README.md

# openpayments-mock

Tiny in-memory stand-in for the Open Payments PSD2/BerlinGroup aggregator,
used by the `banking-suite` acceptance tests. Accepts any bearer token
and returns canned responses.

Not safe for anything but tests — state is entirely in-memory and there
are no authentication checks.

## Endpoints

### OAuth
- `POST /token` — returns static `{access_token: "acctest", ...}`

### AIS (BerlinGroup shape)
- `GET /psd2/aspspinformation/v1/aspsps` — catalog
- `POST /psd2/consent/v1/consents`
- `GET /psd2/consent/v1/consents/{id}/status`
- `DELETE /psd2/consent/v1/consents/{id}`
- `GET /authorize` — mock SCA stub that immediately redirects back to the
  `TPP-Redirect-URI` with `?code=mock-auth-code&state=...`
- `GET /psd2/accountinformation/v1/accounts`
- `GET /psd2/accountinformation/v1/accounts/{id}/balances`
- `GET /psd2/accountinformation/v1/accounts/{id}/transactions`
- `GET /psd2/cardaccountinformation/v1/card-accounts`

### PIS
- `POST /psd2/paymentinitiation/v1/payments/sepa-credit-transfers`
- `GET  /psd2/paymentinitiation/v1/payments/sepa-credit-transfers/{id}/status`
  — transitions RCVD → PDNG → ACSC deterministically on successive polls.
  Creditor name `"REJECT ME"` transitions to RJCT.
- `POST /psd2/v1/signing-baskets`
- `GET  /psd2/v1/signing-baskets/{id}/status` — RCVD → ACCP → ACSC;
  reaching ACSC advances all linked payments to ACSC.

### Admin (acctest only, not part of PSD2)
- `POST /admin/reset`
- `GET  /admin/consents`
- `POST /admin/transactions` — body `{ accountId, bookingStatus, entries: [...] }`
- `POST /admin/payments/{id}/status` — body `{ status }`
- `POST /admin/baskets/{id}/status` — body `{ status }`
- `POST /admin/consents/{id}/expires-at` — body `{ expiresAt }`

## Build

```bash
docker build -t openpayments-mock:acctest .
```
feat: Open Payments aggregator mock for acctest 2026-04-20 22:11:12 +02:00			`# openpayments-mock`

			`Tiny in-memory stand-in for the Open Payments PSD2/BerlinGroup aggregator,`
			used by the `banking-suite` acceptance tests. Accepts any bearer token
			`and returns canned responses.`

			`Not safe for anything but tests — state is entirely in-memory and there`
			`are no authentication checks.`

			`## Endpoints`

			`### OAuth`
			- `POST /token` — returns static `{access_token: "acctest", ...}`

			`### AIS (BerlinGroup shape)`
			- `GET /psd2/aspspinformation/v1/aspsps` — catalog
			- `POST /psd2/consent/v1/consents`
			- `GET /psd2/consent/v1/consents/{id}/status`
			- `DELETE /psd2/consent/v1/consents/{id}`
			- `GET /authorize` — mock SCA stub that immediately redirects back to the
			`TPP-Redirect-URI` with `?code=mock-auth-code&state=...`
			- `GET /psd2/accountinformation/v1/accounts`
			- `GET /psd2/accountinformation/v1/accounts/{id}/balances`
			- `GET /psd2/accountinformation/v1/accounts/{id}/transactions`
			- `GET /psd2/cardaccountinformation/v1/card-accounts`

			`### PIS`
			- `POST /psd2/paymentinitiation/v1/payments/sepa-credit-transfers`
			- `GET /psd2/paymentinitiation/v1/payments/sepa-credit-transfers/{id}/status`
			`— transitions RCVD → PDNG → ACSC deterministically on successive polls.`
			Creditor name `"REJECT ME"` transitions to RJCT.
			- `POST /psd2/v1/signing-baskets`
			- `GET /psd2/v1/signing-baskets/{id}/status` — RCVD → ACCP → ACSC;
			`reaching ACSC advances all linked payments to ACSC.`

			`### Admin (acctest only, not part of PSD2)`
			- `POST /admin/reset`
			- `GET /admin/consents`
			- `POST /admin/transactions` — body `{ accountId, bookingStatus, entries: [...] }`
			- `POST /admin/payments/{id}/status` — body `{ status }`
			- `POST /admin/baskets/{id}/status` — body `{ status }`
			- `POST /admin/consents/{id}/expires-at` — body `{ expiresAt }`

			`## Build`

			```bash
			`docker build -t openpayments-mock:acctest .`
			```