Skip to content

Latest commit

 

History

History
63 lines (51 loc) · 12.3 KB

README.md

File metadata and controls

63 lines (51 loc) · 12.3 KB

FDX Authorization Server

Mastercard Developer Hub for FDX APIs documentation: https://developer.mastercard.com/fdx-dev-hub/documentation

Description

Introducing our cutting-edge authentication server solution, meticulously designed to empower banks and financial institutions with a robust and secure authentication framework. This server is implemented with a strong focus on OAuth 2.0 and OpenID Connect (OIDC)—both of which are renowned for their security and widespread adoption. Our solution excels in token issuance, validation, and management, serving as a secure gateway for client applications and ensuring that all transactions are handled with the utmost integrity. Moreover, all API responses are fully compliant with the Financial Data Exchange (FDX) 6.0 standard, guaranteeing interoperability, data integrity, and adherence to industry best practices.

Prerequisites

  1. An IDE that supports Java 17 or above (e.g., Eclipse, IntelliJ IDEA, Spring Tool Suite).
  2. Java installed on your local system.
  3. Postman installed on your local system.
  4. Docker: Install Docker (Required only for running in docker)

Installation Instructions

  1. Download the project from GitHub.
  2. Import the project into your preferred IDE as an existing Maven project.
  3. Run the application as a Java Application.
  4. Once the project is running, download the Postman collection and environment from the resource/postman folder.
  5. Import the downloaded Postman collection and environment into Postman.
  6. We need to update drJwtSecret in postman environment from project resource folders src/main/resources/dr/drpk.txt
  7. We need to add pmlib_code(A crypto utility library for Postman) to global variable, refer this url to get variable value.
  8. You can now use the imported collection to send requests to the API endpoints and observe the responses.

Usage

Note: To run through consent journey and resource APIs skipping DCR, follow below steps with default client id: dh-fdx-client-registrar-2

Run In Postman

  1. Run the request from Postman: Authorize (via PAR+RAR).
  2. Copy the login URL from the PAR Authorize request curl section.
  3. Paste the login URL in your browser to start the consent journey.
  4. Log in with a valid user (fdxuser, fdxuser1, fdxuser2). After a successful login, you can select the accounts for which you want to give consent.
  5. Once the account is selected, hit the submit button.
  6. Upon successful consent, you'll receive a success message. Copy the authorization code (the "code" field) from the URL in the browser.
  7. Paste the authorization code into the body of the Get Access Token request, under the "code" key.
  8. Hit the Get Access Token request endpoint. You will get the authorization token.
  9. Now you can access the resource API using this authorization token.

Instructions for Building a Docker Image

  1. Uncomment the following properties from application.properties so that the authorization server can interact with the resource server running on the docker container.
    1. mock.res.server.baseurl=http://fdx.mock.resource.server:9090
    2. mock.res.server.userurl=http://fdx.mock.resource.server:9090/user
  2. Navigate into the project's root directory which contains the Dockerfile & build the Docker image using the Docker build command.
    1. "docker build -t fdx-mock-auth-server ."
  3. Verify that the Docker image was successfully created. You should see listed in the output.
  4. Since both servers will be running on Docker containers, their hosts will be localhost. Each Docker container runs in its own isolated network namespace. The localhost within docker1 refers to docker1 itself, not to docker2. They will not be able to interact with each other.
  5. To establish communication between Docker containers (docker1 and docker2) using Docker's port mapping (publishing ports). Create a user-defined bridge network, make sure both containers are connected to the same network and that they can resolve each other's container names.
  6. Commands to create a custom network and run the containers are :
    1. docker network create my-network
    2. docker run -d --network=my-network -p 8080:8080 --name fdx.mock.auth.server fdx-mock-auth-server
    3. docker run -d --network=my-network -p 9090:9090 --name fdx.mock.resource.server fdx-mock-resource-server

License

This is an open-source project and does not have any specific licensing.

Contact Information

For any queries, please post a comment on GitHub. We will look into it and get back to you.