X-Git-Url: http://dolda2000.com/gitweb/?a=blobdiff_plain;f=fulbank%2Ffsb.py;h=166b5f536c68aab46a37b0268fb015a75e68e379;hb=04ce2557a4ab1447a3e17b541afb15cb83ce8854;hp=8f6280c0e3237bc1cadba287751db7f18afaf94a;hpb=db4731c69885dab2d880a60b538e6909c5c40641;p=fulbank.git

diff --git a/fulbank/fsb.py b/fulbank/fsb.py
index 8f6280c..166b5f5 100644
--- a/fulbank/fsb.py
+++ b/fulbank/fsb.py
@@ -1,4 +1,5 @@
-import json, http.cookiejar, binascii, time, datetime, pickle, urllib.error
+import json, http.cookiejar, binascii, time, datetime, pickle, urllib.error, io
+from PIL import Image
 from urllib import request, parse
 from bs4 import BeautifulSoup as soup
 from . import currency, auth, data
@@ -227,6 +228,46 @@ class session(object):
         rolesw = linkurl(resolve(prof["banks"][0], ("privateProfile", "links", "next", "uri")))
         self._jreq(rolesw, method="POST")
 
+    def auth_token(self, user, conv=None):
+        if conv is None:
+            conv = auth.default()
+        try:
+            data = self._jreq("v5/identification/securitytoken/challenge", data = {
+                "userId": user,
+                "useEasyLogin": "false",
+                "generateEasyLoginId": "false"})
+        except jsonerror as e:
+            if e.code == 400:
+                flds = resolve(e.data, ("errorMessages", "fields"), False)
+                if isinstance(flds, list):
+                    for fld in flds:
+                        if resolve(fld, ("field",), None) == "userId":
+                            raise autherror(fld["message"])
+            raise
+        if data.get("useOneTimePassword"):
+            raise fmterror("unexpectedly found useOneTimePassword")
+        if data.get("challenge") != "":
+            raise fmterror("unexpected challenge: " + str(data.get("challenge")))
+        if not isinstance(data.get("imageChallenge"), dict) or resolve(data, ("imageChallenge", "method")) != "GET":
+            raise fmterror("invalid image challenge: " + str(data.get("imageChallenge")))
+        iurl = linkurl(resolve(data, ("imageChallenge", "uri")))
+        vfy = linkurl(resolve(data, ("links", "next", "uri")))
+        img = Image.open(io.BytesIO(self._req(iurl)))
+        conv.image(img)
+        response = conv.prompt("Token response: ", True)
+        try:
+            data = self._jreq(vfy, data={"response": response})
+        except jsonerror as e:
+            msgs = resolve(e.data, ("errorMessages", "general"), False)
+            if isinstance(msgs, list):
+                for msg in msgs:
+                    if msg.get("message"):
+                        raise autherror(msg.get("message"))
+            raise
+        if not data.get("authenticationRole", ""):
+            raise fmterror("authentication appears to have succeded, but there is no authenticationRole: " + str(data))
+        self._postlogin()
+
     def auth_bankid(self, user, conv=None):
         if conv is None:
             conv = auth.default()
@@ -271,11 +312,12 @@ class session(object):
     @property
     def accounts(self):
         if self._accounts is None:
-            data = self._jreq("v5/engagement/overview")
+            txndata = self._jreq("v5/engagement/overview")
+            crddata = self._jreq("v5/card/creditcard")
             accounts = []
-            for acct in resolve(data, ("transactionAccounts",)):
+            for acct in resolve(txndata, ("transactionAccounts",)):
                 accounts.append(txnaccount(self, resolve(acct, ("id",)), acct))
-            for acct in resolve(data, ("cardAccounts",)):
+            for acct in resolve(crddata, ("cardAccounts",)):
                 accounts.append(cardaccount(self, resolve(acct, ("id",)), acct))
             self._accounts = accounts
         return self._accounts