sepafm 0.0.2 → 0.1.0

data/{lib/sepa/nordea_testing → test/sepa/banks/nordea}/keys/nordea.crt

@@ -1,7 +1,3 @@
-Bag Attributes
-    localKeyID: 4B 45 59 35 31 38 32 35 62 36 35 30 30 30 30 31 32 35 32 00 
-subject=/C=FI/CN=Nordea Demo Certificate/serialNumber=5780860238
-issuer=/C=SE/O=Nordea Bank AB (publ)/CN=Nordea Corporate CA 01/serialNumber=516406-0120
 -----BEGIN CERTIFICATE-----
 MIIDwTCCAqmgAwIBAgIEAX1JuTANBgkqhkiG9w0BAQUFADBkMQswCQYDVQQGEwJT
 RTEeMBwGA1UEChMVTm9yZGVhIEJhbmsgQUIgKHB1YmwpMR8wHQYDVQQDExZOb3Jk

data/test/sepa/{nordea_test_keys → banks/nordea/keys}/nordea.key

@@ -1,6 +1,3 @@
-Bag Attributes
-    localKeyID: 4B 45 59 35 31 38 32 35 62 36 35 30 30 30 30 31 32 35 32 00 
-Key Attributes: <No Attributes>
 -----BEGIN PRIVATE KEY-----
 MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMLRRHwLWybhs0MM
 EbpmZL2IdgYxmFbADFHoirTp3t22UnorHwqvk16i9YCPS6H8ngEPSP7A5urS/NMq

data/test/sepa/banks/nordea/nordea_application_request_test.rb

@@ -0,0 +1,252 @@
+require 'test_helper'
+
+class NordeaApplicationRequestTest < ActiveSupport::TestCase
+  def setup
+    @nordea_generic_params = nordea_generic_params
+
+    # Convert the keys here since the conversion is usually done by the client and these tests
+    # bypass the client
+    @nordea_generic_params[:private_key] = OpenSSL::PKey::RSA.new @nordea_generic_params[:private_key]
+    @nordea_generic_params[:cert] = OpenSSL::X509::Certificate.new @nordea_generic_params[:cert]
+
+    ar_file = Sepa::SoapBuilder.new(@nordea_generic_params).ar
+
+    @nordea_generic_params[:command] = :get_user_info
+    ar_get = Sepa::SoapBuilder.new(@nordea_generic_params).ar
+
+    @nordea_generic_params[:command] = :download_file_list
+    ar_list = Sepa::SoapBuilder.new(@nordea_generic_params).ar
+
+    @nordea_generic_params[:command] = :upload_file
+    ar_up = Sepa::SoapBuilder.new(@nordea_generic_params).ar
+
+    @doc_file = Nokogiri::XML(ar_file.to_xml)
+    @doc_get = Nokogiri::XML(ar_get.to_xml)
+    @doc_list = Nokogiri::XML(ar_list.to_xml)
+    @doc_up = Nokogiri::XML(ar_up.to_xml)
+  end
+
+  def test_schemas_are_unmodified
+    sha1 = OpenSSL::Digest::SHA1.new
+
+    ar_schema = File.read("#{SCHEMA_PATH}/application_request.xsd")
+    xmldsig_schema = File.read("#{SCHEMA_PATH}/xmldsig-core-schema.xsd")
+    ar_schema_digest = sha1.digest(ar_schema)
+
+    sha1.reset
+
+    xmldsig_schema_digest = sha1.digest(xmldsig_schema)
+    assert_equal Base64.encode64(ar_schema_digest).strip, "1O24A7+/6S7CFYVlhH1jEZh1ARs="
+    assert_equal Base64.encode64(xmldsig_schema_digest).strip, "bmG0+2KykgkLeWsXsl6CFbyo4Yc="
+  end
+
+  def test_ar_should_initialize_with_proper_params
+    assert Sepa::SoapBuilder.new(@nordea_generic_params)
+  end
+
+  def test_should_get_key_error_if_command_missing
+    @nordea_generic_params.delete(:command)
+
+    assert_raises(ArgumentError) do
+      Sepa::SoapBuilder.new(@nordea_generic_params)
+    end
+  end
+
+  def test_should_have_customer_id_set_in_with_all_commands
+    assert_equal @doc_file.at_css("CustomerId").content, @nordea_generic_params[:customer_id]
+    assert_equal @doc_get.at_css("CustomerId").content, @nordea_generic_params[:customer_id]
+    assert_equal @doc_list.at_css("CustomerId").content, @nordea_generic_params[:customer_id]
+    assert_equal @doc_up.at_css("CustomerId").content, @nordea_generic_params[:customer_id]
+  end
+
+  def test_should_have_timestamp_set_properly_with_all_commands
+    timestamp_file = Time.strptime(@doc_file.at_css("Timestamp").content, '%Y-%m-%dT%H:%M:%S%z')
+    timestamp_get = Time.strptime(@doc_get.at_css("Timestamp").content, '%Y-%m-%dT%H:%M:%S%z')
+    timestamp_list = Time.strptime(@doc_list.at_css("Timestamp").content, '%Y-%m-%dT%H:%M:%S%z')
+    timestamp_up = Time.strptime(@doc_up.at_css("Timestamp").content, '%Y-%m-%dT%H:%M:%S%z')
+
+    ts_error = "Timestamp was not set correctly"
+    assert timestamp_file <= Time.now && timestamp_file > (Time.now - 60), ts_error
+    assert timestamp_get <= Time.now && timestamp_get > (Time.now - 60), ts_error
+    assert timestamp_list <= Time.now && timestamp_list > (Time.now - 60), ts_error
+    assert timestamp_up <= Time.now && timestamp_up > (Time.now - 60), ts_error
+  end
+
+  def test_should_have_command_set_when_get_user_info
+    assert_equal @doc_get.at_css("Command").content, "GetUserInfo"
+  end
+
+  def test_should_have_command_set_when_download_file_list
+    assert_equal @doc_list.at_css("Command").content, "DownloadFileList"
+  end
+
+  def test_should_have_command_set_when_download_file
+    assert_equal @doc_file.at_css("Command").content, "DownloadFile"
+  end
+
+  def test_should_have_command_set_when_upload_file
+    assert_equal @doc_up.at_css("Command").content, "UploadFile"
+  end
+
+  def test_should_have_environment_set_with_all_commands
+    assert_equal @doc_file.at_css("Environment").content, @nordea_generic_params[:environment]
+    assert_equal @doc_get.at_css("Environment").content, @nordea_generic_params[:environment]
+    assert_equal @doc_list.at_css("Environment").content, @nordea_generic_params[:environment]
+    assert_equal @doc_up.at_css("Environment").content, @nordea_generic_params[:environment]
+  end
+
+  def test_should_have_software_id_set_with_all_commands
+    string = "Sepa Transfer Library version #{Sepa::VERSION}"
+
+    assert_equal @doc_file.at_css("SoftwareId").content, string
+    assert_equal @doc_get.at_css("SoftwareId").content, string
+    assert_equal @doc_list.at_css("SoftwareId").content, string
+    assert_equal @doc_up.at_css("SoftwareId").content, string
+  end
+
+  def test_should_have_status_set_when_download_file_list
+    assert_equal @doc_list.at_css("Status").content, @nordea_generic_params[:status]
+  end
+
+  def test_should_have_status_set_when_download_file
+    assert_equal @doc_file.at_css("Status").content, @nordea_generic_params[:status]
+  end
+
+  def test_should_not_have_status_set_when_get_user_info
+    refute @doc_get.at_css("Status")
+  end
+
+  def test_should_not_have_status_set_when_upload_file
+    refute @doc_up.at_css("Status")
+  end
+
+  def test_should_have_target_id_set_when_download_file_list
+    assert_equal @doc_list.at_css("TargetId").content, @nordea_generic_params[:target_id]
+  end
+
+  def test_should_have_target_id_set_when_download_file
+    assert_equal @doc_file.at_css("TargetId").content, @nordea_generic_params[:target_id]
+  end
+
+  def test_should_not_have_target_id_set_when_get_user_info
+    refute @doc_get.at_css("TargetId")
+  end
+
+  def test_should_have_file_type_set_when_download_file_list
+    assert_equal @doc_list.at_css("FileType").content, @nordea_generic_params[:file_type]
+  end
+
+  def test_should_have_file_type_set_when_download_file
+    assert_equal @doc_file.at_css("FileType").content, @nordea_generic_params[:file_type]
+  end
+
+  def test_should_have_file_type_set_when_upload_file
+    assert_equal @doc_up.at_css("FileType").content, @nordea_generic_params[:file_type]
+  end
+
+  def test_should_not_have_file_type_set_when_get_user_info
+    refute @doc_get.at_css("FileType")
+  end
+
+  def test_should_have_file_reference_set_when_download_file
+    assert_equal @doc_file.at_css("FileReference").content, @nordea_generic_params[:file_reference]
+  end
+
+  def test_should_not_have_file_ref_when_download_file_list
+    refute @doc_list.at_css("FileReference")
+  end
+
+  def test_should_not_have_file_ref_when_get_user_info
+    refute @doc_get.at_css("FileReference")
+  end
+
+  def test_should_not_have_file_ref_when_upload_file
+    refute @doc_up.at_css("FileReference")
+  end
+
+  def test_should_have_content_when_upload_file
+    assert_equal @doc_up.at_css("Content").content, Base64.encode64(@nordea_generic_params[:content])
+  end
+
+  def test_should_not_have_content_when_download_file_list
+    refute @doc_list.at_css("Content")
+  end
+
+  def test_should_not_have_content_when_download_file
+    refute @doc_file.at_css("Content")
+  end
+
+  def test_should_not_have_content_when_get_user_info
+    refute @doc_get.at_css("Content")
+  end
+
+  def test_should_raise_argument_error_with_invalid_command
+    assert_raises(ArgumentError) do
+      @nordea_generic_params[:command] = :wrong_kind_of_command
+      ar = Sepa::ApplicationRequest.new(@nordea_generic_params)
+      doc = ar.get_as_base64
+    end
+  end
+
+  def test_digest_is_calculatd_correctly
+    calculated_digest = @doc_file.at_css(
+      "dsig|DigestValue", 'dsig' => 'http://www.w3.org/2000/09/xmldsig#'
+    ).content
+
+    # Remove signature for calculating digest
+    @doc_file.at_css(
+      "dsig|Signature", 'dsig' => 'http://www.w3.org/2000/09/xmldsig#'
+    ).remove
+
+    # Calculate digest
+    sha1 = OpenSSL::Digest::SHA1.new
+    actual_digest = Base64.encode64(sha1.digest(@doc_file.canonicalize))
+
+    # And then make sure the two are equal
+    assert_equal calculated_digest.strip, actual_digest.strip
+  end
+
+  def test_signature_is_constructed_correctly
+    #private_key = @params.fetch(:private_key)
+
+    signed_info_node = @doc_file.at_css(
+    "dsig|SignedInfo", 'dsig' => 'http://www.w3.org/2000/09/xmldsig#')
+
+    # The value of the signature node in the constructed ar
+    calculated_signature = @doc_file.at_css(
+      "dsig|SignatureValue", 'dsig' => 'http://www.w3.org/2000/09/xmldsig#'
+    ).content
+
+    # Calculate the actual signature
+    keys_path = File.expand_path('../keys', __FILE__)
+    private_key = OpenSSL::PKey::RSA.new(File.read("#{keys_path}/nordea.key"))
+
+    sha1 = OpenSSL::Digest::SHA1.new
+    actual_signature = Base64.encode64(private_key.sign(
+    sha1, signed_info_node.canonicalize))
+
+    # And then of course assert the two are equal
+    assert_equal calculated_signature, actual_signature
+  end
+
+  def test_certificate_is_added_correctly
+    added_cert = @doc_file.at_css(
+      "dsig|X509Certificate", 'dsig' => 'http://www.w3.org/2000/09/xmldsig#'
+    ).content
+
+    actual_cert = @nordea_generic_params.fetch(:cert).to_s
+    actual_cert = actual_cert.split('-----BEGIN CERTIFICATE-----')[1]
+    actual_cert = actual_cert.split('-----END CERTIFICATE-----')[0]
+    actual_cert.gsub!(/\s+/, "")
+
+    assert_equal added_cert, actual_cert
+  end
+
+  def test_should_validate_against_schema
+    Dir.chdir(SCHEMA_PATH) do
+      xsd = Nokogiri::XML::Schema(IO.read('application_request.xsd'))
+      assert xsd.valid?(@doc_file)
+    end
+  end
+
+end

data/test/sepa/{application_response_test.rb → banks/nordea/nordea_application_response_test.rb}

@@ -1,52 +1,45 @@
-require File.expand_path('../../test_helper.rb', __FILE__)
+require 'test_helper'
 
-class ApplicationResponseTest < MiniTest::Test
-  def setup
-    keys_path = File.expand_path('../nordea_test_keys', __FILE__)
-
-    @root_cert = OpenSSL::X509::Certificate.new File.read(
-      "#{keys_path}/root_cert.cer"
-    )
-
-    @not_root_cert = OpenSSL::X509::Certificate.new File.read(
-      "#{keys_path}/nordea.crt"
-    )
+class NordeaApplicationResponseTest < ActiveSupport::TestCase
 
-    responses_path = File.expand_path('../test_files/test_responses', __FILE__)
+  def setup
+    keys_path = File.expand_path('../keys', __FILE__)
+    @root_cert = OpenSSL::X509::Certificate.new File.read("#{keys_path}/root_cert.cer")
+    @not_root_cert = OpenSSL::X509::Certificate.new File.read("#{keys_path}/nordea.crt")
 
-    @dfl = Nokogiri::XML(File.read("#{responses_path}/dfl.xml"))
-    @dfl = Sepa::Response.new(@dfl).application_response
+    @dfl = Nokogiri::XML(File.read("#{NORDEA_TEST_RESPONSE_PATH}/dfl.xml"))
+    @dfl = Sepa::Response.new(@dfl, command: :download_file_list).application_response
 
-    @uf = Nokogiri::XML(File.read("#{responses_path}/uf.xml"))
-    @uf = Sepa::Response.new(@uf).application_response
+    @uf = Nokogiri::XML(File.read("#{NORDEA_TEST_RESPONSE_PATH}/uf.xml"))
+    @uf = Sepa::Response.new(@uf, command: :upload_file).application_response
 
-    @df = Nokogiri::XML(File.read("#{responses_path}/df.xml"))
-    @df = Sepa::Response.new(@df).application_response
+    @df_tito = Nokogiri::XML(File.read("#{NORDEA_TEST_RESPONSE_PATH}/df_tito.xml"))
+    @df_tito = Sepa::Response.new(@df_tito, command: :download_file).application_response
 
-    @gui = Nokogiri::XML(File.read("#{responses_path}/gui.xml"))
-    @gui = Sepa::Response.new(@gui).application_response
+    @gui = Nokogiri::XML(File.read("#{NORDEA_TEST_RESPONSE_PATH}/gui.xml"))
+    @gui = Sepa::Response.new(@gui, command: :get_user_info).application_response
 
     @dfl_ar = Sepa::ApplicationResponse.new(@dfl)
     @uf_ar = Sepa::ApplicationResponse.new(@uf)
-    @df_ar = Sepa::ApplicationResponse.new(@df)
+    @df_ar = Sepa::ApplicationResponse.new(@df_tito)
     @gui_ar = Sepa::ApplicationResponse.new(@gui)
   end
 
-  def test_should_initialize_with_proper_params
-    assert Sepa::ApplicationResponse.new(@dfl)
-    assert Sepa::ApplicationResponse.new(@uf)
-    assert Sepa::ApplicationResponse.new(@df)
-    assert Sepa::ApplicationResponse.new(@gui)
+  def test_templates_valid
+    assert @dfl_ar.valid?
+    assert @uf_ar.valid?
+    assert @df_ar.valid?
+    assert @gui_ar.valid?
   end
 
-  def test_should_complain_if_initialized_with_something_not_nokogiri_xml
-    assert_raises(ArgumentError) { Sepa::ApplicationResponse.new("Jees") }
+  def test_should_fail_if_initialized_with_not_nokogiri_xml
+    as = Sepa::ApplicationResponse.new("Jees")
+    refute as.valid?
   end
 
   def test_should_complain_if_ar_not_valid_against_schema
-    assert_raises(ArgumentError) do
-      Sepa::ApplicationResponse.new(Nokogiri::XML("<ar>text</ar>"))
-    end
+    as = Sepa::ApplicationResponse.new(Nokogiri::XML("<ar>text</ar>"))
+    refute as.valid?
   end
 
   def test_proper_dfl_hash_check_should_verify
@@ -80,14 +73,14 @@ class ApplicationResponseTest < MiniTest::Test
   end
 
   def test_invalid_df_hash_check_should_not_verify
-    digest_value_node = @df.at_css(
+    digest_value_node = @df_tito.at_css(
       'xmlns|DigestValue',
       'xmlns' => 'http://www.w3.org/2000/09/xmldsig#'
     )
 
     digest_value_node.content = digest_value_node.content[4..-1]
 
-    refute Sepa::ApplicationResponse.new(@df).hashes_match?
+    refute Sepa::ApplicationResponse.new(@df_tito).hashes_match?
   end
 
   def test_invalid_gui_hash_check_should_not_verify
@@ -140,14 +133,14 @@ class ApplicationResponseTest < MiniTest::Test
   end
 
   def test_corrupted_signature_in_df_should_fail_signature_verification
-    signature_node = @df.at_css(
+    signature_node = @df_tito.at_css(
       'xmlns|SignatureValue',
       'xmlns' => 'http://www.w3.org/2000/09/xmldsig#'
     )
 
     signature_node.content = 'a' + signature_node.content[1..-1]
 
-    refute Sepa::ApplicationResponse.new(@df).signature_is_valid?
+    refute Sepa::ApplicationResponse.new(@df_tito).signature_is_valid?
   end
 
   def test_corrupted_signature_in_gui_should_fail_signature_verification
@@ -188,7 +181,7 @@ class ApplicationResponseTest < MiniTest::Test
   end
 
   def test_should_raise_error_if_certificate_corrupted_in_df
-    cert_node = @df.at_css(
+    cert_node = @df_tito.at_css(
       'xmlns|X509Certificate',
       'xmlns' => 'http://www.w3.org/2000/09/xmldsig#'
     )
@@ -196,7 +189,7 @@ class ApplicationResponseTest < MiniTest::Test
     cert_node.content = "n5iw#{cert_node.content}"
 
     assert_raises(OpenSSL::X509::CertificateError) do
-      Sepa::ApplicationResponse.new(@df).certificate
+      Sepa::ApplicationResponse.new(@df_tito).certificate
     end
   end
 
@@ -214,25 +207,26 @@ class ApplicationResponseTest < MiniTest::Test
   end
 
   def test_cert_should_be_trusted_with_correct_root_cert
-    assert @dfl_ar.cert_is_trusted?(@root_cert)
-    assert @uf_ar.cert_is_trusted?(@root_cert)
-    assert @df_ar.cert_is_trusted?(@root_cert)
-    assert @gui_ar.cert_is_trusted?(@root_cert)
+    assert @dfl_ar.cert_is_trusted(@root_cert)
+    assert @uf_ar.cert_is_trusted(@root_cert)
+    assert @df_ar.cert_is_trusted(@root_cert)
+    assert @gui_ar.cert_is_trusted(@root_cert)
   end
 
   def test_dfl_should_fail_if_wrong_root_cert
-    assert_raises(SecurityError) { @dfl_ar.cert_is_trusted?(@not_root_cert) }
+    assert_raises(SecurityError) { @dfl_ar.cert_is_trusted(@not_root_cert) }
   end
 
   def test_uf_should_fail_if_wrong_root_cert
-    assert_raises(SecurityError) { @uf_ar.cert_is_trusted?(@not_root_cert) }
+    assert_raises(SecurityError) { @uf_ar.cert_is_trusted(@not_root_cert) }
   end
 
   def test_df_should_fail_if_wrong_root_cert
-    assert_raises(SecurityError) { @df_ar.cert_is_trusted?(@not_root_cert) }
+    assert_raises(SecurityError) { @df_ar.cert_is_trusted(@not_root_cert) }
   end
 
   def test_gui_should_fail_if_wrong_root_cert
-    assert_raises(SecurityError) { @gui_ar.cert_is_trusted?(@not_root_cert) }
+    assert_raises(SecurityError) { @gui_ar.cert_is_trusted(@not_root_cert) }
   end
+
 end

data/test/sepa/banks/nordea/nordea_cert_application_request_test.rb

@@ -0,0 +1,72 @@
+require 'test_helper'
+
+class NordeaCertApplicationRequestTest < ActiveSupport::TestCase
+  include Sepa::Utilities
+
+  def setup
+    @get_cert_params = nordea_cert_params
+    ar_cert = Sepa::SoapBuilder.new(@get_cert_params).ar
+    @xml = Nokogiri::XML(ar_cert.to_xml)
+  end
+
+  def test_schemas_are_unmodified
+    sha1 = OpenSSL::Digest::SHA1.new
+    cert_schema = File.read("#{SCHEMA_PATH}/cert_application_request.xsd")
+    cert_digest = sha1.digest(cert_schema)
+    assert_equal Base64.encode64(cert_digest).strip, "sFwy9Tj+cERTdcmaGhm8WpmJBH4="
+  end
+
+  def test_should_initialize_with_only_get_certificate_params
+    assert Sepa::ApplicationRequest.new(@get_cert_params)
+  end
+
+  def test_should_get_argument_errors_unless_command_is_get_certificate
+    assert_raises(ArgumentError) do
+      @get_cert_params[:command] = :wrong_command
+      ar = Sepa::ApplicationRequest.new(@get_cert_params)
+      ar.get_as_base64
+    end
+  end
+
+  def test_should_have_customer_id_set
+    assert_equal @xml.at_css("CustomerId").content, @get_cert_params[:customer_id]
+  end
+
+  def test_should_have_timestamp_set_properly
+    timestamp = Time.strptime(@xml.at_css("Timestamp").content, '%Y-%m-%dT%H:%M:%S%z')
+    assert timestamp <= Time.now && timestamp > (Time.now - 60), "Timestamp was not set correctly"
+  end
+
+  def test_should_have_command_set_when_get_certificate
+    assert_equal @xml.at_css("Command").content, "GetCertificate"
+  end
+
+  def test_should_have_environment_set
+    assert_equal @xml.at_css("Environment").content, @get_cert_params[:environment]
+  end
+
+  test 'should have software id set' do
+    assert_equal @xml.at_css("SoftwareId").content, "Sepa Transfer Library version #{Sepa::VERSION}"
+  end
+
+  test 'should have service set' do
+    assert_equal @xml.at_css('Service').content, @get_cert_params[:service]
+  end
+
+  test 'should have content set' do
+    assert_equal @xml.at_css('Content').content, format_cert_request(@get_cert_params[:csr])
+  end
+
+  test 'should have hmac set' do
+    assert_equal @xml.at_css('HMAC').content,
+                 hmac(@get_cert_params[:pin], csr_to_binary(@get_cert_params[:csr]))
+  end
+
+  def test_should_validate_against_schema
+    Dir.chdir(SCHEMA_PATH) do
+      xsd = Nokogiri::XML::Schema(IO.read('cert_application_request.xsd'))
+      assert xsd.valid?(@xml)
+    end
+  end
+
+end

data/test/sepa/banks/nordea/nordea_cert_request_soap_builder_test.rb

@@ -0,0 +1,65 @@
+require 'test_helper'
+
+class NordeaCertRequestSoapBuilderTest < ActiveSupport::TestCase
+
+  def setup
+    @nordea_generic_params = nordea_cert_params
+    @certrequest = Sepa::SoapBuilder.new(@nordea_generic_params)
+    @xml = Nokogiri::XML(@certrequest.to_xml)
+  end
+
+  def test_should_initialize_with_proper_params
+    assert Sepa::SoapBuilder.new(@nordea_generic_params)
+  end
+
+  def test_should_get_error_if_command_missing
+    @nordea_generic_params.delete(:command)
+
+    assert_raises(ArgumentError) do
+      Sepa::SoapBuilder.new(@nordea_generic_params)
+    end
+  end
+
+  def test_should_load_correct_template_with_get_certificate
+    @nordea_generic_params[:command] = :get_certificate
+    xml = Nokogiri::XML(Sepa::SoapBuilder.new(@nordea_generic_params).to_xml)
+
+    assert xml.xpath('//cer:getCertificatein', 'cer' => 'http://bxd.fi/CertificateService').first
+  end
+
+  def test_should_raise_error_if_command_not_correct
+    @nordea_generic_params[:command] = :wrong_command
+    assert_raises(ArgumentError) do
+      soap = Sepa::SoapBuilder.new(@nordea_generic_params).to_xml
+    end
+  end
+
+  def test_timestamp_is_set_correctly
+    timestamp_node = @xml.xpath(
+      "//cer:Timestamp", 'cer' => 'http://bxd.fi/CertificateService'
+    ).first
+
+    timestamp = Time.strptime(timestamp_node.content, '%Y-%m-%dT%H:%M:%S%z')
+
+    assert timestamp <= Time.now && timestamp > (Time.now - 60)
+  end
+
+  def test_application_request_should_be_inserted_properly
+    ar_node = @xml.xpath(
+      "//cer:ApplicationRequest", 'cer' => 'http://bxd.fi/CertificateService'
+    ).first
+
+    ar_doc = Nokogiri::XML(Base64.decode64(ar_node.content))
+
+    assert ar_doc.respond_to?(:canonicalize)
+    assert_equal ar_doc.at_css("CustomerId").content, @nordea_generic_params[:customer_id]
+  end
+
+  def test_should_validate_against_schema
+    Dir.chdir(SCHEMA_PATH) do
+      xsd = Nokogiri::XML::Schema(IO.read('soap.xsd'))
+      assert xsd.valid?(@xml)
+    end
+  end
+
+end