sepafm 1.0.1 → 1.1.0

data/lib/sepa/xml_templates/soap/{create_certificate.xml → danske/create_certificate.xml}

@@ -5,12 +5,12 @@
   <soapenv:Body>
     <pkif:CreateCertificateIn>
       <pkif:RequestHeader>
-        <pkif:SenderId></pkif:SenderId>
-        <pkif:CustomerId></pkif:CustomerId>
-        <pkif:RequestId></pkif:RequestId>
-        <pkif:Timestamp></pkif:Timestamp>
-        <pkif:InterfaceVersion></pkif:InterfaceVersion>
-        <pkif:Environment></pkif:Environment>
+        <pkif:SenderId/>
+        <pkif:CustomerId/>
+        <pkif:RequestId/>
+        <pkif:Timestamp/>
+        <pkif:InterfaceVersion/>
+        <pkif:Environment/>
       </pkif:RequestHeader>
     </pkif:CreateCertificateIn>
   </soapenv:Body>

data/lib/sepa/xml_templates/soap/{danske_get_bank_certificate.xml → danske/get_bank_certificate.xml}

@@ -5,11 +5,11 @@
   <soapenv:Body>
     <pkif:GetBankCertificateIn xmlns:pkif="http://danskebank.dk/PKI/PKIFactoryService">
       <pkif:RequestHeader xmlns:pkif="http://danskebank.dk/PKI/PKIFactoryService">
-        <pkif:SenderId></pkif:SenderId>
-        <pkif:CustomerId></pkif:CustomerId>
-        <pkif:RequestId></pkif:RequestId>
-        <pkif:Timestamp></pkif:Timestamp>
-        <pkif:InterfaceVersion></pkif:InterfaceVersion>
+        <pkif:SenderId/>
+        <pkif:CustomerId/>
+        <pkif:RequestId/>
+        <pkif:Timestamp/>
+        <pkif:InterfaceVersion/>
       </pkif:RequestHeader>
     </pkif:GetBankCertificateIn>
   </soapenv:Body>

data/lib/sepa/xml_templates/soap/nordea/get_certificate.xml

@@ -0,0 +1,15 @@
+<?xml version="1.0"?>
+<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
+                  xmlns:cer="http://bxd.fi/CertificateService">
+  <soapenv:Header/>
+  <soapenv:Body>
+    <cer:getCertificatein>
+      <cer:RequestHeader>
+        <cer:SenderId/>
+        <cer:RequestId/>
+        <cer:Timestamp/>
+      </cer:RequestHeader>
+      <cer:ApplicationRequest/>
+    </cer:getCertificatein>
+  </soapenv:Body>
+</soapenv:Envelope>

data/lib/sepa/xml_templates/soap/op/get_certificate.xml

@@ -0,0 +1,14 @@
+<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"
+              xmlns:opc="http://mlp.op.fi/OPCertificateService">
+  <env:Header/>
+  <env:Body>
+    <opc:getCertificatein>
+      <opc:RequestHeader>
+        <opc:SenderId/>
+        <opc:RequestId/>
+        <opc:Timestamp/>
+      </opc:RequestHeader>
+      <opc:ApplicationRequest/>
+    </opc:getCertificatein>
+  </env:Body>
+</env:Envelope>

data/lib/sepa/xml_templates/soap/op/get_service_certificates.xml

@@ -0,0 +1,14 @@
+<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"
+              xmlns:opc="http://mlp.op.fi/OPCertificateService">
+  <env:Header/>
+  <env:Body>
+    <opc:getCertificatein>
+      <opc:RequestHeader>
+        <opc:SenderId/>
+        <opc:RequestId/>
+        <opc:Timestamp/>
+      </opc:RequestHeader>
+      <opc:ApplicationRequest/>
+    </opc:getCertificatein>
+  </env:Body>
+</env:Envelope>

data/lib/sepafm.rb

@@ -14,9 +14,11 @@ require 'sepa/client'
 require 'sepa/response'
 require 'sepa/banks/nordea/nordea_response'
 require 'sepa/banks/danske/danske_response'
+require 'sepa/banks/op/op_response'
 require 'sepa/soap_builder'
 require 'sepa/banks/danske/soap_danske'
 require 'sepa/banks/nordea/soap_nordea'
+require 'sepa/banks/op/soap_op'
 require 'sepa/version'
 
 # The root path of where the gem is installed
@@ -58,11 +60,39 @@ nordea_root_certificate_string = File.read("#{CERTIFICATE_PATH}nordea_root_certi
 
 # Nordea's root certificate as an OpenSSL::X509::Certificate
 NORDEA_ROOT_CERTIFICATE = OpenSSL::X509::Certificate.new nordea_root_certificate_string
+
 danske_root_certificate_string = File.read("#{CERTIFICATE_PATH}danske_root_certificate.cer")
 
 # Danske Bank's root certificate as an OpenSSL::X509::Certificate
 DANSKE_ROOT_CERTIFICATE = OpenSSL::X509::Certificate.new danske_root_certificate_string
 
+op_root_certificate_string = File.read("#{CERTIFICATE_PATH}op_root_certificate.cer")
+
+# OP's root certificate as an OpenSSL::X509::Certificate
+OP_ROOT_CERTIFICATE = OpenSSL::X509::Certificate.new op_root_certificate_string
+
+# @!endgroup
+
+
+# @!group Commands
+
+# Commands described in the standard
+STANDARD_COMMANDS = %i(
+  download_file
+  download_file_list
+  get_user_info
+  upload_file
+)
+
+SUPPORTED_COMMANDS =
+  STANDARD_COMMANDS +
+  %i(
+    create_certificate
+    get_bank_certificate
+    get_certificate
+    get_service_certificates
+  )
+
 # @!endgroup
 
 
@@ -101,4 +131,10 @@ DANSKE_PKI  = 'http://danskebank.dk/PKI/PKIFactoryService/elements'
 # Namespace used in Danske Bank's certificate services soap
 DANSKE_PKIF = 'http://danskebank.dk/PKI/PKIFactoryService'
 
+# Namespace used in OP's certificate requests and responses soap
+OP_PKI = 'http://mlp.op.fi/OPCertificateService'
+
+# Namespace used in OP's certificate application requests and responses
+OP_XML_DATA = 'http://op.fi/mlp/xmldata/'
+
 # @!endgroup

data/readme.md

@@ -11,6 +11,7 @@ Currently we have support for SEPA Web Services for
 
 * Nordea
 * Danske Bank
+* OP
 
 ## Installation
 
@@ -101,6 +102,8 @@ openssl req -out encryption.csr -new -newkey rsa:2048 -nodes -keyout encryption.
 openssl req -out signing.csr -new -newkey rsa:2048 -nodes -keyout signing.key
 ```
 
+*(For Nordea the key is 1024 bits)*
+
 Enter your information and you should have four files
 
 ```
@@ -110,14 +113,14 @@ signing.csr
 signing.key
 ```
 
-### Downloading Nordea Certificate
+### Downloading Nordea and OP Certificates
 
 Define parameters hash for client
 
 ```ruby
 params = {
   pin: '1234567890',
-  bank: :nordea,
+  bank: :nordea|:op,
   command: :get_certificate,
   customer_id: '11111111',
   environment: 'test',
@@ -250,16 +253,16 @@ Not all parameters are needed in every request.
 
 Parameter | Description
 --- | ---
-bank | Bank you want to send the request to. Either `:nordea` or `:danske`
+bank | Bank you want to send the request to. Either `:nordea`, `:danske`, or `:op`
 customer_id | Customer id from bank.
-command | Must be one of: `download_file_list`, `upload_file`, `download_file`, `get_user_info`, `get_certificate`, `get_bank_certificate`, `create_certificate`.
+command | Must be one of: `:download_file_list`, `:upload_file`, `:download_file`, `:get_user_info`, `:get_certificate`, `:get_bank_certificate`, `:create_certificate`, or `:get_service_certificates`.
 content | Content to be sent to the bank in `upload_file`.
 environment | Bank's environment where the request is sent. Has to be `production` or `test`.
-language | Language of the response. Must be either `FI`, `EN` or `SV`.
+language | Language of the response. Must be either `FI`, `EN`, or `SV`.
 target_id | Code used to categorize files. Can be retrieved with `get_user_info` -command. Only used by Nordea.
 file_type | Type of the file(s) your are going to download or send. These differ by bank. With Nordea they can be retrieved with `get_user_info` -command.
 file_reference | File's unique identification for downloading a file. Retrieved with `download_file_list` -command.
-status | Status for the file to be retrieved. Has to be `NEW`, `DOWNLOADED` or `ALL`.
+status | Status for the file to be retrieved. Has to be `NEW`, `DOWNLOADED`, or `ALL`.
 signing_private_key | Your private key of your signing certificate for signing the request.
 encryption_private_key | Your private key of your encryption certificate for decrypting the response.
 own_signing_certificate | Your signing certificate, signed by the bank.

data/sepafm.gemspec

@@ -16,16 +16,16 @@ Gem::Specification.new do |spec|
   spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
   spec.require_paths = ['lib']
 
-  spec.required_ruby_version = '>= 2.0.0'
+  spec.required_ruby_version = '>= 2.1.7'
 
   spec.add_dependency 'activemodel', '~> 4.2'
-  spec.add_dependency 'nokogiri', '~> 1.6'
-  spec.add_dependency 'savon', '~> 2.11'
+  spec.add_dependency 'nokogiri',    '~> 1.6'
+  spec.add_dependency 'savon',       '~> 2.11'
 
-  spec.add_development_dependency 'bundler', '~> 1.7'
+  spec.add_development_dependency 'bundler',                   '~> 1.10'
   spec.add_development_dependency 'codeclimate-test-reporter', '~> 0.4'
-  spec.add_development_dependency 'dotenv', '~> 2.0'
-  spec.add_development_dependency 'minitest', '~> 5.8'
-  spec.add_development_dependency 'rake', '~> 10.4'
-  spec.add_development_dependency 'rubyntlm', '~> 0.5'
+  spec.add_development_dependency 'dotenv',                    '~> 2.0'
+  spec.add_development_dependency 'minitest',                  '~> 5.8'
+  spec.add_development_dependency 'rake',                      '~> 10.4'
+  spec.add_development_dependency 'rubyntlm',                  '~> 0.5'
 end

data/test/custom_assertions.rb

@@ -0,0 +1,20 @@
+require 'minitest/assertions'
+
+module Minitest::Assertions
+  def assert_same_items(expected, actual)
+    assert same_items(expected, actual),
+           "Expected #{ expected.inspect } and #{ actual.inspect } to have the same items"
+  end
+
+  def refute_same_items(expected, actual)
+    refute same_items(expected, actual),
+           "Expected #{ expected.inspect } and #{ actual.inspect } would not have the same items"
+  end
+
+  private
+
+    def same_items(expected, actual)
+      actual.is_a?(Enumerable) && expected.is_a?(Enumerable) &&
+        expected.count == actual.count && actual.all? { |e| expected.include?(e) }
+    end
+end

data/test/sepa/banks/op/op_application_request_test.rb

@@ -0,0 +1,63 @@
+require 'test_helper'
+
+class OpApplicationRequestTest < ActiveSupport::TestCase
+  def setup
+    @params = op_generic_params
+
+    # Convert the keys here since the conversion is usually done by the client and these tests
+    # bypass the client
+    @params[:signing_private_key]     = rsa_key @params[:signing_private_key]
+    @params[:own_signing_certificate] = x509_certificate @params[:own_signing_certificate]
+
+    ar_file = Sepa::SoapBuilder.new(@params).application_request
+
+    @params[:command] = :download_file_list
+    ar_list           = Sepa::SoapBuilder.new(@params).application_request
+
+    @params[:command] = :upload_file
+    ar_up             = Sepa::SoapBuilder.new(@params).application_request
+
+    @doc_file = Nokogiri::XML(ar_file.to_xml)
+    @doc_list = Nokogiri::XML(ar_list.to_xml)
+    @doc_up   = Nokogiri::XML(ar_up.to_xml)
+  end
+
+  test 'download file validates against schema' do
+    errors = []
+
+    Dir.chdir(SCHEMA_PATH) do
+      xsd = Nokogiri::XML::Schema(IO.read('op/ApplicationRequest_20080918.xsd'))
+      xsd.validate(@doc_file).each do |error|
+        errors << error
+      end
+    end
+
+    assert errors.empty?, "The following schema validations failed:\n#{errors.join("\n")}"
+  end
+
+  test 'upload file validates against schema' do
+    errors = []
+
+    Dir.chdir(SCHEMA_PATH) do
+      xsd = Nokogiri::XML::Schema(IO.read('op/ApplicationRequest_20080918.xsd'))
+      xsd.validate(@doc_up).each do |error|
+        errors << error
+      end
+    end
+
+    assert errors.empty?, "The following schema validations failed:\n#{errors.join("\n")}"
+  end
+
+  test 'download file list validates against schema' do
+    errors = []
+
+    Dir.chdir(SCHEMA_PATH) do
+      xsd = Nokogiri::XML::Schema(IO.read('op/ApplicationRequest_20080918.xsd'))
+      xsd.validate(@doc_list).each do |error|
+        errors << error
+      end
+    end
+
+    assert errors.empty?, "The following schema validations failed:\n#{errors.join("\n")}"
+  end
+end

data/test/sepa/banks/op/op_cert_application_request_test.rb

@@ -0,0 +1,77 @@
+require 'test_helper'
+
+class OpCertApplicationRequestTest < ActiveSupport::TestCase
+  include Sepa::Utilities
+
+  setup do
+    @op_get_certificate_params = op_get_certificate_params
+    ar_cert                    = Sepa::SoapBuilder.new(@op_get_certificate_params).application_request
+    @xml                       = Nokogiri::XML(ar_cert.to_xml)
+  end
+
+  test "schemas are unmodified" do
+    sha1        = OpenSSL::Digest::SHA1.new
+    cert_schema = File.read("#{SCHEMA_PATH}/op/CertApplicationRequest_200812.xsd")
+    cert_digest = sha1.digest(cert_schema)
+    assert_equal "jq7suQXu6STF7F5la67ZXoZGCNg=", encode(cert_digest).strip
+  end
+
+  test "initializes correctly" do
+    assert Sepa::ApplicationRequest.new(@op_get_certificate_params)
+  end
+
+  test "raises argument error if command is not get certificate" do
+    assert_raises ArgumentError do
+      @op_get_certificate_params[:command] = :wrong_command
+      ar                                   = Sepa::ApplicationRequest.new(@op_get_certificate_params)
+      ar.get_as_base64
+    end
+  end
+
+  test "customer id is set correctly" do
+    assert_equal @xml.at_css("CustomerId").content, @op_get_certificate_params[:customer_id]
+  end
+
+  test "timestamp is set correctly" do
+    timestamp = Time.strptime(@xml.at_css("Timestamp").content, '%Y-%m-%dT%H:%M:%S%z')
+    assert timestamp <= Time.now && timestamp > (Time.now - 60), "Timestamp was not set correctly"
+  end
+
+  test "environment is set correctly" do
+    expected_environment = @op_get_certificate_params[:environment].upcase
+    assert_equal expected_environment, @xml.at_css("Environment").content
+  end
+
+  test "software id is set correctly" do
+    assert_equal @xml.at_css("SoftwareId").content, "Sepa Transfer Library version #{Sepa::VERSION}"
+  end
+
+  test "service is set correctly" do
+    assert_equal "MATU", @xml.at_css("Service").content
+  end
+
+  test "content is set correctly" do
+    assert_equal format_cert_request(@op_get_certificate_params[:signing_csr]), @xml.at_css("Content").content
+  end
+
+  test "transfer key is set correctly" do
+    assert_equal @op_get_certificate_params[:pin], @xml.at("TransferKey").content
+  end
+
+  test "hmac is not set" do
+    refute @xml.at_css("HMAC"), "HMAC should not be set, but is #{@xml.at_css("HMAC")}"
+  end
+
+  test "validates against schema" do
+    errors = []
+
+    Dir.chdir(SCHEMA_PATH) do
+      xsd = Nokogiri::XML::Schema(IO.read('op/CertApplicationRequest_200812.xsd'))
+      xsd.validate(@xml).each do |error|
+        errors << error
+      end
+    end
+
+    assert errors.empty?, "The following schema validations failed:\n#{errors.join("\n")}"
+  end
+end

data/test/sepa/banks/op/op_cert_request_soap_builder_test.rb

@@ -0,0 +1,62 @@
+require 'test_helper'
+
+class OpCertRequestSoapBuilderTest < ActiveSupport::TestCase
+
+  def setup
+    @params  = op_get_certificate_params
+    @request = Sepa::SoapBuilder.new(@params)
+    @xml     = Nokogiri::XML(@request.to_xml)
+  end
+
+  test "error is raised if command is missing" do
+    @params.delete(:command)
+
+    assert_raises(ArgumentError) do
+      Sepa::SoapBuilder.new(@params)
+    end
+  end
+
+  test "correct template is loaded" do
+    @params[:command] = :get_certificate
+    xml               = Nokogiri::XML(Sepa::SoapBuilder.new(@params).to_xml)
+
+    assert xml.xpath('//opc:getCertificatein', opc: OP_PKI).first
+  end
+
+  test "error is raised if command is not correct" do
+    @params[:command] = :wrong_command
+    assert_raises(ArgumentError) do
+      Sepa::SoapBuilder.new(@params).to_xml
+    end
+  end
+
+  test "timestamp is set correctly" do
+    timestamp_node = @xml.xpath("//opc:Timestamp", opc: OP_PKI).first
+
+    timestamp = Time.strptime(timestamp_node.content, '%Y-%m-%dT%H:%M:%S%z')
+
+    assert timestamp <= Time.now && timestamp > (Time.now - 60)
+  end
+
+  test "application request is inserted properly" do
+    ar_node = @xml.xpath("//opc:ApplicationRequest", opc: OP_PKI).first
+
+    ar_doc = Nokogiri::XML(decode(ar_node.content))
+
+    assert ar_doc.respond_to?(:canonicalize)
+    assert_equal ar_doc.at_css("CustomerId").content, @params[:customer_id]
+  end
+
+  test "validates against schema" do
+    errors = []
+
+    Dir.chdir(SCHEMA_PATH) do
+      xsd = Nokogiri::XML::Schema(IO.read('soap.xsd'))
+      xsd.validate(@xml).each do |error|
+        errors << error
+      end
+    end
+
+    assert errors.empty?, "The following schema validations failed:\n#{errors.join("\n")}"
+  end
+end

data/test/sepa/banks/op/op_generic_soap_builder_test.rb

@@ -0,0 +1,52 @@
+require 'test_helper'
+
+class OpGenericSoapBuilderTest < ActiveSupport::TestCase
+  def setup
+    @params = op_generic_params
+
+    # Convert the keys here since the conversion is usually done by the client and these tests
+    # bypass the client
+    @params[:signing_private_key]     = rsa_key @params[:signing_private_key]
+    @params[:own_signing_certificate] = x509_certificate @params[:own_signing_certificate]
+
+    @soap_request = Sepa::SoapBuilder.new(@params)
+    @doc          = Nokogiri::XML(@soap_request.to_xml)
+  end
+
+  def test_receiver_is_is_set_correctly
+    receiver_id_node = @doc.xpath('//bxd:ReceiverId', bxd: 'http://model.bxd.fi').first
+    assert_equal 'OKOYFIHH', receiver_id_node.content
+  end
+
+  test 'validates against schema' do
+    errors = []
+
+    Dir.chdir(SCHEMA_PATH) do
+      xsd = Nokogiri::XML::Schema(IO.read('soap.xsd'))
+      xsd.validate(@doc).each do |error|
+        errors << error
+      end
+    end
+
+    assert errors.empty?, "The following schema validations failed:\n#{errors.join("\n")}"
+  end
+
+  test 'validates against ws security schema' do
+    wsse = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'
+
+    ws_node = @doc.xpath('//wsse:Security', wsse: wsse)
+    ws_node = ws_node.to_xml
+    ws_node = Nokogiri::XML(ws_node)
+
+    errors = []
+
+    Dir.chdir(SCHEMA_PATH) do
+      xsd = Nokogiri::XML::Schema(IO.read('oasis-200401-wss-wssecurity-secext-1.0.xsd'))
+      xsd.validate(ws_node).each do |error|
+        errors << error
+      end
+    end
+
+    assert errors.empty?, "The following schema validations failed:\n#{errors.join("\n")}"
+  end
+end

data/test/sepa/banks/op/op_response_test.rb

@@ -0,0 +1,13 @@
+require 'test_helper'
+
+class OpResponseTest < ActiveSupport::TestCase
+  test "fails with invalid params" do
+    a = Sepa::OpResponse.new({ response: "Jees", command: "not" })
+    refute a.valid?
+  end
+
+  test "complains if application response is not valid against schema" do
+    a = Sepa::OpResponse.new({ response: "<ar>text</ar>", command: "notvalid" })
+    refute a.valid?
+  end
+end

data/test/sepa/client_test.rb

@@ -19,6 +19,40 @@ class ClientTest < ActiveSupport::TestCase
     assert Sepa::Client.new
   end
 
+  test "correct banks are supported" do
+    assert_equal [:danske, :nordea, :op].sort, Sepa::Client::BANKS.sort
+  end
+
+  test "correct allowed commands for nordea" do
+    c = Sepa::Client.new(bank: :nordea)
+
+    commands = STANDARD_COMMANDS + [:get_certificate]
+
+    assert_same_items commands, c.allowed_commands
+  end
+
+  test "correct allowed commands for op" do
+    c = Sepa::Client.new(bank: :op)
+
+    commands =
+      STANDARD_COMMANDS -
+      %i(get_user_info) +
+      %i(
+        get_certificate
+        get_service_certificates
+      )
+
+    assert_same_items commands, c.allowed_commands
+  end
+
+  test "correct allowed commands for danske" do
+    c = Sepa::Client.new(bank: :danske)
+
+    commands = STANDARD_COMMANDS - [:get_user_info] + [:get_bank_certificate, :create_certificate]
+
+    assert_same_items commands, c.allowed_commands
+  end
+
   test "should initialize with attributes" do
     assert Sepa::Client.new @nordea_generic_params
   end
@@ -348,7 +382,7 @@ class ClientTest < ActiveSupport::TestCase
     response = client.send_request
 
     refute response.valid?, response.errors.messages
-    assert_includes response.errors.messages.to_s, "HTTP error (500): THE ERROR!"
+    assert_includes response.errors.messages.to_s, "THE ERROR!"
 
     Savon.observers.pop
   end

data/test/sepa/fixtures.rb

@@ -88,6 +88,61 @@ Sn4Uz7Zjk3UrBIbMYEv0u2mcCypwsb0nGE5/gzDPjGE9cxWW+rXARIs+sNQVClnh
   }
 end
 
+def op_generic_params
+  own_signing_certificate = "-----BEGIN CERTIFICATE-----
+MIIDwTCCAqmgAwIBAgIEAX1JuTANBgkqhkiG9w0BAQUFADBkMQswCQYDVQQGEwJT
+RTEeMBwGA1UEChMVTm9yZGVhIEJhbmsgQUIgKHB1YmwpMR8wHQYDVQQDExZOb3Jk
+ZWEgQ29ycG9yYXRlIENBIDAxMRQwEgYDVQQFEws1MTY0MDYtMDEyMDAeFw0xMzA1
+MDIxMjI2MzRaFw0xNTA1MDIxMjI2MzRaMEQxCzAJBgNVBAYTAkZJMSAwHgYDVQQD
+DBdOb3JkZWEgRGVtbyBDZXJ0aWZpY2F0ZTETMBEGA1UEBRMKNTc4MDg2MDIzODCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwtFEfAtbJuGzQwwRumZkvYh2BjGY
+VsAMUeiKtOne3bZSeisfCq+TXqL1gI9LofyeAQ9I/sDm6tL80yrD5iaSUqVm6A73
+9MsmpW/iyZcVf7ms8xAN51ESUgN6akwZCU9pH62ngJDj2gUsktY0fpsoVsARdrvO
+Fk0fTSUXKWd6LbcCAwEAAaOCAR0wggEZMAkGA1UdEwQCMAAwEQYDVR0OBAoECEBw
+2cj7+XMAMBMGA1UdIAQMMAowCAYGKoVwRwEDMBMGA1UdIwQMMAqACEALddbbzwun
+MDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcwAYYbaHR0cDovL29jc3Aubm9yZGVh
+LnNlL0NDQTAxMA4GA1UdDwEB/wQEAwIFoDCBhQYDVR0fBH4wfDB6oHigdoZ0bGRh
+cCUzQS8vbGRhcC5uYi5zZS9jbiUzRE5vcmRlYStDb3Jwb3JhdGUrQ0ErMDElMkNv
+JTNETm9yZGVhK0JhbmsrQUIrJTI4cHVibCUyOSUyQ2MlM0RTRSUzRmNlcnRpZmlj
+YXRlcmV2b2NhdGlvbmxpc3QwDQYJKoZIhvcNAQEFBQADggEBACLUPB1Gmq6286/s
+ROADo7N+w3eViGJ2fuOTLMy4R0UHOznKZNsuk4zAbS2KycbZsE5py4L8o+IYoaS8
+8YHtEeckr2oqHnPpz/0Eg7wItj8Ad+AFWJqzbn6Hu/LQhlnl5JEzXzl3eZj9oiiJ
+1q/2CGXvFomY7S4tgpWRmYULtCK6jode0NhgNnAgOI9uy76pSS16aDoiQWUJqQgV
+ydowAnqS9h9aQ6gedwbOdtkWmwKMDVXU6aRz9Gvk+JeYJhtpuP3OPNGbbC5L7NVd
+no+B6AtwxmG3ozd+mPcMeVuz6kKLAmQyIiBSrRNa5OrTkq/CUzxO9WUgTnm/Sri7
+zReR6mU=
+-----END CERTIFICATE-----"
+  signing_private_key = "-----BEGIN PRIVATE KEY-----
+MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMLRRHwLWybhs0MM
+EbpmZL2IdgYxmFbADFHoirTp3t22UnorHwqvk16i9YCPS6H8ngEPSP7A5urS/NMq
+w+YmklKlZugO9/TLJqVv4smXFX+5rPMQDedRElIDempMGQlPaR+tp4CQ49oFLJLW
+NH6bKFbAEXa7zhZNH00lFylnei23AgMBAAECgYEAqt912/7x4jaQTrxlSELLFVp9
+eo1BesVTiPwXvPpsGbbyvGjZ/ztkXNs9zZbh1aCGzZMkiR2U7F5GlsiprlIif4cF
+6Xz7rCjaAs7iDRt9PjhjVuqNGR2I+VIIlbQ9XWFJ3lJFW3v7TIZ8JbLnn0XOFz+Z
+BBSSGTK1zTNh4TBQtjECQQDe5M3uu9m4RwSw9R6GaDw/IFQZgr0oWSv0WIjRwvwW
+nFnSX2lbkNAjulP0daGsmn7vxIpqZxPxwcrU4wFqTF5dAkEA38DnbCm3YfogzwLH
+Nre2hBmGqjWarhtxqtRarrkgnmOd8W0Z1Hb1dSHrliUSVSrINbK5ZdEV15Rpu7VD
+OePzIwJAPMslS+8alANyyR0iJUC65fDYX1jkZOPldDDNqIDJJxWf/hwd7WaTDpuc
+mHmZDi3ZX2Y45oqUywSzYNtFoIuR1QJAZYUZuyqmSK77SdGB36K1DfSi9AFEQDC1
+fwPAbTwTv6mFFPAiYxLiRZXxVPtW+QtjMXH4ymh2V4y/+GnCqbZyLwJBAJQSDAME
+Sn4Uz7Zjk3UrBIbMYEv0u2mcCypwsb0nGE5/gzDPjGE9cxWW+rXARIs+sNQVClnh
+45nhdfYxOjgYff0=
+-----END PRIVATE KEY-----"
+
+  {
+    bank:                    :op,
+    command:                 :download_file,
+    content:                 encode('kissa'),
+    customer_id:             '1111111111',
+    environment:             'production',
+    file_reference:          '11111111A12006030329501800000014',
+    file_type:               'pain.001.001.02',
+    own_signing_certificate: own_signing_certificate,
+    signing_private_key:     signing_private_key,
+    status:                  'ALL',
+  }
+end
+
 def nordea_get_certificate_params
   signing_csr = "-----BEGIN CERTIFICATE REQUEST-----
 MIIBczCB3QIBADA0MRIwEAYDVQQDEwlEZXZsYWIgT3kxETAPBgNVBAUTCDExMTEx
@@ -110,6 +165,33 @@ jo2ekdSDdw8qxKyxj1piv8oYzMd4fCjCpL+WDZtq7mdLErVZ92gH
   }
 end
 
+def op_get_certificate_params
+  signing_csr = "-----BEGIN CERTIFICATE REQUEST-----
+MIICZzCCAU8CAQAwIjELMAkGA1UEBhMCRkkxEzARBgNVBAMTCjEwMDAwMTA1ODMw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFIQFuGnCPMLquHTfXj+ef
+31w+7qILkGsPcf24udpDy2AmP0PNrPAdB4S/gW9UXqR4ZiJPnEQIP6y/OGDxd6la
+0T/wNIVbLIJlPP5YgEZ1HYaV+6CsOa/n5PhXyC8Uy9BK9Txew8MqLakYvOfzKNuD
+oi9Fdfj7NjT2OgeyL5UMpzPvFxunbOwNT7QEGdZ4+Um5pJOvNWTuUGqYq1J9MAyU
+2PPBsvQ3fOOxR5t8QnMlbxC+JZkaaO14ELi4riAaFW0Q/MbwKCEXSX6Erb3F+o8l
+DDqITxfgBRr0crhYicLy7aMZzMJHqXoaSHZHUZBpCxRhnlgykCcErLJxC3S8m0rT
+AgMBAAGgADANBgkqhkiG9w0BAQUFAAOCAQEAkDsDiweg4oi52zSZZvGTlbEf3Mly
+rTKXNToBZ6n5DrChsc6Rk8VySVpFFOiiLGKwB9YHzNIipWDZ8CVXPPNZAtWJMPPW
+sJjgx2EMUxlimGKW6Ipd7PL2jQA5tpEao9CNdVPSrm5fs4Wd40A1JWJeUGKi4KKJ
+ZZn3Um8Lu5n6nAkT+v2jXI94nPFckMMuEpVml/hdT8zg4EuC6ilo9OEBiOdMzVO1
+5pK4Dp6ZHeTKoyUiwnVMssT5kCAovLYrmd0/qRVZ1JeEKN9t20APfpHVeu0WfWSE
+GuNaWLWOhkOqCtAdNkSGeq/ZKbjYHolGo5FBQqdJnuz0r3I5nfLUNAHXNg==
+-----END CERTIFICATE REQUEST-----"
+
+  {
+    bank:        :op,
+    command:     :get_certificate,
+    customer_id: '1000010583',
+    environment: 'test',
+    signing_csr: signing_csr,
+    pin:         '2251401483958635'
+  }
+end
+
 def danske_get_bank_cert_params
   {
       bank: :danske,

data/test/sepa/sepa_test.rb

@@ -4,7 +4,7 @@ class TestSepa < ActiveSupport::TestCase
 
   def test_version_must_be_defined
     refute_nil Sepa::VERSION
-    assert_equal "1.0.1", Sepa::VERSION
+    assert_equal "1.1.0", Sepa::VERSION
   end
 
 end