Class: Sepa::Response

Inherits:

Object

• Object
• Sepa::Response

Includes:

ActiveModel::Validations, Utilities

Defined in:

lib/sepa/response.rb

Direct Known Subclasses

DanskeResponse, NordeaResponse

Instance Attribute Summary

• #command ⇒ Object readonly

  Returns the value of attribute command.

• #error ⇒ Object readonly

  Returns the value of attribute error.

• #soap ⇒ Object readonly

  Returns the value of attribute soap.

Instance Method Summary

• #application_response ⇒ Object

  Gets the application response from the response as an xml document.

• #bank_encryption_certificate ⇒ Object
• #bank_root_certificate ⇒ Object
• #bank_signing_certificate ⇒ Object
• #ca_certificate ⇒ Object
• #certificate ⇒ Object
• #content ⇒ Object
• #doc ⇒ Object
• #file_references ⇒ Object
• #hashes_match?(options = {}) ⇒ Boolean

  Verifies that all digest values in the response match the actual ones.

• #initialize(hash = {}) ⇒ Response constructor

  A new instance of Response.

• #own_encryption_certificate ⇒ Object
• #own_signing_certificate ⇒ Object
• #signature_is_valid? ⇒ Boolean

  Verifies the signature by extracting the public key from the certificate embedded in the soap header and verifying the signature value with that.

• #to_s ⇒ Object

Methods included from Utilities

#calculate_digest, #canonicalize_exclusively, #canonicalized_node, #cert_is_trusted, #cert_request_valid?, #check_validity_against_schema, #csr_to_binary, #decode, #encode, #extract_cert, #format_cert, #format_cert_request, #hmac, #iso_time, #load_body_template, #process_cert_value, #rsa_key, #x509_certificate, #xml_doc

Constructor Details

#initialize(hash = {}) ⇒ Response

Returns a new instance of Response.

# File 'lib/sepa/response.rb', line 13

def initialize(hash = {})
  @soap = hash[:response]
  @command = hash[:command]
  @error = hash[:error]
  @encryption_private_key = hash[:encryption_private_key]
end

Instance Attribute Details

#command ⇒ Object (readonly)

Returns the value of attribute command.

# File 'lib/sepa/response.rb', line 6

def command
  @command
end

#error ⇒ Object (readonly)

Returns the value of attribute error.

# File 'lib/sepa/response.rb', line 6

def error
  @error
end

#soap ⇒ Object (readonly)

Returns the value of attribute soap.

# File 'lib/sepa/response.rb', line 6

def soap
  @soap
end

Instance Method Details

#application_response ⇒ Object

Gets the application response from the response as an xml document

# File 'lib/sepa/response.rb', line 65

def application_response
  @application_response ||= extract_application_response(BXD)
end

#bank_encryption_certificate ⇒ Object

# File 'lib/sepa/response.rb', line 112

def bank_encryption_certificate; end

#bank_root_certificate ⇒ Object

# File 'lib/sepa/response.rb', line 116

def bank_root_certificate; end

#bank_signing_certificate ⇒ Object

# File 'lib/sepa/response.rb', line 114

def bank_signing_certificate; end

#ca_certificate ⇒ Object

# File 'lib/sepa/response.rb', line 122

def ca_certificate; end

#certificate ⇒ Object

# File 'lib/sepa/response.rb', line 79

def certificate
  @certificate ||= begin
    extract_cert(doc, 'BinarySecurityToken', OASIS_SECEXT)
  end
end

#content ⇒ Object

# File 'lib/sepa/response.rb', line 85

def content
  @content ||= begin
    xml = xml_doc(application_response)

    case @command
    when :download_file
      content_node = xml.at('xmlns|Content', xmlns: XML_DATA)
      content_node.content if content_node
    when :download_file_list
      content_node = xml.remove_namespaces!.at('FileDescriptors')
      content_node.to_xml if content_node
    when :get_user_info
      canonicalized_node(xml, XML_DATA, 'UserFileTypes')
    when :upload_file
      signature_node = xml.at('xmlns|Signature', xmlns: DSIG)
      if signature_node
        signature_node.remove
        xml.canonicalize
      end
    end
  end
end

#doc ⇒ Object

# File 'lib/sepa/response.rb', line 20

def doc
  @doc ||= xml_doc @soap
end

#file_references ⇒ Object

# File 'lib/sepa/response.rb', line 69

def file_references
  return unless @command == :download_file_list

  @file_references ||= begin
    xml = xml_doc content
    descriptors = xml.css('FileDescriptor')
    descriptors.map { |descriptor| descriptor.at('FileReference').content }
  end
end

#hashes_match?(options = {}) ⇒ Boolean

Verifies that all digest values in the response match the actual ones. Takes an optional verbose parameter to show which digests didn’t match i.e. verbose: true

Returns:

• (Boolean)

# File 'lib/sepa/response.rb', line 27

def hashes_match?(options = {})
  digests = find_digest_values
  nodes = find_nodes_to_verify(digests)

  verified_digests = digests.select do |uri, digest|
    uri = uri.sub(/^#/, '')
    digest == nodes[uri]
  end

  return true if digests == verified_digests

  unverified_digests = digests.select do |uri, digest|
    uri = uri.sub(/^#/, '')
    digest != nodes[uri]
  end

  if options[:verbose]
    puts "These digests failed to verify: #{unverified_digests}."
  end

  false
end

#own_encryption_certificate ⇒ Object

# File 'lib/sepa/response.rb', line 118

def own_encryption_certificate; end

#own_signing_certificate ⇒ Object

# File 'lib/sepa/response.rb', line 120

def own_signing_certificate; end

#signature_is_valid? ⇒ Boolean

Verifies the signature by extracting the public key from the certificate embedded in the soap header and verifying the signature value with that.

Returns:

• (Boolean)

# File 'lib/sepa/response.rb', line 52

def signature_is_valid?
  node = doc.at('xmlns|SignedInfo', xmlns: DSIG)

  node = canonicalize_exclusively node

  signature = doc.at('xmlns|SignatureValue', xmlns: DSIG).content

  signature = decode(signature)

  certificate.public_key.verify(OpenSSL::Digest::SHA1.new, signature, node)
end

#to_s ⇒ Object

# File 'lib/sepa/response.rb', line 108

def to_s
  @soap
end