my-flow / fintex Goto Github PK

Elixir-based client library for HBCI 2.2 and FinTS 3.0

License: Other

Elixir 100.00%

fintex's Introduction

FinTex

An Elixir-based client library for HBCI 2.2 and FinTS 3.0.

In 1995 German banks announced a common online banking standard called Homebanking Computer Interface (HBCI). In 2003 they published the next generation and named it Financial Transaction Services (FinTS). Today more than 2,000 German banks support HBCI/FinTS.

This client library supports both APIs, HBCI 2.2 and FinTS 3.0. It can be used to read the balance of a bank account, receive an account statement, and make a SEPA payment using PIN/TAN.

Installation

Include a dependency in your mix.exs:

deps: [
  {:fintex, "~> 0.3.0"}
]

To use FinTex modules, add use FinTex to the top of each module you plan on referencing FinTex from.

Usage

First and foremost you need bank-specific connection data of the bank you try to connect to (payment industry jargon: FinBanks). A full list of connection data can be obtained from the official DK website. Please keep in mind that these connection details are subject to change.

use FinTex
bank = %{
  blz: "12345678",            # 8 digits bank code
  url: "https://example.org", # URL of the bank server
  version: "300"              # API version
}

Ping

Some, but not all, banks support the “anonymous login” feature, so you can send a ping request:

FinTex.ping(bank)

Initialize the dialog

In order to authenticate , you need credentials to a real-life bank account (usually login and PIN). Note that repeated failed attempts to log in might cause the bank to block the bank account.

credentials = %{
  login: "username",
  pin: "secret"
}
f = FinTex.new(bank, credentials)
# %FinTex{bank: %FinTex.User.FinBank{blz: "12345678", url: "https://example.org", version: "300"}, client_system_id: "321", tan_scheme_sec_func: "999"}

Retrieve all bank accounts

Retrieve account-specific data, such as an account’s balance:

FinTex.accounts!(f, credentials) |> Enum.to_list # retrieve a list of bank accounts

Retrieve all transactions of a bank account

Request all transactions of one of the bank accounts:

FinTex.transactions!(f, credentials, account) |> Enum.to_list # retrieve a list of transactions

Make a SEPA credit transfer

A bank account contains a list of supported TAN schemes each of which can be used to make a SEPA credit transfer. Pick a sender bank account (see above), add the recipient’s bank account (IBAN/BIC) and define the details:

payment = %{
  sender_account: %{
    iban:  "DE89370400440532013000",
    bic:   "COBADEFFXXX",
    owner: "John Doe"
  },
  recipient_account: %{
    iban:  "FR1420041010050500013M02606",
    bic:   "ABNAFRPPXXX",
    owner: "Jane Doe"
  },
  amount: "1.00",
  currency: "EUR",
  purpose: "A new test payment",
  tan_scheme: %{
    sec_func: "921"
  }
}

FinTex.initiate_sepa_credit_transfer(f, credentials, payment)

Error handling

Most of the functions in this module return {:ok, result} in case of success, {:error, reason} otherwise. Those functions are also followed by a variant that ends with ! which takes the same arguments but which returns the result (without the {:ok, result} tuple) in case of success or raises an exception in case it fails.

SSL hostname verification & path validation

In order to prevent man-in-the-middle attacks it is recommended to enable hostname verification of the bank server’s SSL certificate. This security feature verifies that the server’s hostname matches the common name (CN) of the server’s SSL certificate. In addition the path validation feature checks the bank server’s SSL certificate against a list of trusted Certificate Authorities (CAs). Where this list is located depends on the local operating system, e.g. on Ubuntu a concatenated single-file list of certificates is available at /etc/ssl/certs/ca-certificates.crt. An example of how to set up both security features is included in config/config.exs.

Proxy Settings

Find sample configurations in config/config.exs that show how to set up proxy authentication and SOCKS5.

Documentation

API documentation is available at http://hexdocs.pm/fintex.

Specification

For exact information please refer to the German version of the specification. There is also an unauthorized English translation.

Copyright & License

Licensed under MIT, see LICENSE file.

fintex's People

Contributors

Stargazers

Watchers

Forkers

lowks stayhero linearregression railsmechanic ruby2elixir trundle namxam deadtrickster rmalecki emischorr ablu reimerei fourcube n0isiv tsrandrei

fintex's Issues

hex package is outdated

great work, thank you for sharing!

would you mind updating the hex package to master? cheers 👍

Use Fintex from within a Phonix app

Hi.

I'm not really familiar with Elixir yet, hence this is most likely not a fintex issue but rather a rookie mistake I'm making.

I wanted to use fintex from within a Phoenix application. I added fintex to mix.exs (as dependency and as an application): https://github.com/stayhero/fintex-sample-phoenix

However... starting the phoenix app, I get weird errors when trying to use fintex:

 iex -S mix phoenix.server

use FinTex; bank = %{blz: "30150200", url: "https://banking-rl2.s-fints-pt-rl.de/fints30", version: "300"}; creds = %{login: "testtesttest", pin: "11111"}; f = FinTex.new(bank, creds)

I get this:

** (FinTex.Error) {:error, {:badmatch, {:error, {%HTTPotion.HTTPError{message: "{:EXIT, {{:function_clause, [{:gen, :call, [#PID<0.437.0>, :\"$gen_call\", {:send_req, {{:url, 'https://banking-rl2.s-fints-pt-rl.de/fints30', 'banking-rl2.s-fints-pt-rl.de', 443, :undefined, :undefined, '/fints30', :https, :hostname}, [{'Content-Type', 'text/plain'}, {'Connection', 'keep-alive'}], :post, \"SE5IQks6MTozKzAwMDAwMDAwMDM4MSszMDArMCsxJ0hOVlNLOjk5ODozK1BJTjoxKzk5OCsxKzE6OjArMToyMDE2MDMyMDoxODM2MTMrMjoyOjEzOkA4QAAAAAAAAAAAOjU6MSsyODA6MzAxNTAyMDA6dGVzdHRlc3R0ZXN0OlY6MDowKzAnSE5WU0Q6OTk5OjErQDIxNkBITlNISzoyOjQrUElOOjErOTk5K0ZpblRleCsxKzErMTo6MCs0NDM1ODQ2MSsxOjIwMTYwMzIwOjE4MzYxMysxOjk5OToxKzY6MTA6MTYrMjgwOjMwMTUwMjAwOnRlc3R0ZXN0dGVzdDpTOjA6MCdIS0lETjozOjIrMjgwOjMwMTUwMjAwK3Rlc3R0ZXN0dGVzdCswKzEnSEtWVkI6NDozKzArMCsxK0ZpblRleCswLjIuMCdIS1NZTjo1OjMrMCdITlNIQTo2OjIrRmluVGV4KysxMTExMScnSE5IQlM6NzoxKzEn\", [stream_to: #PID<0.436.0>, ssl_options: []], nil}}, nil], [file: 'gen.erl', line: 149]}, {:gen_server, :call, 3, [file: 'gen_server.erl', line: 208]}, {:ibrowse_http_client, :send_req, 7, [file: 'src/ibrowse_http_client.erl', line: 112]}, {:ibrowse, :do_send_req, 7, [file: 'src/ibrowse.erl', line: 474]}, {:ibrowse, :try_routing_request, 14, [file: 'src/ibrowse.erl', line: 366]}, {HTTPotion, :request, 3, [file: 'lib/httpotion.ex', line: 209]}, {FinTex.Connection.HTTPClient, :send_request, 3, [file: 'lib/connection/http_client.ex', line: 55]}, {FinTex.Connection.HTTPClient, :init, 1, [file: 'lib/connection/http_client.ex', line: 17]}, {:gen_server, :init_it, 6, [file: 'gen_server.erl', line: 328]}, {:proc_lib, :init_p_do_apply, 3, [file: 'proc_lib.erl', line: 240]}]}, {:gen_server, :call, [#PID<0.437.0>, {:send_req, {{:url, 'https://banking-rl2.s-fints-pt-rl.de/fints30', 'banking-rl2.s-fints-pt-rl.de', 443, :undefined, :undefined, '/fints30', :https, :hostname}, [{'Content-Type', 'text/plain'}, {'Connection', 'keep-alive'}], :post, \"SE5IQks6MTozKzAwMDAwMDAwMDM4MSszMDArMCsxJ0hOVlNLOjk5ODozK1BJTjoxKzk5OCsxKzE6OjArMToyMDE2MDMyMDoxODM2MTMrMjoyOjEzOkA4QAAAAAAAAAAAOjU6MSsyODA6MzAxNTAyMDA6dGVzdHRlc3R0ZXN0OlY6MDowKzAnSE5WU0Q6OTk5OjErQDIxNkBITlNISzoyOjQrUElOOjErOTk5K0ZpblRleCsxKzErMTo6MCs0NDM1ODQ2MSsxOjIwMTYwMzIwOjE4MzYxMysxOjk5OToxKzY6MTA6MTYrMjgwOjMwMTUwMjAwOnRlc3R0ZXN0dGVzdDpTOjA6MCdIS0lETjozOjIrMjgwOjMwMTUwMjAwK3Rlc3R0ZXN0dGVzdCswKzEnSEtWVkI6NDozKzArMCsxK0ZpblRleCswLjIuMCdIS1NZTjo1OjMrMCdITlNIQTo2OjIrRmluVGV4KysxMTExMScnSE5IQlM6NzoxKzEn\", [stream_to: #PID<0.436.0>, ssl_options: []], nil}}, nil]}}}"}, [{HTTPotion, :handle_response, 1, [file: 'lib/httpotion.ex', line: 209]}, {FinTex.Connection.HTTPClient, :send_request, 3, [file: 'lib/connection/http_client.ex', line: 55]}, {FinTex.Connection.HTTPClient, :init, 1, [file: 'lib/connection/http_client.ex', line: 17]}, {:gen_server, :init_it, 6, [file: 'gen_server.erl', line: 328]}, {:proc_lib, :init_p_do_apply, 3, [file: 'proc_lib.erl', line: 240]}]}}}}
    (fintex) lib/command/sequencer.ex:83: FinTex.Command.Sequencer.call_http/3
    (fintex) lib/command/initialize.ex:34: FinTex.Command.Initialize.initialize_dialog/3
    (fintex) lib/fintex.ex:66: FinTex.new/3

Am I doing something stupid here? If I had to guess I would bet on a problem with ibrowse or some too old/new dependencies introduced by Phoenix?

Lastschriften

Hi there,

thanks for sharing this library! Do you have any plans to support "SEPA-Lastschriften"?
If not, do you think it would be difficult to implement this on my own?

SEPA-Sammelüberweisung

How difficult would it be to implenent "SEPA-Sammelüberweisung" (C.10.3.1 in FinTS_V3.0)? I'm wondering how I could get ~300 payments done, and want to get challenged for every one of them...

Or is FinTS the wrong tool and I should consider to use EBICS?

Transaction: Whitespace in purpose

To create a transaction from a statement, the purpose is set by joining the details, separated with " ". That gets some weird looking purpose lines, with spaces in the middle of a customer id for example. I just can't recognize if that space was part of the transaction data or just of the joining process.

I'd rather like to get the raw list of lines and join it as I need. Also, having all that SEPA-Identifiers like SVWZ+, I have to do some splitting anyway...