Initial commit

Author: dstotijn

README.md

@@ -0,0 +1,3 @@
+# go-bunq
+
+A Go wrapper for working with the [public bunq API](https://www.bunq.com/en/api).

bunq.go

@@ -0,0 +1,47 @@
+package bunq
+
+import (
+	"crypto/rsa"
+	"net/http"
+	"time"
+
+	"github.com/satori/go.uuid"
+)
+
+const (
+	baseURL         = "https://api.bunq.com"
+	apiVersion      = "v1"
+	clientVersion   = "1.0.0"
+	userAgent       = "go-bunq/" + clientVersion
+	timestampLayout = "2006-01-02 15:04:05.000000"
+)
+
+// Client is the API client for the public bunq API.
+type Client struct {
+	HTTPClient *http.Client
+	BaseURL    string
+	APIKey     string
+	Token      string
+	PrivateKey *rsa.PrivateKey
+}
+
+// NewClient returns a new Client.
+func NewClient() *Client {
+	return &Client{
+		HTTPClient: http.DefaultClient,
+		BaseURL:    baseURL,
+	}
+}
+
+func setCommonHeaders(r *http.Request) {
+	r.Header.Set("Cache-Control", "no-cache")
+	r.Header.Set("User-Agent", userAgent)
+	r.Header.Set("X-Bunq-Client-Request-Id", uuid.NewV4().String())
+	r.Header.Set("X-Bunq-Geolocation", "0 0 0 0 NL")
+	r.Header.Set("X-Bunq-Language", "en_US")
+	r.Header.Set("X-Bunq-Region", "en_US")
+}
+
+func parseTimestamp(value string) (time.Time, error) {
+	return time.Parse(timestampLayout, value)
+}

crypto.go

@@ -0,0 +1,108 @@
+package bunq
+
+import (
+	"crypto"
+	"crypto/rand"
+	"crypto/rsa"
+	"crypto/sha256"
+	"crypto/x509"
+	"encoding/base64"
+	"encoding/pem"
+	"errors"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"net/http"
+	"sort"
+)
+
+type header struct {
+	Key   string
+	Value string
+}
+
+// byKey implements sort.Interface for []header based on the key field.
+type byKey []header
+
+func (k byKey) Len() int           { return len(k) }
+func (k byKey) Swap(i, j int)      { k[i], k[j] = k[j], k[i] }
+func (k byKey) Less(i, j int) bool { return k[i].Key < k[j].Key }
+
+func (c *Client) addSignature(req *http.Request, endpoint, body string) error {
+	if c.PrivateKey == nil {
+		return errors.New("bunq: private key cannot be nil")
+	}
+	var headers []header
+	for key, val := range req.Header {
+		for j := range val {
+			headers = append(headers, header{
+				Key:   key,
+				Value: val[j],
+			})
+		}
+	}
+	sort.Sort(byKey(headers))
+
+	message := endpoint + "\n"
+	for i := range headers {
+		if string([]byte(headers[i].Key)[:7]) == "X-Bunq-" || headers[i].Key == "User-Agent" || headers[i].Key == "Cache-Control" {
+			message += headers[i].Key + ": " + headers[i].Value + "\n"
+		}
+	}
+	message += "\n" + body
+
+	h := sha256.New()
+	_, err := h.Write([]byte(message))
+	if err != nil {
+		return err
+	}
+
+	signature, err := rsa.SignPKCS1v15(rand.Reader, c.PrivateKey, crypto.SHA256, h.Sum(nil))
+	if err != nil {
+		return err
+	}
+
+	req.Header.Set("X-Bunq-Client-Signature", base64.StdEncoding.EncodeToString(signature))
+
+	return nil
+}
+
+// SetPrivateKey reads and parses private key data into a private key.
+func (c *Client) SetPrivateKey(r io.Reader) error {
+	pemData, err := ioutil.ReadAll(r)
+	if err != nil {
+		return fmt.Errorf("bunq: error reading PEM data: %v", err)
+	}
+
+	pemBlock, _ := pem.Decode(pemData)
+	if pemBlock == nil {
+		return errors.New("bunq: no PEM block found in data")
+	}
+	if pemBlock.Type != "RSA PRIVATE KEY" {
+		return errors.New("bunq: invalid key type found, expected `RSA PRIVATE KEY`")
+	}
+	privKey, err := x509.ParsePKCS1PrivateKey(pemBlock.Bytes)
+	if err != nil {
+		return fmt.Errorf("bunq: error parsing PEM block into private key")
+	}
+	c.PrivateKey = privKey
+
+	return nil
+}
+
+func (c *Client) publicKey() ([]byte, error) {
+	if c.PrivateKey == nil {
+		return nil, errors.New("private key cannot be nil")
+	}
+	pubKeyDer, err := x509.MarshalPKIXPublicKey(c.PrivateKey.Public())
+	if err != nil {
+		return nil, fmt.Errorf("error serializing public key to DER-encoded PKIX format: %v", err)
+	}
+	pubKeyPemBlock := pem.Block{
+		Type:    "PUBLIC KEY",
+		Headers: nil,
+		Bytes:   pubKeyDer,
+	}
+
+	return pem.EncodeToMemory(&pubKeyPemBlock), nil
+}

device_server.go

@@ -0,0 +1,110 @@
+package bunq
+
+import (
+	"bytes"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"net"
+	"net/http"
+	"time"
+)
+
+type deviceServerResponse struct {
+	Response []struct {
+		ID *struct {
+			ID int `json:"id"`
+		} `json:"Id,omitempty"`
+		DeviceServer *struct {
+			ID          int    `json:"id"`
+			Created     string `json:"created"`
+			Updated     string `json:"updated"`
+			Description string `json:"description"`
+			IP          string `json:"ip"`
+			Status      string `json:"status"`
+		} `json:"DeviceServer,omitempty"`
+	} `json:"Response"`
+}
+
+// A DeviceServer represents a DeviceServe at the bunq API.
+type DeviceServer struct {
+	ID          int
+	CreatedAt   time.Time
+	UpdatedAt   time.Time
+	Description string
+	IP          net.IP
+	Status      string
+}
+
+// CreateDeviceServer creates a DeviceServer resource at the bunq API.
+func (c *Client) CreateDeviceServer(description string, permittedIPs []net.IP) (*DeviceServer, error) {
+	var ips []string
+	for i := range permittedIPs {
+		ips = append(ips, permittedIPs[i].String())
+	}
+	body := struct {
+		Description  string   `json:"description"`
+		Secret       string   `json:"secret"`
+		PermittedIPs []string `json:"permitted_ips,omitempty"`
+	}{description, c.APIKey, ips}
+
+	bodyJSON, err := json.Marshal(body)
+	if err != nil {
+		return nil, fmt.Errorf("bunq: could not encode request body into JSON: %v", err)
+	}
+
+	endpoint := apiVersion + "/device-server"
+	req, err := http.NewRequest("POST", fmt.Sprintf("%v/%v", c.BaseURL, endpoint), bytes.NewReader(bodyJSON))
+	if err != nil {
+		return nil, fmt.Errorf("bunq: could not create new request: %v", err)
+	}
+	setCommonHeaders(req)
+	req.Header.Set("X-Bunq-Client-Authentication", c.Token)
+	if err = c.addSignature(req, "POST /"+endpoint, string(bodyJSON)); err != nil {
+		return nil, fmt.Errorf("bunq: could not add signature: %v", err)
+	}
+
+	resp, err := c.HTTPClient.Do(req)
+	if err != nil {
+		return nil, fmt.Errorf("bunq: could not send HTTP request: %v", err)
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode != http.StatusOK {
+		return nil, fmt.Errorf("bunq: request was unsuccessful: %v", decodeError(resp.Body))
+	}
+
+	var apiResp deviceServerResponse
+	if err := json.NewDecoder(resp.Body).Decode(&apiResp); err != nil {
+		return nil, fmt.Errorf("bunq: could not decode HTTP response: %v", err)
+	}
+
+	if len(apiResp.Response) == 0 {
+		return nil, errors.New("bunq: api response did not contain results")
+	}
+
+	deviceServer := &DeviceServer{}
+	for i := range apiResp.Response {
+		if apiResp.Response[i].ID != nil {
+			deviceServer.ID = apiResp.Response[i].ID.ID
+			continue
+		}
+		if apiResp.Response[i].DeviceServer != nil {
+			deviceServer.ID = apiResp.Response[i].ID.ID
+			deviceServer.Description = apiResp.Response[i].DeviceServer.Description
+			createdAt, err := parseTimestamp(apiResp.Response[i].DeviceServer.Created)
+			if err != nil {
+				return nil, fmt.Errorf("bunq: could not parse created timestamp: %v", err)
+			}
+			deviceServer.CreatedAt = createdAt
+			updatedAt, err := parseTimestamp(apiResp.Response[i].DeviceServer.Updated)
+			if err != nil {
+				return nil, fmt.Errorf("bunq: could not parse updated timestamp: %v", err)
+			}
+			deviceServer.UpdatedAt = updatedAt
+			continue
+		}
+	}
+
+	return deviceServer, nil
+}

device_server_test.go

@@ -0,0 +1,67 @@
+package bunq
+
+import (
+	"fmt"
+	"net"
+	"net/http"
+	"net/http/httptest"
+	"reflect"
+	"strings"
+	"testing"
+)
+
+func TestCreateDeviceServer(t *testing.T) {
+	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		fmt.Fprintln(w, `{"Response":[{"Id":{"id":83}}]}`)
+	}))
+	defer ts.Close()
+
+	client := NewClient()
+	client.BaseURL = ts.URL
+
+	privKey := `-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEA74uJ/q21yZk67NzktTL3khNpOnfsKVa7Xev/0W8rvPmhxPzT
+N1OmrAFDzbVLtxdJ5T9yHtzEb0qfsESVPCayaa9tqfOm3Bg1qa5SWrSgCEW2BvPD
+t12HDBVeelh4L3NFnj6ulLhfvi86+a2DHfdUx9OLt4huOpQxFstxLAa3zvJhH7OH
+GotwzXyvJhMuJBUUSx7ZWenY2yz632D6N7+0t2DQyhtZ1s5e4SCtNV/1si+7KzXs
+PVgi6slIYdUqaiAZJF0YGgQovGkr0s8povNm5KgR4Ovqv2M3In+hO04YqnLTHrrn
+5VSL49kQGWphzTrp9T5wwn5/ZwPnnB7YcDAOEwIDAQABAoIBAHl3eHH8A8JGQOr6
+175KKd+YmDNdvBL6N+hYU1AP303kB3OsAC597HYr7gXReKNO29mzYlrj93e3j2IC
+ZOordSzCGAml02anoA56pqf4D24iazr7QLMqaeBmtZG0ar0k5phnkH85PtNhf7Y7
+ldEMKaFqU96s/7gUjQ/R+YEppur4Yb/eXFfvYFUbFuc3CHQyUradKBJxKh4H7Lys
+hRPpHVOQkCGYwiTrJz/9/bL86tnI/nbug59nXhTe3aai0qaHTeMJ/G2xbUkXefoh
+c5xKCTBkw1KgZ24ZUYm6gJdFPRNYA5SieZWt3mIfLQ6zQc/k614kxRcew0fGW4Ri
+5+sVSoECgYEA+hsdDBvAYaSDgHhs2XV/vX9kuUJiDB+3OGmXWQ3YN8mzv/tBTQPX
+8goSwEOVKeiZfCKvpP2bJSwv4sBNujSDXJCrHZBJwf55Wj/kcgdp12D/rifHsFQv
+rJ1WJjpSlchcbQ1PdQtQP7hO5QcjK6U7m5To1kiDcZYfkWqcATY9tU8CgYEA9TC2
+TzD9pzjJBT86u2PO2IOfwkxV6HiEWA5OPPRNaPybKk4a+fvnaufG00zLrOwRj4Tp
+asMqlYACY/x8xFIB5QxNCYQTLvMlaSovgr+rSkm+bGrYmHk/ITy4AbUiy8ioZvTm
+t5CfcaO7WmrlV+dcJ0ftzE2UTX0BJyaNtzIUcf0CgYEA7+DbbkabsMsCGVDnTXaF
+qzGpYIpL0ccFiwSzVYWS0IcTcNnCGuTJ1GpW67KmOUjPFSGLh1p52CBWWUwKAMLn
+DvvuMu+13mt85tOK/tcfa6Sr9dRPkU5dX1iUTRv5I5HFHA79G4xbTpIukTnUQMM8
+tY8P9p4b+/B5nJY8xGjKrL8CgYEAxDLYj4HqV1dPNA2ml7CEIikhO78Nt1pIvJWl
+8YykLPCF0VJyr7rtMVSKeyamjJbSbn+ysCW/+6VVRGEUDZx5u6keNBElsJoMQ5zo
+K73n+SgNYoAVFd1fsN7/dw5U67CDYO9zd0wY6jxUfUOwhaiyyxP5q1Qg6eivdX6a
+RA+k4JkCgYBjaTlXVWFC45HKuttYNpIGPUwowiqzcmx8rx17ymrI8qxxhSAA+nf1
+N3xaYHI6thoqfyq4JxMBxvBYDQBKhnCfLxk9AO2O/Uq7OOiRhWqtV4SdMD7Hb7O9
+GZ4h0C1AqVJNAxfUH5p7vKxp4E73SYVry88zdHkFj6nYfgXkasBBVA==
+-----END RSA PRIVATE KEY-----`
+	r := strings.NewReader(privKey)
+	if err := client.SetPrivateKey(r); err != nil {
+		t.Fatal(err)
+	}
+
+	got, err := client.CreateDeviceServer("Foobar", []net.IP{})
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	exp := &DeviceServer{
+		ID: 83,
+	}
+
+	if eq := reflect.DeepEqual(exp, got); !eq {
+		t.Errorf("Expected: `%#v`, got: `%#v`", exp, got)
+	}
+
+}

error.go

@@ -0,0 +1,48 @@
+package bunq
+
+import (
+	"encoding/json"
+	"fmt"
+	"io"
+)
+
+// Error represents an error returned by the bunq API.
+type Error struct {
+	ErrorDescription           string
+	ErrorDescriptionTranslated string
+}
+
+// Errors is an array of Error structs.
+type Errors []Error
+
+func (e Errors) Error() string {
+	var errs []string
+	for i := range e {
+		errs = append(errs, e[i].ErrorDescription)
+	}
+
+	return fmt.Sprintf("%v", errs)
+}
+
+func decodeError(r io.Reader) error {
+	var apiError struct {
+		Error []struct {
+			ErrorDescription           string `json:"error_description"`
+			ErrorDescriptionTranslated string `json:"error_description_translated"`
+		} `json:"Error"`
+	}
+	err := json.NewDecoder(r).Decode(&apiError)
+	if err != nil {
+		return fmt.Errorf("bunq: could not decode errors from json: %v", err)
+	}
+
+	var errors Errors
+	for i := range apiError.Error {
+		errors = append(errors, Error{
+			ErrorDescription:           apiError.Error[i].ErrorDescription,
+			ErrorDescriptionTranslated: apiError.Error[i].ErrorDescriptionTranslated,
+		})
+	}
+
+	return errors
+}