├── .gitignore ├── Dockerfile.api-explorer ├── Dockerfile.api-manager ├── Dockerfile.obp-base ├── README.md ├── api-explorer └── API-Explorer.default.props ├── api-manager ├── local_settings.py └── requirements.txt ├── api └── default.props └── api_with_local_war └── Dockerfile /.gitignore: -------------------------------------------------------------------------------- 1 | .idea/ 2 | api_with_local_war/*.war 3 | 4 | -------------------------------------------------------------------------------- /Dockerfile.api-explorer: -------------------------------------------------------------------------------- 1 | # This creates a jetty jre8 image containing obp-api-1.1.0.war. 2 | # It is a multi stage build, meaning a small-ish image is the end result. 3 | 4 | FROM alpine:latest as repo 5 | # Get repo fron github, store as stage 'repo' 6 | RUN apk add --no-cache git 7 | WORKDIR OBP-API-Explorer 8 | RUN git clone https://github.com/OpenBankProject/API-Explorer.git 9 | 10 | FROM maven:3-jdk-8 as maven 11 | # Build the source using maven, source is copied from the 'repo' build. 12 | COPY --from=repo /OBP-API-Explorer /usr/src 13 | ADD api-explorer/API-Explorer.default.props /usr/src/API-Explorer/src/main/resources/props/default.props 14 | RUN cp /usr/src/API-Explorer/pom.xml /tmp/pom.xml # For Packaging a local repository within the image 15 | WORKDIR /usr/src/API-Explorer 16 | RUN mvn package -DskipTests 17 | #RUN mvn install -pl .,obp-commons 18 | #RUN mvn install -DskipTests -pl obp-api 19 | 20 | FROM openjdk:8-jre-alpine 21 | 22 | # Add user 23 | RUN adduser -D obp 24 | 25 | # Download jetty 26 | RUN wget -O - https://repo1.maven.org/maven2/org/eclipse/jetty/jetty-distribution/9.4.15.v20190215/jetty-distribution-9.4.15.v20190215.tar.gz | tar zx 27 | RUN mv jetty-distribution-* jetty 28 | 29 | # Copy API Explorer source code 30 | # Copy build artifact (.war file) into jetty from 'maven' stage. 31 | COPY --from=maven /usr/src/API-Explorer/target/API_Explorer-1.0.war jetty/webapps/ROOT.war 32 | 33 | WORKDIR jetty 34 | RUN chown -R obp /jetty 35 | 36 | # Switch to the obp user (non root) 37 | USER obp 38 | 39 | # Starts jetty 40 | ENTRYPOINT ["java", "-jar", "start.jar"] 41 | -------------------------------------------------------------------------------- /Dockerfile.api-manager: -------------------------------------------------------------------------------- 1 | FROM debian:buster 2 | RUN apt-get update && apt-get install -y --no-install-recommends python3 python3-virtualenv python3-psycopg2 git 3 | 4 | WORKDIR API-Manager 5 | RUN pwd 6 | RUN git clone https://github.com/OpenBankProject/API-Manager.git 7 | 8 | ENV VIRTUAL_ENV=venv 9 | RUN python3 -m virtualenv --python=/usr/bin/python3 $VIRTUAL_ENV 10 | ENV PATH="$VIRTUAL_ENV/bin:$PATH" 11 | 12 | #COPY API-Manager/requirements.txt . 13 | #RUN pwd && ls && ls API-Manager 14 | COPY /api-manager/requirements.txt . 15 | RUN pip install -r requirements.txt 16 | COPY /api-manager/local_settings.py API-Manager/apimanager/apimanager/local_settings.py 17 | #RUN pwd && ls API-Manager 18 | RUN API-Manager/apimanager/manage.py check 19 | RUN API-Manager/apimanager/manage.py makemigrations 20 | RUN API-Manager/apimanager/manage.py migrate 21 | CMD ["API-Manager/apimanager/manage.py", "runserver", "0.0.0.0:8000"] 22 | -------------------------------------------------------------------------------- /Dockerfile.obp-base: -------------------------------------------------------------------------------- 1 | # This creates a jetty jre8 image containing obp-api-1.1.0.war. 2 | # It is a multi stage build, meaning a small-ish image is the end result. 3 | 4 | FROM alpine:latest as repo 5 | # Get repo fron github, store as stage 'repo' 6 | RUN apk add --no-cache git 7 | WORKDIR OBP-API 8 | RUN git clone https://github.com/OpenBankProject/OBP-API.git 9 | 10 | FROM maven:3-jdk-8 as maven 11 | # Build the source using maven, source is copied from the 'repo' build. 12 | COPY --from=repo /OBP-API /usr/src 13 | RUN cp /usr/src/OBP-API/obp-api/pom.xml /tmp/pom.xml # For Packaging a local repository within the image 14 | WORKDIR /usr/src/OBP-API 15 | ADD ./api/default.props obp-api/src/main/resources/props/default.props 16 | RUN cp obp-api/src/main/resources/props/test.default.props.template obp-api/src/main/resources/props/test.default.props 17 | RUN mvn install -pl .,obp-commons 18 | RUN mvn install -DskipTests -pl obp-api 19 | 20 | FROM openjdk:8-jre-alpine 21 | 22 | # Add user 23 | RUN adduser -D obp 24 | 25 | # Download jetty 26 | RUN wget -O - https://repo1.maven.org/maven2/org/eclipse/jetty/jetty-distribution/9.4.15.v20190215/jetty-distribution-9.4.15.v20190215.tar.gz | tar zx 27 | RUN mv jetty-distribution-* jetty 28 | 29 | # Copy OBP source code 30 | # Copy build artifact (.war file) into jetty from 'maven' stage. 31 | COPY --from=maven /usr/src/OBP-API/obp-api/target/obp-api-*.war jetty/webapps/ROOT.war 32 | 33 | WORKDIR jetty 34 | RUN chown -R obp /jetty 35 | 36 | # Switch to the obp user (non root) 37 | USER obp 38 | 39 | ENV JETTY_MEM=1024m 40 | 41 | # Starts jetty 42 | CMD java -jar -Xmx${JETTY_MEM} start.jar 43 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # This repository is deprecated and archived. # 2 | 3 | # OBP-Docker 4 | 5 | 6 | Files required to create the images available at Docker Hub 7 | https://hub.docker.com/r/openbankproject/ 8 | 9 | 10 | ### Build 11 | 12 | $ docker build --no-cache -f Dockerfile.obp-base -t openbankproject/obp-base . 13 | 14 | 15 | 16 | 17 | ### Run in docker container 18 | 19 | $ docker run -d -p 8080:8080 \ 20 | -e "OBP_API_HOSTNAME=http://127.0.0.1:8080" \ 21 | openbankproject/obp-base 22 | 23 | 24 | ### Overwriting configuration parameters by environment variables 25 | 26 | Any configuration in api/default.props can also be overwritten at container creation by 27 | passing an environment variable. 28 | 29 | Use the configured prefix (default: OBP_), capitalize all letters and convert all '.' to '_' 30 | . 31 | E.g.: 'db.url' -> 'OBP_DB_URL' 32 | 33 | # Errors Logging & Debugging 34 | 35 | To view the logs of the running OBP API instance: 36 | 37 | 1. Exec into the running container: `docker exec -it /bin/bash` 38 | this will drop you to a root shell. 39 | 2. Tail the jetty log: `tail -f /var/log/supervisor/OBP-API-stdout.log` 40 | 3. There are additional logs in `/var/log/supervisor` 41 | 42 | To find out your container id run `sudo docker ps` 43 | -------------------------------------------------------------------------------- /api-explorer/API-Explorer.default.props: -------------------------------------------------------------------------------- 1 | #this is a sample props file you should edit and rename 2 | #see https://www.assembla.com/wiki/show/liftweb/Properties for all the naming options, or just use "default.props" in this same folder 3 | 4 | #the base url of the api to use (e.g. https://apisandbox.openbankproject.com) 5 | api_hostname=http://127.0.0.1:8080 6 | 7 | #these are the oauth keys obtained from the api (at /consumer-registration) 8 | #obp_consumer_key=ghg2w5y2zegdwuz4n4v5por4zwyy35tudv3whffn 9 | #obp_secret_key=pqbq2xtrlg5skxauhnvl0g5mecb5dapeq4kh4tlp 10 | 11 | obp_consumer_key=yip45ekoqa04gd1kf44xrypatddltqprubk2nerh 12 | obp_secret_key=hgzlrp1ened0pz4xbv50mw5x4kmhsitdv1mzojfb 13 | 14 | #the base url of this application (e.g. http://localhost:8080) which is used for the oauth callback url. 15 | #note: if you are running a local api instance and a local sofi instance, you will want to access one via 16 | #localhost and one via 127.0.0.1 to avoid weird cookie issues 17 | base_url=http://localhost:8082 18 | 19 | #this is only useful for running the api locally via RunWebApp 20 | #if you use it, make sure this matches your base_url port! 21 | #if you want to change the port when running via the command line, use "mvn -Djetty.port=8081 jetty:run" instead 22 | dev.port=8082 23 | 24 | #at the moment sofi doesn't have the ability select multiple user auth providers 25 | #in most cases, this should just be identical to "api_hostname" 26 | defaultAuthProvider=http://127.0.0.1:8080 27 | 28 | #set to true if you want to display a link to the alternate api login flow that allows a user to connect their bank account via HBCI 29 | #sofi currently is not very flexible and hardcodes this link to api_hostname/login, so it will probably only be useful to show if you 30 | #are working against https://api.openbankproject.com, where that path actually exists 31 | showConnectBankAccountLink=true 32 | 33 | #Your transloadit auth key (used to upload transaction images) 34 | #not needed unless you want to upload images 35 | transloadit.authkey=docker 36 | 37 | #Your transloadit template used to process transaction image uploading 38 | #not needed unless you want to upload images 39 | transloadit.addImageTemplate=docker 40 | 41 | webui_api_explorer_url=http://localhost:8082 42 | -------------------------------------------------------------------------------- /api-manager/local_settings.py: -------------------------------------------------------------------------------- 1 | import os 2 | 3 | BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) 4 | # Used internally by Django, can be anything of your choice 5 | # {{ ansible_managed }} 6 | SECRET_KEY = os.environ.get("OBP_MANAGER_SECRET_KEY", "yoursecretkey") 7 | API_HOST = os.environ.get('OBP_MANAGER_API_HOST', 'http://127.0.0.1:8080') 8 | API_BASE_PATH = os.environ.get('OBP_MANAGER_API_BASE_PATH', '/obp/v') 9 | API_VERSION = os.environ.get('OBP_MANAGER_API_VERSION', '3.1.0') 10 | OAUTH_CONSUMER_KEY = os.environ.get('OBP_MANAGER_OAUTH_CONSUMER_KEY', 'your_consumer_key') 11 | #OAUTH_CONSUMER_KEY = 'your_consumer_key' 12 | OAUTH_CONSUMER_SECRET = os.environ.get('OBP_MANAGER_OAUTH_CONSUMER_SECRET', 'your_consumer_secret') 13 | ALLOWED_HOSTS = ['127.0.0.1', 'localhost', os.environ.get("OBP_MANAGER_ALLOWED_HOST")] 14 | ADMINS = [ 15 | ('Admin', 'admin@tesobe.com') 16 | ] 17 | SERVER_EMAIL = 'apimanager@apisandbox.openbankproject.com' 18 | EMAIL_HOST = 'mail.tesobe.com' 19 | EMAIL_USE_TLS = True 20 | DEBUG = os.environ.get("OBP_MANAGER_DEBUG", True) 21 | EXCLUDE_FUNCTIONS = ['getMetrics', 'getConnectorMetrics', 'getAggregateMetrics'] 22 | EXCLUDE_URL_PATTERN = ['%management/metrics%', '%management/aggregate-metrics%'] 23 | API_DATEFORMAT = '%Y-%m-%dT%H:%M:%S.%fZ' 24 | DATABASES = { 25 | 'default': { 26 | 'ENGINE': 'django.db.backends.sqlite3', 27 | 'NAME': os.path.join(BASE_DIR, '..', '..', 'db.sqlite3'), 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /api-manager/requirements.txt: -------------------------------------------------------------------------------- 1 | django>=2.2.10 2 | oauthlib==2.0.0 3 | requests==2.20.0 4 | requests-oauthlib==0.6.2 5 | PyJWT==1.5.3 6 | gunicorn==19.6.0 7 | matplotlib 8 | django-bootstrap-datepicker-plus 9 | django-mathfilters 10 | django-bootstrap3 11 | #psycopg2==2.7.3.1 12 | -------------------------------------------------------------------------------- /api/default.props: -------------------------------------------------------------------------------- 1 | #this is a sample props file you should edit and rename 2 | #see https://www.assembla.com/wiki/show/liftweb/Properties for all the naming options, or just use "default.props" in this same folder 3 | 4 | ### OBP-API configuration 5 | 6 | 7 | ### Base configuration 8 | 9 | ## Which data connector to use, if config `star` as connector, please also check `starConnector_supported_types` 10 | connector=mapped 11 | #connector=mongodb 12 | #connector=kafka 13 | #conenctor=kafka_vMar2017 14 | #connector=akka_vDec2018 15 | #connector=rest_vMar2019 16 | #connector=obpjvm 17 | #connector=star 18 | #connector=... 19 | 20 | ## if connector = star, then need to set which connectors will be used. For now, obp support rest, akka, kafka. If you set kafka, then you need to start the kafka server. 21 | #starConnector_supported_types=rest,akka,kafka 22 | 23 | ## whether export LocalMappedConnector methods as endpoints, it is just for develop, default is false 24 | #connector.export.LocalMappedConnector=false 25 | 26 | ## Connector cache time-to-live in seconds, caching defaults to 10 seconds 27 | #connector.cache.ttl.seconds=3 28 | #connector.cache.ttl.seconds.getBank=10 29 | #connector.cache.ttl.seconds.getBanks=10 30 | #connector.cache.ttl.seconds.getAccount=10 31 | #connector.cache.ttl.seconds.getAccounts=10 32 | #connector.cache.ttl.seconds.getTransaction=10 33 | #connector.cache.ttl.seconds.getTransactions=10 34 | #connector.cache.ttl.seconds.getCounterpartyFromTransaction=10 35 | #connector.cache.ttl.seconds.getCounterpartiesFromTransaction=10 36 | #connector.cache.ttl.seconds.APIMethods121.getTransactions=10 37 | 38 | ## MethodRouting cache time-to-live in seconds 39 | #methodRouting.cache.ttl.seconds=30 40 | 41 | ## webui props cache time-to-live in seconds 42 | #webui.props.cache.ttl.seconds=20 43 | 44 | ## DynamicEntity cache time-to-live in seconds 45 | #dynamicEntity.cache.ttl.seconds=20 46 | 47 | ## swagger file should not generated for every request, this is a time-to-live in seconds for the generated swagger of OBP api, 48 | ## this value also represent how many seconds before the new endpoints will be shown after upload a new DynamicEntity. 49 | ## So if you want the new endpoints shown timely, set this value to a small number. 50 | resourceDocsObp.cache.ttl.seconds=3600 51 | 52 | ## enable logging all the database queries in log file 53 | #logging.database.queries.enable=true 54 | 55 | ##Added Props property_name_prefix, default is OBP_. This adds the prefix only for the system environment property name, eg: db.driver --> OBP_db.driver 56 | #system_environment_property_name_prefix=OBP_ 57 | 58 | ## OBP-JVM transport type. currently supported: kafka, mock 59 | #obpjvm.transport=kafka 60 | 61 | ## Transaction status scheduler delay in seconds. 62 | ## Retrieves transactionRequest status from south-side connector. 63 | ## Scheduler will be disabled if delay is not set. 64 | #transaction_status_scheduler_delay=300 65 | 66 | ## If using kafka, set the brokers 67 | #kafka.bootstrap_hosts=localhost:9092 68 | # WARNING: if this number does not match the partitions in Kafka config, you will SUFFER ! 69 | #kafka.partitions=3 70 | #kafka.client.id=obp.api.1 71 | 72 | ## Enable user authentication via kafka 73 | #kafka.user.authentication=true 74 | 75 | ## Enable user authentication via obpjvm 76 | #obpjvm.user.authentication=true 77 | 78 | ## Enable SSL for JWT, if set to true must set paths for the keystore locations 79 | jwt.use.ssl=false 80 | 81 | ## Enable SSL for kafka, if set to true must set paths for the keystore locations 82 | #kafka.use.ssl=true 83 | 84 | # Paths to the SSL keystore files - has to be jks 85 | #keystore.path=/path/to/api.keystore.jks 86 | #keystore.password = redf1234 87 | #keystore.passphrase = redf1234 88 | #keystore.alias = localhost 89 | #truststore.path=/path/to/api.truststore.jks 90 | 91 | 92 | ## Enable writing API metrics (which APIs are called) to RDBMS 93 | write_metrics=true 94 | ## Enable writing connector metrics (which methods are called)to RDBMS 95 | write_connector_metrics=true 96 | 97 | ## ElasticSearch 98 | #allow_elasticsearch=true 99 | #allow_elasticsearch_warehouse=true 100 | #allow_elasticsearch_metrics=true 101 | #es.cluster.name=elasticsearch 102 | 103 | 104 | ## ElasticSearch warehouse 105 | #es.warehouse.index=warehouse 106 | #es.warehouse.host=localhost 107 | #es.warehouse.port.tcp=9300 108 | #es.warehouse.port.http=9200 109 | 110 | #es.warehouse.allowed.indices = index1,index2 (or = ALL for all). 111 | #es.warehouse.allowed.maximum.pagesize = 10000 112 | 113 | 114 | 115 | ## ElasticSearch metrics 116 | #es.metrics.index=metrics 117 | #es.metrics.host=localhost 118 | #es.metrics.port.tcp=9300 119 | #es.metrics.port.http=9200 120 | 121 | 122 | ## You can use a no config needed h2 database by setting db.driver=org.h2.Driver and not including db.url 123 | db.driver=org.h2.Driver 124 | db.url=jdbc:h2:./lift_proto.db;DB_CLOSE_ON_EXIT=FALSE 125 | 126 | 127 | #If you want to use the postgres , be sure to create your database and update the line below! 128 | #db.driver=org.postgresql.Driver 129 | #db.url=jdbc:postgresql://localhost:5432/dbname?user=dbusername&password=thepassword 130 | 131 | # If you want to use MySQL 132 | #db.url=jdbc:mysql://localhost:3306/OBP_DB1?user=obp_user_001&password=your-password-here&verifyServerCertificate=false&useSSL=true&serverTimezone=UTC&nullNamePatternMatchesAll=true 133 | 134 | 135 | ## Enable remote Akka actor for data split 136 | ## If set to true, must set hostname and port 137 | ## of remote machine 138 | #remotedata.loglevel=INFO 139 | #remotedata.timeout=2 140 | #remotedata.enable=true 141 | #remotedata.hostname=127.0.0.1 142 | #remotedata.port=2662 143 | ## Arbitrary value used in order to assure us that 144 | ## remote and local sides are paired well 145 | ## Only needed when remotedata.enable=true 146 | #remotedata.secret=CHANGE_ME 147 | 148 | ## Set separate database for data split 149 | ## If remotedata is disabled, bd has to be accessible from local machine 150 | ## If remotedata is enabled, db has to be accessible from remote machine 151 | #remotedata.db.driver=org.h2.Driver 152 | #remotedata.db.url=jdbc:h2:./lift_proto.db.remotedata;DB_CLOSE_ON_EXIT=FALSE 153 | #remotedata.db.username=user 154 | #remotedata.db.password=secret 155 | 156 | 157 | ## Our own remotely accessible URL 158 | ## This is needed for oauth to work. it's important to access the api over this url, e.g. 159 | ## If this is 127.0.0.1 do NOT use localhost to access it. 160 | ## (this needs to be a URL) 161 | hostname=http://127.0.0.1:8080 162 | 163 | ## This is only useful for running the api locally via RunWebApp 164 | ## If you use it, make sure this matches your hostname port! 165 | ## If you want to change the port when running via the command line, use "mvn -Djetty.port=8080 jetty:run" instead 166 | dev.port=8080 167 | 168 | 169 | #The start of the api path (before the version) 170 | #It is *strongly* recommended not to change this - since Apps will be expecting the api at /obp/+version 171 | #Including it here so we have a canonical source of the value 172 | #This was introduced March 2016, some code might use hardcoded value instead. 173 | #Default value is obp (very highly recomended) 174 | apiPathZero=obp 175 | 176 | ## Sending mail out 177 | ## Not need in dev mode, but important for production 178 | mail.api.consumer.registered.sender.address=no-reply@example.com 179 | mail.api.consumer.registered.notification.addresses=you@example.com 180 | # This property allows sending API registration data to developer's email. 181 | #mail.api.consumer.registered.notification.send=false 182 | We only send consumer keys and secret if this is true 183 | #mail.api.consumer.registered.notification.send.sensistive=false 184 | mail.smtp.host=127.0.0.1 185 | mail.smtp.port=25 186 | 187 | ## Oauth token timeout 188 | token_expiration_weeks=4 189 | 190 | 191 | 192 | ### Sandbox 193 | 194 | ## Set this to true if you want to allow users to create sandbox test accounts with a starting balance 195 | allow_sandbox_account_creation=true 196 | 197 | ## Set this to true if you want to allow the "data import" api call 198 | allow_sandbox_data_import=true 199 | 200 | # Secret key that allows access to the "data import" api. You should change this to your own secret key 201 | sandbox_data_import_secret=change_me 202 | 203 | 204 | 205 | ### API features 206 | 207 | ## Secret key that allows access to the "add cash transactions" api. You should change this to your own secret key 208 | cashApplicationKey=change_me 209 | 210 | ## Set this to false if you don't want the api payments call to work (starting with v1.2.1) 211 | payments_enabled=true 212 | 213 | ## Transaction requests are replacing simple payments starting from 1.4.0 214 | transactionRequests_enabled=true 215 | transactionRequests_connector=mapped 216 | 217 | ## Transaction Request Types that are supported on this server. Possible values might include SANDBOX_TAN, COUNTERPARTY, SEPA, FREE_FORM 218 | transactionRequests_supported_types=SANDBOX_TAN,COUNTERPARTY,SEPA,ACCOUNT_OTP,ACCOUNT 219 | 220 | ## Transaction request challenge threshold. Level at which challenge is created and needs to be answered. 221 | ## The Currency is EUR unless set with transactionRequests_challenge_currency. 222 | ## The values specified here are converted to the transaction currency. 223 | ## Connector implementation may well provide dynamic response 224 | ## These settings are of the form transactionRequests_challenge_threshold_UPPERCASETYPE=INTEGER 225 | transactionRequests_challenge_threshold_SANDBOX_TAN=1000 226 | transactionRequests_challenge_threshold_SEPA=1000 227 | 228 | # To set a currency for the above value: 229 | #transactionRequests_challenge_currency=KRW 230 | 231 | 232 | ## For video conference meetings (createMeeting) 233 | meeting.tokbox_enabled=false 234 | meeting.tokbox_api_key=changeme 235 | meeting.tokbox_api_secret=changeme 236 | 237 | 238 | 239 | ### Management modules 240 | 241 | ## RabbitMQ settings (used to communicate with HBCI project) 242 | connection.host=localhost 243 | connection.user=theusername 244 | connection.password=thepassword 245 | 246 | ## Secret key that allows access to the "add transactions" api. You should change this to your own secret key 247 | importer_secret=change_me 248 | 249 | ## Set this to true if you want to have the api send a message to the hbci project to refresh transactions for an account 250 | messageQueue.updateBankAccountsTransaction=false 251 | 252 | ## The minimum time between updates in hours 253 | messageQueue.updateTransactionsInterval=1 254 | 255 | ## Set this to true if you want to have the api listen for "create account" messages from the hbci project 256 | messageQueue.createBankAccounts=true 257 | 258 | ## Set this to true if you want to allow users to delete accounts (local ones like HBCI connected) 259 | allow_account_deletion=true 260 | 261 | ## Secret key that allows access to api calls to get info about oauth tokens. You should change this 262 | ## to your own secret key 263 | BankMockKey=change_me 264 | 265 | 266 | ##################################################################################### 267 | ## Web interface configuration 268 | 269 | ## IMPLEMENTING BANK SPECIFIC BRANDING ON ONE OBP INSTANCE ######################## 270 | # Note, you can specify bank specific branding by appending _FOR_BRAND_ to the standard props names 271 | # e.g. 272 | #webui_header_logo_left_url_FOR_BRAND_banku = https://static.openbankproject.com/images/sandbox/bank_u.png 273 | #webui_header_logo_left_url_FOR_BRAND_banky = https://static.openbankproject.com/images/sandbox/bank_y.png 274 | # And invoke by calling index etc with ?brand= 275 | # e.g. http://127.0.0.1:8080/?brand=x 276 | # For any properties that don't have a bank specific flavour, the standard props name will be used. 277 | # 278 | # 279 | # 280 | ## IMPLEMENTING REAL TIME CHANGES TO webui_ PROPERTIES ######################## 281 | # Properties begining with "webui_" may also be stored in the database via OBP API calls 282 | # Modifications will cause realtime content changes in the HTML (subject to webui.props.cache.ttl.seconds) once the page is reloaded. 283 | # See the following APIs in API Explorer: 284 | # Add WebUiProps 285 | # Delete WebUiProps 286 | # Get WebUiProps 287 | #################################################################################### 288 | 289 | 290 | 291 | webui_header_logo_left_url = /media/images/logo.png 292 | webui_header_logo_right_url = 293 | webui_index_page_about_section_background_image_url = /media/images/about-background.jpg 294 | webui_index_page_about_section_text =

\ 295 | Welcome to the API Sandbox powered by the Open Bank Project!
\ 296 |

297 | 298 | # Top text appears on default.html For branding next to logo(s) 299 | webui_top_text= 300 | 301 | 302 | 303 | # Bottom Footer logo 304 | #webui_footer2_logo_left_url= 305 | # Bottom Footer middle text 306 | #webui_footer2_middle_text= 307 | 308 | 309 | # API Explorer URL, change to your instance 310 | webui_api_explorer_url = https://apiexplorer.openbankproject.com 311 | 312 | # Sofi URL (aka Social Finance), change to your instance 313 | webui_sofi_url = https://sofi.openbankproject.com 314 | 315 | # API Manager URL, change to your instance 316 | webui_api_manager_url = https://apimanager.openbankproject.com 317 | 318 | # Open Bank Project CLI URL, change to your instance 319 | webui_obp_cli_url = https://github.com/OpenBankProject/OBP-CLI 320 | 321 | # API Tester URL, change to your instance 322 | webui_api_tester_url = https://apitester.openbankproject.com 323 | 324 | 325 | 326 | 327 | # To display a custom message above the username / password box 328 | # We currently use this to display example customer login in sandbox etc. 329 | webui_login_page_special_instructions= 330 | 331 | 332 | ################################################################################## 333 | # The following two Props values are related. 334 | # Defines the the contents of the /introduction page and also the contents of the Glossary Item `Sandbox Introduction` 335 | # 336 | # Please NOTE: It is difficult to put markdown in this file because you have to escape characters. 337 | # HOWEVER, you can easily use the *API Manager / Configure / Web UI Props * to write the value over the API because API Manager takes care of the markdown escaping. 338 | # Note if webui_api_documentation_url is set, then the User won't be directed to the /introduction page but to the webui_api_documentation_url 339 | webui_sandbox_introduction= 340 | # To set an External page for documentation e.g. a wiki page. 341 | # Change this if you have a specific landing page. 342 | # NOTE: if this is *not set*, the Introduction Button on /index will link the user to /introduction 343 | # If this is set, the Introduction Button will link the user to the URL defined above. (but the page /introduction will still exist so you might want to populate webui_sandbox_introduction anyway.) 344 | webui_api_documentation_url = https://github.com/OpenBankProject/OBP-API/wiki 345 | ################################################################################### 346 | 347 | # Link for SDKs 348 | webui_sdks_url = https://github.com/OpenBankProject/OBP-API/wiki/OAuth-Client-SDKS 349 | 350 | 351 | # Text about data in FAQ 352 | webui_faq_data_text = We use real data and customer profiles which have been anonymized. 353 | 354 | # Link to FAQ 355 | webui_faq_url = https://openbankproject.com/faq/ 356 | 357 | # Email address in FAQ for further inquiries 358 | webui_faq_email = contact@openbankproject.com 359 | 360 | # Link to support platform 361 | webui_support_platform_url = https://slack.openbankproject.com/ 362 | 363 | # Link to Direct Login glossary on api explorer 364 | webui_direct_login_documentation_url = 365 | 366 | # Link to OAuth 1.0a glossary on api explorer 367 | webui_oauth_1_documentation_url = 368 | 369 | # Link to OAuth 2.0 glossary on api explorer 370 | webui_oauth_2_documentation_url = 371 | 372 | # URL of OAuth2.0 server 373 | oauth2_server_url = 374 | 375 | # Link to Privacy Policy on signup page 376 | webui_agree_privacy_policy_url = https://openbankproject.com/privacy-policy 377 | webui_agree_privacy_policy_html_text =
378 | 379 | ## For partner logos and links 380 | webui_main_partners=[\ 381 | {"logoUrl":"http://www.example.com/images/logo.png", "homePageUrl":"http://www.example.com", "altText":"Example 1"},\ 382 | {"logoUrl":"http://www.example.com/images/logo.png", "homePageUrl":"http://www.example.com", "altText":"Example 2"}] 383 | 384 | # Prefix for all page titles (note the trailing space!) 385 | webui_page_title_prefix = Open Bank Project: 386 | 387 | # Main style sheet. Add your own if need be. 388 | webui_main_style_sheet = /media/css/website.css 389 | 390 | # Override certain elements (with important styles) 391 | webui_override_style_sheet = 392 | 393 | ## Link to agree to Terms & Conditions, shown on signup page 394 | webui_agree_terms_url = 395 | 396 | # URL to load (additional) vendor support content 397 | #webui_vendor_support_content_url = http://127.0.0.1:8080/plain.html 398 | 399 | # URL to load (additional) about vendor content 400 | #webui_about_vendor_content_url = http://127.0.0.1:8080/plain.html 401 | 402 | # URL to load (alternative) get started content (this replaces the normal content in index.html 403 | #webui_get_started_content_url = http://127.0.0.1:8080/plain.html 404 | 405 | 406 | 407 | # If we want to gather more information about an Application / Startup fill this url and text 408 | # Will be displayed on the post Consumer Registration page. 409 | #webui_post_consumer_registration_more_info_url = 410 | #webui_post_consumer_registration_more_info_text = Please tell us more your Application and / or Startup using this link. 411 | 412 | 413 | ## Display For Banks section 414 | webui_display_for_banks_section = true 415 | 416 | webui_get_started_text = Get started building your application using this sandbox now 417 | 418 | 419 | webui_dummy_user_logins = Customer Logins\ 420 | \ 421 | TODO we should be able to put markdown here and have it rendered as such in the glossary 422 | Developers can use the following logins to get access to dummy customer accounts and transactions.\ 423 | \ 424 | \ 425 | {\ 426 | "user_name":"john",\ 427 | "password":"ford",\ 428 | "email":"john.ford@example.com"\ 429 | },\ 430 | {\ 431 | "user_name":"jane",\ 432 | "password":"burrel",\ 433 | "email":"jane.burrel@example.com"\ 434 | },\ 435 | \ 436 | \ 437 | Please ask a member of the Open Bank Project team for more logins if you require. You can use this [application](https://sofit.openbankproject.com) which also uses OAuth to browse your transaction data (use the above username/password).\ 438 | 439 | # when this value is set to true and webui_dummy_user_logins value not empty, the register consumer key success page will show dummy customers Direct Login tokens. 440 | webui_show_dummy_user_tokens=false 441 | 442 | # when developer register the consumer successfully, it will show this message to developer on the webpage or email. 443 | webui_register_consumer_success_message_webpage = Thanks for registering your consumer with the Open Bank Project API! Here is your developer information. Please save it in a secure location. 444 | webui_register_consumer_success_message_email = Thank you for registering to use the Open Bank Project API. 445 | 446 | ## End of webui_ section ######## 447 | 448 | 449 | ## API Options 450 | apiOptions.getBranchesIsPublic = true 451 | apiOptions.getAtmsIsPublic = true 452 | apiOptions.getProductsIsPublic = true 453 | apiOptions.getTransactionTypesIsPublic = true 454 | apiOptions.getCurrentFxRateIsPublic = true 455 | 456 | ## Default Bank. Incase the server wants to support a default bank so developers don't have to specify BANK_ID 457 | ## e.g. developers could use /my/accounts as well as /my/banks/BANK_ID/accounts 458 | defaultBank.bank_id=THE_DEFAULT_BANK_ID 459 | 460 | 461 | ## Super Admin Users (not database so we don't have to edit database) 462 | super_admin_user_ids=USER_ID1,USER_ID2, 463 | 464 | 465 | 466 | ######## Enable / Disable Versions and individual endpoints. ######## 467 | # In OBP, endpoints are defined in various files but made available under a *version* 468 | # e.g. in v3_0_0 (aka v3.0.0) we have endpoints from various versions. 469 | # Thus when we enable/disable a version we enable/disable a group of endpoints which are defined in several files. 470 | # 471 | # 472 | # For a VERSION to be allowed it must be: 473 | 474 | # 1) Absent from here: 475 | #api_disabled_versions=[v3_0_0] 476 | 477 | # 2) Present here OR this entry must be empty. 478 | #api_enabled_versions=[v2_2_0,v3_0_0] 479 | 480 | # Note we use "v" and "_" in the name to match the ApiVersions enumeration in ApiUtil.scala 481 | 482 | # For an ENDPOINT to be allowed it must be: 483 | 484 | # 1) Absent from here: 485 | #api_disabled_endpoints=[createAccount] 486 | 487 | # 2) Present here OR this list must be empty 488 | #api_enabled_endpoints=[createAccount,accountById] 489 | 490 | # Note that "root" cannot be disabled 491 | # 492 | # 493 | ########################## 494 | 495 | 496 | ## OpenId Connect can be used to retrieve User information from an 497 | ## external OpenID Connect server. 498 | ## To use an external OpenID Connect server, 499 | ## you will need to change these values. 500 | ## The following values provided for a temp test account. 501 | ## CallbackURL 127.0.0.1:8080 should work in most cases. 502 | ## Note: The email address used for login must match one 503 | ## registered on OBP localy. 504 | #allow_openidconnect=true 505 | #openidconnect.clientSecret=CEX3Oud7N8p69qCnNTWvnic3-1ortVlGnD1GXgzxpDW-GjD5_3xG1-G5Kln3K9FA 506 | #openidconnect.clientId=yzKGC1ZKYqwYRpvbDaTq2r8mEQLY31D4 507 | #openidconnect.domain=justatest.eu.auth0.com 508 | #openidconnect.callbackURL=http://127.0.0.1:8080/my/logins/openidconnect 509 | #openidconnect.url.login=https://cdn.auth0.com/js/lock/10.2/lock.min.js 510 | #openidconnect.url.userinfo=https://justatest.eu.auth0.com/userinfo 511 | #openidconnect.url.token=https://justatest.eu.auth0.com/oauth/token 512 | #openidconnect.url.buttonImage=http://wiki.openid.net/f/openid-logo-wordmark.png 513 | 514 | # When new consumers inserted they should use this setting. 515 | consumers_enabled_by_default=true 516 | 517 | # Autocomplete for login form has to be explicitly set 518 | autocomplete_at_login_form_enabled=false 519 | 520 | # Skip Auth User Email validation (defaults to true) 521 | #authUser.skipEmailValidation=true 522 | 523 | # If using Kafka but want to get counterparties from OBP, set this to true 524 | #get_counterparties_from_OBP_DB=true 525 | 526 | # control the create and access to public views. 527 | # allow_public_views=false 528 | 529 | # control access to firehose views. 530 | # allow_firehose_views=false 531 | 532 | # -- Gateway login -------------------------------------- 533 | # Enable/Disable Gateway communication at all 534 | # In case isn't defined default value is false 535 | # allow_gateway_login=false 536 | # Define comma separated list of allowed IP addresses 537 | # gateway.host=127.0.0.1 538 | # Define secret used to validate JWT token 539 | # gateway.token_secret=secret 540 | # -------------------------------------- Gateway login -- 541 | 542 | 543 | # Disable akka (Remote storage not possible) 544 | use_akka=false 545 | 546 | 547 | # -- Display internal errors -------------------------------------- 548 | # Enable/Disable showing of nested/chained error messages to an end user 549 | # When is disabled we show only last message which should be a user friendly one. For instance: 550 | # { 551 | # "error": "OBP-30001: Bank not found. Please specify a valid value for BANK_ID." 552 | # } 553 | # When is disabled we also do filtering. Every message which does not contain "OBP-" is considered as internal and as that is not shown. 554 | # In case the filtering implies an empty response we provide a generic one: 555 | # { 556 | # "error": "OBP-50005: An unspecified or internal error occurred." 557 | # } 558 | # When is enabled we show all messages in a chain. For instance: 559 | # { 560 | # "error": "OBP-30001: Bank not found. Please specify a valid value for BANK_ID. <- Full(Kafka_TimeoutExceptionjava.util.concurrent.TimeoutException: The stream has not been completed in 1550 milliseconds.)" 561 | # } 562 | display_internal_errors=false 563 | # -------------------------------------- Display internal errors -- 564 | 565 | 566 | # -- OAuth 2 --------------------------------------------------------------------------------- 567 | # Enable/Disable OAuth 2 workflow at a server instance 568 | # In case isn't defined default value is false 569 | # allow_oauth2_login=false 570 | # URL of Public server JWK set used for validating bearer JWT access tokens 571 | # It can contain more than one URL i.e. list of uris. Values are comma separated. 572 | # If MITREId URL is present it must be at 1st place in the list 573 | # because MITREId URL can be an appropirate value and we cannot rely on it. 574 | # oauth2.jwk_set.url=http://localhost:8080/jwk.json,https://www.googleapis.com/oauth2/v3/certs 575 | # ------------------------------------------------------------------------------ OAuth 2 ------ 576 | 577 | ## This property is used for documenting at Resource Doc. It may include the port also (but not /obp) 578 | ## (this needs to be a URL) 579 | documented_server_url=https://apisandbox.openbankproject.com 580 | organisation_website = https://www.tesobe.com 581 | 582 | ## This property is a comma separated list of APIs that should be "featured" i.e. highlighted, or listed prominently in the API Explorer etc. 583 | featured_apis=elasticSearchWarehouseV300 584 | 585 | ## Note: To add special instructions for an endpoint, just add a folder called of named special_instructions_for_resources 586 | ## to your src main resources folder and create markdown files there for each partial function that needs special instructions 587 | ## and they will be displayed in the API Explorer (and in Resource Docs endpoint). 588 | ## e.g. OBP-API/src/main/resources/special_instructions_for_resources/dataWarehouseSearch.md 589 | ## Note: You do NOT need to include anything here for this to work. 590 | 591 | # -- ScalaGuava cache ------------------------------------- 592 | # Define which cache provider to use: "in-memory", "redis". 593 | # In case isn't defined default value is "in-memory" 594 | # guava.cache=redis 595 | # guava.redis.url=127.0.0.1 596 | # guava.redis.port=6379 597 | # --------------------------------------------------------- 598 | 599 | # -- New Style Endpoints ----------------------- 600 | # Filter or not Resource Doc by New Style 601 | # true implies we only have new style endpoints 602 | # new_style_only=false 603 | # ---------------------------------------------- 604 | 605 | # -- Calls Limit -------------------------------------- 606 | # Define how many calls per hour a consumer can make 607 | # In case isn't defined default value is "false" 608 | # use_consumer_limits=false 609 | # In case isn't defined default value is "false" 610 | # use_consumer_limits_in_memory_mode=false 611 | # In case isn't defined default value is 60 612 | # user_consumer_limit_anonymous_access=100 613 | # redis_address=127.0.0.1 614 | # redis_port=6379 615 | # In case isn't defined default value is root 616 | # rate_limiting.exclude_endpoints=root 617 | # ----------------------------------------------------- 618 | 619 | # -- Migration Scripts ---------------------------- 620 | # Enable/Disable execution of migration scripts. 621 | # In case isn't defined default value is "false" 622 | # migration_scripts.execute=false 623 | # Define list of migration scripts to execute. 624 | # List is not ordered. 625 | # list_of_migration_scripts_to_execute=dummyScript 626 | # Bypass the list and execute all available scripts 627 | # migration_scripts.execute_all=false 628 | # ------------------------------------------------- 629 | 630 | # -- Mapper rules ------------------------------- 631 | # Define mapper rules 632 | # In case isn't defined default value is "false" 633 | # mapper_rules.create_foreign_keys=false 634 | # ----------------------------------------------- 635 | 636 | # -- Akka connector -------------------------------------------- 637 | # Define mapper rules 638 | # In case isn't defined default value is "127.0.0.1" 639 | # akka_connector.hostname=127.0.0.1 640 | # In case isn't defined default value is "2662" 641 | # akka_connector.port=2662 642 | # In case isn't defined default value is "INFO" 643 | # akka_connector.loglevel=INFO/DEBUG etc. 644 | # In case isn't defined default value is "akka-connector-actor" 645 | # akka_connector.name_of_actor=SOME_ACTOR_NAME 646 | # -------------------------------------------------------------- 647 | 648 | 649 | # -- Rest connector -------------------------------------------- 650 | # If Rest Connector do not get the response in the following seconds, it will throw the error message back. 651 | # This props can be omitted, the default value is 59. It should be less than Nginx timeout. 652 | # rest2019_connector_timeout = 59 653 | 654 | 655 | 656 | # -- Scopes ----------------------------------------------------- 657 | # Scopes are a way to limit the APIs a Consumer can call. 658 | # In case isn't defined default value is "false" 659 | # require_scopes_for_all_roles=false 660 | # require_scopes_for_listed_roles=CanCreateUserAuthContext,CanGetCustomer 661 | # --------------------------------------------------------------- 662 | 663 | # -- Database scheduler ----------------------------- 664 | # Database scheduler interval in seconds. 665 | # Scheduler would not be started if delay is not set. 666 | database_messages_scheduler_interval=3600 667 | # --------------------------------------------------- 668 | 669 | # -- Consents ----------------------------------- 670 | # In case isn't defined default value is "false" 671 | # consents.allowed=true 672 | # ----------------------------------------------- 673 | 674 | # -- SCA (Strong Customer Authentication) ------- 675 | # For now, OBP-API use `nexmo` server as the SMS provider. Please check `nexmo` website, and get the api key and value there. 676 | # sca_phone_api_key = oXAjqAJ6rvCunpzN 677 | # sca_phone_api_secret =oXAjqAJ6rvCunpzN123sdf 678 | # 679 | 680 | # -- PSD2 Certificates -------------------------- 681 | # In case isn't defined default value is "false" 682 | # requirePsd2Certificates=false 683 | # ----------------------------------------------- 684 | 685 | # -- OBP-API mode ------------------------------- 686 | # In case isn't defined default value is "apis,portal" 687 | # Possible cases: portal, api 688 | # server_mode=apis,portal 689 | # If the server_mode set to `portal`, so we need to set its portal hostname. If omit this props, then it will use `hostname` value instead. 690 | # portal_hostname=http://127.0.0.1:8080 691 | # ----------------------------------------------- 692 | 693 | # -- SCA (Strong Customer Authentication) method for OTP challenge------- 694 | # ACCOUNT_OTP_INSTRUCTION_TRANSPORT=dummy 695 | # SEPA_OTP_INSTRUCTION_TRANSPORT=dummy 696 | # FREE_FORM_OTP_INSTRUCTION_TRANSPORT=dummy 697 | # COUNTERPARTY_OTP_INSTRUCTION_TRANSPORT=dummy 698 | # Possible values: dummy,email,sms 699 | # ----------------------------------------------------------------------- 700 | 701 | # convert Bank_Plan_Text_Reference to OBP-UUID switch. Note: this is in process only for RestConnector now. 702 | #implicitly_convert_ids = false 703 | 704 | # Enable /Disable Create password reset url endpoint 705 | #ResetPasswordUrlEnabled=false 706 | 707 | # Get API Info (root) 708 | #hosted_at.organisation= 709 | #hosted_at.organisation_website= 710 | #energy_source.organisation= 711 | #energy_source.organisation_website= 712 | 713 | # GRPC 714 | # the default GRPC is disabled 715 | # grpc.server.enabled = false 716 | # If do not set this props, the grpc port will be set randomly when OBP starts. 717 | # And you can call `Get API Configuration` endpoint to see the `grpc_port` there. 718 | # When you set this props, need to make sure this port is available. 719 | # grpc.server.port = 50051 720 | -------------------------------------------------------------------------------- /api_with_local_war/Dockerfile: -------------------------------------------------------------------------------- 1 | # This creates a jetty jre8 image containing a local war file. 2 | 3 | 4 | FROM openjdk:8-jre-alpine 5 | 6 | # Add user 7 | RUN adduser -D obp 8 | 9 | # Download jetty 10 | RUN wget -O - https://repo1.maven.org/maven2/org/eclipse/jetty/jetty-distribution/9.4.15.v20190215/jetty-distribution-9.4.15.v20190215.tar.gz | tar zx 11 | RUN mv jetty-distribution-* jetty 12 | 13 | 14 | # Copy build artifact (.war file) into jetty from local directory. 15 | ADD ./ROOT.war /jetty-distribution-9.4.15.v20190215/webapps/ROOT.war 16 | 17 | WORKDIR jetty-distribution-9.4.15.v20190215/ 18 | RUN chown -R obp /jetty-distribution-9.4.15.v20190215 19 | 20 | # Switch to the obp user (non root) 21 | USER obp 22 | 23 | # Starts jetty 24 | ENTRYPOINT ["java", "-jar", "start.jar"] 25 | --------------------------------------------------------------------------------