module Sepa::DanskeSoapRequest

Contains Danske Bank specific soap building functionality

Private Instance Methods

add_bank_certificate_body_to_soap() click to toggle source

Adds get bank certificate application request to the soap

@return [Nokogiri::XML] the soap with the application request added to it

# File lib/sepa/banks/danske/soap_danske.rb, line 189
def add_bank_certificate_body_to_soap
  ar = @application_request.to_nokogiri

  ar = ar.at_css('elem|GetBankCertificateRequest')
  @template.at_css('pkif|GetBankCertificateIn').add_child(ar)

  @template
end
add_encrypted_generic_request_to_soap(encrypted_request) click to toggle source

Adds the encrypted application request xml structure to generic request soap. The application request is base64 encoded before it is added to the soap.

@param encrypted_request [Nokogiri::XML] the encrypted application request xml structure @return [Nokogiri::XML] the soap with the encrypted application request added to it @todo refactor possible unnecessary conversion away and rename

# File lib/sepa/banks/danske/soap_danske.rb, line 177
def add_encrypted_generic_request_to_soap(encrypted_request)
  encrypted_request = Nokogiri::XML(encrypted_request.to_xml)
  encrypted_request = encrypted_request.root
  encrypted_request = encode encrypted_request.to_xml
  @template.at_css('bxd|ApplicationRequest').add_child(encrypted_request)

  @template
end
add_encrypted_request_to_soap(encrypted_request, parent_node: 'pkif|CreateCertificateIn') click to toggle source

Adds encrypted application request xml structure to the soap. This method is used when building create & renew certificate requests and the encrypted application request xml structure will not be base64 encoded.

@param encrypted_request [Nokogiri::XML] the encrypted application request xml structure @return [Nokogiri::XML] the soap with the encrypted application request added to it

# File lib/sepa/banks/danske/soap_danske.rb, line 163
def add_encrypted_request_to_soap(encrypted_request, parent_node: 'pkif|CreateCertificateIn')
  encrypted_request = Nokogiri::XML(encrypted_request.to_xml)
  encrypted_request = encrypted_request.root
  @template.at_css(parent_node).add_child(encrypted_request)

  @template
end
build_create_certificate_request() click to toggle source

Builds Danske Bank's create certificate request soap. Environment is set to `:customertest` if set to `:test`. This request is encrypted but not signed.

@return [Nokogiri::XML] the complete soap

# File lib/sepa/banks/danske/soap_danske.rb, line 133
def build_create_certificate_request
  set_cert_contents
  add_encrypted_request_to_soap(encrypt_application_request)
end
build_danske_generic_request() click to toggle source

Builds Danske Bank's generic request soap. The processing order is as follows:

  1. The contents of the soap are set

  2. The application request is encrypted

  3. The encrypted application request xml structure is embedded in the soap

  4. The header is processed

  5. The body is added to the header

@return [Nokogiri::XML] the complete soap

# File lib/sepa/banks/danske/soap_danske.rb, line 119
def build_danske_generic_request
  common_set_body_contents
  set_receiver_id
  encrypted_request = encrypt_application_request
  add_encrypted_generic_request_to_soap(encrypted_request)

  process_header
  add_body_to_header
end
build_encrypted_ar(cert, encrypted_data, encrypted_key) click to toggle source

Builds the xml structure for the encrypted application request that can be base64 encoded and embedded to the soap.

@param cert [#to_s] the certificate which public key was used for the asymmetric encryption @param encrypted_data [#to_s] the encrypted application request @param encrypted_key [#to_s] the encrypted key that was used for the symmetric encryption @return [Nokogiri::XML] the encrypted application request xml structure as a nokogiri

document

@todo rename

# File lib/sepa/banks/danske/soap_danske.rb, line 80
def build_encrypted_ar(cert, encrypted_data, encrypted_key)
  ar = Nokogiri::XML File.open "#{AR_TEMPLATE_PATH}/encrypted_request.xml"
  set_node(ar, 'dsig|X509Certificate', cert)
  set_node(ar, 'dsig|KeyInfo xenc|CipherValue', encrypted_data)
  set_node(ar, 'xenc|EncryptedData > xenc|CipherData > xenc|CipherValue', encrypted_key)
  ar
end
build_get_bank_certificate_request() click to toggle source

Builds get bank certificate request soap. This request is neither signed nor encrypted.

@return [Nokogiri::XML] the complete soap

# File lib/sepa/banks/danske/soap_danske.rb, line 141
def build_get_bank_certificate_request
  set_bank_certificate_contents
  add_bank_certificate_body_to_soap
end
build_renew_certificate_request() click to toggle source

Builds Danske Bank's renew certificate request soap. Environment is set to `:customertest` if set to `:test`. This request is encrypted and signed

@return [Nokogiri::XML] the complete soap

# File lib/sepa/banks/danske/soap_danske.rb, line 150
def build_renew_certificate_request
  set_cert_contents
  add_encrypted_request_to_soap(encrypt_application_request, parent_node: 'pkif|RenewCertificateIn')
  process_header
  add_body_to_header
end
encrypt_application_request() click to toggle source

Encrypts the application request with the public key of the bank encryption certificate got from the parameters. The actual encryption is done by {#encrypt_ar} and {#encrypt_key} methods. After the encryption, the encrypted application request xml is built by {#build_encrypted_ar} method

@return [Nokogiri::XML] the encrypted application request as a nokogiri document

# File lib/sepa/banks/danske/soap_danske.rb, line 30
def encrypt_application_request
  encryption_certificate = x509_certificate(@bank_encryption_certificate)
  encryption_public_key = encryption_certificate.public_key
  encryption_certificate = format_cert(encryption_certificate)
  encrypted_application_request, key = encrypt_ar
  encrypted_key = encrypt_key(key, encryption_public_key)
  build_encrypted_ar(encryption_certificate, encrypted_key, encrypted_application_request)
end
encrypt_ar() click to toggle source

Encrypts the application request and returns it in base64 encoded format. Also returns the key needed to decrypt it. The encryption algorithm is 'DES-EDE3-CBC' and the iv is prepended to the encrypted data.

@return [Array(String, String)] the encrypted application request and the key needed to

decrypt it
# File lib/sepa/banks/danske/soap_danske.rb, line 57
def encrypt_ar
  cipher = OpenSSL::Cipher.new('DES-EDE3-CBC').encrypt

  key = cipher.random_key
  iv = cipher.random_iv

  encrypted_data = cipher.update(@application_request.to_xml)
  encrypted_data << cipher.final
  encrypted_data = iv + encrypted_data
  encrypted_data = encode encrypted_data

  [encrypted_data, key]
end
encrypt_key(key, public_key) click to toggle source

Encrypts a given symmetric encryption key with a public key and returns it in base64 encoded format.

@param key [String] the key that will be encrypted @param public_key [OpenSSL::PKey::RSA] the public key that will be used to do the encryption @return [String] the encrypted key as a base64 encoded string @todo make more generic and move to utilities

# File lib/sepa/banks/danske/soap_danske.rb, line 46
def encrypt_key(key, public_key)
  encrypted_key = public_key.public_encrypt(key)
  encode encrypted_key
end
find_correct_build() click to toggle source

Determines which kind of request to build depending on command. Certificate requests differ from generic requests.

@return [Nokogiri::XML] the built soap as a nokogiri document @todo remove `:get_user_info` since Danske Bank doesn't support it

# File lib/sepa/banks/danske/soap_danske.rb, line 11
def find_correct_build
  case @command
  when :create_certificate
    build_create_certificate_request
  when :upload_file, :download_file, :get_user_info, :download_file_list
    build_danske_generic_request
  when :get_bank_certificate
    build_get_bank_certificate_request
  when :renew_certificate
    build_renew_certificate_request
  end
end
request_id() click to toggle source

Generates a random 10-character request id for Danske Bank's requests.

@return [String] 10-character hexnumeric request id

# File lib/sepa/banks/danske/soap_danske.rb, line 201
def request_id
  SecureRandom.hex(5)
end
set_application_request() click to toggle source
# File lib/sepa/banks/danske/soap_danske.rb, line 209
def set_application_request; end
set_bank_certificate_contents() click to toggle source

Sets contents for get bank certificate requests

@todo rename

# File lib/sepa/banks/danske/soap_danske.rb, line 103
def set_bank_certificate_contents
  set_node(@template, 'pkif|SenderId', @customer_id)
  set_node(@template, 'pkif|CustomerId', @customer_id)
  set_node(@template, 'pkif|RequestId', request_id)
  set_node(@template, 'pkif|Timestamp', iso_time)
  set_node(@template, 'pkif|InterfaceVersion', 1)
end
set_cert_contents() click to toggle source

Sets contents for certificate requests.

# File lib/sepa/banks/danske/soap_danske.rb, line 89
def set_cert_contents
  @environment = :customertest if @environment == :test

  set_node @template, 'pkif|SenderId',         @customer_id
  set_node @template, 'pkif|CustomerId',       @customer_id
  set_node @template, 'pkif|RequestId',        request_id
  set_node @template, 'pkif|Timestamp',        iso_time
  set_node @template, 'pkif|InterfaceVersion', 1
  set_node @template, 'pkif|Environment',      @environment
end
set_receiver_id() click to toggle source
# File lib/sepa/banks/danske/soap_danske.rb, line 205
def set_receiver_id
  set_node(@template, 'bxd|ReceiverId', 'DABAFIHH')
end