Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Hi developers!
Welcome to the bunq Python SDK! 👨💻
We're very happy to introduce yet another unique product: complete banking SDKs! Now you can build even bigger and better apps and integrate them with your bank of the free! 🌈
Before you dive into this brand new SDK, please consider:
Give us your feedback, create pull requests, build your very own bunq apps and most importantly: have fun! 💪
This SDK is in beta. We cannot guarantee constant availability or stability. Thanks to your feedback we will make improvements on it.
pip install bunq_sdk --upgrade
In order to start making calls with the bunq API, you must first register your API key and device, and create a session. In the SDKs, we group these actions and call it "creating an API context". The context can be created by using the following code snippet:
apiContext = ApiContext.create(ENVIRONMENT_TYPE, API_KEY, DEVICE_DESCRIPTION)
apiContext.save(API_CONTEXT_FILE_PATH)
Please note: initialising your application is a heavy task and it is recommended to do it only once per device.
apiContext = ApiContext.restore(self.API_CONTEXT_FILE_PATH)
BunqContext.loadApiContext(apiContext)
After saving the context, you can restore it at any time:
It is possible to create an ApiContext as PSD2 Service Provider. Although this might seem a complex task, we wrote some helper implementations to get you started. You need to create a certificate and private key to get you started. Our sandbox environment currently accepts all certificates, if these criteria are met:
Make sure you have your unique eIDAS certificate number and certificates ready when you want to perform these tasks on our production environment.
Creating a PSD2 context is very easy:
apiContext = ApiContext.create_for_psd2(ENVIRONMENT_TYPE, CERTIFICATE, PRIVATE_KEY, CERTIFICATE_CHAIN, DEVICE_DESCRIPTION)
The file storing the context details (i.e. bunq.conf
) is a key to your account. Anyone having
access to it is able to perform any Public API actions with your account. Therefore, we recommend
choosing a truly safe place to store it.
There is a class for each endpoint. Each class has functions for each supported action. These
actions can be create
, get
, update
, delete
and list
.
Sometimes API calls have dependencies, for instance MonetaryAccount
. Making changes to a monetary
account always also needs a reference to a User
. These dependencies are required as arguments when
performing API calls. Take a look at doc.bunq.com for the full
documentation.
Creating objects through the API requires an ApiContext
, a requestMap
and identifiers of all
dependencies (such as User ID required for accessing a Monetary Account). Optionally, custom headers
can be passed to requests.
payment_id = Payment.create(
amount=Amount(amount_string, self._CURRENCY_EURL),
counterparty_alias=Pointer(self._POINTER_TYPE_EMAIL, recipient),
description=description
)
Reading objects through the API requires an ApiContext
, identifiers of all dependencies (such as
User ID required for accessing a Monetary Account), and the identifier of the object to read (ID or
UUID) Optionally, custom headers can be passed to requests.
This type of calls always returns a model.
monetary_account = generated.MonetaryAccountBank.get(
_MONETARY_ACCOUNT_ITEM_ID
)
Updating objects through the API goes the same way as creating objects, except that also the object to update identifier (ID or UUID) is needed.
Card.update(
card_id=int(card_id),
monetary_account_current_id=int(account_id)
)
Deleting objects through the API requires an ApiContext
, identifiers of all dependencies (such as User ID required for
accessing a Monetary Account), and the identifier of the object to delete (ID or UUID) Optionally, custom headers can be
passed to requests.
Session.delete(self._SESSION_ID)
Listing objects through the API requires an ApiContext
and identifiers of all dependencies (such as User ID required
for accessing a Monetary Account). Optionally, custom headers can be passed to requests.
users = User.list(api_context)
To get an indication on how the SDK works you can use the python tinker which is located at https://github.com/bunq/tinker_python
Information regarding the test cases can be found in the README.md located in test.
The SDK can raise multiple exceptions. For an overview of these exceptions please take a look at EXCEPTIONS.md.
FAQs
bunq Python SDK
We found that bunq-sdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.