Class: Sepa::OpResponse

Inherits:

Response

• Object
• Response
• Sepa::OpResponse

Includes:

Utilities

Defined in:

lib/sepa/banks/op/op_response.rb

Overview

Handles OP specific response logic. Mainly certificate specific stuff.

Constant Summary

BYPASS_COMMANDS =

%i(
  get_certificate
  get_service_certificates
).freeze

Constants included from ErrorMessages

ErrorMessages::CONTENT_ERROR_MESSAGE, ErrorMessages::CUSTOMER_ID_ERROR_MESSAGE, ErrorMessages::DECRYPTION_ERROR_MESSAGE, ErrorMessages::ENCRYPTION_CERT_ERROR_MESSAGE, ErrorMessages::ENCRYPTION_CERT_REQUEST_ERROR_MESSAGE, ErrorMessages::ENCRYPTION_PRIVATE_KEY_ERROR_MESSAGE, ErrorMessages::ENVIRONMENT_ERROR_MESSAGE, ErrorMessages::FILE_REFERENCE_ERROR_MESSAGE, ErrorMessages::FILE_TYPE_ERROR_MESSAGE, ErrorMessages::HASH_ERROR_MESSAGE, ErrorMessages::NOT_OK_RESPONSE_CODE_ERROR_MESSAGE, ErrorMessages::PIN_ERROR_MESSAGE, ErrorMessages::SIGNATURE_ERROR_MESSAGE, ErrorMessages::SIGNING_CERT_REQUEST_ERROR_MESSAGE, ErrorMessages::STATUS_ERROR_MESSAGE, ErrorMessages::TARGET_ID_ERROR_MESSAGE

Instance Attribute Summary

Attributes inherited from Response

#command, #environment, #error, #soap

Instance Method Summary

• #certificate_is_trusted? ⇒ true, false

  Checks whether the certificate embedded in the response soap has been signed with OP's root certificate.

• #own_signing_certificate ⇒ String^?

  Extracts own signing certificate from the response.

• #response_code ⇒ Object
• #response_text ⇒ Object
• #validate_hashes ⇒ Object

  Some OP's certificate responses aren't signed.

• #verify_signature ⇒ Object

  Some OP's certificate responses aren't signed.

Methods included from Utilities

#calculate_digest, #canonicalize_exclusively, #canonicalized_node, #cert_request_valid?, #check_validity_against_schema, #csr_to_binary, #decode, #encode, #extract_cert, #format_cert, #format_cert_request, #hmac, #iso_time, #load_body_template, #process_cert_value, #rsa_key, #set_node_id, #validate_signature, #verify_certificate_against_root_certificate, #x509_certificate, #xml_doc

Methods inherited from Response

#application_response, #bank_encryption_certificate, #bank_root_certificate, #bank_signing_certificate, #ca_certificate, #certificate, #client_errors, #content, #doc, #document_must_validate_against_schema, #error_doc, #extract_application_response, #file_references, #find_digest_values, #find_node_by_uri, #find_nodes_to_verify, #hashes_match?, #initialize, #own_encryption_certificate, #response_code_is_ok?, #signature_is_valid?, #to_s, #validate_response_code, #verify_certificate

Constructor Details

This class inherits a constructor from Sepa::Response

Instance Method Details

#certificate_is_trusted? ⇒ true, false

Checks whether the certificate embedded in the response soap has been signed with OP's root certificate. The check is skipped in test environment, because a different root certificate is used. The check is also skipped for certificate requests because they are not signed

Returns:

• (true) —

  if certificate is trusted

• (false) —

  if certificate fails to verify

See Also:

• DanskeResponse#certificate_is_trusted?

# File 'lib/sepa/banks/op/op_response.rb', line 49

def certificate_is_trusted?
  return true if environment == :test || BYPASS_COMMANDS.include?(command)

  verify_certificate_against_root_certificate(certificate, OP_ROOT_CERTIFICATE)
end

#own_signing_certificate ⇒ String^?

Extracts own signing certificate from the response.

Returns:

• (String) —

  own signing certificate as string it it is found

• (nil) —

  if the certificate cannot be found

# File 'lib/sepa/banks/op/op_response.rb', line 15

def own_signing_certificate
  application_response = extract_application_response(OP_PKI)
  at                   = 'xmlns|Certificate > xmlns|Certificate'
  node                 = Nokogiri::XML(application_response).at(at, xmlns: OP_XML_DATA)

  return unless node

  cert_value = process_cert_value node.content
  cert       = x509_certificate cert_value
  cert.to_s
end

#response_code ⇒ Object

See Also:

• Response#response_code

# File 'lib/sepa/banks/op/op_response.rb', line 28

def response_code
  return super unless [:get_certificate, :get_service_certificates].include? command

  super(namespace: OP_PKI)
end

#response_text ⇒ Object

See Also:

• Response#response_text

# File 'lib/sepa/banks/op/op_response.rb', line 35

def response_text
  return super unless [:get_certificate, :get_service_certificates].include? command

  super(namespace: OP_PKI)
end

#validate_hashes ⇒ Object

Some OP's certificate responses aren't signed

# File 'lib/sepa/banks/op/op_response.rb', line 56

def validate_hashes
  super unless BYPASS_COMMANDS.include?(command)
end

#verify_signature ⇒ Object

Some OP's certificate responses aren't signed

# File 'lib/sepa/banks/op/op_response.rb', line 61

def verify_signature
  super unless BYPASS_COMMANDS.include?(command)
end