ebics-client
Advanced tools
ebics-client - npm Package Compare versions
Comparing version 0.3.0 to 4.0.0
| 'use strict'; | ||
| const $request = require('request'); | ||
| const rock = require('rock-req'); | ||
@@ -55,3 +55,2 @@ const constants = require('./consts'); | ||
| module.exports = class Client { | ||
@@ -75,14 +74,13 @@ /** | ||
| }) { | ||
| if (!url) | ||
| throw new Error('EBICS URL is required'); | ||
| if (!partnerId) | ||
| throw new Error('partnerId is required'); | ||
| if (!userId) | ||
| throw new Error('userId is required'); | ||
| if (!hostId) | ||
| throw new Error('hostId is required'); | ||
| if (!passphrase) | ||
| throw new Error('passphrase is required'); | ||
| if (!url) throw new Error('EBICS URL is required'); | ||
| if (!partnerId) throw new Error('partnerId is required'); | ||
| if (!userId) throw new Error('userId is required'); | ||
| if (!hostId) throw new Error('hostId is required'); | ||
| if (!passphrase) throw new Error('passphrase is required'); | ||
| if (!keyStorage || typeof keyStorage.read !== 'function' || typeof keyStorage.write !== 'function') | ||
| if ( | ||
| !keyStorage | ||
| || typeof keyStorage.read !== 'function' | ||
| || typeof keyStorage.write !== 'function' | ||
| ) | ||
| throw new Error('keyStorage implementation missing or wrong'); | ||
@@ -104,13 +102,21 @@ | ||
| async send(order) { | ||
| const isInObject = ('operation' in order); | ||
| const isInObject = 'operation' in order; | ||
| if (!isInObject) throw new Error('Operation for the order needed'); | ||
| if (order.operation.toUpperCase() === constants.orderOperations.ini) return this.initialization(order); | ||
| if (order.operation.toUpperCase() === constants.orderOperations.ini) | ||
| return this.initialization(order); | ||
| const keys = await this.keys(); | ||
| if (keys === null) throw new Error('No keys provided. Can not send the order or any other order for that matter.'); | ||
| if (keys === null) | ||
| throw new Error( | ||
| 'No keys provided. Can not send the order or any other order for that matter.', | ||
| ); | ||
| if (order.operation.toUpperCase() === constants.orderOperations.upload) return this.upload(order); | ||
| if (order.operation.toUpperCase() === constants.orderOperations.download) return this.download(order); | ||
| if (order.operation.toUpperCase() === constants.orderOperations.upload) | ||
| return this.upload(order); | ||
| if ( | ||
| order.operation.toUpperCase() === constants.orderOperations.download | ||
| ) | ||
| return this.download(order); | ||
@@ -124,4 +130,3 @@ throw new Error('Wrong order operation provided'); | ||
| if (this.tracesStorage) | ||
| this.tracesStorage.new().ofType('ORDER.INI'); | ||
| if (this.tracesStorage) this.tracesStorage.new().ofType('ORDER.INI'); | ||
| const res = await this.ebicsRequest(order); | ||
@@ -139,3 +144,5 @@ const xml = res.orderData(); | ||
| technicalCodeSymbol: res.technicalSymbol(), | ||
| technicalCodeShortText: res.technicalShortText(returnedTechnicalCode), | ||
| technicalCodeShortText: res.technicalShortText( | ||
| returnedTechnicalCode, | ||
| ), | ||
| technicalCodeMeaning: res.technicalMeaning(returnedTechnicalCode), | ||
@@ -175,3 +182,5 @@ | ||
| technicalCodeSymbol: res.technicalSymbol(), | ||
| technicalCodeShortText: res.technicalShortText(returnedTechnicalCode), | ||
| technicalCodeShortText: res.technicalShortText( | ||
| returnedTechnicalCode, | ||
| ), | ||
| technicalCodeMeaning: res.technicalMeaning(returnedTechnicalCode), | ||
@@ -187,4 +196,3 @@ | ||
| async upload(order) { | ||
| if (this.tracesStorage) | ||
| this.tracesStorage.new().ofType('ORDER.UPLOAD'); | ||
| if (this.tracesStorage) this.tracesStorage.new().ofType('ORDER.UPLOAD'); | ||
| let res = await this.ebicsRequest(order); | ||
@@ -207,21 +215,33 @@ const transactionId = res.transactionId(); | ||
| const keys = await this.keys(); | ||
| const r = signer.version(version).sign((await serializer.use(order, this)).toXML(), keys.x()); | ||
| const r = signer | ||
| .version(version) | ||
| .sign((await serializer.use(order, this)).toXML(), keys.x()); | ||
| if (this.tracesStorage) | ||
| this.tracesStorage.label(`REQUEST.${order.orderDetails.OrderType}`).data(r).persist(); | ||
| this.tracesStorage | ||
| .label(`REQUEST.${order.orderDetails.OrderType}`) | ||
| .data(r) | ||
| .persist(); | ||
| $request.post({ | ||
| url: this.url, | ||
| body: r, | ||
| headers: { 'content-type': 'text/xml;charset=UTF-8' }, | ||
| }, (err, res, data) => { | ||
| if (err) reject(err); | ||
| rock.post( | ||
| this.url, | ||
| { | ||
| body: r, | ||
| headers: { 'content-type': 'text/xml;charset=UTF-8' }, | ||
| }, | ||
| (err, res, data) => { | ||
| if (err) reject(err); | ||
| const ebicsResponse = response.version(version)(data, keys); | ||
| const ebicsResponse = response.version(version)(data, keys); | ||
| if (this.tracesStorage) | ||
| this.tracesStorage.label(`RESPONSE.${order.orderDetails.OrderType}`).connect().data(ebicsResponse.toXML()).persist(); | ||
| if (this.tracesStorage) | ||
| this.tracesStorage | ||
| .label(`RESPONSE.${order.orderDetails.OrderType}`) | ||
| .connect() | ||
| .data(ebicsResponse.toXML()) | ||
| .persist(); | ||
| resolve(ebicsResponse); | ||
| }); | ||
| resolve(ebicsResponse); | ||
| }, | ||
| ); | ||
| }); | ||
@@ -233,3 +253,5 @@ } | ||
| const keys = await this.keys(); | ||
| return signer.version(version).sign((await serializer.use(order, this)).toXML(), keys.x()); | ||
| return signer | ||
| .version(version) | ||
| .sign((await serializer.use(order, this)).toXML(), keys.x()); | ||
| } | ||
@@ -265,4 +287,6 @@ | ||
| _writeKeys(keysObject) { | ||
| return this.keyStorage.write(this.keyEncryptor.encrypt(stringifyKeys(keysObject.keys))); | ||
| return this.keyStorage.write( | ||
| this.keyEncryptor.encrypt(stringifyKeys(keysObject.keys)), | ||
| ); | ||
| } | ||
| }; |
@@ -8,3 +8,3 @@ 'use strict'; | ||
| const { DOMParser, XMLSerializer } = require('xmldom'); | ||
| const { DOMParser, XMLSerializer } = require('@xmldom/xmldom'); | ||
| const xpath = require('xpath'); | ||
@@ -29,3 +29,6 @@ const errors = require('./errors'); | ||
| const select = xpath.useNamespaces({ xmlns: 'urn:org:ebics:H004' }); | ||
| const node = select('//xmlns:header/xmlns:mutable/xmlns:SegmentNumber', this.doc); | ||
| const node = select( | ||
| '//xmlns:header/xmlns:mutable/xmlns:SegmentNumber', | ||
| this.doc, | ||
| ); | ||
@@ -37,3 +40,6 @@ return !!node.length; | ||
| const select = xpath.useNamespaces({ xmlns: 'urn:org:ebics:H004' }); | ||
| const node = select("//xmlns:header/xmlns:mutable/*[@lastSegment='true']", this.doc); | ||
| const node = select( | ||
| "//xmlns:header/xmlns:mutable/*[@lastSegment='true']", | ||
| this.doc, | ||
| ); | ||
@@ -44,3 +50,6 @@ return !!node.length; | ||
| orderData() { | ||
| const orderDataNode = this.doc.getElementsByTagNameNS('urn:org:ebics:H004', 'OrderData'); | ||
| const orderDataNode = this.doc.getElementsByTagNameNS( | ||
| 'urn:org:ebics:H004', | ||
| 'OrderData', | ||
| ); | ||
@@ -50,4 +59,10 @@ if (!orderDataNode.length) return {}; | ||
| const orderData = orderDataNode[0].textContent; | ||
| const decipher = crypto.createDecipheriv('aes-128-cbc', this.transactionKey(), DEFAULT_IV).setAutoPadding(false); | ||
| const data = Buffer.from(decipher.update(orderData, 'base64', 'binary') + decipher.final('binary'), 'binary'); | ||
| const decipher = crypto | ||
| .createDecipheriv('aes-128-cbc', this.transactionKey(), DEFAULT_IV) | ||
| .setAutoPadding(false); | ||
| const data = Buffer.from( | ||
| decipher.update(orderData, 'base64', 'binary') | ||
| + decipher.final('binary'), | ||
| 'binary', | ||
| ); | ||
@@ -58,4 +73,10 @@ return zlib.inflateSync(data); | ||
| transactionKey() { | ||
| const keyNodeText = this.doc.getElementsByTagNameNS('urn:org:ebics:H004', 'TransactionKey')[0].textContent; | ||
| return Crypto.privateDecrypt(this.keys.e(), Buffer.from(keyNodeText, 'base64')); | ||
| const keyNodeText = this.doc.getElementsByTagNameNS( | ||
| 'urn:org:ebics:H004', | ||
| 'TransactionKey', | ||
| )[0].textContent; | ||
| return Crypto.privateDecrypt( | ||
| this.keys.e(), | ||
| Buffer.from(keyNodeText, 'base64'), | ||
| ); | ||
| }, | ||
@@ -65,3 +86,6 @@ | ||
| const select = xpath.useNamespaces({ xmlns: 'urn:org:ebics:H004' }); | ||
| const node = select('//xmlns:header/xmlns:static/xmlns:TransactionID', this.doc); | ||
| const node = select( | ||
| '//xmlns:header/xmlns:static/xmlns:TransactionID', | ||
| this.doc, | ||
| ); | ||
@@ -73,3 +97,6 @@ return node.length ? node[0].textContent : ''; | ||
| const select = xpath.useNamespaces({ xmlns: 'urn:org:ebics:H004' }); | ||
| const node = select('.//xmlns:header/xmlns:mutable/xmlns:OrderID', this.doc); | ||
| const node = select( | ||
| './/xmlns:header/xmlns:mutable/xmlns:OrderID', | ||
| this.doc, | ||
| ); | ||
@@ -100,3 +127,6 @@ return node.length ? node[0].textContent : ''; | ||
| const select = xpath.useNamespaces({ xmlns: 'urn:org:ebics:H004' }); | ||
| const node = select('//xmlns:header/xmlns:mutable/xmlns:ReturnCode', this.doc); | ||
| const node = select( | ||
| '//xmlns:header/xmlns:mutable/xmlns:ReturnCode', | ||
| this.doc, | ||
| ); | ||
@@ -108,3 +138,6 @@ return node.length ? node[0].textContent : ''; | ||
| const select = xpath.useNamespaces({ xmlns: 'urn:org:ebics:H004' }); | ||
| const node = select('//xmlns:header/xmlns:mutable/xmlns:ReportText', this.doc); | ||
| const node = select( | ||
| '//xmlns:header/xmlns:mutable/xmlns:ReportText', | ||
| this.doc, | ||
| ); | ||
@@ -135,4 +168,10 @@ return node.length ? node[0].textContent : ''; | ||
| const type = lastChild(keyNodes[i].parentNode).textContent; | ||
| const modulus = xpath.select(".//*[local-name(.)='Modulus']", keyNodes[i])[0].textContent; | ||
| const exponent = xpath.select(".//*[local-name(.)='Exponent']", keyNodes[i])[0].textContent; | ||
| const modulus = xpath.select( | ||
| ".//*[local-name(.)='Modulus']", | ||
| keyNodes[i], | ||
| )[0].textContent; | ||
| const exponent = xpath.select( | ||
| ".//*[local-name(.)='Exponent']", | ||
| keyNodes[i], | ||
| )[0].textContent; | ||
@@ -139,0 +178,0 @@ const mod = Buffer.from(modulus, 'base64'); |
@@ -1,2 +0,1 @@ | ||
| 'use strict'; | ||
@@ -7,5 +6,5 @@ | ||
| const { DOMParser, XMLSerializer } = require('xmldom'); | ||
| const { DOMParser, XMLSerializer } = require('@xmldom/xmldom'); | ||
| const xpath = require('xpath'); | ||
| const C14n = require('xml-crypto/lib/c14n-canonicalization').C14nCanonicalization; | ||
| const C14n = require('xml-crypto/lib/c14n-canonicalization').C14nCanonicalization; | ||
@@ -17,10 +16,17 @@ const digest = (doc) => { | ||
| // canonicalize the node that has authenticate='true' attribute | ||
| const contentToDigest = xpath.select("//*[@authenticate='true']", doc) | ||
| .map(x => new C14n().process(x)).join(''); | ||
| const contentToDigest = xpath | ||
| .select("//*[@authenticate='true']", doc) | ||
| .map(x => new C14n().process(x)) | ||
| .join(''); | ||
| // fix the canonicalization | ||
| const fixedContent = contentToDigest.replace(/xmlns="urn:org:ebics:H004"/g, 'xmlns="urn:org:ebics:H004" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"'); | ||
| const fixedContent = contentToDigest.replace( | ||
| /xmlns="urn:org:ebics:H004"/g, | ||
| 'xmlns="urn:org:ebics:H004" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"', | ||
| ); | ||
| if (nodeDigestValue) | ||
| nodeDigestValue.textContent = Crypto.digestWithHash(fixedContent).toString('base64').trim(); | ||
| nodeDigestValue.textContent = Crypto.digestWithHash(fixedContent) | ||
| .toString('base64') | ||
| .trim(); | ||
@@ -34,4 +40,11 @@ return doc; | ||
| if (nodeSignatureValue) { | ||
| const select = xpath.useNamespaces({ ds: 'http://www.w3.org/2000/09/xmldsig#' }); | ||
| const contentToSign = (new C14n().process(select('//ds:SignedInfo', doc)[0])).replace('xmlns:ds="http://www.w3.org/2000/09/xmldsig#"', 'xmlns="urn:org:ebics:H004" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"'); | ||
| const select = xpath.useNamespaces({ | ||
| ds: 'http://www.w3.org/2000/09/xmldsig#', | ||
| }); | ||
| const contentToSign = new C14n() | ||
| .process(select('//ds:SignedInfo', doc)[0]) | ||
| .replace( | ||
| 'xmlns:ds="http://www.w3.org/2000/09/xmldsig#"', | ||
| 'xmlns="urn:org:ebics:H004" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"', | ||
| ); | ||
@@ -38,0 +51,0 @@ nodeSignatureValue.textContent = Crypto.privateSign(key, contentToSign); // this.keys.x().key.sign(contentToSign, 'base64'); |
| { | ||
| "name": "ebics-client", | ||
| "version": "0.3.0", | ||
| "version": "4.0.0", | ||
| "description": "Node.js ISO 20022 Compliant EBICS Client", | ||
| "license": "MIT", | ||
| "main": "index.js", | ||
@@ -61,23 +60,24 @@ "files": [ | ||
| ], | ||
| "license": "GPL-3.0-only", | ||
| "dependencies": { | ||
| "handlebars": "^4.7.7", | ||
| "js2xmlparser": "^4.0.1", | ||
| "node-forge": "^0.10.0", | ||
| "request": "^2.88.2", | ||
| "uuid": "^8.3.2", | ||
| "xml-crypto": "^2.1.1", | ||
| "xmldom": "^0.5.0", | ||
| "@xmldom/xmldom": "^0.8.10", | ||
| "handlebars": "^4.7.8", | ||
| "js2xmlparser": "^5.0.0", | ||
| "node-forge": "^1.3.1", | ||
| "rock-req": "^5.1.3", | ||
| "uuid": "^9.0.1", | ||
| "xml-crypto": "^4.0.1", | ||
| "xpath": "0.0.32" | ||
| }, | ||
| "devDependencies": { | ||
| "auto-changelog": "^1.16.2", | ||
| "chai": "^4.3.4", | ||
| "coveralls": "^3.1.0", | ||
| "auto-changelog": "^2.4.0", | ||
| "chai": "^4.3.10", | ||
| "coveralls": "^3.1.1", | ||
| "eslint": "^6.7.2", | ||
| "eslint-config-ecollect-base": "^0.1.2", | ||
| "eslint-plugin-import": "^2.18.2", | ||
| "libxmljs": "^0.19.7", | ||
| "mocha": "^7.1.2", | ||
| "eslint-plugin-import": "^2.28.1", | ||
| "libxmljs": "^1.0.10", | ||
| "mocha": "^10.2.0", | ||
| "nyc": "^15.1.0" | ||
| } | ||
| } |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Copyleft License
License(Experimental) Copyleft license information was found.
Found 1 instance in 1 package
Mixed license
License(Experimental) Package contains multiple licenses.
Found 1 instance in 1 package
Non-permissive License
License(Experimental) A license not known to be considered permissive was found.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
No v1
QualityPackage is not semver >=1. This means it is not stable and does not support ^ ranges.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.44%
81016
- Lines of code
- increased by3.93%
2062
- Number of low quality alerts
- decreased by-50%
1
Worsened metrics
- Number of low license alerts
- increased byInfinity%
3
- License quality
- decreased by-30%
70
Dependency changes
+ Added@xmldom/xmldom@^0.8.10
+ Addedrock-req@^5.1.3
+ Added@xmldom/xmldom@0.8.10(transitive)
+ Addedjs2xmlparser@5.0.0(transitive)
+ Addednode-forge@1.3.1(transitive)
+ Addedrock-req@5.1.3(transitive)
+ Addeduuid@9.0.1(transitive)
+ Addedxml-crypto@4.1.0(transitive)
+ Addedxpath@0.0.33(transitive)
- Removedrequest@^2.88.2
- Removedxmldom@^0.5.0
- Removed@xmldom/xmldom@0.7.13(transitive)
- Removedajv@6.12.6(transitive)
- Removedasn1@0.2.6(transitive)
- Removedassert-plus@1.0.0(transitive)
- Removedasynckit@0.4.0(transitive)
- Removedaws-sign2@0.7.0(transitive)
- Removedaws4@1.13.2(transitive)
- Removedbcrypt-pbkdf@1.0.2(transitive)
- Removedcaseless@0.12.0(transitive)
- Removedcombined-stream@1.0.8(transitive)
- Removedcore-util-is@1.0.2(transitive)
- Removeddashdash@1.14.1(transitive)
- Removeddelayed-stream@1.0.0(transitive)
- Removedecc-jsbn@0.1.2(transitive)
- Removedextend@3.0.2(transitive)
- Removedextsprintf@1.3.0(transitive)
- Removedfast-deep-equal@3.1.3(transitive)
- Removedfast-json-stable-stringify@2.1.0(transitive)
- Removedforever-agent@0.6.1(transitive)
- Removedform-data@2.3.3(transitive)
- Removedgetpass@0.1.7(transitive)
- Removedhar-schema@2.0.0(transitive)
- Removedhar-validator@5.1.5(transitive)
- Removedhttp-signature@1.2.0(transitive)
- Removedis-typedarray@1.0.0(transitive)
- Removedisstream@0.1.2(transitive)
- Removedjs2xmlparser@4.0.2(transitive)
- Removedjsbn@0.1.1(transitive)
- Removedjson-schema@0.4.0(transitive)
- Removedjson-schema-traverse@0.4.1(transitive)
- Removedjson-stringify-safe@5.0.1(transitive)
- Removedjsprim@1.4.2(transitive)
- Removedmime-db@1.52.0(transitive)
- Removedmime-types@2.1.35(transitive)
- Removednode-forge@0.10.0(transitive)
- Removedoauth-sign@0.9.0(transitive)
- Removedperformance-now@2.1.0(transitive)
- Removedpsl@1.10.0(transitive)
- Removedpunycode@2.3.1(transitive)
- Removedqs@6.5.3(transitive)
- Removedrequest@2.88.2(transitive)
- Removedsafe-buffer@5.2.1(transitive)
- Removedsafer-buffer@2.1.2(transitive)
- Removedsshpk@1.18.0(transitive)
- Removedtough-cookie@2.5.0(transitive)
- Removedtunnel-agent@0.6.0(transitive)
- Removedtweetnacl@0.14.5(transitive)
- Removeduri-js@4.4.1(transitive)
- Removeduuid@3.4.08.3.2(transitive)
- Removedverror@1.10.0(transitive)
- Removedxml-crypto@2.1.5(transitive)
- Removedxmldom@0.5.0(transitive)
Updatedhandlebars@^4.7.8
Updatedjs2xmlparser@^5.0.0
Updatednode-forge@^1.3.1
Updateduuid@^9.0.1
Updatedxml-crypto@^4.0.1