Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
fintecture-client
Advanced tools
Fintecture Open Banking API Gateway enabling secure bank connections and payments
Fintecture is a licensed and one-stop shop gateway to Open Banking.
Our APIs allow easy and secure access to bank account data and payment initiation. The account data accessible are account holder's personal information, account balances, transaction history and much more. The available payment methods depend on the banks implementation but typically are domestic transfers, SEPA credit transfer, instant SEPA credit transfer, fast payment scheme, and SWIFT international payments.
Fintecture APIs enable to connect to both Production and Sandbox environments of banks. Our Sandbox has the particularity of being connected to other banks' Sandbox. This will give you a flavour of what you can expect in production in terms of user experience and data sets.
npm install 'fintecture-client'
The SDK enables multiple use cases. Essentially, it runs down to whether you want / need to go through our bank selection module "Fintecture Connect" ( which is mandatory if you're not an Agent or a licensed TPP. )
This section is divided based on the following use cases:
Independantly of the use case, the first step is to create a developer account on the Fintecture Console and create an application to get your app_id, app_secret and private_key.
You are now ready to start coding. Next step is import the Fintecture Client library and instantiate the client object:
const { FintectureClient } = require('fintecture-client');
let client = new FintectureClient({
app_id: process.env.APP_ID,
app_secret: process.env.APP_SECRET,
private_key: process.env.APP_PRIV_KEY,
env: process.env.FINTECTURE_ENV,
});
To access the PSU's account information, you have to go through the following steps:
let options = {
'filter[ais]': 'accounts',
'filter[country]': 'FR',
'filter[psu_type]': 'retail',
'filter[auth_model]': 'redirect',
'sort[full_name]': 'asc',
};
let providers = await client.getProviders(options);
let providerAuth = await client.getRedirectAuthUrl(null, providerId, redirectUri, state);
windows.href.location = providerAuth.url;
let token = await client.getAccessToken(code);
let accounts = await client.getAccounts(accessToken, customerId);
let account = accounts.data[0].id;
let transactions = await client.getTransactions(accessToken, customerId, account);
Note that the code and customer_id are returned as query parameters when the PSU is redirected back to your environment.
let options = {
'filter[ais]': 'accounts',
'filter[country]': 'FR',
'filter[psu_type]': 'retail',
'filter[auth_model]': 'decoupled',
'sort[full_name]': 'asc',
};
let providers = await client.getProviders(options);
let providerAuth = await client.getDecoupledAuthUrl(null, providerId, psuId, psuIpAddress);
let pollingId = providerAuth.polling_id;
let customerId = null;
let code = null;
var loop = setInterval(function(){
let auth = await client.getDecoupledAuthStatus(null, providerId, pollingId);
if (auth.status != 'PENDING') {
customerId = auth.customer_id;
code = auth.code;
clearInterval(loop);
}
}, 2000);
let token = await client.getAccessToken(code);
let accounts = await client.getAccounts(accessToken, customerId);
let account = accounts.data[0].id;
let transactions = await client.getTransactions(accessToken, customerId, account);
Note that the code and customer_id are returned as query parameters when the PSU is redirected back to your environment.
To enable AIS using connect, simply redirect the PSU to the generated URL:
let config = {
redirect_uri: 'https://mysite.com/callback',
state: 'thisisastate',
psu_type: 'retail',
country: 'fr',
};
let connect = await client.getAisConnect(null, config);
window.href.location = connect.url;
On callback, exchange the code for an accesstoken, and use the accesstoken coupled with the customer_id to get your PSU AIS resources:
// save querystring parameters
const code = req.query.code;
const customerId = req.query.customer_id;
// get the Fintecture access token to request the AIS APIs
const token = await client.getAccessToken(code);
const accounts = await client.getAccounts(token.access_token, customerId);
The initiate a payment on behalf of a PSU, you have to go through the following steps:
let options = {
'filter[pis]': 'SEPA',
'filter[country]': 'FR',
'filter[psu_type]': 'retail',
'sort[full_name]': 'asc',
};
let providers = await client.getProviders(options);
let token = await client.getAccessToken();
let payment = {
data: {
type: 'PIS',
attributes: {
amount: '1',
currency: 'EUR',
communication: 'Thanks Mom!',
beneficiary: {
name: 'Bob Smith',
address: '8 road of somewhere, 80330 Lisboa',
country: 'ES',
iban: 'PT07BARC20325388680799',
swift_bic: 'DEUTPTFF',
},
},
},
};
let response = await client.paymentInitiate(accessToken, providerId, payment, redirectUri, state);
The initiate a payment on behalf of a PSU using Fintecture Connect, just do:
let connectConfig = {
amount: '125',
currency: 'EUR',
communication: 'Thanks mom!',
customer_full_name: 'Bob Smith',
customer_email: 'bob.smith@gmail.com',
customer_ip: '127.0.0.1',
state: 'somestate',
};
let token = await client.getAccessToken();
let connect = await client.getPisConnect(token.access_token, connectConfig);
window.href.location = connect.url;
// and at any time (ex: to validate a payment on callback)
let payment = await client.getPayments(token.access_token, connect.session_id);
console.log('PAYMENT STATUS:', payment.meta.status);
Description of Connect fields:
Pagination can occur on the transaction endpoint. When requesting the getTransaction() function, you will receive a $.links.next URL. In order to iterate on the pages, supply that URL in the paginationURL field within the getTransactions function:
let transactionsPages = [];
let transactions = await client.getTransactions(accessToken, customerId, accountId, headers);
transactionsPages.push(transactions);
while (transactions.links.next) {
transactions = await client.getTransactions(accessToken, customerId, accountId, headers, transactions.links.next);
transactionsPages.push(transactions);
}
Bug reports and pull requests are welcome on GitHub at https://github.com/Fintecture/fintecture-sdk-javascript. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the Contributor Covenant code of conduct.
The library is available as open source under the terms of the GPL-3.0 License.
Everyone interacting in the Fintecture project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the code of conduct.
[2.5.0] - 2024-11-12
FAQs
Fintecture Open Banking API Gateway enabling secure bank connections and payments
The npm package fintecture-client receives a total of 324 weekly downloads. As such, fintecture-client popularity was classified as not popular.
We found that fintecture-client demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.