Open Banking Gateway Versions Save

• Ability to control supported consent types on UI
• FinAPI adapter support
• Support for DeutscheBank (AIS)
• Support for Postbank (PIS+AIS).
• Support for Sparkasse (PIS+AIS)
• Support for other banks (PIS+AIS)
• Decoupled flow support
• Transaction categorization support (via Smartanalytcis)

• Ability to control supported consent types on UI
• FinAPI adapter support
• Support for DeutscheBank (AIS)
• Support for Postbank (PIS+AIS).
• Support for Sparkasse (PIS+AIS)
• Support for other banks (PIS+AIS)
• Decoupled flow support
• Transaction categorization support (via Smartanalytcis)

• Uses Java 11
• Includes Admin API to manipulate bank, bank protocol and profile configuration using REST endpoint
• API YAMLs are available in separate JAR file
• Removed some unused fields from API
• Support for online loading of bank accounts/transactions in HBCI (bypassing older cached results)
• Encryption configuration is persisted to database
• HBCI wrong PIN/TAN cases handling (retry with new pin if provided was wrong)
• Improved FireFly importer to include Force concent update to ensure new consent will be granted
• Added transaction classification/categorization to FireFly importer
• Handling of Consent expired messages by exposing them as non-generic error in API. Now possible to clearly catch this case on client side

• Implement FireFly importer (basic)
• Handling for Xs2a "Consent expired" messages and passing them to FinTech
• Payment dates for payment status are sent from OpenBankingGateway
• HBCI mock server payment update
• Explicitly separate staging (real) banks from mock banks via Liqubase context
• Oauth2 pre-step for Redirect approach support for XS2A
• Fixed problem with handling internal context of exactly 2048 byte size
• Optic TAN support added
• Capablility to list accounts with balances

Same release as https://github.com/adorsys/open-banking-gateway/releases/tag/v0.20.0 with artifacts pushed to Maven-Central using new release pipeline

• Feature: SCA exemption support (0-SCA challenges)
• Feature: Payment without (anonymous) or with login into OpenBanking dictated by API flag if FinTech desires user identification
• Feature: HBCI Sandbox server with account information, transactions, payments support
• Feature: Oauth2 OpenID login into FinTech
• Feature: Secure password storage in FinTech-examples, service account support
• Feature: Show consent and payment details in UI
• Feature: Show intermediate payment status in FinTech (Xs2a payment status support)
• Feature: FinTech and OpenBanking automated cookie renewal
• Feature: HBCI Account information, Transaction information, Payments (single)
• Feature: Xs2a Single payment with EMBEDDED and REDIRECT flow
• Feature: Encrypted storage of FinTech request data
• Feature: Protocol (intermediate and at rest) and consent data encryption
• Feature: Private and secret keys encryption and storage using Datasafe
• Feature: PSU login to OpenBanking for better encryption and consent sharing
• Feature: Secure FinTech to OpenBanking calls by request signing (API requests signing)
• Feature: Better FinTech session handling (more secure cookies and XSRF)
• Feature: Session hijacking protection by requiring consent activation by FinTech on user return
• Feature: Updated used dependency of Xs2a adapter to 0.0.9
• Feature: Xs2a transaction list consent request without knowing account resource id
• Feature: Added configuration table to make fields like PSU_ID optional under certain rules/circumstances (mandatory/optional field dynamic override)
• Renamed tables and changes schema to match encryption flow
• Bugfix: SCA selected method and information was not shown
• Bugfix: Avoid retries (Flowable) for unparseable errors
• Bugfix: Removed common issues with the server returning 503 instead of 500