-
Notifications
You must be signed in to change notification settings - Fork 40
/
client.rb
304 lines (235 loc) · 7.17 KB
/
client.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
class Epics::Client
extend Forwardable
attr_accessor :passphrase, :url, :host_id, :user_id, :partner_id, :keys, :keys_content
attr_writer :iban, :bic, :name
def_delegators :connection, :post
def initialize(keys_content, passphrase, url, host_id, user_id, partner_id)
self.keys_content = keys_content.respond_to?(:read) ? keys_content.read : keys_content if keys_content
self.passphrase = passphrase
self.keys = extract_keys if keys_content
self.url = url
self.host_id = host_id
self.user_id = user_id
self.partner_id = partner_id
end
def inspect
"#<#{self.class}:#{self.object_id}
@keys=#{self.keys.keys},
@user_id=\"#{self.user_id}\",
@partner_id=\"#{self.partner_id}\""
end
def e
keys["E002"]
end
def a
keys["A006"]
end
def x
keys["X002"]
end
def bank_e
keys["#{host_id.upcase}.E002"]
end
def bank_x
keys["#{host_id.upcase}.X002"]
end
def name
@name ||= (self.HTD; @name)
end
def iban
@iban ||= (self.HTD; @iban)
end
def bic
@bic ||= (self.HTD; @bic)
end
def order_types
@order_types ||= (self.HTD; @order_types)
end
def self.setup(passphrase, url, host_id, user_id, partner_id, keysize = 2048)
client = new(nil, passphrase, url, host_id, user_id, partner_id)
client.keys = %w(A006 X002 E002).each_with_object({}) do |type, memo|
memo[type] = Epics::Key.new( OpenSSL::PKey::RSA.generate(keysize) )
end
client
end
def ini_letter(bankname)
raw = File.read(File.join(File.dirname(__FILE__), '../letter/', 'ini.erb'))
ERB.new(raw).result(binding)
end
def save_ini_letter(bankname, path)
File.write(path, ini_letter(bankname))
path
end
def credit(document)
self.CCT(document)
end
def debit(document, type = :CDD)
self.public_send(type, document)
end
def statements(from, to, type = :STA)
self.public_send(type, from, to)
end
def HIA
post(url, Epics::HIA.new(self).to_xml).body.ok?
end
def INI
post(url, Epics::INI.new(self).to_xml).body.ok?
end
def HPB
Nokogiri::XML(download(Epics::HPB)).xpath("//xmlns:PubKeyValue", xmlns: "urn:org:ebics:H004").each do |node|
type = node.parent.last_element_child.content
modulus = Base64.decode64(node.at_xpath(".//*[local-name() = 'Modulus']").content)
exponent = Base64.decode64(node.at_xpath(".//*[local-name() = 'Exponent']").content)
bank = OpenSSL::PKey::RSA.new
if bank.respond_to?(:set_key)
bank.set_key(OpenSSL::BN.new(modulus, 2), OpenSSL::BN.new(exponent, 2), nil)
else
bank.n = OpenSSL::BN.new(modulus, 2)
bank.e = OpenSSL::BN.new(exponent, 2)
end
self.keys["#{host_id.upcase}.#{type}"] = Epics::Key.new(bank)
end
[bank_x, bank_e]
end
def AZV(document)
upload(Epics::AZV, document)
end
def CD1(document)
upload(Epics::CD1, document)
end
def CDB(document)
upload(Epics::CDB, document)
end
def CDD(document)
upload(Epics::CDD, document)
end
def CDS(document)
upload(Epics::CDS, document)
end
def XDS(document)
upload(Epics::XDS, document)
end
def CCT(document)
upload(Epics::CCT, document)
end
def CCS(document)
upload(Epics::CCS, document)
end
def XCT(document)
upload(Epics::XCT, document)
end
def STA(from = nil, to = nil)
download(Epics::STA, from, to)
end
def VMK(from = nil, to = nil)
download(Epics::VMK, from, to)
end
def CDZ(from = nil, to = nil)
download_and_unzip(Epics::CDZ, from, to)
end
def CRZ(from = nil, to = nil)
download_and_unzip(Epics::CRZ, from, to)
end
def C52(from, to)
download_and_unzip(Epics::C52, from, to)
end
def C53(from, to)
download_and_unzip(Epics::C53, from, to)
end
def C54(from, to)
download_and_unzip(Epics::C54, from, to)
end
def HAA
Nokogiri::XML(download(Epics::HAA)).at_xpath("//xmlns:OrderTypes", xmlns: "urn:org:ebics:H004").content.split(/\s/)
end
def HTD
Nokogiri::XML(download(Epics::HTD)).tap do |htd|
@iban ||= htd.at_xpath("//xmlns:AccountNumber[@international='true']", xmlns: "urn:org:ebics:H004").text rescue nil
@bic ||= htd.at_xpath("//xmlns:BankCode[@international='true']", xmlns: "urn:org:ebics:H004").text rescue nil
@name ||= htd.at_xpath("//xmlns:Name", xmlns: "urn:org:ebics:H004").text rescue nil
@order_types ||= htd.search("//xmlns:OrderTypes", xmlns: "urn:org:ebics:H004").map{|o| o.content.split(/\s/) }.delete_if{|o| o == ""}.flatten
end.to_xml
end
def HPD
download(Epics::HPD)
end
def HKD
download(Epics::HKD)
end
def PTK(from, to)
download(Epics::PTK, from, to)
end
def HAC(from = nil, to = nil)
download(Epics::HAC, from, to)
end
def save_keys(path)
File.write(path, dump_keys)
end
private
def upload(order_type, document)
order = order_type.new(self, document)
res = post(url, order.to_xml).body
order.transaction_id = res.transaction_id
order_id = res.order_id
res = post(url, order.to_transfer_xml).body
return res.transaction_id, [res.order_id, order_id].detect { |id| id.to_s.chars.any? }
end
def download(order_type, *args)
document = order_type.new(self, *args)
res = post(url, document.to_xml).body
document.transaction_id = res.transaction_id
if res.segmented? && res.last_segment?
post(url, document.to_receipt_xml).body
end
res.order_data
end
def download_and_unzip(order_type, *args)
[].tap do |entries|
Zip::File.open_buffer(StringIO.new(download(order_type, *args))).each do |zipfile|
entries << zipfile.get_input_stream.read
end
end
end
def connection
@connection ||= Faraday.new(headers: { 'Content-Type' => 'text/xml', user_agent: "EPICS v#{Epics::VERSION}"}, ssl: { verify: verify_ssl? }) do |faraday|
faraday.use Epics::XMLSIG, { client: self }
faraday.use Epics::ParseEbics, { client: self}
# faraday.use MyAdapter
# faraday.response :logger # log requests to STDOUT
end
end
def extract_keys
JSON.load(self.keys_content).each_with_object({}) do |(type, key), memo|
memo[type] = Epics::Key.new(decrypt(key)) if key
end
end
def dump_keys
JSON.dump(keys.each_with_object({}) {|(k,v),m| m[k]= encrypt(v.key.to_pem)})
end
def new_cipher
# Re-using the cipher between keys has weird behaviours with openssl3
# Using a fresh key instead of memoizing it on the client simplifies things
OpenSSL::Cipher.new('aes-256-cbc')
end
def encrypt(data)
salt = OpenSSL::Random.random_bytes(8)
cipher = setup_cipher(:encrypt, self.passphrase, salt)
Base64.strict_encode64([salt, cipher.update(data) + cipher.final].join)
end
def decrypt(data)
data = Base64.strict_decode64(data)
salt = data[0..7]
data = data[8..-1]
cipher = setup_cipher(:decrypt, self.passphrase, salt)
cipher.update(data) + cipher.final
end
def setup_cipher(method, passphrase, salt)
cipher = new_cipher
cipher.send(method)
cipher.key = OpenSSL::PKCS5.pbkdf2_hmac_sha1(passphrase, salt, 1, cipher.key_len)
cipher
end
def verify_ssl?
ENV['EPICS_VERIFY_SSL'] != 'false'
end
end