ProxyBank is a stateless php web application whose purpose is to let you retrieve your various banking transactions through a unique API endpoint.
ProxyBank does not require database because it is completely stateless. Auth informations are stored in an encrypted AES 256 token which is generated by one the API endpoint. This is your charge as a client to store this token (the server does not store it).
At least PHP 7.2 is required with the following extensions installed:
-
dom with XML, HTML and XPath support enabled
-
openssl
-
json
-
libxml
-
curl
-
intl
You can use simple php web hosting if all of these requirements are met.
-
Either download the latest release available at https://gitlab.com/mfalaize/proxy-bank/-/releases or build the release yourself via the command
composer release -
Unzip the release and upload the complete proxy-bank directory to your server
-
Configure your http server to serve the public directory.
-
If you don’t use the Apache http server, you need to add configuration file to rewrite URL so that every request has to pass through the public/index.php router file. The Apache configuration file is already provided (public/.htaccess) but feel free to contribute by adding other http server configuration file! :-)
You can access the available bank list here
You can access the API documentation here
Basically you need to call the /bank/list webservice first to list all available banks and retrieve your bankId.
Then you can generate the ProxyBank auth token with the /bank/{bankId}/token webservice.
Here is one of the possible process:
@startuml
title Get Authentication Token WebService - Double Factor Auth Process
actor You as you
participant "ProxyBank API" as api
participant "Real Bank" as bank
you -> api: POST /bank/{bankId}/token\nContent-Type: application/json\nAccept: application/json\nBody: Auth inputs
api -> bank: Log in with auth inputs
bank --> api: Auth OK but double factor auth is required
api -> api: Take all auth inputs and encrypt them\nwith private server secret (AES 256)
api --> you: Send encrypted token, partialToken: true\nand message to tell why the encrypted token is not complete
you -> you: Validate or get double factor authentication
you -> api: POST /bank/{bankId}/token\nContent-Type: application/json\nAccept: application/json\nBody: partial token and additional auth informations if needed
api -> api: Decrypt token to retrieve auth informations
api -> bank: Send auth informations + double factor auth or\ncheck validation status
bank --> api: Auth OK: Set DSP2 cookie
api -> api: Take all auth inputs + DSP2 cookie and encrypt\nthem with private server secret (AES 256)
api --> you: Send encrypted token, partielToken: false
you -> you: Store final token because server does not store it
@enduml
With the final token, you can then call the other API endpoints. E.g:
@startuml
title List accounts WebService
actor You as you
participant "ProxyBank API" as api
participant "Real Bank" as bank
you -> api: POST /bank/{bankId}/account/list\nContent-Type: application/json\nAccept: application/json\nBody: accountId + token
api -> api: Decrypt token to retrieve auth informations
api -> bank: Log in with decrypted auth informations
bank --> api: Auth OK
api -> bank: List accounts
bank --> api: Accounts list
api -> api: Process bank format accounts list to apply\nProxyBank format
api --> you: ProxyBank formatted accounts list
@enduml