RubyGems - sepafm - Versions diffs - 0.0.2 → 0.1.0 - Mend

sepafm 0.0.2 → 0.1.0

Files changed (115) hide show

checksums.yaml +4 -4
data/.gitignore +14 -30
data/.ruby-version +1 -1
data/.travis.yml +15 -0
data/Gemfile +1 -1
data/LICENSE +16 -4
data/README.md +180 -319
data/Rakefile +7 -2
data/lib/sepa/application_request.rb +100 -131
data/lib/sepa/application_response.rb +28 -84
data/lib/sepa/attribute_checks.rb +169 -0
data/lib/sepa/banks/danske/danske_response.rb +19 -0
data/lib/sepa/banks/danske/soap_danske.rb +132 -0
data/lib/sepa/banks/nordea/nordea_response.rb +20 -0
data/lib/sepa/banks/nordea/soap_nordea.rb +51 -0
data/lib/sepa/client.rb +72 -60
data/lib/sepa/error_messages.rb +15 -0
data/lib/sepa/response.rb +88 -85
data/lib/sepa/soap_builder.rb +51 -341
data/lib/sepa/utilities.rb +132 -0
data/lib/sepa/version.rb +1 -1
data/lib/sepa/xml_schemas/PKIFactory.xsd +334 -0
data/lib/sepa/xml_schemas/xml_id.xsd +9 -0
data/lib/sepa/xml_templates/application_request/create_certificate.xml +15 -10
data/lib/sepa/xml_templates/application_request/danske_get_bank_certificate.xml +13 -9
data/lib/sepa/xml_templates/application_request/download_file.xml +32 -30
data/lib/sepa/xml_templates/application_request/download_file_list.xml +29 -27
data/lib/sepa/xml_templates/application_request/encrypted_request.xml +22 -0
data/lib/sepa/xml_templates/application_request/get_certificate.xml +9 -8
data/lib/sepa/xml_templates/application_request/get_user_info.xml +26 -24
data/lib/sepa/xml_templates/application_request/upload_file.xml +29 -27
data/lib/sepa/xml_templates/soap/create_certificate.xml +17 -15
data/lib/sepa/xml_templates/soap/danske_get_bank_certificate.xml +15 -13
data/lib/sepa/xml_templates/soap/download_file.xml +19 -15
data/lib/sepa/xml_templates/soap/download_file_list.xml +19 -15
data/lib/sepa/xml_templates/soap/get_certificate.xml +2 -1
data/lib/sepa/xml_templates/soap/get_user_info.xml +19 -15
data/lib/sepa/xml_templates/soap/header.xml +48 -37
data/lib/sepa/xml_templates/soap/upload_file.xml +19 -15
data/lib/sepafm.rb +20 -18
data/{sepa.gemspec → sepafm.gemspec} +10 -9
data/test/sepa/banks/danske/danske_cert_response_test.rb +52 -0
data/test/sepa/banks/danske/danske_cert_soap_builder_test.rb +100 -0
data/test/sepa/banks/danske/danske_generic_soap_builder_test.rb +278 -0
data/test/sepa/banks/danske/danske_get_bank_cert_test.rb +111 -0
data/{lib/sepa/danske_testing/keys/danske_encryption.crt → test/sepa/banks/danske/keys/bank_encryption_cert.pem} +0 -0
data/test/sepa/{danske_test_keys/danskeroot.pem → banks/danske/keys/bank_root_cert.pem} +1 -1
data/test/sepa/banks/danske/keys/bank_signing_cert.pem +24 -0
data/test/sepa/banks/danske/keys/danske_encryption.crt +24 -0
data/test/sepa/banks/danske/keys/enc_private_key.pem +27 -0
data/test/sepa/{danske_test_keys → banks/danske/keys}/encryption_pkcs.csr +0 -0
data/test/sepa/banks/danske/keys/own_enc_cert.pem +21 -0
data/test/sepa/banks/danske/keys/own_signing_cert.pem +22 -0
data/test/sepa/{danske_test_keys → banks/danske/keys}/signing_key.pem +0 -0
data/test/sepa/{danske_test_keys → banks/danske/keys}/signing_pkcs.csr +0 -0
data/test/sepa/banks/danske/keys/signing_private_key.pem +27 -0
data/test/sepa/banks/danske/responses/create_cert.xml +38 -0
data/test/sepa/banks/danske/responses/get_bank_cert.xml +37 -0
data/{lib/sepa/nordea_testing → test/sepa/banks/nordea}/keys/nordea.crt +0 -4
data/test/sepa/{nordea_test_keys → banks/nordea/keys}/nordea.key +0 -3
data/test/sepa/{nordea_test_keys → banks/nordea/keys}/root_cert.cer +0 -0
data/test/sepa/{nordea_test_keys → banks/nordea/keys}/testcert.csr +0 -0
data/test/sepa/banks/nordea/nordea_application_request_test.rb +252 -0
data/test/sepa/{application_response_test.rb → banks/nordea/nordea_application_response_test.rb} +40 -46
data/test/sepa/banks/nordea/nordea_cert_application_request_test.rb +72 -0
data/test/sepa/banks/nordea/nordea_cert_request_soap_builder_test.rb +65 -0
data/test/sepa/banks/nordea/nordea_generic_soap_builder_test.rb +280 -0
data/test/sepa/banks/nordea/nordea_response_test.rb +116 -0
data/test/sepa/banks/nordea/responses/df_ktl.xml +45 -0
data/test/sepa/{test_files/test_responses/df.xml → banks/nordea/responses/df_tito.xml} +1 -1
data/test/sepa/{test_files/test_responses → banks/nordea/responses}/dfl.xml +0 -0
data/test/sepa/banks/nordea/responses/gbc.xml +15 -0
data/test/sepa/banks/nordea/responses/gc.xml +49 -0
data/test/sepa/{test_files/test_responses → banks/nordea/responses}/gui.xml +0 -0
data/test/sepa/{test_files/test_responses → banks/nordea/responses}/uf.xml +0 -0
data/test/sepa/client_test.rb +156 -302
data/test/sepa/fixtures.rb +214 -0
data/test/sepa/sepa_test.rb +3 -13
data/test/sepa/test_files/{invalid.wsdl → invalid_wsdl.wsdl} +0 -0
data/test/test_helper.rb +29 -3
metadata +140 -116
data/lib/danske_get_bank_certificate_test.rb +0 -15
data/lib/sepa/custom_exceptions.rb +0 -2
data/lib/sepa/filedescriptor.rb +0 -7
data/lib/sepa/filetypeservice.rb +0 -6
data/lib/sepa/nordea_testing/keys/CSR.csr +0 -0
data/lib/sepa/nordea_testing/keys/nordea.key +0 -19
data/lib/sepa/nordea_testing/response/content_053.xml +0 -998
data/lib/sepa/nordea_testing/response/content_054.xml +0 -1
data/lib/sepa/nordea_testing/response/download_file_response.xml +0 -14
data/lib/sepa/nordea_testing/response/download_filelist_response.xml +0 -14
data/lib/sepa/nordea_testing/response/get_user_info_response.xml +0 -14
data/lib/sepa/nordea_testing/response/upload_file_response.xml +0 -14
data/lib/sepa/payload.rb +0 -109
data/lib/sepa/payment.rb +0 -97
data/lib/sepa/sender_verifier.rb +0 -15
data/lib/sepa/signature.rb +0 -7
data/lib/sepa/soap_danske.rb +0 -47
data/lib/sepa/soap_nordea.rb +0 -68
data/lib/sepa/transaction.rb +0 -178
data/lib/sepa/userfiletype.rb +0 -16
data/lib/sepa/xml_parser.rb +0 -291
data/lib/sepa_client_testing_mika.rb +0 -32
data/lib/sepa_client_testing_tiere.rb +0 -257
data/test/sepa/application_request_test.rb +0 -423
data/test/sepa/cert_application_request_test.rb +0 -99
data/test/sepa/nordea_cert_request_soap_builder_test.rb +0 -112
data/test/sepa/nordea_generic_soap_builder_test.rb +0 -427
data/test/sepa/nordea_test_keys/nordea.crt +0 -27
data/test/sepa/payload_test.rb +0 -297
data/test/sepa/payment_test.rb +0 -198
data/test/sepa/response_test.rb +0 -269
data/test/sepa/transaction_test.rb +0 -362
data/test/sepa/user_file_type_test.rb +0 -21
data/test/sepa/xml_parser_test.rb +0 -73

data/lib/sepa/application_request.rb CHANGED Viewed

@@ -1,182 +1,151 @@
 module Sepa
   class ApplicationRequest
-    def initialize(params)
-      # Used by most, both Nordea and Danske
-      @command = check_command(params.fetch(:command))
-      @customer_id = params.fetch(:customer_id)
-      @environment = params.fetch(:environment)
-      @target_id = params[:target_id]
-      @status = params[:status]
-      @file_type = params[:file_type]
-      @content = params[:content]
-      @file_reference = params[:file_reference]
-      @private_key, @cert, @pin, @service, @csr, @hmac,
-        @bank_root_cert_serial,@request_id = ''
-      # Set values for the previously defined attributes
-      initialize_required_fields_per_request(params)
+    include Utilities
+    def initialize(params = {})
+      # Set all params as instance variables
+      params.each do |key, value|
+        instance_variable_set("@#{key}", value)
+      end
+      @ar = load_body_template AR_TEMPLATE_PATH
     end
-    def get_as_base64
-      load_template(@command)
+    def to_xml
+      set_common_nodes
       set_nodes_contents
-      # No signature for Certificate Requests
-      if @command != :get_certificate && @command != :get_bank_certificate
-        process_signature
-      end
+      process_signature
+      @ar.to_xml
+    end
-      Base64.encode64(@ar.to_xml)
+    def to_base64
+      Base64.encode64(to_xml)
     end
-    private
+    def to_nokogiri
+      Nokogiri::XML to_xml
+    end
-      def initialize_required_fields_per_request(params)
-        generic_commands = [:get_user_info, :upload_file, :download_file,
-                            :download_file_list]
+    private
-        case @command
-        when *generic_commands
-          @private_key = params.fetch(:private_key)
-          @cert = params.fetch(:cert)
-        when :get_certificate
-          @service = params[:service]
-          @pin = params[:pin]
-          @csr = params[:csr]
-          @hmac = create_hmac_seal(@pin,@csr)
-        when :get_bank_certificate
-          @pin = params[:pin]
-          @request_id = params[:request_id]
-          @bank_root_cert_serial = params[:bank_root_cert_serial]
-        end
+      def set_node(node, value)
+        @ar.at_css(node).content = value
       end
-      def check_command(command)
-        valid_commands = [:get_certificate, :download_file_list, :download_file,
-                          :get_user_info, :upload_file, :download_file,
-                          :get_bank_certificate]
-        unless valid_commands.include?(command)
-          fail ArgumentError, "You didn't provide a proper command. " \
-            "Acceptable values are #{valid_commands.inspect}"
-        else
-          command
-        end
+      def set_node_b(node, value)
+        set_node node, Base64.encode64(value)
       end
-      # Loads the application request template according to the command
-      def load_template(command)
-        template_dir = File.expand_path('../xml_templates/application_request',
-                                        __FILE__)
-        case command
+      def pretty_command
+        @command.to_s.split(/[\W_]/).map {|c| c.capitalize}.join
+      end
+      def set_nodes_contents
+        case @command
+        when :create_certificate
+          set_create_certificate_nodes
         when :get_certificate
-          path = "#{template_dir}/get_certificate.xml"
+          set_get_certificate_nodes
         when :download_file_list
-          path = "#{template_dir}/download_file_list.xml"
-        when :get_user_info
-          path = "#{template_dir}/get_user_info.xml"
-        when :upload_file
-          path = "#{template_dir}/upload_file.xml"
+          set_download_file_list_nodes
         when :download_file
-          path = "#{template_dir}/download_file.xml"
+          set_download_file_nodes
+        when :upload_file
+          set_upload_file_nodes
         when :get_bank_certificate
-          path = "#{template_dir}/danske_get_bank_certificate.xml"
+          set_get_bank_certificate_nodes
         end
+      end
-        @ar = Nokogiri::XML(File.open(path))
+      def set_download_file_nodes
+        set_download_file_list_nodes
+        set_node("FileReference", @file_reference)
       end
+      def set_get_bank_certificate_nodes
+        set_node("elem|BankRootCertificateSerialNo", @bank_root_cert_serial)
+        set_node("elem|Timestamp", iso_time)
+        set_node("elem|RequestId", @request_id)
+      end
-      def set_node(node, value)
-        @ar.at_css(node).content = value
+      def set_upload_file_nodes
+        set_node_b("Content", @content)
+        set_node("FileType", @file_type)
+        set_node("TargetId", @target_id)
       end
-      # Set the nodes' contents according to the command
-      def set_nodes_contents
-        if @command != :get_bank_certificate
-          set_node("CustomerId", @customer_id)
-          set_node("Timestamp", Time.now.iso8601)
-          set_node("Environment", @environment)
-          set_node("SoftwareId", "Sepa Transfer Library version #{VERSION}")
-          set_node("Command",
-                   @command.to_s.split(/[\W_]/).map {|c| c.capitalize}.join)
-        end
+      def set_download_file_list_nodes
+        set_node("Status", @status)
+        set_node("TargetId", @target_id)
+        set_node("FileType", @file_type)
+      end
-        case @command
+      def set_get_certificate_nodes
+        set_node("Service", @service)
+        set_node("Content", format_cert_request(@csr))
+        set_node("HMAC", hmac(@pin, csr_to_binary(@csr)))
+      end
-        when :get_certificate
-          set_node("Service", @service)
-          set_node("Content", Base64.encode64(@csr.to_der))
-          set_node("HMAC", Base64.encode64(@hmac).chop)
-        when :download_file_list
-          set_node("Status", @status)
-          set_node("TargetId", @target_id)
-          set_node("FileType", @file_type)
-        when :download_file
-          set_node("Status", @status)
-          set_node("TargetId", @target_id)
-          set_node("FileType", @file_type)
-          set_node("FileReference", @file_reference)
-        when :upload_file
-          set_node("Content", Base64.encode64(@content))
-          set_node("FileType", @file_type)
-          set_node("TargetId", @target_id)
-        when :get_bank_certificate
-          set_node("elem|BankRootCertificateSerialNo", @bank_root_cert_serial)
-          set_node("elem|Timestamp", Time.now.iso8601)
-          set_node("elem|RequestId", @request_id)
-        end
+      def set_create_certificate_nodes
+        set_node("tns|CustomerId", @customer_id)
+        set_node("tns|KeyGeneratorType", @key_generator_type)
+        set_node("tns|EncryptionCertPKCS10", format_cert_request(@encryption_cert_pkcs10))
+        set_node("tns|SigningCertPKCS10", format_cert_request(@signing_cert_pkcs10))
+        set_node("tns|Timestamp", iso_time)
+        set_node("tns|RequestId", @request_id)
+        set_node("tns|Environment", @environment)
+        set_node("tns|PIN", @pin)
       end
-      def create_hmac_seal(pin, csr)
-        hmacseal = OpenSSL::HMAC.digest('sha1',pin,csr.to_der)
-        hmacseal
+      def set_common_nodes
+        return if @command == :get_bank_certificate
+        return if @command == :create_certificate
+        set_node("CustomerId", @customer_id)
+        set_node("Timestamp", iso_time)
+        set_node("Environment", @environment)
+        set_node("SoftwareId", "Sepa Transfer Library version #{VERSION}")
+        set_node("Command", pretty_command)
       end
-      def remove_node(doc, node, xmlns)
-        doc.at_css("xmlns|#{node}", 'xmlns' => xmlns).remove
+      def remove_node(node, xmlns)
+        @ar.at_css("xmlns|#{node}", 'xmlns' => xmlns).remove
       end
-      def add_node_to_root(doc, node)
-        doc.root.add_child(node)
+      def add_node_to_root(node)
+        @ar.root.add_child(node)
       end
-      def calculate_digest(doc)
+      def calculate_digest
         sha1 = OpenSSL::Digest::SHA1.new
-        Base64.encode64(sha1.digest(doc.canonicalize))
+        Base64.encode64(sha1.digest(@ar.canonicalize))
       end
       def add_value_to_signature(node, value)
-        node = @ar.at_css("dsig|#{node}",
-                          'dsig' => 'http://www.w3.org/2000/09/xmldsig#')
-        node.content = value
+        sig = @ar.at_css("dsig|#{node}", 'dsig' => 'http://www.w3.org/2000/09/xmldsig#')
+        sig.content = value
       end
-      def calculate_signature(private_key)
+      def calculate_signature
         sha1 = OpenSSL::Digest::SHA1.new
-        node = @ar.at_css("dsig|SignedInfo",
-                          'dsig' => 'http://www.w3.org/2000/09/xmldsig#')
-        signature = private_key.sign(sha1, node.canonicalize)
+        node = @ar.at_css("dsig|SignedInfo", 'dsig' => 'http://www.w3.org/2000/09/xmldsig#')
+        signature = @private_key.sign(sha1, node.canonicalize)
         Base64.encode64(signature)
       end
-      def format_cert(cert)
-        cert = cert.to_s
-        cert = cert.split('-----BEGIN CERTIFICATE-----')[1]
-        cert = cert.split('-----END CERTIFICATE-----')[0]
-        cert.gsub!(/\s+/, "")
-      end
       def process_signature
-        signature_node = remove_node(@ar,
-                                     'Signature',
-                                     'http://www.w3.org/2000/09/xmldsig#')
-        digest = calculate_digest(@ar)
-        add_node_to_root(@ar, signature_node)
+        # No signature for Certificate Requests
+        return if @command == :get_certificate
+        return if @command == :get_bank_certificate
+        return if @command == :create_certificate
+        signature_node = remove_node('Signature', 'http://www.w3.org/2000/09/xmldsig#')
+        digest = calculate_digest
+        add_node_to_root(signature_node)
         add_value_to_signature('DigestValue', digest)
-        signature = calculate_signature(@private_key)
-        add_value_to_signature('SignatureValue', signature)
-        add_value_to_signature('X509Certificate',format_cert(@cert))
+        add_value_to_signature('SignatureValue', calculate_signature)
+        add_value_to_signature('X509Certificate', format_cert(@cert))
       end
   end
 end

data/lib/sepa/application_response.rb CHANGED Viewed

@@ -1,123 +1,67 @@
 module Sepa
   class ApplicationResponse
-    def initialize(ar)
-      @ar = ar
-      if !@ar.respond_to?(:canonicalize)
-        fail ArgumentError,
-          "The application response you provided is not a valid Nokogiri::XML" \
-          " file."
-      elsif !valid_against_ar_schema?(@ar)
-        fail ArgumentError,
-          "The application response you provided doesn't validate against" \
-          " application response schema."
-      end
+    include ActiveModel::Validations
+    include Utilities
+    attr_accessor :ar, :certificate
+    validate :response_must_validate_against_schema
+    validate :validate_document_format
+    def initialize(app_resp)
+      self.ar = app_resp
+      self.certificate = extract_cert(ar, 'X509Certificate', 'http://www.w3.org/2000/09/xmldsig#')
     end
-    # Checks that the hash value reported in the signature matches the actual
-    # one.
+    # Checks that the hash value reported in the signature matches the actual one.
     def hashes_match?
-      ar = @ar.clone
+      are = ar.clone
-      digest_value = ar.at_css(
+      digest_value = are.at_css(
         'xmlns|DigestValue',
         'xmlns' => 'http://www.w3.org/2000/09/xmldsig#'
       ).content.strip
-      ar.at_css(
+      are.at_css(
         "xmlns|Signature",
         'xmlns' => 'http://www.w3.org/2000/09/xmldsig#'
       ).remove
-      actual_digest = calculate_digest(ar)
+      actual_digest = calculate_digest(are)
-      if digest_value == actual_digest
-        true
-      else
-        false
-      end
-    end
+      return true if digest_value == actual_digest
-    # Extracts the X509 certificate from the application response.
-    def certificate
-      cert_value = @ar.at_css(
-        'xmlns|X509Certificate',
-        'xmlns' => 'http://www.w3.org/2000/09/xmldsig#'
-      ).content.gsub(/\s+/, "")
-      cert = process_cert_value(cert_value)
-      begin
-        OpenSSL::X509::Certificate.new(cert)
-      rescue => e
-        fail OpenSSL::X509::CertificateError,
-          "The certificate embedded in the application response could not be " \
-          "processed. It's most likely corrupted. " \
-          "OpenSSL had this to say: #{e}."
-          end
+      false
     end
-    # Checks that the signature is signed with the private key of the
-    # certificate's public key.
+    # Checks that the signature is signed with the private key of the certificate's public key.
     def signature_is_valid?
-      node = @ar.at_css('xmlns|SignedInfo',
-                        'xmlns' => 'http://www.w3.org/2000/09/xmldsig#')
+      node = ar.at_css('xmlns|SignedInfo', 'xmlns' => 'http://www.w3.org/2000/09/xmldsig#')
       node = node.canonicalize
-      signature = @ar.at_css(
+      signature = ar.at_css(
         'xmlns|SignatureValue',
         'xmlns' => 'http://www.w3.org/2000/09/xmldsig#'
       ).content
       signature = Base64.decode64(signature)
+      # Return true or false
       certificate.public_key.verify(OpenSSL::Digest::SHA1.new, signature, node)
     end
-    # Checks that the certificate in the application response is signed with the
-    # private key of the public key of the certificate as parameter.
-    def cert_is_trusted?(root_cert)
-      if root_cert.subject == certificate.issuer
-        certificate.verify(root_cert.public_key)
-      else
-        fail SecurityError,
-          "The issuer of the certificate doesn't match the subject of the " \
-          "root certificate."
-      end
-    end
     private
-      def calculate_digest(node)
-        sha1 = OpenSSL::Digest::SHA1.new
-        canon_node = node.canonicalize(
-          mode=Nokogiri::XML::XML_C14N_EXCLUSIVE_1_0,
-          inclusive_namespaces=nil,with_comments=false
-        )
-        Base64.encode64(sha1.digest(canon_node)).gsub(/\s+/, "")
-      end
-      def valid_against_ar_schema?(doc)
-        schemas_path = File.expand_path('../../../lib/sepa/xml_schemas',
-                                        __FILE__)
-        Dir.chdir(schemas_path) do
-          xsd = Nokogiri::XML::Schema(IO.read('application_response.xsd'))
-          xsd.valid?(doc)
+      def validate_document_format
+        unless ar.respond_to?(:canonicalize)
+          errors.add(:base, 'Document must be a Nokogiri XML file')
         end
       end
-      # Takes the certificate from the application response, adds begin and end
-      # certificate texts and splits it into multiple lines so that OpenSSL
-      # can read it.
-      def process_cert_value(cert_value)
-        cert = "-----BEGIN CERTIFICATE-----\n"
-        cert += cert_value.to_s.gsub(/\s+/, "").scan(/.{1,64}/).join("\n")
-        cert += "\n"
-        cert += "-----END CERTIFICATE-----"
+      def response_must_validate_against_schema
+        check_validity_against_schema(ar, 'application_response.xsd')
       end
   end
 end

data/lib/sepa/attribute_checks.rb ADDED Viewed

@@ -0,0 +1,169 @@
+module Sepa
+  module AttributeChecks
+    include ErrorMessages
+    def allowed_commands
+      case bank
+      when :nordea
+        [:get_certificate, :get_user_info, :download_file_list, :download_file, :upload_file]
+      when :danske
+        [:get_bank_certificate, :get_user_info, :download_file_list, :download_file,
+         :upload_file, :create_certificate]
+      else
+        []
+      end
+    end
+    def check_command
+      errors.add(:command, "Invalid command") unless allowed_commands.include? command
+    end
+    def check_keys
+      return if [:get_certificate, :get_bank_certificate, :create_certificate].include? command
+      begin
+        OpenSSL::PKey::RSA.new private_key
+      rescue
+        errors.add(:private_key, "Invalid private key")
+      end
+      begin
+        OpenSSL::X509::Certificate.new cert
+      rescue
+        errors.add(:cert, "Invalid certificate")
+      end
+    end
+    def check_signing_cert
+      return unless command == :create_certificate
+      unless cert_request_valid?(signing_cert_pkcs10)
+        errors.add(:signing_cert_pkcs10, SIGNING_CERT_REQUEST_ERROR_MESSAGE)
+      end
+    end
+    def check_encryption_cert_request
+      return unless command == :create_certificate
+      unless cert_request_valid?(encryption_cert_pkcs10)
+        errors.add(:encryption_cert_pkcs10, ENCRYPTION_CERT_REQUEST_ERROR_MESSAGE)
+      end
+    end
+    def wsdl
+      case bank
+        when :nordea
+          if command == :get_certificate
+            file = "wsdl_nordea_cert.xml"
+          else
+            file = "wsdl_nordea.xml"
+          end
+        when :danske
+          if [:get_bank_certificate, :create_certificate].include? command
+            file = "wsdl_danske_cert.xml"
+          else
+            file = "wsdl_danske.xml"
+          end
+        else
+          return nil
+      end
+      "#{WSDL_PATH}/#{file}"
+    end
+    def check_wsdl
+      return unless wsdl.present?
+      xsd = Nokogiri::XML::Schema(File.read(SCHEMA_FILE))
+      wsdl_file = File.read(wsdl)
+      xml = Nokogiri::XML(wsdl_file)
+      unless xsd.valid?(xml)
+        errors.add(:wsdl, "Invalid wsdl file")
+      end
+    end
+    def check_file_type
+      return unless [:upload_file, :download_file_list, :download_file].include? command
+      if file_type.nil? || file_type.size > 35
+        errors.add(:file_type, FILE_TYPE_ERROR_MESSAGE)
+      end
+    end
+    def check_target_id
+      return if [:get_certificate, :create_certificate, :get_bank_certificate].include? command
+      check_presence_and_length(:target_id, 80, TARGET_ID_ERROR_MESSAGE)
+    end
+    def check_presence_and_length(attribute, length, error_message)
+      if send(attribute).nil? || send(attribute).size > length
+        errors.add(attribute, error_message)
+      end
+    end
+    def check_content
+      return unless command == :upload_file
+      errors.add(:content, CONTENT_ERROR_MESSAGE) if content.nil?
+    end
+    def check_pin
+      return unless command == :create_certificate
+      check_presence_and_length(:pin, 10, PIN_ERROR_MESSAGE)
+    end
+    def check_bank_root_cert_serial
+      return unless command == :get_bank_certificate
+      unless bank_root_cert_serial && bank_root_cert_serial.length.between?(1, 64)
+        errors.add(:bank_root_cert_serial, "Invalid bank root certificate serial")
+      end
+    end
+    def check_environment
+      return if command == :get_bank_certificate
+      environments = ['PRODUCTION', 'TEST', 'customertest']
+      unless environments.include? environment
+        errors.add(:environment, ENVIRONMENT_ERROR_MESSAGE)
+      end
+    end
+    def check_customer_id
+      return if command == :get_bank_certificate
+      unless customer_id && customer_id.length.between?(1, 16)
+        errors.add(:customer_id, CUSTOMER_ID_ERROR_MESSAGE)
+      end
+    end
+    def check_enc_cert
+      return unless command == :create_certificate
+      errors.add(:enc_cert, ENCRYPTION_CERT_ERROR_MESSAGE) unless enc_cert
+    end
+    def check_status
+      return unless [:download_file_list, :download_file].include? command
+      statuses = ['NEW', 'DOWNLOADED', 'ALL']
+      unless status && statuses.include?(status)
+        errors.add :status, STATUS_ERROR_MESSAGE
+      end
+    end
+    def check_file_reference
+      return unless command == :download_file
+      unless file_reference && file_reference.length <= 32
+        errors.add :file_reference, FILE_REFERENCE_ERROR_MESSAGE
+      end
+    end
+  end
+end

data/lib/sepa/banks/danske/danske_response.rb ADDED Viewed

@@ -0,0 +1,19 @@
+module Sepa
+  class DanskeResponse < Response
+    attr_reader :bank_encryption_cert, :bank_signing_cert, :bank_root_cert, :own_encryption_cert,
+                :own_signing_cert, :ca_certificate
+    # Namespace used in danske bank certificate responses and requests
+    TNS = 'http://danskebank.dk/PKI/PKIFactoryService/elements'
+    def initialize(response, command: nil)
+      super
+      @bank_encryption_cert = extract_cert(soap, 'BankEncryptionCert', TNS)
+      @bank_signing_cert = extract_cert(soap, 'BankSigningCert', TNS)
+      @bank_root_cert = extract_cert(soap, 'BankRootCert', TNS)
+      @own_encryption_cert = extract_cert(soap, 'EncryptionCert', TNS)
+      @own_signing_cert = extract_cert(soap, 'SigningCert', TNS)
+      @ca_certificate = extract_cert(soap, 'CACert', TNS)
+    end
+  end
+end