mirror of
https://github.com/brain-tec/account_ebics.git
synced 2024-12-25 19:01:44 +00:00
[13.0][IMP]SWIFT 3SKey support (#18)
This commit is contained in:
parent
967a2927a7
commit
b5ba6fc6bd
@ -24,6 +24,7 @@ Remark:
|
||||
|
||||
The EBICS 'Test Mode' for uploading orders requires Fintech 4.3.4 or higher.
|
||||
|
||||
SWIFT 3SKey support requires Fintech 6.4 or higher.
|
||||
|
|
||||
|
||||
We also recommend to consider the installation of the following modules:
|
||||
@ -136,5 +137,5 @@ You can also find this information in the doc folder of this module (file EBICS_
|
||||
Known Issues / Roadmap
|
||||
======================
|
||||
|
||||
- add support for 3SKEY signed transactions
|
||||
- add support for EBICS 3.0
|
||||
- add support to import externally generated keys & certificates (currently only 3SKey signature certificate)
|
||||
|
@ -3,7 +3,7 @@
|
||||
|
||||
{
|
||||
'name': 'EBICS banking protocol',
|
||||
'version': '13.0.1.1.4',
|
||||
'version': '13.0.1.2.0',
|
||||
'license': 'LGPL-3',
|
||||
'author': 'Noviat',
|
||||
'website': 'www.noviat.com',
|
||||
|
@ -93,6 +93,14 @@ class EbicsUserID(models.Model):
|
||||
help="EBICS Public Bank Keys to be checked for consistency.")
|
||||
ebics_public_bank_keys_fn = fields.Char(
|
||||
string='EBICS Public Bank Keys Filename', readonly=True)
|
||||
swift_3skey = fields.Boolean(
|
||||
string='Enable 3SKey support',
|
||||
help="Transactions for this user will be signed "
|
||||
"by means of the SWIFT 3SKey token.")
|
||||
swift_3skey_certificate = fields.Binary(
|
||||
string='3SKey Certficate')
|
||||
swift_3skey_certificate_fn = fields.Char(
|
||||
string='EBICS Public Bank Keys Filename')
|
||||
# X.509 Distinguished Name attributes used to
|
||||
# create self-signed X.509 certificates
|
||||
ebics_key_x509 = fields.Boolean(
|
||||
@ -168,6 +176,16 @@ class EbicsUserID(models.Model):
|
||||
raise UserError(_(
|
||||
"The passphrase must be at least 8 characters long"))
|
||||
|
||||
@api.onchange('signature_class')
|
||||
def _onchange_signature_class(self):
|
||||
if self.signature_class == 'T':
|
||||
self.swift_3skey = False
|
||||
|
||||
@api.onchange('swift_3skey')
|
||||
def _onchange_swift_3skey(self):
|
||||
if self.swift_3skey:
|
||||
self.ebics_key_x509 = True
|
||||
|
||||
def set_to_draft(self):
|
||||
return self.write({'state': 'draft'})
|
||||
|
||||
@ -192,6 +210,10 @@ class EbicsUserID(models.Model):
|
||||
raise UserError(
|
||||
_("Set a passphrase."))
|
||||
|
||||
if not self.swift_3skey and not self.swift_3skey_certificate:
|
||||
raise UserError(
|
||||
_("3SKey certificate missing."))
|
||||
|
||||
ebics_version = self.ebics_config_id.ebics_version
|
||||
try:
|
||||
keyring = EbicsKeyRing(
|
||||
@ -214,6 +236,14 @@ class EbicsUserID(models.Model):
|
||||
self.ebics_config_id._check_ebics_keys()
|
||||
if not os.path.isfile(self.ebics_keys_fn):
|
||||
try:
|
||||
# TODO:
|
||||
# enable import of all type of certicates: A00x, X002, E002
|
||||
if self.swift_3skey:
|
||||
kwargs = {
|
||||
self.ebics_config_id.ebics_key_version:
|
||||
base64.decodestring(self.swift_3skey_certificate),
|
||||
}
|
||||
user.import_certificates(**kwargs)
|
||||
user.create_keys(
|
||||
keyversion=self.ebics_config_id.ebics_key_version,
|
||||
bitlength=self.ebics_config_id.ebics_key_bitlength)
|
||||
@ -223,6 +253,11 @@ class EbicsUserID(models.Model):
|
||||
error += '\n' + str(exctype) + '\n' + str(value)
|
||||
raise UserError(error)
|
||||
|
||||
if self.swift_3skey and not self.ebics_key_x509:
|
||||
raise UserError(_(
|
||||
"The current version of this module "
|
||||
"requires to X509 support when enabling 3SKey"))
|
||||
|
||||
if self.ebics_key_x509:
|
||||
dn_attrs = {
|
||||
'commonName': self.ebics_key_x509_dn_cn,
|
||||
|
@ -358,9 +358,8 @@ ul.auto-toc {
|
||||
</ul>
|
||||
<p>Remark:</p>
|
||||
<p>The EBICS 'Test Mode' for uploading orders requires Fintech 4.3.4 or higher.</p>
|
||||
<div class="line-block">
|
||||
<div class="line"><br /></div>
|
||||
</div>
|
||||
<p>SWIFT 3SKey support requires Fintech 6.4 or higher.
|
||||
|</p>
|
||||
<p>We also recommend to consider the installation of the following modules:</p>
|
||||
<div class="line-block">
|
||||
<div class="line"><br /></div>
|
||||
@ -472,8 +471,8 @@ You can also find this information in the doc folder of this module (file EBICS_
|
||||
<div class="section" id="known-issues-roadmap">
|
||||
<h2>Known Issues / Roadmap</h2>
|
||||
<ul class="simple">
|
||||
<li>add support for 3SKEY signed transactions</li>
|
||||
<li>add support for EBICS 3.0</li>
|
||||
<li>add support to import externally generated keys & certificates (currently only 3SKey signature certificate)</li>
|
||||
</ul>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -38,13 +38,18 @@
|
||||
help="Use this button to bypass the EBICS initialization (e.g. in case you have manually transferred active EBICS keys from another system."/>
|
||||
<field name="state" widget="statusbar"/>
|
||||
</header>
|
||||
<group name="main">
|
||||
<group name="main" attrs="{'readonly': [('state', '!=', 'draft')]}">
|
||||
<field name="ebics_keys_found" invisible="1"/>
|
||||
<field name="ebics_keys_fn" invisible="1"/>
|
||||
<group name="main-left">
|
||||
<field name="name"/>
|
||||
<field name="ebics_passphrase" password="True"
|
||||
attrs="{'required': [('state', '=', 'draft')]}"/>
|
||||
<field name="swift_3skey"
|
||||
attrs="{'invisible': [('signature_class', '=', 'T')]}"/>
|
||||
<field name="swift_3skey_certificate_fn" invisible="1"/>
|
||||
<field name="swift_3skey_certificate" filename="swift_3skey_certificate_fn"
|
||||
attrs="{'invisible': [('swift_3skey', '=', False)], 'required': [('swift_3skey', '=', True)]}"/>
|
||||
<field name="active"/>
|
||||
</group>
|
||||
<group name="main-right">
|
||||
@ -53,7 +58,7 @@
|
||||
<field name="ebics_key_x509"/>
|
||||
</group>
|
||||
</group>
|
||||
<group col="4" name="dn" attrs="{'invisible': [('ebics_key_x509', '=', False)]}">
|
||||
<group col="4" name="dn" attrs="{'invisible': [('ebics_key_x509', '=', False)], 'readonly': [('state', '!=', 'draft')]}">
|
||||
<group colspan="4" col="1">
|
||||
<strong>Distinguished Name attributes used to create self-signed X.509 certificates:</strong>
|
||||
</group>
|
||||
|
Loading…
Reference in New Issue
Block a user