voog / ipizza Goto Github PK

Implements iPizza protocol to communicate with Estonian Banks

Home Page: https://github.com/Voog/ipizza

Ruby 100.00%

ipizza's Introduction

Implements iPizza protocol to communicate with Estonian Banks.

Gem implements support for iPizza services (1011, 1012, 4011 and 4012) that are supported by members of the Estonian Banking Association since October 2014.

If you need to use this gem with old iPizza services implementations (1001, 1002, 4001 and 4002), use 1.0.0 version of this gem (NB! support for these services will end on 31 December 2015).

Usage

Add gem dependency in your Gemfile and install the gem:

gem 'ipizza'

Ruby 1.8 support

Since ipizza gem version 1.0.0, Ruby 1.8 support has been dropped. If you need to use this gem with older versions of Ruby, use 0.7.1 version of this gem.

Configuration

Configuration can be made in two different ways, using Ipizza::Config.configure block or loading configuration properties from YAML file.

Loading from YAML file:

Ipizza::Config.load_from_file('config.yml')

Configuration values should be set in YAML file in provider.attribute_value format. See example YAML file below in "Configuration parameters" section.

At any time, configuration can be modified with Ipizza::Config.configure block:

Ipizza::Config.configure do |c|
  c.certs_root            = '/path/to/certificates'
  c.swedbank_service_url  = 'http://foo.bar/swedbank'
end

Configuration parameters

swedbank:
  service_url: http://foo.bar/swedbank
  return_url: http://mycompany.com/store
  cancel_url: http://mycompany.com/cancel
  
  # Your private key file path. Can be specified relatively
  # to YAML file
  file_key: ./certificates/my_private.key
  
  # If your private key is protected with password,
  # provide it here
  key_secret: private_key_password
  
  # Path to bank's public key file. Can be specified
  # relatively to YAML file
  file_cert: ./certificates/bank_public.crt
  snd_id: dealer
  encoding: UTF-8

Payment requests

Building request

payment = Ipizza::Payment.new(
  :stamp => 1, :amount => '123.34', :refnum => 1,
  :message => 'Payment message', :currency => 'EUR'
)
request = Ipizza::Provider::Swedbank.new.payment_request(@payment)

Authentication requests

Building request

request = Ipizza::Provider::Swedbank.new.authentication_request

Validating response

response = Ipizza::Provider::Swedbank.new.authentication_response({'VK_PARAM_1' => 'VALUE 1', ...})
response.valid?

Gateway specifications

This library currently works with four Estonian Banks. Here are their respective interface specifications:

Swedbank
SEB
Danske Bank
Krediidipank
LHV Bank
Nordea (uses SOLO protocol)

Helpful links

Authors

Thanks to all contributors!
Tarmo Talu (Thanks for the 7-3-1 algorithm)

ipizza's People

Contributors

Stargazers

Watchers

Forkers

kritik pavelbrylov oree tanelj mariusandra priithaamer defeed msokk keeruline whysthatso archiveddomify

ipizza's Issues

Support SHA-2 (SHA256) algorithm for providers

SEB bank announced that on 30 September 2023 a technical change will take place in the SEB bank link service, to ensure the security of bank links, the SHA-1 algorithm will be changed to the SHA-2 (SHA256) algorithm.

Until 30 September, SHA-1 and SHA-2 will work in parallel.

Missing values in sign_params when using service 4012

using: ipizza 2.0.1
hey,
the scenario: using authentication service of lhv

when creating a request for service 4011 all is well

> Ipizza::Provider::Lhv.new.authentication_request
#<Ipizza::AuthenticationRequest:0x00561258b4c538
 @extra_params={"VK_ENCODING"=>"UTF-8", "VK_LANG"=>nil},
 @service_url="https://www.lhv.ee/banklink",
 @sign_params=
  {"VK_SERVICE"=>4011,
   "VK_VERSION"=>"008",
   "VK_SND_ID"=>"SOME OÜ",
   "VK_RETURN"=>"https://www.example.com/endpoint",
   "VK_DATETIME"=>"2016-12-14T16:24:01+0200",
   "VK_RID"=>nil,
   "VK_REPLY"=>"3012",
   "VK_MAC"=>
    "XyrU7R9m2jK5q/Q9iiJ9ZJrhEhHExgwqgY+SPvjt10/1oRAcZWi5Jz1...."}>

however, when forcing service 4012 with additional params, the resulting sign_params is missing the crucial VK_REC_ID (bank's id, which i also tried to add to the configuration yaml to no avail), and the VK_NONCE. For some reason only VK_RID got merged from that hash.

> Ipizza::Provider::Lhv.new.authentication_request( 4012, { vk_nonce: '1' , vk_rid: '1'})
#<Ipizza::AuthenticationRequest:0x00561258b03540
 @extra_params={"VK_ENCODING"=>"UTF-8", "VK_LANG"=>nil},
 @service_url="https://www.lhv.ee/banklink",
 @sign_params=
  {"VK_SERVICE"=>4012,
   "VK_VERSION"=>"008",
   "VK_SND_ID"=>"SOME OÜ",
   "VK_RETURN"=>"https://www.example.com/endpoint",
   "VK_DATETIME"=>"2016-12-14T16:27:12+0200",
   "VK_RID"=>"1",
   "VK_MAC"=>
    "VI3AyDMkEjgIfGQqgZmjK6h4Z8eyA3wxrLhnp1jt9e5xU6u..."}>

it's pretty weird, as the case statement in provider/base.rb seems pretty straight forward.

am i missing anything?

Add:
initializer in my rails app under config/initializers/banklink.rb:
Ipizza::Config.load_from_file Rails.root.join('config', 'banklink.yml')

config yml: like the example from readme, only addition:
rec_id: LHV
but that did nothing

Add configuration option to turn on/off individual providers

On the client side, it should be possible to check if provider is configured or not, i.e

if Ipizza::Config.seb_enabled?
  ...
end

Or something like this.

On the configuration file side, it should be disabled until configuration settings are set for the given provider.

voog / ipizza Goto Github PK

ipizza's Introduction

Usage

Ruby 1.8 support

Configuration

Configuration parameters

Payment requests

Building request

Authentication requests

Building request

Validating response

Gateway specifications

Helpful links

Authors

ipizza's People

Contributors

Stargazers

Watchers

Forkers

ipizza's Issues

Recommend Projects

Recommend Topics

Recommend Org