Page Comparison

The  Open Banking Implementation Entity (OBIE) Functional Conformance Certificate allows WSO2 Open Banking to demonstrate that the solution has successfully implemented all required functional elements of the OBIE Read/Write API specifications, passing all tests performed by the Functional Conformance Tool.

...

1. Start WSO2 Open Banking API Manager and WSO2 Open Banking Key Manager servers.

2. Deploy Account and Transaction API v3.1.1, Payment Initiation API v3.1.1, and Confirmation of Funds API v3.1.1.

   Tip
   If you’re using the Dynamic Client Registration v3.2 API, skip to Setting up the test suite.

3. Sign in to the API Developer Portal as a TPP at https://<WSO2_OB_APIM_HOST>:9443/store.

4. Change the redirect URL of the application to “https://<DOCKER-BRIDGE_SEVER_HOST>:8443/conformancesuite/callback”.

Setting up the test suite

1. Run the following command in a terminal to pull and run the image:

   Code Block
   docker run --add-host=<DOCKER-BRIDGE_SEVER_HOST>:<docker0 ip> -it --name=fsuite -p 8443:8443 -e LOG_LEVEL=debug -e LOG_TRACER=true -e LOG_HTTP_TRACE=true -e DISABLE_JWS=FALSE "openbanking/conformance-suite:[TEST_SUITE_VERSION]"

2. To add the certificates to the container, g o to < WSO2_OB_APIM_HOME>/repository/resources/security and execute the below command to generate the pem file for <WSO2_OB_APIM_HOST>.crt:

   Code Block
   openssl x509 -inform DER -in wso2carbon.crt -out <WSO2_OB_APIM_HOST>.pem -outform PEM

3. Log in to the container:

   Code Block
   docker exec -it fsuite /bin/bash

4. Add the <WSO2_OB_APIM_HOST>.pem certificate to the following locations using the below command:

   1. /usr/local/share/ca-certificates/<WSO2_OB_APIM_HOST>.pem

      Code Block
      docker cp <WSO2_OB_APIM_HOST>.pem fsuite:/usr/local/share/ca-certificates/<WSO2_OB_APIM_HOST>.pem

   2. etc/ssl/certs/<WSO2_OB_APIM_HOST>.pem

      Code Block
      docker cp <WSO2_OB_APIM_HOST>.pem fsuite:/etc/ssl/certs/<WSO2_OB_APIM_HOST>.pem

5. Copy  wso2carbon.jks to the same locations as in step 4.

6. Run the following command:

   Code Block
   update-ca-certificates

7. Stop the container using the following command:

   Code Block
   docker stop fsuite

8. Restart the container:

   Code Block
   docker start -a fsuite

9. Access the test suite at https://localhost:8443 .

10. Select Open Banking test suite and start the test.

    

11. In the Discovery step, update the following values in the JSON file separately for each time the conformance suite runs for Account and Transaction API, Payment Initiation API, and Confirmation of Funds API.

    1. Account and Transaction API:

       Tip
       A sample endpoint configuration for the Account and Transaction API is available here.

       discoveryItems
       apiSpecification name	Account and Transaction API Specification
       openidConfigurationUri	The OpenID Connect discovery endpoint. For example: https://<DOCKER_SEVER_HOST>:8243/.well-known/openid-configuration
       resourceBaseUri	Production/Sandbox URL for the API. For example: https://<DOCKER_SEVER_HOST>:8243/open-banking/v3.1/aisp

    2. Payment Initiation API:

       Tip
       A sample endpoint configuration for the Payment Initiation API is available here.

       discoveryItems
       apiSpecification name	Payment Initiation API
       openidConfigurationUri	The OpenID Connect discovery endpoint. For example: https://<DOCKER_SEVER_HOST>:8243/.well-known/openid-configuration
       resourceBaseUri	Production/Sandbox URL for the API. For example: https://<DOCKER_SEVER_HOST>:8243/open-banking/v3.1/pisp

    3. Confirmation of Funds API:

       Tip
       A sample endpoint configuration for the Confirmation of Funds API is available here.

       discoveryItems
       apiSpecification name	Confirmation of Funds API
       openidConfigurationUri	The OpenID Connect discovery endpoint. For example: https://<DOCKER_SEVER_HOST>:8243/.well-known/openid-configuration
       resourceBaseUri	Production/Sandbox URL for the API. For example: https://<DOCKER_SEVER_HOST>:8243/open-banking/v3.1/cbpii

12. Click Next and proceed to the Configuration stage.

13. Add the following mandatory configurations in the form/JSON file.

    Tip
    A sample TestData_Configure.json is available  here.

    Payments

    Identification

    Beneficiary account identification

    Name

    Name of the account, as assigned by the account

    Client
    Private Signing Key (.key):	The Private Signing Key certificate of the client/application created in the section above .
    Public Signing Certificate (.pem):	The Public Signing Certificate of the client/application created in the section above.
    Private Transport Key (.key):	The Private Transport Key certificate of the client/application created in the section above.
    Public Transport Certificate (.pem):	The Public Transport Certificate of the client/application created in the section above.
    Account IDs	The Account IDs of the account resources that the customer (PSU) has consented to provide to the client/application.
    Statement IDs	The Statement IDs of the statement resources that the customer (PSU) has consented to provide to the client/application.
    Client ID	Consumer key of the client/application created in the section above.
    Client Secret	Consumer secret of the client/application created in the section above.

    Well-Known

    OAuth 2.0 response_type

    A JSON array containing a list of the OAuth 2.0 response_type values that this OP supports. Dynamic OpenID Providers MUST support the code, id_token, and the token id_token Response Type values

    Request object signing algorithm

    The algorithm used to sign requests objects

    Resource Base URL

    The base URL of the WSO2 OB APIM server. For example: https://<WSO2_OB_APIM_HOST>:8243

    tpp_signature_kid	The KID value of the signing certificate.
    tpp_signature_issuer	Certificate Owner (Eg: CN=sgsMuc8ACBgBzinpr8oJ8B, OU=0015800001HQQrZAAX, O=OpenBanking, C=GB)
    tpp_signature_tan	Trust Anchor used in signing JOSE (Eg: openbanking.org.uk)

    Well-Known
    OAuth 2.0 response_type	A JSON array containing a list of the OAuth 2.0 response_type values that this OP supports. Dynamic OpenID Providers MUST support the code, id_token, and the token id_token Response Type values
    Request object signing algorithm	The algorithm used to sign requests objects
    Resource Base URL	The base URL of the WSO2 OB APIM server. For example: https://<WSO2_OB_APIM_HOST>:8243

    Payments
    Identification	Beneficiary account identification
    Name	Name of the account, as assigned by the account servicing institution. Usage: The account name is the name or names of the account owner(s) represented at an account level. The account name is not the product name or the nickname of the account.
    International Identification	The international beneficiary account identification
    International Name	International name of the account, as assigned by the account servicing institution. Usage: The account name is the name or names of the account owner(s) represented at an account level. The account name is not the product name or the nickname of the account.

    Confirmation of Funds
    Schema Name	Name of the identification scheme.
    Identification	Account identification, which is known by the account owner.
    Name	The name of the account, as assigned by the account servicing institution. Usage: The account name is the name or names of the account owner(s) represented at an account level. The account name is not the product name or the nickname of the account.
    tpp_signature_kid	The KID value of the signing certificate.
    tpp_signature_issuer	Certificate Owner (Eg: CN=sgsMuc8ACBgBzinpr8oJ8B, OU=0015800001HQQrZAAX, O=OpenBanking, C=GB)
    tpp_signature_tan	Trust Anchor used in signing JOSE (Eg: openbanking.org.uk)

14. Click Next   and run the suite.