Module: Sepa::DanskeSoapRequest

Defined in:

lib/sepa/banks/danske/soap_danske.rb

Overview

Contains Danske Bank specific soap building functionality

Instance Method Summary

• #add_bank_certificate_body_to_soap ⇒ Nokogiri::XML private

  Adds get bank certificate application request to the soap.

• #add_encrypted_generic_request_to_soap(encrypted_request) ⇒ Nokogiri::XML private

  Adds the encrypted application request xml structure to generic request soap.

• #add_encrypted_request_to_soap(encrypted_request, parent_node: 'pkif|CreateCertificateIn') ⇒ Nokogiri::XML private

  Adds encrypted application request xml structure to the soap.

• #build_create_certificate_request ⇒ Nokogiri::XML private

  Builds Danske Bank's create certificate request soap.

• #build_danske_generic_request ⇒ Nokogiri::XML private

  Builds Danske Bank's generic request soap.

• #build_encrypted_ar(cert, encrypted_data, encrypted_key) ⇒ Nokogiri::XML private

  Builds the xml structure for the encrypted application request that can be base64 encoded and embedded to the soap.

• #build_get_bank_certificate_request ⇒ Nokogiri::XML private

  Builds get bank certificate request soap.

• #build_renew_certificate_request ⇒ Nokogiri::XML private

  Builds Danske Bank's renew certificate request soap.

• #encrypt_application_request ⇒ Nokogiri::XML private

  Encrypts the application request with the public key of the bank encryption certificate got from the parameters.

• #encrypt_ar ⇒ Array(String, String) private

  Encrypts the application request and returns it in base64 encoded format.

• #encrypt_key(key, public_key) ⇒ String private

  Encrypts a given symmetric encryption key with a public key and returns it in base64 encoded format.

• #find_correct_build ⇒ Nokogiri::XML private

  Determines which kind of request to build depending on command.

• #request_id ⇒ String private

  Generates a random 10-character request id for Danske Bank's requests.

• #set_application_request ⇒ Object private
• #set_bank_certificate_contents ⇒ Object private

  Sets contents for get bank certificate requests.

• #set_cert_contents ⇒ Object private

  Sets contents for certificate requests.

• #set_receiver_id ⇒ Object private

Instance Method Details

#add_bank_certificate_body_to_soap ⇒ Nokogiri::XML (private)

Adds get bank certificate application request to the soap

Returns:

• (Nokogiri::XML) —

  the soap with the application request added to it

# File 'lib/sepa/banks/danske/soap_danske.rb', line 189

def add_bank_certificate_body_to_soap
  ar = @application_request.to_nokogiri

  ar = ar.at_css('elem|GetBankCertificateRequest')
  @template.at_css('pkif|GetBankCertificateIn').add_child(ar)

  @template
end

#add_encrypted_generic_request_to_soap(encrypted_request) ⇒ Nokogiri::XML (private)

TODO:

refactor possible unnecessary conversion away and rename

Adds the encrypted application request xml structure to generic request soap. The application request is base64 encoded before it is added to the soap.

Parameters:

• encrypted_request (Nokogiri::XML) —

  the encrypted application request xml structure

Returns:

• (Nokogiri::XML) —

  the soap with the encrypted application request added to it

# File 'lib/sepa/banks/danske/soap_danske.rb', line 177

def add_encrypted_generic_request_to_soap(encrypted_request)
  encrypted_request = Nokogiri::XML(encrypted_request.to_xml)
  encrypted_request = encrypted_request.root
  encrypted_request = encode encrypted_request.to_xml
  @template.at_css('bxd|ApplicationRequest').add_child(encrypted_request)

  @template
end

#add_encrypted_request_to_soap(encrypted_request, parent_node: 'pkif|CreateCertificateIn') ⇒ Nokogiri::XML (private)

Adds encrypted application request xml structure to the soap. This method is used when building create & renew certificate requests and the encrypted application request xml structure will not be base64 encoded.

Parameters:

• encrypted_request (Nokogiri::XML) —

  the encrypted application request xml structure

Returns:

• (Nokogiri::XML) —

  the soap with the encrypted application request added to it

# File 'lib/sepa/banks/danske/soap_danske.rb', line 163

def add_encrypted_request_to_soap(encrypted_request, parent_node: 'pkif|CreateCertificateIn')
  encrypted_request = Nokogiri::XML(encrypted_request.to_xml)
  encrypted_request = encrypted_request.root
  @template.at_css(parent_node).add_child(encrypted_request)

  @template
end

#build_create_certificate_request ⇒ Nokogiri::XML (private)

Builds Danske Bank's create certificate request soap. Environment is set to :customertest if set to :test. This request is encrypted but not signed.

Returns:

• (Nokogiri::XML) —

  the complete soap

# File 'lib/sepa/banks/danske/soap_danske.rb', line 133

def build_create_certificate_request
  set_cert_contents
  add_encrypted_request_to_soap(encrypt_application_request)
end

#build_danske_generic_request ⇒ Nokogiri::XML (private)

Builds Danske Bank's generic request soap. The processing order is as follows:

1. The contents of the soap are set
2. The application request is encrypted
3. The encrypted application request xml structure is embedded in the soap
4. The header is processed
5. The body is added to the header

Returns:

• (Nokogiri::XML) —

  the complete soap

# File 'lib/sepa/banks/danske/soap_danske.rb', line 119

def build_danske_generic_request
  common_set_body_contents
  set_receiver_id
  encrypted_request = encrypt_application_request
  add_encrypted_generic_request_to_soap(encrypted_request)

  process_header
  add_body_to_header
end

#build_encrypted_ar(cert, encrypted_data, encrypted_key) ⇒ Nokogiri::XML (private)

TODO:

rename

Builds the xml structure for the encrypted application request that can be base64 encoded and embedded to the soap.

Parameters:

• cert (#to_s) —

  the certificate which public key was used for the asymmetric encryption

• encrypted_data (#to_s) —

  the encrypted application request

• encrypted_key (#to_s) —

  the encrypted key that was used for the symmetric encryption

Returns:

• (Nokogiri::XML) —

  the encrypted application request xml structure as a nokogiri document

# File 'lib/sepa/banks/danske/soap_danske.rb', line 80

def build_encrypted_ar(cert, encrypted_data, encrypted_key)
  ar = Nokogiri::XML File.open "#{AR_TEMPLATE_PATH}/encrypted_request.xml"
  set_node(ar, 'dsig|X509Certificate', cert)
  set_node(ar, 'dsig|KeyInfo xenc|CipherValue', encrypted_data)
  set_node(ar, 'xenc|EncryptedData > xenc|CipherData > xenc|CipherValue', encrypted_key)
  ar
end

#build_get_bank_certificate_request ⇒ Nokogiri::XML (private)

Builds get bank certificate request soap. This request is neither signed nor encrypted.

Returns:

• (Nokogiri::XML) —

  the complete soap

# File 'lib/sepa/banks/danske/soap_danske.rb', line 141

def build_get_bank_certificate_request
  set_bank_certificate_contents
  add_bank_certificate_body_to_soap
end

#build_renew_certificate_request ⇒ Nokogiri::XML (private)

Builds Danske Bank's renew certificate request soap. Environment is set to :customertest if set to :test. This request is encrypted and signed

Returns:

• (Nokogiri::XML) —

  the complete soap

# File 'lib/sepa/banks/danske/soap_danske.rb', line 150

def build_renew_certificate_request
  set_cert_contents
  add_encrypted_request_to_soap(encrypt_application_request, parent_node: 'pkif|RenewCertificateIn')
  process_header
  add_body_to_header
end

#encrypt_application_request ⇒ Nokogiri::XML (private)

Encrypts the application request with the public key of the bank encryption certificate got from the parameters. The actual encryption is done by #encrypt_ar and #encrypt_key methods. After the encryption, the encrypted application request xml is built by #build_encrypted_ar method

Returns:

• (Nokogiri::XML) —

  the encrypted application request as a nokogiri document

# File 'lib/sepa/banks/danske/soap_danske.rb', line 30

def encrypt_application_request
  encryption_certificate = x509_certificate(@bank_encryption_certificate)
  encryption_public_key = encryption_certificate.public_key
  encryption_certificate = format_cert(encryption_certificate)
  encrypted_application_request, key = encrypt_ar
  encrypted_key = encrypt_key(key, encryption_public_key)
  build_encrypted_ar(encryption_certificate, encrypted_key, encrypted_application_request)
end

#encrypt_ar ⇒ Array(String, String) (private)

Encrypts the application request and returns it in base64 encoded format. Also returns the key needed to decrypt it. The encryption algorithm is 'DES-EDE3-CBC' and the iv is prepended to the encrypted data.

Returns:

• (Array(String, String)) —

  the encrypted application request and the key needed to decrypt it

# File 'lib/sepa/banks/danske/soap_danske.rb', line 57

def encrypt_ar
  cipher = OpenSSL::Cipher.new('DES-EDE3-CBC').encrypt

  key = cipher.random_key
  iv = cipher.random_iv

  encrypted_data = cipher.update(@application_request.to_xml)
  encrypted_data << cipher.final
  encrypted_data = iv + encrypted_data
  encrypted_data = encode encrypted_data

  [encrypted_data, key]
end

#encrypt_key(key, public_key) ⇒ String (private)

TODO:

make more generic and move to utilities

Encrypts a given symmetric encryption key with a public key and returns it in base64 encoded format.

Parameters:

• key (String) —

  the key that will be encrypted

• public_key (OpenSSL::PKey::RSA) —

  the public key that will be used to do the encryption

Returns:

• (String) —

  the encrypted key as a base64 encoded string

# File 'lib/sepa/banks/danske/soap_danske.rb', line 46

def encrypt_key(key, public_key)
  encrypted_key = public_key.public_encrypt(key)
  encode encrypted_key
end

#find_correct_build ⇒ Nokogiri::XML (private)

TODO:

remove :get_user_info since Danske Bank doesn't support it

Determines which kind of request to build depending on command. Certificate requests differ from generic requests.

Returns:

• (Nokogiri::XML) —

  the built soap as a nokogiri document

# File 'lib/sepa/banks/danske/soap_danske.rb', line 11

def find_correct_build
  case @command
  when :create_certificate
    build_create_certificate_request
  when :upload_file, :download_file, :get_user_info, :download_file_list
    build_danske_generic_request
  when :get_bank_certificate
    build_get_bank_certificate_request
  when :renew_certificate
    build_renew_certificate_request
  end
end

#request_id ⇒ String (private)

Generates a random 10-character request id for Danske Bank's requests.

Returns:

• (String) —

  10-character hexnumeric request id

# File 'lib/sepa/banks/danske/soap_danske.rb', line 201

def request_id
  SecureRandom.hex(5)
end

#set_application_request ⇒ Object (private)

# File 'lib/sepa/banks/danske/soap_danske.rb', line 209

def set_application_request; end

#set_bank_certificate_contents ⇒ Object (private)

TODO:

rename

Sets contents for get bank certificate requests

# File 'lib/sepa/banks/danske/soap_danske.rb', line 103

def set_bank_certificate_contents
  set_node(@template, 'pkif|SenderId', @customer_id)
  set_node(@template, 'pkif|CustomerId', @customer_id)
  set_node(@template, 'pkif|RequestId', request_id)
  set_node(@template, 'pkif|Timestamp', iso_time)
  set_node(@template, 'pkif|InterfaceVersion', 1)
end

#set_cert_contents ⇒ Object (private)

Sets contents for certificate requests.

# File 'lib/sepa/banks/danske/soap_danske.rb', line 89

def set_cert_contents
  @environment = :customertest if @environment == :test

  set_node @template, 'pkif|SenderId',         @customer_id
  set_node @template, 'pkif|CustomerId',       @customer_id
  set_node @template, 'pkif|RequestId',        request_id
  set_node @template, 'pkif|Timestamp',        iso_time
  set_node @template, 'pkif|InterfaceVersion', 1
  set_node @template, 'pkif|Environment',      @environment
end

#set_receiver_id ⇒ Object (private)

# File 'lib/sepa/banks/danske/soap_danske.rb', line 205

def set_receiver_id
  set_node(@template, 'bxd|ReceiverId', 'DABAFIHH')
end