blob: d1fff070c82bc2847c14dfc103a5e4c9bf77bfd4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
|
#!/bin/bash
set -eu
# This script prepares the EBICS keys for one subscriber
# at the PostFinance test platform.
export LIBEUFIN_NEXUS_DB_CONNECTION="jdbc:sqlite:/tmp/postfinance-nexusdb.sqlite3"
NEXUS_USERNAME="netzbon-bridge"
NEXUS_PASSWORD="secret"
NEXUS_PORT="5001"
function exit_cleanup()
{
for n in `jobs -p`
do
kill $n 2> /dev/null || true
done
wait || true
}
trap "exit_cleanup" EXIT
echo "Creating the $NEXUS_USERNAME Nexus user..."
libeufin-nexus superuser $NEXUS_USERNAME --password $NEXUS_PASSWORD
echo "Launching Nexus on port $NEXUS_PORT..."
libeufin-nexus \
serve --ipv4-only \
--log-level debug \
--no-localhost-only \
--port $NEXUS_PORT > nexus-postfinance.log 2>&1 &
echo -n "Checking Nexus is serving..."
for i in `seq 1 10`; do
echo -n .
if test i = 10; then
echo Nexus is unreachable
exit 1
fi
if `curl "http://localhost:$NEXUS_PORT/" &> /dev/null`; then
break
fi
sleep 1
done
echo OK
export LIBEUFIN_NEXUS_URL="http://localhost:5001/"
export LIBEUFIN_NEXUS_USERNAME=$NEXUS_USERNAME
export LIBEUFIN_NEXUS_PASSWORD=$NEXUS_PASSWORD
# FIXME: make connection creation idempotent.
echo "Creating a EBICS connection at Nexus..."
libeufin-cli connections new-ebics-connection \
--ebics-url https://isotest.postfinance.ch/ebicsweb/ebicsweb \
--host-id PFEBICS \
--partner-id $EBICS_PARTNER_ID \
--ebics-user-id $EBICS_USER_ID \
--dialect pf \
postfinanceconn || true
# 1, send the keys (INI, HIA)
# NOTE: these keys will ONLY be considered if the user
# is in a NEW state, any previous uploaded keys should be reset.
echo "If that is the case, reset any previous keys via the bank Web UI. Press Enter to continue.. "
read -s
echo -n "Sending the new keys to the bank..."
libeufin-cli connections connect postfinanceconn
echo DONE
# 2, invite the user to unblock them in the Web UI
echo "Please enable the new client keys via the bank Web UI, then press Enter.. "
read -s
# 3, download the bank keys (HPB).
# That's achieved with another 'connect' action (#7880).
echo -n "Downloading the bank keys..."
libeufin-cli connections connect postfinanceconn
echo DONE
echo "Found the following bank keys:"
libeufin-cli connections show-connection postfinanceconn | jq -r '.details | "Auth: \(.bankAuthKeyHash)\nEnc: \(.bankEncKeyHash)"'
echo
echo "If any bank keys showed up, please check in the bank Web UI if they match."
echo "If they match, press Enter to continue, otherwise CTRL-C to end."
read -s
echo -n "Preparing the local keys bundle.."
libeufin-cli connections export-backup \
--passphrase secret \
--output-file /tmp/pofi.json \
postfinanceconn > /dev/null
echo DONE
|