Fix TAN request with response code 3955 during initialization of the dialog #171
+6
−5
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This patch fixed a similar issue as in #155 for me with the "Sparkasse Vorderpfalz": Since a few days a push TAN is required even to request an account balance or get transactions of the last view days. Before, this was working with only the PIN.
I tracked the issue down to two issues by debugging the exchanged messages as described in the documentation, for which I propose a fix here.
The string
"DUMMY"
sent as thetan_medium_name
was somehow rejected by the bank. Even the call toclient.get_tan_media()
inminimal_interactive_cli_bootstrap()
already triggered the error as described in DKB does not accept connections anymore #121, with the first response beingfollowed by
after the subsequent call to
client.get_sepa_accounts()
(HKSPA1
), likely because the dialog was never actually accepted by the server. Should a 9xxx response code already trigger an exception inFinTSDialog.init()
?Sending an empty
tan_medium_name
works and triggers the response in the next bullet point. So I setclient.selected_tan_medium = ''
before callingminimal_interactive_cli_bootstrap(client)
to already skip the call toget_tan_media()
(with my patch). I guess this only works because there is only one for my account. I tried different strings, the name of my device and the UUID shown in the Push Tan app in "Verbindungen", nothing worked. And evenget_tan_media()
requires a TAN when the dialog starts, so it is a kind of chicken-and-egg problem and I have not found a way to not add the HKTAN7 segment to the dialog initialization request triggered byget_tan_media()
.With the empty
tan_medium_name
the bank server responds with a TAN request and code 3955. That was added in Fix #155 -- Implement HKTAN7 and decoupled TAN process #162 to the client's_send_with_possible_retry()
method to react on a TAN request when sending a request after the dialog has been established, but not inFinTSDialog.init()
if the bank already sends that response:So I assume it was an oversight in Fix #155 -- Implement HKTAN7 and decoupled TAN process #162 to not also patch the other method?
So these two changes work for me with an application similar to the one in the troubleshooting guide. I have not found a way to retrieve transactions without having to confirm that with a push TAN via the app interactively. Ideally there would be a way to remember that "device" at least for a couple of days, like it also works with interactive logins via the web page.
This patch may resolve #121 and #165, at least when also setting
selected_tan_medium
to an empty string (or something else if you already know a valid value) before the call tominimal_interactive_cli_bootstrap(f)
: