class Sepa::ApplicationResponse

Contains functionality for the application response embedded in {Response} @todo Use functionality from this class more when validating response

Attributes

xml[R]

The raw xml of the application response

@return [String] the raw xml of the application response

Public Class Methods

new(app_resp, bank) click to toggle source

Initializes the {ApplicationResponse} with an application response xml and bank

@param app_resp [#to_s] the application response xml @param bank [Symbol] the bank from which the application response came from

# File lib/sepa/application_response.rb, line 19
def initialize(app_resp, bank)
  @xml = app_resp
  @bank = bank
end

Public Instance Methods

certificate() click to toggle source

The certificate which private key has been used to sign the application response

@return [OpenSSL::X509::Certificate] if the certificate can be found @return [nil] if the certificate cannot be found @raise [OpenSSL::X509::CertificateError] if the certificate is not valid

# File lib/sepa/application_response.rb, line 71
def certificate
  extract_cert(doc, 'X509Certificate', DSIG)
end
certificate_is_trusted?() click to toggle source

Checks whether the embedded certificate has been signed by the private key of the bank's root certificate. The root certificate used varies by bank.

@return [true] if the certificate is trusted @return [false] if the certificate is not trusted

# File lib/sepa/application_response.rb, line 80
def certificate_is_trusted?
  root_certificate =
    case @bank
    when :nordea
      NORDEA_ROOT_CERTIFICATE
    when :danske
      DANSKE_ROOT_CERTIFICATE
    end

  verify_certificate_against_root_certificate(certificate, root_certificate)
end
doc() click to toggle source

The application response as a nokogiri xml document

@return [Nokogiri::XML::Document] the application response as a nokogiri document

# File lib/sepa/application_response.rb, line 27
def doc
  @doc ||= xml_doc @xml
end
hashes_match?() click to toggle source

Checks that the hash value reported in the signature matches the one that is calculated locally

@return [true] if hashes match @return [false] if hashes don't match

# File lib/sepa/application_response.rb, line 36
def hashes_match?
  are = doc.clone

  digest_value = are.at('xmlns|DigestValue', xmlns: DSIG).content.strip

  are.at('xmlns|Signature', xmlns: DSIG).remove

  actual_digest = calculate_digest(are)

  return true if digest_value == actual_digest

  false
end
signature_is_valid?() click to toggle source

Checks that the signature has been calculated with the private key of the certificate's public key.

@return [true] if signature can be verified @return [false] if signature fails to verify

# File lib/sepa/application_response.rb, line 55
def signature_is_valid?
  validate_signature(doc, certificate, :normal)
end
to_s() click to toggle source

Returns the raw xml of the application response

@return [String] the raw xml of the application response

# File lib/sepa/application_response.rb, line 62
def to_s
  @xml
end

Private Instance Methods

response_must_validate_against_schema() click to toggle source

Validates that the response is valid against the application response schema

# File lib/sepa/application_response.rb, line 95
def response_must_validate_against_schema
  check_validity_against_schema(doc, 'application_response.xsd')
end