syrup 0.0.13 → 0.0.14

data/CHANGELOG.rdoc

@@ -1,3 +1,7 @@
+0.0.14 (Jun 6, 2013)
+
+* support new Zions Bank website
+
 0.0.3 (Jun 29, 2011)
 
 * removed activesupport dependency in favor of multi_json
@@ -6,4 +10,4 @@
 
 0.0.1
 
-* initial release
+* initial release

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    syrup (0.0.12)
+    syrup (0.0.13)
       mechanize (>= 1.0.0)
       multi_json (>= 1.0.3)
 
@@ -9,50 +9,51 @@ GEM
   remote: http://rubygems.org/
   specs:
     columnize (0.3.6)
-    diff-lcs (1.1.3)
-    domain_name (0.5.3)
-      unf (~> 0.0.3)
-    linecache (0.46)
-      rbx-require-relative (> 0.0.4)
-    mechanize (2.4)
+    debugger (1.6.0)
+      columnize (>= 0.3.1)
+      debugger-linecache (~> 1.2.0)
+      debugger-ruby_core_source (~> 1.2.1)
+    debugger-linecache (1.2.0)
+    debugger-ruby_core_source (1.2.2)
+    diff-lcs (1.2.4)
+    domain_name (0.5.11)
+      unf (>= 0.0.5, < 1.0.0)
+    http-cookie (1.0.1)
+      domain_name (~> 0.5)
+    mechanize (2.7.1)
       domain_name (~> 0.5, >= 0.5.1)
+      http-cookie (~> 1.0.0)
       mime-types (~> 1.17, >= 1.17.2)
       net-http-digest_auth (~> 1.1, >= 1.1.1)
       net-http-persistent (~> 2.5, >= 2.5.2)
       nokogiri (~> 1.4)
       ntlm-http (~> 0.1, >= 0.1.1)
-      webrobots (~> 0.0, >= 0.0.9)
-    mime-types (1.18)
-    multi_json (1.3.2)
-    net-http-digest_auth (1.2)
-    net-http-persistent (2.6)
-    nokogiri (1.5.2)
+      webrobots (>= 0.0.9, < 0.2)
+    mime-types (1.23)
+    multi_json (1.7.4)
+    net-http-digest_auth (1.3)
+    net-http-persistent (2.8)
+    nokogiri (1.5.9)
     ntlm-http (0.1.1)
-    rake (0.9.2.2)
-    rbx-require-relative (0.0.9)
-    rspec (2.9.0)
-      rspec-core (~> 2.9.0)
-      rspec-expectations (~> 2.9.0)
-      rspec-mocks (~> 2.9.0)
-    rspec-core (2.9.0)
-    rspec-expectations (2.9.1)
-      diff-lcs (~> 1.1.3)
-    rspec-mocks (2.9.0)
-    ruby-debug (0.10.4)
-      columnize (>= 0.1)
-      ruby-debug-base (~> 0.10.4.0)
-    ruby-debug-base (0.10.4)
-      linecache (>= 0.3)
-    unf (0.0.5)
+    rake (10.0.4)
+    rspec (2.13.0)
+      rspec-core (~> 2.13.0)
+      rspec-expectations (~> 2.13.0)
+      rspec-mocks (~> 2.13.0)
+    rspec-core (2.13.1)
+    rspec-expectations (2.13.0)
+      diff-lcs (>= 1.1.3, < 2.0)
+    rspec-mocks (2.13.1)
+    unf (0.1.1)
       unf_ext
-    unf_ext (0.0.4)
-    webrobots (0.0.13)
+    unf_ext (0.0.6)
+    webrobots (0.1.1)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
+  debugger
   rake
   rspec (>= 2.6.0)
-  ruby-debug
   syrup!

data/README.rdoc

@@ -37,10 +37,11 @@ In <b>Rails 2</b>, add this to your environment.rb file.
 
 == Supported Institutions
 
-Currently, only {Zions Bank}[http://zionsbank.com] is supported. I will be
-implementing UCCU, USAA, and Wells Fargo (probably in that order). If you would
-like support for a different bank, you have two options:
+Currently, only Zions Bank, UCCU, and Bank of American Fork are supported. I
+will be implementing UCCU, USAA, and Wells Fargo (probably in that order). If
+you would like support for a different bank, you have two options:
 
 1. Get me the credentials to log into an account with that bank (you'd have to
    trust me).
-2. Implement it yourself and submit a pull request. See {Adding Support For Another Institution}[https://github.com/dontangg/syrup/wiki/Adding-Support-For-Another-Institution]
+2. Implement it yourself and submit a pull request. See
+   {Adding Support For Another Institution}[https://github.com/dontangg/syrup/wiki/Adding-Support-For-Another-Institution]

data/TODO.rdoc

@@ -1,6 +1,4 @@
 
-Make sure that mechanize validates SSL certificates
-
 When getting transactions
 * populate as many variables on Account as you can (eg. current_balance, etc.)
 

data/lib/syrup/institutions/bank_af.rb

@@ -0,0 +1,180 @@
+require 'date'
+require 'bigdecimal'
+require 'bigdecimal/util'
+require 'csv'
+
+module Syrup
+  module Institutions
+
+    class BankAf < InstitutionBase
+
+      class << self
+        def name
+          "Bank of American Fork"
+        end
+
+        def id
+          "bank_af"
+        end
+      end
+
+      def fetch_account(account_id)
+        fetch_accounts
+      end
+
+      def fetch_accounts
+        ensure_authenticated
+
+        # List accounts
+        page = agent.get('https://cm.netteller.com/login2008/Views/Retail/AccountListing.aspx')
+
+        accounts = []
+        page.search('#ctl00_PageContent_ctl00__acctsBase__depositsTab__depositsGrid tr').each do |row_element|
+          next if row_element["class"] == "th"
+
+          cells = row_element.css('td')
+
+          new_account = Account.new(:institution => self)
+          new_account.id = cells[1].inner_text.strip
+          new_account.name = new_account.id
+          new_account.available_balance = BigDecimal.new(parse_currency(cells[2].inner_text))
+          # new_account.current_balance = 
+          # new_account.account_number = 
+          # new_account.type = :deposit # :credit
+
+          accounts << new_account
+        end
+
+        accounts
+      end
+
+      def write_page(page, unique)
+        File.open("test#{unique}.html", 'w') do |f|
+          f.write page.uri.to_s
+          f.write page.body
+        end
+      end
+
+      def get_event_target(html)
+        match = /doPostBack\('([^'"\\]+)'/.match(html)
+                             match[1].gsub(/%24/, '$')
+      end
+
+      def fetch_transactions(account_id, starting_at, ending_at)
+        ensure_authenticated
+
+        # Get the accounts page and click on the desired account link
+        page = agent.get('https://cm.netteller.com/login2008/Views/Retail/AccountListing.aspx')
+
+        form = page.form('aspnetForm')
+        event_target = nil
+        page.search('#ctl00_PageContent_ctl00__acctsBase__depositsTab__depositsGrid tr').each do |row_element|
+          next if row_element["class"] == "th"
+
+          cells = row_element.css('td')
+
+          if cells[1].inner_text.strip == account_id
+            event_target = cells[4].css('select')[0]["name"]
+          end
+        end
+        raise InformationMissingError, "Invalid account ID: #{account_id}" unless event_target
+        form["__EVENTTARGET"] = event_target
+        form.field_with(:name => 'ctl00$PageContent$ctl00$_acctsBase$_depositsTab$_depositsGrid$ctl02$_activity').option_with(:value => "TransactionDownloadViewAction").select
+        page = form.submit
+
+        # Tranferring to Coldfusion
+        form = page.forms[0]
+        form.action = "https://www.netteller.com/bankaf/hbProcessRequest.cfm?activity=D"
+        page = form.submit
+
+        # Submit the download request form
+        form = page.forms[0]
+        form.field_with(:name => 'AccountIndex').option_with(:text => account_id).select
+        form.field_with(:name => 'trans').option_with(:value => 'BetweenTwoDates').select
+        form.field_with(:name => 'format').option_with(:value => 'QFX').select
+        form["from"] = starting_at.strftime('%m/%d/%Y')
+        form["to"] = ending_at.strftime('%m/%d/%Y')
+        submit_button = form.button_with(:id => 'submitButton')
+        page = form.submit(submit_button)
+
+        page = page.link_with(:href => /DeliverContent/).click
+
+        # Get the transactions!
+        transactions = []
+        account = find_account_by_id(account_id)
+        page.body.each_line do |line|
+          line.strip!
+
+          if line.start_with?("<STMTTRN>")
+            match = /DTPOSTED>(\d+)<TRNAMT>\s?([0-9.-]+).*NAME>([^<]+)/.match(line)
+            txn = Transaction.new
+
+            txn.posted_at = Date.strptime(match[1][0..7], '%Y%m%d')
+            txn.amount = parse_currency(match[2])
+            txn.payee = match[3].strip
+            txn.status = :posted
+
+            transactions << txn
+          elsif line.start_with?("</BANKTRANLIST>")
+            match = /LEDGERBAL><BALAMT>([0-9.-]+).*AVAILBAL><BALAMT>([0-9.-]+)/.match(line)
+            account.name = account.id
+            account.current_balance = match[1].to_d
+            account.available_balance = match[2].to_d
+          end
+        end
+
+        transactions
+      end
+
+      private
+
+      def ensure_authenticated
+
+        # Check to see if already authenticated
+        page = agent.get('https://cm.netteller.com/login2008/Views/Retail/AccountListing.aspx')
+        if page.body.include?("An Error Occurred While Processing Your Request")
+
+          raise InformationMissingError, "Please supply a username" unless self.username
+          raise InformationMissingError, "Please supply a password" unless self.password
+
+          # Enter the username and password
+          login_vars = { 'ID' => username, 'PIN' => password }
+          page = agent.post('https://cm.netteller.com/login2008/Authentication/Views/Login.aspx?fi=bankaf&bn=9de8ca724dd43418&burlid=dc1ba449ca4ad5c0', login_vars)
+
+          # If the supplied username/password is incorrect, raise an exception
+          raise InformationMissingError, "Invalid username or password" if page.body.include?("Invalid Online Banking ID or Password")
+
+          form = page.forms[0]
+          form["ctl00$PageContent$DevicePrintHiddenField"] = "version=1&pm_fpua=mozilla/5.0 (macintosh; intel mac os x 10.7; rv:11.0) gecko/20100101 firefox/11.0|5.0 (Macintosh)|MacIntel&pm_fpsc=24|1280|800|774&pm_fpsw=&pm_fptz=-6&pm_fpln=lang=en-US|syslang=|userlang=&pm_fpjv=1&pm_fpco=1"
+          page = form.submit
+
+          if page.uri.to_s == "https://cm.netteller.com/login2008/Authentication/Views/ChallengeQuestions.aspx"
+            form = page.forms[0]
+            question1 = page.search('#ctl00_PageContent_Question1Label').inner_text
+            form["ctl00$PageContent$Answer1TextBox"] = secret_questions[question1]
+
+            question2 = page.search('#ctl00_PageContent_Question2Label').inner_text
+            form["ctl00$PageContent$Answer2TextBox"] = secret_questions[question2]
+
+            submit_button = form.button_with(:name => 'ctl00$PageContent$SubmitButton')
+
+            page = form.submit(submit_button)
+
+            # TODO: What if the secret questions' answers were incorrect
+            #write_page(page, 'sq')
+          end
+
+          form = page.forms[0]
+          form.action = "https://cm.netteller.com/login2008/Default.aspx"
+          page = form.submit
+
+          # TODO: find a better way to test success
+          raise "Unknown URL reached. Try logging in manually through a browser." if page.uri.to_s != "https://cm.netteller.com/login2008/Views/Retail/AccountListing.aspx"
+        end
+
+        true
+      end
+
+    end
+  end
+end

data/lib/syrup/institutions/cacert.pem

@@ -1,9 +1,7 @@
-
-<!-- saved from url=(0033)http://curl.haxx.se/ca/cacert.pem -->
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"></head><body><pre style="word-wrap: break-word; white-space: pre-wrap;">##
+##
 ## ca-bundle.crt -- Bundle of CA Root Certificates
 ##
-## Certificate data from Mozilla as of: Sun Feb 19 04:03:37 2012
+## Certificate data from Mozilla as of: Wed Apr 25 15:02:13 2012
 ##
 ## This is a bundle of X.509 certificates of public Certificate Authorities
 ## (CA). These were automatically extracted from Mozilla's root certificates
@@ -16,42 +14,7 @@
 ## Just configure this file as the SSLCACertificateFile.
 ##
 
-# ***** BEGIN LICENSE BLOCK *****
-# Version: MPL 1.1/GPL 2.0/LGPL 2.1
-#
-# The contents of this file are subject to the Mozilla Public License Version
-# 1.1 (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-# http://www.mozilla.org/MPL/
-#
-# Software distributed under the License is distributed on an "AS IS" basis,
-# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-# for the specific language governing rights and limitations under the
-# License.
-#
-# The Original Code is the Netscape security libraries.
-#
-# The Initial Developer of the Original Code is
-# Netscape Communications Corporation.
-# Portions created by the Initial Developer are Copyright (C) 1994-2000
-# the Initial Developer. All Rights Reserved.
-#
-# Contributor(s):
-#
-# Alternatively, the contents of this file may be used under the terms of
-# either the GNU General Public License Version 2 or later (the "GPL"), or
-# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
-# in which case the provisions of the GPL or the LGPL are applicable instead
-# of those above. If you wish to allow use of your version of this file only
-# under the terms of either the GPL or the LGPL, and not to allow others to
-# use your version of this file under the terms of the MPL, indicate your
-# decision by deleting the provisions above and replace them with the notice
-# and other provisions required by the GPL or the LGPL. If you do not delete
-# the provisions above, a recipient may use your version of this file under
-# the terms of any one of the MPL, the GPL or the LGPL.
-#
-# ***** END LICENSE BLOCK *****
-# @(#) $RCSfile: certdata.txt,v $ $Revision: 1.82 $ $Date: 2012/02/18 21:41:46 $
+# @(#) $RCSfile: certdata.txt,v $ $Revision: 1.83 $ $Date: 2012/04/25 14:49:29 $
 
 GTE CyberTrust Global Root
 ==========================
@@ -3366,4 +3329,3 @@ l+axofjk70YllJyJ22k4vuxcDlbHZVHlUIiIv0LVKz3l+bqeLrPK9HOSAgu+TGbrIP65y7WZf+a2
 E/rKS03Z7lNGBjvGTq2TWoF+bCpLagVFjPIhpDGQh2xlnJ2lYJU6Un/10asIbvPuW/mIPX64b24D
 5EI=
 -----END CERTIFICATE-----
-</pre></body></html>

data/lib/syrup/institutions/institution_base.rb

@@ -140,7 +140,7 @@ module Syrup
 
           # Provide path to cert bundle for Windows
           # Downloaded from http://curl.haxx.se/ca/
-          @agent.agent.http.ca_file = File.expand_path(File.dirname(__FILE__) + "/cacert.pem") if RUBY_PLATFORM =~ /mingw|mswin/i
+          @agent.agent.http.ca_file = File.expand_path(File.dirname(__FILE__) + "/cacert.pem")
         end
 
         @agent
@@ -151,7 +151,7 @@ module Syrup
       # 
       #   parse_currency('$ 1,234.56') #=> 1234.56
       def parse_currency(currency)
-        BigDecimal.new(currency.gsub(/[^0-9.]/, ''))
+        BigDecimal.new(currency.gsub(/[^0-9.-]/, ''))
       end
       
       # A helper method that replaces a few HTML entities with their actual characters

data/lib/syrup/institutions/zions_bank.rb

@@ -3,186 +3,213 @@ require 'date'
 module Syrup
   module Institutions
     class ZionsBank < InstitutionBase
-      
+
       class << self
         def name
           "Zions Bank"
         end
-        
+
         def id
           "zions_bank"
         end
       end
-      
+
       def fetch_account(account_id)
         fetch_accounts
       end
-      
-      def fetch_accounts
-        ensure_authenticated
 
+      def fetch_accounts
+        # TODO: If I ever care about this, I'll add it in later.  This is the url to grab from:
+        # https://banking.zionsbank.com/olb/retail/protected/myBank/balances?OWASP_CSRFTOKEN=
+        #
+        #ensure_authenticated
+        #
         # List accounts
-        page = agent.get('https://banking.zionsbank.com/ibuir/displayAccountBalance.htm')
-        json = MultiJson.load(page.body)
-
-        accounts = []
-        json['accountBalance']['depositAccountList'].each do |account|
-          new_account = Account.new(:id => account['accountId'], :institution => self)
-          new_account.name = unescape_html(account['name'])
-          new_account.account_number = account['number']
-          new_account.current_balance = parse_currency(account['currentAmt'])
-          new_account.available_balance = parse_currency(account['availableAmt'])
-          new_account.type = :deposit
-          
-          accounts << new_account
-        end
-        json['accountBalance']['creditAccountList'].each do |account|
-          new_account = Account.new(:id => account['accountId'], :institution => self)
-          new_account.name = unescape_html(account['name'])
-          new_account.account_number = account['number']
-          new_account.current_balance = parse_currency(account['balanceDueAmt'])
-          new_account.type = :credit
-          
-          accounts << new_account
-        end
+        #page = agent.get('https://banking.zionsbank.com/ibuir/displayAccountBalance.htm')
+        #json = MultiJson.load(page.body)
 
-        accounts
+        #accounts = []
+        #json['accountBalance']['depositAccountList'].each do |account|
+        #  new_account = Account.new(:id => account['accountId'], :institution => self)
+        #  new_account.name = unescape_html(account['name'])
+        #  new_account.account_number = account['number']
+        #  new_account.current_balance = parse_currency(account['currentAmt'])
+        #  new_account.available_balance = parse_currency(account['availableAmt'])
+        #  new_account.type = :deposit
+
+        #  accounts << new_account
+        #end
+        #json['accountBalance']['creditAccountList'].each do |account|
+        #  new_account = Account.new(:id => account['accountId'], :institution => self)
+        #  new_account.name = unescape_html(account['name'])
+        #  new_account.account_number = account['number']
+        #  new_account.current_balance = parse_currency(account['balanceDueAmt'])
+        #  new_account.type = :credit
+
+        #  accounts << new_account
+        #end
+
+        #accounts
+
+        []
       end
-      
+
       def fetch_transactions(account_id, starting_at, ending_at)
         ensure_authenticated
-        
+
         transactions = []
-        
-        post_vars = { "actAcct" => account_id, "dayRange.searchType" => "dates", "dayRange.startDate" => starting_at.strftime('%m/%d/%Y'), "dayRange.endDate" => ending_at.strftime('%m/%d/%Y'), "submit_view.x" => 11, "submit_view.y" => 11, "submit_view" => "view" }
-        
-        page = agent.post("https://banking.zionsbank.com/zfnb/userServlet/app/bank/user/register_view_main?reSort=false&actAcct=#{account_id}", post_vars)
-        
-        # Get all the transactions
-        page.search('tr').each do |row_element|
-          # Look for the account information first
-          account = find_account_by_id(account_id)
-          datapart = row_element.css('.acct')
-          if datapart && datapart.inner_html.size > 0
-            if match = /Prior Day Balance:\s*([^<]+)/.match(datapart.inner_html)
+
+        act_oid, act_attr = account_id.split('|')
+
+        url = "https://banking.zionsbank.com/olb/retail/protected/account/register/account?attr=#{act_attr}&#{@csrf}"
+        page = agent.get(url)
+
+        form = page.forms.first
+        form.action += "?#{@csrf}" unless form.action.include?(@csrf)
+        form["accountOid"] = act_oid
+        form["searchBy"] = "DR"
+        form['fromDate'] = starting_at.strftime('%m/%d/%Y')
+        form['toDate'] = ending_at.strftime('%m/%d/%Y')
+        submit_button = form.button_with(:id => 'formbutton')
+        page = form.submit(submit_button)
+
+        # Look for the account information first
+        account = find_account_by_id(account_id)
+        page.search('#subCell').first.element_children.each do |element|
+          if element.name == "div"
+            if match = /Prior Day Balance:\s*\$([0-9.,]+)/.match(element.inner_text)
               account.prior_day_balance = parse_currency(match[1])
-            end
-            if match = /Current Balance:\s*([^<]+)/.match(datapart.inner_html)
+            elsif match = /Current Balance:\s*\$([0-9.,]+)/.match(element.inner_text)
               account.current_balance = parse_currency(match[1])
-            end
-            if match = /Available Balance:\s*([^<]+)/.match(datapart.inner_html)
+            elsif match = /Available Balance:\s*\$([0-9.,]+)/.match(element.inner_text)
               account.available_balance = parse_currency(match[1])
             end
           end
-        
-          data = []
-          datapart = row_element.css('.data')
-          if datapart
-            data += datapart
-            datapart = row_element.css('.curr')
-            data += datapart if datapart
-          end
-          
-          datapart = row_element.css('.datagrey')
-          if datapart
-            data += datapart
-            datapart = row_element.css('.currgrey')
-            data += datapart if datapart
+        end
+
+        # Get all the transactions
+        include_pending = true
+        begin
+          transactions += get_transactions_from_page(page, include_pending)
+
+          has_next_page = false
+          pagination_div = page.search('#pagination').first
+          if pagination_div # if #pagination isn't there, then there aren't any more pages
+            next_page_link = pagination_div.search('.prevnext').last
+            if next_page_link.inner_text.strip.downcase == 'next'
+              url = "#{next_page_link['href']}&#{@csrf}"
+              page = agent.get(url)
+              has_next_page = true
+              include_pending = false # The pending txns are included on every page, so don't get them again when we switch pages
+            end
           end
-          
-          if data.size == 7
-            data.map! {|cell| cell.inner_html.strip.gsub(/[^ -~]/, '') }
-            
+        end while has_next_page
+
+        transactions
+      end
+
+      def get_transactions_from_page(page, include_pending)
+        transactions = []
+
+        page.search('#RegisterCntBox .list_table tr').each do |row_element|
+
+          date_cell = row_element.search('.table_column_0').first
+          if date_cell
+            status_image = row_element.search('.table_column_3 img').first
+            status = status_image['alt'] == 'Cleared' ? :posted : :pending
+            next unless status == :posted || include_pending
+
             transaction = Transaction.new
 
-            transaction.posted_at = Date.strptime(data[0], '%m/%d/%Y')
-            transaction.payee = unescape_html(data[2])
-            transaction.status = data[3].include?("Posted") ? :posted : :pending
-            unless data[4].empty?
-              transaction.amount = -parse_currency(data[4])
+            transaction.posted_at = Date.strptime(date_cell.inner_text.strip, '%m/%d/%Y')
+
+            payee_cell = row_element.search('.table_column_2 .printdisplay .changeText').first || row_element.search('.table_column_2').first
+            transaction.payee = payee_cell.inner_text.strip
+
+            transaction.status = status
+
+            debit_amount_cell = row_element.search('.table_column_4').first
+            debit_amount = debit_amount_cell.inner_text.strip
+            unless debit_amount.empty?
+              transaction.amount = -parse_currency(debit_amount)
             end
-            unless data[5].empty?
-              transaction.amount = parse_currency(data[5])
+
+            credit_amount_cell = row_element.search('.table_column_5').first
+            credit_amount = credit_amount_cell.inner_text.strip
+            unless credit_amount.empty?
+              transaction.amount = parse_currency(credit_amount)
             end
-            
+
             transactions << transaction
           end
+
         end
-        
+
         transactions
       end
-      
+
       private
-      
+
       def ensure_authenticated
-        
-        # Check to see if already authenticated
-        page = agent.get('https://banking.zionsbank.com/ibuir/')
-        if page.body.include?("SessionTimeOutException")
-          
-          raise InformationMissingError, "Please supply a username" unless self.username
-          raise InformationMissingError, "Please supply a password" unless self.password
-          
-          # Enter the username
-          page = agent.get('https://www.zionsbank.com')
-          form = page.form('logonForm')
-          form.pm_fp = "version%3D1%26pm%5Ffpua%3Dmozilla%2F5%2E0%20%28windows%20nt%206%2E1%3B%20wow64%29%20applewebkit%2F535%2E19%20%28khtml%2C%20like%20gecko%29%20chrome%2F18%2E0%2E1025%2E162%20safari%2F535%2E19%7C5%2E0%20%28Windows%20NT%206%2E1%3B%20WOW64%29%20AppleWebKit%2F535%2E19%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F18%2E0%2E1025%2E162%20Safari%2F535%2E19%7CWin32%26pm%5Ffpsc%3D32%7C1920%7C1200%7C1200%26pm%5Ffpsw%3D%7Cqt1%7Cqt2%7Cqt3%7Cqt4%7Cqt5%7Cqt6%26pm%5Ffptz%3D%2D6%26pm%5Ffpln%3Dlang%3Den%2DUS%7Csyslang%3D%7Cuserlang%3D%26pm%5Ffpjv%3D1%26pm%5Ffpco%3D1"
-          form.publicCred1 = username
-          page = form.submit
-
-          # If the supplied username is incorrect, raise an exception
-          raise InformationMissingError, "Invalid username" if page.title == "Error Page"
-
-          # Go on to the next page
-          page = page.links.first.click
-
-          refresh = page.body.match /meta http-equiv="Refresh" content="0; url=([^"]+)/
-          if refresh
-            url = refresh[1]
-            page = agent.get("https://securentry.zionsbank.com#{url}")
-          end
-          
-          # Skip the secret question if we are prompted for the password
-          unless page.body.include?("Site Validation and Password")
-            # Find the secret question
-            question = page.search('div.form_field')[2].css('div').inner_text
-            
-            # If the answer to this question was not supplied, raise an exception
-            raise InformationMissingError, "Please answer the question, \"#{question}\"" unless secret_questions && secret_questions[question]
-            
-            # Enter the answer to the secret question
-            form = page.forms.first
-            form["challengeEntry.answerText"] = secret_questions[question]
-            form.radiobutton_with(:value => 'false').check
-            submit_button = form.button_with(:name => '_eventId_submit')
-            page = form.submit(submit_button)
-            
-            # If the supplied answer is incorrect, raise an exception
-            raise InformationMissingError, "\"#{secret_questions[question]}\" is not the correct answer to, \"#{question}\"" unless page.search('#errorComponent').empty?
-          end
 
-          # Enter the password
-          form = page.forms.first
-          form.privateCred1 = password
-          submit_button = form.button_with(:name => '_eventId_submit')
-          page = form.submit(submit_button)
-          
-          # If the supplied password is incorrect, raise an exception
-          raise InformationMissingError, "An invalid password was supplied" unless page.search('#errorComponent').empty?
-
-          # Clicking this link logs us into the banking.zionsbank.com domain
-          page = page.links.first.click
-          
-          if page.uri.to_s != "https://banking.zionsbank.com/ibuir/displayUserInterface.htm"
-            page = agent.get('https://banking.zionsbank.com/zfnb/userServlet/app/bank/user/viewaccountsbysubtype/viewAccount')
-            
-            raise "Unknown URL reached. Try logging in manually through a browser." if page.body.include?("SessionTimeOutException")
-          end
+        # We no longer have a way to check to see if we're logged in or not... assume we're not.
+
+        raise InformationMissingError, "Please supply a username" unless self.username
+        raise InformationMissingError, "Please supply a password" unless self.password
+
+        # Enter the username
+        page = agent.get('https://www.zionsbank.com')
+        form = page.form('logonForm')
+        form.publicCred1 = self.username
+        form.privateCred1 = self.password
+        page = form.submit
+
+        # If the supplied username is incorrect, raise an exception
+        # In my tests, invalid username takes you to the password page and an invalid password takes you to the error page
+        raise InformationMissingError, "Invalid username/password" if page.title == "Password Page" || page.title == "Error Page"
+
+        # Go on to the next page
+        # It is something like this: https://banking.zionsbank.com/olb/retail/logon/mfa/sso?SAMLart=<bigLongKey>
+        page = page.links.first.click
+
+        #refresh = page.body.match /meta http-equiv="Refresh" content="0; url=([^"]+)/
+        #if refresh
+        #  url = refresh[1]
+        #  page = agent.get("https://securentry.zionsbank.com#{url}")
+        #end
+
+        # TODO: figure out how this is supposed to work now
+        # Skip the secret question if we are prompted for the password
+        #unless page.body.include?("Site Validation and Password")
+        #  # Find the secret question
+        #  question = page.search('div.form_field')[2].css('div').inner_text
+        #
+        #  # If the answer to this question was not supplied, raise an exception
+        #  raise InformationMissingError, "Please answer the question, \"#{question}\"" unless secret_questions && secret_questions[question]
+        #
+        #  # Enter the answer to the secret question
+        #  form = page.forms.first
+        #  form["challengeEntry.answerText"] = secret_questions[question]
+        #  form.radiobutton_with(:value => 'false').check
+        #  submit_button = form.button_with(:name => '_eventId_submit')
+        #  page = form.submit(submit_button)
+        #
+        #  # If the supplied answer is incorrect, raise an exception
+        #  raise InformationMissingError, "\"#{secret_questions[question]}\" is not the correct answer to, \"#{question}\"" unless page.search('#errorComponent').empty?
+        #end
+
+        if !page.uri.to_s.start_with?("https://banking.zionsbank.com/olb/retail/protected/home")
+          raise "Unknown URL reached. Try logging in manually through a browser."
         end
-        
+
+        token_name = page.search('#csrfTokenName').text
+        token_value = page.search('#csrfTokenValue').text
+
+        @csrf = "#{token_name}=#{token_value}"
+
         true
       end
-      
+
     end
   end
 end

data/lib/syrup/version.rb

@@ -1,3 +1,3 @@
 module Syrup
-  VERSION = "0.0.13"
+  VERSION = "0.0.14"
 end

data/spec/syrup/institutions/bank_af_spec.rb

@@ -0,0 +1,41 @@
+require "spec_helper"
+
+include Institutions
+
+describe BankAf, :bank_integration => true do
+  before(:each) do
+    @bank = BankAf.new
+    @bank.setup do |config|
+      config.username = ""
+      config.password = ""
+      config.secret_questions = {}
+    end
+  end
+  
+  it "fetches one account"
+  it "fetches all accounts" do
+    accounts = @bank.fetch_accounts
+    accounts.each do |account|
+      puts "#{account.id} #{account.name}"
+    end
+  end
+  
+  it "fetches transactions given a date range" do
+    account_id = 'Checking'
+  
+    account = @bank.find_account_by_id(account_id)
+    account.instance_variable_get(:@prior_day_balance).should be_nil
+    account.instance_variable_get(:@current_balance).should be_nil
+    account.instance_variable_get(:@available_balance).should be_nil
+    
+    @bank.fetch_transactions(account_id, Date.today - 30, Date.today)
+    
+    puts account.prior_day_balance
+    puts account.current_balance
+    puts account.available_balance
+    
+    #account.prior_day_balance.should_not be_nil
+    account.current_balance.should_not be_nil
+    account.available_balance.should_not be_nil
+  end
+end

data/spec/syrup/institutions/zions_bank_spec.rb

@@ -1,41 +1,41 @@
-require "spec_helper"
-
-include Institutions
-
-describe ZionsBank, :bank_integration => true do
-  before(:each) do
-    @bank = ZionsBank.new
-    @bank.setup do |config|
-      config.username = ""
-      config.password = ""
-      config.secret_questions = {}
-    end
-  end
-  
-  it "fetches one account"
-  it "fetches all accounts" do
-    accounts = @bank.fetch_accounts
-    accounts.each do |account|
-      puts "#{account.id} #{account.name}"
-    end
-  end
-  
-  it "fetches transactions given a date range" do
-    account_id = 1
-  
-    account = @bank.find_account_by_id(account_id)
-    account.instance_variable_get(:@prior_day_balance).should be_nil
-    account.instance_variable_get(:@current_balance).should be_nil
-    account.instance_variable_get(:@available_balance).should be_nil
-    
-    @bank.fetch_transactions(account_id, Date.today - 30, Date.today)
-    
-    puts account.prior_day_balance
-    puts account.current_balance
-    puts account.available_balance
-    
-    account.prior_day_balance.should_not be_nil
-    account.current_balance.should_not be_nil
-    account.available_balance.should_not be_nil
-  end
-end
+require "spec_helper"
+
+include Institutions
+
+describe ZionsBank, :bank_integration => true do
+  before(:each) do
+    @bank = ZionsBank.new
+    @bank.setup do |config|
+      config.username = ""
+      config.password = ""
+      config.secret_questions = {}
+    end
+  end
+
+  #it "fetches one account"
+  it "fetches all accounts" do
+    accounts = @bank.fetch_accounts
+    accounts.each do |account|
+      puts "#{account.id} #{account.name}"
+    end
+  end
+
+  it "fetches transactions given a date range" do
+    account_id = "1|a"
+
+    account = @bank.find_account_by_id(account_id)
+    account.instance_variable_get(:@prior_day_balance).should be_nil
+    account.instance_variable_get(:@current_balance).should be_nil
+    account.instance_variable_get(:@available_balance).should be_nil
+
+    @bank.fetch_transactions(account_id, Date.today - 30, Date.today)
+
+    puts "Prior day balance: $#{account.prior_day_balance.to_f}"
+    puts "Current balance: $#{account.current_balance.to_f}"
+    puts "Available balance: $#{account.available_balance.to_f}"
+
+    account.prior_day_balance.should_not be_nil
+    account.current_balance.should_not be_nil
+    account.available_balance.should_not be_nil
+  end
+end

data/syrup.gemspec

@@ -16,7 +16,7 @@ Gem::Specification.new do |s|
   s.add_dependency "multi_json", ">= 1.0.3"
   
   s.add_development_dependency "rspec", ">= 2.6.0"
-  s.add_development_dependency "ruby-debug"
+  s.add_development_dependency "debugger"
   s.add_development_dependency "rake"
 
   s.rubyforge_project = s.name

metadata

@@ -1,109 +1,103 @@
---- !ruby/object:Gem::Specification 
+--- !ruby/object:Gem::Specification
 name: syrup
-version: !ruby/object:Gem::Version 
-  hash: 5
+version: !ruby/object:Gem::Version
+  version: 0.0.14
   prerelease: 
-  segments: 
-  - 0
-  - 0
-  - 13
-  version: 0.0.13
 platform: ruby
-authors: 
+authors:
 - Don Wilson
 autorequire: 
 bindir: bin
 cert_chain: []
-
-date: 2012-05-10 00:00:00 -06:00
-default_executable: 
-dependencies: 
-- !ruby/object:Gem::Dependency 
+date: 2013-06-07 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
   name: mechanize
-  prerelease: false
-  requirement: &id001 !ruby/object:Gem::Requirement 
+  requirement: !ruby/object:Gem::Requirement
     none: false
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        hash: 23
-        segments: 
-        - 1
-        - 0
-        - 0
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
         version: 1.0.0
   type: :runtime
-  version_requirements: *id001
-- !ruby/object:Gem::Dependency 
-  name: multi_json
   prerelease: false
-  requirement: &id002 !ruby/object:Gem::Requirement 
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 1.0.0
+- !ruby/object:Gem::Dependency
+  name: multi_json
+  requirement: !ruby/object:Gem::Requirement
     none: false
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        hash: 17
-        segments: 
-        - 1
-        - 0
-        - 3
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
         version: 1.0.3
   type: :runtime
-  version_requirements: *id002
-- !ruby/object:Gem::Dependency 
-  name: rspec
   prerelease: false
-  requirement: &id003 !ruby/object:Gem::Requirement 
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 1.0.3
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
     none: false
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        hash: 23
-        segments: 
-        - 2
-        - 6
-        - 0
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
         version: 2.6.0
   type: :development
-  version_requirements: *id003
-- !ruby/object:Gem::Dependency 
-  name: ruby-debug
   prerelease: false
-  requirement: &id004 !ruby/object:Gem::Requirement 
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: 2.6.0
+- !ruby/object:Gem::Dependency
+  name: debugger
+  requirement: !ruby/object:Gem::Requirement
     none: false
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        hash: 3
-        segments: 
-        - 0
-        version: "0"
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
   type: :development
-  version_requirements: *id004
-- !ruby/object:Gem::Dependency 
-  name: rake
   prerelease: false
-  requirement: &id005 !ruby/object:Gem::Requirement 
+  version_requirements: !ruby/object:Gem::Requirement
     none: false
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        hash: 3
-        segments: 
-        - 0
-        version: "0"
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
   type: :development
-  version_requirements: *id005
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 description: Simple account balance and transactions extractor by scraping bank websites.
-email: 
+email:
 - dontangg@gmail.com
 executables: []
-
 extensions: []
-
 extra_rdoc_files: []
-
-files: 
+files:
 - .gitignore
 - .rspec
 - CHANGELOG.rdoc
@@ -115,6 +109,7 @@ files:
 - lib/syrup.rb
 - lib/syrup/account.rb
 - lib/syrup/information_missing_error.rb
+- lib/syrup/institutions/bank_af.rb
 - lib/syrup/institutions/cacert.pem
 - lib/syrup/institutions/institution_base.rb
 - lib/syrup/institutions/uccu.rb
@@ -123,49 +118,41 @@ files:
 - lib/syrup/version.rb
 - spec/spec_helper.rb
 - spec/syrup/account_spec.rb
+- spec/syrup/institutions/bank_af_spec.rb
 - spec/syrup/institutions/institution_base_spec.rb
 - spec/syrup/institutions/uccu_spec.rb
 - spec/syrup/institutions/zions_bank_spec.rb
 - spec/syrup/syrup_spec.rb
 - spec/syrup/transaction_spec.rb
 - syrup.gemspec
-has_rdoc: true
 homepage: http://github.com/dontangg/syrup
 licenses: []
-
 post_install_message: 
 rdoc_options: []
-
-require_paths: 
+require_paths:
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement 
+required_ruby_version: !ruby/object:Gem::Requirement
   none: false
-  requirements: 
-  - - ">="
-    - !ruby/object:Gem::Version 
-      hash: 3
-      segments: 
-      - 0
-      version: "0"
-required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
-  requirements: 
-  - - ">="
-    - !ruby/object:Gem::Version 
-      hash: 3
-      segments: 
-      - 0
-      version: "0"
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
 requirements: []
-
 rubyforge_project: syrup
-rubygems_version: 1.6.2
+rubygems_version: 1.8.23
 signing_key: 
 specification_version: 3
 summary: Simple account balance and transactions extractor.
-test_files: 
+test_files:
 - spec/spec_helper.rb
 - spec/syrup/account_spec.rb
+- spec/syrup/institutions/bank_af_spec.rb
 - spec/syrup/institutions/institution_base_spec.rb
 - spec/syrup/institutions/uccu_spec.rb
 - spec/syrup/institutions/zions_bank_spec.rb