sri_facturacion 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 1170ef72498adfd8a5d6d70e5f1e2cfd82de731ac498bea02ed99e6c530ee27c
+  data.tar.gz: 327bc92c3a73681503b258a5a39a3ea82f59a7c6a8d029369c5b3000c6a53b5b
+SHA512:
+  metadata.gz: 9e94464e4cb250549f7f0c22eddf98076b17355930493dfe0c2f42f09bfab14676b756676a3f56a8636d3451c4a793bd80c54d446d7fef42c852f03508f37506
+  data.tar.gz: ba6c925fb681289c08366ff4099cbccac405b533107f464e434b11c3857c2d0ea5fee0b52980c0452f8a9a0fe623165f7975a0ad06cd5f7cbae2565a113b51cb

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2026 ImTheo
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,39 @@
+# SriFacturacion
+
+TODO: Delete this and the text below, and describe your gem
+
+Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/sri_facturacion`. To experiment with that code, run `bin/console` for an interactive prompt.
+
+## Installation
+
+TODO: Replace `UPDATE_WITH_YOUR_GEM_NAME_IMMEDIATELY_AFTER_RELEASE_TO_RUBYGEMS_ORG` with your gem name right after releasing it to RubyGems.org. Please do not do it earlier due to security reasons. Alternatively, replace this section with instructions to install your gem from git if you don't plan to release to RubyGems.org.
+
+Install the gem and add to the application's Gemfile by executing:
+
+```bash
+bundle add UPDATE_WITH_YOUR_GEM_NAME_IMMEDIATELY_AFTER_RELEASE_TO_RUBYGEMS_ORG
+```
+
+If bundler is not being used to manage dependencies, install the gem by executing:
+
+```bash
+gem install UPDATE_WITH_YOUR_GEM_NAME_IMMEDIATELY_AFTER_RELEASE_TO_RUBYGEMS_ORG
+```
+
+## Usage
+
+TODO: Write usage instructions here
+
+## Development
+
+After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and the created tag, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/sri_facturacion.
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/lib/sri/invoice_service/access_key_generator.rb

@@ -0,0 +1,57 @@
+# frozen_string_literal: true
+
+require 'date'
+require 'openssl'
+
+module Sri
+  module InvoiceService
+    class AccessKeyGenerator
+      WEIGHTS = [2, 3, 4, 5, 6, 7].freeze
+
+      # Generates an access key from an Nokogiri XML document
+      def self.generate!(doc:, sequential:)
+        ruc = doc.at_xpath('//infoTributaria/ruc').text.strip
+        ambiente = doc.at_xpath('//infoTributaria/ambiente').text.strip
+        estab = doc.at_xpath('//infoTributaria/estab').text.strip
+        pto_emi = doc.at_xpath('//infoTributaria/ptoEmi').text.strip
+        cod_doc = doc.at_xpath('//infoTributaria/codDoc').text.strip
+        tipo_emision = doc.at_xpath('//infoTributaria/tipoEmision').text.strip
+
+        fecha_str = doc.at_xpath('//infoFactura/fechaEmision').text.strip
+        dd, mm, yyyy = fecha_str.split('/').map(&:to_i)
+        fecha = Date.new(yyyy, mm, dd)
+
+        codigo_numerico = random8
+        ddmmaaaa = fecha.is_a?(Date) ? fecha.strftime('%d%m%Y') : fecha.to_s
+        serie = "#{estab}#{pto_emi}"
+        sec9 = sequential.to_s.rjust(9, '0')
+        cn8  = codigo_numerico.to_s.rjust(8, '0')
+
+        base48 = "#{ddmmaaaa}#{cod_doc}#{ruc}#{ambiente}#{serie}#{sec9}#{cn8}#{tipo_emision}"
+        raise "Base debe ser 48 dígitos, es #{base48.length}" unless base48.length == 48
+
+        base48 + mod11(base48)
+      end
+
+      def self.mod11(base48)
+        sum = 0
+        wi = 0
+        base48.reverse.each_char do |ch|
+          sum += (ch.ord - 48) * WEIGHTS[wi]
+          wi = (wi + 1) % WEIGHTS.length
+        end
+
+        dv = 11 - (sum % 11)
+        return '0' if dv == 11
+        return '1' if dv == 10
+
+        dv.to_s
+      end
+
+      def self.random8
+        n = OpenSSL::Random.random_bytes(4).unpack1('N') # 0..2^32-1
+        (n % 100_000_000).to_s.rjust(8, '0')
+      end
+    end
+  end
+end

data/lib/sri/invoice_service/errors.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Sri
+  module InvoiceService
+    class Error < StandardError; end
+    class MissingXmlError < Error; end
+    class XmlsecNotInstalledError < Error; end
+    class InvalidPkcs12Error < Error; end
+    class SoapError < Error; end
+  end
+end

data/lib/sri/invoice_service/invoice_builder.rb

@@ -0,0 +1,338 @@
+# frozen_string_literal: true
+
+require 'base64'
+require 'nokogiri'
+require 'open3'
+require 'tempfile'
+require 'openssl'
+require 'securerandom'
+require 'time'
+
+module Sri
+  module InvoiceService
+    # Builds a signed electronic invoice XML for SRI.
+    # Responsibilities:
+    # - compute access key (claveAcceso)
+    # - ensure signature template
+    # - sign XML with xmlsec1 using a PKCS#12
+    class InvoiceBuilder
+      DS_NS = 'http://www.w3.org/2000/09/xmldsig#'
+      XADES_NS = 'http://uri.etsi.org/01903/v1.3.2#'
+
+      # @param doc [Nokogiri::XML::Document] Unsigned invoice XML document
+      def initialize(doc:, sequential:, p12_base64:, p12_password:, root_id: 'comprobante')
+        @doc = doc
+        @sequential = sequential
+        @p12_base64 = p12_base64
+        @p12_password = p12_password
+        @root_id = root_id
+      end
+
+      def call
+        ensure_xmlsec1!
+
+        unsigned_xml = @doc.to_s
+        raise 'Debe proporcionar xml_string' if unsigned_xml.strip.empty?
+
+        clave = Sri::InvoiceService::AccessKeyGenerator.generate!(doc: @doc, sequential: @sequential)
+        signed_xml = sign_xml(@doc, clave)
+
+        { clave_acceso: clave, signed_xml: signed_xml, signed_xml_path: @last_signed_path }
+      end
+
+      private
+
+      def ensure_xmlsec1!
+        _out, _err, st = Open3.capture3('xmlsec1', '--version')
+        raise 'xmlsec1 no está instalado o no está en PATH' unless st.success?
+      end
+
+      def ensure_invoice_root_structure!(doc)
+        root = doc.root
+
+        root.name = 'factura' unless root.name == 'factura'
+        root['id'] = @root_id if root['id'].to_s.strip.empty?
+        root['version'] = '1.1.0' if root['version'].to_s.strip.empty?
+      end
+
+      # Minimal XAdES-BES enveloped template for SRI.
+      def ensure_signature_template!(doc)
+        return if doc.at_xpath('//ds:Signature', 'ds' => DS_NS)
+
+        root = doc.root
+        root['id'] ||= @root_id
+
+        signature_id = "Signature-#{SecureRandom.uuid}"
+        signed_props_id = "SignedProperties-#{SecureRandom.uuid}"
+
+        sig = Nokogiri::XML::Node.new('ds:Signature', doc)
+        sig.add_namespace_definition('ds', DS_NS)
+        sig['Id'] = signature_id
+
+        signed_info = Nokogiri::XML::Node.new('ds:SignedInfo', doc)
+
+        canon = Nokogiri::XML::Node.new('ds:CanonicalizationMethod', doc)
+        canon['Algorithm'] = 'http://www.w3.org/2001/10/xml-exc-c14n#'
+
+        sig_method = Nokogiri::XML::Node.new('ds:SignatureMethod', doc)
+        sig_method['Algorithm'] = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'
+
+        # Reference #1: the root document (enveloped)
+        ref_doc = Nokogiri::XML::Node.new('ds:Reference', doc)
+        ref_doc['URI'] = "##{@root_id}"
+
+        transforms = Nokogiri::XML::Node.new('ds:Transforms', doc)
+        t1 = Nokogiri::XML::Node.new('ds:Transform', doc)
+        t1['Algorithm'] = "#{DS_NS}enveloped-signature"
+        t2 = Nokogiri::XML::Node.new('ds:Transform', doc)
+        t2['Algorithm'] = 'http://www.w3.org/2001/10/xml-exc-c14n#'
+        transforms.add_child(t1)
+        transforms.add_child(t2)
+
+        digest_method = Nokogiri::XML::Node.new('ds:DigestMethod', doc)
+        digest_method['Algorithm'] = 'http://www.w3.org/2001/04/xmlenc#sha256'
+
+        digest_value = Nokogiri::XML::Node.new('ds:DigestValue', doc)
+        digest_value.content = ''
+
+        ref_doc.add_child(transforms)
+        ref_doc.add_child(digest_method)
+        ref_doc.add_child(digest_value)
+
+        # Reference #2: SignedProperties (required for XAdES)
+        ref_sp = Nokogiri::XML::Node.new('ds:Reference', doc)
+        ref_sp['URI'] = "##{signed_props_id}"
+        ref_sp['Type'] = 'http://uri.etsi.org/01903#SignedProperties'
+
+        dm2 = Nokogiri::XML::Node.new('ds:DigestMethod', doc)
+        dm2['Algorithm'] = 'http://www.w3.org/2001/04/xmlenc#sha256'
+        dv2 = Nokogiri::XML::Node.new('ds:DigestValue', doc)
+        dv2.content = ''
+        ref_sp.add_child(dm2)
+        ref_sp.add_child(dv2)
+
+        signed_info.add_child(canon)
+        signed_info.add_child(sig_method)
+        signed_info.add_child(ref_doc)
+        signed_info.add_child(ref_sp)
+
+        sig_value = Nokogiri::XML::Node.new('ds:SignatureValue', doc)
+        sig_value.content = ''
+
+        key_info = Nokogiri::XML::Node.new('ds:KeyInfo', doc)
+        x509_data = Nokogiri::XML::Node.new('ds:X509Data', doc)
+        key_info.add_child(x509_data)
+
+        # XAdES Object
+        obj = Nokogiri::XML::Node.new('ds:Object', doc)
+
+        qp = Nokogiri::XML::Node.new('xades:QualifyingProperties', doc)
+        qp.add_namespace_definition('xades', XADES_NS)
+        qp['Target'] = "##{signature_id}"
+
+        sp = Nokogiri::XML::Node.new('xades:SignedProperties', doc)
+        sp['Id'] = signed_props_id
+
+        ssp = Nokogiri::XML::Node.new('xades:SignedSignatureProperties', doc)
+
+        signing_time = Nokogiri::XML::Node.new('xades:SigningTime', doc)
+        signing_time.content = Time.now.utc.iso8601
+
+        signing_cert = Nokogiri::XML::Node.new('xades:SigningCertificate', doc)
+        cert_node = Nokogiri::XML::Node.new('xades:Cert', doc)
+
+        cert_digest = Nokogiri::XML::Node.new('xades:CertDigest', doc)
+        dm = Nokogiri::XML::Node.new('ds:DigestMethod', doc)
+        dm['Algorithm'] = 'http://www.w3.org/2001/04/xmlenc#sha256'
+        dv = Nokogiri::XML::Node.new('ds:DigestValue', doc)
+        dv.content = ''
+        cert_digest.add_child(dm)
+        cert_digest.add_child(dv)
+
+        issuer_serial = Nokogiri::XML::Node.new('xades:IssuerSerial', doc)
+        x509_issuer = Nokogiri::XML::Node.new('ds:X509IssuerName', doc)
+        x509_serial = Nokogiri::XML::Node.new('ds:X509SerialNumber', doc)
+        x509_issuer.content = ''
+        x509_serial.content = ''
+        issuer_serial.add_child(x509_issuer)
+        issuer_serial.add_child(x509_serial)
+
+        cert_node.add_child(cert_digest)
+        cert_node.add_child(issuer_serial)
+        signing_cert.add_child(cert_node)
+
+        ssp.add_child(signing_time)
+        ssp.add_child(signing_cert)
+
+        sp.add_child(ssp)
+        qp.add_child(sp)
+        obj.add_child(qp)
+
+        sig.add_child(signed_info)
+        sig.add_child(sig_value)
+        sig.add_child(key_info)
+        sig.add_child(obj)
+
+        root.add_child(sig)
+
+        @signature_id = signature_id
+        @signed_properties_id = signed_props_id
+      end
+
+      def inject_access_key!(doc, clave_acceso)
+        return if clave_acceso.to_s.strip.empty?
+
+        root = doc.root
+        info_tributaria = root.at_xpath('./infoTributaria') || root.at_xpath('//infoTributaria')
+
+        unless info_tributaria
+          info_tributaria = Nokogiri::XML::Node.new('infoTributaria', doc)
+          if root.children.any?
+            root.children.first.add_previous_sibling(info_tributaria)
+          else
+            root.add_child(info_tributaria)
+          end
+        end
+
+        clave_node = info_tributaria.at_xpath('./claveAcceso')
+        clave_node ||= Nokogiri::XML::Node.new('claveAcceso', doc)
+        clave_node.content = clave_acceso.to_s
+        ruc_node = info_tributaria.at_xpath('./ruc')
+        cod_doc_node = info_tributaria.at_xpath('./codDoc')
+
+        if ruc_node
+          clave_node.remove if clave_node.parent
+          ruc_node.add_next_sibling(clave_node)
+        elsif cod_doc_node
+          clave_node.remove if clave_node.parent
+          cod_doc_node.add_previous_sibling(clave_node)
+        else
+          info_tributaria.add_child(clave_node) unless clave_node.parent
+        end
+        nodes = info_tributaria.xpath('./claveAcceso')
+        nodes.drop(1).each(&:remove) if nodes.size > 1
+      end
+
+      def inject_secuencial!(doc)
+        sec = @sequential.to_s.rjust(9, '0')
+
+        info_tributaria = doc.root.at_xpath('./infoTributaria') || doc.at_xpath('//infoTributaria')
+        return unless info_tributaria
+
+        sec_node = info_tributaria.at_xpath('./secuencial')
+        sec_node ||= Nokogiri::XML::Node.new('secuencial', doc)
+        sec_node.content = sec
+
+        pto_emi_node = info_tributaria.at_xpath('./ptoEmi')
+        if pto_emi_node
+          sec_node.remove if sec_node.parent
+          pto_emi_node.add_next_sibling(sec_node)
+        else
+          info_tributaria.add_child(sec_node) unless sec_node.parent
+        end
+
+        # Remove duplicates
+        nodes = info_tributaria.xpath('./secuencial')
+        nodes.drop(1).each(&:remove) if nodes.size > 1
+      end
+
+      def sign_xml(doc, clave_acceso)
+        ensure_invoice_root_structure!(doc)
+        ensure_signature_template!(doc)
+
+        inject_access_key!(doc, clave_acceso)
+        inject_secuencial!(doc)
+
+        p12_path = resolve_p12_path!
+        validate_pkcs12!(p12_path)
+
+        inject_cert_chain_and_xades_data!(doc, p12_path)
+
+        root_name = doc.root.name
+        input_xml = doc.to_xml
+
+        Tempfile.create(%w[sri_unsigned .xml]) do |in_xml|
+          in_xml.write(input_xml)
+          in_xml.flush
+
+          Tempfile.create(%w[sri_signed .xml]) do |out_xml|
+            cmd = [
+              'xmlsec1', '--sign',
+              '--pkcs12', p12_path,
+              '--id-attr:id', root_name,
+              '--output', out_xml.path,
+              in_xml.path
+            ]
+
+            if @p12_password && !@p12_password.to_s.empty?
+              cmd.insert(4, '--pwd')
+              cmd.insert(5, @p12_password)
+            end
+
+            _stdout, stderr, status = Open3.capture3(*cmd)
+            raise "Fallo firmando con xmlsec1: #{stderr.to_s.strip}" unless status.success?
+
+            @last_signed_path = out_xml.path.dup
+            File.read(out_xml.path)
+          end
+        end
+      end
+
+      def inject_cert_chain_and_xades_data!(doc, p12_path)
+        pkcs12 = OpenSSL::PKCS12.new(File.binread(p12_path), @p12_password.to_s)
+        leaf = pkcs12.certificate
+        chain = Array(pkcs12.ca_certs)
+
+        x509_data = doc.at_xpath('//ds:Signature/ds:KeyInfo/ds:X509Data', 'ds' => DS_NS)
+        raise 'No se encontró ds:X509Data para inyectar certificados' unless x509_data
+
+        x509_data.children.remove
+        ([leaf] + chain).compact.each do |cert|
+          n = Nokogiri::XML::Node.new('ds:X509Certificate', doc)
+          n.content = Base64.strict_encode64(cert.to_der)
+          x509_data.add_child(n)
+        end
+
+        digest_value_node = doc.at_xpath('//xades:SigningCertificate//xades:CertDigest/ds:DigestValue',
+                                         'xades' => XADES_NS, 'ds' => DS_NS)
+        issuer_node = doc.at_xpath('//xades:SigningCertificate//xades:IssuerSerial/ds:X509IssuerName',
+                                   'xades' => XADES_NS, 'ds' => DS_NS)
+        serial_node = doc.at_xpath('//xades:SigningCertificate//xades:IssuerSerial/ds:X509SerialNumber',
+                                   'xades' => XADES_NS, 'ds' => DS_NS)
+
+        digest_value_node.content = Base64.strict_encode64(OpenSSL::Digest::SHA256.digest(leaf.to_der)) if digest_value_node
+        issuer_node.content = leaf.issuer.to_s(OpenSSL::X509::Name::RFC2253) if issuer_node
+        serial_node.content = leaf.serial.to_s if serial_node
+      end
+
+      def validate_pkcs12!(p12_path)
+        passin = if @p12_password && !@p12_password.to_s.empty?
+                   "pass:#{@p12_password}"
+                 else
+                   'pass:'
+                 end
+
+        cmd = ['openssl', 'pkcs12', '-in', p12_path, '-noout', '-passin', passin]
+        _out, err, st = Open3.capture3(*cmd)
+        return if st.success?
+
+        raise "Certificado PKCS#12 inválido o password incorrecta (openssl): #{err.to_s.strip}"
+      end
+
+      def resolve_p12_path!
+        raise 'Debe proporcionar p12_base64' if @p12_base64.to_s.strip.empty?
+
+        tmp = Tempfile.create(%w[sri_p12 .p12])
+        tmp.binmode
+        tmp.write(Base64.strict_decode64(@p12_base64))
+        tmp.flush
+        tmp.close
+
+        @tmp_p12_file = tmp
+        tmp.path
+      rescue ArgumentError => e
+        raise "p12_base64 inválido (base64): #{e.message}"
+      end
+    end
+  end
+end

data/lib/sri/invoice_service/invoice_orchestrator.rb

@@ -0,0 +1,53 @@
+# frozen_string_literal: true
+
+require 'nokogiri'
+
+module Sri
+  module InvoiceService
+    # Orchestrates: build access key + sign + send to SRI sandbox endpoints.
+    # Implementation details are delegated to:
+    # - Sri::InvoiceService::InvoiceBuilder
+    # - Sri::InvoiceService::InvoiceSender
+    class InvoiceOrchestrator
+      RECEPCION_WSDL = 'https://celcer.sri.gob.ec/comprobantes-electronicos-ws/RecepcionComprobantesOffline?wsdl'
+      AUTORIZACION_WSDL = 'https://celcer.sri.gob.ec/comprobantes-electronicos-ws/AutorizacionComprobantesOffline?wsdl'
+      DS_NS = 'http://www.w3.org/2000/09/xmldsig#'
+      XADES_NS = 'http://uri.etsi.org/01903/v1.3.2#'
+
+      def initialize(p12_base64:, p12_password:, xml_string:, sequential:, root_id: 'comprobante')
+        @p12_base64 = p12_base64
+        @p12_password = p12_password
+        @xml_string = xml_string
+        @root_id = root_id
+        @sequential = sequential
+      end
+
+      def call
+        unsigned_xml = @xml_string.to_s
+        raise 'Debe proporcionar xml_string' if unsigned_xml.strip.empty?
+
+        doc = Nokogiri::XML(@xml_string.to_s) { |cfg| cfg.strict.noblanks }
+        environment = doc.at_xpath('//infoTributaria/ambiente').text.strip
+        builder = Sri::InvoiceService::InvoiceBuilder.new(
+          doc:,
+          sequential: @sequential,
+          p12_base64: @p12_base64,
+          p12_password: @p12_password,
+          root_id: @root_id
+        )
+
+        built = builder.call
+
+        sender = Sri::InvoiceService::InvoiceSender.new(environment:)
+        sent = sender.call(clave_acceso: built.fetch(:clave_acceso), signed_xml: built.fetch(:signed_xml))
+
+        {
+          clave_acceso: built.fetch(:clave_acceso),
+          signed_xml_path: built[:signed_xml_path],
+          recepcion: sent.fetch(:recepcion),
+          autorizacion: sent.fetch(:autorizacion)
+        }
+      end
+    end
+  end
+end

data/lib/sri/invoice_service/invoice_sender.rb

@@ -0,0 +1,121 @@
+# frozen_string_literal: true
+
+require 'base64'
+require 'savon'
+
+module Sri
+  module InvoiceService
+    # Sends a signed invoice XML to SRI sandbox endpoints.
+    class InvoiceSender
+      TEST_RECEPTION_WSDL = 'https://celcer.sri.gob.ec/comprobantes-electronicos-ws/RecepcionComprobantesOffline?wsdl'
+      TEST_AUTHORIZATION_WSDL = 'https://celcer.sri.gob.ec/comprobantes-electronicos-ws/AutorizacionComprobantesOffline?wsdl'
+
+      PRODUCTION_RECEPTION_WSDL = 'https://cel.sri.gob.ec/comprobantes-electronicos-ws/RecepcionComprobantesOffline?wsdl'
+      PRODUCTION_AUTHORIZATION_WSDL = 'https://cel.sri.gob.ec/comprobantes-electronicos-ws/AutorizacionComprobantesOffline?wsdl'
+
+      TEST_ENVIRONMENT = 1
+      PRODUCTION_ENVIRONMENT = 2
+
+      def initialize(reception_client: nil, authorization_client: nil, environment: 1)
+        @reception_client = reception_client
+        @authorization_client = authorization_client
+        @environment = environment == PRODUCTION_ENVIRONMENT ? PRODUCTION_ENVIRONMENT : TEST_ENVIRONMENT
+      end
+
+      def call(clave_acceso:, signed_xml:)
+        recep = reception_client.call(
+          :validar_comprobante,
+          headers: { 'SOAPAction' => '""' },
+          message: { 'xml' => Base64.strict_encode64(signed_xml.to_s) }
+        ).body
+
+        recep_parsed = parse_recepcion(recep)
+
+        auth = authorization_client.call(
+          :autorizacion_comprobante,
+          headers: { 'SOAPAction' => '""' },
+          message: { 'claveAccesoComprobante' => clave_acceso }
+        ).body
+
+        auth_parsed = parse_autorizacion(auth)
+
+        {
+          recepcion: recep_parsed.merge(raw: recep),
+          autorizacion: auth_parsed.merge(raw: auth)
+        }
+      end
+
+      private
+
+      def reception_client
+        wsdl = @environment == :production ? PRODUCTION_RECEPTION_WSDL : TEST_RECEPTION_WSDL
+        @reception_client ||= Savon.client(
+          wsdl:,
+          convert_request_keys_to: :none,
+          open_timeout: 10,
+          read_timeout: 30,
+          log: false
+        )
+      end
+
+      def authorization_client
+        wsdl = @environment == :production ? PRODUCTION_AUTHORIZATION_WSDL : TEST_AUTHORIZATION_WSDL
+        @authorization_client ||= Savon.client(
+          wsdl:,
+          convert_request_keys_to: :none,
+          open_timeout: 10,
+          read_timeout: 30,
+          log: false
+        )
+      end
+
+      def parse_recepcion(body)
+        resp = dig_any(body, :validarComprobanteResponse, :validar_comprobante_response) || body
+        rr = dig_any(resp, :RespuestaRecepcionComprobante, :respuesta_recepcion_comprobante) || resp
+
+        estado = dig_any(rr, :estado) || dig_any(resp, :estado)
+        mensajes = extract_mensajes(dig_any(rr, :comprobantes, :comprobante) || rr)
+
+        { estado: estado, mensajes: mensajes }
+      end
+
+      def parse_autorizacion(body)
+        resp = dig_any(body, :autorizacionComprobanteResponse, :autorizacion_comprobante_response) || body
+        ra = dig_any(resp, :RespuestaAutorizacionComprobante, :respuesta_autorizacion_comprobante) || resp
+
+        auts = dig_any(ra, :autorizaciones, :autorizacion) || []
+        aut = auts.is_a?(Array) ? auts.first : auts
+
+        estado = dig_any(aut, :estado) || dig_any(ra, :estado)
+        mensajes = extract_mensajes(aut || ra)
+
+        { estado: estado, mensajes: mensajes }
+      end
+
+      def extract_mensajes(node)
+        msgs = dig_any(node, :mensajes, :mensaje) || dig_any(node, :mensajes) || []
+        msgs = [msgs] if msgs.is_a?(Hash)
+        msgs = Array(msgs)
+
+        msgs.map do |m|
+          [
+            dig_any(m, :identificador),
+            dig_any(m, :mensaje),
+            dig_any(m, :informacionAdicional, :informacion_adicional),
+            dig_any(m, :tipo)
+          ].compact.join(' | ')
+        end
+      rescue StandardError
+        []
+      end
+
+      def dig_any(obj, *keys)
+        keys.each do |k|
+          v = obj.is_a?(Hash) ? (obj[k] || obj[k.to_s]) : nil
+          return v unless v.nil?
+        end
+        nil
+      end
+    end
+  end
+end

data/lib/sri/invoice_service.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+require_relative "invoice_service/errors"
+require_relative "invoice_service/access_key_generator"
+require_relative "invoice_service/invoice_builder"
+require_relative "invoice_service/invoice_sender"
+require_relative "invoice_service/invoice_orchestrator"
+
+module Sri
+  module InvoiceService
+  end
+end

data/lib/sri_facturacion/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module SriFacturacion
+  VERSION = "0.1.0"
+end

data/lib/sri_facturacion.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+require_relative "sri_facturacion/version"
+require_relative "sri/invoice_service"

metadata

@@ -0,0 +1,98 @@
+--- !ruby/object:Gem::Specification
+name: sri_facturacion
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Theo Rosero
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2026-01-13 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: net-http
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0.4'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0.4'
+- !ruby/object:Gem::Dependency
+  name: nokogiri
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.14'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.14'
+- !ruby/object:Gem::Dependency
+  name: savon
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '2.15'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '2.15'
+description: Firma XAdES-BES y envío a SRI.
+email:
+- theomrosero@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- LICENSE.txt
+- README.md
+- lib/sri/invoice_service.rb
+- lib/sri/invoice_service/access_key_generator.rb
+- lib/sri/invoice_service/errors.rb
+- lib/sri/invoice_service/invoice_builder.rb
+- lib/sri/invoice_service/invoice_orchestrator.rb
+- lib/sri/invoice_service/invoice_sender.rb
+- lib/sri_facturacion.rb
+- lib/sri_facturacion/version.rb
+homepage:
+licenses:
+- MIT
+metadata:
+  homepage_uri: https://github.com/ImTheo/sri_facturacion
+  source_code_uri: https://github.com/ImTheo/sri_facturacion
+  changelog_uri: https://github.com/ImTheo/sri_facturacion/blob/main/CHANGELOG.md
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '3.0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.5.11
+signing_key:
+specification_version: 4
+summary: Facturación electrónica SRI (firma y envío)
+test_files: []