aggcat 0.0.1

data/.gitignore

@@ -0,0 +1,18 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp
+.idea

data/Gemfile

@@ -0,0 +1,6 @@
+source 'https://rubygems.org'
+
+gem 'oauth', '~> 0.4'
+gem 'nori', '~> 2.0'
+gem 'nokogiri', '~> 1.5'
+gem 'active_support', '~> 3.0'

data/LICENSE.txt

@@ -0,0 +1,20 @@
+Copyright (c) 2013 Gene Drabkin
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,71 @@
+# Aggcat
+
+  Intuit Customer Account Data API client
+
+## Installation
+
+Aggcat is available through [Rubygems](http://rubygems.org/gems/aggcat) and can be installed via:
+
+```
+$ gem install aggcat
+```
+
+or add it to your Gemfile like this:
+
+```
+gem 'aggcat'
+```
+
+## Usage
+
+```ruby
+require 'aggcat'
+
+# configure Aggcat
+Aggcat.configure do |config|
+  config.issuer_id = YOUR_ISSUER_ID
+  config.consumer_key = YOUR_CONSUMER_KEY
+  config.consumer_secret = YOUR_CONSUMER_SECRET
+  config.certificate_path = '/path/to/your/certificate/key'
+end
+
+# create client
+client = Aggcat.client
+
+# get all supported financial institutions
+client.institutions
+=> {:response_code=>"200", :response=>{:institutions=>{:institution=>[{:institution_id=>"8860", :institution_name=>"Carolina Foothills FCU Credit Card", :home_url=>"http://www.cffcu.org/index.html", :phone_number=>"1-864-585-6838", :virtual=>false},
+
+# get details for Bank of America
+client.institution(14007)
+=> {:response_code=>"200", :response=>{:institution_detail=>{:institution_id=>"14007", :institution_name=>"Bank of America", :home_url=>"https://www.bankofamerica.com/", :phone_number=>"1-800-792-0808", :address=>{:address1=>"307 S. MAIN", :city=>"Charlotte", :state=>"NC", :postal_code=>"28255", :country=>"USA"}, :email_address=>"https://www.bankofamerica.com/contact/", :special_text=>"Please enter your Bank of America Online ID and Passcode required for login.", :currency_code=>"USD", :keys=>{:key=>[{:name=>"TAX_AGGR_ENABLED", :val=>"FALSE", :status=>"Active", :display_flag=>false, :display_order=>"20", :mask=>false}, {:name=>"passcode", :status=>"Active", :value_length_max=>"20", :display_flag=>true, :display_order=>"2", :mask=>true, :description=>"Passcode"}, {:name=>"onlineID", :status=>"Active", :value_length_max=>"32", :display_flag=>true, :display_order=>"1", :mask=>false, :description=>"Online ID"}]}}}}
+
+# add new financial account to aggregate from Bank of America
+client.discover_and_add_accounts(14007, username, password)
+
+# get one financial account
+client.account(account_id)
+
+# get all aggregated accounts
+client.accounts
+
+# delete account
+client.delete_account(account_id)
+
+# get account transactions
+client.account_transactions(account_id, start_date, end_date)
+
+# delete all aggregated customers
+client.delete_customers
+
+```
+
+## Documentation
+
+Please make sure to read Intuit's [Account Data API](http://docs.developer.intuit.com/0020_Aggregation_Categorization_Apps/AggCat_API/0020_API_Documentation) docs.
+
+## Copyright
+Copyright (c) 2013 Gene Drabkin.
+See [LICENSE][] for details.
+
+[license]: LICENSE.md

data/Rakefile

@@ -0,0 +1 @@
+require 'bundler/gem_tasks'

data/aggcat.gemspec

@@ -0,0 +1,28 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'aggcat/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'aggcat'
+  spec.version       = Aggcat::VERSION
+  spec.authors       = ['Gene Drabkin']
+  spec.email         = ['gene.drabkin@gmail.com']
+  spec.description   = %q{Intuit Customer Account Data API client}
+  spec.summary       = %q{Intuit Customer Account Data API client}
+  spec.homepage      = ''
+  spec.license       = 'MIT'
+
+  spec.files         = `git ls-files`.split($/)
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ['lib']
+
+  spec.add_development_dependency 'oauth', '~> 0.4'
+  spec.add_development_dependency 'nori', '~> 2.0'
+  spec.add_development_dependency 'nokogiri', '~> 1.5'
+  spec.add_development_dependency 'active_support', '~> 3.0'
+  spec.add_development_dependency 'bundler', '~> 1.3'
+  spec.add_development_dependency 'rake'
+
+end

data/lib/aggcat.rb

@@ -0,0 +1,22 @@
+require 'aggcat/version'
+require 'aggcat/configurable'
+require 'aggcat/base'
+require 'aggcat/client'
+
+module Aggcat
+  class << self
+    include Aggcat::Configurable
+
+    def client
+      @client ||= Aggcat::Client.new(options)
+    end
+
+    private
+
+    def method_missing(method_name, *args, &block)
+      return super unless client.respond_to?(method_name)
+      client.send(method_name, *args, &block)
+    end
+
+  end
+end

data/lib/aggcat/base.rb

@@ -0,0 +1,96 @@
+require 'active_support'
+require 'active_support/builder'
+require 'base64'
+require 'cgi'
+require 'net/https'
+require 'nokogiri'
+require 'nori'
+require 'oauth'
+require 'openssl'
+require 'securerandom'
+require 'uri'
+
+module Aggcat
+  class Base
+
+    SAML_URL = 'https://oauth.intuit.com/oauth/v1/get_access_token_by_saml'
+
+    NAMESPACE = 'http://schema.intuit.com/platform/fdatafeed/institutionlogin/v1'
+    TIME_FORMAT = '%Y-%m-%dT%T.%LZ'
+    DATE_FORMAT = '%Y-%m-%d'
+
+    TIMEOUT = 120
+
+    DELETE_KEYS = {:'@xmlns' => nil, :'@xmlns:ns2' => nil, :'@xmlns:ns3' => nil, :'@xmlns:ns4' => nil, :'@xmlns:ns5' => nil, :'@xmlns:ns6' => nil, :'@xmlns:ns7' => nil, :'@xmlns:ns8' => nil}
+
+    protected
+
+    def access_token(consumer_id)
+      token = oauth_token(consumer_id)
+      consumer = OAuth::Consumer.new(@consumer_key, @consumer_secret, {:timeout => TIMEOUT})
+      OAuth::AccessToken.new(consumer, token[:key], token[:secret])
+    end
+
+    def oauth_token(user_id)
+      now = Time.now.utc
+      if @oauth_token.nil? || @oauth_token[:expire_at] <= now || @oauth_token[:user_id] != user_id
+        @oauth_token = new_token(saml_message(user_id))
+        @oauth_token[:expire_at] = now + 9 * 60 # 9 minutes
+        @oauth_token[:user_id] = user_id
+      end
+      @oauth_token
+    end
+
+    def new_token(message)
+      uri = URI.parse(SAML_URL)
+      http = Net::HTTP.new(uri.host, uri.port)
+      request = Net::HTTP::Post.new(uri.request_uri)
+      request['Authorization'] = %[OAuth oauth_consumer_key="#{@consumer_key}"]
+      request.set_form_data({:saml_assertion => message})
+      http.use_ssl = true
+      http.verify_mode = OpenSSL::SSL::VERIFY_NONE
+      #http.set_debug_output($stdout)
+      response = http.request(request)
+      params = CGI::parse(response.body)
+      {key: params['oauth_token'][0], secret: params['oauth_token_secret'][0]}
+    end
+
+    def saml_message(user_id)
+      now = Time.now.utc
+      reference_id = SecureRandom.uuid.gsub('-', '')
+      assertion = %[<?xml version="1.0" encoding="UTF-8"?><saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" ID="_#{reference_id}" IssueInstant="#{iso8601(now)}" Version="2.0"><saml2:Issuer>#{@issuer_id}</saml2:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><ds:Reference URI="#_#{reference_id}"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>%%DIGEST%%</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>%%SIGNATURE%%</ds:SignatureValue></ds:Signature><saml2:Subject><saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">#{user_id}</saml2:NameID><saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"/></saml2:Subject><saml2:Conditions NotBefore="#{iso8601(now-5*60)}" NotOnOrAfter="#{iso8601(now+10*60)}"><saml2:AudienceRestriction><saml2:Audience>#{@issuer_id}</saml2:Audience></saml2:AudienceRestriction></saml2:Conditions><saml2:AuthnStatement AuthnInstant="#{iso8601(now)}" SessionIndex="_#{reference_id}"><saml2:AuthnContext><saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</saml2:AuthnContextClassRef></saml2:AuthnContext></saml2:AuthnStatement></saml2:Assertion>]
+      doc = Nokogiri::XML(assertion)
+      doc.xpath('//ds:Signature', 'ds' => 'http://www.w3.org/2000/09/xmldsig#').remove
+      doc.xpath('//text()[not(normalize-space())]').remove
+      digest = OpenSSL::Digest::SHA1.digest(doc.canonicalize(Nokogiri::XML::XML_C14N_1_1))
+      encoded_digest = Base64.encode64(digest).strip
+      signed_info = %[<ds:SignedInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><ds:Reference URI="#_#{reference_id}"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>#{encoded_digest.strip}</ds:DigestValue></ds:Reference></ds:SignedInfo>]
+      signature_value = Nokogiri::XML(signed_info).canonicalize
+      key = OpenSSL::PKey::RSA.new(File.read(@certificate_path))
+      encoded_signature_value = Base64.encode64(key.sign(OpenSSL::Digest::SHA1.new, signature_value)).gsub!(/\n/, '')
+      Base64.encode64(assertion.gsub(/%%DIGEST%%/, encoded_digest).gsub(/%%SIGNATURE%%/, encoded_signature_value))
+    end
+
+    def iso8601(time)
+      time.strftime(TIME_FORMAT)
+    end
+
+    def parse_xml(data)
+      @parser ||= Nori.new(:parser => :nokogiri,
+                           :strip_namespaces => true,
+                           :convert_tags_to => lambda { |tag| tag.snakecase.to_sym })
+      cleanup(@parser.parse(data))
+    end
+
+    def cleanup(hash)
+      hash.each do |k, v|
+        if DELETE_KEYS.has_key?(k)
+          hash.delete(k)
+        elsif v.respond_to?(:keys)
+          cleanup(v)
+        end
+      end
+      hash
+    end
+  end
+end

data/lib/aggcat/client.rb

@@ -0,0 +1,98 @@
+module Aggcat
+  class Client < Aggcat::Base
+
+    BASE_URL = 'https://financialdatafeed.platform.intuit.com/rest-war/v1'
+
+    def initialize(options={})
+      Aggcat::Configurable::KEYS.each do |key|
+        instance_variable_set(:"@#{key}", options[key] || Aggcat.instance_variable_get(:"@#{key}"))
+      end
+    end
+
+    def institutions
+      get('/institutions')
+    end
+
+    def institution(institution_id)
+      get("/institutions/#{institution_id}")
+    end
+
+    def discover_and_add_accounts(institution_id, username, password)
+      body = credentials(institution_id, username, password)
+      post("/institutions/#{institution_id}/logins", body, {user_id: "#{institution_id}-#{username}"})
+    end
+
+    def accounts
+      get('/accounts')
+    end
+
+    def account(account_id)
+      get("/accounts/#{account_id}")
+    end
+
+    def account_transactions(account_id, start_date = nil, end_date = nil)
+      uri = "/accounts/#{account_id}/transactions"
+      if start_date
+        uri += "?txnStartDate=#{start_date.strftime(DATE_FORMAT)}"
+        if end_date
+          uri += "&txnEndDate=#{end_date.strftime(DATE_FORMAT)}"
+        end
+      end
+      get(uri)
+    end
+
+    def delete_account(account_id)
+      delete("/accounts/#{account_id}")
+    end
+
+    def delete_customers
+      delete('/customers')
+    end
+
+    protected
+
+    def get(uri, options = {:user_id => 'default'})
+      response = access_token(options[:user_id]).get("#{BASE_URL}#{uri}")
+      {:response_code => response.code, :response => parse_xml(response.body)}
+    end
+
+    def post(uri, message, options = {})
+      response = access_token(options[:user_id]).post("#{BASE_URL}#{uri}", message, {'Content-Type' => 'application/xml'})
+      result = {:response_code => response.code, :response => parse_xml(response.body)}
+      if response['challengeSessionId']
+        result[:challenge_session_id] = response['challengeSessionId']
+        result[:challenge_node_id] = response['challengeNodeId']
+      end
+      result
+    end
+
+    def delete(uri, options = {:user_id => 'default'})
+      response = access_token(options[:user_id]).delete("#{BASE_URL}#{uri}")
+      {:response_code => response.code, :response => parse_xml(response.body)}
+    end
+
+    private
+
+    def credentials(institution_id, username, password)
+      institution = institution(institution_id)
+      keys = institution[:response][:institution_detail][:keys][:key].sort { |a, b| a[:display_order] <=> b[:display_order] }
+      hash = {
+          keys[0][:name] => username,
+          keys[1][:name] => password
+      }
+
+      xml = Builder::XmlMarkup.new
+      xml.InstitutionLogin('xmlns' => NAMESPACE) do |login|
+        login.credentials('xmlns:ns1' => NAMESPACE) do
+          hash.each do |key, value|
+            xml.tag!('ns1:credential', {'xmlns:ns2' => NAMESPACE}) do
+              xml.tag!('ns2:name', key)
+              xml.tag!('ns2:value', value)
+            end
+          end
+        end
+      end
+    end
+  end
+end
+

data/lib/aggcat/configurable.rb

@@ -0,0 +1,20 @@
+module Aggcat
+  module Configurable
+
+    attr_writer :issuer_id, :consumer_key, :consumer_secret, :certificate_path
+
+    KEYS = [:issuer_id, :consumer_key, :consumer_secret, :certificate_path]
+
+    def configure
+      yield self
+      self
+    end
+
+    private
+
+    def options
+      Aggcat::Configurable::KEYS.inject({}) { |hash, key| hash[key] = instance_variable_get(:"@#{key}"); hash }
+    end
+
+  end
+end

data/lib/aggcat/version.rb

@@ -0,0 +1,3 @@
+module Aggcat
+  VERSION = '0.0.1'
+end

metadata

@@ -0,0 +1,153 @@
+--- !ruby/object:Gem::Specification
+name: aggcat
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+  prerelease: 
+platform: ruby
+authors:
+- Gene Drabkin
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2013-03-29 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: oauth
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '0.4'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '0.4'
+- !ruby/object:Gem::Dependency
+  name: nori
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: nokogiri
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.5'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.5'
+- !ruby/object:Gem::Dependency
+  name: active_support
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.3'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Intuit Customer Account Data API client
+email:
+- gene.drabkin@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- aggcat.gemspec
+- lib/aggcat.rb
+- lib/aggcat/base.rb
+- lib/aggcat/client.rb
+- lib/aggcat/configurable.rb
+- lib/aggcat/version.rb
+homepage: ''
+licenses:
+- MIT
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.25
+signing_key: 
+specification_version: 3
+summary: Intuit Customer Account Data API client
+test_files: []