sepafm 1.0.1 → 1.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +6 -0
- data/.travis.yml +1 -1
- data/lib/sepa/application_request.rb +30 -31
- data/lib/sepa/attribute_checks.rb +44 -15
- data/lib/sepa/banks/danske/danske_response.rb +21 -0
- data/lib/sepa/banks/danske/soap_danske.rb +7 -18
- data/lib/sepa/banks/nordea/nordea_response.rb +13 -0
- data/lib/sepa/banks/nordea/soap_nordea.rb +3 -63
- data/lib/sepa/banks/op/op_response.rb +76 -0
- data/lib/sepa/banks/op/soap_op.rb +14 -0
- data/lib/sepa/certificates/op_root_certificate.cer +30 -0
- data/lib/sepa/client.rb +20 -26
- data/lib/sepa/response.rb +28 -7
- data/lib/sepa/soap_builder.rb +65 -8
- data/lib/sepa/utilities.rb +8 -21
- data/lib/sepa/version.rb +1 -1
- data/lib/sepa/wsdl/wsdl_op_cert_production.xml +156 -0
- data/lib/sepa/wsdl/wsdl_op_cert_test.xml +157 -0
- data/lib/sepa/wsdl/wsdl_op_production.xml +234 -0
- data/lib/sepa/wsdl/wsdl_op_test.xml +234 -0
- data/lib/sepa/xml_schemas/op/ApplicationRequest_20080918.xsd +135 -0
- data/lib/sepa/xml_schemas/op/ApplicationResponse_20080918.xsd +311 -0
- data/lib/sepa/xml_schemas/op/CertApplicationRequest_200812.xsd +105 -0
- data/lib/sepa/xml_schemas/op/CertApplicationResponse_200812.xsd +88 -0
- data/lib/sepa/xml_templates/application_request/{create_certificate.xml → danske/create_certificate.xml} +8 -8
- data/lib/sepa/xml_templates/application_request/{danske_get_bank_certificate.xml → danske/get_bank_certificate.xml} +3 -3
- data/lib/sepa/xml_templates/application_request/download_file.xml +10 -11
- data/lib/sepa/xml_templates/application_request/download_file_list.xml +9 -10
- data/lib/sepa/xml_templates/application_request/nordea/get_certificate.xml +11 -0
- data/lib/sepa/xml_templates/application_request/op/get_certificate.xml +12 -0
- data/lib/sepa/xml_templates/application_request/op/get_service_certificates.xml +10 -0
- data/lib/sepa/xml_templates/soap/{create_certificate.xml → danske/create_certificate.xml} +6 -6
- data/lib/sepa/xml_templates/soap/{danske_get_bank_certificate.xml → danske/get_bank_certificate.xml} +5 -5
- data/lib/sepa/xml_templates/soap/nordea/get_certificate.xml +15 -0
- data/lib/sepa/xml_templates/soap/op/get_certificate.xml +14 -0
- data/lib/sepa/xml_templates/soap/op/get_service_certificates.xml +14 -0
- data/lib/sepafm.rb +36 -0
- data/readme.md +9 -6
- data/sepafm.gemspec +8 -8
- data/test/custom_assertions.rb +20 -0
- data/test/sepa/banks/op/op_application_request_test.rb +63 -0
- data/test/sepa/banks/op/op_cert_application_request_test.rb +77 -0
- data/test/sepa/banks/op/op_cert_request_soap_builder_test.rb +62 -0
- data/test/sepa/banks/op/op_generic_soap_builder_test.rb +52 -0
- data/test/sepa/banks/op/op_response_test.rb +13 -0
- data/test/sepa/client_test.rb +35 -1
- data/test/sepa/fixtures.rb +82 -0
- data/test/sepa/sepa_test.rb +1 -1
- data/test/test_helper.rb +1 -0
- data/test_client/data/certs_example.rb +9 -0
- data/test_client/data/params_example.rb +110 -0
- data/test_client/test_client.rb +61 -0
- metadata +42 -12
- data/lib/sepa/xml_templates/application_request/get_certificate.xml +0 -11
- data/lib/sepa/xml_templates/soap/get_certificate.xml +0 -14
@@ -5,12 +5,12 @@
|
|
5
5
|
<soapenv:Body>
|
6
6
|
<pkif:CreateCertificateIn>
|
7
7
|
<pkif:RequestHeader>
|
8
|
-
<pkif:SenderId
|
9
|
-
<pkif:CustomerId
|
10
|
-
<pkif:RequestId
|
11
|
-
<pkif:Timestamp
|
12
|
-
<pkif:InterfaceVersion
|
13
|
-
<pkif:Environment
|
8
|
+
<pkif:SenderId/>
|
9
|
+
<pkif:CustomerId/>
|
10
|
+
<pkif:RequestId/>
|
11
|
+
<pkif:Timestamp/>
|
12
|
+
<pkif:InterfaceVersion/>
|
13
|
+
<pkif:Environment/>
|
14
14
|
</pkif:RequestHeader>
|
15
15
|
</pkif:CreateCertificateIn>
|
16
16
|
</soapenv:Body>
|
data/lib/sepa/xml_templates/soap/{danske_get_bank_certificate.xml → danske/get_bank_certificate.xml}
RENAMED
@@ -5,11 +5,11 @@
|
|
5
5
|
<soapenv:Body>
|
6
6
|
<pkif:GetBankCertificateIn xmlns:pkif="http://danskebank.dk/PKI/PKIFactoryService">
|
7
7
|
<pkif:RequestHeader xmlns:pkif="http://danskebank.dk/PKI/PKIFactoryService">
|
8
|
-
<pkif:SenderId
|
9
|
-
<pkif:CustomerId
|
10
|
-
<pkif:RequestId
|
11
|
-
<pkif:Timestamp
|
12
|
-
<pkif:InterfaceVersion
|
8
|
+
<pkif:SenderId/>
|
9
|
+
<pkif:CustomerId/>
|
10
|
+
<pkif:RequestId/>
|
11
|
+
<pkif:Timestamp/>
|
12
|
+
<pkif:InterfaceVersion/>
|
13
13
|
</pkif:RequestHeader>
|
14
14
|
</pkif:GetBankCertificateIn>
|
15
15
|
</soapenv:Body>
|
@@ -0,0 +1,15 @@
|
|
1
|
+
<?xml version="1.0"?>
|
2
|
+
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
|
3
|
+
xmlns:cer="http://bxd.fi/CertificateService">
|
4
|
+
<soapenv:Header/>
|
5
|
+
<soapenv:Body>
|
6
|
+
<cer:getCertificatein>
|
7
|
+
<cer:RequestHeader>
|
8
|
+
<cer:SenderId/>
|
9
|
+
<cer:RequestId/>
|
10
|
+
<cer:Timestamp/>
|
11
|
+
</cer:RequestHeader>
|
12
|
+
<cer:ApplicationRequest/>
|
13
|
+
</cer:getCertificatein>
|
14
|
+
</soapenv:Body>
|
15
|
+
</soapenv:Envelope>
|
@@ -0,0 +1,14 @@
|
|
1
|
+
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"
|
2
|
+
xmlns:opc="http://mlp.op.fi/OPCertificateService">
|
3
|
+
<env:Header/>
|
4
|
+
<env:Body>
|
5
|
+
<opc:getCertificatein>
|
6
|
+
<opc:RequestHeader>
|
7
|
+
<opc:SenderId/>
|
8
|
+
<opc:RequestId/>
|
9
|
+
<opc:Timestamp/>
|
10
|
+
</opc:RequestHeader>
|
11
|
+
<opc:ApplicationRequest/>
|
12
|
+
</opc:getCertificatein>
|
13
|
+
</env:Body>
|
14
|
+
</env:Envelope>
|
@@ -0,0 +1,14 @@
|
|
1
|
+
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"
|
2
|
+
xmlns:opc="http://mlp.op.fi/OPCertificateService">
|
3
|
+
<env:Header/>
|
4
|
+
<env:Body>
|
5
|
+
<opc:getCertificatein>
|
6
|
+
<opc:RequestHeader>
|
7
|
+
<opc:SenderId/>
|
8
|
+
<opc:RequestId/>
|
9
|
+
<opc:Timestamp/>
|
10
|
+
</opc:RequestHeader>
|
11
|
+
<opc:ApplicationRequest/>
|
12
|
+
</opc:getCertificatein>
|
13
|
+
</env:Body>
|
14
|
+
</env:Envelope>
|
data/lib/sepafm.rb
CHANGED
@@ -14,9 +14,11 @@ require 'sepa/client'
|
|
14
14
|
require 'sepa/response'
|
15
15
|
require 'sepa/banks/nordea/nordea_response'
|
16
16
|
require 'sepa/banks/danske/danske_response'
|
17
|
+
require 'sepa/banks/op/op_response'
|
17
18
|
require 'sepa/soap_builder'
|
18
19
|
require 'sepa/banks/danske/soap_danske'
|
19
20
|
require 'sepa/banks/nordea/soap_nordea'
|
21
|
+
require 'sepa/banks/op/soap_op'
|
20
22
|
require 'sepa/version'
|
21
23
|
|
22
24
|
# The root path of where the gem is installed
|
@@ -58,11 +60,39 @@ nordea_root_certificate_string = File.read("#{CERTIFICATE_PATH}nordea_root_certi
|
|
58
60
|
|
59
61
|
# Nordea's root certificate as an OpenSSL::X509::Certificate
|
60
62
|
NORDEA_ROOT_CERTIFICATE = OpenSSL::X509::Certificate.new nordea_root_certificate_string
|
63
|
+
|
61
64
|
danske_root_certificate_string = File.read("#{CERTIFICATE_PATH}danske_root_certificate.cer")
|
62
65
|
|
63
66
|
# Danske Bank's root certificate as an OpenSSL::X509::Certificate
|
64
67
|
DANSKE_ROOT_CERTIFICATE = OpenSSL::X509::Certificate.new danske_root_certificate_string
|
65
68
|
|
69
|
+
op_root_certificate_string = File.read("#{CERTIFICATE_PATH}op_root_certificate.cer")
|
70
|
+
|
71
|
+
# OP's root certificate as an OpenSSL::X509::Certificate
|
72
|
+
OP_ROOT_CERTIFICATE = OpenSSL::X509::Certificate.new op_root_certificate_string
|
73
|
+
|
74
|
+
# @!endgroup
|
75
|
+
|
76
|
+
|
77
|
+
# @!group Commands
|
78
|
+
|
79
|
+
# Commands described in the standard
|
80
|
+
STANDARD_COMMANDS = %i(
|
81
|
+
download_file
|
82
|
+
download_file_list
|
83
|
+
get_user_info
|
84
|
+
upload_file
|
85
|
+
)
|
86
|
+
|
87
|
+
SUPPORTED_COMMANDS =
|
88
|
+
STANDARD_COMMANDS +
|
89
|
+
%i(
|
90
|
+
create_certificate
|
91
|
+
get_bank_certificate
|
92
|
+
get_certificate
|
93
|
+
get_service_certificates
|
94
|
+
)
|
95
|
+
|
66
96
|
# @!endgroup
|
67
97
|
|
68
98
|
|
@@ -101,4 +131,10 @@ DANSKE_PKI = 'http://danskebank.dk/PKI/PKIFactoryService/elements'
|
|
101
131
|
# Namespace used in Danske Bank's certificate services soap
|
102
132
|
DANSKE_PKIF = 'http://danskebank.dk/PKI/PKIFactoryService'
|
103
133
|
|
134
|
+
# Namespace used in OP's certificate requests and responses soap
|
135
|
+
OP_PKI = 'http://mlp.op.fi/OPCertificateService'
|
136
|
+
|
137
|
+
# Namespace used in OP's certificate application requests and responses
|
138
|
+
OP_XML_DATA = 'http://op.fi/mlp/xmldata/'
|
139
|
+
|
104
140
|
# @!endgroup
|
data/readme.md
CHANGED
@@ -11,6 +11,7 @@ Currently we have support for SEPA Web Services for
|
|
11
11
|
|
12
12
|
* Nordea
|
13
13
|
* Danske Bank
|
14
|
+
* OP
|
14
15
|
|
15
16
|
## Installation
|
16
17
|
|
@@ -101,6 +102,8 @@ openssl req -out encryption.csr -new -newkey rsa:2048 -nodes -keyout encryption.
|
|
101
102
|
openssl req -out signing.csr -new -newkey rsa:2048 -nodes -keyout signing.key
|
102
103
|
```
|
103
104
|
|
105
|
+
*(For Nordea the key is 1024 bits)*
|
106
|
+
|
104
107
|
Enter your information and you should have four files
|
105
108
|
|
106
109
|
```
|
@@ -110,14 +113,14 @@ signing.csr
|
|
110
113
|
signing.key
|
111
114
|
```
|
112
115
|
|
113
|
-
### Downloading Nordea
|
116
|
+
### Downloading Nordea and OP Certificates
|
114
117
|
|
115
118
|
Define parameters hash for client
|
116
119
|
|
117
120
|
```ruby
|
118
121
|
params = {
|
119
122
|
pin: '1234567890',
|
120
|
-
bank: :nordea,
|
123
|
+
bank: :nordea|:op,
|
121
124
|
command: :get_certificate,
|
122
125
|
customer_id: '11111111',
|
123
126
|
environment: 'test',
|
@@ -250,16 +253,16 @@ Not all parameters are needed in every request.
|
|
250
253
|
|
251
254
|
Parameter | Description
|
252
255
|
--- | ---
|
253
|
-
bank | Bank you want to send the request to. Either `:nordea
|
256
|
+
bank | Bank you want to send the request to. Either `:nordea`, `:danske`, or `:op`
|
254
257
|
customer_id | Customer id from bank.
|
255
|
-
command | Must be one of:
|
258
|
+
command | Must be one of: `:download_file_list`, `:upload_file`, `:download_file`, `:get_user_info`, `:get_certificate`, `:get_bank_certificate`, `:create_certificate`, or `:get_service_certificates`.
|
256
259
|
content | Content to be sent to the bank in `upload_file`.
|
257
260
|
environment | Bank's environment where the request is sent. Has to be `production` or `test`.
|
258
|
-
language | Language of the response. Must be either `FI`, `EN
|
261
|
+
language | Language of the response. Must be either `FI`, `EN`, or `SV`.
|
259
262
|
target_id | Code used to categorize files. Can be retrieved with `get_user_info` -command. Only used by Nordea.
|
260
263
|
file_type | Type of the file(s) your are going to download or send. These differ by bank. With Nordea they can be retrieved with `get_user_info` -command.
|
261
264
|
file_reference | File's unique identification for downloading a file. Retrieved with `download_file_list` -command.
|
262
|
-
status | Status for the file to be retrieved. Has to be `NEW`, `DOWNLOADED
|
265
|
+
status | Status for the file to be retrieved. Has to be `NEW`, `DOWNLOADED`, or `ALL`.
|
263
266
|
signing_private_key | Your private key of your signing certificate for signing the request.
|
264
267
|
encryption_private_key | Your private key of your encryption certificate for decrypting the response.
|
265
268
|
own_signing_certificate | Your signing certificate, signed by the bank.
|
data/sepafm.gemspec
CHANGED
@@ -16,16 +16,16 @@ Gem::Specification.new do |spec|
|
|
16
16
|
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
17
17
|
spec.require_paths = ['lib']
|
18
18
|
|
19
|
-
spec.required_ruby_version = '>= 2.
|
19
|
+
spec.required_ruby_version = '>= 2.1.7'
|
20
20
|
|
21
21
|
spec.add_dependency 'activemodel', '~> 4.2'
|
22
|
-
spec.add_dependency 'nokogiri',
|
23
|
-
spec.add_dependency 'savon',
|
22
|
+
spec.add_dependency 'nokogiri', '~> 1.6'
|
23
|
+
spec.add_dependency 'savon', '~> 2.11'
|
24
24
|
|
25
|
-
spec.add_development_dependency 'bundler',
|
25
|
+
spec.add_development_dependency 'bundler', '~> 1.10'
|
26
26
|
spec.add_development_dependency 'codeclimate-test-reporter', '~> 0.4'
|
27
|
-
spec.add_development_dependency 'dotenv',
|
28
|
-
spec.add_development_dependency 'minitest',
|
29
|
-
spec.add_development_dependency 'rake',
|
30
|
-
spec.add_development_dependency 'rubyntlm',
|
27
|
+
spec.add_development_dependency 'dotenv', '~> 2.0'
|
28
|
+
spec.add_development_dependency 'minitest', '~> 5.8'
|
29
|
+
spec.add_development_dependency 'rake', '~> 10.4'
|
30
|
+
spec.add_development_dependency 'rubyntlm', '~> 0.5'
|
31
31
|
end
|
@@ -0,0 +1,20 @@
|
|
1
|
+
require 'minitest/assertions'
|
2
|
+
|
3
|
+
module Minitest::Assertions
|
4
|
+
def assert_same_items(expected, actual)
|
5
|
+
assert same_items(expected, actual),
|
6
|
+
"Expected #{ expected.inspect } and #{ actual.inspect } to have the same items"
|
7
|
+
end
|
8
|
+
|
9
|
+
def refute_same_items(expected, actual)
|
10
|
+
refute same_items(expected, actual),
|
11
|
+
"Expected #{ expected.inspect } and #{ actual.inspect } would not have the same items"
|
12
|
+
end
|
13
|
+
|
14
|
+
private
|
15
|
+
|
16
|
+
def same_items(expected, actual)
|
17
|
+
actual.is_a?(Enumerable) && expected.is_a?(Enumerable) &&
|
18
|
+
expected.count == actual.count && actual.all? { |e| expected.include?(e) }
|
19
|
+
end
|
20
|
+
end
|
@@ -0,0 +1,63 @@
|
|
1
|
+
require 'test_helper'
|
2
|
+
|
3
|
+
class OpApplicationRequestTest < ActiveSupport::TestCase
|
4
|
+
def setup
|
5
|
+
@params = op_generic_params
|
6
|
+
|
7
|
+
# Convert the keys here since the conversion is usually done by the client and these tests
|
8
|
+
# bypass the client
|
9
|
+
@params[:signing_private_key] = rsa_key @params[:signing_private_key]
|
10
|
+
@params[:own_signing_certificate] = x509_certificate @params[:own_signing_certificate]
|
11
|
+
|
12
|
+
ar_file = Sepa::SoapBuilder.new(@params).application_request
|
13
|
+
|
14
|
+
@params[:command] = :download_file_list
|
15
|
+
ar_list = Sepa::SoapBuilder.new(@params).application_request
|
16
|
+
|
17
|
+
@params[:command] = :upload_file
|
18
|
+
ar_up = Sepa::SoapBuilder.new(@params).application_request
|
19
|
+
|
20
|
+
@doc_file = Nokogiri::XML(ar_file.to_xml)
|
21
|
+
@doc_list = Nokogiri::XML(ar_list.to_xml)
|
22
|
+
@doc_up = Nokogiri::XML(ar_up.to_xml)
|
23
|
+
end
|
24
|
+
|
25
|
+
test 'download file validates against schema' do
|
26
|
+
errors = []
|
27
|
+
|
28
|
+
Dir.chdir(SCHEMA_PATH) do
|
29
|
+
xsd = Nokogiri::XML::Schema(IO.read('op/ApplicationRequest_20080918.xsd'))
|
30
|
+
xsd.validate(@doc_file).each do |error|
|
31
|
+
errors << error
|
32
|
+
end
|
33
|
+
end
|
34
|
+
|
35
|
+
assert errors.empty?, "The following schema validations failed:\n#{errors.join("\n")}"
|
36
|
+
end
|
37
|
+
|
38
|
+
test 'upload file validates against schema' do
|
39
|
+
errors = []
|
40
|
+
|
41
|
+
Dir.chdir(SCHEMA_PATH) do
|
42
|
+
xsd = Nokogiri::XML::Schema(IO.read('op/ApplicationRequest_20080918.xsd'))
|
43
|
+
xsd.validate(@doc_up).each do |error|
|
44
|
+
errors << error
|
45
|
+
end
|
46
|
+
end
|
47
|
+
|
48
|
+
assert errors.empty?, "The following schema validations failed:\n#{errors.join("\n")}"
|
49
|
+
end
|
50
|
+
|
51
|
+
test 'download file list validates against schema' do
|
52
|
+
errors = []
|
53
|
+
|
54
|
+
Dir.chdir(SCHEMA_PATH) do
|
55
|
+
xsd = Nokogiri::XML::Schema(IO.read('op/ApplicationRequest_20080918.xsd'))
|
56
|
+
xsd.validate(@doc_list).each do |error|
|
57
|
+
errors << error
|
58
|
+
end
|
59
|
+
end
|
60
|
+
|
61
|
+
assert errors.empty?, "The following schema validations failed:\n#{errors.join("\n")}"
|
62
|
+
end
|
63
|
+
end
|
@@ -0,0 +1,77 @@
|
|
1
|
+
require 'test_helper'
|
2
|
+
|
3
|
+
class OpCertApplicationRequestTest < ActiveSupport::TestCase
|
4
|
+
include Sepa::Utilities
|
5
|
+
|
6
|
+
setup do
|
7
|
+
@op_get_certificate_params = op_get_certificate_params
|
8
|
+
ar_cert = Sepa::SoapBuilder.new(@op_get_certificate_params).application_request
|
9
|
+
@xml = Nokogiri::XML(ar_cert.to_xml)
|
10
|
+
end
|
11
|
+
|
12
|
+
test "schemas are unmodified" do
|
13
|
+
sha1 = OpenSSL::Digest::SHA1.new
|
14
|
+
cert_schema = File.read("#{SCHEMA_PATH}/op/CertApplicationRequest_200812.xsd")
|
15
|
+
cert_digest = sha1.digest(cert_schema)
|
16
|
+
assert_equal "jq7suQXu6STF7F5la67ZXoZGCNg=", encode(cert_digest).strip
|
17
|
+
end
|
18
|
+
|
19
|
+
test "initializes correctly" do
|
20
|
+
assert Sepa::ApplicationRequest.new(@op_get_certificate_params)
|
21
|
+
end
|
22
|
+
|
23
|
+
test "raises argument error if command is not get certificate" do
|
24
|
+
assert_raises ArgumentError do
|
25
|
+
@op_get_certificate_params[:command] = :wrong_command
|
26
|
+
ar = Sepa::ApplicationRequest.new(@op_get_certificate_params)
|
27
|
+
ar.get_as_base64
|
28
|
+
end
|
29
|
+
end
|
30
|
+
|
31
|
+
test "customer id is set correctly" do
|
32
|
+
assert_equal @xml.at_css("CustomerId").content, @op_get_certificate_params[:customer_id]
|
33
|
+
end
|
34
|
+
|
35
|
+
test "timestamp is set correctly" do
|
36
|
+
timestamp = Time.strptime(@xml.at_css("Timestamp").content, '%Y-%m-%dT%H:%M:%S%z')
|
37
|
+
assert timestamp <= Time.now && timestamp > (Time.now - 60), "Timestamp was not set correctly"
|
38
|
+
end
|
39
|
+
|
40
|
+
test "environment is set correctly" do
|
41
|
+
expected_environment = @op_get_certificate_params[:environment].upcase
|
42
|
+
assert_equal expected_environment, @xml.at_css("Environment").content
|
43
|
+
end
|
44
|
+
|
45
|
+
test "software id is set correctly" do
|
46
|
+
assert_equal @xml.at_css("SoftwareId").content, "Sepa Transfer Library version #{Sepa::VERSION}"
|
47
|
+
end
|
48
|
+
|
49
|
+
test "service is set correctly" do
|
50
|
+
assert_equal "MATU", @xml.at_css("Service").content
|
51
|
+
end
|
52
|
+
|
53
|
+
test "content is set correctly" do
|
54
|
+
assert_equal format_cert_request(@op_get_certificate_params[:signing_csr]), @xml.at_css("Content").content
|
55
|
+
end
|
56
|
+
|
57
|
+
test "transfer key is set correctly" do
|
58
|
+
assert_equal @op_get_certificate_params[:pin], @xml.at("TransferKey").content
|
59
|
+
end
|
60
|
+
|
61
|
+
test "hmac is not set" do
|
62
|
+
refute @xml.at_css("HMAC"), "HMAC should not be set, but is #{@xml.at_css("HMAC")}"
|
63
|
+
end
|
64
|
+
|
65
|
+
test "validates against schema" do
|
66
|
+
errors = []
|
67
|
+
|
68
|
+
Dir.chdir(SCHEMA_PATH) do
|
69
|
+
xsd = Nokogiri::XML::Schema(IO.read('op/CertApplicationRequest_200812.xsd'))
|
70
|
+
xsd.validate(@xml).each do |error|
|
71
|
+
errors << error
|
72
|
+
end
|
73
|
+
end
|
74
|
+
|
75
|
+
assert errors.empty?, "The following schema validations failed:\n#{errors.join("\n")}"
|
76
|
+
end
|
77
|
+
end
|
@@ -0,0 +1,62 @@
|
|
1
|
+
require 'test_helper'
|
2
|
+
|
3
|
+
class OpCertRequestSoapBuilderTest < ActiveSupport::TestCase
|
4
|
+
|
5
|
+
def setup
|
6
|
+
@params = op_get_certificate_params
|
7
|
+
@request = Sepa::SoapBuilder.new(@params)
|
8
|
+
@xml = Nokogiri::XML(@request.to_xml)
|
9
|
+
end
|
10
|
+
|
11
|
+
test "error is raised if command is missing" do
|
12
|
+
@params.delete(:command)
|
13
|
+
|
14
|
+
assert_raises(ArgumentError) do
|
15
|
+
Sepa::SoapBuilder.new(@params)
|
16
|
+
end
|
17
|
+
end
|
18
|
+
|
19
|
+
test "correct template is loaded" do
|
20
|
+
@params[:command] = :get_certificate
|
21
|
+
xml = Nokogiri::XML(Sepa::SoapBuilder.new(@params).to_xml)
|
22
|
+
|
23
|
+
assert xml.xpath('//opc:getCertificatein', opc: OP_PKI).first
|
24
|
+
end
|
25
|
+
|
26
|
+
test "error is raised if command is not correct" do
|
27
|
+
@params[:command] = :wrong_command
|
28
|
+
assert_raises(ArgumentError) do
|
29
|
+
Sepa::SoapBuilder.new(@params).to_xml
|
30
|
+
end
|
31
|
+
end
|
32
|
+
|
33
|
+
test "timestamp is set correctly" do
|
34
|
+
timestamp_node = @xml.xpath("//opc:Timestamp", opc: OP_PKI).first
|
35
|
+
|
36
|
+
timestamp = Time.strptime(timestamp_node.content, '%Y-%m-%dT%H:%M:%S%z')
|
37
|
+
|
38
|
+
assert timestamp <= Time.now && timestamp > (Time.now - 60)
|
39
|
+
end
|
40
|
+
|
41
|
+
test "application request is inserted properly" do
|
42
|
+
ar_node = @xml.xpath("//opc:ApplicationRequest", opc: OP_PKI).first
|
43
|
+
|
44
|
+
ar_doc = Nokogiri::XML(decode(ar_node.content))
|
45
|
+
|
46
|
+
assert ar_doc.respond_to?(:canonicalize)
|
47
|
+
assert_equal ar_doc.at_css("CustomerId").content, @params[:customer_id]
|
48
|
+
end
|
49
|
+
|
50
|
+
test "validates against schema" do
|
51
|
+
errors = []
|
52
|
+
|
53
|
+
Dir.chdir(SCHEMA_PATH) do
|
54
|
+
xsd = Nokogiri::XML::Schema(IO.read('soap.xsd'))
|
55
|
+
xsd.validate(@xml).each do |error|
|
56
|
+
errors << error
|
57
|
+
end
|
58
|
+
end
|
59
|
+
|
60
|
+
assert errors.empty?, "The following schema validations failed:\n#{errors.join("\n")}"
|
61
|
+
end
|
62
|
+
end
|
@@ -0,0 +1,52 @@
|
|
1
|
+
require 'test_helper'
|
2
|
+
|
3
|
+
class OpGenericSoapBuilderTest < ActiveSupport::TestCase
|
4
|
+
def setup
|
5
|
+
@params = op_generic_params
|
6
|
+
|
7
|
+
# Convert the keys here since the conversion is usually done by the client and these tests
|
8
|
+
# bypass the client
|
9
|
+
@params[:signing_private_key] = rsa_key @params[:signing_private_key]
|
10
|
+
@params[:own_signing_certificate] = x509_certificate @params[:own_signing_certificate]
|
11
|
+
|
12
|
+
@soap_request = Sepa::SoapBuilder.new(@params)
|
13
|
+
@doc = Nokogiri::XML(@soap_request.to_xml)
|
14
|
+
end
|
15
|
+
|
16
|
+
def test_receiver_is_is_set_correctly
|
17
|
+
receiver_id_node = @doc.xpath('//bxd:ReceiverId', bxd: 'http://model.bxd.fi').first
|
18
|
+
assert_equal 'OKOYFIHH', receiver_id_node.content
|
19
|
+
end
|
20
|
+
|
21
|
+
test 'validates against schema' do
|
22
|
+
errors = []
|
23
|
+
|
24
|
+
Dir.chdir(SCHEMA_PATH) do
|
25
|
+
xsd = Nokogiri::XML::Schema(IO.read('soap.xsd'))
|
26
|
+
xsd.validate(@doc).each do |error|
|
27
|
+
errors << error
|
28
|
+
end
|
29
|
+
end
|
30
|
+
|
31
|
+
assert errors.empty?, "The following schema validations failed:\n#{errors.join("\n")}"
|
32
|
+
end
|
33
|
+
|
34
|
+
test 'validates against ws security schema' do
|
35
|
+
wsse = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'
|
36
|
+
|
37
|
+
ws_node = @doc.xpath('//wsse:Security', wsse: wsse)
|
38
|
+
ws_node = ws_node.to_xml
|
39
|
+
ws_node = Nokogiri::XML(ws_node)
|
40
|
+
|
41
|
+
errors = []
|
42
|
+
|
43
|
+
Dir.chdir(SCHEMA_PATH) do
|
44
|
+
xsd = Nokogiri::XML::Schema(IO.read('oasis-200401-wss-wssecurity-secext-1.0.xsd'))
|
45
|
+
xsd.validate(ws_node).each do |error|
|
46
|
+
errors << error
|
47
|
+
end
|
48
|
+
end
|
49
|
+
|
50
|
+
assert errors.empty?, "The following schema validations failed:\n#{errors.join("\n")}"
|
51
|
+
end
|
52
|
+
end
|
@@ -0,0 +1,13 @@
|
|
1
|
+
require 'test_helper'
|
2
|
+
|
3
|
+
class OpResponseTest < ActiveSupport::TestCase
|
4
|
+
test "fails with invalid params" do
|
5
|
+
a = Sepa::OpResponse.new({ response: "Jees", command: "not" })
|
6
|
+
refute a.valid?
|
7
|
+
end
|
8
|
+
|
9
|
+
test "complains if application response is not valid against schema" do
|
10
|
+
a = Sepa::OpResponse.new({ response: "<ar>text</ar>", command: "notvalid" })
|
11
|
+
refute a.valid?
|
12
|
+
end
|
13
|
+
end
|
data/test/sepa/client_test.rb
CHANGED
@@ -19,6 +19,40 @@ class ClientTest < ActiveSupport::TestCase
|
|
19
19
|
assert Sepa::Client.new
|
20
20
|
end
|
21
21
|
|
22
|
+
test "correct banks are supported" do
|
23
|
+
assert_equal [:danske, :nordea, :op].sort, Sepa::Client::BANKS.sort
|
24
|
+
end
|
25
|
+
|
26
|
+
test "correct allowed commands for nordea" do
|
27
|
+
c = Sepa::Client.new(bank: :nordea)
|
28
|
+
|
29
|
+
commands = STANDARD_COMMANDS + [:get_certificate]
|
30
|
+
|
31
|
+
assert_same_items commands, c.allowed_commands
|
32
|
+
end
|
33
|
+
|
34
|
+
test "correct allowed commands for op" do
|
35
|
+
c = Sepa::Client.new(bank: :op)
|
36
|
+
|
37
|
+
commands =
|
38
|
+
STANDARD_COMMANDS -
|
39
|
+
%i(get_user_info) +
|
40
|
+
%i(
|
41
|
+
get_certificate
|
42
|
+
get_service_certificates
|
43
|
+
)
|
44
|
+
|
45
|
+
assert_same_items commands, c.allowed_commands
|
46
|
+
end
|
47
|
+
|
48
|
+
test "correct allowed commands for danske" do
|
49
|
+
c = Sepa::Client.new(bank: :danske)
|
50
|
+
|
51
|
+
commands = STANDARD_COMMANDS - [:get_user_info] + [:get_bank_certificate, :create_certificate]
|
52
|
+
|
53
|
+
assert_same_items commands, c.allowed_commands
|
54
|
+
end
|
55
|
+
|
22
56
|
test "should initialize with attributes" do
|
23
57
|
assert Sepa::Client.new @nordea_generic_params
|
24
58
|
end
|
@@ -348,7 +382,7 @@ class ClientTest < ActiveSupport::TestCase
|
|
348
382
|
response = client.send_request
|
349
383
|
|
350
384
|
refute response.valid?, response.errors.messages
|
351
|
-
assert_includes response.errors.messages.to_s, "
|
385
|
+
assert_includes response.errors.messages.to_s, "THE ERROR!"
|
352
386
|
|
353
387
|
Savon.observers.pop
|
354
388
|
end
|
data/test/sepa/fixtures.rb
CHANGED
@@ -88,6 +88,61 @@ Sn4Uz7Zjk3UrBIbMYEv0u2mcCypwsb0nGE5/gzDPjGE9cxWW+rXARIs+sNQVClnh
|
|
88
88
|
}
|
89
89
|
end
|
90
90
|
|
91
|
+
def op_generic_params
|
92
|
+
own_signing_certificate = "-----BEGIN CERTIFICATE-----
|
93
|
+
MIIDwTCCAqmgAwIBAgIEAX1JuTANBgkqhkiG9w0BAQUFADBkMQswCQYDVQQGEwJT
|
94
|
+
RTEeMBwGA1UEChMVTm9yZGVhIEJhbmsgQUIgKHB1YmwpMR8wHQYDVQQDExZOb3Jk
|
95
|
+
ZWEgQ29ycG9yYXRlIENBIDAxMRQwEgYDVQQFEws1MTY0MDYtMDEyMDAeFw0xMzA1
|
96
|
+
MDIxMjI2MzRaFw0xNTA1MDIxMjI2MzRaMEQxCzAJBgNVBAYTAkZJMSAwHgYDVQQD
|
97
|
+
DBdOb3JkZWEgRGVtbyBDZXJ0aWZpY2F0ZTETMBEGA1UEBRMKNTc4MDg2MDIzODCB
|
98
|
+
nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwtFEfAtbJuGzQwwRumZkvYh2BjGY
|
99
|
+
VsAMUeiKtOne3bZSeisfCq+TXqL1gI9LofyeAQ9I/sDm6tL80yrD5iaSUqVm6A73
|
100
|
+
9MsmpW/iyZcVf7ms8xAN51ESUgN6akwZCU9pH62ngJDj2gUsktY0fpsoVsARdrvO
|
101
|
+
Fk0fTSUXKWd6LbcCAwEAAaOCAR0wggEZMAkGA1UdEwQCMAAwEQYDVR0OBAoECEBw
|
102
|
+
2cj7+XMAMBMGA1UdIAQMMAowCAYGKoVwRwEDMBMGA1UdIwQMMAqACEALddbbzwun
|
103
|
+
MDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcwAYYbaHR0cDovL29jc3Aubm9yZGVh
|
104
|
+
LnNlL0NDQTAxMA4GA1UdDwEB/wQEAwIFoDCBhQYDVR0fBH4wfDB6oHigdoZ0bGRh
|
105
|
+
cCUzQS8vbGRhcC5uYi5zZS9jbiUzRE5vcmRlYStDb3Jwb3JhdGUrQ0ErMDElMkNv
|
106
|
+
JTNETm9yZGVhK0JhbmsrQUIrJTI4cHVibCUyOSUyQ2MlM0RTRSUzRmNlcnRpZmlj
|
107
|
+
YXRlcmV2b2NhdGlvbmxpc3QwDQYJKoZIhvcNAQEFBQADggEBACLUPB1Gmq6286/s
|
108
|
+
ROADo7N+w3eViGJ2fuOTLMy4R0UHOznKZNsuk4zAbS2KycbZsE5py4L8o+IYoaS8
|
109
|
+
8YHtEeckr2oqHnPpz/0Eg7wItj8Ad+AFWJqzbn6Hu/LQhlnl5JEzXzl3eZj9oiiJ
|
110
|
+
1q/2CGXvFomY7S4tgpWRmYULtCK6jode0NhgNnAgOI9uy76pSS16aDoiQWUJqQgV
|
111
|
+
ydowAnqS9h9aQ6gedwbOdtkWmwKMDVXU6aRz9Gvk+JeYJhtpuP3OPNGbbC5L7NVd
|
112
|
+
no+B6AtwxmG3ozd+mPcMeVuz6kKLAmQyIiBSrRNa5OrTkq/CUzxO9WUgTnm/Sri7
|
113
|
+
zReR6mU=
|
114
|
+
-----END CERTIFICATE-----"
|
115
|
+
signing_private_key = "-----BEGIN PRIVATE KEY-----
|
116
|
+
MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMLRRHwLWybhs0MM
|
117
|
+
EbpmZL2IdgYxmFbADFHoirTp3t22UnorHwqvk16i9YCPS6H8ngEPSP7A5urS/NMq
|
118
|
+
w+YmklKlZugO9/TLJqVv4smXFX+5rPMQDedRElIDempMGQlPaR+tp4CQ49oFLJLW
|
119
|
+
NH6bKFbAEXa7zhZNH00lFylnei23AgMBAAECgYEAqt912/7x4jaQTrxlSELLFVp9
|
120
|
+
eo1BesVTiPwXvPpsGbbyvGjZ/ztkXNs9zZbh1aCGzZMkiR2U7F5GlsiprlIif4cF
|
121
|
+
6Xz7rCjaAs7iDRt9PjhjVuqNGR2I+VIIlbQ9XWFJ3lJFW3v7TIZ8JbLnn0XOFz+Z
|
122
|
+
BBSSGTK1zTNh4TBQtjECQQDe5M3uu9m4RwSw9R6GaDw/IFQZgr0oWSv0WIjRwvwW
|
123
|
+
nFnSX2lbkNAjulP0daGsmn7vxIpqZxPxwcrU4wFqTF5dAkEA38DnbCm3YfogzwLH
|
124
|
+
Nre2hBmGqjWarhtxqtRarrkgnmOd8W0Z1Hb1dSHrliUSVSrINbK5ZdEV15Rpu7VD
|
125
|
+
OePzIwJAPMslS+8alANyyR0iJUC65fDYX1jkZOPldDDNqIDJJxWf/hwd7WaTDpuc
|
126
|
+
mHmZDi3ZX2Y45oqUywSzYNtFoIuR1QJAZYUZuyqmSK77SdGB36K1DfSi9AFEQDC1
|
127
|
+
fwPAbTwTv6mFFPAiYxLiRZXxVPtW+QtjMXH4ymh2V4y/+GnCqbZyLwJBAJQSDAME
|
128
|
+
Sn4Uz7Zjk3UrBIbMYEv0u2mcCypwsb0nGE5/gzDPjGE9cxWW+rXARIs+sNQVClnh
|
129
|
+
45nhdfYxOjgYff0=
|
130
|
+
-----END PRIVATE KEY-----"
|
131
|
+
|
132
|
+
{
|
133
|
+
bank: :op,
|
134
|
+
command: :download_file,
|
135
|
+
content: encode('kissa'),
|
136
|
+
customer_id: '1111111111',
|
137
|
+
environment: 'production',
|
138
|
+
file_reference: '11111111A12006030329501800000014',
|
139
|
+
file_type: 'pain.001.001.02',
|
140
|
+
own_signing_certificate: own_signing_certificate,
|
141
|
+
signing_private_key: signing_private_key,
|
142
|
+
status: 'ALL',
|
143
|
+
}
|
144
|
+
end
|
145
|
+
|
91
146
|
def nordea_get_certificate_params
|
92
147
|
signing_csr = "-----BEGIN CERTIFICATE REQUEST-----
|
93
148
|
MIIBczCB3QIBADA0MRIwEAYDVQQDEwlEZXZsYWIgT3kxETAPBgNVBAUTCDExMTEx
|
@@ -110,6 +165,33 @@ jo2ekdSDdw8qxKyxj1piv8oYzMd4fCjCpL+WDZtq7mdLErVZ92gH
|
|
110
165
|
}
|
111
166
|
end
|
112
167
|
|
168
|
+
def op_get_certificate_params
|
169
|
+
signing_csr = "-----BEGIN CERTIFICATE REQUEST-----
|
170
|
+
MIICZzCCAU8CAQAwIjELMAkGA1UEBhMCRkkxEzARBgNVBAMTCjEwMDAwMTA1ODMw
|
171
|
+
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFIQFuGnCPMLquHTfXj+ef
|
172
|
+
31w+7qILkGsPcf24udpDy2AmP0PNrPAdB4S/gW9UXqR4ZiJPnEQIP6y/OGDxd6la
|
173
|
+
0T/wNIVbLIJlPP5YgEZ1HYaV+6CsOa/n5PhXyC8Uy9BK9Txew8MqLakYvOfzKNuD
|
174
|
+
oi9Fdfj7NjT2OgeyL5UMpzPvFxunbOwNT7QEGdZ4+Um5pJOvNWTuUGqYq1J9MAyU
|
175
|
+
2PPBsvQ3fOOxR5t8QnMlbxC+JZkaaO14ELi4riAaFW0Q/MbwKCEXSX6Erb3F+o8l
|
176
|
+
DDqITxfgBRr0crhYicLy7aMZzMJHqXoaSHZHUZBpCxRhnlgykCcErLJxC3S8m0rT
|
177
|
+
AgMBAAGgADANBgkqhkiG9w0BAQUFAAOCAQEAkDsDiweg4oi52zSZZvGTlbEf3Mly
|
178
|
+
rTKXNToBZ6n5DrChsc6Rk8VySVpFFOiiLGKwB9YHzNIipWDZ8CVXPPNZAtWJMPPW
|
179
|
+
sJjgx2EMUxlimGKW6Ipd7PL2jQA5tpEao9CNdVPSrm5fs4Wd40A1JWJeUGKi4KKJ
|
180
|
+
ZZn3Um8Lu5n6nAkT+v2jXI94nPFckMMuEpVml/hdT8zg4EuC6ilo9OEBiOdMzVO1
|
181
|
+
5pK4Dp6ZHeTKoyUiwnVMssT5kCAovLYrmd0/qRVZ1JeEKN9t20APfpHVeu0WfWSE
|
182
|
+
GuNaWLWOhkOqCtAdNkSGeq/ZKbjYHolGo5FBQqdJnuz0r3I5nfLUNAHXNg==
|
183
|
+
-----END CERTIFICATE REQUEST-----"
|
184
|
+
|
185
|
+
{
|
186
|
+
bank: :op,
|
187
|
+
command: :get_certificate,
|
188
|
+
customer_id: '1000010583',
|
189
|
+
environment: 'test',
|
190
|
+
signing_csr: signing_csr,
|
191
|
+
pin: '2251401483958635'
|
192
|
+
}
|
193
|
+
end
|
194
|
+
|
113
195
|
def danske_get_bank_cert_params
|
114
196
|
{
|
115
197
|
bank: :danske,
|