simplicity_client 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: bc8103d850590055f42dab594a5bf3b387fbc1e72650f14d3c870ec91462dd71
+  data.tar.gz: b503abe344ad5c3444842cf15f52f135ddea3f29129946b65fa8a640e5f4736d
+SHA512:
+  metadata.gz: '07889fe220e84ce10a24329d94868eb0395ca6dc93af151c6c53dfe0a0cff484fff35abc4dfcbdaaceae71c99215f7b7a74545fac76500564b7cee06e72ba1c1'
+  data.tar.gz: 57b312053cb9dcaf4052a0c602d7c82ba963b9cb179c79492b8ab04a5580514a2cf258f6d93c01ccdd554dfdf1778603c6d0c63e82186aa6b7156026d5ee1968

data/lib/simplicity_client.rb

@@ -0,0 +1,156 @@
+# frozen_string_literal: true
+
+begin
+  require "dotenv/load"
+rescue LoadError
+  # Dotenv is not available, so move on without loading it. It's only used for development.
+end
+require "faraday"
+require "faraday-cookie_jar"
+require "faraday/follow_redirects"
+require "aws-sdk-cognitoidentityprovider"
+require "aws-cognito-srp"
+require "aws-sdk-cognitoidentity"
+require "aws-sigv4"
+
+module SimplicityClient
+  class Error < StandardError; end
+
+  class Session
+    def initialize
+      @logger = Logger.new $stderr
+      @logger.level = Logger::INFO
+
+      @user_agent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36"
+
+      @client = Faraday.new(
+        headers: { "User-Agent" => @user_agent },
+      # proxy: "http://Thinkbook.local:8080",
+      # :ssl => {:verify => false}
+        ) do |builder|
+        builder.response :follow_redirects
+        # builder.response :logger
+        builder.adapter Faraday.default_adapter
+      end
+    end
+
+    # Write the session data out to a string so that the session can be restored later
+    def export
+      {
+        auth_data: @auth_data,
+      }.to_json
+    end
+
+    # Load the session data from a string to restore a session
+    def load(str)
+      json = JSON.parse(str)
+      @auth_data = json["auth_data"]
+    end
+
+    def login(username, password)
+      client = Aws::CognitoIdentityProvider::Client.new(region: 'ap-southeast-2')
+
+      user_pool_id = "ap-southeast-2_abAklW6ap"
+
+      aws_srp = Aws::CognitoSrp.new(
+        username: username.downcase,
+        password: password,
+        pool_id: user_pool_id,
+        client_id: "kvoiu7unft0c8hqqsa6hkmeu5",
+        aws_client: client,
+      )
+
+      resp = aws_srp.authenticate
+
+      cognito_identity_client = Aws::CognitoIdentity::Client.new(region: 'ap-southeast-2')
+
+      # Assuming you have the Identity Pool ID and the ID token
+      identity_pool_id = 'ap-southeast-2:0ed33fc6-4cef-4f2e-b634-31c616e108e2'
+      id_token = resp.id_token
+
+      # Get ID from the identity pool
+      id_response = cognito_identity_client.get_id({
+        identity_pool_id: identity_pool_id,
+        logins: {
+          "cognito-idp.ap-southeast-2.amazonaws.com/#{user_pool_id}" => id_token
+        }
+      })
+
+      # Get credentials for the ID
+      credentials_response = cognito_identity_client.get_credentials_for_identity({
+        identity_id: id_response.identity_id,
+        logins: {
+          "cognito-idp.ap-southeast-2.amazonaws.com/#{user_pool_id}" => id_token
+        }
+      })
+
+      access_key_id = credentials_response.credentials.access_key_id
+      secret_key = credentials_response.credentials.secret_key
+      session_token = credentials_response.credentials.session_token
+
+      @auth_data = {
+        email: username,
+        access_key_id: access_key_id,
+        secret_key: secret_key,
+        region: "ap-southeast-2",
+        session_token: session_token,
+      }
+    end
+
+    def logout
+      # Not required
+    end
+
+    def list_accounts
+      # Ensure @auth_data contains the necessary credentials
+      raise Error, "Authentication data not found. Please login first." unless @auth_data
+
+      service = "execute-api"
+      region = "ap-southeast-2"
+      http_method = "POST"
+      url = "https://h4ku5ofov2.execute-api.ap-southeast-2.amazonaws.com/prod/secure"
+      email = @auth_data["email"]
+      body = {
+        variables: {},
+        query: "{\n  Account(email: \"#{email}\") {\n    InvestmentType\n    InvestmentCode\n    PortfolioCode\n    InvestmentName\n    Portfolio\n    Status\n    RegistryAccountId\n    MarketValue\n    PrimaryBeneficiarySurname\n    EntityType\n    PriceDate\n    IsDefault\n    ExternalReference\n    BankAccounts {\n      AccountName\n      LastThreeDigitsOfAccountNumberPart\n      SuffixPart\n      IsPrimary\n      Id\n      __typename\n    }\n    __typename\n  }\n}\n",
+      }.to_json
+
+      signer = Aws::Sigv4::Signer.new(
+        service: service,
+        region: region,
+        access_key_id: @auth_data["access_key_id"],
+        secret_access_key: @auth_data["secret_key"],
+        session_token: @auth_data["session_token"],
+      )
+
+      signature = signer.sign_request(
+        http_method: http_method,
+        url: url,
+        body: body
+      )
+
+      response = @client.post(url) do |req|
+        req.headers = signature.headers.merge({
+          'Content-Type' => 'application/json'
+        })
+        req.body = body
+      end
+
+      # Handle the response
+      if response.success?
+        obj = JSON.parse(response.body)
+        obj["data"]["Account"].map do |account|
+          {
+            accountNo: account["InvestmentCode"],
+            accountType: "#{account["InvestmentType"]} - #{account["Portfolio"]}",
+            customerName: account["InvestmentName"],
+            accountBalance: account["MarketValue"],
+            isLiabilityType: false,
+          }
+        end
+      else
+        raise Error, "Failed to list accounts: #{response.status}, #{response.body}"
+      end
+    end
+  end
+end

metadata

@@ -0,0 +1,142 @@
+--- !ruby/object:Gem::Specification
+name: simplicity_client
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- George Dewar
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2024-03-01 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: faraday
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.7'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.7'
+- !ruby/object:Gem::Dependency
+  name: faraday-cookie_jar
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.0.7
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.0.7
+- !ruby/object:Gem::Dependency
+  name: faraday-follow_redirects
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.3.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.3.0
+- !ruby/object:Gem::Dependency
+  name: aws-sdk-cognitoidentityprovider
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.87'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.87'
+- !ruby/object:Gem::Dependency
+  name: aws-cognito-srp
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.6.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.6.0
+- !ruby/object:Gem::Dependency
+  name: aws-sdk-cognitoidentity
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.52.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.52.0
+- !ruby/object:Gem::Dependency
+  name: aws-sigv4
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.8.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.8.0
+description: This gem can log into Simplicity and fetch fund balances
+email:
+- george@dewar.co.nz
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/simplicity_client.rb
+homepage: https://rubygems.org/gems/hola
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 3.0.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.2.3
+signing_key: 
+specification_version: 4
+summary: Fetch KiwiSaver and investment fund balances from Simplicity
+test_files: []