mirror of
https://github.com/we-promise/sure.git
synced 2026-06-05 18:59:04 +00:00
fe47c918bb
Decoupled/MFA banks (e.g. VR Bank in Holstein) were hard-blocked because the authorize flow aborted whenever auth_methods[0] was DECOUPLED. Enable Banking's hosted /auth page actually coordinates decoupled SCA and redirects back with a code, so route these banks through it instead: - Provider#start_authorization accepts and forwards an auth_method param - EnableBankingItem#select_auth_method picks the best method (REDIRECT > DECOUPLED > EMBEDDED), filtering by psu_type and skipping hidden methods - Shared begin_authorization! re-fetches ASPSP metadata on each authorize and reauthorize, so the method is always re-derived (no persistence required) - Remove the DECOUPLED block in the controller Also stop the integration from constantly reporting "session expired": - Only a session-level GET /sessions 401/404 flips the connection to requires_update; per-account 401/404 are retried and no longer kill the whole connection - Reconcile session_expires_at from the API's access.valid_until on every sync - Treat an expired session as a graceful requires_update state instead of raising a bare error No schema changes. Adds covering tests.
108 lines
3.2 KiB
Ruby
108 lines
3.2 KiB
Ruby
require "test_helper"
|
|
require "ostruct"
|
|
require "openssl"
|
|
|
|
class Provider::EnableBankingTest < ActiveSupport::TestCase
|
|
setup do
|
|
key = OpenSSL::PKey::RSA.new(2048)
|
|
@provider = Provider::EnableBanking.new(application_id: "test_app_id", client_certificate: key.to_pem)
|
|
end
|
|
|
|
test "get_account_transactions retries with corrected date_from from WRONG_TRANSACTIONS_PERIOD" do
|
|
requested_queries = []
|
|
|
|
validation_response = OpenStruct.new(
|
|
code: 422,
|
|
body: {
|
|
error: "WRONG_TRANSACTIONS_PERIOD",
|
|
detail: {
|
|
message: "Maximum days in the past allowed for transaction list is 120",
|
|
date_from: "2026-01-17"
|
|
}
|
|
}.to_json
|
|
)
|
|
|
|
success_response = OpenStruct.new(
|
|
code: 200,
|
|
body: { transactions: [] }.to_json
|
|
)
|
|
|
|
Provider::EnableBanking.expects(:get).twice.with do |_url, options|
|
|
requested_queries << options[:query].dup
|
|
true
|
|
end.returns(validation_response, success_response)
|
|
|
|
result = @provider.get_account_transactions(
|
|
account_id: "acct_123",
|
|
date_from: Date.new(2025, 12, 1),
|
|
transaction_status: "BOOK"
|
|
)
|
|
|
|
assert_equal [], result[:transactions]
|
|
assert_equal "2025-12-01", requested_queries.first[:date_from]
|
|
assert_equal "2026-01-17", requested_queries.second[:date_from]
|
|
end
|
|
|
|
test "validation errors expose parsed response data" do
|
|
response = OpenStruct.new(
|
|
code: 422,
|
|
body: {
|
|
error: "WRONG_TRANSACTIONS_PERIOD",
|
|
detail: { date_from: "2026-01-17" }
|
|
}.to_json
|
|
)
|
|
|
|
error = assert_raises Provider::EnableBanking::EnableBankingError do
|
|
@provider.send(:handle_response, response)
|
|
end
|
|
|
|
assert_equal :validation_error, error.error_type
|
|
assert_equal "WRONG_TRANSACTIONS_PERIOD", error.response_data[:error]
|
|
assert_equal Date.new(2026, 1, 17), error.corrected_date_from
|
|
assert error.wrong_transactions_period?
|
|
end
|
|
|
|
test "start_authorization includes auth_method in the request body when provided" do
|
|
captured_body = nil
|
|
response = OpenStruct.new(
|
|
code: 200,
|
|
body: { url: "https://api.enablebanking.com/auth/abc", authorization_id: "auth_1" }.to_json
|
|
)
|
|
|
|
Provider::EnableBanking.expects(:post).with do |_url, options|
|
|
captured_body = JSON.parse(options[:body])
|
|
true
|
|
end.returns(response)
|
|
|
|
@provider.start_authorization(
|
|
aspsp_name: "VR Bank in Holstein",
|
|
aspsp_country: "DE",
|
|
redirect_url: "https://app.example.com/callback",
|
|
auth_method: "decoupled_app"
|
|
)
|
|
|
|
assert_equal "decoupled_app", captured_body["auth_method"]
|
|
end
|
|
|
|
test "start_authorization omits auth_method when not provided" do
|
|
captured_body = nil
|
|
response = OpenStruct.new(
|
|
code: 200,
|
|
body: { url: "https://api.enablebanking.com/auth/abc", authorization_id: "auth_1" }.to_json
|
|
)
|
|
|
|
Provider::EnableBanking.expects(:post).with do |_url, options|
|
|
captured_body = JSON.parse(options[:body])
|
|
true
|
|
end.returns(response)
|
|
|
|
@provider.start_authorization(
|
|
aspsp_name: "ING-DiBa AG",
|
|
aspsp_country: "DE",
|
|
redirect_url: "https://app.example.com/callback"
|
|
)
|
|
|
|
assert_not captured_body.key?("auth_method")
|
|
end
|
|
end
|