": "string", - "description": "This is secondary identification of the account, as assigned by the account servicing institution. This can be used by building societies to additionally identify accounts with a roll number" - }, - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of the servicing institution." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - }, - "Name": { - "type": "string", - "description": "Name of the account, as assigned by the account servicing institution" - } - } - - }, - "Servicer": { - "type": "object", - "properties": { - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of the servicing institution." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - } - } - } - }, - - "xml": { - "name": "AccountBeneficiaries" - } - }, - "AccReqResponse": { - "description": "Account-Request Response Object", - "type": "object", - "properties": { - "AccountRequestId": { - "type": "string", - "description": "Unique identification as assigned to identify the account request resource." - }, - "Status": { - "type": "string", - "description": "Specifies the status of the account request resource in code form." - }, - "PermissionsExpirationDateTime": { - "type": "string", - "description": "Specified date and time the permissions will expire." - }, - "TransactionFromDateTime": { - "type": "string", - "description": "Specified start date and time for the transaction query period." - }, - "TransactionToDateTime": { - "type": "string", - "description": "Specified end date and time for the transaction query period." - }, - "Permissions": { - "type": "array", - "items" : { - "type" : "string" - }, - "description": "Specified Permissions" - - }, - "SelectedAccounts": { - "type": "array", - "description": "Accounts for which Account Request is made", - "items": { - "type": "object", - "properties": { - "Account": { - "type": "object", - "description": "Accounts Details", - "properties": { - "Name": { - "type": "string", - "description": "Name of account" - }, - "SchemeName": { - "type": "string", - "description": "Scheme Name of account" - }, - "Identification": { - "type": "string", - "description": "Identification of account" - }, - "SecondaryIdentification": { - "type": "string", - "description": "Secondary Identification of account" - } - - } - }, - "Servicer": { - "type": "object", - "description": "Servicer", - "properties": { - "SchemeName": { - "type": "string", - "description": "Scheme Name of Servicer" - }, - "Identification": { - "type": "string", - "description": "Identification of Servicer" - } - - } - - } - } - } - } - }, - - "xml": { - "name": "AccReqResponse" - } - }, - "AccountStandingOrders": { - "description": "Account Standing Orders Object", - "type": "object", - "properties": { - "AccountId": { - "type": "string", - "description": "Account number to be used for the purposes of display. It does not give the complete account number but an obfuscated version only showing last 4 digits. Leading digits are replaced by ‘X’." - }, - "StandingOrderId": { - "type": "string", - "description": "A unique and immutable identifier used to identify the standing order resource." - }, - "Currency": { - "type": "string", - "description": "Identification of the currency of the standing order" - }, - "Frequency": { - "type": "string", - "description": "Frequency Of the standing order" - }, - "CreditorReferenceInformation": { - "type": "string", - "description": "Unique reference, as assigned by the creditor, to unambiguously refer to the payment transaction." - }, - "FirstPaymentDate": { - "type": "string", - "description": "The date on which the first payment for a Standing Order schedule will be made." - }, - "NextPaymentDate": { - "type": "string", - "description": "The date on which the next payment for a Standing Order schedule will be made." - }, - "FinalPaymentDate": { - "type": "string", - "description": "The date on which the final payment for a Standing Order schedule will be made" - }, - "CreditorAccount": { - "type": "object", - "properties": { - "SecondaryIdentification": { - "type": "string", - "description": "This is secondary identification of the account, as assigned by the account servicing institution. This can be used by building societies to additionally identify accounts with a roll number" - }, - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of the servicing institution." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - }, - "Name": { - "type": "string", - "description": "Name of the account, as assigned by the account servicing institution" - } - } - - }, - "Servicer": { - "type": "object", - "properties": { - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of the servicing institution." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - } - } - }, - "FirstPaymentAmount": { - "type": "object", - "properties": { - "Amount": { - "type": "string", - "description": "Amount To be transferred" - }, - "Currency": { - "type": "string", - "description": "A code allocated to a currency by a Maintenance Agency " - } - } - }, - "NextPaymentAmount": { - "type": "object", - "properties": { - "Amount": { - "type": "string", - "description": "Amount To be transferred" - }, - "Currency": { - "type": "string", - "description": "A code allocated to a currency by a Maintenance Agency " - } - } - }, - "FinalPaymentAmount": { - "type": "object", - "properties": { - "Amount": { - "type": "string", - "description": "Amount To be transferred" - }, - "Currency": { - "type": "string", - "description": "A code allocated to a currency by a Maintenance Agency " - } - } - } - - }, - - "xml": { - "name": "AccountStandingOrders" - } - - }, - "AccountDirectDebits": { - "description": "Account Direct Debits Object", - "type": "object", - "properties": { - "AccountId": { - "type": "string", - "description": "Account number to be used for the purposes of display. It does not give the complete account number but an obfuscated version only showing last 4 digits. Leading digits are replaced by ‘X’." - }, - "DirectDebitId": { - "type": "string", - "description": "A unique and immutable identifier used to identify the direct debit resource." - }, - "MandateIdentification": { - "type": "string", - "description": "Direct Debit reference" - }, - "DirectDebitStatusCode": { - "type": "string", - "description": "Specifies the status of the direct debit in code form" - }, - "Currency": { - "type": "string", - "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme" - }, - "Name": { - "type": "string", - "description": "Name of Service User" - }, - "PreviousPaymentDate": { - "type": "string", - "description": "Date of most recent direct debit collection." - }, - "PreviousPaymentAmount": { - "type": "object", - "properties": { - "Amount": { - "type": "string", - "description": "Amount To be transferred" - }, - "Currency": { - "type": "string", - "description": "A code allocated to a currency by a Maintenance Agency " - } - } - } - - }, - - "xml": { - "name": "AccountDirectDebits" - } - } - - } -} diff --git a/src/devportal/all/modules/custom/openbank_swagger/swaggers/accountsinfov2.json.template b/src/devportal/all/modules/custom/openbank_swagger/swaggers/accountsinfov2.json.template deleted file mode 100644 index 83e8c794..00000000 --- a/src/devportal/all/modules/custom/openbank_swagger/swaggers/accountsinfov2.json.template +++ /dev/null @@ -1,1297 +0,0 @@ -{ - "swagger": "2.0", - "host": "{{ host }}", - "schemes": [ - "https" - ], - "info": { - "description": "Customer Bank Account Information", - "title": "Account Information", - "version": "0.0.1", - "termsOfService": "http://example.com/about/terms", - "contact": { - "name": "API Docs", - "url": "http://example.com/contact", - "email": "solution-ninjas@google.com" - }, - "license": { - "name": "Apache 2.0", - "url": "http://example.com" - } - }, - "basePath": "/apis/v2/accounts", - "paths": { - "/accounts-requests": { - "post": { - "description": "

    Create a new account Request

    ", - "summary": "Create a new Account Request", - "operationId": "Create AccountRequest", - "tags": [ - "Create AccountRequest" - ], - "consumes": ["application/json"], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AccReqResponse" - } - }, - "400": { - "description": "Bad Request" - }, - "401": { - "description": "Unauthorized access" - } - }, - "parameters": [{ - "name": "Authorization", - "in": "header", - "description": "This is Mandatory parameter. Authorization Bearer {token}; token obtained using grant_type as 'client_credentials' (App credential based authorization) using Oauth API", - "type": "string", - "required": true - }, - { - "name": "Content-Type", - "in": "header", - "description": "Content-Type application/json", - "type": "string", - "default": "application/json", - "required": true - }, - { - "name": "AccountRequest", - "in": "body", - "description": "Account Request details", - "schema": { - "$ref": "#/definitions/NewAccountRequest" - }, - "required": true - } - ] - } - }, - "/accounts-requests/{accountRequestId}": { - "get": { - "description": "

    This will return the account request details related to a specific account request Id provided in the path parameter

    ", - "summary": "get Account Request ", - "operationId": "Get Account Request", - "tags": [ - "Get AccountRequest" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AccReqResponse" - } - }, - "400": { - "description": "Bad Request" - } - }, - - "parameters": [{ - "name": "Authorization", - "in": "header", - "description": "Authorization Bearer Token", - "type": "string", - "required": true - }, - { - "name": "accountRequestId", - "in": "path", - "description": "Account Request Id ", - "type": "string", - "required": true - } - ] - } - }, - "/{AccountId}/balance": { - "get": { - "description": "

    This will return the account balance of a specific account of the user provided in the path parameter

    ", - "summary": "Account Balance ", - "operationId": "Account Balance", - "tags": [ - "AccountBalance" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AccountBalance" - } - }, - "400": { - "description": "Bad Request" - } - }, - "security": [{ - "aisp_auth": ["accounts"] - }], - "parameters": [{ - "name": "Authorization", - "in": "header", - "description": "Authorization Bearer Token", - "type": "string" - }, - { - "name": "AccountId", - "in": "path", - "description": "Account Id of the customer", - "type": "string", - "required": true - } - ] - } - }, - "/{AccountId}": { - "get": { - "description": "

    This will return the account Information of a specific account of the user provided in the path parameter

    ", - "summary": "Account Information ", - "operationId": "Account Information", - "tags": [ - "AccountInformation" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AccountInformation" - } - }, - "400": { - "description": "Bad Request" - } - }, - "security": [{ - "aisp_auth": ["accounts"] - }], - "parameters": [{ - "name": "Authorization", - "in": "header", - "description": "Authorization Bearer Token", - "type": "string" - }, - { - "name": "AccountId", - "in": "path", - "description": "Account Id of the customer", - "type": "string", - "required": true - } - ] - } - }, - "/{AccountId}/transactions": { - "get": { - "description": "

    This will return list of all the transactions of a specific account of the user provided in the path parameter

    ", - "summary": "Account Transactions ", - "operationId": "Account Transactions", - "tags": [ - "AccountTransactions" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AccountTransactions" - } - }, - "400": { - "description": "Bad Request" - } - }, - "security": [{ - "aisp_auth": ["accounts"] - }], - "parameters": [{ - "name": "Authorization", - "in": "header", - "description": "Authorization Bearer Token", - "type": "string" - }, - { - "name": "AccountId", - "in": "path", - "description": "Account Id of the customer", - "type": "string", - "required": true - } - ] - } - }, - "/{AccountId}/beneficiaries": { - "get": { - "description": "

    This will return list of all the beneficiaries of a specific account of the customer provided in the path parameter

    ", - "summary": "Account Beneficiaries ", - "operationId": "Account Beneficiaries", - "tags": [ - "AccountBeneficiaries" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AccountBeneficiaries" - } - }, - "400": { - "description": "Bad Request" - } - }, - "security": [{ - "aisp_auth": ["accounts"] - }], - "parameters": [{ - "name": "Authorization", - "in": "header", - "description": "Authorization Bearer Token", - "type": "string" - }, - { - "name": "AccountId", - "in": "path", - "description": "Account Id of the customer", - "type": "string", - "required": true - } - ] - } - }, - "/{AccountId}/standing-orders": { - "get": { - "description": "

    This will return list of all the standing orders of a specific account of the user provided in the path parameter

    ", - "summary": "Account StandingOrders ", - "operationId": "Account StandingOrders", - "tags": [ - "AccountStandingOrders" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AccountStandingOrders" - } - }, - "400": { - "description": "Bad Request" - } - }, - "security": [{ - "aisp_auth": ["accounts"] - }], - "parameters": [{ - "name": "Authorization", - "in": "header", - "description": "Authorization Bearer Token", - "type": "string" - }, - { - "name": "AccountId", - "in": "path", - "description": "Account Id of the customer", - "type": "string", - "required": true - } - ] - } - }, - "/{AccountId}/direct-debits": { - "get": { - "description": "

    This will return list of all the direct debits of a specific account of the user provided in the path parameter

    ", - "summary": "Account DirectDebits ", - "operationId": "Account DirectDebits", - "tags": [ - "AccountDirectDebits" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AccountDirectDebits" - } - }, - "400": { - "description": "Bad Request" - } - }, - "security": [{ - "aisp_auth": ["accounts"] - }], - "parameters": [{ - "name": "Authorization", - "in": "header", - "description": "Authorization Bearer Token", - "type": "string" - }, - { - "name": "AccountId", - "in": "path", - "description": "Account Id of the customer", - "type": "string", - "required": true - } - ] - } - }, - "/": { - "get": { - "description": "

    This will return account information of all accounts of the user provided in the account request

    ", - "summary": "Customer Info ", - "operationId": "Customer Info", - "tags": [ - "CustomerInfo" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/CustomerInfo" - } - }, - "400": { - "description": "Bad Request" - } - }, - "security": [{ - "aisp_auth": ["accounts"] - }], - "parameters": [{ - "name": "Authorization", - "in": "header", - "description": "Authorization Bearer Token", - "type": "string" - }] - } - }, - "/balance": { - "get": { - "description": "

    This will return balance information of all accounts of the user provided in the account request

    ", - "summary": "Customer Balance ", - "operationId": "Customer Balance", - "tags": [ - "CustomerBalance" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AccountBalance" - } - }, - "400": { - "description": "Bad Request" - } - }, - "security": [{ - "aisp_auth": ["accounts"] - }], - "parameters": [{ - "name": "Authorization", - "in": "header", - "description": "Authorization Bearer Token", - "type": "string" - }] - } - }, - "/transactions": { - "get": { - "description": "

    This will return list of transactions of all accounts of the user provided in the account request

    ", - "summary": "Customer Transactions ", - "operationId": "Customer Transactions", - "tags": [ - "CustomerTransactions" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AccountTransactions" - } - }, - "400": { - "description": "Bad Request" - } - }, - "security": [{ - "aisp_auth": ["accounts"] - }], - "parameters": [{ - "name": "Authorization", - "in": "header", - "description": "Authorization Bearer Token", - "type": "string" - }] - } - }, - "/beneficiaries": { - "get": { - "description": "

    This will return list of beneficiaries associated with all accounts of the user provided in the account request

    ", - "summary": "Customer Beneficiaries ", - "operationId": "Customer Beneficiaries", - "tags": [ - "CustomerBeneficiaries" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AccountBeneficiaries" - } - }, - "400": { - "description": "Bad Request" - } - }, - "security": [{ - "aisp_auth": ["accounts"] - }], - "parameters": [{ - "name": "Authorization", - "in": "header", - "description": "Authorization Bearer Token", - "type": "string" - }] - } - }, - "/standing-orders": { - "get": { - "description": "

    This will return list of standing orders associated with all accounts of the user provided in the account request

    ", - "summary": "Customer StandingOrders ", - "operationId": "Customer StandingOrders", - "tags": [ - "CustomerStandingOrders" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AccountStandingOrders" - } - }, - "400": { - "description": "Bad Request" - } - }, - "security": [{ - "aisp_auth": ["accounts"] - }], - "parameters": [{ - "name": "Authorization", - "in": "header", - "description": "Authorization Bearer Token", - "type": "string" - }] - } - }, - "/direct-debits": { - "get": { - "description": "

    This will return list of direct debits associated with all accounts of the user provided in the account request

    ", - "summary": "Customer DirectDebits ", - "operationId": "Customer DirectDebits", - "tags": [ - "CustomerDirectDebits" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AccountDirectDebits" - } - }, - "400": { - "description": "Bad Request" - } - }, - "security": [{ - "aisp_auth": ["accounts"] - }], - "parameters": [{ - "name": "Authorization", - "in": "header", - "description": "Authorization Bearer Token", - "type": "string" - }] - } - } - }, - - "securityDefinitions": { - "aisp_auth": { - "type": "oauth2", - "authorizationUrl": "{{ host_withprotocol }}/apis/v2/oauth/authorize?client_id={{ client_id_aisp }}&redirect_uri={{ edge_host }}/v1/o/{{ org }}/apimodels/accountsapisv2/templateauths/aisp_auth/callback&response_type=code&state=af0ifjsldkj&scope=accounts&acr_values=2&request_id=firstaccountrequest", - "tokenUrl": "{{ host_withprotocol }}/apis/v2/oauth/token", - "flow": "accessCode", - "scopes": { - "accounts": "AISP apis" - } - } - }, - "definitions": { - "NewAccountRequest": { - "type": "object", - "description": "New Accounts Request", - "properties": { - "ExpiresAt": { - "type": "string", - "description": "Determines what time the Request Expires" - }, - "Permissions": { - "type": "array", - "items" : - { - "type": "string" - }, - "description": "Permissions being Requested" - }, - "PermissionsExpirationDateTime": { - "type": "string", - "description": "Expiritaion Time for Permissions" - }, - "TransactionFromDateTime": { - "type": "string", - "description": "Transaction From DateTime" - }, - "TransactionToDateTime": { - "type": "string", - "description": "Transaction To DateTime" - }, - - "SelectedAccounts": { - "type": "array", - "description": "Accounts for which Account Request is made", - "items": { - "type": "object", - "properties": { - "Account": { - "type": "object", - "description": "Accounts Details", - "properties": { - "Name": { - "type": "string", - "description": "Name of account" - }, - "SchemeName": { - "type": "string", - "description": "SchemeName of account" - }, - "Identification": { - "type": "string", - "description": "Identification of account" - }, - "SecondaryIdentification": { - "type": "string", - "description": "Secondary Identification of account" - } - - } - }, - "Servicer": { - "type": "object", - "description": "Servicer", - "properties": { - "SchemeName": { - "type": "string", - "description": "Scheme Name of Servicer" - }, - "Identification": { - "type": "string", - "description": "Identification of Servicer" - } - - } - - } - } - } - } - } - }, - "CustomerInfo": { - "description": "Account Information Object", - "type": "object", - "properties": { - "AccountId": { - "type": "string", - "description": "A unique identifier used to identify the account resource. This identifier has no meaning to the account owner" - }, - "Currency": { - "type": "string", - "description": "Identification of the currency in which the account is held. Usage: Currency should only be used in case one and the same account number covers several currencies and the initiating party needs to identify which currency needs to be used for settlement on the account." - }, - "Nickname": { - "type": "string", - "description": "The nickname of the account, assigned by the account owner in order to provide an additional means of identification of the account." - }, - "Account": { - "type": "object", - "properties": { - "SecondaryIdentification": { - "type": "string", - "description": "This is secondary identification of the account, as assigned by the account servicing institution. This can be used by building societies to additionally identify accounts with a roll number" - }, - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of the servicing institution." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - }, - "Name": { - "type": "string", - "description": "Name of the account, as assigned by the account servicing institution" - } - } - - }, - "Servicer": { - "type": "object", - "properties": { - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of the servicing institution." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - } - } - } - }, - "xml": { - "name": "CustomerInfo" - } - }, - "AccountInformation": { - "description": "Account Information Object", - "type": "object", - "properties": { - "AccountId": { - "type": "string", - "description": "A unique identifier used to identify the account resource. This identifier has no meaning to the account owner" - }, - "Currency": { - "type": "string", - "description": "Identification of the currency in which the account is held. Usage: Currency should only be used in case one and the same account number covers several currencies and the initiating party needs to identify which currency needs to be used for settlement on the account." - }, - "Nickname": { - "type": "string", - "description": "The nickname of the account, assigned by the account owner in order to provide an additional means of identification of the account." - }, - "Account": { - "type": "object", - "properties": { - "SecondaryIdentification": { - "type": "string", - "description": "This is secondary identification of the account, as assigned by the account servicing institution. This can be used by building societies to additionally identify accounts with a roll number" - }, - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of the servicing institution." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - }, - "Name": { - "type": "string", - "description": "Name of the account, as assigned by the account servicing institution" - } - } - - }, - "Servicer": { - "type": "object", - "properties": { - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of the servicing institution." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - } - } - } - }, - "xml": { - "name": "CustomerInfo" - } - }, - "AccountBalance": { - "description": "Account Balance Object", - "type": "object", - "properties": { - "AccountId": { - "type": "string", - "description": "A unique identifier used to identify the account resource. This identifier has no meaning to the account owner." - }, - "CreditDebitIndicator": { - "type": "string", - "description": "Indicates whether the balance is a credit or a debit balance. Usage: A zero balance is considered to be a credit balance." - }, - "Type": { - "type": "string", - "description": "Balance type, in a coded form." - }, - "Amount": { - "type": "object", - "properties": { - "Amount": { - "type": "string", - "description": "Amount To be transferred" - }, - "Currency": { - "type": "string", - "description": "A code allocated to a currency by a Maintenance Agency " - } - } - }, - "Date": { - "type": "object", - "properties": { - "Date": { - "type": "string", - "description": "ISO Date YYYY-MM-DD" - }, - "DateTime": { - "type": "string", - "description": "1SO Date YYYY-MM-DD hh:mm:ss" - } - } - }, - "CreditLine": { - "type": "object", - "properties": { - "Included": { - "type": "boolean", - "description": "Indicates whether or not the credit line is included in the balance of the account" - }, - "Type": { - "type": "string", - "description": "Limit type, in a coded form." - }, - - "Amount": { - "type": "object", - "properties": { - "Amount": { - "type": "string", - "description": "Amount To be transferred" - }, - "Currency": { - "type": "string", - "description": "A code allocated to a currency by a Maintenance Agency " - } - } - } - } - } - }, - "xml": { - "name": "AccountBalance" - } - }, - "AccountTransactions": { - "description": "Account Transaction Object", - "type": "object", - "properties": { - "AccountId": { - "type": "string", - "description": "Account number to be used for the purposes of display. It does not give the complete account number but an obfuscated version only showing last 4 digits. Leading digits are replaced by ‘X’." - }, - "TransactionId": { - "type": "string", - "description": "maxLength 40 text" - }, - "TransactionReference": { - "type": "string", - "description": "Unique reference for the transaction" - }, - "CreditDebitIndicator": { - "type": "string", - "description": "Indicates whether the entry is a credit or a debit entry" - }, - "Status": { - "type": "string", - "description": "Status of an entry on the books of the account servicer." - }, - "TransactionInformation": { - "type": "string", - "description": "Further details of the transaction" - }, - "AddressLine": { - "type": "string", - "description": "Information that locates and identifies a specific address" - }, - "Amount": { - "type": "object", - "properties": { - "Amount": { - "type": "string", - "description": "Amount To be transferred" - }, - "Currency": { - "type": "string", - "description": "A code allocated to a currency by a Maintenance Agency " - } - } - }, - "BookingDate": { - "type": "object", - "properties": { - "Date": { - "type": "string", - "description": "ISO Date YYYY-MM-DD" - }, - "DateTime": { - "type": "string", - "description": "1SO Date YYYY-MM-DD hh:mm:ss" - } - } - }, - "ValueDate": { - "type": "object", - "properties": { - "Date": { - "type": "string", - "description": "ISO Date YYYY-MM-DD" - }, - "DateTime": { - "type": "string", - "description": "1SO Date YYYY-MM-DD hh:mm:ss" - } - } - }, - "BankTransactionCode": { - "type": "object", - "properties": { - "Code": { - "type": "string", - "description": "Proprietary bank transaction code to identify the underlying transaction." - }, - "SubCode": { - "type": "string", - "description": "Identification of the issuer of the proprietary bank transaction code" - } - } - }, - "Balance": { - "type": "object", - "properties": { - "CreditDebitIndicator": { - "type": "string", - "description": "Indicates whether the balance is a credit or a debit balance" - }, - "Type": { - "type": "string", - "description": "Balance type, in a coded form." - }, - - "Amount": { - "type": "object", - "properties": { - "Amount": { - "type": "string", - "description": "Amount To be transferred" - }, - "Currency": { - "type": "string", - "description": "A code allocated to a currency by a Maintenance Agency " - } - } - } - } - }, - "ProprietaryBankTransactionCode": { - "type": "object", - "properties": { - "Code": { - "type": "string", - "description": "Proprietary bank transaction code to identify the underlying transaction." - }, - "Issuer": { - "type": "string", - "description": "Identification of the issuer of the proprietary bank transaction code." - } - } - }, - "MerchantDetails": { - "type": "object", - "properties": { - "Name": { - "type": "string", - "description": "Name by which the merchant is known." - }, - "MerchantCategoryCode": { - "type": "string", - "description": "Category code conform to ISO 18245, related to the type of services or goods the merchant provides for the transaction." - } - } - } - }, - "xml": { - "name": "AccountTransactions" - } - }, - "AccountBeneficiaries": { - "description": "Account Beneficiary Object", - "type": "object", - "properties": { - "AccountId": { - "type": "string", - "description": "Account number to be used for the purposes of display. It does not give the complete account number but an obfuscated version only showing last 4 digits. Leading digits are replaced by ‘X’." - }, - "BeneficiaryId": { - "type": "string", - "description": "maxLength 40 text" - }, - "CreditorReferenceInformation": { - "type": "string", - "description": "Unique reference for the transaction" - }, - "CreditorAccount": { - "type": "object", - "properties": { - "SecondaryIdentification": { - "type": "string", - "description": "This is secondary identification of the account, as assigned by the account servicing institution. This can be used by building societies to additionally identify accounts with a roll number" - }, - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of the servicing institution." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - }, - "Name": { - "type": "string", - "description": "Name of the account, as assigned by the account servicing institution" - } - } - - }, - "Servicer": { - "type": "object", - "properties": { - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of the servicing institution." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - } - } - } - }, - - "xml": { - "name": "AccountBeneficiaries" - } - }, - "AccReqResponse": { - "description": "Account-Request Response Object", - "type": "object", - "properties": { - "AccountRequestId": { - "type": "string", - "description": "Unique identification as assigned to identify the account request resource." - }, - "Status": { - "type": "string", - "description": "Specifies the status of the account request resource in code form." - }, - "PermissionsExpirationDateTime": { - "type": "string", - "description": "Specified date and time the permissions will expire." - }, - "TransactionFromDateTime": { - "type": "string", - "description": "Specified start date and time for the transaction query period." - }, - "TransactionToDateTime": { - "type": "string", - "description": "Specified end date and time for the transaction query period." - }, - "Permissions": { - "type": "array", - "items" : { - "type" : "string" - }, - "description": "Specified Permissions" - - }, - "SelectedAccounts": { - "type": "array", - "description": "Accounts for which Account Request is made", - "items": { - "type": "object", - "properties": { - "Account": { - "type": "object", - "description": "Accounts Details", - "properties": { - "Name": { - "type": "string", - "description": "Name of account" - }, - "SchemeName": { - "type": "string", - "description": "Scheme Name of account" - }, - "Identification": { - "type": "string", - "description": "Identification of account" - }, - "SecondaryIdentification": { - "type": "string", - "description": "Secondary Identification of account" - } - - } - }, - "Servicer": { - "type": "object", - "description": "Servicer", - "properties": { - "SchemeName": { - "type": "string", - "description": "Scheme Name of Servicer" - }, - "Identification": { - "type": "string", - "description": "Identification of Servicer" - } - - } - - } - } - } - } - }, - - "xml": { - "name": "AccReqResponse" - } - }, - "AccountStandingOrders": { - "description": "Account Standing Orders Object", - "type": "object", - "properties": { - "AccountId": { - "type": "string", - "description": "Account number to be used for the purposes of display. It does not give the complete account number but an obfuscated version only showing last 4 digits. Leading digits are replaced by ‘X’." - }, - "StandingOrderId": { - "type": "string", - "description": "A unique and immutable identifier used to identify the standing order resource." - }, - "Currency": { - "type": "string", - "description": "Identification of the currency of the standing order" - }, - "Frequency": { - "type": "string", - "description": "Frequency Of the standing order" - }, - "CreditorReferenceInformation": { - "type": "string", - "description": "Unique reference, as assigned by the creditor, to unambiguously refer to the payment transaction." - }, - "FirstPaymentDate": { - "type": "string", - "description": "The date on which the first payment for a Standing Order schedule will be made." - }, - "NextPaymentDate": { - "type": "string", - "description": "The date on which the next payment for a Standing Order schedule will be made." - }, - "FinalPaymentDate": { - "type": "string", - "description": "The date on which the final payment for a Standing Order schedule will be made" - }, - "CreditorAccount": { - "type": "object", - "properties": { - "SecondaryIdentification": { - "type": "string", - "description": "This is secondary identification of the account, as assigned by the account servicing institution. This can be used by building societies to additionally identify accounts with a roll number" - }, - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of the servicing institution." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - }, - "Name": { - "type": "string", - "description": "Name of the account, as assigned by the account servicing institution" - } - } - - }, - "Servicer": { - "type": "object", - "properties": { - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of the servicing institution." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - } - } - }, - "FirstPaymentAmount": { - "type": "object", - "properties": { - "Amount": { - "type": "string", - "description": "Amount To be transferred" - }, - "Currency": { - "type": "string", - "description": "A code allocated to a currency by a Maintenance Agency " - } - } - }, - "NextPaymentAmount": { - "type": "object", - "properties": { - "Amount": { - "type": "string", - "description": "Amount To be transferred" - }, - "Currency": { - "type": "string", - "description": "A code allocated to a currency by a Maintenance Agency " - } - } - }, - "FinalPaymentAmount": { - "type": "object", - "properties": { - "Amount": { - "type": "string", - "description": "Amount To be transferred" - }, - "Currency": { - "type": "string", - "description": "A code allocated to a currency by a Maintenance Agency " - } - } - } - - }, - - "xml": { - "name": "AccountStandingOrders" - } - - }, - "AccountDirectDebits": { - "description": "Account Direct Debits Object", - "type": "object", - "properties": { - "AccountId": { - "type": "string", - "description": "Account number to be used for the purposes of display. It does not give the complete account number but an obfuscated version only showing last 4 digits. Leading digits are replaced by ‘X’." - }, - "DirectDebitId": { - "type": "string", - "description": "A unique and immutable identifier used to identify the direct debit resource." - }, - "MandateIdentification": { - "type": "string", - "description": "Direct Debit reference" - }, - "DirectDebitStatusCode": { - "type": "string", - "description": "Specifies the status of the direct debit in code form" - }, - "Currency": { - "type": "string", - "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme" - }, - "Name": { - "type": "string", - "description": "Name of Service User" - }, - "PreviousPaymentDate": { - "type": "string", - "description": "Date of most recent direct debit collection." - }, - "PreviousPaymentAmount": { - "type": "object", - "properties": { - "Amount": { - "type": "string", - "description": "Amount To be transferred" - }, - "Currency": { - "type": "string", - "description": "A code allocated to a currency by a Maintenance Agency " - } - } - } - - }, - - "xml": { - "name": "AccountDirectDebits" - } - } - - } -} diff --git a/src/devportal/all/modules/custom/openbank_swagger/swaggers/accountv1-0.json b/src/devportal/all/modules/custom/openbank_swagger/swaggers/accountv1-0.json new file mode 100644 index 00000000..2e66c13e --- /dev/null +++ b/src/devportal/all/modules/custom/openbank_swagger/swaggers/accountv1-0.json @@ -0,0 +1,2864 @@ +{ + "swagger": "2.0", + "host": "testdemorrai-test.apigee.net", + "info": { + "title": "Account Information APIs", + "description": "Swagger specification for Account Information APIs", + "termsOfService": "https://www.openbanking.org.uk/terms", + "contact": { + "name": "Craig Greenhouse", + "email": "Craig.Greenhouse@openbanking.org.uk" + }, + "license": { + "name": "open-licence", + "url": "https://www.openbanking.org.uk/open-licence" + }, + "version": "v1.0.0" + }, + "basePath": "/ais/open-banking/v1.0", + "schemes": [ + "https" + ], + "produces": [ + "application/json" + ], + "paths": { + "/account-requests": { + "post": { + "summary": "Create an account request", + "description": "Create an account request", + "operationId": "CreateAccountRequest", + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "body", + "in": "body", + "description": "Create an Account Request", + "required": true, + "schema": { + + "$ref": "#/definitions/AccountRequest" + + } + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "required": true, + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + }, + { + "in": "header", + "name": "x-jws-signature", + "type": "string", + "required": true, + "description": "Header containig a detached JWS signature of the body of the payload." + } + ], + "responses": { + "201": { + "description": "Account Request resource successfully created", + "schema": { + "$ref": "#/definitions/CreateAccountRequest" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containig a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + } + } + }, + "/account-requests/{AccountRequestId}": { + "get": { + "summary": "Get an account request", + "description": "Get an account request", + "operationId": "GetAccountRequest", + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "AccountRequestId", + "in": "path", + "description": "Unique identification as assigned by the ASPSP to uniquely identify the account request resource.", + "required": true, + "type": "string" + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "required": true, + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Account Request resource successfully retrieved", + "schema": { + "$ref": "#/definitions/CreateAccountRequest" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + } + }, + "delete": { + "summary": "Delete an account request", + "description": "Delete an account request", + "operationId": "DeleteAccountRequest", + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "AccountRequestId", + "in": "path", + "description": "Unique identification as assigned by the ASPSP to uniquely identify the account request resource.", + "required": true, + "type": "string" + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "required": true, + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + } + ], + "responses": { + "204": { + "description": "Account Request resource successfully deleted", + "headers": { + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + } + } + }, + "/accounts": { + "get": { + "summary": "Get Accounts", + "description": "Get a list of accounts", + "operationId": "GetAccounts", + "produces": [ + "application/json" + ], + "parameters": [ + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Accounts successfully retrieved", + "schema": { + "$ref": "#/definitions/AccountInfo" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/accounts/{AccountId}": { + "get": { + "summary": "Get Account", + "description": "Get an account", + "operationId": "GetAccount", + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "AccountId", + "in": "path", + "description": "A unique identifier used to identify the account resource.", + "required": true, + "type": "string" + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Account resource successfully retrieved", + "schema": { + "$ref": "#/definitions/AccountInfo" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/accounts/{AccountId}/transactions": { + "get": { + "summary": "Get Account Transactions", + "description": "Get transactions related to an account", + "operationId": "GetAccountTransactions", + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "AccountId", + "in": "path", + "description": "A unique identifier used to identify the account resource.", + "required": true, + "type": "string" + }, + { + "in": "query", + "name": "fromBookingDateTime", + "type": "string", + "format": "date-time", + "description": "The UTC ISO 8601 Date Time to filter transactions FROM - NB Time component is optional - set to 00:00:00 for just Date" + }, + { + "in": "query", + "name": "toBookingDateTime", + "type": "string", + "format": "date-time", + "description": "The UTC ISO 8601 Date Time to filter transactions TO - NB Time component is optional - set to 00:00:00 for just Date" + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Account Transactions successfully retrieved", + "schema": { + + "$ref": "#/definitions/AccountTransactions" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/accounts/{AccountId}/beneficiaries": { + "get": { + "summary": "Get Account Beneficiaries", + "description": "Get Beneficiaries related to an account", + "operationId": "GetAccountBeneficiaries", + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "AccountId", + "in": "path", + "description": "A unique identifier used to identify the account resource.", + "required": true, + "type": "string" + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Account Beneficiaries successfully retrieved", + "schema": { + + "$ref": "#/definitions/AccountBeneficiaries" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/accounts/{AccountId}/balances": { + "get": { + "summary": "Get Account Balances", + "description": "Get Balances related to an account", + "operationId": "GetAccountBalances", + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "AccountId", + "in": "path", + "description": "A unique identifier used to identify the account resource.", + "required": true, + "type": "string" + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Account Beneficiaries successfully retrieved", + "schema": { + + "$ref": "#/definitions/AccountBalance" + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/accounts/{AccountId}/direct-debits": { + "get": { + "summary": "Get Account Direct Debits", + "description": "Get Direct Debits related to an account", + "operationId": "GetAccountDirectDebits", + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "AccountId", + "in": "path", + "description": "A unique identifier used to identify the account resource.", + "required": true, + "type": "string" + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Account Direct Debits successfully retrieved", + "schema": { + + "$ref": "#/definitions/AccountDirectDebits" + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/accounts/{AccountId}/standing-orders": { + "get": { + "summary": "Get Account Standing Orders", + "description": "Get Standing Orders related to an account", + "operationId": "GetAccountStandingOrders", + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "AccountId", + "in": "path", + "description": "A unique identifier used to identify the account resource.", + "required": true, + "type": "string" + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Account Standing Orders successfully retrieved", + "schema": { + + "$ref": "#/definitions/AccountStandingOrders" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/accounts/{AccountId}/product": { + "get": { + "summary": "Get Account Product", + "description": "Get Product related to an account", + "operationId": "GetAccountProduct", + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "AccountId", + "in": "path", + "description": "A unique identifier used to identify the account resource.", + "required": true, + "type": "string" + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Account Product successfully retrieved", + "schema": { + "$ref": "#/definitions/AccountProduct" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/standing-orders": { + "get": { + "summary": "Get Standing Orders", + "description": "Get Standing Orders", + "operationId": "GetStandingOrders", + "produces": [ + "application/json" + ], + "parameters": [ + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Standing Orders successfully retrieved", + "schema": { + + "$ref": "#/definitions/AccountStandingOrders" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/direct-debits": { + "get": { + "summary": "Get Direct Debits", + "description": "Get Direct Debits", + "operationId": "GetDirectDebits", + "produces": [ + "application/json" + ], + "parameters": [ + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Direct Debits successfully retrieved", + "schema": { + + "$ref": "#/definitions/AccountDirectDebits" + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/beneficiaries": { + "get": { + "summary": "Get Beneficiaries", + "description": "Get Beneficiaries", + "operationId": "GetBeneficiaries", + "produces": [ + "application/json" + ], + "parameters": [ + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Beneficiaries successfully retrieved", + "schema": { + + "$ref": "#/definitions/AccountBeneficiaries" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/transactions": { + "get": { + "summary": "Get Transactions", + "description": "Get Transactions", + "operationId": "GetTransactions", + "produces": [ + "application/json" + ], + "parameters": [ + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + }, + { + "in": "query", + "name": "fromBookingDateTime", + "type": "string", + "format": "date-time", + "description": "The UTC ISO 8601 Date Time to filter transactions FROM - NB Time component is optional - set to 00:00:00 for just Date" + }, + { + "in": "query", + "name": "toBookingDateTime", + "type": "string", + "format": "date-time", + "description": "The UTC ISO 8601 Date Time to filter transactions TO - NB Time component is optional - set to 00:00:00 for just Date" + } + ], + "responses": { + "200": { + "description": "Transactions successfully retrieved", + "schema": { + + "$ref": "#/definitions/AccountTransactions" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/balances": { + "get": { + "summary": "Get Balances", + "description": "Get Balances", + "operationId": "GetBalances", + "produces": [ + "application/json" + ], + "parameters": [ + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Balances successfully retrieved", + "schema": { + + "$ref": "#/definitions/AccountBalance" + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + } + }, + "responses": { + "400ErrorResponse": { + "description": "Bad Request" + }, + "401ErrorResponse": { + "description": "Unauthorized" + }, + "403ErrorResponse": { + "description": "Forbidden" + }, + "429ErrorResponse": { + "description": "Too Many Requests" + } + }, + "securityDefinitions": { + "PSUOAuth2Security": { + "type": "oauth2", + "flow": "accessCode", + "tokenUrl": "https://testdemorrai-test.apigee.net/apis/v1.0/oauth/token", + "authorizationUrl": "https://testdemorrai-test.apigee.net/apis/v1.0/oauth/authorize?response_type=code&client_id=zPq1BGV4OlLV7hJR1DsbfTI1t3orbDmD&state=abcd1234&scope=openid accounts&redirect_uri=https://api.enterprise.apigee.com/v1/o/testdemorrai/apimodels/accounts-apis-v1-0/templateauths/PSUOAuth2Security/callback", + "scopes": { + "accounts": "Ability to read Accounts information", + "openid" : "openId" + }, + "description": "OAuth flow, it is required when the PSU needs to perform SCA with the ASPSP when a TPP wants to access an ASPSP resource owned by the PSU" + } + }, + "definitions": + { + "CreateAccountRequest" : + { + "title": "Account Request POST response", + "type": "object", + "properties": { + "Data": { + "title": "Data", + "type": "object", + "properties": { + "AccountRequestId": { + "description": "Unique identification as assigned to identify the account request resource.", + "type": "string", + "minLength": 1, + "maxLength": 128 + }, + "Status": { + "description": "Specifies the status of the account request resource.", + "type": "string", + "enum": [ + "Authorised", + "AwaitingAuthorisation", + "Rejected", + "Revoked" + ] + }, + "CreationDateTime": { + "description": "Date and time at which the resource was created.", + "type": "string", + "format": "date-time" + }, + "Permissions": { + "description": "Specifies the Open Banking account request types. This is a list of the data clusters being consented by the PSU, and requested for authorisation with the ASPSP.", + "type": "array", + "items": { + "description": "Specifies the Open Banking account request types. This is a list of the data clusters being consented by the PSU, and requested for authorisation with the ASPSP.", + "type": "string", + "enum": [ + "ReadAccountsBasic", + "ReadAccountsDetail", + "ReadBalances", + "ReadBeneficiariesBasic", + "ReadBeneficiariesDetail", + "ReadDirectDebits", + "ReadProducts", + "ReadStandingOrdersBasic", + "ReadStandingOrdersDetail", + "ReadTransactionsBasic", + "ReadTransactionsCredits", + "ReadTransactionsDebits", + "ReadTransactionsDetail" + ] + }, + "minProperties": 1, + "additionalProperties": false + }, + "ExpirationDateTime": { + "description": "Specified date and time the permissions will expire. If this is not populated, the permissions will be open ended.", + "type": "string", + "format": "date-time" + }, + "TransactionFromDateTime": { + "description": "Specified start date and time for the transaction query period. If this is not populated, the start date will be open ended, and data will be returned from the earliest available transaction.", + "type": "string", + "format": "date-time" + }, + "TransactionToDateTime": { + "description": "Specified end date and time for the transaction query period. If this is not populated, the end date will be open ended, and data will be returned to the latest available transaction.", + "type": "string", + "format": "date-time" + } + }, + "additionalProperties": false, + "required": [ + "AccountRequestId", + "CreationDateTime", + "Permissions" + ] + }, + "Risk": { + "title": "Risk", + "type": "object", + "description": "The Risk payload is sent by the initiating party to the ASPSP. It is used to specify additional details for risk scoring for Account Info.", + "properties": {}, + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": [ + "Data", + "Risk" + ] + }, + "AccountInfo": + { + "title": "Account GET response", + "type": "object", + "properties": { + "Data": { + "title": "Account", + "type": "array", + "items": { + "type": "object", + "title": "Account", + "description": "Account", + "properties": { + "AccountId": { + "description": "A unique and immutable identifier used to identify the account resource. This identifier has no meaning to the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "Currency": { + "description": "Identification of the currency in which the account is held. Usage: Currency should only be used in case one and the same account number covers several currencies and the initiating party needs to identify which currency needs to be used for settlement on the account.", + "type": "string", + "pattern": "^[A-Z]{3}$" + }, + "Nickname": { + "description": "The nickname of the account, assigned by the account owner in order to provide an additional means of identification of the account.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "Account": { + "description": "Provides the details to identify an account.", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "type": "string", + "enum": [ + "BBAN", + "IBAN" + ] + }, + "Identification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + }, + "Name": { + "description": "Name of the account, as assigned by the account servicing institution, in agreement with the account owner in order to provide an additional means of identification of the account. Usage: The account name is different from the account owner name. The account name is used in certain user communities to provide a means of identifying the account, in addition to the account owner's identity and the account number.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "SecondaryIdentification": { + "description": "This is secondary identification of the account, as assigned by the account servicing institution. This can be used by building societies to additionally identify accounts with a roll number (in addition to a sort code and account number combination).", + "type": "string", + "minLength": 1, + "maxLength": 34 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "Servicer": { + "description": "Party that manages the account on behalf of the account owner, that is manages the registration and booking of entries on the account, calculates balances on the account and provides information about the account.", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "type": "string", + "enum": [ + "BICFI", + "UKSortCode" + ] + }, + "Identification": { + "description": "Unique and unambiguous identification of the servicing institution.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": [ + "AccountId", + "Currency" + ] + } + }, + "Links": { + "title": "Links", + "type": "object", + "description": "Links relevant to the payload", + "properties": { + "self": { + "type": "string", + "format": "uri" + }, + "first": { + "type": "string", + "format": "uri" + }, + "prev": { + "type": "string", + "format": "uri" + }, + "next": { + "type": "string", + "format": "uri" + }, + "last": { + "type": "string", + "format": "uri" + } + }, + "additionalProperties": false, + "required": [ + "self" + ] + }, + "Meta": { + "title": "Meta Data", + "type": "object", + "description": "Meta Data relevant to the payload", + "properties": { + "total-pages": { + "type": "integer", + "format": "int32" + } + }, + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": [ + "Data", + "Links", + "Meta" + ] + }, + "AccountTransactions" : + { + "title": "Account Transactions GET response", + "type": "object", + "properties": { + "Data": { + "title": "Transaction", + "description": "Data Section of the Payload", + "type": "array", + "items": { + "type": "object", + "properties": { + "AccountId": { + "description": "A unique and immutable identifier used to identify the account resource. This identifier has no meaning to the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "TransactionId": { + "description": "Unique identifier for the transaction within an servicing institution. This identifier is both unique and immutable.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "TransactionReference": { + "description": "Unique reference for the transaction. This reference is optionally populated, and may as an example be the FPID in the Faster Payments context.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "Amount": { + "description": "Amount of money in the cash entry.", + "type": "object", + "properties": { + "Amount": { + "type": "string", + "pattern": "^-?\\d{1,13}\\.\\d{1,5}$" + }, + "Currency": { + "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 'Codes for the representation of currencies and funds'", + "type": "string", + "pattern": "^[A-Z]{3}$" + } + }, + "required": [ + "Amount", + "Currency" + ], + "additionalProperties": false + }, + "CreditDebitIndicator": { + "description": "Indicates whether the transaction is a credit or a debit entry.", + "type": "string", + "enum": [ + "Credit", + "Debit" + ] + }, + "Status": { + "description": "Status of a transaction entry on the books of the account servicer.", + "type": "string", + "enum": [ + "Booked", + "Pending" + ] + }, + "BookingDateTime": { + "description": "Date and time when a transaction entry is posted to an account on the account servicer's books. Usage: Booking date is the expected booking date, unless the status is booked, in which case it is the actual booking date.", + "type": "string", + "format": "date-time" + }, + "ValueDateTime": { + "description": "Date and time at which assets become available to the account owner in case of a credit entry, or cease to be available to the account owner in case of a debit entry. Usage: If entry status is pending and value date is present, then the value date refers to an expected/requested value date. For entries subject to availability/float and for which availability information is provided, the value date must not be used. In this case the availability component identifies the number of availability days.", + "type": "string", + "format": "date-time" + }, + "TransactionInformation": { + "description": "Further details of the transaction. This is the transaction narrative, which is unstructured text.", + "type": "string", + "minLength": 1, + "maxLength": 500 + }, + "AddressLine": { + "description": "Information that locates and identifies a specific address, as defined by postal services, that is presented in free format text.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "BankTransactionCode": { + "description": "Set of elements used to fully identify the type of underlying transaction resulting in an entry.", + "type": "object", + "properties": { + "Code": { + "description": "Specifies the family within a domain.", + "type": "string" + }, + "SubCode": { + "description": "Specifies the sub-product family within a specific family.", + "type": "string" + } + }, + "required": [ + "Code", + "SubCode" + ], + "additionalProperties": false + }, + "ProprietaryBankTransactionCode": { + "description": "Set of elements to fully identify a proprietary bank transaction code.", + "type": "object", + "properties": { + "Code": { + "description": "Proprietary bank transaction code to identify the underlying transaction.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "Issuer": { + "description": "Identification of the issuer of the proprietary bank transaction code.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "required": [ + "Code" + ], + "additionalProperties": false + }, + "Balance": { + "description": "Set of elements used to define the balance as a numerical representation of the net increases and decreases in an account after a transaction entry is applied to the account.", + "type": "object", + "properties": { + "Amount": { + "description": "Amount of money of the cash balance after a transaction entry is applied to the account..", + "type": "object", + "properties": { + "Amount": { + "type": "string", + "pattern": "^-?\\d{1,13}\\.\\d{1,5}$" + }, + "Currency": { + "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 'Codes for the representation of currencies and funds'", + "type": "string", + "pattern": "^[A-Z]{3}$" + } + }, + "required": [ + "Amount", + "Currency" + ], + "additionalProperties": false + }, + "CreditDebitIndicator": { + "description": "Indicates whether the balance is a credit or a debit balance. Usage: A zero balance is considered to be a credit balance.", + "type": "string", + "enum": [ + "Credit", + "Debit" + ] + }, + "Type": { + "description": "Balance type, in a coded form.", + "type": "string", + "enum": [ + "ClosingAvailable", + "ClosingBooked", + "Expected", + "ForwardAvailable", + "Information", + "InterimAvailable", + "InterimBooked", + "OpeningAvailable", + "OpeningBooked", + "PreviouslyClosedBooked" + ] + } + }, + "additionalProperties": false, + "required": [ + "Amount", + "CreditDebitIndicator", + "Type" + ] + }, + "MerchantDetails": { + "description": "Details of the merchant involved in the transaction.", + "type": "object", + "properties": { + "MerchantName": { + "description": "Name by which the merchant is known.", + "type": "string", + "minLength": 1, + "maxLength": 350 + }, + "MerchantCategoryCode": { + "description": "Category code conform to ISO 18245, related to the type of services or goods the merchant provides for the transaction.", + "type": "string", + "minLength": 3, + "maxLength": 4 + } + }, + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": [ + "AccountId", + "Amount", + "CreditDebitIndicator", + "Status", + "BookingDateTime" + ] + } + }, + "Links": { + "title": "Links", + "type": "object", + "description": "Links relevant to the payload", + "properties": { + "self": { + "type": "string", + "format": "uri" + }, + "first": { + "type": "string", + "format": "uri" + }, + "prev": { + "type": "string", + "format": "uri" + }, + "next": { + "type": "string", + "format": "uri" + }, + "last": { + "type": "string", + "format": "uri" + } + }, + "additionalProperties": false, + "required": [ + "self" + ] + }, + "Meta": { + "title": "Meta", + "type": "object", + "description": "Meta Data relevant to the payload", + "properties": { + "total-pages": { + "type": "integer", + "format": "int32" + } + }, + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": [ + "Data", + "Links", + "Meta" + ] + }, + "AccountBeneficiaries" : + { + "title": "Beneficiaries GET response", + "type": "object", + "properties": { + "Data": { + "title": "Beneficiary", + "type": "array", + "items": { + "type": "object", + "title": "Beneficiary", + "description": "Beneficiary", + "properties": { + "AccountId": { + "description": "A unique and immutable identifier used to identify the account resource. This identifier has no meaning to the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "BeneficiaryId": { + "description": "A unique and immutable identifier used to identify the beneficiary resource. This identifier has no meaning to the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "Reference": { + "description": "Unique reference, as assigned by the creditor, to unambiguously refer to the payment transaction. Usage: If available, the initiating party should provide this reference in the structured remittance information, to enable reconciliation by the creditor upon receipt of the amount of money. If the business context requires the use of a creditor reference or a payment remit identification, and only one identifier can be passed through the end-to-end chain, the creditor's reference or payment remittance identification should be quoted in the end-to-end transaction identification.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "Servicer": { + "description": "Party that manages the account on behalf of the account owner, that is manages the registration and booking of entries on the account, calculates balances on the account and provides information about the account. This is the servicer of the beneficiary account.", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "type": "string", + "enum": [ + "BICFI", + "UKSortCode" + ] + }, + "Identification": { + "description": "Unique and unambiguous identification of the servicing institution.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "CreditorAccount": { + "description": "Provides the details to identify the beneficiary account.", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "type": "string", + "enum": [ + "BBAN", + "IBAN" + ] + }, + "Identification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + }, + "Name": { + "description": "Name of the account, as assigned by the account servicing institution, in agreement with the account owner in order to provide an additional means of identification of the account. Usage: The account name is different from the account owner name. The account name is used in certain user communities to provide a means of identifying the account, in addition to the account owner's identity and the account number.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "SecondaryIdentification": { + "description": "This is secondary identification of the account, as assigned by the account servicing institution. This can be used by building societies to additionally identify accounts with a roll number (in addition to a sort code and account number combination).", + "type": "string", + "minLength": 1, + "maxLength": 34 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + } + }, + "additionalProperties": false + } + }, + "Links": { + "title": "Links", + "type": "object", + "description": "Links relevant to the payload", + "properties": { + "self": { + "type": "string", + "format": "uri" + }, + "first": { + "type": "string", + "format": "uri" + }, + "prev": { + "type": "string", + "format": "uri" + }, + "next": { + "type": "string", + "format": "uri" + }, + "last": { + "type": "string", + "format": "uri" + } + }, + "additionalProperties": false, + "required": [ + "self" + ] + }, + "Meta": { + "title": "Meta Data", + "type": "object", + "description": "Meta Data relevant to the payload", + "properties": { + "total-pages": { + "type": "integer", + "format": "int32" + } + }, + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": [ + "Data", + "Links", + "Meta" + ] + }, + "AccountBalance": + { + "title": "Balances GET response", + "type": "object", + "properties": { + "Data": { + "title": "Balance", + "type": "array", + "items": { + "type": "object", + "title": "Balance", + "description": "Balance", + "properties": { + "AccountId": { + "description": "A unique and immutable identifier used to identify the account resource. This identifier has no meaning to the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "Amount": { + "description": "Amount of money of the cash balance.", + "type": "object", + "properties": { + "Amount": { + "type": "string", + "pattern": "^-?\\d{1,13}\\.\\d{1,5}$" + }, + "Currency": { + "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 'Codes for the representation of currencies and funds'", + "type": "string", + "pattern": "^[A-Z]{3}$" + } + }, + "required": [ + "Amount", + "Currency" + ], + "additionalProperties": false + }, + "CreditDebitIndicator": { + "description": "Indicates whether the balance is a credit or a debit balance. Usage: A zero balance is considered to be a credit balance.", + "type": "string", + "enum": [ + "Credit", + "Debit" + ] + }, + "Type": { + "description": "Balance type, in a coded form.", + "type": "string", + "enum": [ + "ClosingAvailable", + "ClosingBooked", + "Expected", + "ForwardAvailable", + "Information", + "InterimAvailable", + "InterimBooked", + "OpeningAvailable", + "OpeningBooked", + "PreviouslyClosedBooked" + ] + }, + "DateTime": { + "description": "Indicates the date (and time) of the balance.", + "type": "string", + "format": "date-time" + }, + "CreditLine": { + "type": "object", + "properties": { + "Included": { + "description": "Indicates whether or not the credit line is included in the balance of the account. Usage: If not present, credit line is not included in the balance amount of the account.", + "type": "boolean" + }, + "Amount": { + "description": "Active Or Historic Currency Code and Amount", + "type": "object", + "properties": { + "Amount": { + "type": "string", + "pattern": "^-?\\d{1,13}\\.\\d{1,5}$" + }, + "Currency": { + "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 'Codes for the representation of currencies and funds'", + "type": "string", + "pattern": "^[A-Z]{3}$" + } + }, + "required": [ + "Amount", + "Currency" + ], + "additionalProperties": false + }, + "Type": { + "description": "Limit type, in a coded form.", + "type": "string", + "enum": [ + "Pre-Agreed", + "Emergency", + "Temporary" + ] + } + }, + "additionalProperties": false, + "required": [ + "Included" + ] + } + }, + "additionalProperties": false, + "required": [ + "AccountId", + "Amount", + "CreditDebitIndicator", + "DateTime", + "Type" + ] + }, + "minItems": 1 + }, + "Links": { + "title": "Links", + "type": "object", + "description": "Links relevant to the payload", + "properties": { + "self": { + "type": "string", + "format": "uri" + }, + "first": { + "type": "string", + "format": "uri" + }, + "prev": { + "type": "string", + "format": "uri" + }, + "next": { + "type": "string", + "format": "uri" + }, + "last": { + "type": "string", + "format": "uri" + } + }, + "additionalProperties": false, + "required": [ + "self" + ] + }, + "Meta": { + "title": "Meta Data", + "type": "object", + "description": "Meta Data relevant to the payload", + "properties": { + "total-pages": { + "type": "integer", + "format": "int32" + } + }, + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": [ + "Data", + "Links", + "Meta" + ] + }, + "AccountDirectDebits": + {"title": "Account GET response", + "type": "object", + "properties": { + "Data": { + "title": "DirectDebit", + "type": "array", + "items": { + "type": "object", + "title": "Direct Debit", + "description": "Direct Debit", + "properties": { + "AccountId": { + "description": "A unique and immutable identifier used to identify the account resource. This identifier has no meaning to the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "DirectDebitId": { + "description": "A unique and immutable identifier used to identify the direct debit resource. This identifier has no meaning to the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "MandateIdentification": { + "description": "Direct Debit reference. For AUDDIS service users provide Core Reference. For non AUDDIS service users provide Core reference if possible or last used reference.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "DirectDebitStatusCode": { + "description": "Specifies the status of the direct debit in code form.", + "type": "string", + "enum": [ + "Active", + "Inactive" + ] + }, + "Name": { + "description": "Name of Service User", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "PreviousPaymentDateTime": { + "description": "Date of most recent direct debit collection.", + "type": "string", + "format": "date-time" + }, + "PreviousPaymentAmount": { + "description": "The amount of the most recent direct debit collection.", + "type": "object", + "properties": { + "Amount": { + "type": "string", + "pattern": "^-?\\d{1,13}\\.\\d{1,5}$" + }, + "Currency": { + "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 'Codes for the representation of currencies and funds'", + "type": "string", + "pattern": "^[A-Z]{3}$" + } + }, + "required": [ + "Amount", + "Currency" + ], + "additionalProperties": false + } + }, + "required": [ + "AccountId", + "MandateIdentification", + "Name" + ], + "additionalProperties": false + } + }, + "Links": { + "title": "Links", + "type": "object", + "description": "Links relevant to the payload", + "properties": { + "self": { + "type": "string", + "format": "uri" + }, + "first": { + "type": "string", + "format": "uri" + }, + "prev": { + "type": "string", + "format": "uri" + }, + "next": { + "type": "string", + "format": "uri" + }, + "last": { + "type": "string", + "format": "uri" + } + }, + "additionalProperties": false, + "required": [ + "self" + ] + }, + "Meta": { + "title": "Meta Data", + "type": "object", + "description": "Meta Data relevant to the payload", + "properties": { + "total-pages": { + "type": "integer", + "format": "int32" + } + }, + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": [ + "Data", + "Links", + "Meta" + ] + }, + "AccountStandingOrders" : + { + "title": "Standing Orders GET response", + "type": "object", + "properties": { + "Data": { + "title": "StandingOrder", + "type": "array", + "items": { + "type": "object", + "title": "Standing Order", + "description": "Standing Order", + "properties": { + "AccountId": { + "description": "The date on which the first payment for a Standing Order schedule will be made.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "StandingOrderId": { + "description": "A unique and immutable identifier used to identify the standing order resource. This identifier has no meaning to the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "Frequency": { + "description": "EvryWorkgDay - PSC070 IntrvlWkDay:PSC110:PSC080 (PSC070 code + PSC110 + PSC080) WkInMnthDay:PSC100:PSC080 (PSC070 code + PSC100 + PSC080) IntrvlMnthDay:PSC120:PSC090 (PSC070 code + PSC120 + PSC090) QtrDay: + either (ENGLISH, SCOTTISH or RECEIVED) PSC070 + PSC130 The following response codes may be generated by this data element: PSC070: T221 - Schedule code must be a valid enumeration value. PSC070: T245 - Must be provided for standing order only. PSC080: T222 - Day in week must be within defined bounds (range 1 to 5). PSC080: T229 - Must be present if Schedule Code = IntrvlWkDay. PSC080: T231 - Must be present if Schedule Code = WkInMnthDay. PSC090: T223 - Day in month must be within defined bounds (range -5 to 31 excluding: 0 & 00). PSC090: T233 - Must be present if Schedule Code = IntrvlMnthDay. PSC100: T224 - Week in month must be within defined bounds (range 1 to 5). PSC100: T232 - Must be present if Schedule Code = WkInMnthDay. PSC110: T225 - Interval in weeks must be within defined bounds (range 1 to 9). PSC110: T230 - Must be present if Schedule Code = IntrvlWkDay. PSC120: T226 - Interval in months must be a valid enumeration value (range 1 to 6, 12 and 24). PSC120: T234 - Must be present if Schedule Code = IntrvlMnthDay. PSC130: T227 - Quarter Day must be a valid enumeration value. PSC130: T235 - Must be present if Schedule Code = QtrDay. The regular expression for this element combines five smaller versions for each permitted pattern. To aid legibility - the components are presented individually here: EvryWorkgDay IntrvlWkDay:0[1-9]:0[1-5] WkInMnthDay:0[1-5]:0[1-5] IntrvlMnthDay:(0[1-6]|12|24):(-0[1-5]|0[1-9]|[12][0-9]|3[01]) QtrDay:(ENGLISH|SCOTTISH|RECEIVED) Mandatory/Conditional/Optional/Parent/Leaf: OL Type: 35 char string Regular Expression(s): (EvryWorkgDay)|(IntrvlWkDay:0[1-9]:0[1-5])|(WkInMnthDay:0[1-5]:0[1-5])|(IntrvlMnthDay:(0[1- 6]|12|24):(-0[1-5]|0[1-9]|[12][0-9]|3[01]))|(QtrDay:(ENGLISH|SCOTTISH|RECEIVED))", + "type": "string", + "pattern": "^((EvryWorkgDay)|(IntrvlWkDay:0[1-9]:0[1-5])|(WkInMnthDay:0[1-5]:0[1-5])|(IntrvlMnthDay:(0[1-6]|12|24):(-0[1-5]|0[1-9]|[12][0-9]|3[01]))|(QtrDay:(ENGLISH|SCOTTISH|RECEIVED)))$" + }, + "Reference": { + "description": "Unique reference, as assigned by the creditor, to unambiguously refer to the payment transaction. Usage: If available, the initiating party should provide this reference in the structured remittance information, to enable reconciliation by the creditor upon receipt of the amount of money. If the business context requires the use of a creditor reference or a payment remit identification, and only one identifier can be passed through the end-to-end chain, the creditor's reference or payment remittance identification should be quoted in the end-to-end transaction identification.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "FirstPaymentDateTime": { + "description": "The date on which the first payment for a Standing Order schedule will be made.", + "type": "string", + "format": "date-time" + }, + "FirstPaymentAmount": { + "description": "The amount of the first Standing Order", + "type": "object", + "properties": { + "Amount": { + "type": "string", + "pattern": "^-?\\d{1,13}\\.\\d{1,5}$" + }, + "Currency": { + "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 'Codes for the representation of currencies and funds'", + "type": "string", + "pattern": "^[A-Z]{3}$" + } + }, + "required": [ + "Amount", + "Currency" + ], + "additionalProperties": false + }, + "NextPaymentDateTime": { + "description": "The date on which the next payment for a Standing Order schedule will be made.", + "type": "string", + "format": "date-time" + }, + "NextPaymentAmount": { + "description": "The amount of the next Standing Order", + "type": "object", + "properties": { + "Amount": { + "type": "string", + "pattern": "^-?\\d{1,13}\\.\\d{1,5}$" + }, + "Currency": { + "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 'Codes for the representation of currencies and funds'", + "type": "string", + "pattern": "^[A-Z]{3}$" + } + }, + "required": [ + "Amount", + "Currency" + ], + "additionalProperties": false + }, + "FinalPaymentDateTime": { + "description": "The date on which the final payment for a Standing Order schedule will be made.", + "type": "string", + "format": "date-time" + }, + "FinalPaymentAmount": { + "description": "The amount of the final Standing Order", + "type": "object", + "properties": { + "Amount": { + "type": "string", + "pattern": "^-?\\d{1,13}\\.\\d{1,5}$" + }, + "Currency": { + "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 'Codes for the representation of currencies and funds'", + "type": "string", + "pattern": "^[A-Z]{3}$" + } + }, + "required": [ + "Amount", + "Currency" + ], + "additionalProperties": false + }, + "Servicer": { + "description": "Party that manages the account on behalf of the account owner, that is manages the registration and booking of entries on the account, calculates balances on the account and provides information about the account. This is the servicer of the beneficiary account", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "type": "string", + "enum": [ + "BICFI", + "UKSortCode" + ] + }, + "Identification": { + "description": "Unique and unambiguous identification of the servicing institution.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "CreditorAccount": { + "description": "Provides the details to identify the beneficiary account.", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "type": "string", + "enum": [ + "BBAN", + "IBAN" + ] + }, + "Identification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + }, + "Name": { + "description": "Name of the account, as assigned by the account servicing institution, in agreement with the account owner in order to provide an additional means of identification of the account. Usage: The account name is different from the account owner name. The account name is used in certain user communities to provide a means of identifying the account, in addition to the account owner's identity and the account number.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "SecondaryIdentification": { + "description": "This is secondary identification of the account, as assigned by the account servicing institution. This can be used by building societies to additionally identify accounts with a roll number (in addition to a sort code and account number combination).", + "type": "string", + "minLength": 1, + "maxLength": 34 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + } + }, + "required": [ + "AccountId", + "Frequency", + "NextPaymentDateTime", + "NextPaymentAmount" + ], + "additionalProperties": false + } + }, + "Links": { + "title": "Links", + "type": "object", + "description": "Links relevant to the payload", + "properties": { + "self": { + "type": "string", + "format": "uri" + }, + "first": { + "type": "string", + "format": "uri" + }, + "prev": { + "type": "string", + "format": "uri" + }, + "next": { + "type": "string", + "format": "uri" + }, + "last": { + "type": "string", + "format": "uri" + } + }, + "additionalProperties": false, + "required": [ + "self" + ] + }, + "Meta": { + "title": "Meta Data", + "type": "object", + "description": "Meta Data relevant to the payload", + "properties": { + "total-pages": { + "type": "integer", + "format": "int32" + } + }, + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": [ + "Data", + "Links", + "Meta" + ] + }, + "AccountProduct" : + { + "title": "Product GET response", + "type": "object", + "properties": { + "Data": { + "title": "Product", + "type": "array", + "items": { + "type": "object", + "title": "Product", + "description": "Product", + "properties": { + "AccountId": { + "description": "A unique and immutable identifier used to identify the account resource. This identifier has no meaning to the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "ProductIdentifier": { + "description": "Identifier within the parent organisation for the product. Must be unique in the organisation.", + "type": "string" + }, + "ProductType": { + "description": "Descriptive code for the product category.", + "type": "string", + "enum": [ + "BCA", + "PCA" + ] + }, + "ProductName": { + "description": "The name of the product used for marketing purposes from a customer perspective. I.e. what the customer would recognise.", + "type": "string" + }, + "SecondaryProductIdentifier": { + "description": "Identifier within the parent organisation for the product. Must be unique in the organisation.", + "type": "string" + } + }, + "additionalProperties": false, + "required": [ + "AccountId", + "ProductIdentifier", + "ProductType" + ] + } + }, + "Links": { + "title": "Links", + "type": "object", + "description": "Links relevant to the payload", + "properties": { + "self": { + "type": "string", + "format": "uri" + }, + "first": { + "type": "string", + "format": "uri" + }, + "prev": { + "type": "string", + "format": "uri" + }, + "next": { + "type": "string", + "format": "uri" + }, + "last": { + "type": "string", + "format": "uri" + } + }, + "additionalProperties": false, + "required": [ + "self" + ] + }, + "Meta": { + "title": "Meta Data", + "type": "object", + "description": "Meta Data relevant to the payload", + "properties": { + "total-pages": { + "type": "integer", + "format": "int32" + } + }, + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": [ + "Data", + "Links", + "Meta" + ] + }, + "AccountRequest" : + { + "title": "Account Request POST request", + "description": "Allows setup of an account access request", + "type": "object", + "properties": { + "Data": { + "title": "Data", + "description": "Allows setup of an account access request", + "type": "object", + "properties": { + "Permissions": { + "description": "Specifies the Open Banking account request types. This is a list of the data clusters being consented by the PSU, and requested for authorisation with the ASPSP.", + "type": "array", + "items": { + "description": "Specifies the Open Banking account request types. This is a list of the data clusters being consented by the PSU, and requested for authorisation with the ASPSP.", + "type": "string", + "enum": [ + "ReadAccountsBasic", + "ReadAccountsDetail", + "ReadBalances", + "ReadBeneficiariesBasic", + "ReadBeneficiariesDetail", + "ReadDirectDebits", + "ReadProducts", + "ReadStandingOrdersBasic", + "ReadStandingOrdersDetail", + "ReadTransactionsBasic", + "ReadTransactionsCredits", + "ReadTransactionsDebits", + "ReadTransactionsDetail" + ] + }, + "minProperties": 1, + "additionalProperties": false + }, + "ExpirationDateTime": { + "description": "Specified date and time the permissions will expire. If this is not populated, the permissions will be open ended.", + "type": "string", + "format": "date-time" + }, + "TransactionFromDateTime": { + "description": "Specified start date and time for the transaction query period. If this is not populated, the start date will be open ended, and data will be returned from the earliest available transaction.", + "type": "string", + "format": "date-time" + }, + "TransactionToDateTime": { + "description": "Specified end date and time for the transaction query period. If this is not populated, the end date will be open ended, and data will be returned to the latest available transaction.", + "type": "string", + "format": "date-time" + } + }, + "additionalProperties": false, + "required": [ + "Permissions" + ] + }, + "Risk": { + "title": "Risk", + "type": "object", + "description": "The Risk payload is sent by the initiating party to the ASPSP. It is used to specify additional details for risk scoring for Account Info.", + "properties": {}, + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": [ + "Data", + "Risk" + ] + } + } +} \ No newline at end of file diff --git a/src/devportal/all/modules/custom/openbank_swagger/swaggers/accountv1-0.json.template b/src/devportal/all/modules/custom/openbank_swagger/swaggers/accountv1-0.json.template new file mode 100644 index 00000000..f7100ba2 --- /dev/null +++ b/src/devportal/all/modules/custom/openbank_swagger/swaggers/accountv1-0.json.template @@ -0,0 +1,2864 @@ +{ + "swagger": "2.0", + "host": "{{ host }}", + "info": { + "title": "Account Information APIs", + "description": "Swagger specification for Account Information APIs", + "termsOfService": "https://www.openbanking.org.uk/terms", + "contact": { + "name": "Craig Greenhouse", + "email": "Craig.Greenhouse@openbanking.org.uk" + }, + "license": { + "name": "open-licence", + "url": "https://www.openbanking.org.uk/open-licence" + }, + "version": "v1.0.0" + }, + "basePath": "/ais/open-banking/v1.0", + "schemes": [ + "https" + ], + "produces": [ + "application/json" + ], + "paths": { + "/account-requests": { + "post": { + "summary": "Create an account request", + "description": "Create an account request", + "operationId": "CreateAccountRequest", + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "body", + "in": "body", + "description": "Create an Account Request", + "required": true, + "schema": { + + "$ref": "#/definitions/AccountRequest" + + } + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "required": true, + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + }, + { + "in": "header", + "name": "x-jws-signature", + "type": "string", + "required": true, + "description": "Header containig a detached JWS signature of the body of the payload." + } + ], + "responses": { + "201": { + "description": "Account Request resource successfully created", + "schema": { + "$ref": "#/definitions/CreateAccountRequest" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containig a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + } + } + }, + "/account-requests/{AccountRequestId}": { + "get": { + "summary": "Get an account request", + "description": "Get an account request", + "operationId": "GetAccountRequest", + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "AccountRequestId", + "in": "path", + "description": "Unique identification as assigned by the ASPSP to uniquely identify the account request resource.", + "required": true, + "type": "string" + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "required": true, + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Account Request resource successfully retrieved", + "schema": { + "$ref": "#/definitions/CreateAccountRequest" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + } + }, + "delete": { + "summary": "Delete an account request", + "description": "Delete an account request", + "operationId": "DeleteAccountRequest", + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "AccountRequestId", + "in": "path", + "description": "Unique identification as assigned by the ASPSP to uniquely identify the account request resource.", + "required": true, + "type": "string" + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "required": true, + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + } + ], + "responses": { + "204": { + "description": "Account Request resource successfully deleted", + "headers": { + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + } + } + }, + "/accounts": { + "get": { + "summary": "Get Accounts", + "description": "Get a list of accounts", + "operationId": "GetAccounts", + "produces": [ + "application/json" + ], + "parameters": [ + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Accounts successfully retrieved", + "schema": { + "$ref": "#/definitions/AccountInfo" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/accounts/{AccountId}": { + "get": { + "summary": "Get Account", + "description": "Get an account", + "operationId": "GetAccount", + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "AccountId", + "in": "path", + "description": "A unique identifier used to identify the account resource.", + "required": true, + "type": "string" + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Account resource successfully retrieved", + "schema": { + "$ref": "#/definitions/AccountInfo" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/accounts/{AccountId}/transactions": { + "get": { + "summary": "Get Account Transactions", + "description": "Get transactions related to an account", + "operationId": "GetAccountTransactions", + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "AccountId", + "in": "path", + "description": "A unique identifier used to identify the account resource.", + "required": true, + "type": "string" + }, + { + "in": "query", + "name": "fromBookingDateTime", + "type": "string", + "format": "date-time", + "description": "The UTC ISO 8601 Date Time to filter transactions FROM - NB Time component is optional - set to 00:00:00 for just Date" + }, + { + "in": "query", + "name": "toBookingDateTime", + "type": "string", + "format": "date-time", + "description": "The UTC ISO 8601 Date Time to filter transactions TO - NB Time component is optional - set to 00:00:00 for just Date" + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Account Transactions successfully retrieved", + "schema": { + + "$ref": "#/definitions/AccountTransactions" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/accounts/{AccountId}/beneficiaries": { + "get": { + "summary": "Get Account Beneficiaries", + "description": "Get Beneficiaries related to an account", + "operationId": "GetAccountBeneficiaries", + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "AccountId", + "in": "path", + "description": "A unique identifier used to identify the account resource.", + "required": true, + "type": "string" + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Account Beneficiaries successfully retrieved", + "schema": { + + "$ref": "#/definitions/AccountBeneficiaries" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/accounts/{AccountId}/balances": { + "get": { + "summary": "Get Account Balances", + "description": "Get Balances related to an account", + "operationId": "GetAccountBalances", + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "AccountId", + "in": "path", + "description": "A unique identifier used to identify the account resource.", + "required": true, + "type": "string" + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Account Beneficiaries successfully retrieved", + "schema": { + + "$ref": "#/definitions/AccountBalance" + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/accounts/{AccountId}/direct-debits": { + "get": { + "summary": "Get Account Direct Debits", + "description": "Get Direct Debits related to an account", + "operationId": "GetAccountDirectDebits", + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "AccountId", + "in": "path", + "description": "A unique identifier used to identify the account resource.", + "required": true, + "type": "string" + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Account Direct Debits successfully retrieved", + "schema": { + + "$ref": "#/definitions/AccountDirectDebits" + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/accounts/{AccountId}/standing-orders": { + "get": { + "summary": "Get Account Standing Orders", + "description": "Get Standing Orders related to an account", + "operationId": "GetAccountStandingOrders", + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "AccountId", + "in": "path", + "description": "A unique identifier used to identify the account resource.", + "required": true, + "type": "string" + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Account Standing Orders successfully retrieved", + "schema": { + + "$ref": "#/definitions/AccountStandingOrders" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/accounts/{AccountId}/product": { + "get": { + "summary": "Get Account Product", + "description": "Get Product related to an account", + "operationId": "GetAccountProduct", + "produces": [ + "application/json" + ], + "parameters": [ + { + "name": "AccountId", + "in": "path", + "description": "A unique identifier used to identify the account resource.", + "required": true, + "type": "string" + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Account Product successfully retrieved", + "schema": { + "$ref": "#/definitions/AccountProduct" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/standing-orders": { + "get": { + "summary": "Get Standing Orders", + "description": "Get Standing Orders", + "operationId": "GetStandingOrders", + "produces": [ + "application/json" + ], + "parameters": [ + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Standing Orders successfully retrieved", + "schema": { + + "$ref": "#/definitions/AccountStandingOrders" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/direct-debits": { + "get": { + "summary": "Get Direct Debits", + "description": "Get Direct Debits", + "operationId": "GetDirectDebits", + "produces": [ + "application/json" + ], + "parameters": [ + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Direct Debits successfully retrieved", + "schema": { + + "$ref": "#/definitions/AccountDirectDebits" + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/beneficiaries": { + "get": { + "summary": "Get Beneficiaries", + "description": "Get Beneficiaries", + "operationId": "GetBeneficiaries", + "produces": [ + "application/json" + ], + "parameters": [ + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Beneficiaries successfully retrieved", + "schema": { + + "$ref": "#/definitions/AccountBeneficiaries" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/transactions": { + "get": { + "summary": "Get Transactions", + "description": "Get Transactions", + "operationId": "GetTransactions", + "produces": [ + "application/json" + ], + "parameters": [ + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + }, + { + "in": "query", + "name": "fromBookingDateTime", + "type": "string", + "format": "date-time", + "description": "The UTC ISO 8601 Date Time to filter transactions FROM - NB Time component is optional - set to 00:00:00 for just Date" + }, + { + "in": "query", + "name": "toBookingDateTime", + "type": "string", + "format": "date-time", + "description": "The UTC ISO 8601 Date Time to filter transactions TO - NB Time component is optional - set to 00:00:00 for just Date" + } + ], + "responses": { + "200": { + "description": "Transactions successfully retrieved", + "schema": { + + "$ref": "#/definitions/AccountTransactions" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + }, + "/balances": { + "get": { + "summary": "Get Balances", + "description": "Get Balances", + "operationId": "GetBalances", + "produces": [ + "application/json" + ], + "parameters": [ + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456789", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Balances successfully retrieved", + "schema": { + + "$ref": "#/definitions/AccountBalance" + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "429": { + "description": "Too Many Requests" + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "accounts","openid" + ] + } + ] + } + } + }, + "responses": { + "400ErrorResponse": { + "description": "Bad Request" + }, + "401ErrorResponse": { + "description": "Unauthorized" + }, + "403ErrorResponse": { + "description": "Forbidden" + }, + "429ErrorResponse": { + "description": "Too Many Requests" + } + }, + "securityDefinitions": { + "PSUOAuth2Security": { + "type": "oauth2", + "flow": "accessCode", + "tokenUrl": "{{ host_withprotocol }}/apis/v1.0/oauth/token", + "authorizationUrl": "{{ host_withprotocol }}/apis/v1.0/oauth/authorize?response_type=code&client_id={{ client_id_aisp }}&state=abcd1234&scope=openid accounts&redirect_uri=https://api.enterprise.apigee.com/v1/o/{{ org }}/apimodels/accounts-apis-v1-0/templateauths/PSUOAuth2Security/callback", + "scopes": { + "accounts": "Ability to read Accounts information", + "openid" : "openId" + }, + "description": "OAuth flow, it is required when the PSU needs to perform SCA with the ASPSP when a TPP wants to access an ASPSP resource owned by the PSU" + } + }, + "definitions": + { + "CreateAccountRequest" : + { + "title": "Account Request POST response", + "type": "object", + "properties": { + "Data": { + "title": "Data", + "type": "object", + "properties": { + "AccountRequestId": { + "description": "Unique identification as assigned to identify the account request resource.", + "type": "string", + "minLength": 1, + "maxLength": 128 + }, + "Status": { + "description": "Specifies the status of the account request resource.", + "type": "string", + "enum": [ + "Authorised", + "AwaitingAuthorisation", + "Rejected", + "Revoked" + ] + }, + "CreationDateTime": { + "description": "Date and time at which the resource was created.", + "type": "string", + "format": "date-time" + }, + "Permissions": { + "description": "Specifies the Open Banking account request types. This is a list of the data clusters being consented by the PSU, and requested for authorisation with the ASPSP.", + "type": "array", + "items": { + "description": "Specifies the Open Banking account request types. This is a list of the data clusters being consented by the PSU, and requested for authorisation with the ASPSP.", + "type": "string", + "enum": [ + "ReadAccountsBasic", + "ReadAccountsDetail", + "ReadBalances", + "ReadBeneficiariesBasic", + "ReadBeneficiariesDetail", + "ReadDirectDebits", + "ReadProducts", + "ReadStandingOrdersBasic", + "ReadStandingOrdersDetail", + "ReadTransactionsBasic", + "ReadTransactionsCredits", + "ReadTransactionsDebits", + "ReadTransactionsDetail" + ] + }, + "minProperties": 1, + "additionalProperties": false + }, + "ExpirationDateTime": { + "description": "Specified date and time the permissions will expire. If this is not populated, the permissions will be open ended.", + "type": "string", + "format": "date-time" + }, + "TransactionFromDateTime": { + "description": "Specified start date and time for the transaction query period. If this is not populated, the start date will be open ended, and data will be returned from the earliest available transaction.", + "type": "string", + "format": "date-time" + }, + "TransactionToDateTime": { + "description": "Specified end date and time for the transaction query period. If this is not populated, the end date will be open ended, and data will be returned to the latest available transaction.", + "type": "string", + "format": "date-time" + } + }, + "additionalProperties": false, + "required": [ + "AccountRequestId", + "CreationDateTime", + "Permissions" + ] + }, + "Risk": { + "title": "Risk", + "type": "object", + "description": "The Risk payload is sent by the initiating party to the ASPSP. It is used to specify additional details for risk scoring for Account Info.", + "properties": {}, + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": [ + "Data", + "Risk" + ] + }, + "AccountInfo": + { + "title": "Account GET response", + "type": "object", + "properties": { + "Data": { + "title": "Account", + "type": "array", + "items": { + "type": "object", + "title": "Account", + "description": "Account", + "properties": { + "AccountId": { + "description": "A unique and immutable identifier used to identify the account resource. This identifier has no meaning to the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "Currency": { + "description": "Identification of the currency in which the account is held. Usage: Currency should only be used in case one and the same account number covers several currencies and the initiating party needs to identify which currency needs to be used for settlement on the account.", + "type": "string", + "pattern": "^[A-Z]{3}$" + }, + "Nickname": { + "description": "The nickname of the account, assigned by the account owner in order to provide an additional means of identification of the account.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "Account": { + "description": "Provides the details to identify an account.", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "type": "string", + "enum": [ + "BBAN", + "IBAN" + ] + }, + "Identification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + }, + "Name": { + "description": "Name of the account, as assigned by the account servicing institution, in agreement with the account owner in order to provide an additional means of identification of the account. Usage: The account name is different from the account owner name. The account name is used in certain user communities to provide a means of identifying the account, in addition to the account owner's identity and the account number.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "SecondaryIdentification": { + "description": "This is secondary identification of the account, as assigned by the account servicing institution. This can be used by building societies to additionally identify accounts with a roll number (in addition to a sort code and account number combination).", + "type": "string", + "minLength": 1, + "maxLength": 34 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "Servicer": { + "description": "Party that manages the account on behalf of the account owner, that is manages the registration and booking of entries on the account, calculates balances on the account and provides information about the account.", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "type": "string", + "enum": [ + "BICFI", + "UKSortCode" + ] + }, + "Identification": { + "description": "Unique and unambiguous identification of the servicing institution.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": [ + "AccountId", + "Currency" + ] + } + }, + "Links": { + "title": "Links", + "type": "object", + "description": "Links relevant to the payload", + "properties": { + "self": { + "type": "string", + "format": "uri" + }, + "first": { + "type": "string", + "format": "uri" + }, + "prev": { + "type": "string", + "format": "uri" + }, + "next": { + "type": "string", + "format": "uri" + }, + "last": { + "type": "string", + "format": "uri" + } + }, + "additionalProperties": false, + "required": [ + "self" + ] + }, + "Meta": { + "title": "Meta Data", + "type": "object", + "description": "Meta Data relevant to the payload", + "properties": { + "total-pages": { + "type": "integer", + "format": "int32" + } + }, + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": [ + "Data", + "Links", + "Meta" + ] + }, + "AccountTransactions" : + { + "title": "Account Transactions GET response", + "type": "object", + "properties": { + "Data": { + "title": "Transaction", + "description": "Data Section of the Payload", + "type": "array", + "items": { + "type": "object", + "properties": { + "AccountId": { + "description": "A unique and immutable identifier used to identify the account resource. This identifier has no meaning to the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "TransactionId": { + "description": "Unique identifier for the transaction within an servicing institution. This identifier is both unique and immutable.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "TransactionReference": { + "description": "Unique reference for the transaction. This reference is optionally populated, and may as an example be the FPID in the Faster Payments context.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "Amount": { + "description": "Amount of money in the cash entry.", + "type": "object", + "properties": { + "Amount": { + "type": "string", + "pattern": "^-?\\d{1,13}\\.\\d{1,5}$" + }, + "Currency": { + "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 'Codes for the representation of currencies and funds'", + "type": "string", + "pattern": "^[A-Z]{3}$" + } + }, + "required": [ + "Amount", + "Currency" + ], + "additionalProperties": false + }, + "CreditDebitIndicator": { + "description": "Indicates whether the transaction is a credit or a debit entry.", + "type": "string", + "enum": [ + "Credit", + "Debit" + ] + }, + "Status": { + "description": "Status of a transaction entry on the books of the account servicer.", + "type": "string", + "enum": [ + "Booked", + "Pending" + ] + }, + "BookingDateTime": { + "description": "Date and time when a transaction entry is posted to an account on the account servicer's books. Usage: Booking date is the expected booking date, unless the status is booked, in which case it is the actual booking date.", + "type": "string", + "format": "date-time" + }, + "ValueDateTime": { + "description": "Date and time at which assets become available to the account owner in case of a credit entry, or cease to be available to the account owner in case of a debit entry. Usage: If entry status is pending and value date is present, then the value date refers to an expected/requested value date. For entries subject to availability/float and for which availability information is provided, the value date must not be used. In this case the availability component identifies the number of availability days.", + "type": "string", + "format": "date-time" + }, + "TransactionInformation": { + "description": "Further details of the transaction. This is the transaction narrative, which is unstructured text.", + "type": "string", + "minLength": 1, + "maxLength": 500 + }, + "AddressLine": { + "description": "Information that locates and identifies a specific address, as defined by postal services, that is presented in free format text.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "BankTransactionCode": { + "description": "Set of elements used to fully identify the type of underlying transaction resulting in an entry.", + "type": "object", + "properties": { + "Code": { + "description": "Specifies the family within a domain.", + "type": "string" + }, + "SubCode": { + "description": "Specifies the sub-product family within a specific family.", + "type": "string" + } + }, + "required": [ + "Code", + "SubCode" + ], + "additionalProperties": false + }, + "ProprietaryBankTransactionCode": { + "description": "Set of elements to fully identify a proprietary bank transaction code.", + "type": "object", + "properties": { + "Code": { + "description": "Proprietary bank transaction code to identify the underlying transaction.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "Issuer": { + "description": "Identification of the issuer of the proprietary bank transaction code.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "required": [ + "Code" + ], + "additionalProperties": false + }, + "Balance": { + "description": "Set of elements used to define the balance as a numerical representation of the net increases and decreases in an account after a transaction entry is applied to the account.", + "type": "object", + "properties": { + "Amount": { + "description": "Amount of money of the cash balance after a transaction entry is applied to the account..", + "type": "object", + "properties": { + "Amount": { + "type": "string", + "pattern": "^-?\\d{1,13}\\.\\d{1,5}$" + }, + "Currency": { + "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 'Codes for the representation of currencies and funds'", + "type": "string", + "pattern": "^[A-Z]{3}$" + } + }, + "required": [ + "Amount", + "Currency" + ], + "additionalProperties": false + }, + "CreditDebitIndicator": { + "description": "Indicates whether the balance is a credit or a debit balance. Usage: A zero balance is considered to be a credit balance.", + "type": "string", + "enum": [ + "Credit", + "Debit" + ] + }, + "Type": { + "description": "Balance type, in a coded form.", + "type": "string", + "enum": [ + "ClosingAvailable", + "ClosingBooked", + "Expected", + "ForwardAvailable", + "Information", + "InterimAvailable", + "InterimBooked", + "OpeningAvailable", + "OpeningBooked", + "PreviouslyClosedBooked" + ] + } + }, + "additionalProperties": false, + "required": [ + "Amount", + "CreditDebitIndicator", + "Type" + ] + }, + "MerchantDetails": { + "description": "Details of the merchant involved in the transaction.", + "type": "object", + "properties": { + "MerchantName": { + "description": "Name by which the merchant is known.", + "type": "string", + "minLength": 1, + "maxLength": 350 + }, + "MerchantCategoryCode": { + "description": "Category code conform to ISO 18245, related to the type of services or goods the merchant provides for the transaction.", + "type": "string", + "minLength": 3, + "maxLength": 4 + } + }, + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": [ + "AccountId", + "Amount", + "CreditDebitIndicator", + "Status", + "BookingDateTime" + ] + } + }, + "Links": { + "title": "Links", + "type": "object", + "description": "Links relevant to the payload", + "properties": { + "self": { + "type": "string", + "format": "uri" + }, + "first": { + "type": "string", + "format": "uri" + }, + "prev": { + "type": "string", + "format": "uri" + }, + "next": { + "type": "string", + "format": "uri" + }, + "last": { + "type": "string", + "format": "uri" + } + }, + "additionalProperties": false, + "required": [ + "self" + ] + }, + "Meta": { + "title": "Meta", + "type": "object", + "description": "Meta Data relevant to the payload", + "properties": { + "total-pages": { + "type": "integer", + "format": "int32" + } + }, + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": [ + "Data", + "Links", + "Meta" + ] + }, + "AccountBeneficiaries" : + { + "title": "Beneficiaries GET response", + "type": "object", + "properties": { + "Data": { + "title": "Beneficiary", + "type": "array", + "items": { + "type": "object", + "title": "Beneficiary", + "description": "Beneficiary", + "properties": { + "AccountId": { + "description": "A unique and immutable identifier used to identify the account resource. This identifier has no meaning to the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "BeneficiaryId": { + "description": "A unique and immutable identifier used to identify the beneficiary resource. This identifier has no meaning to the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "Reference": { + "description": "Unique reference, as assigned by the creditor, to unambiguously refer to the payment transaction. Usage: If available, the initiating party should provide this reference in the structured remittance information, to enable reconciliation by the creditor upon receipt of the amount of money. If the business context requires the use of a creditor reference or a payment remit identification, and only one identifier can be passed through the end-to-end chain, the creditor's reference or payment remittance identification should be quoted in the end-to-end transaction identification.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "Servicer": { + "description": "Party that manages the account on behalf of the account owner, that is manages the registration and booking of entries on the account, calculates balances on the account and provides information about the account. This is the servicer of the beneficiary account.", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "type": "string", + "enum": [ + "BICFI", + "UKSortCode" + ] + }, + "Identification": { + "description": "Unique and unambiguous identification of the servicing institution.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "CreditorAccount": { + "description": "Provides the details to identify the beneficiary account.", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "type": "string", + "enum": [ + "BBAN", + "IBAN" + ] + }, + "Identification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + }, + "Name": { + "description": "Name of the account, as assigned by the account servicing institution, in agreement with the account owner in order to provide an additional means of identification of the account. Usage: The account name is different from the account owner name. The account name is used in certain user communities to provide a means of identifying the account, in addition to the account owner's identity and the account number.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "SecondaryIdentification": { + "description": "This is secondary identification of the account, as assigned by the account servicing institution. This can be used by building societies to additionally identify accounts with a roll number (in addition to a sort code and account number combination).", + "type": "string", + "minLength": 1, + "maxLength": 34 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + } + }, + "additionalProperties": false + } + }, + "Links": { + "title": "Links", + "type": "object", + "description": "Links relevant to the payload", + "properties": { + "self": { + "type": "string", + "format": "uri" + }, + "first": { + "type": "string", + "format": "uri" + }, + "prev": { + "type": "string", + "format": "uri" + }, + "next": { + "type": "string", + "format": "uri" + }, + "last": { + "type": "string", + "format": "uri" + } + }, + "additionalProperties": false, + "required": [ + "self" + ] + }, + "Meta": { + "title": "Meta Data", + "type": "object", + "description": "Meta Data relevant to the payload", + "properties": { + "total-pages": { + "type": "integer", + "format": "int32" + } + }, + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": [ + "Data", + "Links", + "Meta" + ] + }, + "AccountBalance": + { + "title": "Balances GET response", + "type": "object", + "properties": { + "Data": { + "title": "Balance", + "type": "array", + "items": { + "type": "object", + "title": "Balance", + "description": "Balance", + "properties": { + "AccountId": { + "description": "A unique and immutable identifier used to identify the account resource. This identifier has no meaning to the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "Amount": { + "description": "Amount of money of the cash balance.", + "type": "object", + "properties": { + "Amount": { + "type": "string", + "pattern": "^-?\\d{1,13}\\.\\d{1,5}$" + }, + "Currency": { + "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 'Codes for the representation of currencies and funds'", + "type": "string", + "pattern": "^[A-Z]{3}$" + } + }, + "required": [ + "Amount", + "Currency" + ], + "additionalProperties": false + }, + "CreditDebitIndicator": { + "description": "Indicates whether the balance is a credit or a debit balance. Usage: A zero balance is considered to be a credit balance.", + "type": "string", + "enum": [ + "Credit", + "Debit" + ] + }, + "Type": { + "description": "Balance type, in a coded form.", + "type": "string", + "enum": [ + "ClosingAvailable", + "ClosingBooked", + "Expected", + "ForwardAvailable", + "Information", + "InterimAvailable", + "InterimBooked", + "OpeningAvailable", + "OpeningBooked", + "PreviouslyClosedBooked" + ] + }, + "DateTime": { + "description": "Indicates the date (and time) of the balance.", + "type": "string", + "format": "date-time" + }, + "CreditLine": { + "type": "object", + "properties": { + "Included": { + "description": "Indicates whether or not the credit line is included in the balance of the account. Usage: If not present, credit line is not included in the balance amount of the account.", + "type": "boolean" + }, + "Amount": { + "description": "Active Or Historic Currency Code and Amount", + "type": "object", + "properties": { + "Amount": { + "type": "string", + "pattern": "^-?\\d{1,13}\\.\\d{1,5}$" + }, + "Currency": { + "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 'Codes for the representation of currencies and funds'", + "type": "string", + "pattern": "^[A-Z]{3}$" + } + }, + "required": [ + "Amount", + "Currency" + ], + "additionalProperties": false + }, + "Type": { + "description": "Limit type, in a coded form.", + "type": "string", + "enum": [ + "Pre-Agreed", + "Emergency", + "Temporary" + ] + } + }, + "additionalProperties": false, + "required": [ + "Included" + ] + } + }, + "additionalProperties": false, + "required": [ + "AccountId", + "Amount", + "CreditDebitIndicator", + "DateTime", + "Type" + ] + }, + "minItems": 1 + }, + "Links": { + "title": "Links", + "type": "object", + "description": "Links relevant to the payload", + "properties": { + "self": { + "type": "string", + "format": "uri" + }, + "first": { + "type": "string", + "format": "uri" + }, + "prev": { + "type": "string", + "format": "uri" + }, + "next": { + "type": "string", + "format": "uri" + }, + "last": { + "type": "string", + "format": "uri" + } + }, + "additionalProperties": false, + "required": [ + "self" + ] + }, + "Meta": { + "title": "Meta Data", + "type": "object", + "description": "Meta Data relevant to the payload", + "properties": { + "total-pages": { + "type": "integer", + "format": "int32" + } + }, + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": [ + "Data", + "Links", + "Meta" + ] + }, + "AccountDirectDebits": + {"title": "Account GET response", + "type": "object", + "properties": { + "Data": { + "title": "DirectDebit", + "type": "array", + "items": { + "type": "object", + "title": "Direct Debit", + "description": "Direct Debit", + "properties": { + "AccountId": { + "description": "A unique and immutable identifier used to identify the account resource. This identifier has no meaning to the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "DirectDebitId": { + "description": "A unique and immutable identifier used to identify the direct debit resource. This identifier has no meaning to the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "MandateIdentification": { + "description": "Direct Debit reference. For AUDDIS service users provide Core Reference. For non AUDDIS service users provide Core reference if possible or last used reference.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "DirectDebitStatusCode": { + "description": "Specifies the status of the direct debit in code form.", + "type": "string", + "enum": [ + "Active", + "Inactive" + ] + }, + "Name": { + "description": "Name of Service User", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "PreviousPaymentDateTime": { + "description": "Date of most recent direct debit collection.", + "type": "string", + "format": "date-time" + }, + "PreviousPaymentAmount": { + "description": "The amount of the most recent direct debit collection.", + "type": "object", + "properties": { + "Amount": { + "type": "string", + "pattern": "^-?\\d{1,13}\\.\\d{1,5}$" + }, + "Currency": { + "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 'Codes for the representation of currencies and funds'", + "type": "string", + "pattern": "^[A-Z]{3}$" + } + }, + "required": [ + "Amount", + "Currency" + ], + "additionalProperties": false + } + }, + "required": [ + "AccountId", + "MandateIdentification", + "Name" + ], + "additionalProperties": false + } + }, + "Links": { + "title": "Links", + "type": "object", + "description": "Links relevant to the payload", + "properties": { + "self": { + "type": "string", + "format": "uri" + }, + "first": { + "type": "string", + "format": "uri" + }, + "prev": { + "type": "string", + "format": "uri" + }, + "next": { + "type": "string", + "format": "uri" + }, + "last": { + "type": "string", + "format": "uri" + } + }, + "additionalProperties": false, + "required": [ + "self" + ] + }, + "Meta": { + "title": "Meta Data", + "type": "object", + "description": "Meta Data relevant to the payload", + "properties": { + "total-pages": { + "type": "integer", + "format": "int32" + } + }, + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": [ + "Data", + "Links", + "Meta" + ] + }, + "AccountStandingOrders" : + { + "title": "Standing Orders GET response", + "type": "object", + "properties": { + "Data": { + "title": "StandingOrder", + "type": "array", + "items": { + "type": "object", + "title": "Standing Order", + "description": "Standing Order", + "properties": { + "AccountId": { + "description": "The date on which the first payment for a Standing Order schedule will be made.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "StandingOrderId": { + "description": "A unique and immutable identifier used to identify the standing order resource. This identifier has no meaning to the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "Frequency": { + "description": "EvryWorkgDay - PSC070 IntrvlWkDay:PSC110:PSC080 (PSC070 code + PSC110 + PSC080) WkInMnthDay:PSC100:PSC080 (PSC070 code + PSC100 + PSC080) IntrvlMnthDay:PSC120:PSC090 (PSC070 code + PSC120 + PSC090) QtrDay: + either (ENGLISH, SCOTTISH or RECEIVED) PSC070 + PSC130 The following response codes may be generated by this data element: PSC070: T221 - Schedule code must be a valid enumeration value. PSC070: T245 - Must be provided for standing order only. PSC080: T222 - Day in week must be within defined bounds (range 1 to 5). PSC080: T229 - Must be present if Schedule Code = IntrvlWkDay. PSC080: T231 - Must be present if Schedule Code = WkInMnthDay. PSC090: T223 - Day in month must be within defined bounds (range -5 to 31 excluding: 0 & 00). PSC090: T233 - Must be present if Schedule Code = IntrvlMnthDay. PSC100: T224 - Week in month must be within defined bounds (range 1 to 5). PSC100: T232 - Must be present if Schedule Code = WkInMnthDay. PSC110: T225 - Interval in weeks must be within defined bounds (range 1 to 9). PSC110: T230 - Must be present if Schedule Code = IntrvlWkDay. PSC120: T226 - Interval in months must be a valid enumeration value (range 1 to 6, 12 and 24). PSC120: T234 - Must be present if Schedule Code = IntrvlMnthDay. PSC130: T227 - Quarter Day must be a valid enumeration value. PSC130: T235 - Must be present if Schedule Code = QtrDay. The regular expression for this element combines five smaller versions for each permitted pattern. To aid legibility - the components are presented individually here: EvryWorkgDay IntrvlWkDay:0[1-9]:0[1-5] WkInMnthDay:0[1-5]:0[1-5] IntrvlMnthDay:(0[1-6]|12|24):(-0[1-5]|0[1-9]|[12][0-9]|3[01]) QtrDay:(ENGLISH|SCOTTISH|RECEIVED) Mandatory/Conditional/Optional/Parent/Leaf: OL Type: 35 char string Regular Expression(s): (EvryWorkgDay)|(IntrvlWkDay:0[1-9]:0[1-5])|(WkInMnthDay:0[1-5]:0[1-5])|(IntrvlMnthDay:(0[1- 6]|12|24):(-0[1-5]|0[1-9]|[12][0-9]|3[01]))|(QtrDay:(ENGLISH|SCOTTISH|RECEIVED))", + "type": "string", + "pattern": "^((EvryWorkgDay)|(IntrvlWkDay:0[1-9]:0[1-5])|(WkInMnthDay:0[1-5]:0[1-5])|(IntrvlMnthDay:(0[1-6]|12|24):(-0[1-5]|0[1-9]|[12][0-9]|3[01]))|(QtrDay:(ENGLISH|SCOTTISH|RECEIVED)))$" + }, + "Reference": { + "description": "Unique reference, as assigned by the creditor, to unambiguously refer to the payment transaction. Usage: If available, the initiating party should provide this reference in the structured remittance information, to enable reconciliation by the creditor upon receipt of the amount of money. If the business context requires the use of a creditor reference or a payment remit identification, and only one identifier can be passed through the end-to-end chain, the creditor's reference or payment remittance identification should be quoted in the end-to-end transaction identification.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "FirstPaymentDateTime": { + "description": "The date on which the first payment for a Standing Order schedule will be made.", + "type": "string", + "format": "date-time" + }, + "FirstPaymentAmount": { + "description": "The amount of the first Standing Order", + "type": "object", + "properties": { + "Amount": { + "type": "string", + "pattern": "^-?\\d{1,13}\\.\\d{1,5}$" + }, + "Currency": { + "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 'Codes for the representation of currencies and funds'", + "type": "string", + "pattern": "^[A-Z]{3}$" + } + }, + "required": [ + "Amount", + "Currency" + ], + "additionalProperties": false + }, + "NextPaymentDateTime": { + "description": "The date on which the next payment for a Standing Order schedule will be made.", + "type": "string", + "format": "date-time" + }, + "NextPaymentAmount": { + "description": "The amount of the next Standing Order", + "type": "object", + "properties": { + "Amount": { + "type": "string", + "pattern": "^-?\\d{1,13}\\.\\d{1,5}$" + }, + "Currency": { + "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 'Codes for the representation of currencies and funds'", + "type": "string", + "pattern": "^[A-Z]{3}$" + } + }, + "required": [ + "Amount", + "Currency" + ], + "additionalProperties": false + }, + "FinalPaymentDateTime": { + "description": "The date on which the final payment for a Standing Order schedule will be made.", + "type": "string", + "format": "date-time" + }, + "FinalPaymentAmount": { + "description": "The amount of the final Standing Order", + "type": "object", + "properties": { + "Amount": { + "type": "string", + "pattern": "^-?\\d{1,13}\\.\\d{1,5}$" + }, + "Currency": { + "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 'Codes for the representation of currencies and funds'", + "type": "string", + "pattern": "^[A-Z]{3}$" + } + }, + "required": [ + "Amount", + "Currency" + ], + "additionalProperties": false + }, + "Servicer": { + "description": "Party that manages the account on behalf of the account owner, that is manages the registration and booking of entries on the account, calculates balances on the account and provides information about the account. This is the servicer of the beneficiary account", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "type": "string", + "enum": [ + "BICFI", + "UKSortCode" + ] + }, + "Identification": { + "description": "Unique and unambiguous identification of the servicing institution.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "CreditorAccount": { + "description": "Provides the details to identify the beneficiary account.", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "type": "string", + "enum": [ + "BBAN", + "IBAN" + ] + }, + "Identification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + }, + "Name": { + "description": "Name of the account, as assigned by the account servicing institution, in agreement with the account owner in order to provide an additional means of identification of the account. Usage: The account name is different from the account owner name. The account name is used in certain user communities to provide a means of identifying the account, in addition to the account owner's identity and the account number.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "SecondaryIdentification": { + "description": "This is secondary identification of the account, as assigned by the account servicing institution. This can be used by building societies to additionally identify accounts with a roll number (in addition to a sort code and account number combination).", + "type": "string", + "minLength": 1, + "maxLength": 34 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + } + }, + "required": [ + "AccountId", + "Frequency", + "NextPaymentDateTime", + "NextPaymentAmount" + ], + "additionalProperties": false + } + }, + "Links": { + "title": "Links", + "type": "object", + "description": "Links relevant to the payload", + "properties": { + "self": { + "type": "string", + "format": "uri" + }, + "first": { + "type": "string", + "format": "uri" + }, + "prev": { + "type": "string", + "format": "uri" + }, + "next": { + "type": "string", + "format": "uri" + }, + "last": { + "type": "string", + "format": "uri" + } + }, + "additionalProperties": false, + "required": [ + "self" + ] + }, + "Meta": { + "title": "Meta Data", + "type": "object", + "description": "Meta Data relevant to the payload", + "properties": { + "total-pages": { + "type": "integer", + "format": "int32" + } + }, + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": [ + "Data", + "Links", + "Meta" + ] + }, + "AccountProduct" : + { + "title": "Product GET response", + "type": "object", + "properties": { + "Data": { + "title": "Product", + "type": "array", + "items": { + "type": "object", + "title": "Product", + "description": "Product", + "properties": { + "AccountId": { + "description": "A unique and immutable identifier used to identify the account resource. This identifier has no meaning to the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "ProductIdentifier": { + "description": "Identifier within the parent organisation for the product. Must be unique in the organisation.", + "type": "string" + }, + "ProductType": { + "description": "Descriptive code for the product category.", + "type": "string", + "enum": [ + "BCA", + "PCA" + ] + }, + "ProductName": { + "description": "The name of the product used for marketing purposes from a customer perspective. I.e. what the customer would recognise.", + "type": "string" + }, + "SecondaryProductIdentifier": { + "description": "Identifier within the parent organisation for the product. Must be unique in the organisation.", + "type": "string" + } + }, + "additionalProperties": false, + "required": [ + "AccountId", + "ProductIdentifier", + "ProductType" + ] + } + }, + "Links": { + "title": "Links", + "type": "object", + "description": "Links relevant to the payload", + "properties": { + "self": { + "type": "string", + "format": "uri" + }, + "first": { + "type": "string", + "format": "uri" + }, + "prev": { + "type": "string", + "format": "uri" + }, + "next": { + "type": "string", + "format": "uri" + }, + "last": { + "type": "string", + "format": "uri" + } + }, + "additionalProperties": false, + "required": [ + "self" + ] + }, + "Meta": { + "title": "Meta Data", + "type": "object", + "description": "Meta Data relevant to the payload", + "properties": { + "total-pages": { + "type": "integer", + "format": "int32" + } + }, + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": [ + "Data", + "Links", + "Meta" + ] + }, + "AccountRequest" : + { + "title": "Account Request POST request", + "description": "Allows setup of an account access request", + "type": "object", + "properties": { + "Data": { + "title": "Data", + "description": "Allows setup of an account access request", + "type": "object", + "properties": { + "Permissions": { + "description": "Specifies the Open Banking account request types. This is a list of the data clusters being consented by the PSU, and requested for authorisation with the ASPSP.", + "type": "array", + "items": { + "description": "Specifies the Open Banking account request types. This is a list of the data clusters being consented by the PSU, and requested for authorisation with the ASPSP.", + "type": "string", + "enum": [ + "ReadAccountsBasic", + "ReadAccountsDetail", + "ReadBalances", + "ReadBeneficiariesBasic", + "ReadBeneficiariesDetail", + "ReadDirectDebits", + "ReadProducts", + "ReadStandingOrdersBasic", + "ReadStandingOrdersDetail", + "ReadTransactionsBasic", + "ReadTransactionsCredits", + "ReadTransactionsDebits", + "ReadTransactionsDetail" + ] + }, + "minProperties": 1, + "additionalProperties": false + }, + "ExpirationDateTime": { + "description": "Specified date and time the permissions will expire. If this is not populated, the permissions will be open ended.", + "type": "string", + "format": "date-time" + }, + "TransactionFromDateTime": { + "description": "Specified start date and time for the transaction query period. If this is not populated, the start date will be open ended, and data will be returned from the earliest available transaction.", + "type": "string", + "format": "date-time" + }, + "TransactionToDateTime": { + "description": "Specified end date and time for the transaction query period. If this is not populated, the end date will be open ended, and data will be returned to the latest available transaction.", + "type": "string", + "format": "date-time" + } + }, + "additionalProperties": false, + "required": [ + "Permissions" + ] + }, + "Risk": { + "title": "Risk", + "type": "object", + "description": "The Risk payload is sent by the initiating party to the ASPSP. It is used to specify additional details for risk scoring for Account Info.", + "properties": {}, + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": [ + "Data", + "Risk" + ] + } + } +} \ No newline at end of file diff --git a/src/devportal/all/modules/custom/openbank_swagger/swaggers/authv2.json.template b/src/devportal/all/modules/custom/openbank_swagger/swaggers/oauthv1-0.json similarity index 63% rename from src/devportal/all/modules/custom/openbank_swagger/swaggers/authv2.json.template rename to src/devportal/all/modules/custom/openbank_swagger/swaggers/oauthv1-0.json index 0c751736..4e6b63f4 100644 --- a/src/devportal/all/modules/custom/openbank_swagger/swaggers/authv2.json.template +++ b/src/devportal/all/modules/custom/openbank_swagger/swaggers/oauthv1-0.json @@ -1,6 +1,6 @@ { "swagger": "2.0", - "host": "{{ host }}", + "host": "testdemorrai-test.apigee.net", "schemes": [ "https" ], @@ -9,7 +9,7 @@ "title": "Generate Access Token", "version": "0.0.1" }, - "basePath": "/apis/v2/oauth", + "basePath": "/apis/v1.0/oauth", "paths": { "/authorize": { "get": { @@ -28,37 +28,46 @@ } }, "security": [], - "parameters": [ - { + "parameters": [{ "in": "query", "name": "client_id", - "description": "Client ID of the registered App.", + "description": "TPPs MUST provide this value and set it to the client id issued to them.", "type": "string", + "default": "zPq1BGV4OlLV7hJR1DsbfTI1t3orbDmD", "required": true }, { "in": "query", "name": "redirect_uri", - "description": "Redirect URI defined with your registered App.", + "description": "Redirect URI defined with your registered App. This MUST be a valid, absolute URL that was registered during Client Registration.", + "type": "string", + "default" : "http://localhost/", + "required": true + }, + { + "in": "query", + "name": "nonce", + "description": "A nonce value", "type": "string", "required": true }, { "in": "query", "name": "response_type", - "description": "The value must be one of 'code' for requesting an authorization code or 'token' for requesting an access token (implicit grant). The redirect url is passed with query params state and code.", + "description": "OAuth 2.0 requires that this parameter is provided. Value is set to ‘code id_token’ or ‘code’. The values for these parameters MUST match those in the Request Object, if present.", "type": "string", "required": true, "enum": [ + "code id_token", + "code", "token", - "code" - ], - "default": "token" + "token id_token" + ] }, { "in": "query", "name": "state", - "description": "Unique id to maintain state between asynchronous requests.", + "description": "TPPs MAY provide a state parameter. An Unique id to maintain state between asynchronous requests at the Client.", "type": "string", "required": true, "default": "af0ifjsldkj" @@ -66,31 +75,19 @@ { "in": "query", "name": "scope", - "description": "Scope of the access token requested.", + "description": "The scopes MUST be a sub-set of the scopes that were registered during Client Registration. At a minimum the scope parameter MUST contain openid. Other valid scopes are: accounts, payments", "type": "string", "required": true, "enum": [ - "accounts", - "payments", + "openid accounts", + "openid payments", "openid" ] }, { "in": "query", - "name": "acr_values", - "description": "Determines the level of security for authentication. A value of 2 will require only Customer Id and Password. A value of 3 will request for OTP.", - "type": "string", - "required": true, - "enum": [ - "2", - "3" - ], - "default": "2" - }, - { - "in": "query", - "name": "request_id", - "description": "Request Id for which Authorization Flow need to be executed", + "name": "request", + "description": "The parameter MUST contain a JWS that is signed by the TPP. The JWS payload MUST consist of a JSON object containing a request object as per OIDC Core 6.1.

    The request object MUST contain a claims section that includes as a minimum

  • openbanking_intent_id that identifies the intent id for which this authorisation is requested", "type": "string", "required": true @@ -118,19 +115,20 @@ } }, "security": [], - "parameters": [ - { + "parameters": [{ "in": "formData", "name": "client_id", - "description": "Client ID of the registered App.", + "description": "Client ID of the registered App - for non-authenticated requests and Optional for client-assertion requests", "type": "string", - "required": true + "default": "zPq1BGV4OlLV7hJR1DsbfTI1t3orbDmD", + "required": false }, { "in": "formData", "name": "redirect_uri", "description": "Redirect URI defined with your registered App. This is verified against the redirect uri that is registered when the App is created. If found to be different this call fails to return the access token.", "type": "string", + "default" : "http://localhost/", "required": true }, { @@ -142,8 +140,7 @@ "enum": [ "client_credentials", "authorization_code" - ], - "default": "authorization_code" + ] }, { "in": "formData", @@ -157,8 +154,36 @@ "name": "Authorization", "description": "Base 64 encoded string with client_id:client_secret.", "type": "string", - "required": true - }] + "required": false + }, + { + "in": "formData", + "name": "scope", + "description": "The scopes is used for grant_type 'client_credentials'", + "type": "string", + "enum": [ + "accounts", + "payments" + ] + }, + { + "in": "formData", + "name": "client_assertion_type", + "description": "Required for client_assertion based authentication. The value MUST be 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer'", + "type": "string", + "required": false, + "enum": [ + "urn:ietf:params:oauth:client-assertion-type:jwt-bearer" + ] + }, + { + "in": "formData", + "name": "client_assertion", + "description": "Authentication JWT token containing clientId as iss and signed using the private key of the TPP", + "type": "string", + "required": false + } + ] } } }, diff --git a/openapi/oauth2.json b/src/devportal/all/modules/custom/openbank_swagger/swaggers/oauthv1-0.json.template similarity index 91% rename from openapi/oauth2.json rename to src/devportal/all/modules/custom/openbank_swagger/swaggers/oauthv1-0.json.template index 70671570..59e56100 100644 --- a/openapi/oauth2.json +++ b/src/devportal/all/modules/custom/openbank_swagger/swaggers/oauthv1-0.json.template @@ -1,6 +1,6 @@ { "swagger": "2.0", - "host": "apisbank-test.apigee.net", + "host": "{{ host }}", "schemes": [ "https" ], @@ -9,7 +9,7 @@ "title": "Generate Access Token", "version": "0.0.1" }, - "basePath": "/apis/v2/oauth", + "basePath": "/apis/v1.0/oauth", "paths": { "/authorize": { "get": { @@ -28,12 +28,12 @@ } }, "security": [], - "parameters": [ - { + "parameters": [{ "in": "query", "name": "client_id", "description": "TPPs MUST provide this value and set it to the client id issued to them.", "type": "string", + "default": "{{ client_id_aisp }}", "required": true }, { @@ -41,6 +41,14 @@ "name": "redirect_uri", "description": "Redirect URI defined with your registered App. This MUST be a valid, absolute URL that was registered during Client Registration.", "type": "string", + "default" : "http://localhost/", + "required": true + }, + { + "in": "query", + "name": "nonce", + "description": "A nonce value", + "type": "string", "required": true }, { @@ -54,8 +62,7 @@ "code", "token", "token id_token" - ], - "default": "token" + ] }, { "in": "query", @@ -73,6 +80,7 @@ "required": true, "enum": [ "openid accounts", + "openid payments", "openid" ] }, @@ -107,12 +115,12 @@ } }, "security": [], - "parameters": [ - { + "parameters": [{ "in": "formData", "name": "client_id", "description": "Client ID of the registered App - for non-authenticated requests and Optional for client-assertion requests", "type": "string", + "default": "{{ client_id_aisp }}", "required": false }, { @@ -120,6 +128,7 @@ "name": "redirect_uri", "description": "Redirect URI defined with your registered App. This is verified against the redirect uri that is registered when the App is created. If found to be different this call fails to return the access token.", "type": "string", + "default" : "http://localhost/", "required": true }, { @@ -131,8 +140,7 @@ "enum": [ "client_credentials", "authorization_code" - ], - "default": "authorization_code" + ] }, { "in": "formData", @@ -141,13 +149,6 @@ "type": "string", "required": false }, - { - "in": "formData", - "name": "nonce", - "description": "A nonce value", - "type": "string", - "required": false - }, { "in": "header", "name": "Authorization", @@ -155,13 +156,23 @@ "type": "string", "required": false }, + { + "in": "formData", + "name": "scope", + "description": "The scopes is used for grant_type 'client_credentials'", + "type": "string", + "enum": [ + "accounts", + "payments" + ] + }, { "in": "formData", "name": "client_assertion_type", "description": "Required for client_assertion based authentication. The value MUST be 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer'", "type": "string", "required": false, - "enum":[ + "enum": [ "urn:ietf:params:oauth:client-assertion-type:jwt-bearer" ] }, @@ -207,4 +218,4 @@ } } } -} +} \ No newline at end of file diff --git a/src/devportal/all/modules/custom/openbank_swagger/swaggers/opendata-locations.json b/src/devportal/all/modules/custom/openbank_swagger/swaggers/opendata-locations.json deleted file mode 100644 index 1f3f443b..00000000 --- a/src/devportal/all/modules/custom/openbank_swagger/swaggers/opendata-locations.json +++ /dev/null @@ -1,298 +0,0 @@ -{ - "swagger": "2.0", - "host": "testdemorrai-test.apigee.net", - "schemes": [ - "https" - ], - "info": { - "description": "Locations API", - "title": "List of Branch and ATM Locations", - "version": "0.0.1", - "termsOfService": "http://example.com/about/terms", - "contact": { - "name": "API Docs", - "url": "http://example.com/contact", - "email": "solution-ninjas@google.com" - }, - "license": { - "name": "Apache 2.0", - "url": "http://example.com" - } - }, - "basePath": "/apis/v2/locations", - "paths": { - "/atms": { - "get": { - "description": "

    Returns a list of ATMs with Address, Latitude and Longitude.

     

    Optional parameters include search filters, latitude, longitude and radius of search.

    ", - "summary": "List of atms", - "operationId": "atms", - "tags": [ - "opendata" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AtmsResponse" - } - }, - "400": { - "description": "Bad Request" - } - }, - "security": [], - "parameters": [ - { - "in": "query", - "name": "latitude", - "description": "Latitude of the place around which you want to find ATMs. If latitude is provided, longitude must also be provided.", - "type": "string", - "required": false - }, - { - "in": "query", - "name": "longitude", - "description": "Longitude of the place around which you want to find ATMs. If longitude is provided, latitude must also be provided.", - "type": "string", - "required": false - }, - { - "in": "query", - "name": "radius", - "description": "This is the radius (in meters) from the search point. If radius is provided, then latitude and longitude has to also be provided", - "type": "integer", - "required": false - }, - { - "in": "query", - "name": "wheelchair", - "description": "This is check (in boolean) to see if the ATM is accessible by wheelchair", - "type": "boolean", - "required": false - }, - { - "in": "query", - "name": "isWithdrawalCharged", - "description": "This is to check whether withdrawal of money from this ATM will be charged.", - "type": "boolean", - "required": false - }, - { - "in": "query", - "name": "currency", - "description": "The currency required", - "type": "string", - "required": false - }, - { - "in": "query", - "name": "status", - "description": "This is to check if the ATM is currently available for withdrawing money.", - "type": "string", - "required": false - } - ] - } - }, - "/branches": { - "get": { - "description": "

    Returns a list of Branches with Address, Latitude and Longitude.

     

    Optional parameters include search filters, latitude, longitude and radius of search.

    ", - "summary": "List of Branches", - "operationId": "branches", - "tags": [ - "opendata" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/BranchesResponse" - } - }, - "400": { - "description": "Bad Request" - } - }, - "security": [], - "parameters": [ - { - "in": "query", - "name": "latitude", - "description": "Latitude of the place around which you want to find Branches. If latitude is provided, longitude must also be provided.", - "type": "string", - "required": false - }, - { - "in": "query", - "name": "longitude", - "description": "Longitude of the place around which you want to find Branches. If longitude is provided, latitude must also be provided.", - "type": "string", - "required": false - }, - { - "in": "query", - "name": "radius", - "description": "This is the radius (in meters) from the search point. If radius is provided, then latitude and longitude has to also be provided", - "type": "integer", - "required": false - }, - { - "in": "query", - "name": "wheelchair", - "description": "This is check (in boolean) to see if the Branch is accessible by wheelchair.", - "type": "boolean", - "required": false - }, - { - "in": "query", - "name": "openingDay", - "description": "This is the day of the week on which the Branch needs to be checked if open", - "type": "string", - "required": false - }, - { - "in": "query", - "name": "openAt", - "description": "This is the time (in minute format) at which the Branch needs to be checked if open on a particular week day", - "type": "string", - "required": false - } - ] - } - } - }, - "definitions": { - "AtmsResponse": { - "description": "List of ATM Locations", - "type": "object", - "properties": { - "AtmId": { - "type": "string", - "description": "Unique ATM Id " - }, - "AtmServices": { - "type": "string", - "description": "Types of service atm provide" - }, - "Address": { - "type": "object", - "description": "Address of the ATM" - }, - "Currency": { - "type": "string", - "description": "Currency of notes that is disposed by the ATM." - }, - "Location": { - "type": "object", - "description": "Latitude + Longitude of the ATM." - }, - "LocationCategory": { - "type": "string", - "description": "Location category" - }, - "MinimumValueDispensed": { - "type": "string", - "description": "Minimum amount dispensed" - }, - "Organisation": { - "type": "object", - "description": "Organization to which the ATM belongs" - }, - "SiteName": { - "type": "string", - "description": "Site of ATM" - }, - "SupportedLanguages": { - "type": "array", - "items" : { - "type":"string" - }, - "description": "Languages supported" - } - }, - "xml": { - "name": "AtmsResponse" - } - }, - "BranchesResponse": { - "description": "List of Branch Locations", - "type": "object", - "properties": { - "BranchIdentification": { - "type": "string", - "description": "Unique Identification of the Branch." - }, - "Address": { - "type": "string", - "description": "Address of the Branch." - }, - "Access": { - "type": "object", - "description": "Available accessibility features of the Branch." - }, - "Location": { - "type": "object", - "description": "Latitude + Longitude of the Branch." - }, - "AtmAtBranch": { - "type": "string", - "description": "Determines if ATM is available at the branch" - }, - "BranchName": { - "type": "string", - "description": "Name of branch" - }, - "BranchMediatedServiceName": { - "type": "string", - "description": "name of branch service mediator" - }, - "BranchPhoto": { - "type": "string", - "description": "link for branch photo" - }, - "BranchType": { - "type": "string", - "description": "type of branch" - }, - "CustomerSegment": { - "type": "array", - "items" : - { - "type" : "string" - }, - "description": "category of customers which the branch addresses" - }, - "FaxNumber": { - "type": "string", - "description": "fax number of branch" - }, - "OpeningTimes": { - "type": "array", - "items" : - { - "type" : "string" - }, - "description": "opening times of the branch" - }, - "Organisation": { - "type": "object", - "description": "Organisation details of branch" - }, - "TelephoneNumber": { - "type": "object", - "description": "Contact number of the branch" - } - }, - "xml": { - "name": "BranchesResponse" - } - } - } -} - diff --git a/src/devportal/all/modules/custom/openbank_swagger/swaggers/opendata-locations.json.template b/src/devportal/all/modules/custom/openbank_swagger/swaggers/opendata-locations.json.template deleted file mode 100644 index 81604488..00000000 --- a/src/devportal/all/modules/custom/openbank_swagger/swaggers/opendata-locations.json.template +++ /dev/null @@ -1,298 +0,0 @@ -{ - "swagger": "2.0", - "host": "{{ host }}", - "schemes": [ - "https" - ], - "info": { - "description": "Locations API", - "title": "List of Branch and ATM Locations", - "version": "0.0.1", - "termsOfService": "http://example.com/about/terms", - "contact": { - "name": "API Docs", - "url": "http://example.com/contact", - "email": "solution-ninjas@google.com" - }, - "license": { - "name": "Apache 2.0", - "url": "http://example.com" - } - }, - "basePath": "/apis/v2/locations", - "paths": { - "/atms": { - "get": { - "description": "

    Returns a list of ATMs with Address, Latitude and Longitude.

     

    Optional parameters include search filters, latitude, longitude and radius of search.

    ", - "summary": "List of atms", - "operationId": "atms", - "tags": [ - "opendata" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/AtmsResponse" - } - }, - "400": { - "description": "Bad Request" - } - }, - "security": [], - "parameters": [ - { - "in": "query", - "name": "latitude", - "description": "Latitude of the place around which you want to find ATMs. If latitude is provided, longitude must also be provided.", - "type": "string", - "required": false - }, - { - "in": "query", - "name": "longitude", - "description": "Longitude of the place around which you want to find ATMs. If longitude is provided, latitude must also be provided.", - "type": "string", - "required": false - }, - { - "in": "query", - "name": "radius", - "description": "This is the radius (in meters) from the search point. If radius is provided, then latitude and longitude has to also be provided", - "type": "integer", - "required": false - }, - { - "in": "query", - "name": "wheelchair", - "description": "This is check (in boolean) to see if the ATM is accessible by wheelchair", - "type": "boolean", - "required": false - }, - { - "in": "query", - "name": "isWithdrawalCharged", - "description": "This is to check whether withdrawal of money from this ATM will be charged.", - "type": "boolean", - "required": false - }, - { - "in": "query", - "name": "currency", - "description": "The currency required", - "type": "string", - "required": false - }, - { - "in": "query", - "name": "status", - "description": "This is to check if the ATM is currently available for withdrawing money.", - "type": "string", - "required": false - } - ] - } - }, - "/branches": { - "get": { - "description": "

    Returns a list of Branches with Address, Latitude and Longitude.

     

    Optional parameters include search filters, latitude, longitude and radius of search.

    ", - "summary": "List of Branches", - "operationId": "branches", - "tags": [ - "opendata" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/BranchesResponse" - } - }, - "400": { - "description": "Bad Request" - } - }, - "security": [], - "parameters": [ - { - "in": "query", - "name": "latitude", - "description": "Latitude of the place around which you want to find Branches. If latitude is provided, longitude must also be provided.", - "type": "string", - "required": false - }, - { - "in": "query", - "name": "longitude", - "description": "Longitude of the place around which you want to find Branches. If longitude is provided, latitude must also be provided.", - "type": "string", - "required": false - }, - { - "in": "query", - "name": "radius", - "description": "This is the radius (in meters) from the search point. If radius is provided, then latitude and longitude has to also be provided", - "type": "integer", - "required": false - }, - { - "in": "query", - "name": "wheelchair", - "description": "This is check (in boolean) to see if the Branch is accessible by wheelchair.", - "type": "boolean", - "required": false - }, - { - "in": "query", - "name": "openingDay", - "description": "This is the day of the week on which the Branch needs to be checked if open", - "type": "string", - "required": false - }, - { - "in": "query", - "name": "openAt", - "description": "This is the time (in minute format) at which the Branch needs to be checked if open on a particular week day", - "type": "string", - "required": false - } - ] - } - } - }, - "definitions": { - "AtmsResponse": { - "description": "List of ATM Locations", - "type": "object", - "properties": { - "AtmId": { - "type": "string", - "description": "Unique ATM Id " - }, - "AtmServices": { - "type": "string", - "description": "Types of service atm provide" - }, - "Address": { - "type": "object", - "description": "Address of the ATM" - }, - "Currency": { - "type": "string", - "description": "Currency of notes that is disposed by the ATM." - }, - "Location": { - "type": "object", - "description": "Latitude + Longitude of the ATM." - }, - "LocationCategory": { - "type": "string", - "description": "Location category" - }, - "MinimumValueDispensed": { - "type": "string", - "description": "Minimum amount dispensed" - }, - "Organisation": { - "type": "object", - "description": "Organization to which the ATM belongs" - }, - "SiteName": { - "type": "string", - "description": "Site of ATM" - }, - "SupportedLanguages": { - "type": "array", - "items" : { - "type":"string" - }, - "description": "Languages supported" - } - }, - "xml": { - "name": "AtmsResponse" - } - }, - "BranchesResponse": { - "description": "List of Branch Locations", - "type": "object", - "properties": { - "BranchIdentification": { - "type": "string", - "description": "Unique Identification of the Branch." - }, - "Address": { - "type": "string", - "description": "Address of the Branch." - }, - "Access": { - "type": "object", - "description": "Available accessibility features of the Branch." - }, - "Location": { - "type": "object", - "description": "Latitude + Longitude of the Branch." - }, - "AtmAtBranch": { - "type": "string", - "description": "Determines if ATM is available at the branch" - }, - "BranchName": { - "type": "string", - "description": "Name of branch" - }, - "BranchMediatedServiceName": { - "type": "string", - "description": "name of branch service mediator" - }, - "BranchPhoto": { - "type": "string", - "description": "link for branch photo" - }, - "BranchType": { - "type": "string", - "description": "type of branch" - }, - "CustomerSegment": { - "type": "array", - "items" : - { - "type" : "string" - }, - "description": "category of customers which the branch addresses" - }, - "FaxNumber": { - "type": "string", - "description": "fax number of branch" - }, - "OpeningTimes": { - "type": "array", - "items" : - { - "type" : "string" - }, - "description": "opening times of the branch" - }, - "Organisation": { - "type": "object", - "description": "Organisation details of branch" - }, - "TelephoneNumber": { - "type": "object", - "description": "Contact number of the branch" - } - }, - "xml": { - "name": "BranchesResponse" - } - } - } -} - diff --git a/src/devportal/all/modules/custom/openbank_swagger/swaggers/opendata-products.json b/src/devportal/all/modules/custom/openbank_swagger/swaggers/opendata-products.json deleted file mode 100644 index 9519c187..00000000 --- a/src/devportal/all/modules/custom/openbank_swagger/swaggers/opendata-products.json +++ /dev/null @@ -1,142 +0,0 @@ -{ - "swagger": "2.0", - "host": "testdemorrai-test.apigee.net", - "schemes": [ - "https" - - ], - "info": { - "description": "Products API", - "title": "List of Bank Products", - "version": "1.0.0", - "contact": { - "name": "API Docs", - "email": "api-solutions@google.com" - - }, - "license": { - "name": "Apache 2.0" - - } - - }, - "basePath": "/apis/v2", - "paths": { - "/products": { - "get": { - "description": "

    Returns a list of Products that this bank offers.

    ", - "summary": "List of products", - "tags": [ - "opendata", - "products" - - ], - "produces": [ - "application/json; charset=utf-8" - - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "array", - "items": { - "$ref": "#/definitions/ProductsResponse" - - } - - } - - }, - "400": { - "description": "Bad Request", - "schema": { - "$ref": "#/definitions/Error" - - } - - } - - } - - } - - } - - }, - "definitions": { - "ProductsResponse": { - "description": "List of available products", - "type": "array", - "items": { - "$ref": "#/definitions/Product" - - }, - "xml": { - "name": "ProductsResponse" - - } - - }, - "Product": { - "description": "Single Product Item", - "type": "object", - "properties": { - "Id": { - "type": "string", - "description": "Unique identifier for this product" - - }, - "Name": { - "type": "string", - "description": "Name of the product offered" - - }, - "Category": { - "type": "string", - "description": "Classification of the product offering" - - }, - "Sub-category": { - "type": "object", - "description": "Sub-category of classification of this product" - - }, - "Landing-page": { - "type": "string", - "description": "Landing page for this product" - - }, - "More-info": { - "type": "object", - "description": "Additional information about the product" - - } - - } - - }, - "Error": { - "type": "object", - "properties": { - "Code": { - "type": "integer", - "format": "int32" - - }, - "Message": { - "type": "string" - - }, - "Fields": { - "type": "string" - - } - - } - - } - - } - -} \ No newline at end of file diff --git a/src/devportal/all/modules/custom/openbank_swagger/swaggers/opendata-products.json.template b/src/devportal/all/modules/custom/openbank_swagger/swaggers/opendata-products.json.template deleted file mode 100644 index 333d3ebd..00000000 --- a/src/devportal/all/modules/custom/openbank_swagger/swaggers/opendata-products.json.template +++ /dev/null @@ -1,142 +0,0 @@ -{ - "swagger": "2.0", - "host": "{{ host }}", - "schemes": [ - "https" - - ], - "info": { - "description": "Products API", - "title": "List of Bank Products", - "version": "1.0.0", - "contact": { - "name": "API Docs", - "email": "api-solutions@google.com" - - }, - "license": { - "name": "Apache 2.0" - - } - - }, - "basePath": "/apis/v2", - "paths": { - "/products": { - "get": { - "description": "

    Returns a list of Products that this bank offers.

    ", - "summary": "List of products", - "tags": [ - "opendata", - "products" - - ], - "produces": [ - "application/json; charset=utf-8" - - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "type": "array", - "items": { - "$ref": "#/definitions/ProductsResponse" - - } - - } - - }, - "400": { - "description": "Bad Request", - "schema": { - "$ref": "#/definitions/Error" - - } - - } - - } - - } - - } - - }, - "definitions": { - "ProductsResponse": { - "description": "List of available products", - "type": "array", - "items": { - "$ref": "#/definitions/Product" - - }, - "xml": { - "name": "ProductsResponse" - - } - - }, - "Product": { - "description": "Single Product Item", - "type": "object", - "properties": { - "Id": { - "type": "string", - "description": "Unique identifier for this product" - - }, - "Name": { - "type": "string", - "description": "Name of the product offered" - - }, - "Category": { - "type": "string", - "description": "Classification of the product offering" - - }, - "Sub-category": { - "type": "object", - "description": "Sub-category of classification of this product" - - }, - "Landing-page": { - "type": "string", - "description": "Landing page for this product" - - }, - "More-info": { - "type": "object", - "description": "Additional information about the product" - - } - - } - - }, - "Error": { - "type": "object", - "properties": { - "Code": { - "type": "integer", - "format": "int32" - - }, - "Message": { - "type": "string" - - }, - "Fields": { - "type": "string" - - } - - } - - } - - } - -} \ No newline at end of file diff --git a/src/devportal/all/modules/custom/openbank_swagger/swaggers/paymentsV2.json b/src/devportal/all/modules/custom/openbank_swagger/swaggers/paymentsV2.json deleted file mode 100644 index 561669ce..00000000 --- a/src/devportal/all/modules/custom/openbank_swagger/swaggers/paymentsV2.json +++ /dev/null @@ -1,584 +0,0 @@ -{ - "swagger": "2.0", - "host": "testdemorrai-test.apigee.net", - "schemes": [ - "https" - ], - "info": { - "description": "Payment Transfer API", - "title": "Payment Transfer", - "version": "0.0.1", - "termsOfService": "http://example.com/about/terms", - "contact": { - "name": "API Docs", - "url": "http://example.com/contact", - "email": "solution-ninjas@google.com" - }, - "license": { - "name": "Apache 2.0", - "url": "http://example.com" - } - }, - "basePath": "/apis/v2/payments", - "paths": { - "/payments": { - "post": { - "description": "

    This API call is made to make a payment request and fetch its Payment Request Id, which will further be used for making payment submissions

    ", - "summary": "POST Payment Request", - "operationId": "POST Payment Request", - "tags": [ - "POST Payment Request" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/PaymentReqResponse" - } - }, - "400": { - "description": "Bad Request" - } - }, - "parameters": [{ - "in": "header", - "name": "Authorization", - "description": "This is Mandatory parameter. Authorization Bearer {token}; token obtained using grant_type as 'client_credentials' (App credential based authorization) using Oauth API", - "type": "string", - "required": true - }, - { - "name": "Content-Type", - "in": "header", - "description": "Content-Type application/json", - "type": "string", - "default": "application/json", - "required": true - }, - { - "name": "X-Idempotency-Key", - "in": "header", - "description": "Unique key for the payment request, using which only one payment request can be created in a given time period", - "type": "string", - "required": true - }, - { - "name": "PaymentRequest", - "in": "body", - "description": "Payment Request details", - "schema": { - "$ref": "#/definitions/NewPaymentRequest" - }, - "required": true - } - ] - } - }, - "/payments/{PaymentId}": { - "get": { - "description": "

    This API call is made to get a previously made payment request based on a Payment Request Id, which will further be used for making payment submissions

    ", - "summary": "GET Payment Request", - "operationId": "GET Payment Request", - "tags": [ - "GET Payment Request" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/PaymentReqResponse" - } - }, - "400": { - "description": "Bad Request" - } - }, - "parameters": [{ - "in": "header", - "name": "Authorization", - "description": "This is Mandatory parameter. Authorization Bearer {token}; token obtained using Oauth API", - "type": "string", - "required": true - }, - { - "name": "PaymentId", - "in": "path", - "type" : "string", - "description": "Payment Request Id", - "required": true - } - ] - } - }, - "/payment-submissions": { - "post": { - "description": "

    This API call is made to make a payment submission for a previously created payment Request

    ", - "summary": "POST Payment Submission", - "operationId": "POST Payment Submission", - "tags": [ - "POST Payment Submission" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/PaymentSubResponse" - } - }, - "400": { - "description": "Bad Request" - } - }, - "security": [{ - "pisp_auth": ["payments"] - }], - "parameters": [{ - "in": "header", - "name": "Authorization", - "description": "This is Mandatory parameter. Authorization Bearer {token}; token is obtained using grant_type as 'authorization_code' (App credential based authorization) using Oauth API", - "type": "string" - }, - { - "name": "Content-Type", - "in": "header", - "description": "Content-Type application/json", - "type": "string", - "default": "application/json", - "required": true - }, - { - "name": "PaymentSubmission", - "in": "body", - "description": "Payment Submission details", - "schema": { - "$ref": "#/definitions/NewPaymentSubmission" - }, - "required": true - } - ] - } - }, - "/payment-submissions/{PaymentSubmissionId}": { - "get": { - "description": "

    This API call is made to get a previously made payment Submission based on a Payment Submission Id

    ", - "summary": "GET Payment Submission", - "operationId": "GET Payment Submission", - "tags": [ - "GET Payment Submission" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/PaymentSubResponse" - } - }, - "400": { - "description": "Bad Request" - } - }, - "parameters": [{ - "in": "header", - "name": "Authorization", - "description": "This is Mandatory parameter. Authorization Bearer {token}; token obtained using Oauth API", - "type": "string", - "required": true - }, - { - "name": "PaymentSubmissionId", - "in": "path", - "type" : "string", - "description": "Payment Submission Id", - "required": true - } - ] - } - } - }, - "securityDefinitions": { - "pisp_auth": { - "type": "oauth2", - "authorizationUrl": "https://testdemorrai-test.apigee.net/apis/v2/oauth/authorize?client_id=ljIcpckr2HyRqkAluHX3BiTEUzGjFbev&redirect_uri=http://localhost/&response_type=code&state=af0ifjsldkj&scope=payments&acr_values=2&request_id=firstpaymentrequest", - "tokenUrl": "https://testdemorrai-test.apigee.net/apis/v2/oauth/token", - "flow": "accessCode", - "scopes": { - "payments" : "PISP apis" - } - } - }, - "definitions": { - "NewPaymentRequest": { - "type": "object", - "description": "New Payments Request", - "properties": { - "InstructionIdentification": { - "type": "string", - "description": "Unique identification as assigned by an instructing party for an instructed party to unambiguously identify the instruction. " - }, - "EndToEndIdentification": { - "type": "string", - "description": "Unique identification assigned by the initiating party to unambiguously identify the transaction. This identification is passed on, unchanged, throughout the entire end-to-end chain. " - }, - "RemittanceInformation": { - "type": "object", - "properties": { - "CreditorReferenceInformation": { - "type": "string", - "description": "Unique reference, as assigned by the creditor, to unambiguously refer to the payment transaction. Usage: If available, the initiating party should provide this reference in the structured remittance information, to enable reconciliation by the creditor upon receipt of the amount of money." - }, - "Unstructured": { - "type": "string", - "description": "Information supplied to enable the matching/reconciliation of an entry with the items that the payment is intended to settle, such as commercial invoices in an accounts' receivable system, in an unstructured form." - } - } - }, - "InstructedAmount": { - "type": "object", - "properties": { - "Amount": { - "type": "string", - "description": "Amount To be transferred" - }, - "Currency": { - "type": "string", - "description": "A code allocated to a currency by a Maintenance Agency " - } - } - }, - "DebtorAgent": { - "type": "object", - "properties": { - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of the servicing institution of debtor." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - } - } - }, - "CreditorAgent": { - "type": "object", - "properties": { - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of the servicing institution of creditor." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - } - } - }, - "CreditorAccount": { - "type": "object", - "properties": { - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of account of creditor." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - }, - "Name": { - "type": "string", - "description": "Name of the creditor account, as assigned by the account servicing institution" - } - } - - }, - "DebtorAccount": { - "type": "object", - "properties": { - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of the account of debtor." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - }, - "Name": { - "type": "string", - "description": "Name of the debtor account, as assigned by the account servicing institution" - } - } - - }, - "MerchantCategoryCode": { - "type": "string", - "description": "Category code of merchant" - } - }, - "xml": { - "name": "NewPaymentRequest" - } - }, - "PaymentReqResponse": { - "type": "object", - "description": "New Payments Request", - "properties": { - "PaymentId": { - "type": "string", - "description": "Unique identification for the payment request " - }, - "Status": { - "type": "string", - "description": "status of the payment request" - }, - "InstructionIdentification": { - "type": "string", - "description": "Unique identification as assigned by an instructing party for an instructed party to unambiguously identify the instruction. " - }, - "EndToEndIdentification": { - "type": "string", - "description": "Unique identification assigned by the initiating party to unambiguously identify the transaction. This identification is passed on, unchanged, throughout the entire end-to-end chain. " - }, - "RemittanceInformation": { - "type": "object", - "properties": { - "CreditorReferenceInformation": { - "type": "string", - "description": "Unique reference, as assigned by the creditor, to unambiguously refer to the payment transaction. Usage: If available, the initiating party should provide this reference in the structured remittance information, to enable reconciliation by the creditor upon receipt of the amount of money." - }, - "Unstructured": { - "type": "string", - "description": "Information supplied to enable the matching/reconciliation of an entry with the items that the payment is intended to settle, such as commercial invoices in an accounts' receivable system, in an unstructured form." - } - } - }, - "InstructedAmount": { - "type": "object", - "properties": { - "Amount": { - "type": "string", - "description": "Amount To be transferred" - }, - "Currency": { - "type": "string", - "description": "A code allocated to a currency by a Maintenance Agency " - } - } - }, - "DebtorAgent": { - "type": "object", - "properties": { - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of the servicing institution of debtor." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - } - } - }, - "CreditorAgent": { - "type": "object", - "properties": { - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of the servicing institution of creditor." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - } - } - }, - "CreditorAccount": { - "type": "object", - "properties": { - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of account of creditor." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - }, - "Name": { - "type": "string", - "description": "Name of the creditor account, as assigned by the account servicing institution" - } - } - - }, - "DebtorAccount": { - "type": "object", - "properties": { - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of the account of debtor." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - }, - "Name": { - "type": "string", - "description": "Name of the debtor account, as assigned by the account servicing institution" - } - } - - }, - "MerchantCategoryCode": { - "type": "string", - "description": "Category code of merchant" - } - }, - "xml": { - "name": "PaymentReqResponse" - } - }, - "NewPaymentSubmission": { - "type": "object", - "description": "New Payments Request", - "properties": { - "PaymentId": { - "type": "string", - "description": "Unique identification for the payment request " - }, - "InstructionIdentification": { - "type": "string", - "description": "Unique identification as assigned by an instructing party for an instructed party to unambiguously identify the instruction. " - }, - "EndToEndIdentification": { - "type": "string", - "description": "Unique identification assigned by the initiating party to unambiguously identify the transaction. This identification is passed on, unchanged, throughout the entire end-to-end chain. " - }, - "RemittanceInformation": { - "type": "object", - "properties": { - "CreditorReferenceInformation": { - "type": "string", - "description": "Unique reference, as assigned by the creditor, to unambiguously refer to the payment transaction. Usage: If available, the initiating party should provide this reference in the structured remittance information, to enable reconciliation by the creditor upon receipt of the amount of money." - }, - "Unstructured": { - "type": "string", - "description": "Information supplied to enable the matching/reconciliation of an entry with the items that the payment is intended to settle, such as commercial invoices in an accounts' receivable system, in an unstructured form." - } - } - }, - "InstructedAmount": { - "type": "object", - "properties": { - "Amount": { - "type": "string", - "description": "Amount To be transferred" - }, - "Currency": { - "type": "string", - "description": "A code allocated to a currency by a Maintenance Agency " - } - } - }, - "DebtorAgent": { - "type": "object", - "properties": { - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of the servicing institution of debtor." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - } - } - }, - "CreditorAgent": { - "type": "object", - "properties": { - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of the servicing institution of creditor." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - } - } - }, - "CreditorAccount": { - "type": "object", - "properties": { - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of account of creditor." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - }, - "Name": { - "type": "string", - "description": "Name of the creditor account, as assigned by the account servicing institution" - } - } - - }, - "DebtorAccount": { - "type": "object", - "properties": { - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of the account of debtor." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - }, - "Name": { - "type": "string", - "description": "Name of the debtor account, as assigned by the account servicing institution" - } - } - - }, - "MerchantCategoryCode": { - "type": "string", - "description": "Category code of merchant" - } - }, - "xml": { - "name": "NewPaymentSubmission" - } - }, - "PaymentSubResponse": { - "description": "Payment Submission Response", - "type": "object", - "properties": { - "PaymentId": { - "type": "string", - "description": "Unique Payment Request Id" - }, - "PaymentSubmissionId": { - "type": "string", - "description": "Unique Payment Submission Id" - }, - "Status": { - "type": "string", - "description": "Status of payment submission" - } - }, - "xml": { - "name": "PaymentSubResponse" - } - } - } -} - diff --git a/src/devportal/all/modules/custom/openbank_swagger/swaggers/paymentsV2.json.template b/src/devportal/all/modules/custom/openbank_swagger/swaggers/paymentsV2.json.template deleted file mode 100644 index 6a3bac50..00000000 --- a/src/devportal/all/modules/custom/openbank_swagger/swaggers/paymentsV2.json.template +++ /dev/null @@ -1,584 +0,0 @@ -{ - "swagger": "2.0", - "host": "{{ host }}", - "schemes": [ - "https" - ], - "info": { - "description": "Payment Transfer API", - "title": "Payment Transfer", - "version": "0.0.1", - "termsOfService": "http://example.com/about/terms", - "contact": { - "name": "API Docs", - "url": "http://example.com/contact", - "email": "solution-ninjas@google.com" - }, - "license": { - "name": "Apache 2.0", - "url": "http://example.com" - } - }, - "basePath": "/apis/v2/payments", - "paths": { - "/payments": { - "post": { - "description": "

    This API call is made to make a payment request and fetch its Payment Request Id, which will further be used for making payment submissions

    ", - "summary": "POST Payment Request", - "operationId": "POST Payment Request", - "tags": [ - "POST Payment Request" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/PaymentReqResponse" - } - }, - "400": { - "description": "Bad Request" - } - }, - "parameters": [{ - "in": "header", - "name": "Authorization", - "description": "This is Mandatory parameter. Authorization Bearer {token}; token obtained using grant_type as 'client_credentials' (App credential based authorization) using Oauth API", - "type": "string", - "required": true - }, - { - "name": "Content-Type", - "in": "header", - "description": "Content-Type application/json", - "type": "string", - "default": "application/json", - "required": true - }, - { - "name": "X-Idempotency-Key", - "in": "header", - "description": "Unique key for the payment request, using which only one payment request can be created in a given time period", - "type": "string", - "required": true - }, - { - "name": "PaymentRequest", - "in": "body", - "description": "Payment Request details", - "schema": { - "$ref": "#/definitions/NewPaymentRequest" - }, - "required": true - } - ] - } - }, - "/payments/{PaymentId}": { - "get": { - "description": "

    This API call is made to get a previously made payment request based on a Payment Request Id, which will further be used for making payment submissions

    ", - "summary": "GET Payment Request", - "operationId": "GET Payment Request", - "tags": [ - "GET Payment Request" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/PaymentReqResponse" - } - }, - "400": { - "description": "Bad Request" - } - }, - "parameters": [{ - "in": "header", - "name": "Authorization", - "description": "This is Mandatory parameter. Authorization Bearer {token}; token obtained using Oauth API", - "type": "string", - "required": true - }, - { - "name": "PaymentId", - "in": "path", - "type" : "string", - "description": "Payment Request Id", - "required": true - } - ] - } - }, - "/payment-submissions": { - "post": { - "description": "

    This API call is made to make a payment submission for a previously created payment Request

    ", - "summary": "POST Payment Submission", - "operationId": "POST Payment Submission", - "tags": [ - "POST Payment Submission" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/PaymentSubResponse" - } - }, - "400": { - "description": "Bad Request" - } - }, - "security": [{ - "pisp_auth": ["payments"] - }], - "parameters": [{ - "in": "header", - "name": "Authorization", - "description": "This is Mandatory parameter. Authorization Bearer {token}; token is obtained using grant_type as 'authorization_code' (App credential based authorization) using Oauth API", - "type": "string" - }, - { - "name": "Content-Type", - "in": "header", - "description": "Content-Type application/json", - "type": "string", - "default": "application/json", - "required": true - }, - { - "name": "PaymentSubmission", - "in": "body", - "description": "Payment Submission details", - "schema": { - "$ref": "#/definitions/NewPaymentSubmission" - }, - "required": true - } - ] - } - }, - "/payment-submissions/{PaymentSubmissionId}": { - "get": { - "description": "

    This API call is made to get a previously made payment Submission based on a Payment Submission Id

    ", - "summary": "GET Payment Submission", - "operationId": "GET Payment Submission", - "tags": [ - "GET Payment Submission" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/PaymentSubResponse" - } - }, - "400": { - "description": "Bad Request" - } - }, - "parameters": [{ - "in": "header", - "name": "Authorization", - "description": "This is Mandatory parameter. Authorization Bearer {token}; token obtained using Oauth API", - "type": "string", - "required": true - }, - { - "name": "PaymentSubmissionId", - "in": "path", - "type" : "string", - "description": "Payment Submission Id", - "required": true - } - ] - } - } - }, - "securityDefinitions": { - "pisp_auth": { - "type": "oauth2", - "authorizationUrl": "{{ host_withprotocol }}/apis/v2/oauth/authorize?client_id={{ client_id_pisp }}&redirect_uri={{ edge_host }}/v1/o/{{ org }}/apimodels/paymentsapisv2/templateauths/pisp_auth/callback&response_type=code&state=af0ifjsldkj&scope=payments&acr_values=2&request_id=firstpaymentrequest", - "tokenUrl": "{{ host_withprotocol }}/apis/v2/oauth/token", - "flow": "accessCode", - "scopes": { - "payments" : "PISP apis" - } - } - }, - "definitions": { - "NewPaymentRequest": { - "type": "object", - "description": "New Payments Request", - "properties": { - "InstructionIdentification": { - "type": "string", - "description": "Unique identification as assigned by an instructing party for an instructed party to unambiguously identify the instruction. " - }, - "EndToEndIdentification": { - "type": "string", - "description": "Unique identification assigned by the initiating party to unambiguously identify the transaction. This identification is passed on, unchanged, throughout the entire end-to-end chain. " - }, - "RemittanceInformation": { - "type": "object", - "properties": { - "CreditorReferenceInformation": { - "type": "string", - "description": "Unique reference, as assigned by the creditor, to unambiguously refer to the payment transaction. Usage: If available, the initiating party should provide this reference in the structured remittance information, to enable reconciliation by the creditor upon receipt of the amount of money." - }, - "Unstructured": { - "type": "string", - "description": "Information supplied to enable the matching/reconciliation of an entry with the items that the payment is intended to settle, such as commercial invoices in an accounts' receivable system, in an unstructured form." - } - } - }, - "InstructedAmount": { - "type": "object", - "properties": { - "Amount": { - "type": "string", - "description": "Amount To be transferred" - }, - "Currency": { - "type": "string", - "description": "A code allocated to a currency by a Maintenance Agency " - } - } - }, - "DebtorAgent": { - "type": "object", - "properties": { - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of the servicing institution of debtor." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - } - } - }, - "CreditorAgent": { - "type": "object", - "properties": { - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of the servicing institution of creditor." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - } - } - }, - "CreditorAccount": { - "type": "object", - "properties": { - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of account of creditor." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - }, - "Name": { - "type": "string", - "description": "Name of the creditor account, as assigned by the account servicing institution" - } - } - - }, - "DebtorAccount": { - "type": "object", - "properties": { - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of the account of debtor." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - }, - "Name": { - "type": "string", - "description": "Name of the debtor account, as assigned by the account servicing institution" - } - } - - }, - "MerchantCategoryCode": { - "type": "string", - "description": "Category code of merchant" - } - }, - "xml": { - "name": "NewPaymentRequest" - } - }, - "PaymentReqResponse": { - "type": "object", - "description": "New Payments Request", - "properties": { - "PaymentId": { - "type": "string", - "description": "Unique identification for the payment request " - }, - "Status": { - "type": "string", - "description": "status of the payment request" - }, - "InstructionIdentification": { - "type": "string", - "description": "Unique identification as assigned by an instructing party for an instructed party to unambiguously identify the instruction. " - }, - "EndToEndIdentification": { - "type": "string", - "description": "Unique identification assigned by the initiating party to unambiguously identify the transaction. This identification is passed on, unchanged, throughout the entire end-to-end chain. " - }, - "RemittanceInformation": { - "type": "object", - "properties": { - "CreditorReferenceInformation": { - "type": "string", - "description": "Unique reference, as assigned by the creditor, to unambiguously refer to the payment transaction. Usage: If available, the initiating party should provide this reference in the structured remittance information, to enable reconciliation by the creditor upon receipt of the amount of money." - }, - "Unstructured": { - "type": "string", - "description": "Information supplied to enable the matching/reconciliation of an entry with the items that the payment is intended to settle, such as commercial invoices in an accounts' receivable system, in an unstructured form." - } - } - }, - "InstructedAmount": { - "type": "object", - "properties": { - "Amount": { - "type": "string", - "description": "Amount To be transferred" - }, - "Currency": { - "type": "string", - "description": "A code allocated to a currency by a Maintenance Agency " - } - } - }, - "DebtorAgent": { - "type": "object", - "properties": { - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of the servicing institution of debtor." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - } - } - }, - "CreditorAgent": { - "type": "object", - "properties": { - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of the servicing institution of creditor." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - } - } - }, - "CreditorAccount": { - "type": "object", - "properties": { - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of account of creditor." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - }, - "Name": { - "type": "string", - "description": "Name of the creditor account, as assigned by the account servicing institution" - } - } - - }, - "DebtorAccount": { - "type": "object", - "properties": { - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of the account of debtor." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - }, - "Name": { - "type": "string", - "description": "Name of the debtor account, as assigned by the account servicing institution" - } - } - - }, - "MerchantCategoryCode": { - "type": "string", - "description": "Category code of merchant" - } - }, - "xml": { - "name": "PaymentReqResponse" - } - }, - "NewPaymentSubmission": { - "type": "object", - "description": "New Payments Request", - "properties": { - "PaymentId": { - "type": "string", - "description": "Unique identification for the payment request " - }, - "InstructionIdentification": { - "type": "string", - "description": "Unique identification as assigned by an instructing party for an instructed party to unambiguously identify the instruction. " - }, - "EndToEndIdentification": { - "type": "string", - "description": "Unique identification assigned by the initiating party to unambiguously identify the transaction. This identification is passed on, unchanged, throughout the entire end-to-end chain. " - }, - "RemittanceInformation": { - "type": "object", - "properties": { - "CreditorReferenceInformation": { - "type": "string", - "description": "Unique reference, as assigned by the creditor, to unambiguously refer to the payment transaction. Usage: If available, the initiating party should provide this reference in the structured remittance information, to enable reconciliation by the creditor upon receipt of the amount of money." - }, - "Unstructured": { - "type": "string", - "description": "Information supplied to enable the matching/reconciliation of an entry with the items that the payment is intended to settle, such as commercial invoices in an accounts' receivable system, in an unstructured form." - } - } - }, - "InstructedAmount": { - "type": "object", - "properties": { - "Amount": { - "type": "string", - "description": "Amount To be transferred" - }, - "Currency": { - "type": "string", - "description": "A code allocated to a currency by a Maintenance Agency " - } - } - }, - "DebtorAgent": { - "type": "object", - "properties": { - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of the servicing institution of debtor." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - } - } - }, - "CreditorAgent": { - "type": "object", - "properties": { - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of the servicing institution of creditor." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - } - } - }, - "CreditorAccount": { - "type": "object", - "properties": { - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of account of creditor." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - }, - "Name": { - "type": "string", - "description": "Name of the creditor account, as assigned by the account servicing institution" - } - } - - }, - "DebtorAccount": { - "type": "object", - "properties": { - "Identification": { - "type": "string", - "description": "Unique and unambiguous identification of the account of debtor." - }, - "SchemeName": { - "type": "string", - "description": "Name of the identification scheme, in a coded form as published in an external list." - }, - "Name": { - "type": "string", - "description": "Name of the debtor account, as assigned by the account servicing institution" - } - } - - }, - "MerchantCategoryCode": { - "type": "string", - "description": "Category code of merchant" - } - }, - "xml": { - "name": "NewPaymentSubmission" - } - }, - "PaymentSubResponse": { - "description": "Payment Submission Response", - "type": "object", - "properties": { - "PaymentId": { - "type": "string", - "description": "Unique Payment Request Id" - }, - "PaymentSubmissionId": { - "type": "string", - "description": "Unique Payment Submission Id" - }, - "Status": { - "type": "string", - "description": "Status of payment submission" - } - }, - "xml": { - "name": "PaymentSubResponse" - } - } - } -} - diff --git a/src/devportal/all/modules/custom/openbank_swagger/swaggers/paymentv1-0.json b/src/devportal/all/modules/custom/openbank_swagger/swaggers/paymentv1-0.json new file mode 100644 index 00000000..69495141 --- /dev/null +++ b/src/devportal/all/modules/custom/openbank_swagger/swaggers/paymentv1-0.json @@ -0,0 +1,1666 @@ +{ + "swagger": "2.0", + "host": "testdemorrai-test.apigee.net", + "info": { + "title": "Payment Initiation API Specification", + "description": "Swagger for Payment Initiation API Specification", + "termsOfService": "https://www.openbanking.org.uk/terms", + "contact": { + "name": "Service Desk", + "email": "ServiceDesk@openbanking.org.uk" + }, + "license": { + "name": "open-licence", + "url": "https://www.openbanking.org.uk/open-licence" + }, + "version": "v1.1.0" + }, + "basePath": "/pis/open-banking/v1.0", + "schemes": [ + "https" + ], + "produces": [ + "application/json; charset=utf-8" + ], + "paths": { + "/payments": { + "post": { + "tags": [ + "Payments" + ], + "summary": "Create a single immediate payment", + "description": "Create a single immediate payment", + "operationId": "CreateSingleImmediatePayment", + "consumes": [ + "application/json; charset=utf-8" + ], + "produces": [ + "application/json; charset=utf-8" + ], + "parameters": [ + { + "name": "x-idempotency-key", + "in": "header", + "description": "Every request will be processed only once per x-idempotency-key. The Idempotency Key will be valid for 24 hours.", + "required": true, + "type": "string", + "default" : "12345", + "pattern": "^(?!\\s)(.*)(\\S)$", + "maxLength": 40 + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP. \nAll dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below: \nSun, 10 Sep 2017 19:43:31 UTC", + "pattern": "^(Mon|Tue|Wed|Thu|Fri|Sat|Sun), \\d{2} (Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec) \\d{4} \\d{2}:\\d{2}:\\d{2} (GMT|UTC)$" + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "required": false, + "default" : "10.20.30.40", + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + }, + { + "in": "header", + "name": "x-jws-signature", + "type": "string", + "required": true, + "description": "Header containing a detached JWS signature of the body of the payload." + }, + { + "name": "body", + "in": "body", + "description": "Setup a single immediate payment", + "required": true, + "schema": { + "$ref": "#/definitions/PaymentRequest" + } + } + ], + "responses": { + "201": { + "description": "Payment setup resource successfully created", + "schema": { + + "$ref": "#/definitions/PaymentResponse" + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "405": { + "description": "Method Not Allowed" + }, + "406": { + "description": "Not Acceptable" + }, + "429": { + "description": "Too Many Requests", + "headers": { + "Retry-After": { + "description": "Number in seconds to wait", + "type": "integer" + } + } + } + } + } + }, + "/payments/{PaymentId}": { + "get": { + "tags": [ + "Payments" + ], + "summary": "Get a single immediate payment", + "description": "Get a single immediate payment", + "operationId": "GetSingleImmediatePayment", + "produces": [ + "application/json; charset=utf-8" + ], + "parameters": [ + { + "name": "PaymentId", + "in": "path", + "description": "Unique identification as assigned by the ASPSP to uniquely identify the payment setup resource.", + "required": true, + "type": "string" + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP. \nAll dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below: \nSun, 10 Sep 2017 19:43:31 UTC", + "pattern": "^(Mon|Tue|Wed|Thu|Fri|Sat|Sun), \\d{2} (Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec) \\d{4} \\d{2}:\\d{2}:\\d{2} (GMT|UTC)$" + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "required": false, + "default" : "10.20.30.40", + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Payment resource successfully retrieved", + "schema": { + + "$ref": "#/definitions/PaymentResponse" + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "405": { + "description": "Method Not Allowed" + }, + "406": { + "description": "Not Acceptable" + }, + "429": { + "description": "Too Many Requests", + "headers": { + "Retry-After": { + "description": "Number in seconds to wait", + "type": "integer" + } + } + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "payments" + ] + } + ] + } + }, + "/payment-submissions": { + "post": { + "tags": [ + "Payments" + ], + "summary": "Create a payment submission", + "description": "Submit a previously setup payment", + "operationId": "CreatePaymentSubmission", + "consumes": [ + "application/json; charset=utf-8" + ], + "produces": [ + "application/json; charset=utf-8" + ], + "parameters": [ + { + "name": "x-idempotency-key", + "in": "header", + "description": "Every request will be processed only once per x-idempotency-key. The Idempotency Key will be valid for 24 hours.", + "required": true, + "type": "string", + "default" : "12345", + "pattern": "^(?!\\s)(.*)(\\S)$", + "maxLength": 40 + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "default" : "123456", + "required": true, + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP. \nAll dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below: \nSun, 10 Sep 2017 19:43:31 UTC", + "pattern": "^(Mon|Tue|Wed|Thu|Fri|Sat|Sun), \\d{2} (Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec) \\d{4} \\d{2}:\\d{2}:\\d{2} (GMT|UTC)$" + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "required": false, + "default" : "10.20.30.40", + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + }, + { + "in": "header", + "name": "x-jws-signature", + "type": "string", + "required": true, + "description": "Header containing a detached JWS signature of the body of the payload." + }, + { + "name": "body", + "in": "body", + "description": "Setup a single immediate payment", + "required": true, + "schema": { + "$ref": "#/definitions/PaymentSubmissionRequest" + } + } + ], + "responses": { + "201": { + "description": "Payment submit resource successfully created", + "schema": { + + "$ref": "#/definitions/PaymentSubmissionResponse" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "405": { + "description": "Method Not Allowed" + }, + "406": { + "description": "Not Acceptable" + }, + "429": { + "description": "Too Many Requests", + "headers": { + "Retry-After": { + "description": "Number in seconds to wait", + "type": "integer" + } + } + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "payments", "openid" + ] + } + ] + } + }, + "/payment-submissions/{PaymentSubmissionId}": { + "get": { + "tags": [ + "Payments" + ], + "summary": "Get a payment submission", + "description": "Get payment submission", + "operationId": "GetPaymentSubmission", + "produces": [ + "application/json; charset=utf-8" + ], + "parameters": [ + { + "name": "PaymentSubmissionId", + "in": "path", + "description": "Unique identification as assigned by the ASPSP to uniquely identify the payment submission resource.", + "required": true, + "type": "string" + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "default":"123456", + "required": true, + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP. \nAll dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below: \nSun, 10 Sep 2017 19:43:31 UTC", + "pattern": "^(Mon|Tue|Wed|Thu|Fri|Sat|Sun), \\d{2} (Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec) \\d{4} \\d{2}:\\d{2}:\\d{2} (GMT|UTC)$" + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Payment resource successfully retrieved", + "schema": { + + "$ref": "#/definitions/PaymentSubmissionResponse" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "405": { + "description": "Method Not Allowed" + }, + "406": { + "description": "Not Acceptable" + }, + "429": { + "description": "Too Many Requests", + "headers": { + "Retry-After": { + "description": "Number in seconds to wait", + "type": "integer" + } + } + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "payments" + ] + } + ] + } + } + }, + "securityDefinitions": { + "PSUOAuth2Security": { + "type": "oauth2", + "flow": "accessCode", + "tokenUrl": "https://testdemorrai-test.apigee.net/apis/v1.0/oauth/token", + "authorizationUrl": "https://testdemorrai-test.apigee.net/apis/v1.0/oauth/authorize?response_type=code&client_id=WN6WqzK7iMrexdi7wGMGMx77eRVbYWKG&state=abcd1234&scope=openid payments&redirect_uri=https://api.enterprise.apigee.com/v1/o/testdemorrai/apimodels/payments-apis-v1-0/templateauths/PSUOAuth2Security/callback", + "scopes": { + "payments": "Generic payment scope", + "openid" : "openId" + }, + "description": "OAuth flow, it is required when the PSU needs to perform SCA with the ASPSP when a TPP wants to access an ASPSP resource owned by the PSU" + } + }, + "tags": [ + { + "name": "Payments", + "description": "Payments endpoints" + } + ], + "responses": { + "400ErrorResponse": { + "description": "Bad Request" + }, + "401ErrorResponse": { + "description": "Unauthorized" + }, + "403ErrorResponse": { + "description": "Forbidden" + }, + "405ErrorResponse": { + "description": "Method Not Allowed" + }, + "406ErrorResponse": { + "description": "Not Acceptable" + }, + "429ErrorResponse": { + "description": "Too Many Requests", + "headers": { + "Retry-After": { + "description": "Number in seconds to wait", + "type": "integer" + } + } + } + }, + "definitions": + { + "PaymentResponse": + { + "title": "Payment setup POST response", + "type": "object", + "properties": { + "Data": { + "description": "Reflection of The Main Data Payload, with Created Resource ID, Status and Timestamp", + "title": "PaymentSetupResponse", + "type": "object", + "properties": { + "PaymentId": { + "description": "OB: Unique identification as assigned by the ASPSP to uniquely identify the payment setup resource.", + "type": "string", + "minLength": 1, + "maxLength": 128 + }, + "Status": { + "description": "Specifies the status of the payment resource.", + "title": "PaymentStatusCode", + "type": "string", + "enum": [ + "AcceptedCustomerProfile", + "AcceptedTechnicalValidation", + "Pending", + "Rejected" + ] + }, + "CreationDateTime": { + "description": "Date and time at which the resource was created. \nAll dates in the JSON payloads are represented in ISO 8601 date-time format. \nAll date-time fields in responses must include the timezone. An example is below:\n2017-04-05T10:43:07+00:00", + "type": "string", + "format": "date-time" + }, + "Initiation": { + "description": "The Initiation payload is sent by the initiating party to the ASPSP. It is used to request movement of funds from the debtor account to a creditor.", + "type": "object", + "properties": { + "InstructionIdentification": { + "description": "Unique identification as assigned by an instructing party for an instructed party to unambiguously identify the instruction. Usage: the instruction identification is a point to point reference that can be used between the instructing party and the instructed party to refer to the individual instruction. It can be included in several messages related to the instruction.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "EndToEndIdentification": { + "description": "Unique identification assigned by the initiating party to unambiguously identify the transaction. This identification is passed on, unchanged, throughout the entire end-to-end chain. Usage: The end-to-end identification can be used for reconciliation or to link tasks relating to the transaction. It can be included in several messages related to the transaction. OB: The Faster Payments Scheme can only access 31 characters for the EndToEndIdentification field.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "InstructedAmount": { + "description": "Amount of money to be moved between the debtor and creditor, before deduction of charges, expressed in the currency as ordered by the initiating party. Usage: This amount has to be transported unchanged through the transaction chain.", + "type": "object", + "properties": { + "Amount": { + "type": "string", + "pattern": "^\\d{1,13}\\.\\d{1,5}$" + }, + "Currency": { + "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 - Codes for the representation of currencies and funds.", + "type": "string", + "pattern": "^[A-Z]{3,3}$" + } + }, + "required": [ + "Amount", + "Currency" + ], + "additionalProperties": false + }, + "DebtorAgent": { + "description": "Financial institution servicing an account for the debtor.", + "title": "DebtorAgent", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "BICFI" + ] + }, + "Identification": { + "description": "Unique and unambiguous identification of a person.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "DebtorAccount": { + "description": "Unambiguous identification of the account of the debtor to which a debit entry will be made as a result of the transaction.", + "title": "DebtorAccount", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "IBAN", + "SortCodeAccountNumber" + ] + }, + "Identification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + }, + "Name": { + "description": "Name of the account, as assigned by the account servicing institution, in agreement with the account owner in order to provide an additional means of identification of the account. Usage: The account name is different from the account owner name. The account name is used in certain user communities to provide a means of identifying the account, in addition to the account owner's identity and the account number.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "SecondaryIdentification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "CreditorAgent": { + "description": "Financial institution servicing an account for the creditor.", + "title": "CreditorAgent", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "BICFI" + ] + }, + "Identification": { + "description": "Unique and unambiguous identification of a person.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "CreditorAccount": { + "description": "Unambiguous identification of the account of the creditor to which a credit entry will be posted as a result of the payment transaction.", + "title": "CreditorAccount", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "IBAN", + "SortCodeAccountNumber" + ] + }, + "Identification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + }, + "Name": { + "description": "Name of the account, as assigned by the account servicing institution, in agreement with the account owner in order to provide an additional means of identification of the account. Usage: The account name is different from the account owner name. The account name is used in certain user communities to provide a means of identifying the account, in addition to the account owner's identity and the account number. ASPSPs may carry out name validation for Confirmation of Payee, but it is not mandatory.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "SecondaryIdentification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + } + }, + "required": [ + "SchemeName", + "Identification", + "Name" + ], + "additionalProperties": false + }, + "RemittanceInformation": { + "description": "Information supplied to enable the matching of an entry with the items that the transfer is intended to settle, such as commercial invoices in an accounts' receivable system.", + "title": "RemittanceInformation", + "type": "object", + "properties": { + "Unstructured": { + "description": "Information supplied to enable the matching/reconciliation of an entry with the items that the payment is intended to settle, such as commercial invoices in an accounts' receivable system, in an unstructured form.", + "type": "string", + "minLength": 1, + "maxLength": 140 + }, + "Reference": { + "description": "Unique reference, as assigned by the creditor, to unambiguously refer to the payment transaction. Usage: If available, the initiating party should provide this reference in the structured remittance information, to enable reconciliation by the creditor upon receipt of the amount of money. If the business context requires the use of a creditor reference or a payment remit identification, and only one identifier can be passed through the end-to-end chain, the creditor's reference or payment remittance identification should be quoted in the end-to-end transaction identification. OB: The Faster Payments Scheme can only accept 18 characters for the ReferenceInformation field - which is where this ISO field will be mapped.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "additionalProperties": false + } + }, + "required": [ + "InstructionIdentification", + "EndToEndIdentification", + "InstructedAmount", + "CreditorAccount" + ], + "additionalProperties": false + } + }, + "required": [ + "PaymentId", + "CreationDateTime", + "Initiation" + ], + "additionalProperties": false + }, + "Risk": { + "description": "Reflection of POSTed Risk profile ", + "title": "Risk", + "type": "object", + "properties": { + "PaymentContextCode": { + "description": "Specifies the payment context", + "title": "PaymentContextCode", + "type": "string", + "enum": [ + "BillPayment", + "EcommerceGoods", + "EcommerceServices", + "Other", + "PersonToPerson" + ] + }, + "MerchantCategoryCode": { + "description": "Category code conforms to ISO 18245, related to the type of services or goods the merchant provides for the transaction", + "type": "string", + "minLength": 3, + "maxLength": 4 + }, + "MerchantCustomerIdentification": { + "description": "The unique customer identifier of the PSU with the merchant.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "DeliveryAddress": { + "description": "Information that locates and identifies a specific address, as defined by postal services or in free format text.", + "type": "object", + "properties": { + "AddressLine": { + "description": "Information that locates and identifies a specific address, as defined by postal services, that is presented in free format text.", + "type": "array", + "items": { + "description": "maxLength 70 text", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "minItems": 0, + "maxItems": 2 + }, + "StreetName": { + "description": "Name of a street or thoroughfare", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "BuildingNumber": { + "description": "Number that identifies the position of a building on a street.", + "type": "string", + "minLength": 1, + "maxLength": 16 + }, + "PostCode": { + "description": "Identifier consisting of a group of letters and/or numbers that is added to a postal address to assist the sorting of mail", + "type": "string", + "minLength": 1, + "maxLength": 16 + }, + "TownName": { + "description": "Name of a built-up area, with defined boundaries, and a local government.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "CountrySubDivision": { + "description": "Identifies a subdivision of a country, for instance state, region, county.", + "type": "array", + "items": { + "description": "maxLength 35 text", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "minItems": 0, + "maxItems": 2 + }, + "Country": { + "description": "Nation with its own government, occupying a particular territory.", + "type": "string", + "pattern": "^[A-Z]{2,2}$" + } + }, + "required": [ + "TownName", + "Country" + ], + "additionalProperties": false + } + }, + "additionalProperties": false + }, + "Links": { + "type": "object", + "description": "Link URIs relevant to the payload", + "properties": { + "Self": { + "type": "string", + "format": "uri" + }, + "First": { + "type": "string", + "format": "uri" + }, + "Prev": { + "type": "string", + "format": "uri" + }, + "Next": { + "type": "string", + "format": "uri" + }, + "Last": { + "type": "string", + "format": "uri" + } + }, + "additionalProperties": false, + "required": [ + "Self" + ] + }, + "Meta": { + "type": "object", + "description": "Meta Data Relevant to the payload", + "properties": { + "TotalPages": { + "type": "integer", + "format": "int32" + } + }, + "additionalProperties": false + } + }, + "required": [ + "Data", + "Risk", + "Links", + "Meta" + ], + "additionalProperties": false + }, + "PaymentSubmissionResponse" : + { + "title": "Payment Submit POST 201 Response", + "type": "object", + "properties": { + "Data": { + "description": "Reflection of The Main Data Payload, with Created Resource ID, Status and Timestamp", + "title": "PaymentSetupResponse", + "type": "object", + "properties": { + "PaymentSubmissionId": { + "description": "OB: Unique identification as assigned by the ASPSP to uniquely identify the payment submission resource.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "PaymentId": { + "description": "OB: Unique identification as assigned by the ASPSP to uniquely identify the payment setup resource.", + "type": "string", + "minLength": 1, + "maxLength": 128 + }, + "Status": { + "description": "Specifies the status of the payment resource.", + "title": "PaymentSubmissionStatusCode", + "type": "string", + "enum": [ + "AcceptedSettlementCompleted", + "AcceptedSettlementInProcess", + "Pending", + "Rejected" + ] + }, + "CreationDateTime": { + "description": "Date and time at which the resource was created. \nAll dates in the JSON payloads are represented in ISO 8601 date-time format. \nAll date-time fields in responses must include the timezone. An example is below:\n2017-04-05T10:43:07+00:00", + "type": "string", + "format": "date-time" + } + }, + "required": [ + "PaymentSubmissionId", + "PaymentId", + "CreationDateTime" + ], + "additionalProperties": false + }, + "Links": { + "type": "object", + "description": "Link URIs relevant to the payload", + "properties": { + "Self": { + "type": "string", + "format": "uri" + }, + "First": { + "type": "string", + "format": "uri" + }, + "Prev": { + "type": "string", + "format": "uri" + }, + "Next": { + "type": "string", + "format": "uri" + }, + "Last": { + "type": "string", + "format": "uri" + } + }, + "additionalProperties": false, + "required": [ + "Self" + ] + }, + "Meta": { + "type": "object", + "description": "Meta Data Relevant to the payload", + "properties": { + "TotalPages": { + "type": "integer", + "format": "int32" + } + }, + "additionalProperties": false + } + }, + "required": [ + "Data", + "Links", + "Meta" + ], + "additionalProperties": false + + }, + "PaymentRequest" : { + "title": "Payment setup POST request", + "description": "Allows setup of a payment", + "type": "object", + "properties": { + "Data": { + "description": "", + "title": "PaymentSetup", + "type": "object", + "properties": { + "Initiation": { + "description": "", + "type": "object", + "properties": { + "InstructionIdentification": { + "description": "Unique identification as assigned by an instructing party for an instructed party to unambiguously identify the instruction. Usage: the instruction identification is a point to point reference that can be used between the instructing party and the instructed party to refer to the individual instruction. It can be included in several messages related to the instruction.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "EndToEndIdentification": { + "description": "Unique identification assigned by the initiating party to unambiguously identify the transaction. This identification is passed on, unchanged, throughout the entire end-to-end chain. Usage: The end-to-end identification can be used for reconciliation or to link tasks relating to the transaction. It can be included in several messages related to the transaction. OB: The Faster Payments Scheme can only access 31 characters for the EndToEndIdentification field.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "InstructedAmount": { + "description": "Amount of money to be moved between the debtor and creditor, before deduction of charges, expressed in the currency as ordered by the initiating party. Usage: This amount has to be transported unchanged through the transaction chain.", + "type": "object", + "properties": { + "Amount": { + "type": "string", + "pattern": "^\\d{1,13}\\.\\d{1,5}$" + }, + "Currency": { + "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 - Codes for the representation of currencies and funds.", + "type": "string", + "pattern": "^[A-Z]{3,3}$" + } + }, + "required": [ + "Amount", + "Currency" + ], + "additionalProperties": false + }, + "DebtorAgent": { + "description": "Financial institution servicing an account for the debtor.", + "title": "DebtorAgent", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "BICFI" + ] + }, + "Identification": { + "description": "Unique and unambiguous identification of a person.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "DebtorAccount": { + "description": "Unambiguous identification of the account of the debtor to which a debit entry will be made as a result of the transaction.", + "title": "DebtorAccount", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "IBAN", + "SortCodeAccountNumber" + ] + }, + "Identification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + }, + "Name": { + "description": "Name of the account, as assigned by the account servicing institution, in agreement with the account owner in order to provide an additional means of identification of the account. Usage: The account name is different from the account owner name. The account name is used in certain user communities to provide a means of identifying the account, in addition to the account owner's identity and the account number.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "SecondaryIdentification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "CreditorAgent": { + "description": "Financial institution servicing an account for the creditor.", + "title": "CreditorAgent", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "BICFI" + ] + }, + "Identification": { + "description": "Unique and unambiguous identification of a person.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "CreditorAccount": { + "description": "Unambiguous identification of the account of the creditor to which a credit entry will be posted as a result of the payment transaction.", + "title": "CreditorAccount", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "IBAN", + "SortCodeAccountNumber" + ] + }, + "Identification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + }, + "Name": { + "description": "Name of the account, as assigned by the account servicing institution, in agreement with the account owner in order to provide an additional means of identification of the account. Usage: The account name is different from the account owner name. The account name is used in certain user communities to provide a means of identifying the account, in addition to the account owner's identity and the account number. ASPSPs may carry out name validation for Confirmation of Payee, but it is not mandatory.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "SecondaryIdentification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + } + }, + "required": [ + "SchemeName", + "Identification", + "Name" + ], + "additionalProperties": false + }, + "RemittanceInformation": { + "description": "Information supplied to enable the matching of an entry with the items that the transfer is intended to settle, such as commercial invoices in an accounts' receivable system.", + "title": "RemittanceInformation", + "type": "object", + "properties": { + "Unstructured": { + "description": "Information supplied to enable the matching/reconciliation of an entry with the items that the payment is intended to settle, such as commercial invoices in an accounts' receivable system, in an unstructured form.", + "type": "string", + "minLength": 1, + "maxLength": 140 + }, + "Reference": { + "description": "Unique reference, as assigned by the creditor, to unambiguously refer to the payment transaction. Usage: If available, the initiating party should provide this reference in the structured remittance information, to enable reconciliation by the creditor upon receipt of the amount of money. If the business context requires the use of a creditor reference or a payment remit identification, and only one identifier can be passed through the end-to-end chain, the creditor's reference or payment remittance identification should be quoted in the end-to-end transaction identification. OB: The Faster Payments Scheme can only accept 18 characters for the ReferenceInformation field - which is where this ISO field will be mapped.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "additionalProperties": false + } + }, + "required": [ + "InstructionIdentification", + "EndToEndIdentification", + "InstructedAmount", + "CreditorAccount" + ], + "additionalProperties": false + } + }, + "required": [ + "Initiation" + ], + "additionalProperties": false + }, + "Risk": { + "description": "", + "title": "Risk", + "type": "object", + "properties": { + "PaymentContextCode": { + "description": "Specifies the payment context", + "title": "PaymentContextCode", + "type": "string", + "enum": [ + "BillPayment", + "EcommerceGoods", + "EcommerceServices", + "Other", + "PersonToPerson" + ] + }, + "MerchantCategoryCode": { + "description": "Category code conforms to ISO 18245, related to the type of services or goods the merchant provides for the transaction", + "type": "string", + "minLength": 3, + "maxLength": 4 + }, + "MerchantCustomerIdentification": { + "description": "The unique customer identifier of the PSU with the merchant.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "DeliveryAddress": { + "description": "Information that locates and identifies a specific address, as defined by postal services or in free format text.", + "type": "object", + "properties": { + "AddressLine": { + "description": "Information that locates and identifies a specific address, as defined by postal services, that is presented in free format text.", + "type": "array", + "items": { + "description": "maxLength 70 text", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "minItems": 0, + "maxItems": 2 + }, + "StreetName": { + "description": "Name of a street or thoroughfare", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "BuildingNumber": { + "description": "Number that identifies the position of a building on a street.", + "type": "string", + "minLength": 1, + "maxLength": 16 + }, + "PostCode": { + "description": "Identifier consisting of a group of letters and/or numbers that is added to a postal address to assist the sorting of mail", + "type": "string", + "minLength": 1, + "maxLength": 16 + }, + "TownName": { + "description": "Name of a built-up area, with defined boundaries, and a local government.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "CountrySubDivision": { + "description": "Identifies a subdivision of a country, for instance state, region, county.", + "type": "array", + "items": { + "description": "maxLength 35 text", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "minItems": 0, + "maxItems": 2 + }, + "Country": { + "description": "Nation with its own government, occupying a particular territory.", + "type": "string", + "pattern": "^[A-Z]{2,2}$" + } + }, + "required": [ + "TownName", + "Country" + ], + "additionalProperties": false + } + }, + "additionalProperties": false + } + }, + "required": [ + "Data", + "Risk" + ], + "additionalProperties": false + }, + "PaymentSubmissionRequest" : + { + "title": "Payment Submission POST request", + "description": "Allows Submission of a payment", + "type": "object", + "properties": { + "Data": { + "description": "", + "title": "PaymentSubmission", + "type": "object", + "properties": { + "PaymentId": { + "description": "OB: Unique identification as assigned by the ASPSP to uniquely identify the payment setup resource.", + "type": "string", + "minLength": 1, + "maxLength": 128 + }, + "Initiation": { + "description": "The Initiation payload is sent by the initiating party to the ASPSP. It is used to request movement of funds from the debtor account to a creditor.", + "type": "object", + "properties": { + "InstructionIdentification": { + "description": "Unique identification as assigned by an instructing party for an instructed party to unambiguously identify the instruction. Usage: the instruction identification is a point to point reference that can be used between the instructing party and the instructed party to refer to the individual instruction. It can be included in several messages related to the instruction.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "EndToEndIdentification": { + "description": "Unique identification assigned by the initiating party to unambiguously identify the transaction. This identification is passed on, unchanged, throughout the entire end-to-end chain. Usage: The end-to-end identification can be used for reconciliation or to link tasks relating to the transaction. It can be included in several messages related to the transaction. OB: The Faster Payments Scheme can only access 31 characters for the EndToEndIdentification field.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "InstructedAmount": { + "description": "Amount of money to be moved between the debtor and creditor, before deduction of charges, expressed in the currency as ordered by the initiating party. Usage: This amount has to be transported unchanged through the transaction chain.", + "type": "object", + "properties": { + "Amount": { + "type": "string", + "pattern": "^\\d{1,13}\\.\\d{1,5}$" + }, + "Currency": { + "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 - Codes for the representation of currencies and funds.", + "type": "string", + "pattern": "^[A-Z]{3,3}$" + } + }, + "required": [ + "Amount", + "Currency" + ], + "additionalProperties": false + }, + "DebtorAgent": { + "description": "Financial institution servicing an account for the debtor.", + "title": "DebtorAgent", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "BICFI" + ] + }, + "Identification": { + "description": "Unique and unambiguous identification of a person.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "DebtorAccount": { + "description": "Unambiguous identification of the account of the debtor to which a debit entry will be made as a result of the transaction.", + "title": "DebtorAccount", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "IBAN", + "SortCodeAccountNumber" + ] + }, + "Identification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + }, + "Name": { + "description": "Name of the account, as assigned by the account servicing institution, in agreement with the account owner in order to provide an additional means of identification of the account. Usage: The account name is different from the account owner name. The account name is used in certain user communities to provide a means of identifying the account, in addition to the account owner's identity and the account number.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "SecondaryIdentification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "CreditorAgent": { + "description": "Financial institution servicing an account for the creditor.", + "title": "CreditorAgent", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "BICFI" + ] + }, + "Identification": { + "description": "Unique and unambiguous identification of a person.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "CreditorAccount": { + "description": "Unambiguous identification of the account of the creditor to which a credit entry will be posted as a result of the payment transaction.", + "title": "CreditorAccount", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "IBAN", + "SortCodeAccountNumber" + ] + }, + "Identification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + }, + "Name": { + "description": "Name of the account, as assigned by the account servicing institution, in agreement with the account owner in order to provide an additional means of identification of the account. Usage: The account name is different from the account owner name. The account name is used in certain user communities to provide a means of identifying the account, in addition to the account owner's identity and the account number. ASPSPs may carry out name validation for Confirmation of Payee, but it is not mandatory.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "SecondaryIdentification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + } + }, + "required": [ + "SchemeName", + "Identification", + "Name" + ], + "additionalProperties": false + }, + "RemittanceInformation": { + "description": "Information supplied to enable the matching of an entry with the items that the transfer is intended to settle, such as commercial invoices in an accounts' receivable system.", + "title": "RemittanceInformation", + "type": "object", + "properties": { + "Unstructured": { + "description": "Information supplied to enable the matching/reconciliation of an entry with the items that the payment is intended to settle, such as commercial invoices in an accounts' receivable system, in an unstructured form.", + "type": "string", + "minLength": 1, + "maxLength": 140 + }, + "Reference": { + "description": "Unique reference, as assigned by the creditor, to unambiguously refer to the payment transaction. Usage: If available, the initiating party should provide this reference in the structured remittance information, to enable reconciliation by the creditor upon receipt of the amount of money. If the business context requires the use of a creditor reference or a payment remit identification, and only one identifier can be passed through the end-to-end chain, the creditor's reference or payment remittance identification should be quoted in the end-to-end transaction identification. OB: The Faster Payments Scheme can only accept 18 characters for the ReferenceInformation field - which is where this ISO field will be mapped.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "additionalProperties": false + } + }, + "required": [ + "InstructionIdentification", + "EndToEndIdentification", + "InstructedAmount", + "CreditorAccount" + ], + "additionalProperties": false + } + }, + "required": [ + "PaymentId", + "Initiation" + ], + "additionalProperties": false + }, + "Risk": { + "description": "", + "title": "Risk", + "type": "object", + "properties": { + "PaymentContextCode": { + "description": "Specifies the payment context", + "title": "PaymentContextCode", + "type": "string", + "enum": [ + "BillPayment", + "EcommerceGoods", + "EcommerceServices", + "Other", + "PersonToPerson" + ] + }, + "MerchantCategoryCode": { + "description": "Category code conforms to ISO 18245, related to the type of services or goods the merchant provides for the transaction", + "type": "string", + "minLength": 3, + "maxLength": 4 + }, + "MerchantCustomerIdentification": { + "description": "The unique customer identifier of the PSU with the merchant.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "DeliveryAddress": { + "description": "Information that locates and identifies a specific address, as defined by postal services or in free format text.", + "type": "object", + "properties": { + "AddressLine": { + "description": "Information that locates and identifies a specific address, as defined by postal services, that is presented in free format text.", + "type": "array", + "items": { + "description": "maxLength 70 text", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "minItems": 0, + "maxItems": 2 + }, + "StreetName": { + "description": "Name of a street or thoroughfare", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "BuildingNumber": { + "description": "Number that identifies the position of a building on a street.", + "type": "string", + "minLength": 1, + "maxLength": 16 + }, + "PostCode": { + "description": "Identifier consisting of a group of letters and/or numbers that is added to a postal address to assist the sorting of mail", + "type": "string", + "minLength": 1, + "maxLength": 16 + }, + "TownName": { + "description": "Name of a built-up area, with defined boundaries, and a local government.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "CountrySubDivision": { + "description": "Identifies a subdivision of a country, for instance state, region, county.", + "type": "array", + "items": { + "description": "maxLength 35 text", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "minItems": 0, + "maxItems": 2 + }, + "Country": { + "description": "Nation with its own government, occupying a particular territory.", + "type": "string", + "pattern": "^[A-Z]{2,2}$" + } + }, + "required": [ + "TownName", + "Country" + ], + "additionalProperties": false + } + }, + "additionalProperties": false + } + }, + "required": [ + "Data", + "Risk" + ], + "additionalProperties": false + } + } +} \ No newline at end of file diff --git a/src/devportal/all/modules/custom/openbank_swagger/swaggers/paymentv1-0.json.template b/src/devportal/all/modules/custom/openbank_swagger/swaggers/paymentv1-0.json.template new file mode 100644 index 00000000..ed1fb4fc --- /dev/null +++ b/src/devportal/all/modules/custom/openbank_swagger/swaggers/paymentv1-0.json.template @@ -0,0 +1,1666 @@ +{ + "swagger": "2.0", + "host": "{{ host }}", + "info": { + "title": "Payment Initiation API Specification", + "description": "Swagger for Payment Initiation API Specification", + "termsOfService": "https://www.openbanking.org.uk/terms", + "contact": { + "name": "Service Desk", + "email": "ServiceDesk@openbanking.org.uk" + }, + "license": { + "name": "open-licence", + "url": "https://www.openbanking.org.uk/open-licence" + }, + "version": "v1.1.0" + }, + "basePath": "/pis/open-banking/v1.0", + "schemes": [ + "https" + ], + "produces": [ + "application/json; charset=utf-8" + ], + "paths": { + "/payments": { + "post": { + "tags": [ + "Payments" + ], + "summary": "Create a single immediate payment", + "description": "Create a single immediate payment", + "operationId": "CreateSingleImmediatePayment", + "consumes": [ + "application/json; charset=utf-8" + ], + "produces": [ + "application/json; charset=utf-8" + ], + "parameters": [ + { + "name": "x-idempotency-key", + "in": "header", + "description": "Every request will be processed only once per x-idempotency-key. The Idempotency Key will be valid for 24 hours.", + "required": true, + "type": "string", + "default" : "12345", + "pattern": "^(?!\\s)(.*)(\\S)$", + "maxLength": 40 + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP. \nAll dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below: \nSun, 10 Sep 2017 19:43:31 UTC", + "pattern": "^(Mon|Tue|Wed|Thu|Fri|Sat|Sun), \\d{2} (Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec) \\d{4} \\d{2}:\\d{2}:\\d{2} (GMT|UTC)$" + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "required": false, + "default" : "10.20.30.40", + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + }, + { + "in": "header", + "name": "x-jws-signature", + "type": "string", + "required": true, + "description": "Header containing a detached JWS signature of the body of the payload." + }, + { + "name": "body", + "in": "body", + "description": "Setup a single immediate payment", + "required": true, + "schema": { + "$ref": "#/definitions/PaymentRequest" + } + } + ], + "responses": { + "201": { + "description": "Payment setup resource successfully created", + "schema": { + + "$ref": "#/definitions/PaymentResponse" + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "405": { + "description": "Method Not Allowed" + }, + "406": { + "description": "Not Acceptable" + }, + "429": { + "description": "Too Many Requests", + "headers": { + "Retry-After": { + "description": "Number in seconds to wait", + "type": "integer" + } + } + } + } + } + }, + "/payments/{PaymentId}": { + "get": { + "tags": [ + "Payments" + ], + "summary": "Get a single immediate payment", + "description": "Get a single immediate payment", + "operationId": "GetSingleImmediatePayment", + "produces": [ + "application/json; charset=utf-8" + ], + "parameters": [ + { + "name": "PaymentId", + "in": "path", + "description": "Unique identification as assigned by the ASPSP to uniquely identify the payment setup resource.", + "required": true, + "type": "string" + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "required": true, + "default" : "123456", + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP. \nAll dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below: \nSun, 10 Sep 2017 19:43:31 UTC", + "pattern": "^(Mon|Tue|Wed|Thu|Fri|Sat|Sun), \\d{2} (Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec) \\d{4} \\d{2}:\\d{2}:\\d{2} (GMT|UTC)$" + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "required": false, + "default" : "10.20.30.40", + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Payment resource successfully retrieved", + "schema": { + + "$ref": "#/definitions/PaymentResponse" + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "405": { + "description": "Method Not Allowed" + }, + "406": { + "description": "Not Acceptable" + }, + "429": { + "description": "Too Many Requests", + "headers": { + "Retry-After": { + "description": "Number in seconds to wait", + "type": "integer" + } + } + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "payments" + ] + } + ] + } + }, + "/payment-submissions": { + "post": { + "tags": [ + "Payments" + ], + "summary": "Create a payment submission", + "description": "Submit a previously setup payment", + "operationId": "CreatePaymentSubmission", + "consumes": [ + "application/json; charset=utf-8" + ], + "produces": [ + "application/json; charset=utf-8" + ], + "parameters": [ + { + "name": "x-idempotency-key", + "in": "header", + "description": "Every request will be processed only once per x-idempotency-key. The Idempotency Key will be valid for 24 hours.", + "required": true, + "type": "string", + "default" : "12345", + "pattern": "^(?!\\s)(.*)(\\S)$", + "maxLength": 40 + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "default" : "123456", + "required": true, + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP. \nAll dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below: \nSun, 10 Sep 2017 19:43:31 UTC", + "pattern": "^(Mon|Tue|Wed|Thu|Fri|Sat|Sun), \\d{2} (Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec) \\d{4} \\d{2}:\\d{2}:\\d{2} (GMT|UTC)$" + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "required": false, + "default" : "10.20.30.40", + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + }, + { + "in": "header", + "name": "x-jws-signature", + "type": "string", + "required": true, + "description": "Header containing a detached JWS signature of the body of the payload." + }, + { + "name": "body", + "in": "body", + "description": "Setup a single immediate payment", + "required": true, + "schema": { + "$ref": "#/definitions/PaymentSubmissionRequest" + } + } + ], + "responses": { + "201": { + "description": "Payment submit resource successfully created", + "schema": { + + "$ref": "#/definitions/PaymentSubmissionResponse" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "405": { + "description": "Method Not Allowed" + }, + "406": { + "description": "Not Acceptable" + }, + "429": { + "description": "Too Many Requests", + "headers": { + "Retry-After": { + "description": "Number in seconds to wait", + "type": "integer" + } + } + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "payments", "openid" + ] + } + ] + } + }, + "/payment-submissions/{PaymentSubmissionId}": { + "get": { + "tags": [ + "Payments" + ], + "summary": "Get a payment submission", + "description": "Get payment submission", + "operationId": "GetPaymentSubmission", + "produces": [ + "application/json; charset=utf-8" + ], + "parameters": [ + { + "name": "PaymentSubmissionId", + "in": "path", + "description": "Unique identification as assigned by the ASPSP to uniquely identify the payment submission resource.", + "required": true, + "type": "string" + }, + { + "in": "header", + "name": "x-fapi-financial-id", + "type": "string", + "default":"123456", + "required": true, + "description": "The unique id of the ASPSP to which the request is issued. The unique id will be issued by OB." + }, + { + "in": "header", + "name": "x-fapi-customer-last-logged-time", + "type": "string", + "required": false, + "description": "The time when the PSU last logged in with the TPP. \nAll dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below: \nSun, 10 Sep 2017 19:43:31 UTC", + "pattern": "^(Mon|Tue|Wed|Thu|Fri|Sat|Sun), \\d{2} (Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec) \\d{4} \\d{2}:\\d{2}:\\d{2} (GMT|UTC)$" + }, + { + "in": "header", + "name": "x-fapi-customer-ip-address", + "type": "string", + "default" : "10.20.30.40", + "required": false, + "description": "The PSU's IP address if the PSU is currently logged in with the TPP." + }, + { + "in": "header", + "name": "x-fapi-interaction-id", + "type": "string", + "required": false, + "description": "An RFC4122 UID used as a correlation id." + }, + { + "in": "header", + "name": "Authorization", + "type": "string", + "description": "An Authorisation Token as per https://tools.ietf.org/html/rfc6750" + } + ], + "responses": { + "200": { + "description": "Payment resource successfully retrieved", + "schema": { + + "$ref": "#/definitions/PaymentSubmissionResponse" + + }, + "headers": { + "x-jws-signature": { + "type": "string", + "description": "Header containing a detached JWS signature of the body of the payload." + }, + "x-fapi-interaction-id": { + "type": "string", + "description": "An RFC4122 UID used as a correlation id." + } + } + }, + "400": { + "description": "Bad Request" + }, + "401": { + "description": "Unauthorized" + }, + "403": { + "description": "Forbidden" + }, + "405": { + "description": "Method Not Allowed" + }, + "406": { + "description": "Not Acceptable" + }, + "429": { + "description": "Too Many Requests", + "headers": { + "Retry-After": { + "description": "Number in seconds to wait", + "type": "integer" + } + } + } + }, + "security": [ + { + "PSUOAuth2Security": [ + "payments" + ] + } + ] + } + } + }, + "securityDefinitions": { + "PSUOAuth2Security": { + "type": "oauth2", + "flow": "accessCode", + "tokenUrl": "{{ host_withprotocol }}/apis/v1.0/oauth/token", + "authorizationUrl": "{{ host_withprotocol }}/apis/v1.0/oauth/authorize?response_type=code&client_id={{ client_id_pisp }}&state=abcd1234&scope=openid payments&redirect_uri=https://api.enterprise.apigee.com/v1/o/{{ org }}/apimodels/payments-apis-v1-0/templateauths/PSUOAuth2Security/callback", + "scopes": { + "payments": "Generic payment scope", + "openid" : "openId" + }, + "description": "OAuth flow, it is required when the PSU needs to perform SCA with the ASPSP when a TPP wants to access an ASPSP resource owned by the PSU" + } + }, + "tags": [ + { + "name": "Payments", + "description": "Payments endpoints" + } + ], + "responses": { + "400ErrorResponse": { + "description": "Bad Request" + }, + "401ErrorResponse": { + "description": "Unauthorized" + }, + "403ErrorResponse": { + "description": "Forbidden" + }, + "405ErrorResponse": { + "description": "Method Not Allowed" + }, + "406ErrorResponse": { + "description": "Not Acceptable" + }, + "429ErrorResponse": { + "description": "Too Many Requests", + "headers": { + "Retry-After": { + "description": "Number in seconds to wait", + "type": "integer" + } + } + } + }, + "definitions": + { + "PaymentResponse": + { + "title": "Payment setup POST response", + "type": "object", + "properties": { + "Data": { + "description": "Reflection of The Main Data Payload, with Created Resource ID, Status and Timestamp", + "title": "PaymentSetupResponse", + "type": "object", + "properties": { + "PaymentId": { + "description": "OB: Unique identification as assigned by the ASPSP to uniquely identify the payment setup resource.", + "type": "string", + "minLength": 1, + "maxLength": 128 + }, + "Status": { + "description": "Specifies the status of the payment resource.", + "title": "PaymentStatusCode", + "type": "string", + "enum": [ + "AcceptedCustomerProfile", + "AcceptedTechnicalValidation", + "Pending", + "Rejected" + ] + }, + "CreationDateTime": { + "description": "Date and time at which the resource was created. \nAll dates in the JSON payloads are represented in ISO 8601 date-time format. \nAll date-time fields in responses must include the timezone. An example is below:\n2017-04-05T10:43:07+00:00", + "type": "string", + "format": "date-time" + }, + "Initiation": { + "description": "The Initiation payload is sent by the initiating party to the ASPSP. It is used to request movement of funds from the debtor account to a creditor.", + "type": "object", + "properties": { + "InstructionIdentification": { + "description": "Unique identification as assigned by an instructing party for an instructed party to unambiguously identify the instruction. Usage: the instruction identification is a point to point reference that can be used between the instructing party and the instructed party to refer to the individual instruction. It can be included in several messages related to the instruction.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "EndToEndIdentification": { + "description": "Unique identification assigned by the initiating party to unambiguously identify the transaction. This identification is passed on, unchanged, throughout the entire end-to-end chain. Usage: The end-to-end identification can be used for reconciliation or to link tasks relating to the transaction. It can be included in several messages related to the transaction. OB: The Faster Payments Scheme can only access 31 characters for the EndToEndIdentification field.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "InstructedAmount": { + "description": "Amount of money to be moved between the debtor and creditor, before deduction of charges, expressed in the currency as ordered by the initiating party. Usage: This amount has to be transported unchanged through the transaction chain.", + "type": "object", + "properties": { + "Amount": { + "type": "string", + "pattern": "^\\d{1,13}\\.\\d{1,5}$" + }, + "Currency": { + "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 - Codes for the representation of currencies and funds.", + "type": "string", + "pattern": "^[A-Z]{3,3}$" + } + }, + "required": [ + "Amount", + "Currency" + ], + "additionalProperties": false + }, + "DebtorAgent": { + "description": "Financial institution servicing an account for the debtor.", + "title": "DebtorAgent", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "BICFI" + ] + }, + "Identification": { + "description": "Unique and unambiguous identification of a person.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "DebtorAccount": { + "description": "Unambiguous identification of the account of the debtor to which a debit entry will be made as a result of the transaction.", + "title": "DebtorAccount", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "IBAN", + "SortCodeAccountNumber" + ] + }, + "Identification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + }, + "Name": { + "description": "Name of the account, as assigned by the account servicing institution, in agreement with the account owner in order to provide an additional means of identification of the account. Usage: The account name is different from the account owner name. The account name is used in certain user communities to provide a means of identifying the account, in addition to the account owner's identity and the account number.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "SecondaryIdentification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "CreditorAgent": { + "description": "Financial institution servicing an account for the creditor.", + "title": "CreditorAgent", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "BICFI" + ] + }, + "Identification": { + "description": "Unique and unambiguous identification of a person.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "CreditorAccount": { + "description": "Unambiguous identification of the account of the creditor to which a credit entry will be posted as a result of the payment transaction.", + "title": "CreditorAccount", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "IBAN", + "SortCodeAccountNumber" + ] + }, + "Identification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + }, + "Name": { + "description": "Name of the account, as assigned by the account servicing institution, in agreement with the account owner in order to provide an additional means of identification of the account. Usage: The account name is different from the account owner name. The account name is used in certain user communities to provide a means of identifying the account, in addition to the account owner's identity and the account number. ASPSPs may carry out name validation for Confirmation of Payee, but it is not mandatory.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "SecondaryIdentification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + } + }, + "required": [ + "SchemeName", + "Identification", + "Name" + ], + "additionalProperties": false + }, + "RemittanceInformation": { + "description": "Information supplied to enable the matching of an entry with the items that the transfer is intended to settle, such as commercial invoices in an accounts' receivable system.", + "title": "RemittanceInformation", + "type": "object", + "properties": { + "Unstructured": { + "description": "Information supplied to enable the matching/reconciliation of an entry with the items that the payment is intended to settle, such as commercial invoices in an accounts' receivable system, in an unstructured form.", + "type": "string", + "minLength": 1, + "maxLength": 140 + }, + "Reference": { + "description": "Unique reference, as assigned by the creditor, to unambiguously refer to the payment transaction. Usage: If available, the initiating party should provide this reference in the structured remittance information, to enable reconciliation by the creditor upon receipt of the amount of money. If the business context requires the use of a creditor reference or a payment remit identification, and only one identifier can be passed through the end-to-end chain, the creditor's reference or payment remittance identification should be quoted in the end-to-end transaction identification. OB: The Faster Payments Scheme can only accept 18 characters for the ReferenceInformation field - which is where this ISO field will be mapped.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "additionalProperties": false + } + }, + "required": [ + "InstructionIdentification", + "EndToEndIdentification", + "InstructedAmount", + "CreditorAccount" + ], + "additionalProperties": false + } + }, + "required": [ + "PaymentId", + "CreationDateTime", + "Initiation" + ], + "additionalProperties": false + }, + "Risk": { + "description": "Reflection of POSTed Risk profile ", + "title": "Risk", + "type": "object", + "properties": { + "PaymentContextCode": { + "description": "Specifies the payment context", + "title": "PaymentContextCode", + "type": "string", + "enum": [ + "BillPayment", + "EcommerceGoods", + "EcommerceServices", + "Other", + "PersonToPerson" + ] + }, + "MerchantCategoryCode": { + "description": "Category code conforms to ISO 18245, related to the type of services or goods the merchant provides for the transaction", + "type": "string", + "minLength": 3, + "maxLength": 4 + }, + "MerchantCustomerIdentification": { + "description": "The unique customer identifier of the PSU with the merchant.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "DeliveryAddress": { + "description": "Information that locates and identifies a specific address, as defined by postal services or in free format text.", + "type": "object", + "properties": { + "AddressLine": { + "description": "Information that locates and identifies a specific address, as defined by postal services, that is presented in free format text.", + "type": "array", + "items": { + "description": "maxLength 70 text", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "minItems": 0, + "maxItems": 2 + }, + "StreetName": { + "description": "Name of a street or thoroughfare", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "BuildingNumber": { + "description": "Number that identifies the position of a building on a street.", + "type": "string", + "minLength": 1, + "maxLength": 16 + }, + "PostCode": { + "description": "Identifier consisting of a group of letters and/or numbers that is added to a postal address to assist the sorting of mail", + "type": "string", + "minLength": 1, + "maxLength": 16 + }, + "TownName": { + "description": "Name of a built-up area, with defined boundaries, and a local government.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "CountrySubDivision": { + "description": "Identifies a subdivision of a country, for instance state, region, county.", + "type": "array", + "items": { + "description": "maxLength 35 text", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "minItems": 0, + "maxItems": 2 + }, + "Country": { + "description": "Nation with its own government, occupying a particular territory.", + "type": "string", + "pattern": "^[A-Z]{2,2}$" + } + }, + "required": [ + "TownName", + "Country" + ], + "additionalProperties": false + } + }, + "additionalProperties": false + }, + "Links": { + "type": "object", + "description": "Link URIs relevant to the payload", + "properties": { + "Self": { + "type": "string", + "format": "uri" + }, + "First": { + "type": "string", + "format": "uri" + }, + "Prev": { + "type": "string", + "format": "uri" + }, + "Next": { + "type": "string", + "format": "uri" + }, + "Last": { + "type": "string", + "format": "uri" + } + }, + "additionalProperties": false, + "required": [ + "Self" + ] + }, + "Meta": { + "type": "object", + "description": "Meta Data Relevant to the payload", + "properties": { + "TotalPages": { + "type": "integer", + "format": "int32" + } + }, + "additionalProperties": false + } + }, + "required": [ + "Data", + "Risk", + "Links", + "Meta" + ], + "additionalProperties": false + }, + "PaymentSubmissionResponse" : + { + "title": "Payment Submit POST 201 Response", + "type": "object", + "properties": { + "Data": { + "description": "Reflection of The Main Data Payload, with Created Resource ID, Status and Timestamp", + "title": "PaymentSetupResponse", + "type": "object", + "properties": { + "PaymentSubmissionId": { + "description": "OB: Unique identification as assigned by the ASPSP to uniquely identify the payment submission resource.", + "type": "string", + "minLength": 1, + "maxLength": 40 + }, + "PaymentId": { + "description": "OB: Unique identification as assigned by the ASPSP to uniquely identify the payment setup resource.", + "type": "string", + "minLength": 1, + "maxLength": 128 + }, + "Status": { + "description": "Specifies the status of the payment resource.", + "title": "PaymentSubmissionStatusCode", + "type": "string", + "enum": [ + "AcceptedSettlementCompleted", + "AcceptedSettlementInProcess", + "Pending", + "Rejected" + ] + }, + "CreationDateTime": { + "description": "Date and time at which the resource was created. \nAll dates in the JSON payloads are represented in ISO 8601 date-time format. \nAll date-time fields in responses must include the timezone. An example is below:\n2017-04-05T10:43:07+00:00", + "type": "string", + "format": "date-time" + } + }, + "required": [ + "PaymentSubmissionId", + "PaymentId", + "CreationDateTime" + ], + "additionalProperties": false + }, + "Links": { + "type": "object", + "description": "Link URIs relevant to the payload", + "properties": { + "Self": { + "type": "string", + "format": "uri" + }, + "First": { + "type": "string", + "format": "uri" + }, + "Prev": { + "type": "string", + "format": "uri" + }, + "Next": { + "type": "string", + "format": "uri" + }, + "Last": { + "type": "string", + "format": "uri" + } + }, + "additionalProperties": false, + "required": [ + "Self" + ] + }, + "Meta": { + "type": "object", + "description": "Meta Data Relevant to the payload", + "properties": { + "TotalPages": { + "type": "integer", + "format": "int32" + } + }, + "additionalProperties": false + } + }, + "required": [ + "Data", + "Links", + "Meta" + ], + "additionalProperties": false + + }, + "PaymentRequest" : { + "title": "Payment setup POST request", + "description": "Allows setup of a payment", + "type": "object", + "properties": { + "Data": { + "description": "", + "title": "PaymentSetup", + "type": "object", + "properties": { + "Initiation": { + "description": "", + "type": "object", + "properties": { + "InstructionIdentification": { + "description": "Unique identification as assigned by an instructing party for an instructed party to unambiguously identify the instruction. Usage: the instruction identification is a point to point reference that can be used between the instructing party and the instructed party to refer to the individual instruction. It can be included in several messages related to the instruction.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "EndToEndIdentification": { + "description": "Unique identification assigned by the initiating party to unambiguously identify the transaction. This identification is passed on, unchanged, throughout the entire end-to-end chain. Usage: The end-to-end identification can be used for reconciliation or to link tasks relating to the transaction. It can be included in several messages related to the transaction. OB: The Faster Payments Scheme can only access 31 characters for the EndToEndIdentification field.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "InstructedAmount": { + "description": "Amount of money to be moved between the debtor and creditor, before deduction of charges, expressed in the currency as ordered by the initiating party. Usage: This amount has to be transported unchanged through the transaction chain.", + "type": "object", + "properties": { + "Amount": { + "type": "string", + "pattern": "^\\d{1,13}\\.\\d{1,5}$" + }, + "Currency": { + "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 - Codes for the representation of currencies and funds.", + "type": "string", + "pattern": "^[A-Z]{3,3}$" + } + }, + "required": [ + "Amount", + "Currency" + ], + "additionalProperties": false + }, + "DebtorAgent": { + "description": "Financial institution servicing an account for the debtor.", + "title": "DebtorAgent", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "BICFI" + ] + }, + "Identification": { + "description": "Unique and unambiguous identification of a person.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "DebtorAccount": { + "description": "Unambiguous identification of the account of the debtor to which a debit entry will be made as a result of the transaction.", + "title": "DebtorAccount", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "IBAN", + "SortCodeAccountNumber" + ] + }, + "Identification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + }, + "Name": { + "description": "Name of the account, as assigned by the account servicing institution, in agreement with the account owner in order to provide an additional means of identification of the account. Usage: The account name is different from the account owner name. The account name is used in certain user communities to provide a means of identifying the account, in addition to the account owner's identity and the account number.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "SecondaryIdentification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "CreditorAgent": { + "description": "Financial institution servicing an account for the creditor.", + "title": "CreditorAgent", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "BICFI" + ] + }, + "Identification": { + "description": "Unique and unambiguous identification of a person.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "CreditorAccount": { + "description": "Unambiguous identification of the account of the creditor to which a credit entry will be posted as a result of the payment transaction.", + "title": "CreditorAccount", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "IBAN", + "SortCodeAccountNumber" + ] + }, + "Identification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + }, + "Name": { + "description": "Name of the account, as assigned by the account servicing institution, in agreement with the account owner in order to provide an additional means of identification of the account. Usage: The account name is different from the account owner name. The account name is used in certain user communities to provide a means of identifying the account, in addition to the account owner's identity and the account number. ASPSPs may carry out name validation for Confirmation of Payee, but it is not mandatory.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "SecondaryIdentification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + } + }, + "required": [ + "SchemeName", + "Identification", + "Name" + ], + "additionalProperties": false + }, + "RemittanceInformation": { + "description": "Information supplied to enable the matching of an entry with the items that the transfer is intended to settle, such as commercial invoices in an accounts' receivable system.", + "title": "RemittanceInformation", + "type": "object", + "properties": { + "Unstructured": { + "description": "Information supplied to enable the matching/reconciliation of an entry with the items that the payment is intended to settle, such as commercial invoices in an accounts' receivable system, in an unstructured form.", + "type": "string", + "minLength": 1, + "maxLength": 140 + }, + "Reference": { + "description": "Unique reference, as assigned by the creditor, to unambiguously refer to the payment transaction. Usage: If available, the initiating party should provide this reference in the structured remittance information, to enable reconciliation by the creditor upon receipt of the amount of money. If the business context requires the use of a creditor reference or a payment remit identification, and only one identifier can be passed through the end-to-end chain, the creditor's reference or payment remittance identification should be quoted in the end-to-end transaction identification. OB: The Faster Payments Scheme can only accept 18 characters for the ReferenceInformation field - which is where this ISO field will be mapped.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "additionalProperties": false + } + }, + "required": [ + "InstructionIdentification", + "EndToEndIdentification", + "InstructedAmount", + "CreditorAccount" + ], + "additionalProperties": false + } + }, + "required": [ + "Initiation" + ], + "additionalProperties": false + }, + "Risk": { + "description": "", + "title": "Risk", + "type": "object", + "properties": { + "PaymentContextCode": { + "description": "Specifies the payment context", + "title": "PaymentContextCode", + "type": "string", + "enum": [ + "BillPayment", + "EcommerceGoods", + "EcommerceServices", + "Other", + "PersonToPerson" + ] + }, + "MerchantCategoryCode": { + "description": "Category code conforms to ISO 18245, related to the type of services or goods the merchant provides for the transaction", + "type": "string", + "minLength": 3, + "maxLength": 4 + }, + "MerchantCustomerIdentification": { + "description": "The unique customer identifier of the PSU with the merchant.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "DeliveryAddress": { + "description": "Information that locates and identifies a specific address, as defined by postal services or in free format text.", + "type": "object", + "properties": { + "AddressLine": { + "description": "Information that locates and identifies a specific address, as defined by postal services, that is presented in free format text.", + "type": "array", + "items": { + "description": "maxLength 70 text", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "minItems": 0, + "maxItems": 2 + }, + "StreetName": { + "description": "Name of a street or thoroughfare", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "BuildingNumber": { + "description": "Number that identifies the position of a building on a street.", + "type": "string", + "minLength": 1, + "maxLength": 16 + }, + "PostCode": { + "description": "Identifier consisting of a group of letters and/or numbers that is added to a postal address to assist the sorting of mail", + "type": "string", + "minLength": 1, + "maxLength": 16 + }, + "TownName": { + "description": "Name of a built-up area, with defined boundaries, and a local government.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "CountrySubDivision": { + "description": "Identifies a subdivision of a country, for instance state, region, county.", + "type": "array", + "items": { + "description": "maxLength 35 text", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "minItems": 0, + "maxItems": 2 + }, + "Country": { + "description": "Nation with its own government, occupying a particular territory.", + "type": "string", + "pattern": "^[A-Z]{2,2}$" + } + }, + "required": [ + "TownName", + "Country" + ], + "additionalProperties": false + } + }, + "additionalProperties": false + } + }, + "required": [ + "Data", + "Risk" + ], + "additionalProperties": false + }, + "PaymentSubmissionRequest" : + { + "title": "Payment Submission POST request", + "description": "Allows Submission of a payment", + "type": "object", + "properties": { + "Data": { + "description": "", + "title": "PaymentSubmission", + "type": "object", + "properties": { + "PaymentId": { + "description": "OB: Unique identification as assigned by the ASPSP to uniquely identify the payment setup resource.", + "type": "string", + "minLength": 1, + "maxLength": 128 + }, + "Initiation": { + "description": "The Initiation payload is sent by the initiating party to the ASPSP. It is used to request movement of funds from the debtor account to a creditor.", + "type": "object", + "properties": { + "InstructionIdentification": { + "description": "Unique identification as assigned by an instructing party for an instructed party to unambiguously identify the instruction. Usage: the instruction identification is a point to point reference that can be used between the instructing party and the instructed party to refer to the individual instruction. It can be included in several messages related to the instruction.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "EndToEndIdentification": { + "description": "Unique identification assigned by the initiating party to unambiguously identify the transaction. This identification is passed on, unchanged, throughout the entire end-to-end chain. Usage: The end-to-end identification can be used for reconciliation or to link tasks relating to the transaction. It can be included in several messages related to the transaction. OB: The Faster Payments Scheme can only access 31 characters for the EndToEndIdentification field.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "InstructedAmount": { + "description": "Amount of money to be moved between the debtor and creditor, before deduction of charges, expressed in the currency as ordered by the initiating party. Usage: This amount has to be transported unchanged through the transaction chain.", + "type": "object", + "properties": { + "Amount": { + "type": "string", + "pattern": "^\\d{1,13}\\.\\d{1,5}$" + }, + "Currency": { + "description": "A code allocated to a currency by a Maintenance Agency under an international identification scheme, as described in the latest edition of the international standard ISO 4217 - Codes for the representation of currencies and funds.", + "type": "string", + "pattern": "^[A-Z]{3,3}$" + } + }, + "required": [ + "Amount", + "Currency" + ], + "additionalProperties": false + }, + "DebtorAgent": { + "description": "Financial institution servicing an account for the debtor.", + "title": "DebtorAgent", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "BICFI" + ] + }, + "Identification": { + "description": "Unique and unambiguous identification of a person.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "DebtorAccount": { + "description": "Unambiguous identification of the account of the debtor to which a debit entry will be made as a result of the transaction.", + "title": "DebtorAccount", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "IBAN", + "SortCodeAccountNumber" + ] + }, + "Identification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + }, + "Name": { + "description": "Name of the account, as assigned by the account servicing institution, in agreement with the account owner in order to provide an additional means of identification of the account. Usage: The account name is different from the account owner name. The account name is used in certain user communities to provide a means of identifying the account, in addition to the account owner's identity and the account number.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "SecondaryIdentification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "CreditorAgent": { + "description": "Financial institution servicing an account for the creditor.", + "title": "CreditorAgent", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "BICFI" + ] + }, + "Identification": { + "description": "Unique and unambiguous identification of a person.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "required": [ + "SchemeName", + "Identification" + ], + "additionalProperties": false + }, + "CreditorAccount": { + "description": "Unambiguous identification of the account of the creditor to which a credit entry will be posted as a result of the payment transaction.", + "title": "CreditorAccount", + "type": "object", + "properties": { + "SchemeName": { + "description": "Name of the identification scheme, in a coded form as published in an external list.", + "title": "SchemeName", + "type": "string", + "enum": [ + "IBAN", + "SortCodeAccountNumber" + ] + }, + "Identification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + }, + "Name": { + "description": "Name of the account, as assigned by the account servicing institution, in agreement with the account owner in order to provide an additional means of identification of the account. Usage: The account name is different from the account owner name. The account name is used in certain user communities to provide a means of identifying the account, in addition to the account owner's identity and the account number. ASPSPs may carry out name validation for Confirmation of Payee, but it is not mandatory.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "SecondaryIdentification": { + "description": "Identification assigned by an institution to identify an account. This identification is known by the account owner.", + "type": "string", + "minLength": 1, + "maxLength": 34 + } + }, + "required": [ + "SchemeName", + "Identification", + "Name" + ], + "additionalProperties": false + }, + "RemittanceInformation": { + "description": "Information supplied to enable the matching of an entry with the items that the transfer is intended to settle, such as commercial invoices in an accounts' receivable system.", + "title": "RemittanceInformation", + "type": "object", + "properties": { + "Unstructured": { + "description": "Information supplied to enable the matching/reconciliation of an entry with the items that the payment is intended to settle, such as commercial invoices in an accounts' receivable system, in an unstructured form.", + "type": "string", + "minLength": 1, + "maxLength": 140 + }, + "Reference": { + "description": "Unique reference, as assigned by the creditor, to unambiguously refer to the payment transaction. Usage: If available, the initiating party should provide this reference in the structured remittance information, to enable reconciliation by the creditor upon receipt of the amount of money. If the business context requires the use of a creditor reference or a payment remit identification, and only one identifier can be passed through the end-to-end chain, the creditor's reference or payment remittance identification should be quoted in the end-to-end transaction identification. OB: The Faster Payments Scheme can only accept 18 characters for the ReferenceInformation field - which is where this ISO field will be mapped.", + "type": "string", + "minLength": 1, + "maxLength": 35 + } + }, + "additionalProperties": false + } + }, + "required": [ + "InstructionIdentification", + "EndToEndIdentification", + "InstructedAmount", + "CreditorAccount" + ], + "additionalProperties": false + } + }, + "required": [ + "PaymentId", + "Initiation" + ], + "additionalProperties": false + }, + "Risk": { + "description": "", + "title": "Risk", + "type": "object", + "properties": { + "PaymentContextCode": { + "description": "Specifies the payment context", + "title": "PaymentContextCode", + "type": "string", + "enum": [ + "BillPayment", + "EcommerceGoods", + "EcommerceServices", + "Other", + "PersonToPerson" + ] + }, + "MerchantCategoryCode": { + "description": "Category code conforms to ISO 18245, related to the type of services or goods the merchant provides for the transaction", + "type": "string", + "minLength": 3, + "maxLength": 4 + }, + "MerchantCustomerIdentification": { + "description": "The unique customer identifier of the PSU with the merchant.", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "DeliveryAddress": { + "description": "Information that locates and identifies a specific address, as defined by postal services or in free format text.", + "type": "object", + "properties": { + "AddressLine": { + "description": "Information that locates and identifies a specific address, as defined by postal services, that is presented in free format text.", + "type": "array", + "items": { + "description": "maxLength 70 text", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "minItems": 0, + "maxItems": 2 + }, + "StreetName": { + "description": "Name of a street or thoroughfare", + "type": "string", + "minLength": 1, + "maxLength": 70 + }, + "BuildingNumber": { + "description": "Number that identifies the position of a building on a street.", + "type": "string", + "minLength": 1, + "maxLength": 16 + }, + "PostCode": { + "description": "Identifier consisting of a group of letters and/or numbers that is added to a postal address to assist the sorting of mail", + "type": "string", + "minLength": 1, + "maxLength": 16 + }, + "TownName": { + "description": "Name of a built-up area, with defined boundaries, and a local government.", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "CountrySubDivision": { + "description": "Identifies a subdivision of a country, for instance state, region, county.", + "type": "array", + "items": { + "description": "maxLength 35 text", + "type": "string", + "minLength": 1, + "maxLength": 35 + }, + "minItems": 0, + "maxItems": 2 + }, + "Country": { + "description": "Nation with its own government, occupying a particular territory.", + "type": "string", + "pattern": "^[A-Z]{2,2}$" + } + }, + "required": [ + "TownName", + "Country" + ], + "additionalProperties": false + } + }, + "additionalProperties": false + } + }, + "required": [ + "Data", + "Risk" + ], + "additionalProperties": false + } + } +} \ No newline at end of file diff --git a/src/devportal/all/modules/custom/openbank_swagger/swaggers/userinfov2.json b/src/devportal/all/modules/custom/openbank_swagger/swaggers/userinfov2.json deleted file mode 100644 index 39d17b69..00000000 --- a/src/devportal/all/modules/custom/openbank_swagger/swaggers/userinfov2.json +++ /dev/null @@ -1,194 +0,0 @@ -{ - "swagger": "2.0", - "host": "testdemorrai-test.apigee.net", - "schemes": [ - "https" - ], - "info": { - "description": "UserInfo API", - "title": "User Info", - "version": "0.0.1", - "termsOfService": "http://example.com/about/terms", - "contact": { - "name": "API Docs", - "url": "http://example.com/contact", - "email": "solution-ninjas@google.com" - }, - "license": { - "name": "Apache 2.0", - "url": "http://example.com" - } - }, - "basePath": "/apis/v2/userinfo", - "paths": { - "/acr:token": { - "get": { - "description": "Get details of logged-in customer, including name, address and contact information. The user is identified from the user Bearer Token.", - "summary": "User Info", - "operationId": "User Info", - "tags": [ - "UserInfo" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/UserInfo" - } - }, - "400": { - "description": "Bad Request" - } - }, - "security": [ - { - "aisp_auth": [ - "openid" - ] - } - ], - "parameters": [ - { - "name": "Authorization", - "in": "header", - "description": "Authorization Bearer Token", - "type": "string" - } - ] - } - } - }, - "securityDefinitions": { - "aisp_auth": { - "type": "oauth2", - "authorizationUrl": "https://testdemorrai-test.apigee.net/apis/v2/oauth/authorize?client_id=kFKyyXFnuV8VQ6y1vBhyVQtGQNNbrIG0&redirect_uri=http://localhost/&response_type=code&state=af0ifjsldkj&scope=openid&acr_values=2", - "tokenUrl": "https://testdemorrai-test.apigee.net/apis/v2/oauth/token", - "flow": "accessCode", - "scopes": { - "openid": "openID" - } - } - }, - "definitions": { - "UserInfo": { - "description": "This subset of OpenID Connect defines a set of standard Claims. They are returned in the UserInfo Response. https://openid.net/specs/openid-connect-basic-1_0.html#StandardClaims", - "type": "object", - "properties": { - "sub": { - "type": "string", - "description": "Subject - Identifier for the End-User at the Issuer." - }, - "customer_id": { - "type": "string", - "description": "Subject - Identifier for the End-User at the Issuer." - }, - "name": { - "type": "string", - "description": "End-User's full name in displayable form including all name parts, possibly including titles and suffixes, ordered according to the End-User's locale and preferences." - }, - "given_name": { - "type": "string", - "description": "Given name(s) or first name(s) of the End-User. Note that in some cultures, people can have multiple given names; all can be present, with the names being separated by space characters." - }, - "family_name": { - "type": "string", - "description": "Surname(s) or last name(s) of the End-User. Note that in some cultures, people can have multiple family names or no family name; all can be present, with the names being separated by space characters." - }, - "middle_name": { - "type": "string", - "description": "Middle name(s) of the End-User. Note that in some cultures, people can have multiple middle names; all can be present, with the names being separated by space characters. Also note that in some cultures, middle names are not used." - }, - "nickname": { - "type": "string", - "description": "Casual name of the End-User that may or may not be the same as the given_name. For instance, a nickname value of Mike might be returned alongside a given_name value of Michael." - }, - "preferred_username": { - "type": "string", - "description": "Shorthand name by which the End-User wishes to be referred to at the RP, such as janedoe or j.doe. This value MAY be any valid JSON string including special characters such as @, /, or whitespace. The RP MUST NOT rely upon this value being unique, as discussed in Section 2.5.3." - }, - "profile": { - "type": "string", - "description": "URL of the End-User's profile page. The contents of this Web page SHOULD be about the End-User." - }, - "picture": { - "type": "string", - "description": "URL of the End-User's profile picture. This URL MUST refer to an image file (for example, a PNG, JPEG, or GIF image file), rather than to a Web page containing an image. Note that this URL SHOULD specifically reference a profile photo of the End-User suitable for displaying when describing the End-User, rather than an arbitrary photo taken by the End-User." - }, - "website": { - "type": "string", - "description": "URL of the End-User's Web page or blog. This Web page SHOULD contain information published by the End-User or an organization that the End-User is affiliated with." - }, - "gender": { - "type": "string", - "description": "End-User's gender. Values defined by this document are female and male. Other values MAY be used when neither of the defined values are applicable." - }, - "birthday": { - "type": "string", - "description": "End-User's birthday, represented as an ISO 8601:2004 [ISO8601‑2004] YYYY-MM-DD format. The year MAY be 0000, indicating that it is omitted. To represent only the year, YYYY format is allowed. Note that depending on the underlying platform's date related function, providing just year can result in varying month and day, so the implementers need to take this factor into account to correctly process the dates." - }, - "zoneinfo": { - "type": "string", - "description": "String from zoneinfo [zoneinfo] time zone database representing the End-User's time zone. For example, Europe/Paris or America/Los_Angeles." - }, - "locale": { - "type": "string", - "description": "End-User's locale, represented as a BCP47 [RFC5646] language tag. This is typically an ISO 639-1 Alpha-2 [ISO639‑1] language code in lowercase and an ISO 3166-1 Alpha-2 [ISO3166‑1] country code in uppercase, separated by a dash. For example, en-US or fr-CA. As a compatibility note, some implementations have used an underscore as the separator rather than a dash, for example, en_US; Relying Parties MAY choose to accept this locale syntax as well." - }, - "phone_number": { - "type": "string", - "description": "End-User's preferred telephone number. E.164 [E.164] is RECOMMENDED as the format of this Claim, for example, +1 (425) 555-1212 or +56 (2) 687 2400. If the phone number contains an extension, it is RECOMMENDED that the extension be represented using the RFC 3966 [RFC3966] extension syntax, for example, +1 (604) 555-1234;ext=5678." - }, - "phone_number_verified": { - "type": "string", - "description": "True if the End-User's phone number has been verified; otherwise false. When this Claim Value is true, this means that the OP took affirmative steps to ensure that this phone number was controlled by the End-User at the time the verification was performed. The means by which a phone number is verified is context specific, and dependent upon the trust framework or contractual agreements within which the parties are operating. When true, the phone_number Claim MUST be in E.164 format and any extensions MUST be represented in RFC 3966 format." - }, - "email": { - "type": "string", - "description": "End-User's preferred e-mail address. Its value MUST conform to the RFC 5322 [RFC5322] addr-spec syntax. The RP MUST NOT rely upon this value being unique, as discussed in Section 2.5.3." - }, - "email_verified": { - "type": "string", - "description": "True if the End-User's e-mail address has been verified; otherwise false. When this Claim Value is true, this means that the OP took affirmative steps to ensure that this e-mail address was controlled by the End-User at the time the verification was performed. The means by which an e-mail address is verified is context specific, and dependent upon the trust framework or contractual agreements within which the parties are operating." - }, - "formatted": { - "type": "string", - "description": "Full mailing address, formatted for display or use on a mailing label. This field MAY contain multiple lines, separated by newlines." - }, - "house_name": { - "type": "string", - "description": "Street address component, which MAY include house number, house name." - }, - "street": { - "type": "string", - "description": "Street address component, which MAY include street name, Post Office Box, and multi-line extended street address information." - }, - "locality": { - "type": "string", - "description": "City or locality component." - }, - "region": { - "type": "string", - "description": "State, province, prefecture, or region component." - }, - "postal_code": { - "type": "string", - "description": "Zip code or postal code component." - }, - "country": { - "type": "string", - "description": "Country name component." - }, - "updated_at": { - "type": "string", - "description": "Time the End-User's information was last updated. Its value is a JSON number representing the number of seconds from 1970-01-01T00:00:00Z as measured in UTC until the date/time." - } - }, - "xml": { - "name": "UserInfo" - } - } - } -} \ No newline at end of file diff --git a/src/devportal/all/modules/custom/openbank_swagger/swaggers/userinfov2.json.template b/src/devportal/all/modules/custom/openbank_swagger/swaggers/userinfov2.json.template deleted file mode 100644 index 6907ebf0..00000000 --- a/src/devportal/all/modules/custom/openbank_swagger/swaggers/userinfov2.json.template +++ /dev/null @@ -1,194 +0,0 @@ -{ - "swagger": "2.0", - "host": "{{ host }}", - "schemes": [ - "https" - ], - "info": { - "description": "UserInfo API", - "title": "User Info", - "version": "0.0.1", - "termsOfService": "http://example.com/about/terms", - "contact": { - "name": "API Docs", - "url": "http://example.com/contact", - "email": "solution-ninjas@google.com" - }, - "license": { - "name": "Apache 2.0", - "url": "http://example.com" - } - }, - "basePath": "/apis/v2/userinfo", - "paths": { - "/acr:token": { - "get": { - "description": "Get details of logged-in customer, including name, address and contact information. The user is identified from the user Bearer Token.", - "summary": "User Info", - "operationId": "User Info", - "tags": [ - "UserInfo" - ], - "produces": [ - "application/json; charset=utf-8" - ], - "responses": { - "200": { - "description": "OK", - "schema": { - "$ref": "#/definitions/UserInfo" - } - }, - "400": { - "description": "Bad Request" - } - }, - "security": [ - { - "aisp_auth": [ - "openid" - ] - } - ], - "parameters": [ - { - "name": "Authorization", - "in": "header", - "description": "Authorization Bearer Token", - "type": "string" - } - ] - } - } - }, - "securityDefinitions": { - "aisp_auth": { - "type": "oauth2", - "authorizationUrl": "{{ host_withprotocol }}/apis/v2/oauth/authorize?client_id={{ client_id_openid }}&redirect_uri={{ edge_host }}/v1/o/{{ org }}/apimodels/userinfoapis/templateauths/aisp_auth/callback&response_type=code&state=af0ifjsldkj&scope=openid&acr_values=2", - "tokenUrl": "{{ host_withprotocol }}/apis/v2/oauth/token", - "flow": "accessCode", - "scopes": { - "openid": "openID" - } - } - }, - "definitions": { - "UserInfo": { - "description": "This subset of OpenID Connect defines a set of standard Claims. They are returned in the UserInfo Response. https://openid.net/specs/openid-connect-basic-1_0.html#StandardClaims", - "type": "object", - "properties": { - "sub": { - "type": "string", - "description": "Subject - Identifier for the End-User at the Issuer." - }, - "customer_id": { - "type": "string", - "description": "Subject - Identifier for the End-User at the Issuer." - }, - "name": { - "type": "string", - "description": "End-User's full name in displayable form including all name parts, possibly including titles and suffixes, ordered according to the End-User's locale and preferences." - }, - "given_name": { - "type": "string", - "description": "Given name(s) or first name(s) of the End-User. Note that in some cultures, people can have multiple given names; all can be present, with the names being separated by space characters." - }, - "family_name": { - "type": "string", - "description": "Surname(s) or last name(s) of the End-User. Note that in some cultures, people can have multiple family names or no family name; all can be present, with the names being separated by space characters." - }, - "middle_name": { - "type": "string", - "description": "Middle name(s) of the End-User. Note that in some cultures, people can have multiple middle names; all can be present, with the names being separated by space characters. Also note that in some cultures, middle names are not used." - }, - "nickname": { - "type": "string", - "description": "Casual name of the End-User that may or may not be the same as the given_name. For instance, a nickname value of Mike might be returned alongside a given_name value of Michael." - }, - "preferred_username": { - "type": "string", - "description": "Shorthand name by which the End-User wishes to be referred to at the RP, such as janedoe or j.doe. This value MAY be any valid JSON string including special characters such as @, /, or whitespace. The RP MUST NOT rely upon this value being unique, as discussed in Section 2.5.3." - }, - "profile": { - "type": "string", - "description": "URL of the End-User's profile page. The contents of this Web page SHOULD be about the End-User." - }, - "picture": { - "type": "string", - "description": "URL of the End-User's profile picture. This URL MUST refer to an image file (for example, a PNG, JPEG, or GIF image file), rather than to a Web page containing an image. Note that this URL SHOULD specifically reference a profile photo of the End-User suitable for displaying when describing the End-User, rather than an arbitrary photo taken by the End-User." - }, - "website": { - "type": "string", - "description": "URL of the End-User's Web page or blog. This Web page SHOULD contain information published by the End-User or an organization that the End-User is affiliated with." - }, - "gender": { - "type": "string", - "description": "End-User's gender. Values defined by this document are female and male. Other values MAY be used when neither of the defined values are applicable." - }, - "birthday": { - "type": "string", - "description": "End-User's birthday, represented as an ISO 8601:2004 [ISO8601‑2004] YYYY-MM-DD format. The year MAY be 0000, indicating that it is omitted. To represent only the year, YYYY format is allowed. Note that depending on the underlying platform's date related function, providing just year can result in varying month and day, so the implementers need to take this factor into account to correctly process the dates." - }, - "zoneinfo": { - "type": "string", - "description": "String from zoneinfo [zoneinfo] time zone database representing the End-User's time zone. For example, Europe/Paris or America/Los_Angeles." - }, - "locale": { - "type": "string", - "description": "End-User's locale, represented as a BCP47 [RFC5646] language tag. This is typically an ISO 639-1 Alpha-2 [ISO639‑1] language code in lowercase and an ISO 3166-1 Alpha-2 [ISO3166‑1] country code in uppercase, separated by a dash. For example, en-US or fr-CA. As a compatibility note, some implementations have used an underscore as the separator rather than a dash, for example, en_US; Relying Parties MAY choose to accept this locale syntax as well." - }, - "phone_number": { - "type": "string", - "description": "End-User's preferred telephone number. E.164 [E.164] is RECOMMENDED as the format of this Claim, for example, +1 (425) 555-1212 or +56 (2) 687 2400. If the phone number contains an extension, it is RECOMMENDED that the extension be represented using the RFC 3966 [RFC3966] extension syntax, for example, +1 (604) 555-1234;ext=5678." - }, - "phone_number_verified": { - "type": "string", - "description": "True if the End-User's phone number has been verified; otherwise false. When this Claim Value is true, this means that the OP took affirmative steps to ensure that this phone number was controlled by the End-User at the time the verification was performed. The means by which a phone number is verified is context specific, and dependent upon the trust framework or contractual agreements within which the parties are operating. When true, the phone_number Claim MUST be in E.164 format and any extensions MUST be represented in RFC 3966 format." - }, - "email": { - "type": "string", - "description": "End-User's preferred e-mail address. Its value MUST conform to the RFC 5322 [RFC5322] addr-spec syntax. The RP MUST NOT rely upon this value being unique, as discussed in Section 2.5.3." - }, - "email_verified": { - "type": "string", - "description": "True if the End-User's e-mail address has been verified; otherwise false. When this Claim Value is true, this means that the OP took affirmative steps to ensure that this e-mail address was controlled by the End-User at the time the verification was performed. The means by which an e-mail address is verified is context specific, and dependent upon the trust framework or contractual agreements within which the parties are operating." - }, - "formatted": { - "type": "string", - "description": "Full mailing address, formatted for display or use on a mailing label. This field MAY contain multiple lines, separated by newlines." - }, - "house_name": { - "type": "string", - "description": "Street address component, which MAY include house number, house name." - }, - "street": { - "type": "string", - "description": "Street address component, which MAY include street name, Post Office Box, and multi-line extended street address information." - }, - "locality": { - "type": "string", - "description": "City or locality component." - }, - "region": { - "type": "string", - "description": "State, province, prefecture, or region component." - }, - "postal_code": { - "type": "string", - "description": "Zip code or postal code component." - }, - "country": { - "type": "string", - "description": "Country name component." - }, - "updated_at": { - "type": "string", - "description": "Time the End-User's information was last updated. Its value is a JSON number representing the number of seconds from 1970-01-01T00:00:00Z as measured in UTC until the date/time." - } - }, - "xml": { - "name": "UserInfo" - } - } - } -} \ No newline at end of file diff --git a/src/devportal/all/modules/home_page_blocks/home_page_blocks.features.fe_block_boxes.inc b/src/devportal/all/modules/home_page_blocks/home_page_blocks.features.fe_block_boxes.inc index 3ce43189..6b57e5c2 100644 --- a/src/devportal/all/modules/home_page_blocks/home_page_blocks.features.fe_block_boxes.inc +++ b/src/devportal/all/modules/home_page_blocks/home_page_blocks.features.fe_block_boxes.inc @@ -33,7 +33,7 @@ function home_page_blocks_default_fe_block_boxes() { -

    Getting started

    +

    Getting Started

    Learn about the banking APIs and understand how to create apps.
    @@ -53,7 +53,7 @@ function home_page_blocks_default_fe_block_boxes() { -

    API catalogue

    +

    API Catalogue

    Explore OpenBank's PSD2 and Open Banking APIs to build and test your app.
    @@ -73,7 +73,7 @@ function home_page_blocks_default_fe_block_boxes() { -

    Developer community

    +

    Developer Community

    Learn, share, and collaborate with other developers through forums and blogs.
    @@ -93,7 +93,7 @@ function home_page_blocks_default_fe_block_boxes() { -

    Reference apps

    +

    Reference Apps

    Experiment with our reference apps, and see OpenBank's APIs come to life.
    diff --git a/src/devportal/all/themes/dbank/css/dbank.css b/src/devportal/all/themes/dbank/css/dbank.css index 033fb082..1c1d09e2 100644 --- a/src/devportal/all/themes/dbank/css/dbank.css +++ b/src/devportal/all/themes/dbank/css/dbank.css @@ -15,10 +15,27 @@ p, .table td, .table th, li, body, pre, code { line-height: 30px; } h1, h2, h3, h4, h5, h6 { - color: #00543d; + color: #36474f; } + +.dialog-div .ui-dialog-titlebar { + width: 100%; + text-align: center; + text-transform: uppercase; +} + +.dialog-div .ui-dialog-titlebar { + margin: 0; + line-height: 1.428571429; +} + + + + + + .activeTitle { font-weight:bold; @@ -101,6 +118,13 @@ body.admin-menu.front .page-header { padding-top: 0px;} margin: 0; } +.flex-nav-container .flexslider{ + border: none; + border-radius: 0px; + margin: 0; + margin-top:70px; +} + .slide-caption{ color: rgb(134, 134, 134); font-size: 1.9em; @@ -120,10 +144,20 @@ body.admin-menu.front .page-header { padding-top: 0px;} text-align: center; z-index: 300; } +.flex-nav-container .flex-control-nav{ + width: 100%; + position: absolute; + bottom: 15px; + text-align: center; + z-index: 300; +} body.front #flexslider_views_slideshow_main_slideshow-block .flex-direction-nav li { line-height: 40px; } +body.front .flex-nav-container .flex-direction-nav li { + line-height: 40px; +} .region-logo-right{ line-height: 70px; @@ -367,16 +401,16 @@ body .btn { color: #FFFFFF; } body.front .region-content h2 { - color: #84aab9; + color: #36474f; } -body .navbar-inverse .navbar-nav > .open > a{ background-color:#ff4300 !important; } +body .navbar-inverse .navbar-nav > .open > a{ background-color:#4885ed !important; } #method_content a.link_reset_default { display: inline-block; margin: 0 0 0 10px !important; font-size: 13px; padding: 8px 40px; border-radius: 7px / 5px 5px 5px 5px; - background-color: #ff4300; + background-color: #4885ed; color: #FFFFFF; } .footer { @@ -414,7 +448,13 @@ body.sidebar-first .main-container.container { margin: 0 5px 0 -15px; } .block h3.box-title span { - color: #4d4d4d !important; + color: #36474f !important; + font-size:20px; +} + +.block h3.box-title span:hover { + color: #039be5 !important; + font-size:20px; } #block-block-8 { border-bottom: none; } body.navbar-is-fixed-top #breadcrumb-navbar { margin-top: 66px } diff --git a/src/devportal/all/themes/dbank/dbank.info b/src/devportal/all/themes/dbank/dbank.info index 81bb8875..ef2769ca 100644 --- a/src/devportal/all/themes/dbank/dbank.info +++ b/src/devportal/all/themes/dbank/dbank.info @@ -40,18 +40,22 @@ stylesheets[all][] = css/dbank.css scripts[] = js/global.js scripts[] = js/smartdocs.js +scripts[] = js/jws-initialization.js +scripts[] = js/jsrsasign-all-min.js +scripts[] = js/Base64EncodeDecode.js +scripts[] = js/smartdocsDynamic.js scripts[] = js/dbank.js ;Settings ;--------------- settings[header_bg_color] = #ffffff -settings[header_txt_color] = #808080 +settings[header_txt_color] = #36474f settings[header_hover_bg_color] = #ffffff -settings[header_hover_txt_color] => #333 +settings[header_hover_txt_color] => #000000 settings[link_color] = #eb552f settings[link_hover_color] = #4a494a settings[bootstrap_navbar_position] = fixed-top settings[bootstrap_region_well-sidebar_first] = '' settings[bootstrap_region_well-sidebar_second] = '' settings[footer_position] = static -settings[footer_bg_color] = #999 +settings[footer_bg_color] = #4885ed diff --git a/src/devportal/all/themes/dbank/js/Base64EncodeDecode.js b/src/devportal/all/themes/dbank/js/Base64EncodeDecode.js new file mode 100644 index 00000000..b921cd8b --- /dev/null +++ b/src/devportal/all/themes/dbank/js/Base64EncodeDecode.js @@ -0,0 +1,162 @@ +var Base64 = { + + + _keyStr: "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=", + + + encode: function (input) { + var output = ""; + var chr1, chr2, chr3, enc1, enc2, enc3, enc4; + var i = 0; + + + input = Base64._utf8_encode(input); + + + while (i < input.length) { + + + chr1 = input.charCodeAt(i++); + chr2 = input.charCodeAt(i++); + chr3 = input.charCodeAt(i++); + + + enc1 = chr1 >> 2; + enc2 = ((chr1 & 3) << 4) | (chr2 >> 4); + enc3 = ((chr2 & 15) << 2) | (chr3 >> 6); + enc4 = chr3 & 63; + + + if (isNaN(chr2)) { + enc3 = enc4 = 64; + } else if (isNaN(chr3)) { + enc4 = 64; + } + + + output = output + this._keyStr.charAt(enc1) + this._keyStr.charAt(enc2) + this._keyStr.charAt(enc3) + this._keyStr.charAt(enc4); + + + } + + + return output; + }, + + + decode: function (input) { + var output = ""; + var chr1, chr2, chr3; + var enc1, enc2, enc3, enc4; + var i = 0; + + + input = input.replace(/[^A-Za-z0-9\+\/\=]/g, ""); + + + while (i < input.length) { + + + enc1 = this._keyStr.indexOf(input.charAt(i++)); + enc2 = this._keyStr.indexOf(input.charAt(i++)); + enc3 = this._keyStr.indexOf(input.charAt(i++)); + enc4 = this._keyStr.indexOf(input.charAt(i++)); + + + chr1 = (enc1 << 2) | (enc2 >> 4); + chr2 = ((enc2 & 15) << 4) | (enc3 >> 2); + chr3 = ((enc3 & 3) << 6) | enc4; + + + output = output + String.fromCharCode(chr1); + + + if (enc3 != 64) { + output = output + String.fromCharCode(chr2); + } + if (enc4 != 64) { + output = output + String.fromCharCode(chr3); + } + + + } + + + output = Base64._utf8_decode(output); + + + return output; + + + }, + + + _utf8_encode: function (string) { + string = string.replace(/\r\n/g, "\n"); + var utftext = ""; + + + for (var n = 0; n < string.length; n++) { + + + var c = string.charCodeAt(n); + + + if (c < 128) { + utftext += String.fromCharCode(c); + } + else if ((c > 127) && (c < 2048)) { + utftext += String.fromCharCode((c >> 6) | 192); + utftext += String.fromCharCode((c & 63) | 128); + } + else { + utftext += String.fromCharCode((c >> 12) | 224); + utftext += String.fromCharCode(((c >> 6) & 63) | 128); + utftext += String.fromCharCode((c & 63) | 128); + } + + + } + + + return utftext; + }, + + + _utf8_decode: function (utftext) { + var string = ""; + var i = 0; + var c = c1 = c2 = 0; + + + while (i < utftext.length) { + + + c = utftext.charCodeAt(i); + + + if (c < 128) { + string += String.fromCharCode(c); + i++; + } + else if ((c > 191) && (c < 224)) { + c2 = utftext.charCodeAt(i + 1); + string += String.fromCharCode(((c & 31) << 6) | (c2 & 63)); + i += 2; + } + else { + c2 = utftext.charCodeAt(i + 1); + c3 = utftext.charCodeAt(i + 2); + string += String.fromCharCode(((c & 15) << 12) | ((c2 & 63) << 6) | (c3 & 63)); + i += 3; + } + + + } + + + return string; + } + + +} diff --git a/src/devportal/all/themes/dbank/js/dbank.js b/src/devportal/all/themes/dbank/js/dbank.js index aaef6c81..a928186b 100644 --- a/src/devportal/all/themes/dbank/js/dbank.js +++ b/src/devportal/all/themes/dbank/js/dbank.js @@ -1,9 +1,15 @@ /* This is the javascript file that will contain all the custom javascript code that you will be writing to customize the interactivity of the Apigee developer portal. */ - (function ($){ + (function ($) + { + + + + $(document).ready(function() { + $("#resourceUrlCollapse-arrow").removeClass("glyphicon-chevron-right"); $("#resourceUrlCollapse-arrow").addClass("glyphicon-chevron-down"); //for the resource url @@ -18,6 +24,92 @@ $("section.block.block-block.clearfix").addClass("home-dbank-block"); $("#navbar > div.container").css("width","100%"); $("div.verb-auth > p").attr("data-role","verb-role"); + + +// add buttons + + /*if($("ul.headerParamSection input[name=Authorization]").length >0) + { + var $input = $(''); + $input.appendTo($("ul.headerParamSection input[name=Authorization]").parent().next()); + + var $jwtDialogDiv = $('
    '); + $jwtDialogDiv.appendTo($('body')); + + $('#dialogJWT').dialog({ + autoOpen: false, + title: 'Create JWT', + resizable : false, + width : 600, + height:200, + modal : true, + dialogClass : "dialog-div", + open: function(event, ui) { + $(".ui-dialog-titlebar-close", ui.dialog | ui).hide(); + }, + buttons: [ + { + text: "Create", + click: createJWT + + }, + { + text: "Cancel", + click: function() { + $( this ).dialog( "close" ); + } + } + ] + }); + } + + + function showJwt() + { + alert("yay"); + + $("input[name=jwt_contentType]").val($("ul.headerParamSection input[name=Content-Type]").val()); + $("#dialogJWT").dialog("open"); + + + } + function createJWT() + { + $("#dialogJWT").dialog("close"); + alert("yay1"); + + $("ul.headerParamSection input[name=Authorization]").val($("input[name=jwt_contentType]").val()); + //var w = window.open("http://www.google.com", "oauth2Window", "resizable=yes,scrollbars=yes,status=1,toolbar=1,height=500,width=500"); + + //$("#dialogJWT").dialog("open"); + + + } + + function myfunction() + { + alert("success"); + }*/ + + + + +// oauth set button +//$('div[data-role=oauth2_modal]') + + +// override existing button + + + //alert("in button"); + + + }); + + + + })(jQuery); + diff --git a/src/devportal/all/themes/dbank/js/jsrsasign-all-min.js b/src/devportal/all/themes/dbank/js/jsrsasign-all-min.js new file mode 100644 index 00000000..f8d8e08c --- /dev/null +++ b/src/devportal/all/themes/dbank/js/jsrsasign-all-min.js @@ -0,0 +1,247 @@ +/* + * jsrsasign(all) 8.0.3 (2017-07-11) (c) 2010-2017 Kenji Urushima | kjur.github.com/jsrsasign/license + */ + +/*! +Copyright (c) 2011, Yahoo! Inc. All rights reserved. +Code licensed under the BSD License: +http://developer.yahoo.com/yui/license.html +version: 2.9.0 +*/ +if(YAHOO===undefined){var YAHOO={}}YAHOO.lang={extend:function(g,h,f){if(!h||!g){throw new Error("YAHOO.lang.extend failed, please check that all dependencies are included.")}var d=function(){};d.prototype=h.prototype;g.prototype=new d();g.prototype.constructor=g;g.superclass=h.prototype;if(h.prototype.constructor==Object.prototype.constructor){h.prototype.constructor=h}if(f){var b;for(b in f){g.prototype[b]=f[b]}var e=function(){},c=["toString","valueOf"];try{if(/MSIE/.test(navigator.userAgent)){e=function(j,i){for(b=0;b>>2]>>>(24-(r%4)*8))&255;q[(n+r)>>>2]|=o<<(24-((n+r)%4)*8)}}else{for(var r=0;r>>2]=p[r>>>2]}}this.sigBytes+=s;return this},clamp:function(){var o=this.words;var n=this.sigBytes;o[n>>>2]&=4294967295<<(32-(n%4)*8);o.length=e.ceil(n/4)},clone:function(){var n=j.clone.call(this);n.words=this.words.slice(0);return n},random:function(p){var o=[];for(var n=0;n>>2]>>>(24-(n%4)*8))&255;q.push((s>>>4).toString(16));q.push((s&15).toString(16))}return q.join("")},parse:function(p){var n=p.length;var q=[];for(var o=0;o>>3]|=parseInt(p.substr(o,2),16)<<(24-(o%8)*4)}return new l.init(q,n/2)}};var d=m.Latin1={stringify:function(q){var r=q.words;var p=q.sigBytes;var n=[];for(var o=0;o>>2]>>>(24-(o%4)*8))&255;n.push(String.fromCharCode(s))}return n.join("")},parse:function(p){var n=p.length;var q=[];for(var o=0;o>>2]|=(p.charCodeAt(o)&255)<<(24-(o%4)*8)}return new l.init(q,n)}};var c=m.Utf8={stringify:function(n){try{return decodeURIComponent(escape(d.stringify(n)))}catch(o){throw new Error("Malformed UTF-8 data")}},parse:function(n){return d.parse(unescape(encodeURIComponent(n)))}};var i=b.BufferedBlockAlgorithm=j.extend({reset:function(){this._data=new l.init();this._nDataBytes=0},_append:function(n){if(typeof n=="string"){n=c.parse(n)}this._data.concat(n);this._nDataBytes+=n.sigBytes},_process:function(w){var q=this._data;var x=q.words;var n=q.sigBytes;var t=this.blockSize;var v=t*4;var u=n/v;if(w){u=e.ceil(u)}else{u=e.max((u|0)-this._minBufferSize,0)}var s=u*t;var r=e.min(s*4,n);if(s){for(var p=0;p>>2]&255}};f.BlockCipher=n.extend({cfg:n.cfg.extend({mode:m,padding:h}),reset:function(){n.reset.call(this);var a=this.cfg,b=a.iv,a=a.mode;if(this._xformMode==this._ENC_XFORM_MODE)var c=a.createEncryptor;else c=a.createDecryptor,this._minBufferSize=1; +this._mode=c.call(a,this,b&&b.words)},_doProcessBlock:function(a,b){this._mode.processBlock(a,b)},_doFinalize:function(){var a=this.cfg.padding;if(this._xformMode==this._ENC_XFORM_MODE){a.pad(this._data,this.blockSize);var b=this._process(!0)}else b=this._process(!0),a.unpad(b);return b},blockSize:4});var p=f.CipherParams=k.extend({init:function(a){this.mixIn(a)},toString:function(a){return(a||this.formatter).stringify(this)}}),m=(g.format={}).OpenSSL={stringify:function(a){var b=a.ciphertext;a=a.salt; +return(a?l.create([1398893684,1701076831]).concat(a).concat(b):b).toString(r)},parse:function(a){a=r.parse(a);var b=a.words;if(1398893684==b[0]&&1701076831==b[1]){var c=l.create(b.slice(2,4));b.splice(0,4);a.sigBytes-=16}return p.create({ciphertext:a,salt:c})}},j=f.SerializableCipher=k.extend({cfg:k.extend({format:m}),encrypt:function(a,b,c,d){d=this.cfg.extend(d);var e=a.createEncryptor(c,d);b=e.finalize(b);e=e.cfg;return p.create({ciphertext:b,key:c,iv:e.iv,algorithm:a,mode:e.mode,padding:e.padding, +blockSize:a.blockSize,formatter:d.format})},decrypt:function(a,b,c,d){d=this.cfg.extend(d);b=this._parse(b,d.format);return a.createDecryptor(c,d).finalize(b.ciphertext)},_parse:function(a,b){return"string"==typeof a?b.parse(a,this):a}}),g=(g.kdf={}).OpenSSL={execute:function(a,b,c,d){d||(d=l.random(8));a=v.create({keySize:b+c}).compute(a,d);c=l.create(a.words.slice(b),4*c);a.sigBytes=4*b;return p.create({key:a,iv:c,salt:d})}},s=f.PasswordBasedCipher=j.extend({cfg:j.cfg.extend({kdf:g}),encrypt:function(a, +b,c,d){d=this.cfg.extend(d);c=d.kdf.execute(c,a.keySize,a.ivSize);d.iv=c.iv;a=j.encrypt.call(this,a,b,c.key,d);a.mixIn(c);return a},decrypt:function(a,b,c,d){d=this.cfg.extend(d);b=this._parse(b,d.format);c=d.kdf.execute(c,a.keySize,a.ivSize,b.salt);d.iv=c.iv;return j.decrypt.call(this,a,b,c.key,d)}})}(); + +/* +CryptoJS v3.1.2 aes.js +code.google.com/p/crypto-js +(c) 2009-2013 by Jeff Mott. All rights reserved. +code.google.com/p/crypto-js/wiki/License +*/ +(function(){for(var q=CryptoJS,x=q.lib.BlockCipher,r=q.algo,j=[],y=[],z=[],A=[],B=[],C=[],s=[],u=[],v=[],w=[],g=[],k=0;256>k;k++)g[k]=128>k?k<<1:k<<1^283;for(var n=0,l=0,k=0;256>k;k++){var f=l^l<<1^l<<2^l<<3^l<<4,f=f>>>8^f&255^99;j[n]=f;y[f]=n;var t=g[n],D=g[t],E=g[D],b=257*g[f]^16843008*f;z[n]=b<<24|b>>>8;A[n]=b<<16|b>>>16;B[n]=b<<8|b>>>24;C[n]=b;b=16843009*E^65537*D^257*t^16843008*n;s[f]=b<<24|b>>>8;u[f]=b<<16|b>>>16;v[f]=b<<8|b>>>24;w[f]=b;n?(n=t^g[g[g[E^t]]],l^=g[g[l]]):n=l=1}var F=[0,1,2,4,8, +16,32,64,128,27,54],r=r.AES=x.extend({_doReset:function(){for(var c=this._key,e=c.words,a=c.sigBytes/4,c=4*((this._nRounds=a+6)+1),b=this._keySchedule=[],h=0;h>>24]<<24|j[d>>>16&255]<<16|j[d>>>8&255]<<8|j[d&255]):(d=d<<8|d>>>24,d=j[d>>>24]<<24|j[d>>>16&255]<<16|j[d>>>8&255]<<8|j[d&255],d^=F[h/a|0]<<24);b[h]=b[h-a]^d}e=this._invKeySchedule=[];for(a=0;aa||4>=h?d:s[j[d>>>24]]^u[j[d>>>16&255]]^v[j[d>>> +8&255]]^w[j[d&255]]},encryptBlock:function(c,e){this._doCryptBlock(c,e,this._keySchedule,z,A,B,C,j)},decryptBlock:function(c,e){var a=c[e+1];c[e+1]=c[e+3];c[e+3]=a;this._doCryptBlock(c,e,this._invKeySchedule,s,u,v,w,y);a=c[e+1];c[e+1]=c[e+3];c[e+3]=a},_doCryptBlock:function(c,e,a,b,h,d,j,m){for(var n=this._nRounds,f=c[e]^a[0],g=c[e+1]^a[1],k=c[e+2]^a[2],p=c[e+3]^a[3],l=4,t=1;t>>24]^h[g>>>16&255]^d[k>>>8&255]^j[p&255]^a[l++],r=b[g>>>24]^h[k>>>16&255]^d[p>>>8&255]^j[f&255]^a[l++],s= +b[k>>>24]^h[p>>>16&255]^d[f>>>8&255]^j[g&255]^a[l++],p=b[p>>>24]^h[f>>>16&255]^d[g>>>8&255]^j[k&255]^a[l++],f=q,g=r,k=s;q=(m[f>>>24]<<24|m[g>>>16&255]<<16|m[k>>>8&255]<<8|m[p&255])^a[l++];r=(m[g>>>24]<<24|m[k>>>16&255]<<16|m[p>>>8&255]<<8|m[f&255])^a[l++];s=(m[k>>>24]<<24|m[p>>>16&255]<<16|m[f>>>8&255]<<8|m[g&255])^a[l++];p=(m[p>>>24]<<24|m[f>>>16&255]<<16|m[g>>>8&255]<<8|m[k&255])^a[l++];c[e]=q;c[e+1]=r;c[e+2]=s;c[e+3]=p},keySize:8});q.AES=x._createHelper(r)})(); + +/* +CryptoJS v3.1.2 tripledes-min.js +code.google.com/p/crypto-js +(c) 2009-2013 by Jeff Mott. All rights reserved. +code.google.com/p/crypto-js/wiki/License +*/ +(function(){function j(b,c){var a=(this._lBlock>>>b^this._rBlock)&c;this._rBlock^=a;this._lBlock^=a<>>b^this._lBlock)&c;this._lBlock^=a;this._rBlock^=a<a;a++){var f=q[a]-1;c[a]=b[f>>>5]>>>31-f%32&1}b=this._subKeys=[];for(f=0;16>f;f++){for(var d=b[f]=[],e=r[f],a=0;24>a;a++)d[a/6|0]|=c[(p[a]-1+e)%28]<<31-a%6,d[4+(a/6|0)]|=c[28+(p[a+24]-1+e)%28]<<31-a%6;d[0]=d[0]<<1|d[0]>>>31;for(a=1;7>a;a++)d[a]>>>= +4*(a-1)+3;d[7]=d[7]<<5|d[7]>>>27}c=this._invSubKeys=[];for(a=0;16>a;a++)c[a]=b[15-a]},encryptBlock:function(b,c){this._doCryptBlock(b,c,this._subKeys)},decryptBlock:function(b,c){this._doCryptBlock(b,c,this._invSubKeys)},_doCryptBlock:function(b,c,a){this._lBlock=b[c];this._rBlock=b[c+1];j.call(this,4,252645135);j.call(this,16,65535);l.call(this,2,858993459);l.call(this,8,16711935);j.call(this,1,1431655765);for(var f=0;16>f;f++){for(var d=a[f],e=this._lBlock,h=this._rBlock,g=0,k=0;8>k;k++)g|=s[k][((h^ +d[k])&t[k])>>>0];this._lBlock=h;this._rBlock=e^g}a=this._lBlock;this._lBlock=this._rBlock;this._rBlock=a;j.call(this,1,1431655765);l.call(this,8,16711935);l.call(this,2,858993459);j.call(this,16,65535);j.call(this,4,252645135);b[c]=this._lBlock;b[c+1]=this._rBlock},keySize:2,ivSize:2,blockSize:2});h.DES=e._createHelper(m);g=g.TripleDES=e.extend({_doReset:function(){var b=this._key.words;this._des1=m.createEncryptor(n.create(b.slice(0,2)));this._des2=m.createEncryptor(n.create(b.slice(2,4)));this._des3= +m.createEncryptor(n.create(b.slice(4,6)))},encryptBlock:function(b,c){this._des1.encryptBlock(b,c);this._des2.decryptBlock(b,c);this._des3.encryptBlock(b,c)},decryptBlock:function(b,c){this._des3.decryptBlock(b,c);this._des2.encryptBlock(b,c);this._des1.decryptBlock(b,c)},keySize:6,ivSize:2,blockSize:2});h.TripleDES=e._createHelper(g)})(); + +/* +CryptoJS v3.1.2 enc-base64.js +code.google.com/p/crypto-js +(c) 2009-2013 by Jeff Mott. All rights reserved. +code.google.com/p/crypto-js/wiki/License +*/ +(function(){var h=CryptoJS,j=h.lib.WordArray;h.enc.Base64={stringify:function(b){var e=b.words,f=b.sigBytes,c=this._map;b.clamp();b=[];for(var a=0;a>>2]>>>24-8*(a%4)&255)<<16|(e[a+1>>>2]>>>24-8*((a+1)%4)&255)<<8|e[a+2>>>2]>>>24-8*((a+2)%4)&255,g=0;4>g&&a+0.75*g>>6*(3-g)&63));if(e=c.charAt(64))for(;b.length%4;)b.push(e);return b.join("")},parse:function(b){var e=b.length,f=this._map,c=f.charAt(64);c&&(c=b.indexOf(c),-1!=c&&(e=c));for(var c=[],a=0,d=0;d< +e;d++)if(d%4){var g=f.indexOf(b.charAt(d-1))<<2*(d%4),h=f.indexOf(b.charAt(d))>>>6-2*(d%4);c[a>>>2]|=(g|h)<<24-8*(a%4);a++}return j.create(c,a)},_map:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="}})(); + +/* +CryptoJS v3.1.2 md5.js +code.google.com/p/crypto-js +(c) 2009-2013 by Jeff Mott. All rights reserved. +code.google.com/p/crypto-js/wiki/License +*/ +(function(E){function h(a,f,g,j,p,h,k){a=a+(f&g|~f&j)+p+k;return(a<>>32-h)+f}function k(a,f,g,j,p,h,k){a=a+(f&j|g&~j)+p+k;return(a<>>32-h)+f}function l(a,f,g,j,h,k,l){a=a+(f^g^j)+h+l;return(a<>>32-k)+f}function n(a,f,g,j,h,k,l){a=a+(g^(f|~j))+h+l;return(a<>>32-k)+f}for(var r=CryptoJS,q=r.lib,F=q.WordArray,s=q.Hasher,q=r.algo,a=[],t=0;64>t;t++)a[t]=4294967296*E.abs(E.sin(t+1))|0;q=q.MD5=s.extend({_doReset:function(){this._hash=new F.init([1732584193,4023233417,2562383102,271733878])}, +_doProcessBlock:function(m,f){for(var g=0;16>g;g++){var j=f+g,p=m[j];m[j]=(p<<8|p>>>24)&16711935|(p<<24|p>>>8)&4278255360}var g=this._hash.words,j=m[f+0],p=m[f+1],q=m[f+2],r=m[f+3],s=m[f+4],t=m[f+5],u=m[f+6],v=m[f+7],w=m[f+8],x=m[f+9],y=m[f+10],z=m[f+11],A=m[f+12],B=m[f+13],C=m[f+14],D=m[f+15],b=g[0],c=g[1],d=g[2],e=g[3],b=h(b,c,d,e,j,7,a[0]),e=h(e,b,c,d,p,12,a[1]),d=h(d,e,b,c,q,17,a[2]),c=h(c,d,e,b,r,22,a[3]),b=h(b,c,d,e,s,7,a[4]),e=h(e,b,c,d,t,12,a[5]),d=h(d,e,b,c,u,17,a[6]),c=h(c,d,e,b,v,22,a[7]), +b=h(b,c,d,e,w,7,a[8]),e=h(e,b,c,d,x,12,a[9]),d=h(d,e,b,c,y,17,a[10]),c=h(c,d,e,b,z,22,a[11]),b=h(b,c,d,e,A,7,a[12]),e=h(e,b,c,d,B,12,a[13]),d=h(d,e,b,c,C,17,a[14]),c=h(c,d,e,b,D,22,a[15]),b=k(b,c,d,e,p,5,a[16]),e=k(e,b,c,d,u,9,a[17]),d=k(d,e,b,c,z,14,a[18]),c=k(c,d,e,b,j,20,a[19]),b=k(b,c,d,e,t,5,a[20]),e=k(e,b,c,d,y,9,a[21]),d=k(d,e,b,c,D,14,a[22]),c=k(c,d,e,b,s,20,a[23]),b=k(b,c,d,e,x,5,a[24]),e=k(e,b,c,d,C,9,a[25]),d=k(d,e,b,c,r,14,a[26]),c=k(c,d,e,b,w,20,a[27]),b=k(b,c,d,e,B,5,a[28]),e=k(e,b, +c,d,q,9,a[29]),d=k(d,e,b,c,v,14,a[30]),c=k(c,d,e,b,A,20,a[31]),b=l(b,c,d,e,t,4,a[32]),e=l(e,b,c,d,w,11,a[33]),d=l(d,e,b,c,z,16,a[34]),c=l(c,d,e,b,C,23,a[35]),b=l(b,c,d,e,p,4,a[36]),e=l(e,b,c,d,s,11,a[37]),d=l(d,e,b,c,v,16,a[38]),c=l(c,d,e,b,y,23,a[39]),b=l(b,c,d,e,B,4,a[40]),e=l(e,b,c,d,j,11,a[41]),d=l(d,e,b,c,r,16,a[42]),c=l(c,d,e,b,u,23,a[43]),b=l(b,c,d,e,x,4,a[44]),e=l(e,b,c,d,A,11,a[45]),d=l(d,e,b,c,D,16,a[46]),c=l(c,d,e,b,q,23,a[47]),b=n(b,c,d,e,j,6,a[48]),e=n(e,b,c,d,v,10,a[49]),d=n(d,e,b,c, +C,15,a[50]),c=n(c,d,e,b,t,21,a[51]),b=n(b,c,d,e,A,6,a[52]),e=n(e,b,c,d,r,10,a[53]),d=n(d,e,b,c,y,15,a[54]),c=n(c,d,e,b,p,21,a[55]),b=n(b,c,d,e,w,6,a[56]),e=n(e,b,c,d,D,10,a[57]),d=n(d,e,b,c,u,15,a[58]),c=n(c,d,e,b,B,21,a[59]),b=n(b,c,d,e,s,6,a[60]),e=n(e,b,c,d,z,10,a[61]),d=n(d,e,b,c,q,15,a[62]),c=n(c,d,e,b,x,21,a[63]);g[0]=g[0]+b|0;g[1]=g[1]+c|0;g[2]=g[2]+d|0;g[3]=g[3]+e|0},_doFinalize:function(){var a=this._data,f=a.words,g=8*this._nDataBytes,j=8*a.sigBytes;f[j>>>5]|=128<<24-j%32;var h=E.floor(g/ +4294967296);f[(j+64>>>9<<4)+15]=(h<<8|h>>>24)&16711935|(h<<24|h>>>8)&4278255360;f[(j+64>>>9<<4)+14]=(g<<8|g>>>24)&16711935|(g<<24|g>>>8)&4278255360;a.sigBytes=4*(f.length+1);this._process();a=this._hash;f=a.words;for(g=0;4>g;g++)j=f[g],f[g]=(j<<8|j>>>24)&16711935|(j<<24|j>>>8)&4278255360;return a},clone:function(){var a=s.clone.call(this);a._hash=this._hash.clone();return a}});r.MD5=s._createHelper(q);r.HmacMD5=s._createHmacHelper(q)})(Math); + +/* +CryptoJS v3.1.2 sha1-min.js +code.google.com/p/crypto-js +(c) 2009-2013 by Jeff Mott. All rights reserved. +code.google.com/p/crypto-js/wiki/License +*/ +(function(){var k=CryptoJS,b=k.lib,m=b.WordArray,l=b.Hasher,d=[],b=k.algo.SHA1=l.extend({_doReset:function(){this._hash=new m.init([1732584193,4023233417,2562383102,271733878,3285377520])},_doProcessBlock:function(n,p){for(var a=this._hash.words,e=a[0],f=a[1],h=a[2],j=a[3],b=a[4],c=0;80>c;c++){if(16>c)d[c]=n[p+c]|0;else{var g=d[c-3]^d[c-8]^d[c-14]^d[c-16];d[c]=g<<1|g>>>31}g=(e<<5|e>>>27)+b+d[c];g=20>c?g+((f&h|~f&j)+1518500249):40>c?g+((f^h^j)+1859775393):60>c?g+((f&h|f&j|h&j)-1894007588):g+((f^h^ +j)-899497514);b=j;j=h;h=f<<30|f>>>2;f=e;e=g}a[0]=a[0]+e|0;a[1]=a[1]+f|0;a[2]=a[2]+h|0;a[3]=a[3]+j|0;a[4]=a[4]+b|0},_doFinalize:function(){var b=this._data,d=b.words,a=8*this._nDataBytes,e=8*b.sigBytes;d[e>>>5]|=128<<24-e%32;d[(e+64>>>9<<4)+14]=Math.floor(a/4294967296);d[(e+64>>>9<<4)+15]=a;b.sigBytes=4*d.length;this._process();return this._hash},clone:function(){var b=l.clone.call(this);b._hash=this._hash.clone();return b}});k.SHA1=l._createHelper(b);k.HmacSHA1=l._createHmacHelper(b)})(); + +/* +CryptoJS v3.1.2 sha256-min.js +code.google.com/p/crypto-js +(c) 2009-2013 by Jeff Mott. All rights reserved. +code.google.com/p/crypto-js/wiki/License +*/ +(function(k){for(var g=CryptoJS,h=g.lib,v=h.WordArray,j=h.Hasher,h=g.algo,s=[],t=[],u=function(q){return 4294967296*(q-(q|0))|0},l=2,b=0;64>b;){var d;a:{d=l;for(var w=k.sqrt(d),r=2;r<=w;r++)if(!(d%r)){d=!1;break a}d=!0}d&&(8>b&&(s[b]=u(k.pow(l,0.5))),t[b]=u(k.pow(l,1/3)),b++);l++}var n=[],h=h.SHA256=j.extend({_doReset:function(){this._hash=new v.init(s.slice(0))},_doProcessBlock:function(q,h){for(var a=this._hash.words,c=a[0],d=a[1],b=a[2],k=a[3],f=a[4],g=a[5],j=a[6],l=a[7],e=0;64>e;e++){if(16>e)n[e]= +q[h+e]|0;else{var m=n[e-15],p=n[e-2];n[e]=((m<<25|m>>>7)^(m<<14|m>>>18)^m>>>3)+n[e-7]+((p<<15|p>>>17)^(p<<13|p>>>19)^p>>>10)+n[e-16]}m=l+((f<<26|f>>>6)^(f<<21|f>>>11)^(f<<7|f>>>25))+(f&g^~f&j)+t[e]+n[e];p=((c<<30|c>>>2)^(c<<19|c>>>13)^(c<<10|c>>>22))+(c&d^c&b^d&b);l=j;j=g;g=f;f=k+m|0;k=b;b=d;d=c;c=m+p|0}a[0]=a[0]+c|0;a[1]=a[1]+d|0;a[2]=a[2]+b|0;a[3]=a[3]+k|0;a[4]=a[4]+f|0;a[5]=a[5]+g|0;a[6]=a[6]+j|0;a[7]=a[7]+l|0},_doFinalize:function(){var d=this._data,b=d.words,a=8*this._nDataBytes,c=8*d.sigBytes; +b[c>>>5]|=128<<24-c%32;b[(c+64>>>9<<4)+14]=k.floor(a/4294967296);b[(c+64>>>9<<4)+15]=a;d.sigBytes=4*b.length;this._process();return this._hash},clone:function(){var b=j.clone.call(this);b._hash=this._hash.clone();return b}});g.SHA256=j._createHelper(h);g.HmacSHA256=j._createHmacHelper(h)})(Math); + +/* +CryptoJS v3.1.2 sha224-min.js +code.google.com/p/crypto-js +(c) 2009-2013 by Jeff Mott. All rights reserved. +code.google.com/p/crypto-js/wiki/License +*/ +(function(){var b=CryptoJS,d=b.lib.WordArray,a=b.algo,c=a.SHA256,a=a.SHA224=c.extend({_doReset:function(){this._hash=new d.init([3238371032,914150663,812702999,4144912697,4290775857,1750603025,1694076839,3204075428])},_doFinalize:function(){var a=c._doFinalize.call(this);a.sigBytes-=4;return a}});b.SHA224=c._createHelper(a);b.HmacSHA224=c._createHmacHelper(a)})(); + +/* +CryptoJS v3.1.2 sha512-min.js +code.google.com/p/crypto-js +(c) 2009-2013 by Jeff Mott. All rights reserved. +code.google.com/p/crypto-js/wiki/License +*/ +(function(){function a(){return d.create.apply(d,arguments)}for(var n=CryptoJS,r=n.lib.Hasher,e=n.x64,d=e.Word,T=e.WordArray,e=n.algo,ea=[a(1116352408,3609767458),a(1899447441,602891725),a(3049323471,3964484399),a(3921009573,2173295548),a(961987163,4081628472),a(1508970993,3053834265),a(2453635748,2937671579),a(2870763221,3664609560),a(3624381080,2734883394),a(310598401,1164996542),a(607225278,1323610764),a(1426881987,3590304994),a(1925078388,4068182383),a(2162078206,991336113),a(2614888103,633803317), +a(3248222580,3479774868),a(3835390401,2666613458),a(4022224774,944711139),a(264347078,2341262773),a(604807628,2007800933),a(770255983,1495990901),a(1249150122,1856431235),a(1555081692,3175218132),a(1996064986,2198950837),a(2554220882,3999719339),a(2821834349,766784016),a(2952996808,2566594879),a(3210313671,3203337956),a(3336571891,1034457026),a(3584528711,2466948901),a(113926993,3758326383),a(338241895,168717936),a(666307205,1188179964),a(773529912,1546045734),a(1294757372,1522805485),a(1396182291, +2643833823),a(1695183700,2343527390),a(1986661051,1014477480),a(2177026350,1206759142),a(2456956037,344077627),a(2730485921,1290863460),a(2820302411,3158454273),a(3259730800,3505952657),a(3345764771,106217008),a(3516065817,3606008344),a(3600352804,1432725776),a(4094571909,1467031594),a(275423344,851169720),a(430227734,3100823752),a(506948616,1363258195),a(659060556,3750685593),a(883997877,3785050280),a(958139571,3318307427),a(1322822218,3812723403),a(1537002063,2003034995),a(1747873779,3602036899), +a(1955562222,1575990012),a(2024104815,1125592928),a(2227730452,2716904306),a(2361852424,442776044),a(2428436474,593698344),a(2756734187,3733110249),a(3204031479,2999351573),a(3329325298,3815920427),a(3391569614,3928383900),a(3515267271,566280711),a(3940187606,3454069534),a(4118630271,4000239992),a(116418474,1914138554),a(174292421,2731055270),a(289380356,3203993006),a(460393269,320620315),a(685471733,587496836),a(852142971,1086792851),a(1017036298,365543100),a(1126000580,2618297676),a(1288033470, +3409855158),a(1501505948,4234509866),a(1607167915,987167468),a(1816402316,1246189591)],v=[],w=0;80>w;w++)v[w]=a();e=e.SHA512=r.extend({_doReset:function(){this._hash=new T.init([new d.init(1779033703,4089235720),new d.init(3144134277,2227873595),new d.init(1013904242,4271175723),new d.init(2773480762,1595750129),new d.init(1359893119,2917565137),new d.init(2600822924,725511199),new d.init(528734635,4215389547),new d.init(1541459225,327033209)])},_doProcessBlock:function(a,d){for(var f=this._hash.words, +F=f[0],e=f[1],n=f[2],r=f[3],G=f[4],H=f[5],I=f[6],f=f[7],w=F.high,J=F.low,X=e.high,K=e.low,Y=n.high,L=n.low,Z=r.high,M=r.low,$=G.high,N=G.low,aa=H.high,O=H.low,ba=I.high,P=I.low,ca=f.high,Q=f.low,k=w,g=J,z=X,x=K,A=Y,y=L,U=Z,B=M,l=$,h=N,R=aa,C=O,S=ba,D=P,V=ca,E=Q,m=0;80>m;m++){var s=v[m];if(16>m)var j=s.high=a[d+2*m]|0,b=s.low=a[d+2*m+1]|0;else{var j=v[m-15],b=j.high,p=j.low,j=(b>>>1|p<<31)^(b>>>8|p<<24)^b>>>7,p=(p>>>1|b<<31)^(p>>>8|b<<24)^(p>>>7|b<<25),u=v[m-2],b=u.high,c=u.low,u=(b>>>19|c<<13)^(b<< +3|c>>>29)^b>>>6,c=(c>>>19|b<<13)^(c<<3|b>>>29)^(c>>>6|b<<26),b=v[m-7],W=b.high,t=v[m-16],q=t.high,t=t.low,b=p+b.low,j=j+W+(b>>>0

    >>0?1:0),b=b+c,j=j+u+(b>>>0>>0?1:0),b=b+t,j=j+q+(b>>>0>>0?1:0);s.high=j;s.low=b}var W=l&R^~l&S,t=h&C^~h&D,s=k&z^k&A^z&A,T=g&x^g&y^x&y,p=(k>>>28|g<<4)^(k<<30|g>>>2)^(k<<25|g>>>7),u=(g>>>28|k<<4)^(g<<30|k>>>2)^(g<<25|k>>>7),c=ea[m],fa=c.high,da=c.low,c=E+((h>>>14|l<<18)^(h>>>18|l<<14)^(h<<23|l>>>9)),q=V+((l>>>14|h<<18)^(l>>>18|h<<14)^(l<<23|h>>>9))+(c>>>0>>0?1: +0),c=c+t,q=q+W+(c>>>0>>0?1:0),c=c+da,q=q+fa+(c>>>0>>0?1:0),c=c+b,q=q+j+(c>>>0>>0?1:0),b=u+T,s=p+s+(b>>>0>>0?1:0),V=S,E=D,S=R,D=C,R=l,C=h,h=B+c|0,l=U+q+(h>>>0>>0?1:0)|0,U=A,B=y,A=z,y=x,z=k,x=g,g=c+b|0,k=q+s+(g>>>0>>0?1:0)|0}J=F.low=J+g;F.high=w+k+(J>>>0>>0?1:0);K=e.low=K+x;e.high=X+z+(K>>>0>>0?1:0);L=n.low=L+y;n.high=Y+A+(L>>>0>>0?1:0);M=r.low=M+B;r.high=Z+U+(M>>>0>>0?1:0);N=G.low=N+h;G.high=$+l+(N>>>0>>0?1:0);O=H.low=O+C;H.high=aa+R+(O>>>0>>0?1:0);P=I.low=P+D; +I.high=ba+S+(P>>>0>>0?1:0);Q=f.low=Q+E;f.high=ca+V+(Q>>>0>>0?1:0)},_doFinalize:function(){var a=this._data,d=a.words,f=8*this._nDataBytes,e=8*a.sigBytes;d[e>>>5]|=128<<24-e%32;d[(e+128>>>10<<5)+30]=Math.floor(f/4294967296);d[(e+128>>>10<<5)+31]=f;a.sigBytes=4*d.length;this._process();return this._hash.toX32()},clone:function(){var a=r.clone.call(this);a._hash=this._hash.clone();return a},blockSize:32});n.SHA512=r._createHelper(e);n.HmacSHA512=r._createHmacHelper(e)})(); + +/* +CryptoJS v3.1.2 sha384-min.js +code.google.com/p/crypto-js +(c) 2009-2013 by Jeff Mott. All rights reserved. +code.google.com/p/crypto-js/wiki/License +*/ +(function(){var c=CryptoJS,a=c.x64,b=a.Word,e=a.WordArray,a=c.algo,d=a.SHA512,a=a.SHA384=d.extend({_doReset:function(){this._hash=new e.init([new b.init(3418070365,3238371032),new b.init(1654270250,914150663),new b.init(2438529370,812702999),new b.init(355462360,4144912697),new b.init(1731405415,4290775857),new b.init(2394180231,1750603025),new b.init(3675008525,1694076839),new b.init(1203062813,3204075428)])},_doFinalize:function(){var a=d._doFinalize.call(this);a.sigBytes-=16;return a}});c.SHA384= +d._createHelper(a);c.HmacSHA384=d._createHmacHelper(a)})(); + +/* +CryptoJS v3.1.2 ripemd160-min.js +code.google.com/p/crypto-js +(c) 2009-2013 by Jeff Mott. All rights reserved. +code.google.com/p/crypto-js/wiki/License +*/ +/* + +(c) 2012 by Cedric Mesnil. All rights reserved. + +Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: + + - Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. + - Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +*/ +(function(){var q=CryptoJS,d=q.lib,n=d.WordArray,p=d.Hasher,d=q.algo,x=n.create([0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,7,4,13,1,10,6,15,3,12,0,9,5,2,14,11,8,3,10,14,4,9,15,8,1,2,7,0,6,13,11,5,12,1,9,11,10,0,8,12,4,13,3,7,15,14,5,6,2,4,0,5,9,7,12,2,10,14,1,3,8,11,6,15,13]),y=n.create([5,14,7,0,9,2,11,4,13,6,15,8,1,10,3,12,6,11,3,7,0,13,5,10,14,15,8,12,4,9,1,2,15,5,1,3,7,14,6,9,11,8,12,2,10,0,4,13,8,6,4,1,3,11,15,0,5,12,2,13,9,7,10,14,12,15,10,4,1,5,8,7,6,2,13,14,0,3,9,11]),z=n.create([11,14,15,12, +5,8,7,9,11,13,14,15,6,7,9,8,7,6,8,13,11,9,7,15,7,12,15,9,11,7,13,12,11,13,6,7,14,9,13,15,14,8,13,6,5,12,7,5,11,12,14,15,14,15,9,8,9,14,5,6,8,6,5,12,9,15,5,11,6,8,13,12,5,12,13,14,11,8,5,6]),A=n.create([8,9,9,11,13,15,15,5,7,7,8,11,14,14,12,6,9,13,15,7,12,8,9,11,7,7,12,7,6,15,13,11,9,7,15,11,8,6,6,14,12,13,5,14,13,13,7,5,15,5,8,11,14,14,6,14,6,9,12,9,12,5,15,8,8,5,12,9,12,5,14,6,8,13,6,5,15,13,11,11]),B=n.create([0,1518500249,1859775393,2400959708,2840853838]),C=n.create([1352829926,1548603684,1836072691, +2053994217,0]),d=d.RIPEMD160=p.extend({_doReset:function(){this._hash=n.create([1732584193,4023233417,2562383102,271733878,3285377520])},_doProcessBlock:function(e,v){for(var b=0;16>b;b++){var c=v+b,f=e[c];e[c]=(f<<8|f>>>24)&16711935|(f<<24|f>>>8)&4278255360}var c=this._hash.words,f=B.words,d=C.words,n=x.words,q=y.words,p=z.words,w=A.words,t,g,h,j,r,u,k,l,m,s;u=t=c[0];k=g=c[1];l=h=c[2];m=j=c[3];s=r=c[4];for(var a,b=0;80>b;b+=1)a=t+e[v+n[b]]|0,a=16>b?a+((g^h^j)+f[0]):32>b?a+((g&h|~g&j)+f[1]):48>b? +a+(((g|~h)^j)+f[2]):64>b?a+((g&j|h&~j)+f[3]):a+((g^(h|~j))+f[4]),a|=0,a=a<>>32-p[b],a=a+r|0,t=r,r=j,j=h<<10|h>>>22,h=g,g=a,a=u+e[v+q[b]]|0,a=16>b?a+((k^(l|~m))+d[0]):32>b?a+((k&m|l&~m)+d[1]):48>b?a+(((k|~l)^m)+d[2]):64>b?a+((k&l|~k&m)+d[3]):a+((k^l^m)+d[4]),a|=0,a=a<>>32-w[b],a=a+s|0,u=s,s=m,m=l<<10|l>>>22,l=k,k=a;a=c[1]+h+m|0;c[1]=c[2]+j+s|0;c[2]=c[3]+r+u|0;c[3]=c[4]+t+k|0;c[4]=c[0]+g+l|0;c[0]=a},_doFinalize:function(){var e=this._data,d=e.words,b=8*this._nDataBytes,c=8*e.sigBytes; +d[c>>>5]|=128<<24-c%32;d[(c+64>>>9<<4)+14]=(b<<8|b>>>24)&16711935|(b<<24|b>>>8)&4278255360;e.sigBytes=4*(d.length+1);this._process();e=this._hash;d=e.words;for(b=0;5>b;b++)c=d[b],d[b]=(c<<8|c>>>24)&16711935|(c<<24|c>>>8)&4278255360;return e},clone:function(){var d=p.clone.call(this);d._hash=this._hash.clone();return d}});q.RIPEMD160=p._createHelper(d);q.HmacRIPEMD160=p._createHmacHelper(d)})(Math); + +/* +CryptoJS v3.1.2 hmac.js +code.google.com/p/crypto-js +(c) 2009-2013 by Jeff Mott. All rights reserved. +code.google.com/p/crypto-js/wiki/License +*/ +(function(){var c=CryptoJS,k=c.enc.Utf8;c.algo.HMAC=c.lib.Base.extend({init:function(a,b){a=this._hasher=new a.init;"string"==typeof b&&(b=k.parse(b));var c=a.blockSize,e=4*c;b.sigBytes>e&&(b=a.finalize(b));b.clamp();for(var f=this._oKey=b.clone(),g=this._iKey=b.clone(),h=f.words,j=g.words,d=0;d>6)+b64map.charAt(e&63)}if(b+1==d.length){e=parseInt(d.substring(b,b+1),16);a+=b64map.charAt(e<<2)}else{if(b+2==d.length){e=parseInt(d.substring(b,b+2),16);a+=b64map.charAt(e>>2)+b64map.charAt((e&3)<<4)}}if(b64pad){while((a.length&3)>0){a+=b64pad}}return a}function b64tohex(f){var d="";var e;var b=0;var c;var a;for(e=0;e>2);c=a&3;b=1}else{if(b==1){d+=int2char((c<<2)|(a>>4));c=a&15;b=2}else{if(b==2){d+=int2char(c);d+=int2char(a>>2);c=a&3;b=3}else{d+=int2char((c<<2)|(a>>4));d+=int2char(a&15);b=0}}}}if(b==1){d+=int2char(c<<2)}return d}function b64toBA(e){var d=b64tohex(e);var c;var b=new Array();for(c=0;2*c=0){var d=a*this[f++]+b[e]+h;h=Math.floor(d/67108864);b[e++]=d&67108863}return h}function am2(f,q,r,e,o,a){var k=q&32767,p=q>>15;while(--a>=0){var d=this[f]&32767;var g=this[f++]>>15;var b=p*d+g*k;d=k*d+((b&32767)<<15)+r[e]+(o&1073741823);o=(d>>>30)+(b>>>15)+p*g+(o>>>30);r[e++]=d&1073741823}return o}function am3(f,q,r,e,o,a){var k=q&16383,p=q>>14;while(--a>=0){var d=this[f]&16383;var g=this[f++]>>14;var b=p*d+g*k;d=k*d+((b&16383)<<14)+r[e]+o;o=(d>>28)+(b>>14)+p*g;r[e++]=d&268435455}return o}if(j_lm&&(navigator.appName=="Microsoft Internet Explorer")){BigInteger.prototype.am=am2;dbits=30}else{if(j_lm&&(navigator.appName!="Netscape")){BigInteger.prototype.am=am1;dbits=26}else{BigInteger.prototype.am=am3;dbits=28}}BigInteger.prototype.DB=dbits;BigInteger.prototype.DM=((1<=0;--a){b[a]=this[a]}b.t=this.t;b.s=this.s}function bnpFromInt(a){this.t=1;this.s=(a<0)?-1:0;if(a>0){this[0]=a}else{if(a<-1){this[0]=a+this.DV}else{this.t=0}}}function nbv(a){var b=nbi();b.fromInt(a);return b}function bnpFromString(h,c){var e;if(c==16){e=4}else{if(c==8){e=3}else{if(c==256){e=8}else{if(c==2){e=1}else{if(c==32){e=5}else{if(c==4){e=2}else{this.fromRadix(h,c);return}}}}}}this.t=0;this.s=0;var g=h.length,d=false,f=0;while(--g>=0){var a=(e==8)?h[g]&255:intAt(h,g);if(a<0){if(h.charAt(g)=="-"){d=true}continue}d=false;if(f==0){this[this.t++]=a}else{if(f+e>this.DB){this[this.t-1]|=(a&((1<<(this.DB-f))-1))<>(this.DB-f))}else{this[this.t-1]|=a<=this.DB){f-=this.DB}}if(e==8&&(h[0]&128)!=0){this.s=-1;if(f>0){this[this.t-1]|=((1<<(this.DB-f))-1)<0&&this[this.t-1]==a){--this.t}}function bnToString(c){if(this.s<0){return"-"+this.negate().toString(c)}var e;if(c==16){e=4}else{if(c==8){e=3}else{if(c==2){e=1}else{if(c==32){e=5}else{if(c==4){e=2}else{return this.toRadix(c)}}}}}var g=(1<0){if(j>j)>0){a=true;h=int2char(l)}while(f>=0){if(j>(j+=this.DB-e)}else{l=(this[f]>>(j-=e))&g;if(j<=0){j+=this.DB;--f}}if(l>0){a=true}if(a){h+=int2char(l)}}}return a?h:"0"}function bnNegate(){var a=nbi();BigInteger.ZERO.subTo(this,a);return a}function bnAbs(){return(this.s<0)?this.negate():this}function bnCompareTo(b){var d=this.s-b.s;if(d!=0){return d}var c=this.t;d=c-b.t;if(d!=0){return(this.s<0)?-d:d}while(--c>=0){if((d=this[c]-b[c])!=0){return d}}return 0}function nbits(a){var c=1,b;if((b=a>>>16)!=0){a=b;c+=16}if((b=a>>8)!=0){a=b;c+=8}if((b=a>>4)!=0){a=b;c+=4}if((b=a>>2)!=0){a=b;c+=2}if((b=a>>1)!=0){a=b;c+=1}return c}function bnBitLength(){if(this.t<=0){return 0}return this.DB*(this.t-1)+nbits(this[this.t-1]^(this.s&this.DM))}function bnpDLShiftTo(c,b){var a;for(a=this.t-1;a>=0;--a){b[a+c]=this[a]}for(a=c-1;a>=0;--a){b[a]=0}b.t=this.t+c;b.s=this.s}function bnpDRShiftTo(c,b){for(var a=c;a=0;--d){e[d+f+1]=(this[d]>>a)|h;h=(this[d]&g)<=0;--d){e[d]=0}e[f]=h;e.t=this.t+f+1;e.s=this.s;e.clamp()}function bnpRShiftTo(g,d){d.s=this.s;var e=Math.floor(g/this.DB);if(e>=this.t){d.t=0;return}var b=g%this.DB;var a=this.DB-b;var f=(1<>b;for(var c=e+1;c>b}if(b>0){d[this.t-e-1]|=(this.s&f)<>=this.DB}if(d.t>=this.DB}g+=this.s}else{g+=this.s;while(e>=this.DB}g-=d.s}f.s=(g<0)?-1:0;if(g<-1){f[e++]=this.DV+g}else{if(g>0){f[e++]=g}}f.t=e;f.clamp()}function bnpMultiplyTo(c,e){var b=this.abs(),f=c.abs();var d=b.t;e.t=d+f.t;while(--d>=0){e[d]=0}for(d=0;d=0){d[b]=0}for(b=0;b=a.DV){d[b+a.t]-=a.DV;d[b+a.t+1]=1}}if(d.t>0){d[d.t-1]+=a.am(b,a[b],d,2*b,0,1)}d.s=0;d.clamp()}function bnpDivRemTo(n,h,g){var w=n.abs();if(w.t<=0){return}var k=this.abs();if(k.t0){w.lShiftTo(v,d);k.lShiftTo(v,g)}else{w.copyTo(d);k.copyTo(g)}var p=d.t;var b=d[p-1];if(b==0){return}var o=b*(1<1)?d[p-2]>>this.F2:0);var A=this.FV/o,z=(1<=0){g[g.t++]=1;g.subTo(f,g)}BigInteger.ONE.dlShiftTo(p,f);f.subTo(d,d);while(d.t=0){var c=(g[--u]==b)?this.DM:Math.floor(g[u]*A+(g[u-1]+x)*z);if((g[u]+=d.am(0,c,g,s,0,p))0){g.rShiftTo(v,g)}if(a<0){BigInteger.ZERO.subTo(g,g)}}function bnMod(b){var c=nbi();this.abs().divRemTo(b,null,c);if(this.s<0&&c.compareTo(BigInteger.ZERO)>0){b.subTo(c,c)}return c}function Classic(a){this.m=a}function cConvert(a){if(a.s<0||a.compareTo(this.m)>=0){return a.mod(this.m)}else{return a}}function cRevert(a){return a}function cReduce(a){a.divRemTo(this.m,null,a)}function cMulTo(a,c,b){a.multiplyTo(c,b);this.reduce(b)}function cSqrTo(a,b){a.squareTo(b);this.reduce(b)}Classic.prototype.convert=cConvert;Classic.prototype.revert=cRevert;Classic.prototype.reduce=cReduce;Classic.prototype.mulTo=cMulTo;Classic.prototype.sqrTo=cSqrTo;function bnpInvDigit(){if(this.t<1){return 0}var a=this[0];if((a&1)==0){return 0}var b=a&3;b=(b*(2-(a&15)*b))&15;b=(b*(2-(a&255)*b))&255;b=(b*(2-(((a&65535)*b)&65535)))&65535;b=(b*(2-a*b%this.DV))%this.DV;return(b>0)?this.DV-b:-b}function Montgomery(a){this.m=a;this.mp=a.invDigit();this.mpl=this.mp&32767;this.mph=this.mp>>15;this.um=(1<<(a.DB-15))-1;this.mt2=2*a.t}function montConvert(a){var b=nbi();a.abs().dlShiftTo(this.m.t,b);b.divRemTo(this.m,null,b);if(a.s<0&&b.compareTo(BigInteger.ZERO)>0){this.m.subTo(b,b)}return b}function montRevert(a){var b=nbi();a.copyTo(b);this.reduce(b);return b}function montReduce(a){while(a.t<=this.mt2){a[a.t++]=0}for(var c=0;c>15)*this.mpl)&this.um)<<15))&a.DM;b=c+this.m.t;a[b]+=this.m.am(0,d,a,c,0,this.m.t);while(a[b]>=a.DV){a[b]-=a.DV;a[++b]++}}a.clamp();a.drShiftTo(this.m.t,a);if(a.compareTo(this.m)>=0){a.subTo(this.m,a)}}function montSqrTo(a,b){a.squareTo(b);this.reduce(b)}function montMulTo(a,c,b){a.multiplyTo(c,b);this.reduce(b)}Montgomery.prototype.convert=montConvert;Montgomery.prototype.revert=montRevert;Montgomery.prototype.reduce=montReduce;Montgomery.prototype.mulTo=montMulTo;Montgomery.prototype.sqrTo=montSqrTo;function bnpIsEven(){return((this.t>0)?(this[0]&1):this.s)==0}function bnpExp(h,j){if(h>4294967295||h<1){return BigInteger.ONE}var f=nbi(),a=nbi(),d=j.convert(this),c=nbits(h)-1;d.copyTo(f);while(--c>=0){j.sqrTo(f,a);if((h&(1<0){j.mulTo(a,d,f)}else{var b=f;f=a;a=b}}return j.revert(f)}function bnModPowInt(b,a){var c;if(b<256||a.isEven()){c=new Classic(a)}else{c=new Montgomery(a)}return this.exp(b,c)}BigInteger.prototype.copyTo=bnpCopyTo;BigInteger.prototype.fromInt=bnpFromInt;BigInteger.prototype.fromString=bnpFromString;BigInteger.prototype.clamp=bnpClamp;BigInteger.prototype.dlShiftTo=bnpDLShiftTo;BigInteger.prototype.drShiftTo=bnpDRShiftTo;BigInteger.prototype.lShiftTo=bnpLShiftTo;BigInteger.prototype.rShiftTo=bnpRShiftTo;BigInteger.prototype.subTo=bnpSubTo;BigInteger.prototype.multiplyTo=bnpMultiplyTo;BigInteger.prototype.squareTo=bnpSquareTo;BigInteger.prototype.divRemTo=bnpDivRemTo;BigInteger.prototype.invDigit=bnpInvDigit;BigInteger.prototype.isEven=bnpIsEven;BigInteger.prototype.exp=bnpExp;BigInteger.prototype.toString=bnToString;BigInteger.prototype.negate=bnNegate;BigInteger.prototype.abs=bnAbs;BigInteger.prototype.compareTo=bnCompareTo;BigInteger.prototype.bitLength=bnBitLength;BigInteger.prototype.mod=bnMod;BigInteger.prototype.modPowInt=bnModPowInt;BigInteger.ZERO=nbv(0);BigInteger.ONE=nbv(1); +/*! (c) Tom Wu | http://www-cs-students.stanford.edu/~tjw/jsbn/ + */ +function bnClone(){var a=nbi();this.copyTo(a);return a}function bnIntValue(){if(this.s<0){if(this.t==1){return this[0]-this.DV}else{if(this.t==0){return -1}}}else{if(this.t==1){return this[0]}else{if(this.t==0){return 0}}}return((this[1]&((1<<(32-this.DB))-1))<>24}function bnShortValue(){return(this.t==0)?this.s:(this[0]<<16)>>16}function bnpChunkSize(a){return Math.floor(Math.LN2*this.DB/Math.log(a))}function bnSigNum(){if(this.s<0){return -1}else{if(this.t<=0||(this.t==1&&this[0]<=0)){return 0}else{return 1}}}function bnpToRadix(c){if(c==null){c=10}if(this.signum()==0||c<2||c>36){return"0"}var f=this.chunkSize(c);var e=Math.pow(c,f);var i=nbv(e),j=nbi(),h=nbi(),g="";this.divRemTo(i,j,h);while(j.signum()>0){g=(e+h.intValue()).toString(c).substr(1)+g;j.divRemTo(i,j,h)}return h.intValue().toString(c)+g}function bnpFromRadix(m,h){this.fromInt(0);if(h==null){h=10}var f=this.chunkSize(h);var g=Math.pow(h,f),e=false,a=0,l=0;for(var c=0;c=f){this.dMultiply(g);this.dAddOffset(l,0);a=0;l=0}}if(a>0){this.dMultiply(Math.pow(h,a));this.dAddOffset(l,0)}if(e){BigInteger.ZERO.subTo(this,this)}}function bnpFromNumber(f,e,h){if("number"==typeof e){if(f<2){this.fromInt(1)}else{this.fromNumber(f,h);if(!this.testBit(f-1)){this.bitwiseTo(BigInteger.ONE.shiftLeft(f-1),op_or,this)}if(this.isEven()){this.dAddOffset(1,0)}while(!this.isProbablePrime(e)){this.dAddOffset(2,0);if(this.bitLength()>f){this.subTo(BigInteger.ONE.shiftLeft(f-1),this)}}}}else{var d=new Array(),g=f&7;d.length=(f>>3)+1;e.nextBytes(d);if(g>0){d[0]&=((1<0){if(e>e)!=(this.s&this.DM)>>e){c[a++]=f|(this.s<<(this.DB-e))}while(b>=0){if(e<8){f=(this[b]&((1<>(e+=this.DB-8)}else{f=(this[b]>>(e-=8))&255;if(e<=0){e+=this.DB;--b}}if((f&128)!=0){f|=-256}if(a==0&&(this.s&128)!=(f&128)){++a}if(a>0||f!=this.s){c[a++]=f}}}return c}function bnEquals(b){return(this.compareTo(b)==0)}function bnMin(b){return(this.compareTo(b)<0)?this:b}function bnMax(b){return(this.compareTo(b)>0)?this:b}function bnpBitwiseTo(c,h,e){var d,g,b=Math.min(c.t,this.t);for(d=0;d>=16;b+=16}if((a&255)==0){a>>=8;b+=8}if((a&15)==0){a>>=4;b+=4}if((a&3)==0){a>>=2;b+=2}if((a&1)==0){++b}return b}function bnGetLowestSetBit(){for(var a=0;a=this.t){return(this.s!=0)}return((this[a]&(1<<(b%this.DB)))!=0)}function bnpChangeBit(c,b){var a=BigInteger.ONE.shiftLeft(c);this.bitwiseTo(a,b,a);return a}function bnSetBit(a){return this.changeBit(a,op_or)}function bnClearBit(a){return this.changeBit(a,op_andnot)}function bnFlipBit(a){return this.changeBit(a,op_xor)}function bnpAddTo(d,f){var e=0,g=0,b=Math.min(d.t,this.t);while(e>=this.DB}if(d.t>=this.DB}g+=this.s}else{g+=this.s;while(e>=this.DB}g+=d.s}f.s=(g<0)?-1:0;if(g>0){f[e++]=g}else{if(g<-1){f[e++]=this.DV+g}}f.t=e;f.clamp()}function bnAdd(b){var c=nbi();this.addTo(b,c);return c}function bnSubtract(b){var c=nbi();this.subTo(b,c);return c}function bnMultiply(b){var c=nbi();this.multiplyTo(b,c);return c}function bnSquare(){var a=nbi();this.squareTo(a);return a}function bnDivide(b){var c=nbi();this.divRemTo(b,c,null);return c}function bnRemainder(b){var c=nbi();this.divRemTo(b,null,c);return c}function bnDivideAndRemainder(b){var d=nbi(),c=nbi();this.divRemTo(b,d,c);return new Array(d,c)}function bnpDMultiply(a){this[this.t]=this.am(0,a-1,this,0,0,this.t);++this.t;this.clamp()}function bnpDAddOffset(b,a){if(b==0){return}while(this.t<=a){this[this.t++]=0}this[a]+=b;while(this[a]>=this.DV){this[a]-=this.DV;if(++a>=this.t){this[this.t++]=0}++this[a]}}function NullExp(){}function nNop(a){return a}function nMulTo(a,c,b){a.multiplyTo(c,b)}function nSqrTo(a,b){a.squareTo(b)}NullExp.prototype.convert=nNop;NullExp.prototype.revert=nNop;NullExp.prototype.mulTo=nMulTo;NullExp.prototype.sqrTo=nSqrTo;function bnPow(a){return this.exp(a,new NullExp())}function bnpMultiplyLowerTo(b,f,e){var d=Math.min(this.t+b.t,f);e.s=0;e.t=d;while(d>0){e[--d]=0}var c;for(c=e.t-this.t;d=0){d[c]=0}for(c=Math.max(e-this.t,0);c2*this.m.t){return a.mod(this.m)}else{if(a.compareTo(this.m)<0){return a}else{var b=nbi();a.copyTo(b);this.reduce(b);return b}}}function barrettRevert(a){return a}function barrettReduce(a){a.drShiftTo(this.m.t-1,this.r2);if(a.t>this.m.t+1){a.t=this.m.t+1;a.clamp()}this.mu.multiplyUpperTo(this.r2,this.m.t+1,this.q3);this.m.multiplyLowerTo(this.q3,this.m.t+1,this.r2);while(a.compareTo(this.r2)<0){a.dAddOffset(1,this.m.t+1)}a.subTo(this.r2,a);while(a.compareTo(this.m)>=0){a.subTo(this.m,a)}}function barrettSqrTo(a,b){a.squareTo(b);this.reduce(b)}function barrettMulTo(a,c,b){a.multiplyTo(c,b);this.reduce(b)}Barrett.prototype.convert=barrettConvert;Barrett.prototype.revert=barrettRevert;Barrett.prototype.reduce=barrettReduce;Barrett.prototype.mulTo=barrettMulTo;Barrett.prototype.sqrTo=barrettSqrTo;function bnModPow(q,f){var o=q.bitLength(),h,b=nbv(1),v;if(o<=0){return b}else{if(o<18){h=1}else{if(o<48){h=3}else{if(o<144){h=4}else{if(o<768){h=5}else{h=6}}}}}if(o<8){v=new Classic(f)}else{if(f.isEven()){v=new Barrett(f)}else{v=new Montgomery(f)}}var p=new Array(),d=3,s=h-1,a=(1<1){var A=nbi();v.sqrTo(p[1],A);while(d<=a){p[d]=nbi();v.mulTo(A,p[d-2],p[d]);d+=2}}var l=q.t-1,x,u=true,c=nbi(),y;o=nbits(q[l])-1;while(l>=0){if(o>=s){x=(q[l]>>(o-s))&a}else{x=(q[l]&((1<<(o+1))-1))<<(s-o);if(l>0){x|=q[l-1]>>(this.DB+o-s)}}d=h;while((x&1)==0){x>>=1;--d}if((o-=d)<0){o+=this.DB;--l}if(u){p[x].copyTo(b);u=false}else{while(d>1){v.sqrTo(b,c);v.sqrTo(c,b);d-=2}if(d>0){v.sqrTo(b,c)}else{y=b;b=c;c=y}v.mulTo(c,p[x],b)}while(l>=0&&(q[l]&(1<0){b.rShiftTo(f,b);h.rShiftTo(f,h)}while(b.signum()>0){if((d=b.getLowestSetBit())>0){b.rShiftTo(d,b)}if((d=h.getLowestSetBit())>0){h.rShiftTo(d,h)}if(b.compareTo(h)>=0){b.subTo(h,b);b.rShiftTo(1,b)}else{h.subTo(b,h);h.rShiftTo(1,h)}}if(f>0){h.lShiftTo(f,h)}return h}function bnpModInt(e){if(e<=0){return 0}var c=this.DV%e,b=(this.s<0)?e-1:0;if(this.t>0){if(c==0){b=this[0]%e}else{for(var a=this.t-1;a>=0;--a){b=(c*b+this[a])%e}}}return b}function bnModInverse(f){var j=f.isEven();if((this.isEven()&&j)||f.signum()==0){return BigInteger.ZERO}var i=f.clone(),h=this.clone();var g=nbv(1),e=nbv(0),l=nbv(0),k=nbv(1);while(i.signum()!=0){while(i.isEven()){i.rShiftTo(1,i);if(j){if(!g.isEven()||!e.isEven()){g.addTo(this,g);e.subTo(f,e)}g.rShiftTo(1,g)}else{if(!e.isEven()){e.subTo(f,e)}}e.rShiftTo(1,e)}while(h.isEven()){h.rShiftTo(1,h);if(j){if(!l.isEven()||!k.isEven()){l.addTo(this,l);k.subTo(f,k)}l.rShiftTo(1,l)}else{if(!k.isEven()){k.subTo(f,k)}}k.rShiftTo(1,k)}if(i.compareTo(h)>=0){i.subTo(h,i);if(j){g.subTo(l,g)}e.subTo(k,e)}else{h.subTo(i,h);if(j){l.subTo(g,l)}k.subTo(e,k)}}if(h.compareTo(BigInteger.ONE)!=0){return BigInteger.ZERO}if(k.compareTo(f)>=0){return k.subtract(f)}if(k.signum()<0){k.addTo(f,k)}else{return k}if(k.signum()<0){return k.add(f)}else{return k}}var lowprimes=[2,3,5,7,11,13,17,19,23,29,31,37,41,43,47,53,59,61,67,71,73,79,83,89,97,101,103,107,109,113,127,131,137,139,149,151,157,163,167,173,179,181,191,193,197,199,211,223,227,229,233,239,241,251,257,263,269,271,277,281,283,293,307,311,313,317,331,337,347,349,353,359,367,373,379,383,389,397,401,409,419,421,431,433,439,443,449,457,461,463,467,479,487,491,499,503,509,521,523,541,547,557,563,569,571,577,587,593,599,601,607,613,617,619,631,641,643,647,653,659,661,673,677,683,691,701,709,719,727,733,739,743,751,757,761,769,773,787,797,809,811,821,823,827,829,839,853,857,859,863,877,881,883,887,907,911,919,929,937,941,947,953,967,971,977,983,991,997];var lplim=(1<<26)/lowprimes[lowprimes.length-1];function bnIsProbablePrime(e){var d,b=this.abs();if(b.t==1&&b[0]<=lowprimes[lowprimes.length-1]){for(d=0;d>1;if(f>lowprimes.length){f=lowprimes.length}var b=nbi();for(var e=0;e>8)&255;rng_pool[rng_pptr++]^=(a>>16)&255;rng_pool[rng_pptr++]^=(a>>24)&255;if(rng_pptr>=rng_psize){rng_pptr-=rng_psize}}function rng_seed_time(){rng_seed_int(new Date().getTime())}if(rng_pool==null){rng_pool=new Array();rng_pptr=0;var t;if(window!==undefined&&(window.crypto!==undefined||window.msCrypto!==undefined)){var crypto=window.crypto||window.msCrypto;if(crypto.getRandomValues){var ua=new Uint8Array(32);crypto.getRandomValues(ua);for(t=0;t<32;++t){rng_pool[rng_pptr++]=ua[t]}}else{if(navigator.appName=="Netscape"&&navigator.appVersion<"5"){var z=window.crypto.random(32);for(t=0;t>>8;rng_pool[rng_pptr++]=t&255}rng_pptr=0;rng_seed_time()}function rng_get_byte(){if(rng_state==null){rng_seed_time();rng_state=prng_newstate();rng_state.init(rng_pool);for(rng_pptr=0;rng_pptr=0&&h>0){var f=e.charCodeAt(d--);if(f<128){g[--h]=f}else{if((f>127)&&(f<2048)){g[--h]=(f&63)|128;g[--h]=(f>>6)|192}else{g[--h]=(f&63)|128;g[--h]=((f>>6)&63)|128;g[--h]=(f>>12)|224}}}g[--h]=0;var b=new SecureRandom();var a=new Array();while(h>2){a[0]=0;while(a[0]==0){b.nextBytes(a)}g[--h]=a[0]}g[--h]=2;g[--h]=0;return new BigInteger(g)}function oaep_mgf1_arr(c,a,e){var b="",d=0;while(b.length>24,(d&16711680)>>16,(d&65280)>>8,d&255])));d+=1}return b}function oaep_pad(q,a,f,l){var c=KJUR.crypto.MessageDigest;var o=KJUR.crypto.Util;var b=null;if(!f){f="sha1"}if(typeof f==="string"){b=c.getCanonicalAlgName(f);l=c.getHashLength(b);f=function(i){return hextorstr(o.hashString(i,b))}}if(q.length+2*l+2>a){throw"Message too long for RSA"}var k="",e;for(e=0;e0&&a.length>0){this.n=parseBigInt(b,16);this.e=parseInt(a,16)}else{throw"Invalid RSA public key"}}}function RSADoPublic(a){return a.modPowInt(this.e,this.n)}function RSAEncrypt(d){var a=pkcs1pad2(d,(this.n.bitLength()+7)>>3);if(a==null){return null}var e=this.doPublic(a);if(e==null){return null}var b=e.toString(16);if((b.length&1)==0){return b}else{return"0"+b}}function RSAEncryptOAEP(f,e,b){var a=oaep_pad(f,(this.n.bitLength()+7)>>3,e,b);if(a==null){return null}var g=this.doPublic(a);if(g==null){return null}var d=g.toString(16);if((d.length&1)==0){return d}else{return"0"+d}}RSAKey.prototype.doPublic=RSADoPublic;RSAKey.prototype.setPublic=RSASetPublic;RSAKey.prototype.encrypt=RSAEncrypt;RSAKey.prototype.encryptOAEP=RSAEncryptOAEP;RSAKey.prototype.type="RSA"; +/*! (c) Tom Wu | http://www-cs-students.stanford.edu/~tjw/jsbn/ + */ +function pkcs1unpad2(g,j){var a=g.toByteArray();var f=0;while(f=a.length){return null}}var e="";while(++f191)&&(h<224)){e+=String.fromCharCode(((h&31)<<6)|(a[f+1]&63));++f}else{e+=String.fromCharCode(((h&15)<<12)|((a[f+1]&63)<<6)|(a[f+2]&63));f+=2}}}return e}function oaep_mgf1_str(c,a,e){var b="",d=0;while(b.length>24,(d&16711680)>>16,(d&65280)>>8,d&255]));d+=1}return b}function oaep_unpad(o,b,g,p){var e=KJUR.crypto.MessageDigest;var r=KJUR.crypto.Util;var c=null;if(!g){g="sha1"}if(typeof g==="string"){c=e.getCanonicalAlgName(g);p=e.getHashLength(c);g=function(d){return hextorstr(r.hashString(d,c))}}o=o.toByteArray();var h;for(h=0;h0&&a.length>0){this.n=parseBigInt(c,16);this.e=parseInt(a,16);this.d=parseBigInt(b,16)}else{alert("Invalid RSA private key")}}}function RSASetPrivateEx(g,d,e,c,b,a,h,f){this.isPrivate=true;this.isPublic=false;if(g==null){throw"RSASetPrivateEx N == null"}if(d==null){throw"RSASetPrivateEx E == null"}if(g.length==0){throw"RSASetPrivateEx N.length == 0"}if(d.length==0){throw"RSASetPrivateEx E.length == 0"}if(g!=null&&d!=null&&g.length>0&&d.length>0){this.n=parseBigInt(g,16);this.e=parseInt(d,16);this.d=parseBigInt(e,16);this.p=parseBigInt(c,16);this.q=parseBigInt(b,16);this.dmp1=parseBigInt(a,16);this.dmq1=parseBigInt(h,16);this.coeff=parseBigInt(f,16)}else{alert("Invalid RSA private key in RSASetPrivateEx")}}function RSAGenerate(b,i){var a=new SecureRandom();var f=b>>1;this.e=parseInt(i,16);var c=new BigInteger(i,16);for(;;){for(;;){this.p=new BigInteger(b-f,1,a);if(this.p.subtract(BigInteger.ONE).gcd(c).compareTo(BigInteger.ONE)==0&&this.p.isProbablePrime(10)){break}}for(;;){this.q=new BigInteger(f,1,a);if(this.q.subtract(BigInteger.ONE).gcd(c).compareTo(BigInteger.ONE)==0&&this.q.isProbablePrime(10)){break}}if(this.p.compareTo(this.q)<=0){var h=this.p;this.p=this.q;this.q=h}var g=this.p.subtract(BigInteger.ONE);var d=this.q.subtract(BigInteger.ONE);var e=g.multiply(d);if(e.gcd(c).compareTo(BigInteger.ONE)==0){this.n=this.p.multiply(this.q);this.d=c.modInverse(e);this.dmp1=this.d.mod(g);this.dmq1=this.d.mod(d);this.coeff=this.q.modInverse(this.p);break}}this.isPrivate=true}function RSADoPrivate(a){if(this.p==null||this.q==null){return a.modPow(this.d,this.n)}var c=a.mod(this.p).modPow(this.dmp1,this.p);var b=a.mod(this.q).modPow(this.dmq1,this.q);while(c.compareTo(b)<0){c=c.add(this.p)}return c.subtract(b).multiply(this.coeff).mod(this.p).multiply(this.q).add(b)}function RSADecrypt(b){var d=parseBigInt(b,16);var a=this.doPrivate(d);if(a==null){return null}return pkcs1unpad2(a,(this.n.bitLength()+7)>>3)}function RSADecryptOAEP(e,d,b){var f=parseBigInt(e,16);var a=this.doPrivate(f);if(a==null){return null}return oaep_unpad(a,(this.n.bitLength()+7)>>3,d,b)}RSAKey.prototype.doPrivate=RSADoPrivate;RSAKey.prototype.setPrivate=RSASetPrivate;RSAKey.prototype.setPrivateEx=RSASetPrivateEx;RSAKey.prototype.generate=RSAGenerate;RSAKey.prototype.decrypt=RSADecrypt;RSAKey.prototype.decryptOAEP=RSADecryptOAEP; +/*! (c) Tom Wu | http://www-cs-students.stanford.edu/~tjw/jsbn/ + */ +function ECFieldElementFp(b,a){this.x=a;this.q=b}function feFpEquals(a){if(a==this){return true}return(this.q.equals(a.q)&&this.x.equals(a.x))}function feFpToBigInteger(){return this.x}function feFpNegate(){return new ECFieldElementFp(this.q,this.x.negate().mod(this.q))}function feFpAdd(a){return new ECFieldElementFp(this.q,this.x.add(a.toBigInteger()).mod(this.q))}function feFpSubtract(a){return new ECFieldElementFp(this.q,this.x.subtract(a.toBigInteger()).mod(this.q))}function feFpMultiply(a){return new ECFieldElementFp(this.q,this.x.multiply(a.toBigInteger()).mod(this.q))}function feFpSquare(){return new ECFieldElementFp(this.q,this.x.square().mod(this.q))}function feFpDivide(a){return new ECFieldElementFp(this.q,this.x.multiply(a.toBigInteger().modInverse(this.q)).mod(this.q))}ECFieldElementFp.prototype.equals=feFpEquals;ECFieldElementFp.prototype.toBigInteger=feFpToBigInteger;ECFieldElementFp.prototype.negate=feFpNegate;ECFieldElementFp.prototype.add=feFpAdd;ECFieldElementFp.prototype.subtract=feFpSubtract;ECFieldElementFp.prototype.multiply=feFpMultiply;ECFieldElementFp.prototype.square=feFpSquare;ECFieldElementFp.prototype.divide=feFpDivide;function ECPointFp(c,a,d,b){this.curve=c;this.x=a;this.y=d;if(b==null){this.z=BigInteger.ONE}else{this.z=b}this.zinv=null}function pointFpGetX(){if(this.zinv==null){this.zinv=this.z.modInverse(this.curve.q)}return this.curve.fromBigInteger(this.x.toBigInteger().multiply(this.zinv).mod(this.curve.q))}function pointFpGetY(){if(this.zinv==null){this.zinv=this.z.modInverse(this.curve.q)}return this.curve.fromBigInteger(this.y.toBigInteger().multiply(this.zinv).mod(this.curve.q))}function pointFpEquals(a){if(a==this){return true}if(this.isInfinity()){return a.isInfinity()}if(a.isInfinity()){return this.isInfinity()}var c,b;c=a.y.toBigInteger().multiply(this.z).subtract(this.y.toBigInteger().multiply(a.z)).mod(this.curve.q);if(!c.equals(BigInteger.ZERO)){return false}b=a.x.toBigInteger().multiply(this.z).subtract(this.x.toBigInteger().multiply(a.z)).mod(this.curve.q);return b.equals(BigInteger.ZERO)}function pointFpIsInfinity(){if((this.x==null)&&(this.y==null)){return true}return this.z.equals(BigInteger.ZERO)&&!this.y.toBigInteger().equals(BigInteger.ZERO)}function pointFpNegate(){return new ECPointFp(this.curve,this.x,this.y.negate(),this.z)}function pointFpAdd(l){if(this.isInfinity()){return l}if(l.isInfinity()){return this}var p=l.y.toBigInteger().multiply(this.z).subtract(this.y.toBigInteger().multiply(l.z)).mod(this.curve.q);var o=l.x.toBigInteger().multiply(this.z).subtract(this.x.toBigInteger().multiply(l.z)).mod(this.curve.q);if(BigInteger.ZERO.equals(o)){if(BigInteger.ZERO.equals(p)){return this.twice()}return this.curve.getInfinity()}var j=new BigInteger("3");var e=this.x.toBigInteger();var n=this.y.toBigInteger();var c=l.x.toBigInteger();var k=l.y.toBigInteger();var m=o.square();var i=m.multiply(o);var d=e.multiply(m);var g=p.square().multiply(this.z);var a=g.subtract(d.shiftLeft(1)).multiply(l.z).subtract(i).multiply(o).mod(this.curve.q);var h=d.multiply(j).multiply(p).subtract(n.multiply(i)).subtract(g.multiply(p)).multiply(l.z).add(p.multiply(i)).mod(this.curve.q);var f=i.multiply(this.z).multiply(l.z).mod(this.curve.q);return new ECPointFp(this.curve,this.curve.fromBigInteger(a),this.curve.fromBigInteger(h),f)}function pointFpTwice(){if(this.isInfinity()){return this}if(this.y.toBigInteger().signum()==0){return this.curve.getInfinity()}var g=new BigInteger("3");var c=this.x.toBigInteger();var h=this.y.toBigInteger();var e=h.multiply(this.z);var j=e.multiply(h).mod(this.curve.q);var i=this.curve.a.toBigInteger();var k=c.square().multiply(g);if(!BigInteger.ZERO.equals(i)){k=k.add(this.z.square().multiply(i))}k=k.mod(this.curve.q);var b=k.square().subtract(c.shiftLeft(3).multiply(j)).shiftLeft(1).multiply(e).mod(this.curve.q);var f=k.multiply(g).multiply(c).subtract(j.shiftLeft(1)).shiftLeft(2).multiply(j).subtract(k.square().multiply(k)).mod(this.curve.q);var d=e.square().multiply(e).shiftLeft(3).mod(this.curve.q);return new ECPointFp(this.curve,this.curve.fromBigInteger(b),this.curve.fromBigInteger(f),d)}function pointFpMultiply(b){if(this.isInfinity()){return this}if(b.signum()==0){return this.curve.getInfinity()}var g=b;var f=g.multiply(new BigInteger("3"));var l=this.negate();var d=this;var c;for(c=f.bitLength()-2;c>0;--c){d=d.twice();var a=f.testBit(c);var j=g.testBit(c);if(a!=j){d=d.add(a?this:l)}}return d}function pointFpMultiplyTwo(c,a,b){var d;if(c.bitLength()>b.bitLength()){d=c.bitLength()-1}else{d=b.bitLength()-1}var f=this.curve.getInfinity();var e=this.add(a);while(d>=0){f=f.twice();if(c.testBit(d)){if(b.testBit(d)){f=f.add(e)}else{f=f.add(this)}}else{if(b.testBit(d)){f=f.add(a)}}--d}return f}ECPointFp.prototype.getX=pointFpGetX;ECPointFp.prototype.getY=pointFpGetY;ECPointFp.prototype.equals=pointFpEquals;ECPointFp.prototype.isInfinity=pointFpIsInfinity;ECPointFp.prototype.negate=pointFpNegate;ECPointFp.prototype.add=pointFpAdd;ECPointFp.prototype.twice=pointFpTwice;ECPointFp.prototype.multiply=pointFpMultiply;ECPointFp.prototype.multiplyTwo=pointFpMultiplyTwo;function ECCurveFp(e,d,c){this.q=e;this.a=this.fromBigInteger(d);this.b=this.fromBigInteger(c);this.infinity=new ECPointFp(this,null,null)}function curveFpGetQ(){return this.q}function curveFpGetA(){return this.a}function curveFpGetB(){return this.b}function curveFpEquals(a){if(a==this){return true}return(this.q.equals(a.q)&&this.a.equals(a.a)&&this.b.equals(a.b))}function curveFpGetInfinity(){return this.infinity}function curveFpFromBigInteger(a){return new ECFieldElementFp(this.q,a)}function curveFpDecodePointHex(d){switch(parseInt(d.substr(0,2),16)){case 0:return this.infinity;case 2:case 3:return null;case 4:case 6:case 7:var a=(d.length-2)/2;var c=d.substr(2,a);var b=d.substr(a+2,a);return new ECPointFp(this,this.fromBigInteger(new BigInteger(c,16)),this.fromBigInteger(new BigInteger(b,16)));default:return null}}ECCurveFp.prototype.getQ=curveFpGetQ;ECCurveFp.prototype.getA=curveFpGetA;ECCurveFp.prototype.getB=curveFpGetB;ECCurveFp.prototype.equals=curveFpEquals;ECCurveFp.prototype.getInfinity=curveFpGetInfinity;ECCurveFp.prototype.fromBigInteger=curveFpFromBigInteger;ECCurveFp.prototype.decodePointHex=curveFpDecodePointHex; +/*! (c) Stefan Thomas | https://github.com/bitcoinjs/bitcoinjs-lib + */ +ECFieldElementFp.prototype.getByteLength=function(){return Math.floor((this.toBigInteger().bitLength()+7)/8)};ECPointFp.prototype.getEncoded=function(c){var d=function(h,f){var g=h.toByteArrayUnsigned();if(fg.length){g.unshift(0)}}return g};var a=this.getX().toBigInteger();var e=this.getY().toBigInteger();var b=d(a,32);if(c){if(e.isEven()){b.unshift(2)}else{b.unshift(3)}}else{b.unshift(4);b=b.concat(d(e,32))}return b};ECPointFp.decodeFrom=function(g,c){var f=c[0];var e=c.length-1;var d=c.slice(1,1+e/2);var b=c.slice(1+e/2,1+e);d.unshift(0);b.unshift(0);var a=new BigInteger(d);var h=new BigInteger(b);return new ECPointFp(g,g.fromBigInteger(a),g.fromBigInteger(h))};ECPointFp.decodeFromHex=function(g,c){var f=c.substr(0,2);var e=c.length-2;var d=c.substr(2,e/2);var b=c.substr(2+e/2,e/2);var a=new BigInteger(d,16);var h=new BigInteger(b,16);return new ECPointFp(g,g.fromBigInteger(a),g.fromBigInteger(h))};ECPointFp.prototype.add2D=function(c){if(this.isInfinity()){return c}if(c.isInfinity()){return this}if(this.x.equals(c.x)){if(this.y.equals(c.y)){return this.twice()}return this.curve.getInfinity()}var g=c.x.subtract(this.x);var e=c.y.subtract(this.y);var a=e.divide(g);var d=a.square().subtract(this.x).subtract(c.x);var f=a.multiply(this.x.subtract(d)).subtract(this.y);return new ECPointFp(this.curve,d,f)};ECPointFp.prototype.twice2D=function(){if(this.isInfinity()){return this}if(this.y.toBigInteger().signum()==0){return this.curve.getInfinity()}var b=this.curve.fromBigInteger(BigInteger.valueOf(2));var e=this.curve.fromBigInteger(BigInteger.valueOf(3));var a=this.x.square().multiply(e).add(this.curve.a).divide(this.y.multiply(b));var c=a.square().subtract(this.x.multiply(b));var d=a.multiply(this.x.subtract(c)).subtract(this.y);return new ECPointFp(this.curve,c,d)};ECPointFp.prototype.multiply2D=function(b){if(this.isInfinity()){return this}if(b.signum()==0){return this.curve.getInfinity()}var g=b;var f=g.multiply(new BigInteger("3"));var l=this.negate();var d=this;var c;for(c=f.bitLength()-2;c>0;--c){d=d.twice();var a=f.testBit(c);var j=g.testBit(c);if(a!=j){d=d.add2D(a?this:l)}}return d};ECPointFp.prototype.isOnCurve=function(){var d=this.getX().toBigInteger();var i=this.getY().toBigInteger();var f=this.curve.getA().toBigInteger();var c=this.curve.getB().toBigInteger();var h=this.curve.getQ();var e=i.multiply(i).mod(h);var g=d.multiply(d).multiply(d).add(f.multiply(d)).add(c).mod(h);return e.equals(g)};ECPointFp.prototype.toString=function(){return"("+this.getX().toBigInteger().toString()+","+this.getY().toBigInteger().toString()+")"};ECPointFp.prototype.validate=function(){var c=this.curve.getQ();if(this.isInfinity()){throw new Error("Point is at infinity.")}var a=this.getX().toBigInteger();var b=this.getY().toBigInteger();if(a.compareTo(BigInteger.ONE)<0||a.compareTo(c.subtract(BigInteger.ONE))>0){throw new Error("x coordinate out of bounds")}if(b.compareTo(BigInteger.ONE)<0||b.compareTo(c.subtract(BigInteger.ONE))>0){throw new Error("y coordinate out of bounds")}if(!this.isOnCurve()){throw new Error("Point is not on the curve.")}if(this.multiply(c).isInfinity()){throw new Error("Point is not a scalar multiple of G.")}return true}; +/*! Mike Samuel (c) 2009 | code.google.com/p/json-sans-eval + */ +var jsonParse=(function(){var e="(?:-?\\b(?:0|[1-9][0-9]*)(?:\\.[0-9]+)?(?:[eE][+-]?[0-9]+)?\\b)";var j='(?:[^\\0-\\x08\\x0a-\\x1f"\\\\]|\\\\(?:["/\\\\bfnrt]|u[0-9A-Fa-f]{4}))';var i='(?:"'+j+'*")';var d=new RegExp("(?:false|true|null|[\\{\\}\\[\\]]|"+e+"|"+i+")","g");var k=new RegExp("\\\\(?:([^u])|u(.{4}))","g");var g={'"':'"',"/":"/","\\":"\\",b:"\b",f:"\f",n:"\n",r:"\r",t:"\t"};function h(l,m,n){return m?g[m]:String.fromCharCode(parseInt(n,16))}var c=new String("");var a="\\";var f={"{":Object,"[":Array};var b=Object.hasOwnProperty;return function(u,q){var p=u.match(d);var x;var v=p[0];var l=false;if("{"===v){x={}}else{if("["===v){x=[]}else{x=[];l=true}}var t;var r=[x];for(var o=1-l,m=p.length;o=0;){delete D[n[A]]}}}return q.call(C,B,D)};x=s({"":x},"")}return x}})(); +if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.asn1=="undefined"||!KJUR.asn1){KJUR.asn1={}}KJUR.asn1.ASN1Util=new function(){this.integerToByteHex=function(a){var b=a.toString(16);if((b.length%2)==1){b="0"+b}return b};this.bigIntToMinTwosComplementsHex=function(j){var f=j.toString(16);if(f.substr(0,1)!="-"){if(f.length%2==1){f="0"+f}else{if(!f.match(/^[0-7]/)){f="00"+f}}}else{var a=f.substr(1);var e=a.length;if(e%2==1){e+=1}else{if(!f.match(/^[0-7]/)){e+=2}}var g="";for(var d=0;d15){throw"ASN.1 length too long to represent by 8x: n = "+i.toString(16)}var f=128+g;return f.toString(16)+h}};this.getEncodedHex=function(){if(this.hTLV==null||this.isModified){this.hV=this.getFreshValueHex();this.hL=this.getLengthHexFromValue();this.hTLV=this.hT+this.hL+this.hV;this.isModified=false}return this.hTLV};this.getValueHex=function(){this.getEncodedHex();return this.hV};this.getFreshValueHex=function(){return""}};KJUR.asn1.DERAbstractString=function(c){KJUR.asn1.DERAbstractString.superclass.constructor.call(this);var b=null;var a=null;this.getString=function(){return this.s};this.setString=function(d){this.hTLV=null;this.isModified=true;this.s=d;this.hV=stohex(this.s)};this.setStringHex=function(d){this.hTLV=null;this.isModified=true;this.s=null;this.hV=d};this.getFreshValueHex=function(){return this.hV};if(typeof c!="undefined"){if(typeof c=="string"){this.setString(c)}else{if(typeof c.str!="undefined"){this.setString(c.str)}else{if(typeof c.hex!="undefined"){this.setStringHex(c.hex)}}}}};YAHOO.lang.extend(KJUR.asn1.DERAbstractString,KJUR.asn1.ASN1Object);KJUR.asn1.DERAbstractTime=function(c){KJUR.asn1.DERAbstractTime.superclass.constructor.call(this);var b=null;var a=null;this.localDateToUTC=function(f){utc=f.getTime()+(f.getTimezoneOffset()*60000);var e=new Date(utc);return e};this.formatDate=function(m,o,e){var g=this.zeroPadding;var n=this.localDateToUTC(m);var p=String(n.getFullYear());if(o=="utc"){p=p.substr(2,2)}var l=g(String(n.getMonth()+1),2);var q=g(String(n.getDate()),2);var h=g(String(n.getHours()),2);var i=g(String(n.getMinutes()),2);var j=g(String(n.getSeconds()),2);var r=p+l+q+h+i+j;if(e===true){var f=n.getMilliseconds();if(f!=0){var k=g(String(f),3);k=k.replace(/[0]+$/,"");r=r+"."+k}}return r+"Z"};this.zeroPadding=function(e,d){if(e.length>=d){return e}return new Array(d-e.length+1).join("0")+e};this.getString=function(){return this.s};this.setString=function(d){this.hTLV=null;this.isModified=true;this.s=d;this.hV=stohex(d)};this.setByDateValue=function(h,j,e,d,f,g){var i=new Date(Date.UTC(h,j-1,e,d,f,g,0));this.setByDate(i)};this.getFreshValueHex=function(){return this.hV}};YAHOO.lang.extend(KJUR.asn1.DERAbstractTime,KJUR.asn1.ASN1Object);KJUR.asn1.DERAbstractStructured=function(b){KJUR.asn1.DERAbstractString.superclass.constructor.call(this);var a=null;this.setByASN1ObjectArray=function(c){this.hTLV=null;this.isModified=true;this.asn1Array=c};this.appendASN1Object=function(c){this.hTLV=null;this.isModified=true;this.asn1Array.push(c)};this.asn1Array=new Array();if(typeof b!="undefined"){if(typeof b.array!="undefined"){this.asn1Array=b.array}}};YAHOO.lang.extend(KJUR.asn1.DERAbstractStructured,KJUR.asn1.ASN1Object);KJUR.asn1.DERBoolean=function(){KJUR.asn1.DERBoolean.superclass.constructor.call(this);this.hT="01";this.hTLV="0101ff"};YAHOO.lang.extend(KJUR.asn1.DERBoolean,KJUR.asn1.ASN1Object);KJUR.asn1.DERInteger=function(a){KJUR.asn1.DERInteger.superclass.constructor.call(this);this.hT="02";this.setByBigInteger=function(b){this.hTLV=null;this.isModified=true;this.hV=KJUR.asn1.ASN1Util.bigIntToMinTwosComplementsHex(b)};this.setByInteger=function(c){var b=new BigInteger(String(c),10);this.setByBigInteger(b)};this.setValueHex=function(b){this.hV=b};this.getFreshValueHex=function(){return this.hV};if(typeof a!="undefined"){if(typeof a.bigint!="undefined"){this.setByBigInteger(a.bigint)}else{if(typeof a["int"]!="undefined"){this.setByInteger(a["int"])}else{if(typeof a=="number"){this.setByInteger(a)}else{if(typeof a.hex!="undefined"){this.setValueHex(a.hex)}}}}}};YAHOO.lang.extend(KJUR.asn1.DERInteger,KJUR.asn1.ASN1Object);KJUR.asn1.DERBitString=function(b){if(b!==undefined&&typeof b.obj!=="undefined"){var a=KJUR.asn1.ASN1Util.newObject(b.obj);b.hex="00"+a.getEncodedHex()}KJUR.asn1.DERBitString.superclass.constructor.call(this);this.hT="03";this.setHexValueIncludingUnusedBits=function(c){this.hTLV=null;this.isModified=true;this.hV=c};this.setUnusedBitsAndHexValue=function(c,e){if(c<0||7=(l*2))){break}if(d>=200){break}g.push(b);c=b;d++}return g};ASN1HEX.getNthChildIdx=function(d,b,e){var c=ASN1HEX.getChildIdx(d,b);return c[e]};ASN1HEX.getIdxbyList=function(e,d,c,i){var g=ASN1HEX;var f,b;if(c.length==0){if(i!==undefined){if(e.substr(d,2)!==i){throw"checking tag doesn't match: "+e.substr(d,2)+"!="+i}}return d}f=c.shift();b=g.getChildIdx(e,d);return g.getIdxbyList(e,b[f],c,i)};ASN1HEX.getTLVbyList=function(d,c,b,f){var e=ASN1HEX;var a=e.getIdxbyList(d,c,b);if(a===undefined){throw"can't find nthList object"}if(f!==undefined){if(d.substr(a,2)!=f){throw"checking tag doesn't match: "+d.substr(a,2)+"!="+f}}return e.getTLV(d,a)};ASN1HEX.getVbyList=function(e,c,b,g,i){var f=ASN1HEX;var a,d;a=f.getIdxbyList(e,c,b,g);if(a===undefined){throw"can't find nthList object"}d=f.getV(e,a);if(i===true){d=d.substr(2)}return d};ASN1HEX.hextooidstr=function(e){var h=function(b,a){if(b.length>=a){return b}return new Array(a-b.length+1).join("0")+b};var l=[];var o=e.substr(0,2);var f=parseInt(o,16);l[0]=new String(Math.floor(f/40));l[1]=new String(f%40);var m=e.substr(2);var k=[];for(var g=0;g0){n=n+"."+j.join(".")}return n};ASN1HEX.dump=function(t,c,l,g){var p=ASN1HEX;var j=p.getV;var y=p.dump;var w=p.getChildIdx;var e=t;if(t instanceof KJUR.asn1.ASN1Object){e=t.getEncodedHex()}var q=function(A,i){if(A.length<=i*2){return A}else{var v=A.substr(0,i)+"..(total "+A.length/2+"bytes).."+A.substr(A.length-i,i);return v}};if(c===undefined){c={ommit_long_octet:32}}if(l===undefined){l=0}if(g===undefined){g=""}var x=c.ommit_long_octet;if(e.substr(l,2)=="01"){var h=j(e,l);if(h=="00"){return g+"BOOLEAN FALSE\n"}else{return g+"BOOLEAN TRUE\n"}}if(e.substr(l,2)=="02"){var h=j(e,l);return g+"INTEGER "+q(h,x)+"\n"}if(e.substr(l,2)=="03"){var h=j(e,l);return g+"BITSTRING "+q(h,x)+"\n"}if(e.substr(l,2)=="04"){var h=j(e,l);if(p.isASN1HEX(h)){var k=g+"OCTETSTRING, encapsulates\n";k=k+y(h,c,0,g+" ");return k}else{return g+"OCTETSTRING "+q(h,x)+"\n"}}if(e.substr(l,2)=="05"){return g+"NULL\n"}if(e.substr(l,2)=="06"){var m=j(e,l);var a=KJUR.asn1.ASN1Util.oidHexToInt(m);var o=KJUR.asn1.x509.OID.oid2name(a);var b=a.replace(/\./g," ");if(o!=""){return g+"ObjectIdentifier "+o+" ("+b+")\n"}else{return g+"ObjectIdentifier ("+b+")\n"}}if(e.substr(l,2)=="0c"){return g+"UTF8String '"+hextoutf8(j(e,l))+"'\n"}if(e.substr(l,2)=="13"){return g+"PrintableString '"+hextoutf8(j(e,l))+"'\n"}if(e.substr(l,2)=="14"){return g+"TeletexString '"+hextoutf8(j(e,l))+"'\n"}if(e.substr(l,2)=="16"){return g+"IA5String '"+hextoutf8(j(e,l))+"'\n"}if(e.substr(l,2)=="17"){return g+"UTCTime "+hextoutf8(j(e,l))+"\n"}if(e.substr(l,2)=="18"){return g+"GeneralizedTime "+hextoutf8(j(e,l))+"\n"}if(e.substr(l,2)=="30"){if(e.substr(l,4)=="3000"){return g+"SEQUENCE {}\n"}var k=g+"SEQUENCE\n";var d=w(e,l);var f=c;if((d.length==2||d.length==3)&&e.substr(d[0],2)=="06"&&e.substr(d[d.length-1],2)=="04"){var o=p.oidname(j(e,d[0]));var r=JSON.parse(JSON.stringify(c));r.x509ExtName=o;f=r}for(var u=0;u0){var m=new f({array:this.extensionsArray});var k=new c({explicit:true,tag:"a3",obj:m});this.asn1Array.push(k)}var n=new f({array:this.asn1Array});this.hTLV=n.getEncodedHex();this.isModified=false;return this.hTLV};this._initialize()};YAHOO.lang.extend(KJUR.asn1.x509.TBSCertificate,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Extension=function(d){KJUR.asn1.x509.Extension.superclass.constructor.call(this);var f=null,a=KJUR,e=a.asn1,h=e.DERObjectIdentifier,i=e.DEROctetString,b=e.DERBitString,g=e.DERBoolean,c=e.DERSequence;this.getEncodedHex=function(){var m=new h({oid:this.oid});var l=new i({hex:this.getExtnValueHex()});var k=new Array();k.push(m);if(this.critical){k.push(new g())}k.push(l);var j=new c({array:k});return j.getEncodedHex()};this.critical=false;if(typeof d!="undefined"){if(typeof d.critical!="undefined"){this.critical=d.critical}}};YAHOO.lang.extend(KJUR.asn1.x509.Extension,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Extension.appendByNameToArray=function(e,c,b){var g=e.toLowerCase(),f=KJUR.asn1.x509;if(g=="basicconstraints"){var d=new f.BasicConstraints(c);b.push(d)}else{if(g=="keyusage"){var d=new f.KeyUsage(c);b.push(d)}else{if(g=="crldistributionpoints"){var d=new f.CRLDistributionPoints(c);b.push(d)}else{if(g=="extkeyusage"){var d=new f.ExtKeyUsage(c);b.push(d)}else{if(g=="authoritykeyidentifier"){var d=new f.AuthorityKeyIdentifier(c);b.push(d)}else{if(g=="authorityinfoaccess"){var d=new f.AuthorityInfoAccess(c);b.push(d)}else{if(g=="subjectaltname"){var d=new f.SubjectAltName(c);b.push(d)}else{if(g=="issueraltname"){var d=new f.IssuerAltName(c);b.push(d)}else{throw"unsupported extension name: "+e}}}}}}}}};KJUR.asn1.x509.KeyUsage=function(a){KJUR.asn1.x509.KeyUsage.superclass.constructor.call(this,a);this.getExtnValueHex=function(){return this.asn1ExtnValue.getEncodedHex()};this.oid="2.5.29.15";if(typeof a!="undefined"){if(typeof a.bin!="undefined"){this.asn1ExtnValue=new KJUR.asn1.DERBitString(a)}}};YAHOO.lang.extend(KJUR.asn1.x509.KeyUsage,KJUR.asn1.x509.Extension);KJUR.asn1.x509.BasicConstraints=function(c){KJUR.asn1.x509.BasicConstraints.superclass.constructor.call(this,c);var a=false;var b=-1;this.getExtnValueHex=function(){var e=new Array();if(this.cA){e.push(new KJUR.asn1.DERBoolean())}if(this.pathLen>-1){e.push(new KJUR.asn1.DERInteger({"int":this.pathLen}))}var d=new KJUR.asn1.DERSequence({array:e});this.asn1ExtnValue=d;return this.asn1ExtnValue.getEncodedHex()};this.oid="2.5.29.19";this.cA=false;this.pathLen=-1;if(typeof c!="undefined"){if(typeof c.cA!="undefined"){this.cA=c.cA}if(typeof c.pathLen!="undefined"){this.pathLen=c.pathLen}}};YAHOO.lang.extend(KJUR.asn1.x509.BasicConstraints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.CRLDistributionPoints=function(d){KJUR.asn1.x509.CRLDistributionPoints.superclass.constructor.call(this,d);var b=KJUR,a=b.asn1,c=a.x509;this.getExtnValueHex=function(){return this.asn1ExtnValue.getEncodedHex()};this.setByDPArray=function(e){this.asn1ExtnValue=new a.DERSequence({array:e})};this.setByOneURI=function(h){var e=new c.GeneralNames([{uri:h}]);var g=new c.DistributionPointName(e);var f=new c.DistributionPoint({dpobj:g});this.setByDPArray([f])};this.oid="2.5.29.31";if(typeof d!="undefined"){if(typeof d.array!="undefined"){this.setByDPArray(d.array)}else{if(typeof d.uri!="undefined"){this.setByOneURI(d.uri)}}}};YAHOO.lang.extend(KJUR.asn1.x509.CRLDistributionPoints,KJUR.asn1.x509.Extension);KJUR.asn1.x509.ExtKeyUsage=function(c){KJUR.asn1.x509.ExtKeyUsage.superclass.constructor.call(this,c);var b=KJUR,a=b.asn1;this.setPurposeArray=function(d){this.asn1ExtnValue=new a.DERSequence();for(var e=0;e0){var h=new b({array:this.aRevokedCert});this.asn1Array.push(h)}var i=new b({array:this.asn1Array});this.hTLV=i.getEncodedHex();this.isModified=false;return this.hTLV};this._initialize=function(){this.asn1Version=null;this.asn1SignatureAlg=null;this.asn1Issuer=null;this.asn1ThisUpdate=null;this.asn1NextUpdate=null;this.aRevokedCert=new Array()};this._initialize()};YAHOO.lang.extend(KJUR.asn1.x509.TBSCertList,KJUR.asn1.ASN1Object);KJUR.asn1.x509.CRLEntry=function(e){KJUR.asn1.x509.CRLEntry.superclass.constructor.call(this);var d=null,c=null,b=KJUR,a=b.asn1;this.setCertSerial=function(f){this.sn=new a.DERInteger(f)};this.setRevocationDate=function(f){this.time=new a.x509.Time(f)};this.getEncodedHex=function(){var f=new a.DERSequence({array:[this.sn,this.time]});this.TLV=f.getEncodedHex();return this.TLV};if(e!==undefined){if(e.time!==undefined){this.setRevocationDate(e.time)}if(e.sn!==undefined){this.setCertSerial(e.sn)}}};YAHOO.lang.extend(KJUR.asn1.x509.CRLEntry,KJUR.asn1.ASN1Object);KJUR.asn1.x509.X500Name=function(f){KJUR.asn1.x509.X500Name.superclass.constructor.call(this);this.asn1Array=new Array();var d=KJUR,c=d.asn1,e=c.x509,b=pemtohex;this.setByString=function(g){var h=g.split("/");h.shift();for(var j=0;j0;f++){var h=c.shift();if(e===true){var d=b.pop();var j=(d+","+h).replace(/\\,/g,",");b.push(j);e=false}else{b.push(h)}if(h.substr(-1,1)==="\\"){e=true}}b=b.map(function(a){return a.replace("/","\\/")});b.reverse();return"/"+b.join("/")};KJUR.asn1.x509.RDN=function(a){KJUR.asn1.x509.RDN.superclass.constructor.call(this);this.asn1Array=new Array();this.addByString=function(b){this.asn1Array.push(new KJUR.asn1.x509.AttributeTypeAndValue({str:b}))};this.addByMultiValuedString=function(d){var b=KJUR.asn1.x509.RDN.parseString(d);for(var c=0;c0;g++){var k=j.shift();if(h===true){var f=c.pop();var d=(f+"+"+k).replace(/\\\+/g,"+");c.push(d);h=false}else{c.push(k)}if(k.substr(-1,1)==="\\"){h=true}}var l=false;var b=[];for(var g=0;c.length>0;g++){var k=c.shift();if(l===true){var e=b.pop();if(k.match(/"$/)){var d=(e+"+"+k).replace(/^([^=]+)="(.*)"$/,"$1=$2");b.push(d);l=false}else{b.push(e+"+"+k)}}else{b.push(k)}if(k.match(/^[^=]+="/)){l=true}}return b};KJUR.asn1.x509.AttributeTypeAndValue=function(d){KJUR.asn1.x509.AttributeTypeAndValue.superclass.constructor.call(this);var f=null,e=null,a="utf8",c=KJUR,b=c.asn1;this.setByString=function(h){var g=h.match(/^([^=]+)=(.+)$/);if(g){this.setByAttrTypeAndValueStr(g[1],g[2])}else{throw"malformed attrTypeAndValueStr: "+h}};this.setByAttrTypeAndValueStr=function(i,h){this.typeObj=KJUR.asn1.x509.OID.atype2obj(i);var g=a;if(i=="C"){g="prn"}this.valueObj=this.getValueObj(g,h)};this.getValueObj=function(h,g){if(h=="utf8"){return new b.DERUTF8String({str:g})}if(h=="prn"){return new b.DERPrintableString({str:g})}if(h=="tel"){return new b.DERTeletexString({str:g})}if(h=="ia5"){return new b.DERIA5String({str:g})}throw"unsupported directory string type: type="+h+" value="+g};this.getEncodedHex=function(){var g=new b.DERSequence({array:[this.typeObj,this.valueObj]});this.TLV=g.getEncodedHex();return this.TLV};if(typeof d!="undefined"){if(typeof d.str!="undefined"){this.setByString(d.str)}}};YAHOO.lang.extend(KJUR.asn1.x509.AttributeTypeAndValue,KJUR.asn1.ASN1Object);KJUR.asn1.x509.SubjectPublicKeyInfo=function(f){KJUR.asn1.x509.SubjectPublicKeyInfo.superclass.constructor.call(this);var l=null,k=null,a=KJUR,j=a.asn1,i=j.DERInteger,b=j.DERBitString,m=j.DERObjectIdentifier,e=j.DERSequence,h=j.ASN1Util.newObject,d=j.x509,o=d.AlgorithmIdentifier,g=a.crypto,n=g.ECDSA,c=g.DSA;this.getASN1Object=function(){if(this.asn1AlgId==null||this.asn1SubjPKey==null){throw"algId and/or subjPubKey not set"}var p=new e({array:[this.asn1AlgId,this.asn1SubjPKey]});return p};this.getEncodedHex=function(){var p=this.getASN1Object();this.hTLV=p.getEncodedHex();return this.hTLV};this.setPubKey=function(q){try{if(q instanceof RSAKey){var u=h({seq:[{"int":{bigint:q.n}},{"int":{"int":q.e}}]});var s=u.getEncodedHex();this.asn1AlgId=new o({name:"rsaEncryption"});this.asn1SubjPKey=new b({hex:"00"+s})}}catch(p){}try{if(q instanceof KJUR.crypto.ECDSA){var r=new m({name:q.curveName});this.asn1AlgId=new o({name:"ecPublicKey",asn1params:r});this.asn1SubjPKey=new b({hex:"00"+q.pubKeyHex})}}catch(p){}try{if(q instanceof KJUR.crypto.DSA){var r=new h({seq:[{"int":{bigint:q.p}},{"int":{bigint:q.q}},{"int":{bigint:q.g}}]});this.asn1AlgId=new o({name:"dsa",asn1params:r});var t=new i({bigint:q.y});this.asn1SubjPKey=new b({hex:"00"+t.getEncodedHex()})}}catch(p){}};if(f!==undefined){this.setPubKey(f)}};YAHOO.lang.extend(KJUR.asn1.x509.SubjectPublicKeyInfo,KJUR.asn1.ASN1Object);KJUR.asn1.x509.Time=function(f){KJUR.asn1.x509.Time.superclass.constructor.call(this);var e=null,a=null,d=KJUR,c=d.asn1,b=c.DERUTCTime,g=c.DERGeneralizedTime;this.setTimeParams=function(h){this.timeParams=h};this.getEncodedHex=function(){var h=null;if(this.timeParams!=null){if(this.type=="utc"){h=new b(this.timeParams)}else{h=new g(this.timeParams)}}else{if(this.type=="utc"){h=new b()}else{h=new g()}}this.TLV=h.getEncodedHex();return this.TLV};this.type="utc";if(f!==undefined){if(f.type!==undefined){this.type=f.type}else{if(f.str!==undefined){if(f.str.match(/^[0-9]{12}Z$/)){this.type="utc"}if(f.str.match(/^[0-9]{14}Z$/)){this.type="gen"}}}this.timeParams=f}};YAHOO.lang.extend(KJUR.asn1.x509.Time,KJUR.asn1.ASN1Object);KJUR.asn1.x509.AlgorithmIdentifier=function(d){KJUR.asn1.x509.AlgorithmIdentifier.superclass.constructor.call(this);this.nameAlg=null;this.asn1Alg=null;this.asn1Params=null;this.paramEmpty=false;var b=KJUR,a=b.asn1;this.getEncodedHex=function(){if(this.nameAlg===null&&this.asn1Alg===null){throw"algorithm not specified"}if(this.nameAlg!==null&&this.asn1Alg===null){this.asn1Alg=a.x509.OID.name2obj(this.nameAlg)}var e=[this.asn1Alg];if(this.asn1Params!==null){e.push(this.asn1Params)}var f=new a.DERSequence({array:e});this.hTLV=f.getEncodedHex();return this.hTLV};if(d!==undefined){if(d.name!==undefined){this.nameAlg=d.name}if(d.asn1params!==undefined){this.asn1Params=d.asn1params}if(d.paramempty!==undefined){this.paramEmpty=d.paramempty}}if(this.asn1Params===null&&this.paramEmpty===false&&this.nameAlg!==null){var c=this.nameAlg.toLowerCase();if(c.substr(-7,7)!=="withdsa"&&c.substr(-9,9)!=="withecdsa"){this.asn1Params=new a.DERNull()}}};YAHOO.lang.extend(KJUR.asn1.x509.AlgorithmIdentifier,KJUR.asn1.ASN1Object);KJUR.asn1.x509.GeneralName=function(e){KJUR.asn1.x509.GeneralName.superclass.constructor.call(this);var k=null,h=null,i={rfc822:"81",dns:"82",dn:"a4",uri:"86"},b=KJUR,f=b.asn1,d=f.DERIA5String,c=f.DERTaggedObject,j=f.ASN1Object,a=f.x509.X500Name,g=pemtohex;this.explicit=false;this.setByParam=function(r){var q=null;var n=null;if(r===undefined){return}if(r.rfc822!==undefined){this.type="rfc822";n=new d({str:r[this.type]})}if(r.dns!==undefined){this.type="dns";n=new d({str:r[this.type]})}if(r.uri!==undefined){this.type="uri";n=new d({str:r[this.type]})}if(r.dn!==undefined){this.type="dn";n=new a({str:r.dn})}if(r.ldapdn!==undefined){this.type="dn";n=new a({ldapstr:r.ldapdn})}if(r.certissuer!==undefined){this.type="dn";this.explicit=true;var o=r.certissuer;var m=null;if(o.match(/^[0-9A-Fa-f]+$/)){m==o}if(o.indexOf("-----BEGIN ")!=-1){m=g(o)}if(m==null){throw"certissuer param not cert"}var l=new X509();l.hex=m;var p=l.getIssuerHex();n=new j();n.hTLV=p}if(r.certsubj!==undefined){this.type="dn";this.explicit=true;var o=r.certsubj;var m=null;if(o.match(/^[0-9A-Fa-f]+$/)){m==o}if(o.indexOf("-----BEGIN ")!=-1){m=g(o)}if(m==null){throw"certsubj param not cert"}var l=new X509();l.hex=m;var p=l.getSubjectHex();n=new j();n.hTLV=p}if(this.type==null){throw"unsupported type in params="+r}this.asn1Obj=new c({explicit:this.explicit,tag:i[this.type],obj:n})};this.getEncodedHex=function(){return this.asn1Obj.getEncodedHex()};if(e!==undefined){this.setByParam(e)}};YAHOO.lang.extend(KJUR.asn1.x509.GeneralName,KJUR.asn1.ASN1Object);KJUR.asn1.x509.GeneralNames=function(d){KJUR.asn1.x509.GeneralNames.superclass.constructor.call(this);var a=null,c=KJUR,b=c.asn1;this.setByParamArray=function(g){for(var e=0;e0){r=new b({obj:this.dUnsignedAttrs,tag:"a1",explicit:false})}var q=[this.dCMSVersion,this.dSignerIdentifier,this.dDigestAlgorithm,o,this.dSigAlg,this.dSig,];if(r!=null){q.push(r)}var p=new h.DERSequence({array:q});this.hTLV=p.getEncodedHex();return this.hTLV}};YAHOO.lang.extend(KJUR.asn1.cms.SignerInfo,KJUR.asn1.ASN1Object);KJUR.asn1.cms.EncapsulatedContentInfo=function(g){var c=KJUR,b=c.asn1,e=b.DERTaggedObject,a=b.DERSequence,h=b.DERObjectIdentifier,d=b.DEROctetString,f=b.cms;f.EncapsulatedContentInfo.superclass.constructor.call(this);this.dEContentType=new h({name:"data"});this.dEContent=null;this.isDetached=false;this.eContentValueHex=null;this.setContentType=function(i){if(i.match(/^[0-2][.][0-9.]+$/)){this.dEContentType=new h({oid:i})}else{this.dEContentType=new h({name:i})}};this.setContentValue=function(i){if(i!==undefined){if(typeof i.hex=="string"){this.eContentValueHex=i.hex}else{if(typeof i.str=="string"){this.eContentValueHex=utf8tohex(i.str)}}}};this.setContentValueHex=function(i){this.eContentValueHex=i};this.setContentValueStr=function(i){this.eContentValueHex=utf8tohex(i)};this.getEncodedHex=function(){if(typeof this.eContentValueHex!="string"){throw"eContentValue not yet set"}var k=new d({hex:this.eContentValueHex});this.dEContent=new e({obj:k,tag:"a0",explicit:true});var i=[this.dEContentType];if(!this.isDetached){i.push(this.dEContent)}var j=new a({array:i});this.hTLV=j.getEncodedHex();return this.hTLV}};YAHOO.lang.extend(KJUR.asn1.cms.EncapsulatedContentInfo,KJUR.asn1.ASN1Object);KJUR.asn1.cms.ContentInfo=function(f){var c=KJUR,b=c.asn1,d=b.DERTaggedObject,a=b.DERSequence,e=b.x509;KJUR.asn1.cms.ContentInfo.superclass.constructor.call(this);this.dContentType=null;this.dContent=null;this.setContentType=function(g){if(typeof g=="string"){this.dContentType=e.OID.name2obj(g)}};this.getEncodedHex=function(){var h=new d({obj:this.dContent,tag:"a0",explicit:true});var g=new a({array:[this.dContentType,h]});this.hTLV=g.getEncodedHex();return this.hTLV};if(f!==undefined){if(f.type){this.setContentType(f.type)}if(f.obj&&f.obj instanceof b.ASN1Object){this.dContent=f.obj}}};YAHOO.lang.extend(KJUR.asn1.cms.ContentInfo,KJUR.asn1.ASN1Object);KJUR.asn1.cms.SignedData=function(e){var a=KJUR,h=a.asn1,j=h.ASN1Object,g=h.DERInteger,m=h.DERSet,f=h.DERSequence,b=h.DERTaggedObject,l=h.cms,i=l.EncapsulatedContentInfo,d=l.SignerInfo,n=l.ContentInfo,c=h.x509,k=c.AlgorithmIdentifier;KJUR.asn1.cms.SignedData.superclass.constructor.call(this);this.dCMSVersion=new g({"int":1});this.dDigestAlgs=null;this.digestAlgNameList=[];this.dEncapContentInfo=new i();this.dCerts=null;this.certificateList=[];this.crlList=[];this.signerInfoList=[new d()];this.addCertificatesByPEM=function(p){var q=pemtohex(p);var r=new j();r.hTLV=q;this.certificateList.push(r)};this.getEncodedHex=function(){if(typeof this.hTLV=="string"){return this.hTLV}if(this.dDigestAlgs==null){var u=[];for(var t=0;t0){var v=new m({array:this.certificateList});this.dCerts=new b({obj:v,tag:"a0",explicit:false})}}if(this.dCerts!=null){p.push(this.dCerts)}var r=new m({array:this.signerInfoList});p.push(r);var q=new f({array:p});this.hTLV=q.getEncodedHex();return this.hTLV};this.getContentInfo=function(){this.getEncodedHex();var o=new n({type:"signed-data",obj:this});return o};this.getContentInfoEncodedHex=function(){var o=this.getContentInfo();var p=o.getEncodedHex();return p};this.getPEM=function(){return hextopem(this.getContentInfoEncodedHex(),"CMS")}};YAHOO.lang.extend(KJUR.asn1.cms.SignedData,KJUR.asn1.ASN1Object);KJUR.asn1.cms.CMSUtil=new function(){};KJUR.asn1.cms.CMSUtil.newSignedData=function(d){var b=KJUR,j=b.asn1,q=j.cms,f=q.SignerInfo,n=q.SignedData,o=q.SigningTime,a=q.SigningCertificate,p=q.SigningCertificateV2,c=j.cades,e=c.SignaturePolicyIdentifier;var m=new n();m.dEncapContentInfo.setContentValue(d.content);if(typeof d.certs=="object"){for(var h=0;h0){var s=new f({array:this.extensionsArray});var r=new m({array:[s]});var q=new f({array:[new k({oid:"1.2.840.113549.1.9.14"}),r]});var p=new c({explicit:true,tag:"a0",obj:q});this.asn1Array.push(p)}else{var p=new c({explicit:false,tag:"a0",obj:new j()});this.asn1Array.push(p)}var t=new f({array:this.asn1Array});this.hTLV=t.getEncodedHex();this.isModified=false;return this.hTLV};this._initialize()};YAHOO.lang.extend(KJUR.asn1.csr.CertificationRequestInfo,KJUR.asn1.ASN1Object);KJUR.asn1.csr.CSRUtil=new function(){};KJUR.asn1.csr.CSRUtil.newCSRPEM=function(h){var c=KEYUTIL,b=KJUR.asn1.csr;if(h.subject===undefined){throw"parameter subject undefined"}if(h.sbjpubkey===undefined){throw"parameter sbjpubkey undefined"}if(h.sigalg===undefined){throw"parameter sigalg undefined"}if(h.sbjprvkey===undefined){throw"parameter sbjpubkey undefined"}var d=new b.CertificationRequestInfo();d.setSubjectByParam(h.subject);d.setSubjectPublicKeyByGetKey(h.sbjpubkey);if(h.ext!==undefined&&h.ext.length!==undefined){for(var e=0;e"7"){return"00"+a}return a}function intarystrtohex(b){b=b.replace(/^\s*\[\s*/,"");b=b.replace(/\s*\]\s*$/,"");b=b.replace(/\s*/g,"");try{var c=b.split(/,/).map(function(g,e,h){var f=parseInt(g);if(f<0||255a.length){d=a.length}for(var b=0;bd){throw"key is too short for SigAlg: keylen="+j+","+a}var b="0001";var k="00"+c;var g="";var l=d-b.length-k.length;for(var f=0;f=0;--p){q=q.twice2D();q.z=BigInteger.ONE;if(o.testBit(p)){if(n.testBit(p)){q=q.add2D(t)}else{q=q.add2D(s)}}else{if(n.testBit(p)){q=q.add2D(r)}}}return q}this.getBigRandom=function(i){return new BigInteger(i.bitLength(),a).mod(i.subtract(BigInteger.ONE)).add(BigInteger.ONE)};this.setNamedCurve=function(i){this.ecparams=KJUR.crypto.ECParameterDB.getByName(i);this.prvKeyHex=null;this.pubKeyHex=null;this.curveName=i};this.setPrivateKeyHex=function(i){this.isPrivate=true;this.prvKeyHex=i};this.setPublicKeyHex=function(i){this.isPublic=true;this.pubKeyHex=i};this.getPublicKeyXYHex=function(){var k=this.pubKeyHex;if(k.substr(0,2)!=="04"){throw"this method supports uncompressed format(04) only"}var j=this.ecparams.keylen/4;if(k.length!==2+j*2){throw"malformed public key hex length"}var i={};i.x=k.substr(2,j);i.y=k.substr(2+j);return i};this.getShortNISTPCurveName=function(){var i=this.curveName;if(i==="secp256r1"||i==="NIST P-256"||i==="P-256"||i==="prime256v1"){return"P-256"}if(i==="secp384r1"||i==="NIST P-384"||i==="P-384"){return"P-384"}return null};this.generateKeyPairHex=function(){var k=this.ecparams.n;var n=this.getBigRandom(k);var l=this.ecparams.G.multiply(n);var q=l.getX().toBigInteger();var o=l.getY().toBigInteger();var i=this.ecparams.keylen/4;var m=("0000000000"+n.toString(16)).slice(-i);var r=("0000000000"+q.toString(16)).slice(-i);var p=("0000000000"+o.toString(16)).slice(-i);var j="04"+r+p;this.setPrivateKeyHex(m);this.setPublicKeyHex(j);return{ecprvhex:m,ecpubhex:j}};this.signWithMessageHash=function(i){return this.signHex(i,this.prvKeyHex)};this.signHex=function(o,j){var t=new BigInteger(j,16);var l=this.ecparams.n;var q=new BigInteger(o,16);do{var m=this.getBigRandom(l);var u=this.ecparams.G;var p=u.multiply(m);var i=p.getX().toBigInteger().mod(l)}while(i.compareTo(BigInteger.ZERO)<=0);var v=m.modInverse(l).multiply(q.add(t.multiply(i))).mod(l);return KJUR.crypto.ECDSA.biRSSigToASN1Sig(i,v)};this.sign=function(m,u){var q=u;var j=this.ecparams.n;var p=BigInteger.fromByteArrayUnsigned(m);do{var l=this.getBigRandom(j);var t=this.ecparams.G;var o=t.multiply(l);var i=o.getX().toBigInteger().mod(j)}while(i.compareTo(BigInteger.ZERO)<=0);var v=l.modInverse(j).multiply(p.add(q.multiply(i))).mod(j);return this.serializeSig(i,v)};this.verifyWithMessageHash=function(j,i){return this.verifyHex(j,i,this.pubKeyHex)};this.verifyHex=function(m,i,p){var l,j;var o=KJUR.crypto.ECDSA.parseSigHex(i);l=o.r;j=o.s;var k;k=ECPointFp.decodeFromHex(this.ecparams.curve,p);var n=new BigInteger(m,16);return this.verifyRaw(n,l,j,k)};this.verify=function(o,p,j){var l,i;if(Bitcoin.Util.isArray(p)){var n=this.parseSig(p);l=n.r;i=n.s}else{if("object"===typeof p&&p.r&&p.s){l=p.r;i=p.s}else{throw"Invalid value for signature"}}var k;if(j instanceof ECPointFp){k=j}else{if(Bitcoin.Util.isArray(j)){k=ECPointFp.decodeFrom(this.ecparams.curve,j)}else{throw"Invalid format for pubkey value, must be byte array or ECPointFp"}}var m=BigInteger.fromByteArrayUnsigned(o);return this.verifyRaw(m,l,i,k)};this.verifyRaw=function(o,i,w,m){var l=this.ecparams.n;var u=this.ecparams.G;if(i.compareTo(BigInteger.ONE)<0||i.compareTo(l)>=0){return false}if(w.compareTo(BigInteger.ONE)<0||w.compareTo(l)>=0){return false}var p=w.modInverse(l);var k=o.multiply(p).mod(l);var j=i.multiply(p).mod(l);var q=u.multiply(k).add(m.multiply(j));var t=q.getX().toBigInteger().mod(l);return t.equals(i)};this.serializeSig=function(k,j){var l=k.toByteArraySigned();var i=j.toByteArraySigned();var m=[];m.push(2);m.push(l.length);m=m.concat(l);m.push(2);m.push(i.length);m=m.concat(i);m.unshift(m.length);m.unshift(48);return m};this.parseSig=function(n){var m;if(n[0]!=48){throw new Error("Signature not a valid DERSequence")}m=2;if(n[m]!=2){throw new Error("First element in signature must be a DERInteger")}var l=n.slice(m+2,m+2+n[m+1]);m+=2+n[m+1];if(n[m]!=2){throw new Error("Second element in signature must be a DERInteger")}var i=n.slice(m+2,m+2+n[m+1]);m+=2+n[m+1];var k=BigInteger.fromByteArrayUnsigned(l);var j=BigInteger.fromByteArrayUnsigned(i);return{r:k,s:j}};this.parseSigCompact=function(m){if(m.length!==65){throw"Signature has the wrong length"}var j=m[0]-27;if(j<0||j>7){throw"Invalid signature type"}var o=this.ecparams.n;var l=BigInteger.fromByteArrayUnsigned(m.slice(1,33)).mod(o);var k=BigInteger.fromByteArrayUnsigned(m.slice(33,65)).mod(o);return{r:l,s:k,i:j}};this.readPKCS5PrvKeyHex=function(l){var n=ASN1HEX;var m=KJUR.crypto.ECDSA.getName;var p=n.getVbyList;if(n.isASN1HEX(l)===false){throw"not ASN.1 hex string"}var i,k,o;try{i=p(l,0,[2,0],"06");k=p(l,0,[1],"04");try{o=p(l,0,[3,0],"03").substr(2)}catch(j){}}catch(j){throw"malformed PKCS#1/5 plain ECC private key"}this.curveName=m(i);if(this.curveName===undefined){throw"unsupported curve name"}this.setNamedCurve(this.curveName);this.setPublicKeyHex(o);this.setPrivateKeyHex(k);this.isPublic=false};this.readPKCS8PrvKeyHex=function(l){var q=ASN1HEX;var i=KJUR.crypto.ECDSA.getName;var n=q.getVbyList;if(q.isASN1HEX(l)===false){throw"not ASN.1 hex string"}var j,p,m,k;try{j=n(l,0,[1,0],"06");p=n(l,0,[1,1],"06");m=n(l,0,[2,0,1],"04");try{k=n(l,0,[2,0,2,0],"03").substr(2)}catch(o){}}catch(o){throw"malformed PKCS#8 plain ECC private key"}this.curveName=i(p);if(this.curveName===undefined){throw"unsupported curve name"}this.setNamedCurve(this.curveName);this.setPublicKeyHex(k);this.setPrivateKeyHex(m);this.isPublic=false};this.readPKCS8PubKeyHex=function(l){var n=ASN1HEX;var m=KJUR.crypto.ECDSA.getName;var p=n.getVbyList;if(n.isASN1HEX(l)===false){throw"not ASN.1 hex string"}var k,i,o;try{k=p(l,0,[0,0],"06");i=p(l,0,[0,1],"06");o=p(l,0,[1],"03").substr(2)}catch(j){throw"malformed PKCS#8 ECC public key"}this.curveName=m(i);if(this.curveName===null){throw"unsupported curve name"}this.setNamedCurve(this.curveName);this.setPublicKeyHex(o)};this.readCertPubKeyHex=function(k,p){if(p!==5){p=6}var m=ASN1HEX;var l=KJUR.crypto.ECDSA.getName;var o=m.getVbyList;if(m.isASN1HEX(k)===false){throw"not ASN.1 hex string"}var i,n;try{i=o(k,0,[0,p,0,1],"06");n=o(k,0,[0,p,1],"03").substr(2)}catch(j){throw"malformed X.509 certificate ECC public key"}this.curveName=l(i);if(this.curveName===null){throw"unsupported curve name"}this.setNamedCurve(this.curveName);this.setPublicKeyHex(n)};if(h!==undefined){if(h.curve!==undefined){this.curveName=h.curve}}if(this.curveName===undefined){this.curveName=e}this.setNamedCurve(this.curveName);if(h!==undefined){if(h.prv!==undefined){this.setPrivateKeyHex(h.prv)}if(h.pub!==undefined){this.setPublicKeyHex(h.pub)}}};KJUR.crypto.ECDSA.parseSigHex=function(a){var b=KJUR.crypto.ECDSA.parseSigHexInHexRS(a);var d=new BigInteger(b.r,16);var c=new BigInteger(b.s,16);return{r:d,s:c}};KJUR.crypto.ECDSA.parseSigHexInHexRS=function(f){var j=ASN1HEX;var i=j.getChildIdx;var g=j.getV;if(f.substr(0,2)!="30"){throw"signature is not a ASN.1 sequence"}var h=i(f,0);if(h.length!=2){throw"number of signature ASN.1 sequence elements seem wrong"}var e=h[0];var d=h[1];if(f.substr(e,2)!="02"){throw"1st item of sequene of signature is not ASN.1 integer"}if(f.substr(d,2)!="02"){throw"2nd item of sequene of signature is not ASN.1 integer"}var c=g(f,e);var b=g(f,d);return{r:c,s:b}};KJUR.crypto.ECDSA.asn1SigToConcatSig=function(c){var d=KJUR.crypto.ECDSA.parseSigHexInHexRS(c);var b=d.r;var a=d.s;if(b.substr(0,2)=="00"&&(((b.length/2)*8)%(16*8))==8){b=b.substr(2)}if(a.substr(0,2)=="00"&&(((a.length/2)*8)%(16*8))==8){a=a.substr(2)}if((((b.length/2)*8)%(16*8))!=0){throw"unknown ECDSA sig r length error"}if((((a.length/2)*8)%(16*8))!=0){throw"unknown ECDSA sig s length error"}return b+a};KJUR.crypto.ECDSA.concatSigToASN1Sig=function(a){if((((a.length/2)*8)%(16*8))!=0){throw"unknown ECDSA concatinated r-s sig length error"}var c=a.substr(0,a.length/2);var b=a.substr(a.length/2);return KJUR.crypto.ECDSA.hexRSSigToASN1Sig(c,b)};KJUR.crypto.ECDSA.hexRSSigToASN1Sig=function(b,a){var d=new BigInteger(b,16);var c=new BigInteger(a,16);return KJUR.crypto.ECDSA.biRSSigToASN1Sig(d,c)};KJUR.crypto.ECDSA.biRSSigToASN1Sig=function(f,d){var c=KJUR.asn1;var b=new c.DERInteger({bigint:f});var a=new c.DERInteger({bigint:d});var e=new c.DERSequence({array:[b,a]});return e.getEncodedHex()};KJUR.crypto.ECDSA.getName=function(a){if(a==="2a8648ce3d030107"){return"secp256r1"}if(a==="2b8104000a"){return"secp256k1"}if(a==="2b81040022"){return"secp384r1"}if("|secp256r1|NIST P-256|P-256|prime256v1|".indexOf(a)!==-1){return"secp256r1"}if("|secp256k1|".indexOf(a)!==-1){return"secp256k1"}if("|secp384r1|NIST P-384|P-384|".indexOf(a)!==-1){return"secp384r1"}return null}; +if(typeof KJUR=="undefined"||!KJUR){KJUR={}}if(typeof KJUR.crypto=="undefined"||!KJUR.crypto){KJUR.crypto={}}KJUR.crypto.ECParameterDB=new function(){var b={};var c={};function a(d){return new BigInteger(d,16)}this.getByName=function(e){var d=e;if(typeof c[d]!="undefined"){d=c[e]}if(typeof b[d]!="undefined"){return b[d]}throw"unregistered EC curve name: "+d};this.regist=function(A,l,o,g,m,e,j,f,k,u,d,x){b[A]={};var s=a(o);var z=a(g);var y=a(m);var t=a(e);var w=a(j);var r=new ECCurveFp(s,z,y);var q=r.decodePointHex("04"+f+k);b[A]["name"]=A;b[A]["keylen"]=l;b[A]["curve"]=r;b[A]["G"]=q;b[A]["n"]=t;b[A]["h"]=w;b[A]["oid"]=d;b[A]["info"]=x;for(var v=0;v1){g=new BigInteger(i,16)}else{g=null}h=new BigInteger(j,16);this.setPrivate(c,a,e,g,h)};this.setPublic=function(c,b,a,d){this.isPublic=true;this.p=c;this.q=b;this.g=a;this.y=d;this.x=null};this.setPublicHex=function(f,e,d,g){var b,a,h,c;b=new BigInteger(f,16);a=new BigInteger(e,16);h=new BigInteger(d,16);c=new BigInteger(g,16);this.setPublic(b,a,h,c)};this.signWithMessageHash=function(d){var c=this.p;var b=this.q;var f=this.g;var i=this.y;var j=this.x;var e=KJUR.crypto.Util.getRandomBigIntegerMinToMax(BigInteger.ONE.add(BigInteger.ONE),b.subtract(BigInteger.ONE));var l=d.substr(0,b.bitLength()/4);var h=new BigInteger(l,16);var a=(f.modPow(e,c)).mod(b);var n=(e.modInverse(b).multiply(h.add(j.multiply(a)))).mod(b);var m=KJUR.asn1.ASN1Util.jsonToASN1HEX({seq:[{"int":{bigint:a}},{"int":{bigint:n}}]});return m};this.verifyWithMessageHash=function(h,f){var d=this.p;var b=this.q;var j=this.g;var l=this.y;var i=this.parseASN1Signature(f);var a=i[0];var t=i[1];var o=h.substr(0,b.bitLength()/4);var k=new BigInteger(o,16);if(BigInteger.ZERO.compareTo(a)>0||a.compareTo(b)>0){throw"invalid DSA signature"}if(BigInteger.ZERO.compareTo(t)>=0||t.compareTo(b)>0){throw"invalid DSA signature"}var m=t.modInverse(b);var e=k.multiply(m).mod(b);var c=a.multiply(m).mod(b);var n=j.modPow(e,d).multiply(l.modPow(c,d)).mod(d).mod(b);return n.compareTo(a)==0};this.parseASN1Signature=function(a){try{var d=new BigInteger(ASN1HEX.getVbyList(a,0,[0],"02"),16);var c=new BigInteger(ASN1HEX.getVbyList(a,0,[1],"02"),16);return[d,c]}catch(b){throw"malformed ASN.1 DSA signature"}};this.readPKCS5PrvKeyHex=function(c){var b,a,f,g,i;var j=ASN1HEX;var d=j.getVbyList;if(j.isASN1HEX(c)===false){throw"not ASN.1 hex string"}try{b=d(c,0,[1],"02");a=d(c,0,[2],"02");f=d(c,0,[3],"02");g=d(c,0,[4],"02");i=d(c,0,[5],"02")}catch(e){console.log("EXCEPTION:"+e);throw"malformed PKCS#1/5 plain DSA private key"}this.setPrivateHex(b,a,f,g,i)};this.readPKCS8PrvKeyHex=function(d){var f,c,b,g;var e=ASN1HEX;var i=e.getVbyList;if(e.isASN1HEX(d)===false){throw"not ASN.1 hex string"}try{f=i(d,0,[1,1,0],"02");c=i(d,0,[1,1,1],"02");b=i(d,0,[1,1,2],"02");g=i(d,0,[2,0],"02")}catch(a){console.log("EXCEPTION:"+a);throw"malformed PKCS#8 plain DSA private key"}this.setPrivateHex(f,c,b,null,g)};this.readPKCS8PubKeyHex=function(d){var f,c,b,g;var e=ASN1HEX;var i=e.getVbyList;if(e.isASN1HEX(d)===false){throw"not ASN.1 hex string"}try{f=i(d,0,[0,1,0],"02");c=i(d,0,[0,1,1],"02");b=i(d,0,[0,1,2],"02");g=i(d,0,[1,0],"02")}catch(a){console.log("EXCEPTION:"+a);throw"malformed PKCS#8 DSA public key"}this.setPublicHex(f,c,b,g)};this.readCertPubKeyHex=function(c,f){if(f!==5){f=6}var b,a,g,i;var j=ASN1HEX;var d=j.getVbyList;if(j.isASN1HEX(c)===false){throw"not ASN.1 hex string"}try{b=d(c,0,[0,f,0,1,0],"02");a=d(c,0,[0,f,0,1,1],"02");g=d(c,0,[0,f,0,1,2],"02");i=d(c,0,[0,f,1,0],"02")}catch(e){console.log("EXCEPTION:"+e);throw"malformed X.509 certificate DSA public key"}this.setPublicHex(b,a,g,i)}}; +var KEYUTIL=function(){var d=function(p,r,q){return k(CryptoJS.AES,p,r,q)};var e=function(p,r,q){return k(CryptoJS.TripleDES,p,r,q)};var a=function(p,r,q){return k(CryptoJS.DES,p,r,q)};var k=function(s,x,u,q){var r=CryptoJS.enc.Hex.parse(x);var w=CryptoJS.enc.Hex.parse(u);var p=CryptoJS.enc.Hex.parse(q);var t={};t.key=w;t.iv=p;t.ciphertext=r;var v=s.decrypt(t,w,{iv:p});return CryptoJS.enc.Hex.stringify(v)};var l=function(p,r,q){return g(CryptoJS.AES,p,r,q)};var o=function(p,r,q){return g(CryptoJS.TripleDES,p,r,q)};var f=function(p,r,q){return g(CryptoJS.DES,p,r,q)};var g=function(t,y,v,q){var s=CryptoJS.enc.Hex.parse(y);var x=CryptoJS.enc.Hex.parse(v);var p=CryptoJS.enc.Hex.parse(q);var w=t.encrypt(s,x,{iv:p});var r=CryptoJS.enc.Hex.parse(w.toString());var u=CryptoJS.enc.Base64.stringify(r);return u};var i={"AES-256-CBC":{proc:d,eproc:l,keylen:32,ivlen:16},"AES-192-CBC":{proc:d,eproc:l,keylen:24,ivlen:16},"AES-128-CBC":{proc:d,eproc:l,keylen:16,ivlen:16},"DES-EDE3-CBC":{proc:e,eproc:o,keylen:24,ivlen:8},"DES-CBC":{proc:a,eproc:f,keylen:8,ivlen:8}};var c=function(p){return i[p]["proc"]};var m=function(p){var r=CryptoJS.lib.WordArray.random(p);var q=CryptoJS.enc.Hex.stringify(r);return q};var n=function(v){var w={};var q=v.match(new RegExp("DEK-Info: ([^,]+),([0-9A-Fa-f]+)","m"));if(q){w.cipher=q[1];w.ivsalt=q[2]}var p=v.match(new RegExp("-----BEGIN ([A-Z]+) PRIVATE KEY-----"));if(p){w.type=p[1]}var u=-1;var x=0;if(v.indexOf("\r\n\r\n")!=-1){u=v.indexOf("\r\n\r\n");x=2}if(v.indexOf("\n\n")!=-1){u=v.indexOf("\n\n");x=1}var t=v.indexOf("-----END");if(u!=-1&&t!=-1){var r=v.substring(u+x*2,t-x);r=r.replace(/\s+/g,"");w.data=r}return w};var j=function(q,y,p){var v=p.substring(0,16);var t=CryptoJS.enc.Hex.parse(v);var r=CryptoJS.enc.Utf8.parse(y);var u=i[q]["keylen"]+i[q]["ivlen"];var x="";var w=null;for(;;){var s=CryptoJS.algo.MD5.create();if(w!=null){s.update(w)}s.update(r);s.update(t);w=s.finalize();x=x+CryptoJS.enc.Hex.stringify(w);if(x.length>=u*2){break}}var z={};z.keyhex=x.substr(0,i[q]["keylen"]*2);z.ivhex=x.substr(i[q]["keylen"]*2,i[q]["ivlen"]*2);return z};var b=function(p,v,r,w){var s=CryptoJS.enc.Base64.parse(p);var q=CryptoJS.enc.Hex.stringify(s);var u=i[v]["proc"];var t=u(q,r,w);return t};var h=function(p,s,q,u){var r=i[s]["eproc"];var t=r(p,q,u);return t};return{version:"1.0.0",parsePKCS5PEM:function(p){return n(p)},getKeyAndUnusedIvByPasscodeAndIvsalt:function(q,p,r){return j(q,p,r)},decryptKeyB64:function(p,r,q,s){return b(p,r,q,s)},getDecryptedKeyHex:function(y,x){var q=n(y);var t=q.type;var r=q.cipher;var p=q.ivsalt;var s=q.data;var w=j(r,x,p);var v=w.keyhex;var u=b(s,r,v,p);return u},getEncryptedPKCS5PEMFromPrvKeyHex:function(x,s,A,t,r){var p="";if(typeof t=="undefined"||t==null){t="AES-256-CBC"}if(typeof i[t]=="undefined"){throw"KEYUTIL unsupported algorithm: "+t}if(typeof r=="undefined"||r==null){var v=i[t]["ivlen"];var u=m(v);r=u.toUpperCase()}var z=j(t,A,r);var y=z.keyhex;var w=h(s,t,y,r);var q=w.replace(/(.{64})/g,"$1\r\n");var p="-----BEGIN "+x+" PRIVATE KEY-----\r\n";p+="Proc-Type: 4,ENCRYPTED\r\n";p+="DEK-Info: "+t+","+r+"\r\n";p+="\r\n";p+=q;p+="\r\n-----END "+x+" PRIVATE KEY-----\r\n";return p},parseHexOfEncryptedPKCS8:function(y){var B=ASN1HEX;var z=B.getChildIdx;var w=B.getV;var t={};var r=z(y,0);if(r.length!=2){throw"malformed format: SEQUENCE(0).items != 2: "+r.length}t.ciphertext=w(y,r[1]);var A=z(y,r[0]);if(A.length!=2){throw"malformed format: SEQUENCE(0.0).items != 2: "+A.length}if(w(y,A[0])!="2a864886f70d01050d"){throw"this only supports pkcs5PBES2"}var p=z(y,A[1]);if(A.length!=2){throw"malformed format: SEQUENCE(0.0.1).items != 2: "+p.length}var q=z(y,p[1]);if(q.length!=2){throw"malformed format: SEQUENCE(0.0.1.1).items != 2: "+q.length}if(w(y,q[0])!="2a864886f70d0307"){throw"this only supports TripleDES"}t.encryptionSchemeAlg="TripleDES";t.encryptionSchemeIV=w(y,q[1]);var s=z(y,p[0]);if(s.length!=2){throw"malformed format: SEQUENCE(0.0.1.0).items != 2: "+s.length}if(w(y,s[0])!="2a864886f70d01050c"){throw"this only supports pkcs5PBKDF2"}var x=z(y,s[1]);if(x.length<2){throw"malformed format: SEQUENCE(0.0.1.0.1).items < 2: "+x.length}t.pbkdf2Salt=w(y,x[0]);var u=w(y,x[1]);try{t.pbkdf2Iter=parseInt(u,16)}catch(v){throw"malformed format pbkdf2Iter: "+u}return t},getPBKDF2KeyHexFromParam:function(u,p){var t=CryptoJS.enc.Hex.parse(u.pbkdf2Salt);var q=u.pbkdf2Iter;var s=CryptoJS.PBKDF2(p,t,{keySize:192/32,iterations:q});var r=CryptoJS.enc.Hex.stringify(s);return r},_getPlainPKCS8HexFromEncryptedPKCS8PEM:function(x,y){var r=pemtohex(x,"ENCRYPTED PRIVATE KEY");var p=this.parseHexOfEncryptedPKCS8(r);var u=KEYUTIL.getPBKDF2KeyHexFromParam(p,y);var v={};v.ciphertext=CryptoJS.enc.Hex.parse(p.ciphertext);var t=CryptoJS.enc.Hex.parse(u);var s=CryptoJS.enc.Hex.parse(p.encryptionSchemeIV);var w=CryptoJS.TripleDES.decrypt(v,t,{iv:s});var q=CryptoJS.enc.Hex.stringify(w);return q},getKeyFromEncryptedPKCS8PEM:function(s,q){var p=this._getPlainPKCS8HexFromEncryptedPKCS8PEM(s,q);var r=this.getKeyFromPlainPrivatePKCS8Hex(p);return r},parsePlainPrivatePKCS8Hex:function(s){var v=ASN1HEX;var u=v.getChildIdx;var t=v.getV;var q={};q.algparam=null;if(s.substr(0,2)!="30"){throw"malformed plain PKCS8 private key(code:001)"}var r=u(s,0);if(r.length!=3){throw"malformed plain PKCS8 private key(code:002)"}if(s.substr(r[1],2)!="30"){throw"malformed PKCS8 private key(code:003)"}var p=u(s,r[1]);if(p.length!=2){throw"malformed PKCS8 private key(code:004)"}if(s.substr(p[0],2)!="06"){throw"malformed PKCS8 private key(code:005)"}q.algoid=t(s,p[0]);if(s.substr(p[1],2)=="06"){q.algparam=t(s,p[1])}if(s.substr(r[2],2)!="04"){throw"malformed PKCS8 private key(code:006)"}q.keyidx=v.getVidx(s,r[2]);return q},getKeyFromPlainPrivatePKCS8PEM:function(q){var p=pemtohex(q,"PRIVATE KEY");var r=this.getKeyFromPlainPrivatePKCS8Hex(p);return r},getKeyFromPlainPrivatePKCS8Hex:function(p){var q=this.parsePlainPrivatePKCS8Hex(p);var r;if(q.algoid=="2a864886f70d010101"){r=new RSAKey()}else{if(q.algoid=="2a8648ce380401"){r=new KJUR.crypto.DSA()}else{if(q.algoid=="2a8648ce3d0201"){r=new KJUR.crypto.ECDSA()}else{throw"unsupported private key algorithm"}}}r.readPKCS8PrvKeyHex(p);return r},_getKeyFromPublicPKCS8Hex:function(q){var p;var r=ASN1HEX.getVbyList(q,0,[0,0],"06");if(r==="2a864886f70d010101"){p=new RSAKey()}else{if(r==="2a8648ce380401"){p=new KJUR.crypto.DSA()}else{if(r==="2a8648ce3d0201"){p=new KJUR.crypto.ECDSA()}else{throw"unsupported PKCS#8 public key hex"}}}p.readPKCS8PubKeyHex(q);return p},parsePublicRawRSAKeyHex:function(r){var u=ASN1HEX;var t=u.getChildIdx;var s=u.getV;var p={};if(r.substr(0,2)!="30"){throw"malformed RSA key(code:001)"}var q=t(r,0);if(q.length!=2){throw"malformed RSA key(code:002)"}if(r.substr(q[0],2)!="02"){throw"malformed RSA key(code:003)"}p.n=s(r,q[0]);if(r.substr(q[1],2)!="02"){throw"malformed RSA key(code:004)"}p.e=s(r,q[1]);return p},parsePublicPKCS8Hex:function(t){var v=ASN1HEX;var u=v.getChildIdx;var s=v.getV;var q={};q.algparam=null;var r=u(t,0);if(r.length!=2){throw"outer DERSequence shall have 2 elements: "+r.length}var w=r[0];if(t.substr(w,2)!="30"){throw"malformed PKCS8 public key(code:001)"}var p=u(t,w);if(p.length!=2){throw"malformed PKCS8 public key(code:002)"}if(t.substr(p[0],2)!="06"){throw"malformed PKCS8 public key(code:003)"}q.algoid=s(t,p[0]);if(t.substr(p[1],2)=="06"){q.algparam=s(t,p[1])}else{if(t.substr(p[1],2)=="30"){q.algparam={};q.algparam.p=v.getVbyList(t,p[1],[0],"02");q.algparam.q=v.getVbyList(t,p[1],[1],"02");q.algparam.g=v.getVbyList(t,p[1],[2],"02")}}if(t.substr(r[1],2)!="03"){throw"malformed PKCS8 public key(code:004)"}q.key=s(t,r[1]).substr(2);return q},}}();KEYUTIL.getKey=function(l,k,n){var G=ASN1HEX,L=G.getChildIdx,v=G.getV,d=G.getVbyList,c=KJUR.crypto,i=c.ECDSA,C=c.DSA,w=RSAKey,M=pemtohex,F=KEYUTIL;if(typeof w!="undefined"&&l instanceof w){return l}if(typeof i!="undefined"&&l instanceof i){return l}if(typeof C!="undefined"&&l instanceof C){return l}if(l.curve!==undefined&&l.xy!==undefined&&l.d===undefined){return new i({pub:l.xy,curve:l.curve})}if(l.curve!==undefined&&l.d!==undefined){return new i({prv:l.d,curve:l.curve})}if(l.kty===undefined&&l.n!==undefined&&l.e!==undefined&&l.d===undefined){var P=new w();P.setPublic(l.n,l.e);return P}if(l.kty===undefined&&l.n!==undefined&&l.e!==undefined&&l.d!==undefined&&l.p!==undefined&&l.q!==undefined&&l.dp!==undefined&&l.dq!==undefined&&l.co!==undefined&&l.qi===undefined){var P=new w();P.setPrivateEx(l.n,l.e,l.d,l.p,l.q,l.dp,l.dq,l.co);return P}if(l.kty===undefined&&l.n!==undefined&&l.e!==undefined&&l.d!==undefined&&l.p===undefined){var P=new w();P.setPrivate(l.n,l.e,l.d);return P}if(l.p!==undefined&&l.q!==undefined&&l.g!==undefined&&l.y!==undefined&&l.x===undefined){var P=new C();P.setPublic(l.p,l.q,l.g,l.y);return P}if(l.p!==undefined&&l.q!==undefined&&l.g!==undefined&&l.y!==undefined&&l.x!==undefined){var P=new C();P.setPrivate(l.p,l.q,l.g,l.y,l.x);return P}if(l.kty==="RSA"&&l.n!==undefined&&l.e!==undefined&&l.d===undefined){var P=new w();P.setPublic(b64utohex(l.n),b64utohex(l.e));return P}if(l.kty==="RSA"&&l.n!==undefined&&l.e!==undefined&&l.d!==undefined&&l.p!==undefined&&l.q!==undefined&&l.dp!==undefined&&l.dq!==undefined&&l.qi!==undefined){var P=new w();P.setPrivateEx(b64utohex(l.n),b64utohex(l.e),b64utohex(l.d),b64utohex(l.p),b64utohex(l.q),b64utohex(l.dp),b64utohex(l.dq),b64utohex(l.qi));return P}if(l.kty==="RSA"&&l.n!==undefined&&l.e!==undefined&&l.d!==undefined){var P=new w();P.setPrivate(b64utohex(l.n),b64utohex(l.e),b64utohex(l.d));return P}if(l.kty==="EC"&&l.crv!==undefined&&l.x!==undefined&&l.y!==undefined&&l.d===undefined){var j=new i({curve:l.crv});var t=j.ecparams.keylen/4;var B=("0000000000"+b64utohex(l.x)).slice(-t);var z=("0000000000"+b64utohex(l.y)).slice(-t);var u="04"+B+z;j.setPublicKeyHex(u);return j}if(l.kty==="EC"&&l.crv!==undefined&&l.x!==undefined&&l.y!==undefined&&l.d!==undefined){var j=new i({curve:l.crv});var t=j.ecparams.keylen/4;var B=("0000000000"+b64utohex(l.x)).slice(-t);var z=("0000000000"+b64utohex(l.y)).slice(-t);var u="04"+B+z;var b=("0000000000"+b64utohex(l.d)).slice(-t);j.setPublicKeyHex(u);j.setPrivateKeyHex(b);return j}if(n==="pkcs5prv"){var J=l,G=ASN1HEX,N,P;N=L(J,0);if(N.length===9){P=new w();P.readPKCS5PrvKeyHex(J)}else{if(N.length===6){P=new C();P.readPKCS5PrvKeyHex(J)}else{if(N.length>2&&J.substr(N[1],2)==="04"){P=new i();P.readPKCS5PrvKeyHex(J)}else{throw"unsupported PKCS#1/5 hexadecimal key"}}}return P}if(n==="pkcs8prv"){var P=F.getKeyFromPlainPrivatePKCS8Hex(l);return P}if(n==="pkcs8pub"){return F._getKeyFromPublicPKCS8Hex(l)}if(n==="x509pub"){return X509.getPublicKeyFromCertHex(l)}if(l.indexOf("-END CERTIFICATE-",0)!=-1||l.indexOf("-END X509 CERTIFICATE-",0)!=-1||l.indexOf("-END TRUSTED CERTIFICATE-",0)!=-1){return X509.getPublicKeyFromCertPEM(l)}if(l.indexOf("-END PUBLIC KEY-")!=-1){var O=pemtohex(l,"PUBLIC KEY");return F._getKeyFromPublicPKCS8Hex(O)}if(l.indexOf("-END RSA PRIVATE KEY-")!=-1&&l.indexOf("4,ENCRYPTED")==-1){var m=M(l,"RSA PRIVATE KEY");return F.getKey(m,null,"pkcs5prv")}if(l.indexOf("-END DSA PRIVATE KEY-")!=-1&&l.indexOf("4,ENCRYPTED")==-1){var I=M(l,"DSA PRIVATE KEY");var E=d(I,0,[1],"02");var D=d(I,0,[2],"02");var K=d(I,0,[3],"02");var r=d(I,0,[4],"02");var s=d(I,0,[5],"02");var P=new C();P.setPrivate(new BigInteger(E,16),new BigInteger(D,16),new BigInteger(K,16),new BigInteger(r,16),new BigInteger(s,16));return P}if(l.indexOf("-END PRIVATE KEY-")!=-1){return F.getKeyFromPlainPrivatePKCS8PEM(l)}if(l.indexOf("-END RSA PRIVATE KEY-")!=-1&&l.indexOf("4,ENCRYPTED")!=-1){var o=F.getDecryptedKeyHex(l,k);var H=new RSAKey();H.readPKCS5PrvKeyHex(o);return H}if(l.indexOf("-END EC PRIVATE KEY-")!=-1&&l.indexOf("4,ENCRYPTED")!=-1){var I=F.getDecryptedKeyHex(l,k);var P=d(I,0,[1],"04");var f=d(I,0,[2,0],"06");var A=d(I,0,[3,0],"03").substr(2);var e="";if(KJUR.crypto.OID.oidhex2name[f]!==undefined){e=KJUR.crypto.OID.oidhex2name[f]}else{throw"undefined OID(hex) in KJUR.crypto.OID: "+f}var j=new i({curve:e});j.setPublicKeyHex(A);j.setPrivateKeyHex(P);j.isPublic=false;return j}if(l.indexOf("-END DSA PRIVATE KEY-")!=-1&&l.indexOf("4,ENCRYPTED")!=-1){var I=F.getDecryptedKeyHex(l,k);var E=d(I,0,[1],"02");var D=d(I,0,[2],"02");var K=d(I,0,[3],"02");var r=d(I,0,[4],"02");var s=d(I,0,[5],"02");var P=new C();P.setPrivate(new BigInteger(E,16),new BigInteger(D,16),new BigInteger(K,16),new BigInteger(r,16),new BigInteger(s,16));return P}if(l.indexOf("-END ENCRYPTED PRIVATE KEY-")!=-1){return F.getKeyFromEncryptedPKCS8PEM(l,k)}throw"not supported argument"};KEYUTIL.generateKeypair=function(a,c){if(a=="RSA"){var b=c;var h=new RSAKey();h.generate(b,"10001");h.isPrivate=true;h.isPublic=true;var f=new RSAKey();var e=h.n.toString(16);var i=h.e.toString(16);f.setPublic(e,i);f.isPrivate=false;f.isPublic=true;var k={};k.prvKeyObj=h;k.pubKeyObj=f;return k}else{if(a=="EC"){var d=c;var g=new KJUR.crypto.ECDSA({curve:d});var j=g.generateKeyPairHex();var h=new KJUR.crypto.ECDSA({curve:d});h.setPublicKeyHex(j.ecpubhex);h.setPrivateKeyHex(j.ecprvhex);h.isPrivate=true;h.isPublic=false;var f=new KJUR.crypto.ECDSA({curve:d});f.setPublicKeyHex(j.ecpubhex);f.isPrivate=false;f.isPublic=true;var k={};k.prvKeyObj=h;k.pubKeyObj=f;return k}else{throw"unknown algorithm: "+a}}};KEYUTIL.getPEM=function(b,D,y,m,q,j){var F=KJUR,k=F.asn1,z=k.DERObjectIdentifier,f=k.DERInteger,l=k.ASN1Util.newObject,a=k.x509,C=a.SubjectPublicKeyInfo,e=F.crypto,u=e.DSA,r=e.ECDSA,n=RSAKey;function A(s){var G=l({seq:[{"int":0},{"int":{bigint:s.n}},{"int":s.e},{"int":{bigint:s.d}},{"int":{bigint:s.p}},{"int":{bigint:s.q}},{"int":{bigint:s.dmp1}},{"int":{bigint:s.dmq1}},{"int":{bigint:s.coeff}}]});return G}function B(G){var s=l({seq:[{"int":1},{octstr:{hex:G.prvKeyHex}},{tag:["a0",true,{oid:{name:G.curveName}}]},{tag:["a1",true,{bitstr:{hex:"00"+G.pubKeyHex}}]}]});return s}function x(s){var G=l({seq:[{"int":0},{"int":{bigint:s.p}},{"int":{bigint:s.q}},{"int":{bigint:s.g}},{"int":{bigint:s.y}},{"int":{bigint:s.x}}]});return G}if(((n!==undefined&&b instanceof n)||(u!==undefined&&b instanceof u)||(r!==undefined&&b instanceof r))&&b.isPublic==true&&(D===undefined||D=="PKCS8PUB")){var E=new C(b);var w=E.getEncodedHex();return hextopem(w,"PUBLIC KEY")}if(D=="PKCS1PRV"&&n!==undefined&&b instanceof n&&(y===undefined||y==null)&&b.isPrivate==true){var E=A(b);var w=E.getEncodedHex();return hextopem(w,"RSA PRIVATE KEY")}if(D=="PKCS1PRV"&&r!==undefined&&b instanceof r&&(y===undefined||y==null)&&b.isPrivate==true){var i=new z({name:b.curveName});var v=i.getEncodedHex();var h=B(b);var t=h.getEncodedHex();var p="";p+=hextopem(v,"EC PARAMETERS");p+=hextopem(t,"EC PRIVATE KEY");return p}if(D=="PKCS1PRV"&&u!==undefined&&b instanceof u&&(y===undefined||y==null)&&b.isPrivate==true){var E=x(b);var w=E.getEncodedHex();return hextopem(w,"DSA PRIVATE KEY")}if(D=="PKCS5PRV"&&n!==undefined&&b instanceof n&&(y!==undefined&&y!=null)&&b.isPrivate==true){var E=A(b);var w=E.getEncodedHex();if(m===undefined){m="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA",w,y,m,j)}if(D=="PKCS5PRV"&&r!==undefined&&b instanceof r&&(y!==undefined&&y!=null)&&b.isPrivate==true){var E=B(b);var w=E.getEncodedHex();if(m===undefined){m="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("EC",w,y,m,j)}if(D=="PKCS5PRV"&&u!==undefined&&b instanceof u&&(y!==undefined&&y!=null)&&b.isPrivate==true){var E=x(b);var w=E.getEncodedHex();if(m===undefined){m="DES-EDE3-CBC"}return this.getEncryptedPKCS5PEMFromPrvKeyHex("DSA",w,y,m,j)}var o=function(G,s){var I=c(G,s);var H=new l({seq:[{seq:[{oid:{name:"pkcs5PBES2"}},{seq:[{seq:[{oid:{name:"pkcs5PBKDF2"}},{seq:[{octstr:{hex:I.pbkdf2Salt}},{"int":I.pbkdf2Iter}]}]},{seq:[{oid:{name:"des-EDE3-CBC"}},{octstr:{hex:I.encryptionSchemeIV}}]}]}]},{octstr:{hex:I.ciphertext}}]});return H.getEncodedHex()};var c=function(N,O){var H=100;var M=CryptoJS.lib.WordArray.random(8);var L="DES-EDE3-CBC";var s=CryptoJS.lib.WordArray.random(8);var I=CryptoJS.PBKDF2(O,M,{keySize:192/32,iterations:H});var J=CryptoJS.enc.Hex.parse(N);var K=CryptoJS.TripleDES.encrypt(J,I,{iv:s})+"";var G={};G.ciphertext=K;G.pbkdf2Salt=CryptoJS.enc.Hex.stringify(M);G.pbkdf2Iter=H;G.encryptionSchemeAlg=L;G.encryptionSchemeIV=CryptoJS.enc.Hex.stringify(s);return G};if(D=="PKCS8PRV"&&n!=undefined&&b instanceof n&&b.isPrivate==true){var g=A(b);var d=g.getEncodedHex();var E=l({seq:[{"int":0},{seq:[{oid:{name:"rsaEncryption"}},{"null":true}]},{octstr:{hex:d}}]});var w=E.getEncodedHex();if(y===undefined||y==null){return hextopem(w,"PRIVATE KEY")}else{var t=o(w,y);return hextopem(t,"ENCRYPTED PRIVATE KEY")}}if(D=="PKCS8PRV"&&r!==undefined&&b instanceof r&&b.isPrivate==true){var g=new l({seq:[{"int":1},{octstr:{hex:b.prvKeyHex}},{tag:["a1",true,{bitstr:{hex:"00"+b.pubKeyHex}}]}]});var d=g.getEncodedHex();var E=l({seq:[{"int":0},{seq:[{oid:{name:"ecPublicKey"}},{oid:{name:b.curveName}}]},{octstr:{hex:d}}]});var w=E.getEncodedHex();if(y===undefined||y==null){return hextopem(w,"PRIVATE KEY")}else{var t=o(w,y);return hextopem(t,"ENCRYPTED PRIVATE KEY")}}if(D=="PKCS8PRV"&&u!==undefined&&b instanceof u&&b.isPrivate==true){var g=new f({bigint:b.x});var d=g.getEncodedHex();var E=l({seq:[{"int":0},{seq:[{oid:{name:"dsa"}},{seq:[{"int":{bigint:b.p}},{"int":{bigint:b.q}},{"int":{bigint:b.g}}]}]},{octstr:{hex:d}}]});var w=E.getEncodedHex();if(y===undefined||y==null){return hextopem(w,"PRIVATE KEY")}else{var t=o(w,y);return hextopem(t,"ENCRYPTED PRIVATE KEY")}}throw"unsupported object nor format"};KEYUTIL.getKeyFromCSRPEM=function(b){var a=pemtohex(b,"CERTIFICATE REQUEST");var c=KEYUTIL.getKeyFromCSRHex(a);return c};KEYUTIL.getKeyFromCSRHex=function(a){var c=KEYUTIL.parseCSRHex(a);var b=KEYUTIL.getKey(c.p8pubkeyhex,null,"pkcs8pub");return b};KEYUTIL.parseCSRHex=function(d){var i=ASN1HEX;var f=i.getChildIdx;var c=i.getTLV;var b={};var g=d;if(g.substr(0,2)!="30"){throw"malformed CSR(code:001)"}var e=f(g,0);if(e.length<1){throw"malformed CSR(code:002)"}if(g.substr(e[0],2)!="30"){throw"malformed CSR(code:003)"}var a=f(g,e[0]);if(a.length<3){throw"malformed CSR(code:004)"}b.p8pubkeyhex=c(g,a[2]);return b};KEYUTIL.getJWKFromKey=function(d){var b={};if(d instanceof RSAKey&&d.isPrivate){b.kty="RSA";b.n=hextob64u(d.n.toString(16));b.e=hextob64u(d.e.toString(16));b.d=hextob64u(d.d.toString(16));b.p=hextob64u(d.p.toString(16));b.q=hextob64u(d.q.toString(16));b.dp=hextob64u(d.dmp1.toString(16));b.dq=hextob64u(d.dmq1.toString(16));b.qi=hextob64u(d.coeff.toString(16));return b}else{if(d instanceof RSAKey&&d.isPublic){b.kty="RSA";b.n=hextob64u(d.n.toString(16));b.e=hextob64u(d.e.toString(16));return b}else{if(d instanceof KJUR.crypto.ECDSA&&d.isPrivate){var a=d.getShortNISTPCurveName();if(a!=="P-256"&&a!=="P-384"){throw"unsupported curve name for JWT: "+a}var c=d.getPublicKeyXYHex();b.kty="EC";b.crv=a;b.x=hextob64u(c.x);b.y=hextob64u(c.y);b.d=hextob64u(d.prvKeyHex);return b}else{if(d instanceof KJUR.crypto.ECDSA&&d.isPublic){var a=d.getShortNISTPCurveName();if(a!=="P-256"&&a!=="P-384"){throw"unsupported curve name for JWT: "+a}var c=d.getPublicKeyXYHex();b.kty="EC";b.crv=a;b.x=hextob64u(c.x);b.y=hextob64u(c.y);return b}}}}throw"not supported key object"}; +RSAKey.getPosArrayOfChildrenFromHex=function(a){return ASN1HEX.getChildIdx(a,0)};RSAKey.getHexValueArrayOfChildrenFromHex=function(f){var n=ASN1HEX;var i=n.getV;var k=RSAKey.getPosArrayOfChildrenFromHex(f);var e=i(f,k[0]);var j=i(f,k[1]);var b=i(f,k[2]);var c=i(f,k[3]);var h=i(f,k[4]);var g=i(f,k[5]);var m=i(f,k[6]);var l=i(f,k[7]);var d=i(f,k[8]);var k=new Array();k.push(e,j,b,c,h,g,m,l,d);return k};RSAKey.prototype.readPrivateKeyFromPEMString=function(d){var c=pemtohex(d);var b=RSAKey.getHexValueArrayOfChildrenFromHex(c);this.setPrivateEx(b[1],b[2],b[3],b[4],b[5],b[6],b[7],b[8])};RSAKey.prototype.readPKCS5PrvKeyHex=function(c){var b=RSAKey.getHexValueArrayOfChildrenFromHex(c);this.setPrivateEx(b[1],b[2],b[3],b[4],b[5],b[6],b[7],b[8])};RSAKey.prototype.readPKCS8PrvKeyHex=function(e){var c,j,l,b,a,f,d,k;var m=ASN1HEX;var g=m.getVbyList;if(m.isASN1HEX(e)===false){throw"not ASN.1 hex string"}try{c=g(e,0,[2,0,1],"02");j=g(e,0,[2,0,2],"02");l=g(e,0,[2,0,3],"02");b=g(e,0,[2,0,4],"02");a=g(e,0,[2,0,5],"02");f=g(e,0,[2,0,6],"02");d=g(e,0,[2,0,7],"02");k=g(e,0,[2,0,8],"02")}catch(i){throw"malformed PKCS#8 plain RSA private key"}this.setPrivateEx(c,j,l,b,a,f,d,k)};RSAKey.prototype.readPKCS5PubKeyHex=function(c){var e=ASN1HEX;var b=e.getV;if(e.isASN1HEX(c)===false){throw"keyHex is not ASN.1 hex string"}var a=e.getChildIdx(c,0);if(a.length!==2||c.substr(a[0],2)!=="02"||c.substr(a[1],2)!=="02"){throw"wrong hex for PKCS#5 public key"}var f=b(c,a[0]);var d=b(c,a[1]);this.setPublic(f,d)};RSAKey.prototype.readPKCS8PubKeyHex=function(b){var c=ASN1HEX;if(c.isASN1HEX(b)===false){throw"not ASN.1 hex string"}if(c.getTLVbyList(b,0,[0,0])!=="06092a864886f70d010101"){throw"not PKCS8 RSA public key"}var a=c.getTLVbyList(b,0,[1,0]);this.readPKCS5PubKeyHex(a)};RSAKey.prototype.readCertPubKeyHex=function(b,d){var a,c;a=new X509();a.readCertHex(b);c=a.getPublicKeyHex();this.readPKCS8PubKeyHex(c)}; +var _RE_HEXDECONLY=new RegExp("");_RE_HEXDECONLY.compile("[^0-9a-f]","gi");function _rsasign_getHexPaddedDigestInfoForString(d,e,a){var b=function(f){return KJUR.crypto.Util.hashString(f,a)};var c=b(d);return KJUR.crypto.Util.getPaddedDigestInfoHex(c,a,e)}function _zeroPaddingOfSignature(e,d){var c="";var a=d/4-e.length;for(var b=0;b>24,(d&16711680)>>16,(d&65280)>>8,d&255]))));d+=1}return b}RSAKey.prototype.signPSS=function(e,a,d){var c=function(f){return KJUR.crypto.Util.hashHex(f,a)};var b=c(rstrtohex(e));if(d===undefined){d=-1}return this.signWithMessageHashPSS(b,a,d)};RSAKey.prototype.signWithMessageHashPSS=function(l,a,k){var b=hextorstr(l);var g=b.length;var m=this.n.bitLength()-1;var c=Math.ceil(m/8);var d;var o=function(i){return KJUR.crypto.Util.hashHex(i,a)};if(k===-1||k===undefined){k=g}else{if(k===-2){k=c-g-2}else{if(k<-2){throw"invalid salt length"}}}if(c<(g+k+2)){throw"data too long"}var f="";if(k>0){f=new Array(k);new SecureRandom().nextBytes(f);f=String.fromCharCode.apply(String,f)}var n=hextorstr(o(rstrtohex("\x00\x00\x00\x00\x00\x00\x00\x00"+b+f)));var j=[];for(d=0;d>(8*c-m))&255;q[0]&=~p;for(d=0;dthis.n.bitLength()){return 0}var i=this.doPublic(b);var e=i.toString(16).replace(/^1f+00/,"");var g=_rsasign_getAlgNameAndHashFromHexDisgestInfo(e);if(g.length==0){return false}var d=g[0];var h=g[1];var a=function(k){return KJUR.crypto.Util.hashString(k,d)};var c=a(f);return(h==c)};RSAKey.prototype.verifyWithMessageHash=function(e,a){a=a.replace(_RE_HEXDECONLY,"");a=a.replace(/[ \n]+/g,"");var b=parseBigInt(a,16);if(b.bitLength()>this.n.bitLength()){return 0}var h=this.doPublic(b);var g=h.toString(16).replace(/^1f+00/,"");var c=_rsasign_getAlgNameAndHashFromHexDisgestInfo(g);if(c.length==0){return false}var d=c[0];var f=c[1];return(f==e)};RSAKey.prototype.verifyPSS=function(c,b,a,f){var e=function(g){return KJUR.crypto.Util.hashHex(g,a)};var d=e(rstrtohex(c));if(f===undefined){f=-1}return this.verifyWithMessageHashPSS(d,b,a,f)};RSAKey.prototype.verifyWithMessageHashPSS=function(f,s,l,c){var k=new BigInteger(s,16);if(k.bitLength()>this.n.bitLength()){return false}var r=function(i){return KJUR.crypto.Util.hashHex(i,l)};var j=hextorstr(f);var h=j.length;var g=this.n.bitLength()-1;var m=Math.ceil(g/8);var q;if(c===-1||c===undefined){c=h}else{if(c===-2){c=m-h-2}else{if(c<-2){throw"invalid salt length"}}}if(m<(h+c+2)){throw"data too long"}var a=this.doPublic(k).toByteArray();for(q=0;q>(8*m-g))&255;if((d.charCodeAt(0)&p)!==0){throw"bits beyond keysize not zero"}var n=pss_mgf1_str(e,d.length,r);var o=[];for(q=0;q0){var b=":"+n.join(":")+":";if(b.indexOf(":"+k+":")==-1){throw"algorithm '"+k+"' not accepted in the list"}}if(k!="none"&&B===null){throw"key shall be specified to verify."}if(typeof B=="string"&&B.indexOf("-----BEGIN ")!=-1){B=KEYUTIL.getKey(B)}if(z=="RS"||z=="PS"){if(!(B instanceof m)){throw"key shall be a RSAKey obj for RS* and PS* algs"}}if(z=="ES"){if(!(B instanceof p)){throw"key shall be a ECDSA obj for ES* algs"}}if(k=="none"){}var u=null;if(t.jwsalg2sigalg[l.alg]===undefined){throw"unsupported alg name: "+k}else{u=t.jwsalg2sigalg[k]}if(u=="none"){throw"not supported"}else{if(u.substr(0,4)=="Hmac"){var o=null;if(B===undefined){throw"hexadecimal key shall be specified for HMAC"}var j=new s({alg:u,pass:B});j.updateString(c);o=j.doFinal();return A==o}else{if(u.indexOf("withECDSA")!=-1){var h=null;try{h=p.concatSigToASN1Sig(A)}catch(v){return false}var g=new d({alg:u});g.init(B);g.updateString(c);return g.verify(h)}else{var g=new d({alg:u});g.init(B);g.updateString(c);return g.verify(A)}}}};KJUR.jws.JWS.parse=function(g){var c=g.split(".");var b={};var f,e,d;if(c.length!=2&&c.length!=3){throw"malformed sJWS: wrong number of '.' splitted elements"}f=c[0];e=c[1];if(c.length==3){d=c[2]}b.headerObj=KJUR.jws.JWS.readSafeJSONString(b64utoutf8(f));b.payloadObj=KJUR.jws.JWS.readSafeJSONString(b64utoutf8(e));b.headerPP=JSON.stringify(b.headerObj,null," ");if(b.payloadObj==null){b.payloadPP=b64utoutf8(e)}else{b.payloadPP=JSON.stringify(b.payloadObj,null," ")}if(d!==undefined){b.sigHex=b64utohex(d)}return b};KJUR.jws.JWS.verifyJWT=function(e,l,r){var d=KJUR,j=d.jws,o=j.JWS,n=o.readSafeJSONString,p=o.inArray,f=o.includedArray;var k=e.split(".");var c=k[0];var i=k[1];var q=c+"."+i;var m=b64utohex(k[2]);var h=n(b64utoutf8(c));var g=n(b64utoutf8(i));if(h.alg===undefined){return false}if(r.alg===undefined){throw"acceptField.alg shall be specified"}if(!p(h.alg,r.alg)){return false}if(g.iss!==undefined&&typeof r.iss==="object"){if(!p(g.iss,r.iss)){return false}}if(g.sub!==undefined&&typeof r.sub==="object"){if(!p(g.sub,r.sub)){return false}}if(g.aud!==undefined&&typeof r.aud==="object"){if(typeof g.aud=="string"){if(!p(g.aud,r.aud)){return false}}else{if(typeof g.aud=="object"){if(!f(g.aud,r.aud)){return false}}}}var b=j.IntDate.getNow();if(r.verifyAt!==undefined&&typeof r.verifyAt==="number"){b=r.verifyAt}if(r.gracePeriod===undefined||typeof r.gracePeriod!=="number"){r.gracePeriod=0}if(g.exp!==undefined&&typeof g.exp=="number"){if(g.exp+r.gracePeriodl){this.aHeader.pop()}if(this.aSignature.length>l){this.aSignature.pop()}throw"addSignature failed: "+i}};this.verifyAll=function(h){if(this.aHeader.length!==h.length||this.aSignature.length!==h.length){return false}for(var g=0;g0){this.aHeader=g.headers}else{throw"malformed header"}if(typeof g.payload==="string"){this.sPayload=g.payload}else{throw"malformed signatures"}if(g.signatures.length>0){this.signatures=g.signatures}else{throw"malformed signatures"}}catch(e){throw"malformed JWS-JS JSON object: "+e}}};this.getJSON=function(){return{headers:this.aHeader,payload:this.sPayload,signatures:this.aSignature}};this.isEmpty=function(){if(this.aHeader.length==0){return 1}return 0}}; + diff --git a/src/devportal/all/themes/dbank/js/jws-initialization.js b/src/devportal/all/themes/dbank/js/jws-initialization.js new file mode 100644 index 00000000..fd4be092 --- /dev/null +++ b/src/devportal/all/themes/dbank/js/jws-initialization.js @@ -0,0 +1,9 @@ + /* +* +* A dummy navigator object - jsrasign expects to be running in a browser and expects +* these to be in the global namespace +* +*/ + +var navigator = navigator || {appName : ''}; +var window = window || {}; \ No newline at end of file diff --git a/src/devportal/all/themes/dbank/js/smartdocsAuto.js b/src/devportal/all/themes/dbank/js/smartdocsAuto.js new file mode 100644 index 00000000..4c5d11d3 --- /dev/null +++ b/src/devportal/all/themes/dbank/js/smartdocsAuto.js @@ -0,0 +1,12 @@ +(function ($){ + $(document).ready(function() + { + alert("yayy"); + var $input = $(''); + if($("ul.headerParamSection > li.method_details > div.method_data > span[data-role=name]").text() == "Authorization") + { + alert("inside"); + $input.appendTo($("ul.headerParamSection > li.method_details > div.method_data")); +} + }); +})(jQuery); diff --git a/src/devportal/all/themes/dbank/js/smartdocsDynamic.js b/src/devportal/all/themes/dbank/js/smartdocsDynamic.js new file mode 100644 index 00000000..fad51e10 --- /dev/null +++ b/src/devportal/all/themes/dbank/js/smartdocsDynamic.js @@ -0,0 +1,418 @@ +(function($) +{ + $(document).ready(function() +{ + ORG = "apis-bank"; + ENV = "test"; + CLIENT_ID_ACCOUNTS = "clientid_aisp"; + CLIENT_SECRET_ACCOUNTS = "clientsecret_aisp"; + CLIENT_ID_PAYMENTS = "clientid_pisp"; + CLIENT_SECRET_PAYMENTS = "clientsecret_pisp"; + ACCOUNTS_SMARTDOC_NAME = "accounts-apis-v1-0"; + ACCOUNTS_OAUTH_NAME = "PSUOAuth2Security"; + + PAYMENTS_SMARTDOC_NAME = "payments-apis-v1-0"; + PAYMENTS_OAUTH_NAME = "PSUOAuth2Security"; + + BASE_URL = "https://apis-bank-test.apigee.net"; + + BASIC_HEADER_ACCOUNTS = Base64.encode(CLIENT_ID_ACCOUNTS + ":" + CLIENT_SECRET_ACCOUNTS); + BASIC_HEADER_PAYMENTS = Base64.encode(CLIENT_ID_PAYMENTS + ":" + CLIENT_SECRET_PAYMENTS); + + TEMPLATE_CALLBACK_ACCOUNTS = "https://api.enterprise.apigee.com/v1/o/"+ORG+"/apimodels/"+ACCOUNTS_SMARTDOC_NAME+"/templateauths/"+ACCOUNTS_OAUTH_NAME+"/callback"; + TEMPLATE_CALLBACK_PAYMENTS = "https://api.enterprise.apigee.com/v1/o/"+ORG+"/apimodels/"+PAYMENTS_SMARTDOC_NAME+"/templateauths/"+PAYMENTS_OAUTH_NAME+"/callback"; + PRIVATE_KEY = "-----BEGIN RSA PRIVATE KEY-----MIIEowIBAAKCAQEAuZhaB6ciF8hzzHkv3tkl20LS8KfWgRb/V4I6pB9ADNPBNgrceSf+mLoIWxrRDgTSYqyYYXmj3Fy9B1mG4lpUvrClt4hHKaBvsRZKn4/r2dPxUo0ggI+ruxQaQoKf2v8sEJe6Sx7btBvBxTqOMlIxP1GDNYJICaXo8jsBeNVDtCeFP2e9QJUmNvYGY7IfB8vUqFFcHushNmKmdR5H6pUg/JOsheFyi41UT05Zu3FvMHBAJab4OnybOLrovCVshu3Q7BOFkQVkYF4HrD0IM4GDojGt4OfMqESnLvG7+UywNjs/zjmdX0mn1wG7mZjlXfgh0DKo/MeWCW+gEQdPejCrBwIDAQABAoIBABbZyDPrAwqUlpVVUmyIpd2SI7CXqZRpRXT7xsaQRm2N4NsLiUutfe5F8WNuMNEeDN0zTOurc15dWLS/9BiIcKitzSmEsOZSJ45RJUzyBmLicnLsh1Ts24MEHZuUw6POCRnd5IT9PqW1SS1EYV+WuROHsLT03nO5pq20UCEVeOmEQgwB6mmTZ8UIESuhQ6EkCQmyipcFtdmzVANwyRAjsiFwXV9tXtYwpLZPp0UrpujSpE2k/IM7vhlOn6njOhWHNseI23d/BgcfrG/kAIW7KTBBaP5NKmY2lLtFxo2tYNOetfRQSpUmmG17Z4rI3vp6WBYVtgmiyxt9RMXeekZdHCECgYEA91OwU4hW28zeNQk1/kXx/o0F/LUVOi4inQCoU2V8VGWNOIZbvwcghQVjz5fBakZk2ENoE897cmC8tHemaeS72dPKEgwpI05ZJX9nPJ5eUcfGXjGHLQiVwqdZSFA9znkcwmNUkqP+gvmH+cg4EOyOpn4QkTW5aQK+Tu1J+6kDJ3ECgYEAwBp7d/MBnnGV7HUW6aK87Y+Vuu0T9pjKLr2gzS591s0yt6U0maybazmpIhUgrU19PGjZ9zmI+DSki+EqFGh5uHF7Mrj4ofVAs51ax29UZ6XcgMZfvqPfJnYxgVoPyS6+8ZEmHbCguS70SJXg0k5oWnhu7iQ9tcoddrshOqnC7fcCgYEA75JXSHLWgA7QZ1tGu8kRAdukowbdSwAJcz+BzVaOukmsI8ax9DZ5H6D678k2BzWs1Xdlx1rBXyepYr5LqmNwOy3VnOm+p35rB9GDNMrK3ji/Q9qB7/NS7byg1VU0qV3Tp9ADyg+kp0YCmseA15PtEgUnEyGROdD4eweLFITAk2ECgYBetS+l5UIpESqu1tMjAD5QiHdzHqq26oDTJl3+iis0GRol++bA1J4S8Ox3hx8DEa7qd27uOYlThPCSncGXKiLIUfpA+XxqrHTnmG5G4JYmO1lIi4RsgnHjjmW9td8OemNcyQiXnpq+cW2x02JxjIJaCAH4mhlqZGi+PmeVelhF5QKBgDOQTN8abBweSBvavri9M4X/8M3mmWBFTLEJc8OXOMiBgBSZYyLitpjGjrzXINB3LRsKic2ug5rx282RSF1OH3Is2LF/nOBNyuIoIEKzA2YTa7/znxjhzwlEnIAbvLPO2Ivf1/j7UWFvVO4GzD1qZksSKoaCawFUIeJZXCUfKueo-----END RSA PRIVATE KEY-----"; + JOSE_HEADER = { + "alg": "RS256", + "kid": "90210ABAD", + "b64": false, + "http://openbanking.org.uk/iat": "2017-06-12T20:05:50+00:00", + "http://openbanking.org.uk/iss": "C=UK, ST=England, L=London, O=Acme Ltd.", + "crit": ["b64", "http://openbanking.org.uk/iat", "http://openbanking.org.uk/iss"] + + }; + + +showclientCredPage(); +showJWSButton(); + + +function showclientCredPage() +{ + $("div[data-role=oauth2_modal] a.button_save_modal").remove(); + $("div[data-role=oauth2_modal] a.button_close_modal").remove(); + $("div[data-role=oauth2_modal] button.button_close_modal").addClass("button_closenew_modal"); + $("div[data-role=oauth2_modal] button.button_closenew_modal").removeClass("button_close_modal"); + + var $aOK = $('OK'); + var $aCancel = $('Cancel'); + + $aOK.appendTo("div[data-role=oauth2_modal] div.modal-footer"); + $aCancel.appendTo("div[data-role=oauth2_modal] div.modal-footer"); + + + + $("div[data-role=oauth2_modal] a.button_closenew_modal").on("click", ResetAndCancel); + $("div[data-role=oauth2_modal] button.button_closenew_modal").on("click", ResetAndCancel); + + $('div[data-role=oauth2_modal] div.modal-header h3.modal-title').text("Request Client Credential Access Token"); + + $('div[data-role=oauth2_modal] div.modal-body div.content').hide(); + $('div[data-role=oauth2_modal] div.modal-footer p').hide(); + + $("div[data-role=oauth2_modal] a.button_savenew_modal").unbind("click"); + $("div[data-role=oauth2_modal] a.button_savenew_modal").on("click", getClient_credentialAccessToken); + + var $clientCredentialBody = $('

       
    '); + $clientCredentialBody.appendTo($('div[data-role=oauth2_modal] div.modal-body')); + + $('input[name=base64Authinput]').val(BASIC_HEADER_ACCOUNTS); + +} + + + +function getClient_credentialAccessToken() +{ + localStorage.ccScope = $('select[name=scopeSelector]').find(":selected").text(); + + var oauthURL = BASE_URL+"/apis/v1.0/oauth/token"; + + var xhttp = new XMLHttpRequest(); + xhttp.open("POST", oauthURL, true); + xhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded"); + var params = "grant_type=client_credentials&scope="+ localStorage.ccScope; + + if(localStorage.ccScope == "accounts") + { + xhttp.setRequestHeader("Authorization", BASIC_HEADER_ACCOUNTS); + } + else + { + xhttp.setRequestHeader("Authorization", BASIC_HEADER_PAYMENTS); + } + + xhttp.onreadystatechange = function() { + if (this.readyState == 4 && this.status == 200) + { + var responseText = JSON.parse(this.responseText); + localStorage.clientCredentialToken = "Bearer " + responseText.access_token; + + showCreateRequestPage(); + } + else if(this.readyState == 4 ) + { + ResetAndCancel(); + showError("Error getting access token"); + } + }; + + xhttp.send(params); + + +} + + + +function showCreateRequestPage() +{ + + $('div[data-role=oauth2_modal] div.modal-body #clientCredentialBody').hide(); + //alert($('select[name=scopeSelector]').find(":selected").text()); + var $authoriseInput = ""; + var ReqContent = ""; + if(localStorage.ccScope == "accounts") + { + $('div[data-role=oauth2_modal] div.modal-header h3.modal-title').text("Create Account Request"); + + $authoriseInput = $('
       
    '); + ReqContent = JSON.stringify({"Data":{"Permissions":["ReadAccountsDetail","ReadBalances","ReadBeneficiariesDetail","ReadDirectDebits","ReadProducts","ReadStandingOrdersDetail","ReadTransactionsCredits","ReadTransactionsDebits","ReadTransactionsDetail"],"ExpirationDateTime":"2025-08-02T00:00:00-00:00","TransactionFromDateTime":"2012-05-03T00:00:00-00:00","TransactionToDateTime":"2025-05-08T00:00:00-00:00"},"Risk":{}}); + + } + else + { + $('div[data-role=oauth2_modal] div.modal-header h3.modal-title').text("Create Payment Request"); + + $authoriseInput = $('
       
    '); + ReqContent = JSON.stringify({"Data":{"Initiation":{"InstructionIdentification":"ACME412","EndToEndIdentification":"FRESCO.21302.GFX.20","InstructedAmount":{"Amount":"165.88","Currency":"GBP"},"CreditorAccount":{"SchemeName":"SortCodeAccountNumber","Identification":"08080021325698","Name":"ACME Inc","SecondaryIdentification":"0002"},"RemittanceInformation":{"Reference":"FRESCO-101","Unstructured":"Internal ops code 5120101"}}},"Risk":{"PaymentContextCode":"EcommerceGoods","MerchantCategoryCode":"5967","MerchantCustomerIdentification":"053598653254","DeliveryAddress":{"AddressLine":["Flat 7","Acacia Lodge"],"StreetName":"Acacia Avenue","BuildingNumber":"27","PostCode":"GU31 2ZZ","TownName":"Sparsholt","CountySubDivision":["Wessex"],"Country":"UK"}}}); + $("input[name=idempotencyInput]").val(Date.parse(new Date())); + } + + $authoriseInput.appendTo($('div[data-role=oauth2_modal] > div.modal-dialog > div.modal-content > div.modal-body')); + + $('div#showRequest textarea[name=reqPayloadInput]').val(ReqContent); + var jws = getJWS($('div#showRequest textarea[name=reqPayloadInput]').val()); + $("input[name=financialIdInput]").val($("ul.headerParamSection input[name=x-fapi-financial-id]").val()); + $('div#showRequest input[name=jwsInput]').val(jws); + $('div#showRequest input[name=BearerAuthInput]').val(localStorage.clientCredentialToken); + $("div[data-role=oauth2_modal] a.button_savenew_modal").unbind("click"); + $("div[data-role=oauth2_modal] a.button_savenew_modal").on("click", createRequest); +} + + + +function createRequest() +{ + var postRequestURL = ""; + if(localStorage.ccScope == "accounts") + { + postRequestURL = BASE_URL+"/ais/open-banking/v1.0/account-requests"; + } + + else + { + postRequestURL = BASE_URL+"/pis/open-banking/v1.0/payments"; + + } + + var xhttp = new XMLHttpRequest(); + xhttp.open("POST", postRequestURL, true); + xhttp.setRequestHeader("Content-Type", "application/json"); + var body = $('div#showRequest textarea[name=reqPayloadInput]').val(); + xhttp.setRequestHeader("Authorization", localStorage.clientCredentialToken); + xhttp.setRequestHeader("x-fapi-financial-id", $('input[name=financialIdInput]').val()); + xhttp.setRequestHeader("x-jws-signature", $('div#showRequest input[name=jwsInput]').val()); + xhttp.setRequestHeader("x-fapi-customer-ip-address", "123456"); + xhttp.setRequestHeader("Accept", "application/json"); + + if(localStorage.ccScope == "payments") + { + + xhttp.setRequestHeader("x-idempotency-key", $('div#showRequest input[name=idempotencyInput]').val()); + + } + + xhttp.onreadystatechange = function() { + if (this.readyState == 4 && this.status == 201) + { + var responseText = JSON.parse(this.responseText); + if(localStorage.ccScope == "accounts") + { + localStorage.RequestId = responseText.Data.AccountRequestId; + + } + else + { + + localStorage.RequestId = responseText.Data.PaymentId; + + var json = JSON.parse(window.apiModelEditor.getRequestPayLoad()); + if(json.Data && json.Data.PaymentId) + { + + json.Data.PaymentId = localStorage.RequestId; + window.apiModelEditor.setRequestPayLoad(JSON.stringify(json)); + + } + } + + showAccessTokenPage(); + } + else if(this.readyState == 4 ) + { + ResetAndCancel(); + showError("Error creating Request"); + + } + }; + + xhttp.send(body); + + +} + + +function showAccessTokenPage() +{ + $('div[data-role=oauth2_modal] div.modal-body #showRequest').hide(); + $('div[data-role=oauth2_modal] div.modal-header h3.modal-title').text("Access Token Parameters"); + var $authoriseInput = $('
    '); + $authoriseInput.appendTo($('div[data-role=oauth2_modal] > div.modal-dialog > div.modal-content > div.modal-body')); + localStorage.nonce = Date.parse(new Date()); + var jwtresponse; + if(localStorage.ccScope == "accounts") + { + jwtresponse = createJWT("accounts",localStorage.nonce,CLIENT_ID_ACCOUNTS,TEMPLATE_CALLBACK_ACCOUNTS); + } + else + { + jwtresponse = createJWT("payments",localStorage.nonce,CLIENT_ID_PAYMENTS,TEMPLATE_CALLBACK_PAYMENTS); + } + $('#authoriseInput input[name=requestInput]').val(jwtresponse); + + $("div[data-role=oauth2_modal] a.button_savenew_modal").unbind("click"); + $("div[data-role=oauth2_modal] a.button_savenew_modal").on("click", showPermissions); + +} + + +function showPermissions() +{ + $('div[data-role=oauth2_modal] div.modal-header h3.modal-title').text("Request Permissions"); + $('div[data-role=oauth2_modal] div.modal-body #authoriseInput').hide(); + $('div[data-role=oauth2_modal] div.modal-body div.content').show(); + $('div[data-role=oauth2_modal] div.modal-footer p').show(); + + $("div[data-role=oauth2_modal] a.button_savenew_modal").unbind("click"); + $("div[data-role=oauth2_modal] a.button_savenew_modal").on("click", OpenAuthURL); + +} + +function OpenAuthURL(event) + { + + populateDefaults(); + ResetAndCancel(); + event.preventDefault(); + var authUrl = ""; + if(localStorage.ccScope == "accounts") + { + authUrl = BASE_URL+"/apis/v1.0/oauth/authorize?response_type=code&client_id="+CLIENT_ID_ACCOUNTS+"&state=abcd1234&scope=openid accounts&redirect_uri="+TEMPLATE_CALLBACK_ACCOUNTS; + } + + else + { + authUrl = BASE_URL+"/apis/v1.0/oauth/authorize?response_type=code&client_id="+CLIENT_ID_PAYMENTS+"&state=abcd1234&scope=openid payments&redirect_uri="+TEMPLATE_CALLBACK_PAYMENTS; + + } + authUrl+="&request="+ $('#authoriseInput input[name=requestInput]').val(); + authUrl+="&nonce="+ localStorage.nonce; + var oauth2Window = window.open(authUrl, "oauth2Window", "resizable=yes,scrollbars=yes,status=1,toolbar=1,height=500,width=500"); + + } + + + function populateDefaults() +{ + +$("ul.headerParamSection input[name=x-fapi-financial-id]").val($("input[name=financialIdInput]").val()); +$("ul.headerParamSection input[name=x-fapi-customer-ip-address]").val("123456"); +$("ul.headerParamSection input[name=x-idempotency-key]").val($("input[name=idempotencyInput]").val()); + +} + +function showError(errorMessage) +{ + jQuery("[data-role='error_container']").html(errorMessage).show(); + jQuery("body").scrollTop(0); // Scroll to page's top position. +} + + function createJWT(scope,nonce,client_id,callback_url) +{ + var jwtBody = { + "iss": "https://api.openbank.com", + "response_type": "code", + "client_id": client_id, + "redirect_uri": callback_url, + "scope": "openid "+scope, + "state": "abcd1234", + "nonce": nonce, + "claims": { + "id_token": { + "openbanking_intent_id": { + "value": "urn:openbank:intent:"+scope +":"+localStorage.RequestId, + "essential": true + }, + "acr": { + "essential": true + } + } + }, + "iat": 1504521455, + "exp": 1604525055 + }; + + +var jws = new KJUR.jws.JWS(); + +var jwt = KJUR.jws.JWS.sign(JOSE_HEADER.alg, JOSE_HEADER, jwtBody, PRIVATE_KEY); + + return jwt; +} + + + +function getJWS(payload) +{ + var responsePayload = JSON.parse(payload); + responsePayload = JSON.stringify(responsePayload); + var jwt = KJUR.jws.JWS.sign(JOSE_HEADER.alg, JOSE_HEADER, responsePayload, PRIVATE_KEY); + detachedJWT = jwt.split("."); + var detachedJws = detachedJWT[0] + ".." + detachedJWT[2]; + return detachedJws; +} + + + + function closeAuthModal() + { + jQuery('[role="dialog"].modal').modal('hide'); + jQuery('[role="dialog"].modal input').removeClass('error'); // Remove error class from the input boxes. + jQuery('[role="dialog"].modal .error_container').hide().html(''); // Empty the error container and hide it. + //return false; + }; + + + + function ResetAndCancel() +{ + closeAuthModal(); + $('div[data-role=oauth2_modal] div.modal-header h3.modal-title').val("Request Client Credential Access Token"); + $('div[data-role=oauth2_modal] div.modal-body div.content').hide(); + $('div[data-role=oauth2_modal] div.modal-footer p').hide(); + $('div[data-role=oauth2_modal] div.modal-body #showRequest').hide(); + $('div[data-role=oauth2_modal] div.modal-body #authoriseInput').hide(); + $('div[data-role=oauth2_modal] div.modal-body #clientCredentialBody').show(); + $("div[data-role=oauth2_modal] a.button_savenew_modal").unbind("click"); + $("div[data-role=oauth2_modal] a.button_savenew_modal").on("click", getClient_credentialAccessToken); + +} + + +function showJWSButton() +{ + if($("ul.headerParamSection input[name=x-jws-signature]").length >0) + { + var $input = $(''); + $input.appendTo($("ul.headerParamSection input[name=x-jws-signature]").parent().next()); + + + $('.createjwtButton').on("click",openJWSDialog); + + + var $jwtDialogDiv = $('