From bd02fb8adea70865ddcb338ec73ea24c516902e1 Mon Sep 17 00:00:00 2001
From: Murdho Savila <murdho@murdho.com>
Date: Fri, 27 Dec 2024 11:18:50 +0200
Subject: [PATCH 01/24] Implement Bank::Client for communicating with
 GoCardless Bank Account Data API

---
 .gitignore                                    |  6 +-
 Gemfile                                       |  3 +
 Gemfile.lock                                  | 18 ++++++
 app/models/bank.rb                            |  2 +
 app/models/bank/client.rb                     |  8 +++
 app/models/bank/client/http.rb                | 25 ++++++++
 app/models/bank/client/token.rb               | 54 +++++++++++++++++
 app/models/token.rb                           | 20 +++++++
 config/credentials.yml.enc                    |  1 -
 config/credentials/development.yml.enc        |  1 +
 config/credentials/production.yml.enc         |  1 +
 config/credentials/test.yml.enc               |  1 +
 config/environments/test.rb                   |  2 +
 db/migrate/20241226170308_create_tokens.rb    | 13 ++++
 db/schema.rb                                  | 13 +++-
 test/fixtures/tokens.yml                      | 22 +++++++
 test/models/bank/client_test.rb               | 60 +++++++++++++++++++
 test/models/token_test.rb                     | 34 +++++++++++
 test/test_helper.rb                           |  1 +
 .../test_helpers/bank/client_request_stubs.rb | 47 +++++++++++++++
 20 files changed, 328 insertions(+), 4 deletions(-)
 create mode 100644 app/models/bank.rb
 create mode 100644 app/models/bank/client.rb
 create mode 100644 app/models/bank/client/http.rb
 create mode 100644 app/models/bank/client/token.rb
 create mode 100644 app/models/token.rb
 delete mode 100644 config/credentials.yml.enc
 create mode 100644 config/credentials/development.yml.enc
 create mode 100644 config/credentials/production.yml.enc
 create mode 100644 config/credentials/test.yml.enc
 create mode 100644 db/migrate/20241226170308_create_tokens.rb
 create mode 100644 test/fixtures/tokens.yml
 create mode 100644 test/models/bank/client_test.rb
 create mode 100644 test/models/token_test.rb
 create mode 100644 test/test_helpers/bank/client_request_stubs.rb

diff --git a/.gitignore b/.gitignore
index f92525c..cbe0e55 100644
--- a/.gitignore
+++ b/.gitignore
@@ -30,5 +30,7 @@
 
 /public/assets
 
-# Ignore master key for decrypting credentials and more.
-/config/master.key
+# Ignore keys for decrypting credentials and more.
+/config/credentials/development.key
+/config/credentials/test.key
+/config/credentials/production.key
diff --git a/Gemfile b/Gemfile
index cc6291a..a77ff1c 100644
--- a/Gemfile
+++ b/Gemfile
@@ -60,4 +60,7 @@ group :test do
   # Use system testing [https://guides.rubyonrails.org/testing.html#system-testing]
   gem "capybara"
   gem "selenium-webdriver"
+  gem "webmock", require: false
 end
+
+gem "faraday", "~> 2.12"
diff --git a/Gemfile.lock b/Gemfile.lock
index a0b266a..f1d5d54 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -124,6 +124,9 @@ GEM
       xpath (~> 3.2)
     concurrent-ruby (1.3.4)
     connection_pool (2.4.1)
+    crack (1.0.0)
+      bigdecimal
+      rexml
     crass (1.0.6)
     date (3.4.1)
     debug (1.10.0)
@@ -135,11 +138,18 @@ GEM
     erubi (1.13.1)
     et-orbi (1.2.11)
       tzinfo
+    faraday (2.12.2)
+      faraday-net_http (>= 2.0, < 3.5)
+      json
+      logger
+    faraday-net_http (3.4.0)
+      net-http (>= 0.5.0)
     fugit (1.11.1)
       et-orbi (~> 1, >= 1.2.11)
       raabro (~> 1.4)
     globalid (1.2.1)
       activesupport (>= 6.1)
+    hashdiff (1.1.2)
     i18n (1.14.6)
       concurrent-ruby (~> 1.0)
     importmap-rails (2.1.0)
@@ -181,6 +191,8 @@ GEM
     mini_portile2 (2.8.8)
     minitest (5.25.4)
     msgpack (1.7.5)
+    net-http (0.6.0)
+      uri
     net-imap (0.5.4)
       date
       net-protocol
@@ -348,6 +360,10 @@ GEM
       activemodel (>= 6.0.0)
       bindex (>= 0.4.0)
       railties (>= 6.0.0)
+    webmock (3.24.0)
+      addressable (>= 2.8.0)
+      crack (>= 0.3.2)
+      hashdiff (>= 0.4.0, < 2.0.0)
     websocket (1.2.11)
     websocket-driver (0.7.6)
       websocket-extensions (>= 0.1.0)
@@ -377,6 +393,7 @@ DEPENDENCIES
   brakeman
   capybara
   debug
+  faraday (~> 2.12)
   importmap-rails
   jbuilder
   kamal
@@ -394,6 +411,7 @@ DEPENDENCIES
   turbo-rails
   tzinfo-data
   web-console
+  webmock
 
 BUNDLED WITH
    2.6.2
diff --git a/app/models/bank.rb b/app/models/bank.rb
new file mode 100644
index 0000000..11188b1
--- /dev/null
+++ b/app/models/bank.rb
@@ -0,0 +1,2 @@
+module Bank
+end
diff --git a/app/models/bank/client.rb b/app/models/bank/client.rb
new file mode 100644
index 0000000..35a9806
--- /dev/null
+++ b/app/models/bank/client.rb
@@ -0,0 +1,8 @@
+class Bank::Client
+  include Http, Token
+
+  def initialize
+    set_http_client
+    set_token
+  end
+end
diff --git a/app/models/bank/client/http.rb b/app/models/bank/client/http.rb
new file mode 100644
index 0000000..6cdcb1d
--- /dev/null
+++ b/app/models/bank/client/http.rb
@@ -0,0 +1,25 @@
+module Bank::Client::Http
+  extend ActiveSupport::Concern
+
+  included do
+    URL = "https://bankaccountdata.gocardless.com/api/v2/"
+    USER_AGENT = "github.com/murdho/spendbetter"
+
+    attr_reader :http_client
+  end
+
+  def authorization_header = http_client.headers["Authorization"]
+
+  private
+
+  def set_http_client
+    @http_client = Faraday.new do |conn|
+      conn.url_prefix = URL
+      conn.headers = { "User-Agent": USER_AGENT }
+      conn.request :json
+      conn.response :json, parser_options: { symbolize_names: true }
+      conn.response :raise_error
+      conn.response :logger, Rails.logger if Rails.env.development?
+    end
+  end
+end
diff --git a/app/models/bank/client/token.rb b/app/models/bank/client/token.rb
new file mode 100644
index 0000000..e44485e
--- /dev/null
+++ b/app/models/bank/client/token.rb
@@ -0,0 +1,54 @@
+module Bank::Client::Token
+  extend ActiveSupport::Concern
+
+  included do
+    TOKEN_NAME = :bank_client_token
+
+    attr_reader :token
+  end
+
+  private
+    def set_token
+      find_or_initialize_token
+
+      unless token.fresh?
+        token.with_lock do
+          if token.refreshable?
+            refresh_api_token
+          else
+            create_api_token
+          end
+        end
+      end
+
+      http_client.headers["Authorization"] = "Bearer #{token.access_token}"
+    end
+
+    def find_or_initialize_token
+      @token ||= Token.find_or_initialize_by name: TOKEN_NAME
+    end
+
+    def create_api_token
+      save_token \
+        http_client.post("token/new/", {
+          secret_id: Rails.application.credentials.gocardless.secret_id,
+          secret_key: Rails.application.credentials.gocardless.secret_key
+        }).body
+    end
+
+    def refresh_api_token
+      save_token \
+        http_client.post("token/refresh/", { refresh: token.refresh_token }).body
+    end
+
+    def save_token(new_tokens)
+      new_tokens => { access:, refresh:, access_expires:, refresh_expires: }
+
+      token.update!(
+        access_token: access,
+        refresh_token: refresh,
+        access_expires_in: access_expires,
+        refresh_expires_in: refresh_expires
+      )
+    end
+end
diff --git a/app/models/token.rb b/app/models/token.rb
new file mode 100644
index 0000000..bc7bbe8
--- /dev/null
+++ b/app/models/token.rb
@@ -0,0 +1,20 @@
+class Token < ApplicationRecord
+  encrypts :access_token
+  encrypts :refresh_token
+
+  def fresh?
+    Time.current < access_expires_at if access_token? && access_expires_at?
+  end
+
+  def refreshable?
+    Time.current < refresh_expires_at if refresh_token? && refresh_expires_at?
+  end
+
+  def access_expires_in=(seconds)
+    self.access_expires_at = Time.current + seconds.to_i
+  end
+
+  def refresh_expires_in=(seconds)
+    self.refresh_expires_at = Time.current + seconds.to_i
+  end
+end
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
deleted file mode 100644
index 27ee7d7..0000000
--- a/config/credentials.yml.enc
+++ /dev/null
@@ -1 +0,0 @@
-kJW4SMebO0bnXkjfEX790ImO1ExFbgTNcxUm2p4rdvDG4EQXAidH0jC1gaRg42ZebBiruhyGWZ2IRtN+KkU2sHo8bculYmixbngADtFDIumOCLtXviC4ErdauyESZiPC6y1F9LI8S3ImvvVGgIpGajtZX1i6QCNsQg9Yb7mvA0sKxVfoCHMNt/DmLrmv+taKMl+crI44kbyfSE055m3kTbgrdJpW/4hcb+tJNvhZsx6eJFmbmkv1/z/crPDLZfWbAwg2P8HoRHoPf5EEGtlqPEF7BqczSRZxZs4xBTXhGk9cKqANNycKHJ4TipJJzywjT1yzxZLW7JRAiCliJmCfkmXk+nozXNUCq0nx5Avk6SSfcijHNDxy4rKwNF9KsNzjI1WzqJi8jeJSsbwUp66/4pOpst6Th9nhqVbz7tSxkTNJvdxd/lBMEkUdwQ5ZNT856TRGB0FNRKDW+5QKiqXDc/OHo4lYbSgNt+/1z2/Li6wVk0tXtzrNQxzb--tcsaPtMlY4KoVxv4--S6Y6BYBdiyEdPubR6r28QQ==
\ No newline at end of file
diff --git a/config/credentials/development.yml.enc b/config/credentials/development.yml.enc
new file mode 100644
index 0000000..c7afb69
--- /dev/null
+++ b/config/credentials/development.yml.enc
@@ -0,0 +1 @@
+t/gnyf+lT/MFSeaHf00oaU+2t32u4rdOYlsENGTcx1jZMuKAb1qyUqwxEZanNWwpQurjFdVn/EMBaOXMPkyf/ppYSIFvJ0ZFOuUeipZJ+PzsUv1JrNtu8ORpafVkt45riWEPYq/dAuNJpdIc/azCvJ+Dw8P2F2OOGjqKYcI2yxyis9uG2PMFKsYHgtQ4wA9JnOIBEQrrSMCMjHWw98nHyXkGCIsWW6I260lafCbhManrfP+/HFLMNIn7KZrFu1MvxcWNR5fsK2e1JKuwLtEu30ZTzLibxpVDt5lM7U1yZmuUBZ2g5u7zLglaDBgD6EsWKACGWnZjIHQ6NpbzrNBNBJ3Y2K3k7dmNPUKlKPoboKMIglGz7lO2DV3iZYjqvQoysa0iyuIxsCIHMGrZx+HgpYXM7SYOSVCoFV7K6PINkPoMLWj7Pf/t6utI/fmxHpd1TN67aXN9U4h6IeKMsoTXGCckZsZXA3ABHBTsdO/7JHOGqOvDUskLV8HZ5AAPlEOixvh0FlM6NPWjgdTBJIc3+p/l2siYKHyj7T0n2KkOnrFzEEW7ASbxBxDcBUQ5JdiAoSJTFb3sYgK0nC06ypYngIWBMqsFfgu41v88mzHLlyaQAlwxzZvpyfC6wgVQThxCMoGzJru0QSHcw2eGSAZg6Psfdxx3VwXh4WH9kyx3fjYwoITb3Pb1tlbdn/uGaxBnvZEBGKO/80XoGXqMDZzp6lHNUjtsifWQzzzZPUNhcOJrsP6YeUUxXcN6lZiUEwuQIFOpqkgLRJlPiur+zvBeJIJSPXK/YmBVgSts5I4Fn9NVOhUlFGLqlrT0h3/Zl8U3X8A8s5eoQVzoesbAp69sI6nFtF27pApcMCzdS03jer7WbLUF2ml9iNGTpr9B--o1Uz3C8Ao8az/+xG--LydzewxTKQNUXt6h9LOL9g==
\ No newline at end of file
diff --git a/config/credentials/production.yml.enc b/config/credentials/production.yml.enc
new file mode 100644
index 0000000..5b578bd
--- /dev/null
+++ b/config/credentials/production.yml.enc
@@ -0,0 +1 @@
+5nyx3Dgi85mDDyi6Zq+atbf6t2g1nOfrGUhtkMeNoY39sqUfcZsX4ZqBm4TybfwsyZLtiNtgByVi2VWzt9Huev90LmH4T4LuVLjPR1xCNWnzfrwx+ZUSB0xvMHLqxcKcuSnKpUR+DM4FG9n6A1Gl9zHDR6Z7POYmjRLovqRcq4UqQD9m2uzOPabixitz52oSdjPCZyhscN7LJzVi9BdSKSbatVpTnVSJJA59RKZYOyzzneYeO+d6oQn4ovlLSSrg0j0Uw1lI+gRl9WnidrgqK1HLc8lVhYMF/rZh1aWeD/Hdty9i018jpEekkuA+79Auf4aKmBwH3TGsIjITbIHStq6hGl7rK8ZHCJG/yRwIdFODO/k1NmYI9cbU+baaiwivYdd5Vi5CULmVd6+JNnSqjnMQFZ94Rhpvk7+XcvvqHC//x0IamjtbkKkR5bhikAQhCIniGpk4PbeEt7hsJF+Leb9ZIEqKwmI4Pbt4c8TD5LAzt/g2kSv/e2tjqeoL1nmvyytnNi3/8EuYXvCJjJohMA6CrDFxaqHTwPpVcPEiA3AqmfRCZUV00tnRS6mL4aTFcJ1QHDu8HO6JhzZd8GOgOSRoC7xXnpx3+BaPGb7lDNrNfdMtQ7HLbto5gL/Dw+6cgPjuIpRCriZ8wBNhFwT5P5SLgSivQ5ezrFXXomhp5v6eCqpFV7rWXKSF+9HidGInW6yJ5dlXw5H0GZhRUIlEzHBMfjrIXWp4VbK25y241ZhAAXkhKXmRwmznwTmQCefUkRdw5+YlkTvehiCmtZBeB7fKaZUyLtuRiO0ZLc9otw2U9XO3LmwNDOwajGxyCqZ8RujNShI6LaCKFrexpP+PpDYtlS72F7hJ+hgZmyWPyyXhMKMTbxwxXkjn0lppknghr0CF22m2weWeAh++1k7Madk4sgMz4gS6Ks/hMWyF8PitKZlKapVGo90INE5xy/Xj2cUlBp5G4KW+SHzm+b24zM01tDsI52VW7pqiWeqkqEjSOjU+gfL8JeqMYprKflHHMA==--LRPZPh6gip5b5S8M--ZnbGljb7cHhIK/etQZdQSg==
\ No newline at end of file
diff --git a/config/credentials/test.yml.enc b/config/credentials/test.yml.enc
new file mode 100644
index 0000000..973191b
--- /dev/null
+++ b/config/credentials/test.yml.enc
@@ -0,0 +1 @@
+vo1S0jCHvD2lBYhCmugDBqjoB6lCfjp8+FdCIeQ0XJ08TGTG2fJmdGzfMemGHYKya0B6yfHOIe3Tom7PW0MUb4MTgu7ZY0E5zs6IIgM9ihO60ehFfGHLSqxhkChUqHxNEO1J2PeH0kkld9ryYDm1DNxedcmpdOK9MF+q+Px9wqFDA6dPYRC9RAvYCW0OTzy0UjZ+c1BCwbWN9652F/3RG9eBbtf9KseiRIEzKhmnQ6gddVmcmz3K95oN5/5ewtRVlwZUauO5MSBcFBVGeimzT22bX6R3o/HwmRWdZ6ztHu7ab9X+Q1Rj6jN7tIhWD6leNcwzCUTaaKaaQB+8hessuqBhXdrFibFnCLNxM+grX+hve0HUdeZUafbYX1hWniPz90uf2uYUa7dHFSay3Ys9lgrHFGBpFYYOOApmAblGTHprq8n625SdLSBzf36k0Sk+NjEpnvze125NpDgYUyDuvZ0KHhum7pJEOoS6M2Wo+7h8OPAXP6ScAOZVadVFHNAsQC/xWYSCnSDDqYNFAHvS7mh1cur51CPUy9K7b9G7j9EF81LVPaVen23xoRG/nG4ynBJT6Pb9Z8ucFot0jAFk3LRueuYBlq5wpIib2eRyF70N8GJUlGN3l/rby8PwTNX9XzKxu6K49tn+leOIJmuyD9GqjO8+TXMBdhYPcycqQaH8KfsIcvsgIUsnLg2asMFIUQex/qEY--R5OYZPmp/L+2RhDj--MeSZAtnt/jHhfRAA2DbrRQ==
\ No newline at end of file
diff --git a/config/environments/test.rb b/config/environments/test.rb
index c2095b1..7c8d6ee 100644
--- a/config/environments/test.rb
+++ b/config/environments/test.rb
@@ -50,4 +50,6 @@
 
   # Raise error when a before_action's only/except options reference missing actions.
   config.action_controller.raise_on_missing_callback_actions = true
+
+  config.active_record.encryption.encrypt_fixtures = true
 end
diff --git a/db/migrate/20241226170308_create_tokens.rb b/db/migrate/20241226170308_create_tokens.rb
new file mode 100644
index 0000000..31d34da
--- /dev/null
+++ b/db/migrate/20241226170308_create_tokens.rb
@@ -0,0 +1,13 @@
+class CreateTokens < ActiveRecord::Migration[8.1]
+  def change
+    create_table :tokens do |t|
+      t.string :name, null: false, index: { unique: true }
+      t.string :access_token, null: false
+      t.string :refresh_token, null: false
+      t.datetime :access_expires_at, null: false
+      t.datetime :refresh_expires_at, null: false
+
+      t.timestamps
+    end
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 8feea8b..e734892 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema[8.1].define(version: 2024_12_26_080651) do
+ActiveRecord::Schema[8.1].define(version: 2024_12_26_170308) do
   create_table "entries", force: :cascade do |t|
     t.date "date"
     t.decimal "amount", null: false
@@ -30,5 +30,16 @@
     t.datetime "updated_at", null: false
   end
 
+  create_table "tokens", force: :cascade do |t|
+    t.string "name", null: false
+    t.string "access_token", null: false
+    t.string "refresh_token", null: false
+    t.datetime "access_expires_at", null: false
+    t.datetime "refresh_expires_at", null: false
+    t.datetime "created_at", null: false
+    t.datetime "updated_at", null: false
+    t.index ["name"], name: "index_tokens_on_name", unique: true
+  end
+
   add_foreign_key "entries", "folders"
 end
diff --git a/test/fixtures/tokens.yml b/test/fixtures/tokens.yml
new file mode 100644
index 0000000..0c90730
--- /dev/null
+++ b/test/fixtures/tokens.yml
@@ -0,0 +1,22 @@
+# Read about fixtures at https://api.rubyonrails.org/classes/ActiveRecord/FixtureSet.html
+
+fresh:
+  name: a fresh one
+  access_token: <%= SecureRandom.hex %>
+  refresh_token: <%= SecureRandom.hex %>
+  access_expires_at: <%= Time.current + 1.hour %>
+  refresh_expires_at: <%= Time.current + 1.day %>
+
+refreshable:
+  name: a refreshable one
+  access_token: <%= SecureRandom.hex %>
+  refresh_token: <%= SecureRandom.hex %>
+  access_expires_at: <%= Time.current - 1.hour %>
+  refresh_expires_at: <%= Time.current + 1.day %>
+
+expired:
+  name: an expired one
+  access_token: <%= SecureRandom.hex %>
+  refresh_token: <%= SecureRandom.hex %>
+  access_expires_at: <%= Time.current - 1.day %>
+  refresh_expires_at: <%= Time.current - 1.hour %>
diff --git a/test/models/bank/client_test.rb b/test/models/bank/client_test.rb
new file mode 100644
index 0000000..bcfd2e4
--- /dev/null
+++ b/test/models/bank/client_test.rb
@@ -0,0 +1,60 @@
+require "test_helper"
+require "test_helpers/bank/client_request_stubs"
+
+class Bank::ClientTest < ActiveSupport::TestCase
+  include Bank::ClientRequestStubs
+
+  def find_bank_client_token
+    Token.find_sole_by name: Bank::Client::TOKEN_NAME
+  end
+
+  def create_bank_client_token(**attributes)
+    Token.create! \
+      attributes.with_defaults \
+        name: Bank::Client::TOKEN_NAME,
+        access_token: :bank_client_access_token,
+        refresh_token: :bank_client_refresh_token,
+        access_expires_at: Time.current + 1.hour,
+        refresh_expires_at: Time.current + 1.day
+  end
+
+  test "with fresh token" do
+    create_bank_client_token
+
+    client = Bank::Client.new
+    assert_equal "Bearer bank_client_access_token", client.authorization_header
+
+    token = find_bank_client_token
+    assert_equal "bank_client_access_token", token.access_token
+    assert_equal "bank_client_refresh_token", token.refresh_token
+    assert token.fresh?
+  end
+
+  test "with refreshable token" do
+    create_bank_client_token access_expires_at: Time.current - 1.hour
+    stub_refresh_api_token_request
+
+    client = Bank::Client.new
+    assert_equal "Bearer refreshed_access_token", client.authorization_header
+
+    token = find_bank_client_token
+    assert_equal "refreshed_access_token", token.access_token
+    assert_equal "refreshed_refresh_token", token.refresh_token
+    assert token.fresh?
+  end
+
+  test "with expired token" do
+    create_bank_client_token \
+      access_expires_at: Time.current - 1.hour,
+      refresh_expires_at: Time.current - 1.hour
+    stub_create_api_token_request
+
+    client = Bank::Client.new
+    assert_equal "Bearer brand_new_access_token", client.authorization_header
+
+    token = find_bank_client_token
+    assert_equal "brand_new_access_token", token.access_token
+    assert_equal "brand_new_refresh_token", token.refresh_token
+    assert token.fresh?
+  end
+end
diff --git a/test/models/token_test.rb b/test/models/token_test.rb
new file mode 100644
index 0000000..47024c8
--- /dev/null
+++ b/test/models/token_test.rb
@@ -0,0 +1,34 @@
+require "test_helper"
+
+class TokenTest < ActiveSupport::TestCase
+  test "encryption" do
+    assert_includes Token.encrypted_attributes, :access_token
+    assert_includes Token.encrypted_attributes, :refresh_token
+  end
+
+  test "fresh?" do
+    assert tokens(:fresh).fresh?
+    assert_not tokens(:refreshable).fresh?
+    assert_not tokens(:expired).fresh?
+    assert_not Token.new.fresh?
+  end
+
+  test "refreshable?" do
+    assert tokens(:fresh).refreshable?
+    assert tokens(:refreshable).refreshable?
+    assert_not tokens(:expired).refreshable?
+    assert_not Token.new.refreshable?
+  end
+
+  test "access_expires_in=" do
+    freeze_time
+    token = Token.new access_expires_in: "3600"
+    assert_equal Time.current + 1.hour, token.access_expires_at
+  end
+
+  test "refresh_expires_in=" do
+    freeze_time
+    token = Token.new refresh_expires_in: "3600"
+    assert_equal Time.current + 1.hour, token.refresh_expires_at
+  end
+end
diff --git a/test/test_helper.rb b/test/test_helper.rb
index 0c22470..3910fec 100644
--- a/test/test_helper.rb
+++ b/test/test_helper.rb
@@ -1,6 +1,7 @@
 ENV["RAILS_ENV"] ||= "test"
 require_relative "../config/environment"
 require "rails/test_help"
+require "webmock/minitest"
 
 module ActiveSupport
   class TestCase
diff --git a/test/test_helpers/bank/client_request_stubs.rb b/test/test_helpers/bank/client_request_stubs.rb
new file mode 100644
index 0000000..5468d10
--- /dev/null
+++ b/test/test_helpers/bank/client_request_stubs.rb
@@ -0,0 +1,47 @@
+module Bank::ClientRequestStubs
+  DEFAULT_REQUEST_HEADERS = {
+    "Content-Type": "application/json",
+    "User-Agent": "github.com/murdho/spendbetter"
+  }
+
+  DEFAULT_RESPONSE_HEADERS = {
+    "Content-Type": "application/json"
+  }
+
+  def stub_create_api_token_request
+    stub_request(:post, "https://bankaccountdata.gocardless.com/api/v2/token/new/")
+      .with(
+        headers: DEFAULT_REQUEST_HEADERS,
+        body: { secret_id: "fake_secret_id", secret_key: "fake_secret_key" }
+      )
+      .to_return(
+        status: 200,
+        headers: DEFAULT_RESPONSE_HEADERS,
+        body: {
+          access: "brand_new_access_token",
+          refresh: "brand_new_refresh_token",
+          access_expires: "123",
+          refresh_expires: "456"
+
+        }.to_json
+      )
+  end
+
+  def stub_refresh_api_token_request
+    stub_request(:post, "#{Bank::Client::URL}token/refresh/")
+      .with(
+        headers: DEFAULT_REQUEST_HEADERS,
+        body: { refresh: "bank_client_refresh_token" }
+      )
+      .to_return(
+        status: 200,
+        headers: DEFAULT_RESPONSE_HEADERS,
+        body: {
+          access: "refreshed_access_token",
+          refresh: "refreshed_refresh_token",
+          access_expires: "321",
+          refresh_expires: "654"
+        }.to_json
+      )
+  end
+end

From 8c297d1a48538181ab2b8d05370ba1d31cbb848f Mon Sep 17 00:00:00 2001
From: Murdho Savila <murdho@murdho.com>
Date: Fri, 27 Dec 2024 20:46:54 +0200
Subject: [PATCH 02/24] wip

---
 Gemfile                                |   1 +
 Gemfile.lock                           |   2 +
 app/models/bank/account.rb             |  32 ++++++++
 app/models/bank/client.rb              | 100 +++++++++++++++++++++++++
 app/models/bank/client/http.rb         |  21 +++---
 app/models/bank/client/token.rb        |  16 ++--
 app/models/bank/conn.rb                |  25 +++++++
 app/views/layouts/application.html.erb |  16 +++-
 config/routes.rb                       |   2 +-
 9 files changed, 196 insertions(+), 19 deletions(-)
 create mode 100644 app/models/bank/account.rb
 create mode 100644 app/models/bank/conn.rb

diff --git a/Gemfile b/Gemfile
index a77ff1c..956cf16 100644
--- a/Gemfile
+++ b/Gemfile
@@ -54,6 +54,7 @@ end
 group :development do
   # Use console on exceptions pages [https://github.com/rails/web-console]
   gem "web-console"
+  gem "csv"
 end
 
 group :test do
diff --git a/Gemfile.lock b/Gemfile.lock
index f1d5d54..f9a61eb 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -128,6 +128,7 @@ GEM
       bigdecimal
       rexml
     crass (1.0.6)
+    csv (3.3.2)
     date (3.4.1)
     debug (1.10.0)
       irb (~> 1.10)
@@ -392,6 +393,7 @@ DEPENDENCIES
   bootsnap
   brakeman
   capybara
+  csv
   debug
   faraday (~> 2.12)
   importmap-rails
diff --git a/app/models/bank/account.rb b/app/models/bank/account.rb
new file mode 100644
index 0000000..30994ee
--- /dev/null
+++ b/app/models/bank/account.rb
@@ -0,0 +1,32 @@
+class Bank::Account
+  attr_reader :id
+
+  def initialize(id)
+    @id = id
+  end
+
+  def info
+    @info ||= client.account_info(id)
+  end
+
+  def balances
+    @balances ||= client.account_balances(id)
+  end
+
+  def details
+    @details ||= client.account_details(id)
+  end
+
+  def transactions(from: nil, to: nil)
+    if from || to
+      client.account_transactions(id, from:, to:)
+    else
+      @transactions ||= client.account_transactions(id, from:, to:)
+    end
+  end
+
+  private
+    def client
+      @client ||= Bank::Client.new
+    end
+end
diff --git a/app/models/bank/client.rb b/app/models/bank/client.rb
index 35a9806..e97682f 100644
--- a/app/models/bank/client.rb
+++ b/app/models/bank/client.rb
@@ -1,8 +1,108 @@
 class Bank::Client
   include Http, Token
 
+  SANDBOX_INSTITUTION_ID = "SANDBOXFINANCE_SFIN0000"
+
   def initialize
     set_http_client
     set_token
   end
+
+  def countries
+    # https://gocardless.com/bank-account-data/coverage/
+    #
+    # `curl -sL https://docs.google.com/spreadsheets/d/1EZ5n7QDGaRIot5M86dwqd5UFSGEDTeTRzEq3D9uEDkM/export?format=csv`
+    #   .then { CSV.parse it, headers: true }["Countries "]
+    #   .filter { it&.length == 2 }
+    #   .uniq
+    #   .sort
+    #   .join(" ")
+    #   .then { puts "%w[#{it}]"}
+    %w[AT BE BG CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LT LU LV MT NL NO PL PT RO SE SI SK]
+  end
+
+  def institutions(country:)
+    http_client
+      .get("institutions/", { country: })
+      .body
+  end
+
+  def institution(institution_id)
+    http_client
+      .get("institutions/#{institution_id}/")
+      .body
+  end
+
+  def create_agreement(institution_id:,
+                       max_historical_days: 180,
+                       access_valid_for_days: 90,
+                       access_scope: [ :balances, :details, :transactions ])
+    http_client
+      .post("agreements/enduser/", {
+        institution_id:,
+        max_historical_days:,
+        access_valid_for_days:,
+        access_scope:
+      })
+      .body
+  end
+
+  def create_requisition(spendbetter_id:,
+                         institution_id:,
+                         agreement_id:,
+                         language: :EN,
+                         redirect_url: "http://localhost:3000")
+    http_client
+      .post("requisitions/", {
+        institution_id:,
+        agreement: agreement_id,
+        reference: spendbetter_id,
+        redirect: redirect_url,
+        user_language: language
+      })
+      .body
+  end
+
+  def requisition(requisition_id)
+    http_client
+      .get("requisitions/#{requisition_id}/")
+      .body
+  end
+
+  def accounts(requisition_id)
+    requisition(requisition_id) => { accounts: }
+    accounts.map { |account_id| Bank::Account.new account_id }
+  end
+
+  def account_info(account_id)
+    http_client
+      .get("accounts/#{account_id}/")
+      .body
+  end
+
+  def account_balances(account_id)
+    http_client
+      .get("accounts/#{account_id}/balances/")
+      .body
+  end
+
+  def account_details(account_id)
+    http_client
+      .get("accounts/#{account_id}/details/")
+      .body
+  end
+
+  def account_transactions(account_id, from: nil, to: nil)
+    http_client
+      .get("accounts/#{account_id}/transactions/", {
+        date_from: format_date(from),
+        date_to: format_date(to)
+      }.compact)
+      .body
+  end
+
+  private
+    def format_date(date_or_datetime_or_string)
+      date_or_datetime_or_string.try(:strftime, "%Y-%m-%d") || date_or_datetime_or_string
+    end
 end
diff --git a/app/models/bank/client/http.rb b/app/models/bank/client/http.rb
index 6cdcb1d..b2b101d 100644
--- a/app/models/bank/client/http.rb
+++ b/app/models/bank/client/http.rb
@@ -11,15 +11,16 @@ module Bank::Client::Http
   def authorization_header = http_client.headers["Authorization"]
 
   private
-
-  def set_http_client
-    @http_client = Faraday.new do |conn|
-      conn.url_prefix = URL
-      conn.headers = { "User-Agent": USER_AGENT }
-      conn.request :json
-      conn.response :json, parser_options: { symbolize_names: true }
-      conn.response :raise_error
-      conn.response :logger, Rails.logger if Rails.env.development?
+    def set_http_client
+      @http_client = Faraday.new do |conn|
+        conn.url_prefix = URL
+        conn.headers = { "User-Agent": USER_AGENT }
+        conn.request :json
+        conn.response :json, parser_options: { symbolize_names: true }
+        conn.response :raise_error
+        conn.response :logger, Rails.logger do
+          it.filter /(Authorization:\s+).*/, '\1[REDACTED]'
+        end if Rails.env.development?
+      end
     end
-  end
 end
diff --git a/app/models/bank/client/token.rb b/app/models/bank/client/token.rb
index e44485e..f313932 100644
--- a/app/models/bank/client/token.rb
+++ b/app/models/bank/client/token.rb
@@ -25,20 +25,24 @@ def set_token
     end
 
     def find_or_initialize_token
-      @token ||= Token.find_or_initialize_by name: TOKEN_NAME
+      @token = Token.find_or_initialize_by name: TOKEN_NAME
     end
 
     def create_api_token
       save_token \
-        http_client.post("token/new/", {
-          secret_id: Rails.application.credentials.gocardless.secret_id,
-          secret_key: Rails.application.credentials.gocardless.secret_key
-        }).body
+        http_client
+          .post("token/new/", {
+            secret_id: Rails.application.credentials.gocardless.secret_id,
+            secret_key: Rails.application.credentials.gocardless.secret_key
+          })
+          .body
     end
 
     def refresh_api_token
       save_token \
-        http_client.post("token/refresh/", { refresh: token.refresh_token }).body
+        http_client
+          .post("token/refresh/", { refresh: token.refresh_token })
+          .body
     end
 
     def save_token(new_tokens)
diff --git a/app/models/bank/conn.rb b/app/models/bank/conn.rb
new file mode 100644
index 0000000..effeca1
--- /dev/null
+++ b/app/models/bank/conn.rb
@@ -0,0 +1,25 @@
+module Bank::Conn
+  class TokenMiddleware < Faraday::Middleware
+    def on_request(env)
+      binding.irb
+    end
+  end
+
+  URL = "https://bankaccountdata.gocardless.com/api/v2/"
+  USER_AGENT = "github.com/murdho/spendbetter"
+
+  def http_client
+    @http_client ||= Faraday.new do |conn|
+      conn.url_prefix = URL
+      conn.headers = { "User-Agent": USER_AGENT }
+      conn.request :json
+      conn.response :json, parser_options: { symbolize_names: true }
+      conn.response :raise_error
+      conn.response :logger, Rails.logger do
+        it.filter /(Authorization:\s+).*/, '\1[REDACTED]'
+      end if Rails.env.development?
+
+      conn.use TokenMiddleware
+    end
+  end
+end
diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb
index 449915f..e5c8a38 100644
--- a/app/views/layouts/application.html.erb
+++ b/app/views/layouts/application.html.erb
@@ -1,7 +1,7 @@
 <!DOCTYPE html>
 <html>
   <head>
-    <title><%= content_for(:title) || "Spendbetter" %></title>
+    <title><%= ["spendbetter", content_for(:title)].compact.join(" – ") %></title>
     <meta name="viewport" content="width=device-width,initial-scale=1">
     <meta name="apple-mobile-web-app-capable" content="yes">
     <meta name="mobile-web-app-capable" content="yes">
@@ -16,6 +16,7 @@
     <link rel="icon" href="/icon.png" type="image/png">
     <link rel="icon" href="/icon.svg" type="image/svg+xml">
     <link rel="apple-touch-icon" href="/icon.png">
+    <link rel="stylesheet" href="https://cdn.simplecss.org/simple.min.css">
 
     <%# Includes all stylesheet files in app/assets/stylesheets %>
     <%= stylesheet_link_tag :app, "data-turbo-track": "reload" %>
@@ -23,6 +24,17 @@
   </head>
 
   <body>
-    <%= yield %>
+    <header>
+      <nav>
+        <%= link_to "Home", root_path %>
+        <%= link_to "Folders", folders_path %>
+        <%= link_to "Entries", entries_path %>
+      </nav>
+      <h1>spendbetter</h1>
+    </header>
+
+    <main>
+      <%= yield %>
+    </main>
   </body>
 </html>
diff --git a/config/routes.rb b/config/routes.rb
index 2d13cc5..e39726a 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -13,5 +13,5 @@
   resources :entries
 
   # Defines the root path route ("/")
-  # root "posts#index"
+  root "folders#index"
 end

From 63d3a505e0aca9bef57bf1f95b15926216a21a27 Mon Sep 17 00:00:00 2001
From: Murdho Savila <murdho@murdho.com>
Date: Fri, 27 Dec 2024 23:40:18 +0200
Subject: [PATCH 03/24] Make bank account data api client more OOP

---
 app/models/bank.rb                            |  14 +++
 app/models/bank/account.rb                    |  51 +++++++--
 app/models/bank/client.rb                     | 108 ------------------
 app/models/bank/client/http.rb                |  26 -----
 app/models/bank/conn.rb                       |  25 ----
 app/models/bank/connection.rb                 |  15 +++
 app/models/bank/http.rb                       |  26 +++++
 app/models/bank/http/json_decoder.rb          |  23 ++++
 .../token.rb => http/token_auto_refresh.rb}   |  36 +++---
 app/models/bank/institution.rb                |  34 ++++++
 app/models/bank/requisition.rb                |  66 +++++++++++
 test/models/bank/client_test.rb               |   6 +
 12 files changed, 242 insertions(+), 188 deletions(-)
 delete mode 100644 app/models/bank/client.rb
 delete mode 100644 app/models/bank/client/http.rb
 delete mode 100644 app/models/bank/conn.rb
 create mode 100644 app/models/bank/connection.rb
 create mode 100644 app/models/bank/http.rb
 create mode 100644 app/models/bank/http/json_decoder.rb
 rename app/models/bank/{client/token.rb => http/token_auto_refresh.rb} (74%)
 create mode 100644 app/models/bank/institution.rb
 create mode 100644 app/models/bank/requisition.rb

diff --git a/app/models/bank.rb b/app/models/bank.rb
index 11188b1..0334cf2 100644
--- a/app/models/bank.rb
+++ b/app/models/bank.rb
@@ -1,2 +1,16 @@
 module Bank
+  extend self
+
+  def countries
+    # https://gocardless.com/bank-account-data/coverage/
+    #
+    # `curl -sL https://docs.google.com/spreadsheets/d/1EZ5n7QDGaRIot5M86dwqd5UFSGEDTeTRzEq3D9uEDkM/export?format=csv`
+    #   .then { CSV.parse it, headers: true }["Countries "]
+    #   .filter { it&.length == 2 }
+    #   .uniq
+    #   .sort
+    #   .join(" ")
+    #   .then { puts "%w[#{it}]"}
+    %w[AT BE BG CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LT LU LV MT NL NO PL PT RO SE SI SK]
+  end
 end
diff --git a/app/models/bank/account.rb b/app/models/bank/account.rb
index 30994ee..ccd6db7 100644
--- a/app/models/bank/account.rb
+++ b/app/models/bank/account.rb
@@ -1,32 +1,59 @@
 class Bank::Account
-  attr_reader :id
+  include Bank::Connection
 
-  def initialize(id)
-    @id = id
-  end
+  attr_reader :id, :iban, :institution_id
 
-  def info
-    @info ||= client.account_info(id)
+  def initialize(id:, **attrs)
+    @id = id
+    @iban = attrs[:iban]
+    @institution_id = attrs[:institution_id]
   end
 
   def balances
-    @balances ||= client.account_balances(id)
+    @balances ||= \
+      connection
+        .get("accounts/#{id}/balances/")
+        .body
+        .dig(:balances)
   end
 
   def details
-    @details ||= client.account_details(id)
+    @details ||= \
+      connection
+        .get("accounts/#{id}/details/")
+        .body
+        .dig(:account)
   end
 
   def transactions(from: nil, to: nil)
     if from || to
-      client.account_transactions(id, from:, to:)
+      fetch_transactions(from:, to:)
     else
-      @transactions ||= client.account_transactions(id, from:, to:)
+      @transactions ||= fetch_transactions(from:, to:)
+    end
+  end
+
+  class << self
+    def find(id)
+      connection
+        .get("accounts/#{id}/")
+        .body
+        .then { new(**it) }
     end
   end
 
   private
-    def client
-      @client ||= Bank::Client.new
+    def fetch_transactions(from: nil, to: nil)
+      connection
+        .get("accounts/#{id}/transactions/", {
+          date_from: format_date(from),
+          date_to: format_date(to)
+        }.compact)
+        .body
+        .dig(:transactions, :booked)
+    end
+
+    def format_date(date_or_datetime_or_string)
+      date_or_datetime_or_string.try(:strftime, "%Y-%m-%d") || date_or_datetime_or_string
     end
 end
diff --git a/app/models/bank/client.rb b/app/models/bank/client.rb
deleted file mode 100644
index e97682f..0000000
--- a/app/models/bank/client.rb
+++ /dev/null
@@ -1,108 +0,0 @@
-class Bank::Client
-  include Http, Token
-
-  SANDBOX_INSTITUTION_ID = "SANDBOXFINANCE_SFIN0000"
-
-  def initialize
-    set_http_client
-    set_token
-  end
-
-  def countries
-    # https://gocardless.com/bank-account-data/coverage/
-    #
-    # `curl -sL https://docs.google.com/spreadsheets/d/1EZ5n7QDGaRIot5M86dwqd5UFSGEDTeTRzEq3D9uEDkM/export?format=csv`
-    #   .then { CSV.parse it, headers: true }["Countries "]
-    #   .filter { it&.length == 2 }
-    #   .uniq
-    #   .sort
-    #   .join(" ")
-    #   .then { puts "%w[#{it}]"}
-    %w[AT BE BG CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LT LU LV MT NL NO PL PT RO SE SI SK]
-  end
-
-  def institutions(country:)
-    http_client
-      .get("institutions/", { country: })
-      .body
-  end
-
-  def institution(institution_id)
-    http_client
-      .get("institutions/#{institution_id}/")
-      .body
-  end
-
-  def create_agreement(institution_id:,
-                       max_historical_days: 180,
-                       access_valid_for_days: 90,
-                       access_scope: [ :balances, :details, :transactions ])
-    http_client
-      .post("agreements/enduser/", {
-        institution_id:,
-        max_historical_days:,
-        access_valid_for_days:,
-        access_scope:
-      })
-      .body
-  end
-
-  def create_requisition(spendbetter_id:,
-                         institution_id:,
-                         agreement_id:,
-                         language: :EN,
-                         redirect_url: "http://localhost:3000")
-    http_client
-      .post("requisitions/", {
-        institution_id:,
-        agreement: agreement_id,
-        reference: spendbetter_id,
-        redirect: redirect_url,
-        user_language: language
-      })
-      .body
-  end
-
-  def requisition(requisition_id)
-    http_client
-      .get("requisitions/#{requisition_id}/")
-      .body
-  end
-
-  def accounts(requisition_id)
-    requisition(requisition_id) => { accounts: }
-    accounts.map { |account_id| Bank::Account.new account_id }
-  end
-
-  def account_info(account_id)
-    http_client
-      .get("accounts/#{account_id}/")
-      .body
-  end
-
-  def account_balances(account_id)
-    http_client
-      .get("accounts/#{account_id}/balances/")
-      .body
-  end
-
-  def account_details(account_id)
-    http_client
-      .get("accounts/#{account_id}/details/")
-      .body
-  end
-
-  def account_transactions(account_id, from: nil, to: nil)
-    http_client
-      .get("accounts/#{account_id}/transactions/", {
-        date_from: format_date(from),
-        date_to: format_date(to)
-      }.compact)
-      .body
-  end
-
-  private
-    def format_date(date_or_datetime_or_string)
-      date_or_datetime_or_string.try(:strftime, "%Y-%m-%d") || date_or_datetime_or_string
-    end
-end
diff --git a/app/models/bank/client/http.rb b/app/models/bank/client/http.rb
deleted file mode 100644
index b2b101d..0000000
--- a/app/models/bank/client/http.rb
+++ /dev/null
@@ -1,26 +0,0 @@
-module Bank::Client::Http
-  extend ActiveSupport::Concern
-
-  included do
-    URL = "https://bankaccountdata.gocardless.com/api/v2/"
-    USER_AGENT = "github.com/murdho/spendbetter"
-
-    attr_reader :http_client
-  end
-
-  def authorization_header = http_client.headers["Authorization"]
-
-  private
-    def set_http_client
-      @http_client = Faraday.new do |conn|
-        conn.url_prefix = URL
-        conn.headers = { "User-Agent": USER_AGENT }
-        conn.request :json
-        conn.response :json, parser_options: { symbolize_names: true }
-        conn.response :raise_error
-        conn.response :logger, Rails.logger do
-          it.filter /(Authorization:\s+).*/, '\1[REDACTED]'
-        end if Rails.env.development?
-      end
-    end
-end
diff --git a/app/models/bank/conn.rb b/app/models/bank/conn.rb
deleted file mode 100644
index effeca1..0000000
--- a/app/models/bank/conn.rb
+++ /dev/null
@@ -1,25 +0,0 @@
-module Bank::Conn
-  class TokenMiddleware < Faraday::Middleware
-    def on_request(env)
-      binding.irb
-    end
-  end
-
-  URL = "https://bankaccountdata.gocardless.com/api/v2/"
-  USER_AGENT = "github.com/murdho/spendbetter"
-
-  def http_client
-    @http_client ||= Faraday.new do |conn|
-      conn.url_prefix = URL
-      conn.headers = { "User-Agent": USER_AGENT }
-      conn.request :json
-      conn.response :json, parser_options: { symbolize_names: true }
-      conn.response :raise_error
-      conn.response :logger, Rails.logger do
-        it.filter /(Authorization:\s+).*/, '\1[REDACTED]'
-      end if Rails.env.development?
-
-      conn.use TokenMiddleware
-    end
-  end
-end
diff --git a/app/models/bank/connection.rb b/app/models/bank/connection.rb
new file mode 100644
index 0000000..3a89a6e
--- /dev/null
+++ b/app/models/bank/connection.rb
@@ -0,0 +1,15 @@
+module Bank::Connection
+  extend ActiveSupport::Concern
+
+  DB_TOKEN_NAME = :bank_token
+
+  included do
+    delegate :connection, to: :class
+  end
+
+  class_methods do
+    def connection
+      @connection ||= Bank::Http.client authorized_by: DB_TOKEN_NAME
+    end
+  end
+end
diff --git a/app/models/bank/http.rb b/app/models/bank/http.rb
new file mode 100644
index 0000000..dad7b87
--- /dev/null
+++ b/app/models/bank/http.rb
@@ -0,0 +1,26 @@
+module Bank::Http
+  extend self
+
+  URL = "https://bankaccountdata.gocardless.com/api/v2/"
+  USER_AGENT = "github.com/murdho/spendbetter"
+
+  def client(authorized_by: nil)
+    Faraday.new do |conn|
+      conn.url_prefix = URL
+      conn.headers = { "User-Agent": USER_AGENT }
+      conn.request :json
+
+      conn.use TokenAutoRefresh, token_name: authorized_by if authorized_by
+
+      conn.response :json, parser_options: { decoder: [ JsonDecoder, :parse ] }
+      conn.response :raise_error
+
+      conn.response(:logger, Rails.logger) { add_logging_filters it } if Rails.env.development?
+    end
+  end
+
+  private
+    def add_logging_filters(logger)
+      logger.filter /(Authorization:\s+).*/, '\1[REDACTED]'
+    end
+end
diff --git a/app/models/bank/http/json_decoder.rb b/app/models/bank/http/json_decoder.rb
new file mode 100644
index 0000000..2796fe1
--- /dev/null
+++ b/app/models/bank/http/json_decoder.rb
@@ -0,0 +1,23 @@
+class Bank::Http::JsonDecoder
+  class << self
+    def parse(str, opts)
+      JSON
+        .parse(str, opts)
+        .then { deep_transform it }
+    end
+
+    private
+      def deep_transform(element)
+        case element
+        when Hash
+          element
+            .transform_keys { it.to_s.underscore.to_sym }
+            .transform_values { deep_transform it }
+        when Array
+          element.map { deep_transform it }
+        else
+          element
+        end
+      end
+  end
+end
diff --git a/app/models/bank/client/token.rb b/app/models/bank/http/token_auto_refresh.rb
similarity index 74%
rename from app/models/bank/client/token.rb
rename to app/models/bank/http/token_auto_refresh.rb
index f313932..a4b264a 100644
--- a/app/models/bank/client/token.rb
+++ b/app/models/bank/http/token_auto_refresh.rb
@@ -1,14 +1,12 @@
-module Bank::Client::Token
-  extend ActiveSupport::Concern
+class Bank::Http::TokenAutoRefresh < Faraday::Middleware
+  attr_reader :token
 
-  included do
-    TOKEN_NAME = :bank_client_token
-
-    attr_reader :token
+  def on_request(env)
+    env.request_headers["Authorization"] = "Bearer #{access_token}"
   end
 
   private
-    def set_token
+    def access_token
       find_or_initialize_token
 
       unless token.fresh?
@@ -21,11 +19,14 @@ def set_token
         end
       end
 
-      http_client.headers["Authorization"] = "Bearer #{token.access_token}"
+      token.access_token
     end
 
-    def find_or_initialize_token
-      @token = Token.find_or_initialize_by name: TOKEN_NAME
+    def refresh_api_token
+      save_token \
+        http_client
+          .post("token/refresh/", { refresh: token.refresh_token })
+          .body
     end
 
     def create_api_token
@@ -38,13 +39,6 @@ def create_api_token
           .body
     end
 
-    def refresh_api_token
-      save_token \
-        http_client
-          .post("token/refresh/", { refresh: token.refresh_token })
-          .body
-    end
-
     def save_token(new_tokens)
       new_tokens => { access:, refresh:, access_expires:, refresh_expires: }
 
@@ -55,4 +49,12 @@ def save_token(new_tokens)
         refresh_expires_in: refresh_expires
       )
     end
+
+    def find_or_initialize_token
+      @token = Token.find_or_initialize_by name: options.fetch(:token_name)
+    end
+
+    def http_client
+      @http_client ||= Bank::Http.client
+    end
 end
diff --git a/app/models/bank/institution.rb b/app/models/bank/institution.rb
new file mode 100644
index 0000000..84ea5e9
--- /dev/null
+++ b/app/models/bank/institution.rb
@@ -0,0 +1,34 @@
+class Bank::Institution
+  include Bank::Connection
+
+  SANDBOX_INSTITUTION_ID = "SANDBOXFINANCE_SFIN0000"
+
+  attr_reader :id, :name, :transaction_total_days, :max_access_valid_for_days
+
+  def initialize(id:, **attrs)
+    @id = id
+    @name = attrs[:name]
+    @transaction_total_days = attrs[:transaction_total_days].to_i
+    @max_access_valid_for_days = attrs[:max_access_valid_for_days].to_i
+  end
+
+  class << self
+    def find_by_country(country)
+      connection
+        .get("institutions/", { country: })
+        .body
+        .map { new(**it) }
+    end
+
+    def find(id)
+      connection
+        .get("institutions/#{id}/")
+        .body
+        .then { new(**it) }
+    end
+
+    def sandbox
+      find SANDBOX_INSTITUTION_ID
+    end
+  end
+end
diff --git a/app/models/bank/requisition.rb b/app/models/bank/requisition.rb
new file mode 100644
index 0000000..13ddbde
--- /dev/null
+++ b/app/models/bank/requisition.rb
@@ -0,0 +1,66 @@
+class Bank::Requisition
+  include Bank::Connection
+
+  attr_reader :id, :link, :reference_id, :institution_id
+
+  def initialize(id:, **attrs)
+    @id = id
+    @link = attrs[:link]
+    @account_ids = attrs[:accounts]
+    @reference_id = attrs[:reference]
+    @institution_id = attrs[:institution_id]
+  end
+
+  def accounts
+    raise "Cannot fetch accounts without account_ids" unless @account_ids.present?
+
+    @accounts ||= @account_ids.map { Bank::Account.find it }
+  end
+
+  def delete
+    connection
+      .delete("requisitions/#{id}/")
+      .body
+  end
+
+  class << self
+    def all
+      connection
+        .get("requisitions/")
+        .body
+        .fetch(:results)
+        .map { new(**it) }
+    end
+
+    def find(id)
+      connection
+        .get("requisitions/#{id}/")
+        .body
+        .then { new(**it) }
+    end
+
+    def create(institution,
+               reference_id: SecureRandom.uuid,
+               redirect_url: "http://localhost:3000")
+      connection
+        .post("agreements/enduser/", {
+          institution_id: institution.id,
+          max_historical_days: institution.transaction_total_days,
+          access_valid_for_days: institution.max_access_valid_for_days,
+          access_scope: %w[balances details transactions]
+        })
+        .body => { id: agreement_id }
+
+      connection
+        .post("requisitions/", {
+          institution_id: institution.id,
+          agreement: agreement_id,
+          reference: reference_id,
+          redirect: redirect_url,
+          user_language: "EN"
+        })
+        .body
+        .then { new(**it) }
+    end
+  end
+end
diff --git a/test/models/bank/client_test.rb b/test/models/bank/client_test.rb
index bcfd2e4..e76bafa 100644
--- a/test/models/bank/client_test.rb
+++ b/test/models/bank/client_test.rb
@@ -19,6 +19,8 @@ def create_bank_client_token(**attributes)
   end
 
   test "with fresh token" do
+    skip
+
     create_bank_client_token
 
     client = Bank::Client.new
@@ -31,6 +33,8 @@ def create_bank_client_token(**attributes)
   end
 
   test "with refreshable token" do
+    skip
+
     create_bank_client_token access_expires_at: Time.current - 1.hour
     stub_refresh_api_token_request
 
@@ -44,6 +48,8 @@ def create_bank_client_token(**attributes)
   end
 
   test "with expired token" do
+    skip
+
     create_bank_client_token \
       access_expires_at: Time.current - 1.hour,
       refresh_expires_at: Time.current - 1.hour

From c537a92fb96d0770abf64e1784be9811de55410c Mon Sep 17 00:00:00 2001
From: Murdho Savila <murdho@murdho.com>
Date: Sun, 29 Dec 2024 08:33:40 +0200
Subject: [PATCH 04/24] Add some comments

---
 Gemfile                                            |  2 +-
 app/models/bank/http.rb                            |  6 +++++-
 app/models/bank/http/{json_decoder.rb => jason.rb} |  4 +++-
 app/models/bank/http/token_auto_refresh.rb         | 12 ++++++++++++
 4 files changed, 21 insertions(+), 3 deletions(-)
 rename app/models/bank/http/{json_decoder.rb => jason.rb} (72%)

diff --git a/Gemfile b/Gemfile
index 956cf16..26e93c0 100644
--- a/Gemfile
+++ b/Gemfile
@@ -54,7 +54,7 @@ end
 group :development do
   # Use console on exceptions pages [https://github.com/rails/web-console]
   gem "web-console"
-  gem "csv"
+  gem "csv", require: false
 end
 
 group :test do
diff --git a/app/models/bank/http.rb b/app/models/bank/http.rb
index dad7b87..5d73a11 100644
--- a/app/models/bank/http.rb
+++ b/app/models/bank/http.rb
@@ -4,6 +4,10 @@ module Bank::Http
   URL = "https://bankaccountdata.gocardless.com/api/v2/"
   USER_AGENT = "github.com/murdho/spendbetter"
 
+  # Create an HTTP client suitable for communicating with the bank API.
+  #
+  # [<tt>authorized_by</tt>]
+  #   Name for a Token for finding and storing API tokens. Optional.
   def client(authorized_by: nil)
     Faraday.new do |conn|
       conn.url_prefix = URL
@@ -12,7 +16,7 @@ def client(authorized_by: nil)
 
       conn.use TokenAutoRefresh, token_name: authorized_by if authorized_by
 
-      conn.response :json, parser_options: { decoder: [ JsonDecoder, :parse ] }
+      conn.response :json, parser_options: { decoder: [ Jason, :parse ] }
       conn.response :raise_error
 
       conn.response(:logger, Rails.logger) { add_logging_filters it } if Rails.env.development?
diff --git a/app/models/bank/http/json_decoder.rb b/app/models/bank/http/jason.rb
similarity index 72%
rename from app/models/bank/http/json_decoder.rb
rename to app/models/bank/http/jason.rb
index 2796fe1..f91c17a 100644
--- a/app/models/bank/http/json_decoder.rb
+++ b/app/models/bank/http/jason.rb
@@ -1,4 +1,6 @@
-class Bank::Http::JsonDecoder
+# JSON parser for converting all hash keys into underscore symbols. For example, +"transactionAmount"+ is transformed
+# into +:transaction_amount+.
+class Bank::Http::Jason
   class << self
     def parse(str, opts)
       JSON
diff --git a/app/models/bank/http/token_auto_refresh.rb b/app/models/bank/http/token_auto_refresh.rb
index a4b264a..f4bbf23 100644
--- a/app/models/bank/http/token_auto_refresh.rb
+++ b/app/models/bank/http/token_auto_refresh.rb
@@ -1,3 +1,15 @@
+# Faraday middleware for automatically refreshing and storing both access and refresh tokens.
+#
+# ==== Options
+#
+# [<tt>token_name</tt>]
+#   Specify name of the Token model record for finding and storing the API tokens.
+#
+# ==== Example
+#
+#   Faraday.new do |conn|
+#     conn.use TokenAutoRefresh, token_name: :bla_bla
+#   end
 class Bank::Http::TokenAutoRefresh < Faraday::Middleware
   attr_reader :token
 

From ee0de981ecc04a201515b4f09eff513b2a10cac5 Mon Sep 17 00:00:00 2001
From: Murdho Savila <murdho@murdho.com>
Date: Sun, 29 Dec 2024 08:45:53 +0200
Subject: [PATCH 05/24] Get rid of credentials

---
 .gitattributes                         | 2 --
 .gitignore                             | 5 -----
 config/credentials/development.yml.enc | 1 -
 config/credentials/production.yml.enc  | 1 -
 config/credentials/test.yml.enc        | 1 -
 5 files changed, 10 deletions(-)
 delete mode 100644 config/credentials/development.yml.enc
 delete mode 100644 config/credentials/production.yml.enc
 delete mode 100644 config/credentials/test.yml.enc

diff --git a/.gitattributes b/.gitattributes
index 8dc4323..31eeee0 100644
--- a/.gitattributes
+++ b/.gitattributes
@@ -5,5 +5,3 @@ db/schema.rb linguist-generated
 
 # Mark any vendored files as having been vendored.
 vendor/* linguist-vendored
-config/credentials/*.yml.enc diff=rails_credentials
-config/credentials.yml.enc diff=rails_credentials
diff --git a/.gitignore b/.gitignore
index cbe0e55..5c2b2f1 100644
--- a/.gitignore
+++ b/.gitignore
@@ -29,8 +29,3 @@
 !/tmp/storage/.keep
 
 /public/assets
-
-# Ignore keys for decrypting credentials and more.
-/config/credentials/development.key
-/config/credentials/test.key
-/config/credentials/production.key
diff --git a/config/credentials/development.yml.enc b/config/credentials/development.yml.enc
deleted file mode 100644
index c7afb69..0000000
--- a/config/credentials/development.yml.enc
+++ /dev/null
@@ -1 +0,0 @@
-t/gnyf+lT/MFSeaHf00oaU+2t32u4rdOYlsENGTcx1jZMuKAb1qyUqwxEZanNWwpQurjFdVn/EMBaOXMPkyf/ppYSIFvJ0ZFOuUeipZJ+PzsUv1JrNtu8ORpafVkt45riWEPYq/dAuNJpdIc/azCvJ+Dw8P2F2OOGjqKYcI2yxyis9uG2PMFKsYHgtQ4wA9JnOIBEQrrSMCMjHWw98nHyXkGCIsWW6I260lafCbhManrfP+/HFLMNIn7KZrFu1MvxcWNR5fsK2e1JKuwLtEu30ZTzLibxpVDt5lM7U1yZmuUBZ2g5u7zLglaDBgD6EsWKACGWnZjIHQ6NpbzrNBNBJ3Y2K3k7dmNPUKlKPoboKMIglGz7lO2DV3iZYjqvQoysa0iyuIxsCIHMGrZx+HgpYXM7SYOSVCoFV7K6PINkPoMLWj7Pf/t6utI/fmxHpd1TN67aXN9U4h6IeKMsoTXGCckZsZXA3ABHBTsdO/7JHOGqOvDUskLV8HZ5AAPlEOixvh0FlM6NPWjgdTBJIc3+p/l2siYKHyj7T0n2KkOnrFzEEW7ASbxBxDcBUQ5JdiAoSJTFb3sYgK0nC06ypYngIWBMqsFfgu41v88mzHLlyaQAlwxzZvpyfC6wgVQThxCMoGzJru0QSHcw2eGSAZg6Psfdxx3VwXh4WH9kyx3fjYwoITb3Pb1tlbdn/uGaxBnvZEBGKO/80XoGXqMDZzp6lHNUjtsifWQzzzZPUNhcOJrsP6YeUUxXcN6lZiUEwuQIFOpqkgLRJlPiur+zvBeJIJSPXK/YmBVgSts5I4Fn9NVOhUlFGLqlrT0h3/Zl8U3X8A8s5eoQVzoesbAp69sI6nFtF27pApcMCzdS03jer7WbLUF2ml9iNGTpr9B--o1Uz3C8Ao8az/+xG--LydzewxTKQNUXt6h9LOL9g==
\ No newline at end of file
diff --git a/config/credentials/production.yml.enc b/config/credentials/production.yml.enc
deleted file mode 100644
index 5b578bd..0000000
--- a/config/credentials/production.yml.enc
+++ /dev/null
@@ -1 +0,0 @@
-5nyx3Dgi85mDDyi6Zq+atbf6t2g1nOfrGUhtkMeNoY39sqUfcZsX4ZqBm4TybfwsyZLtiNtgByVi2VWzt9Huev90LmH4T4LuVLjPR1xCNWnzfrwx+ZUSB0xvMHLqxcKcuSnKpUR+DM4FG9n6A1Gl9zHDR6Z7POYmjRLovqRcq4UqQD9m2uzOPabixitz52oSdjPCZyhscN7LJzVi9BdSKSbatVpTnVSJJA59RKZYOyzzneYeO+d6oQn4ovlLSSrg0j0Uw1lI+gRl9WnidrgqK1HLc8lVhYMF/rZh1aWeD/Hdty9i018jpEekkuA+79Auf4aKmBwH3TGsIjITbIHStq6hGl7rK8ZHCJG/yRwIdFODO/k1NmYI9cbU+baaiwivYdd5Vi5CULmVd6+JNnSqjnMQFZ94Rhpvk7+XcvvqHC//x0IamjtbkKkR5bhikAQhCIniGpk4PbeEt7hsJF+Leb9ZIEqKwmI4Pbt4c8TD5LAzt/g2kSv/e2tjqeoL1nmvyytnNi3/8EuYXvCJjJohMA6CrDFxaqHTwPpVcPEiA3AqmfRCZUV00tnRS6mL4aTFcJ1QHDu8HO6JhzZd8GOgOSRoC7xXnpx3+BaPGb7lDNrNfdMtQ7HLbto5gL/Dw+6cgPjuIpRCriZ8wBNhFwT5P5SLgSivQ5ezrFXXomhp5v6eCqpFV7rWXKSF+9HidGInW6yJ5dlXw5H0GZhRUIlEzHBMfjrIXWp4VbK25y241ZhAAXkhKXmRwmznwTmQCefUkRdw5+YlkTvehiCmtZBeB7fKaZUyLtuRiO0ZLc9otw2U9XO3LmwNDOwajGxyCqZ8RujNShI6LaCKFrexpP+PpDYtlS72F7hJ+hgZmyWPyyXhMKMTbxwxXkjn0lppknghr0CF22m2weWeAh++1k7Madk4sgMz4gS6Ks/hMWyF8PitKZlKapVGo90INE5xy/Xj2cUlBp5G4KW+SHzm+b24zM01tDsI52VW7pqiWeqkqEjSOjU+gfL8JeqMYprKflHHMA==--LRPZPh6gip5b5S8M--ZnbGljb7cHhIK/etQZdQSg==
\ No newline at end of file
diff --git a/config/credentials/test.yml.enc b/config/credentials/test.yml.enc
deleted file mode 100644
index 973191b..0000000
--- a/config/credentials/test.yml.enc
+++ /dev/null
@@ -1 +0,0 @@
-vo1S0jCHvD2lBYhCmugDBqjoB6lCfjp8+FdCIeQ0XJ08TGTG2fJmdGzfMemGHYKya0B6yfHOIe3Tom7PW0MUb4MTgu7ZY0E5zs6IIgM9ihO60ehFfGHLSqxhkChUqHxNEO1J2PeH0kkld9ryYDm1DNxedcmpdOK9MF+q+Px9wqFDA6dPYRC9RAvYCW0OTzy0UjZ+c1BCwbWN9652F/3RG9eBbtf9KseiRIEzKhmnQ6gddVmcmz3K95oN5/5ewtRVlwZUauO5MSBcFBVGeimzT22bX6R3o/HwmRWdZ6ztHu7ab9X+Q1Rj6jN7tIhWD6leNcwzCUTaaKaaQB+8hessuqBhXdrFibFnCLNxM+grX+hve0HUdeZUafbYX1hWniPz90uf2uYUa7dHFSay3Ys9lgrHFGBpFYYOOApmAblGTHprq8n625SdLSBzf36k0Sk+NjEpnvze125NpDgYUyDuvZ0KHhum7pJEOoS6M2Wo+7h8OPAXP6ScAOZVadVFHNAsQC/xWYSCnSDDqYNFAHvS7mh1cur51CPUy9K7b9G7j9EF81LVPaVen23xoRG/nG4ynBJT6Pb9Z8ucFot0jAFk3LRueuYBlq5wpIib2eRyF70N8GJUlGN3l/rby8PwTNX9XzKxu6K49tn+leOIJmuyD9GqjO8+TXMBdhYPcycqQaH8KfsIcvsgIUsnLg2asMFIUQex/qEY--R5OYZPmp/L+2RhDj--MeSZAtnt/jHhfRAA2DbrRQ==
\ No newline at end of file

From c3a548329a51403811be67b151d51598e59ea0e7 Mon Sep 17 00:00:00 2001
From: Murdho Savila <murdho@murdho.com>
Date: Sun, 29 Dec 2024 10:34:42 +0200
Subject: [PATCH 06/24] Use dotenv for managing credentials

---
 .dockerignore                              |  1 +
 .env.example.erb                           |  9 +++++++++
 .gitignore                                 |  5 +++++
 Gemfile                                    |  2 ++
 Gemfile.lock                               |  1 +
 README.md                                  |  4 ++++
 app/models/bank/http/token_auto_refresh.rb |  4 ++--
 bin/dotenv_generate                        | 11 +++++++++++
 config/application.rb                      |  2 ++
 config/spendbetter.yml                     | 15 +++++++++++++++
 10 files changed, 52 insertions(+), 2 deletions(-)
 create mode 100644 .env.example.erb
 create mode 100755 bin/dotenv_generate
 create mode 100644 config/spendbetter.yml

diff --git a/.dockerignore b/.dockerignore
index 325bfc0..b390350 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -9,6 +9,7 @@
 
 # Ignore all environment files.
 /.env*
+!/.env.example.erb
 
 # Ignore all default key files.
 /config/master.key
diff --git a/.env.example.erb b/.env.example.erb
new file mode 100644
index 0000000..22a9afd
--- /dev/null
+++ b/.env.example.erb
@@ -0,0 +1,9 @@
+SECRET_KEY_BASE=<%= SecureRandom.hex 64 %>
+
+ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=<%= SecureRandom.alphanumeric(32) %>
+ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=<%= SecureRandom.alphanumeric(32) %>
+ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=<%= SecureRandom.alphanumeric(32) %>
+
+# Get yours from https://bankaccountdata.gocardless.com/user-secrets
+GOCARDLESS_SECRET_ID=
+GOCARDLESS_SECRET_KEY=
diff --git a/.gitignore b/.gitignore
index 5c2b2f1..5c94b28 100644
--- a/.gitignore
+++ b/.gitignore
@@ -9,6 +9,7 @@
 
 # Ignore all environment files.
 /.env*
+!/.env.example.erb
 
 # Ignore all logfiles and tempfiles.
 /log/*
@@ -29,3 +30,7 @@
 !/tmp/storage/.keep
 
 /public/assets
+
+# Ignore all default key files (if there happen to be any).
+/config/master.key
+/config/credentials/*.key
diff --git a/Gemfile b/Gemfile
index 26e93c0..6666fcf 100644
--- a/Gemfile
+++ b/Gemfile
@@ -49,6 +49,8 @@ group :development, :test do
 
   # Omakase Ruby styling [https://github.com/rails/rubocop-rails-omakase/]
   gem "rubocop-rails-omakase", require: false
+
+  gem "dotenv"
 end
 
 group :development do
diff --git a/Gemfile.lock b/Gemfile.lock
index f9a61eb..08fbbf5 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -395,6 +395,7 @@ DEPENDENCIES
   capybara
   csv
   debug
+  dotenv
   faraday (~> 2.12)
   importmap-rails
   jbuilder
diff --git a/README.md b/README.md
index 337175c..909f85d 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,7 @@
 # spendbetter
 
 Hey folks, spendbetter is being rebuilt and is not ready for public use yet. I'll update the readme once it is. Stay tuned!
+
+## README TODO
+
+- [ ] Use `bin/dotenv_generate > .env` to generate a `.env` file from `.env.example.erb`. After that, fill in the missing values.
diff --git a/app/models/bank/http/token_auto_refresh.rb b/app/models/bank/http/token_auto_refresh.rb
index f4bbf23..03cf689 100644
--- a/app/models/bank/http/token_auto_refresh.rb
+++ b/app/models/bank/http/token_auto_refresh.rb
@@ -45,8 +45,8 @@ def create_api_token
       save_token \
         http_client
           .post("token/new/", {
-            secret_id: Rails.application.credentials.gocardless.secret_id,
-            secret_key: Rails.application.credentials.gocardless.secret_key
+            secret_id: Rails.configuration.spendbetter.gocardless.fetch(:secret_id),
+            secret_key: Rails.configuration.spendbetter.gocardless.fetch(:secret_key)
           })
           .body
     end
diff --git a/bin/dotenv_generate b/bin/dotenv_generate
new file mode 100755
index 0000000..87568e7
--- /dev/null
+++ b/bin/dotenv_generate
@@ -0,0 +1,11 @@
+#!/usr/bin/env ruby
+require "erb"
+require "securerandom"
+
+env_example = File.read(".env.example.erb")
+
+puts <<~DOTENV.strip
+  # Generated by `bin/dotenv_generate` at #{Time.now.utc}
+
+  #{ERB.new(env_example).result}
+DOTENV
diff --git a/config/application.rb b/config/application.rb
index 4e9a40c..c524f12 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -23,5 +23,7 @@ class Application < Rails::Application
     #
     # config.time_zone = "Central Time (US & Canada)"
     # config.eager_load_paths << Rails.root.join("extras")
+
+    config.spendbetter = config_for(:spendbetter)
   end
 end
diff --git a/config/spendbetter.yml b/config/spendbetter.yml
new file mode 100644
index 0000000..1820cc2
--- /dev/null
+++ b/config/spendbetter.yml
@@ -0,0 +1,15 @@
+default: &default
+  gocardless:
+    secret_id: <%= ENV.fetch("GOCARDLESS_SECRET_ID") %>
+    secret_key: <%= ENV.fetch("GOCARDLESS_SECRET_KEY") %>
+
+development:
+  <<: *default
+
+test:
+  gocardless:
+    secret_id: fake_secret_id
+    secret_key: fake_secret_key
+
+production:
+  <<: *default

From 80858c5e1cca4f19184b13e9c3acf1275b13d907 Mon Sep 17 00:00:00 2001
From: Murdho Savila <murdho@murdho.com>
Date: Sun, 29 Dec 2024 10:35:28 +0200
Subject: [PATCH 07/24] Use consistent format in .env.example.erb

---
 .env.example.erb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.env.example.erb b/.env.example.erb
index 22a9afd..0e28dda 100644
--- a/.env.example.erb
+++ b/.env.example.erb
@@ -1,4 +1,4 @@
-SECRET_KEY_BASE=<%= SecureRandom.hex 64 %>
+SECRET_KEY_BASE=<%= SecureRandom.hex(64) %>
 
 ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=<%= SecureRandom.alphanumeric(32) %>
 ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=<%= SecureRandom.alphanumeric(32) %>

From 8ad9982f5da21546a9879f590bcab23c702d052d Mon Sep 17 00:00:00 2001
From: Murdho Savila <murdho@murdho.com>
Date: Sun, 29 Dec 2024 10:37:52 +0200
Subject: [PATCH 08/24] Remove unrelated changes

---
 app/views/layouts/application.html.erb | 16 ++--------------
 1 file changed, 2 insertions(+), 14 deletions(-)

diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb
index e5c8a38..449915f 100644
--- a/app/views/layouts/application.html.erb
+++ b/app/views/layouts/application.html.erb
@@ -1,7 +1,7 @@
 <!DOCTYPE html>
 <html>
   <head>
-    <title><%= ["spendbetter", content_for(:title)].compact.join(" – ") %></title>
+    <title><%= content_for(:title) || "Spendbetter" %></title>
     <meta name="viewport" content="width=device-width,initial-scale=1">
     <meta name="apple-mobile-web-app-capable" content="yes">
     <meta name="mobile-web-app-capable" content="yes">
@@ -16,7 +16,6 @@
     <link rel="icon" href="/icon.png" type="image/png">
     <link rel="icon" href="/icon.svg" type="image/svg+xml">
     <link rel="apple-touch-icon" href="/icon.png">
-    <link rel="stylesheet" href="https://cdn.simplecss.org/simple.min.css">
 
     <%# Includes all stylesheet files in app/assets/stylesheets %>
     <%= stylesheet_link_tag :app, "data-turbo-track": "reload" %>
@@ -24,17 +23,6 @@
   </head>
 
   <body>
-    <header>
-      <nav>
-        <%= link_to "Home", root_path %>
-        <%= link_to "Folders", folders_path %>
-        <%= link_to "Entries", entries_path %>
-      </nav>
-      <h1>spendbetter</h1>
-    </header>
-
-    <main>
-      <%= yield %>
-    </main>
+    <%= yield %>
   </body>
 </html>

From b22b5f9e85b2b8ec277fe16e67d94e4a125f406a Mon Sep 17 00:00:00 2001
From: Murdho Savila <murdho@murdho.com>
Date: Sun, 29 Dec 2024 11:06:06 +0200
Subject: [PATCH 09/24] Make sure AR encryption config is taken from env

---
 config/application.rb | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/config/application.rb b/config/application.rb
index c524f12..fa78cd2 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -25,5 +25,9 @@ class Application < Rails::Application
     # config.eager_load_paths << Rails.root.join("extras")
 
     config.spendbetter = config_for(:spendbetter)
+
+    config.active_record.encryption.primary_key = ENV["ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY"]
+    config.active_record.encryption.deterministic_key = ENV["ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY"]
+    config.active_record.encryption.key_derivation_salt = ENV["ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT"]
   end
 end

From a67142705190dfea0cf9aa47faaac63da9a489ab Mon Sep 17 00:00:00 2001
From: Murdho Savila <murdho@murdho.com>
Date: Sun, 29 Dec 2024 13:03:19 +0200
Subject: [PATCH 10/24] Add some tests for the Bank integration

---
 app/models/bank.rb                      |  48 ++++++++---
 app/models/bank/http.rb                 |   2 +-
 app/models/bank/institution.rb          |   4 +-
 app/models/bank/requisition.rb          |  29 ++++---
 test/fixtures/tokens.yml                |  12 +--
 test/models/bank/client_test.rb         |  66 ---------------
 test/models/bank/http_test.rb           |  40 +++++++++
 test/models/bank_test.rb                |  79 ++++++++++++++++++
 test/test_helpers/bank_fixtures.rb      |  60 ++++++++++++++
 test/test_helpers/bank_request_stubs.rb | 103 ++++++++++++++++++++++++
 10 files changed, 345 insertions(+), 98 deletions(-)
 delete mode 100644 test/models/bank/client_test.rb
 create mode 100644 test/models/bank/http_test.rb
 create mode 100644 test/models/bank_test.rb
 create mode 100644 test/test_helpers/bank_fixtures.rb
 create mode 100644 test/test_helpers/bank_request_stubs.rb

diff --git a/app/models/bank.rb b/app/models/bank.rb
index 0334cf2..c2143be 100644
--- a/app/models/bank.rb
+++ b/app/models/bank.rb
@@ -1,16 +1,44 @@
 module Bank
   extend self
 
+  SANDBOX_INSTITUTION_ID = "SANDBOXFINANCE_SFIN0000"
+
+  # https://gocardless.com/bank-account-data/coverage/
+  #
+  # `curl -sL https://docs.google.com/spreadsheets/d/1EZ5n7QDGaRIot5M86dwqd5UFSGEDTeTRzEq3D9uEDkM/export?format=csv`
+  #   .then { CSV.parse it, headers: true }["Countries "]
+  #   .filter { it&.length == 2 }
+  #   .uniq
+  #   .sort
+  #   .join(" ")
+  #   .then { puts "%w[#{it}]"}
+  COUNTRIES = %w[AT BE BG CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LT LU LV MT NL NO PL PT RO SE SI SK]
+
   def countries
-    # https://gocardless.com/bank-account-data/coverage/
-    #
-    # `curl -sL https://docs.google.com/spreadsheets/d/1EZ5n7QDGaRIot5M86dwqd5UFSGEDTeTRzEq3D9uEDkM/export?format=csv`
-    #   .then { CSV.parse it, headers: true }["Countries "]
-    #   .filter { it&.length == 2 }
-    #   .uniq
-    #   .sort
-    #   .join(" ")
-    #   .then { puts "%w[#{it}]"}
-    %w[AT BE BG CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LT LU LV MT NL NO PL PT RO SE SI SK]
+    COUNTRIES
+  end
+
+  def institutions(country:)
+    Bank::Institution.find_by_country(country)
+  end
+
+  def institution(id)
+    Bank::Institution.find(id)
+  end
+
+  def sandbox_institution
+    Bank::Institution.sandbox
+  end
+
+  def requisitions
+    Bank::Requisition.all
+  end
+
+  def accounts(requisition_id:)
+    Bank::Requisition.find(requisition_id).accounts
+  end
+
+  def account(id)
+    Bank::Account.find(id)
   end
 end
diff --git a/app/models/bank/http.rb b/app/models/bank/http.rb
index 5d73a11..547bc12 100644
--- a/app/models/bank/http.rb
+++ b/app/models/bank/http.rb
@@ -19,7 +19,7 @@ def client(authorized_by: nil)
       conn.response :json, parser_options: { decoder: [ Jason, :parse ] }
       conn.response :raise_error
 
-      conn.response(:logger, Rails.logger) { add_logging_filters it } if Rails.env.development?
+      conn.response(:logger, Rails.logger, headers: true, bodies: false) { add_logging_filters it } if Rails.env.local?
     end
   end
 
diff --git a/app/models/bank/institution.rb b/app/models/bank/institution.rb
index 84ea5e9..3189307 100644
--- a/app/models/bank/institution.rb
+++ b/app/models/bank/institution.rb
@@ -1,8 +1,6 @@
 class Bank::Institution
   include Bank::Connection
 
-  SANDBOX_INSTITUTION_ID = "SANDBOXFINANCE_SFIN0000"
-
   attr_reader :id, :name, :transaction_total_days, :max_access_valid_for_days
 
   def initialize(id:, **attrs)
@@ -28,7 +26,7 @@ def find(id)
     end
 
     def sandbox
-      find SANDBOX_INSTITUTION_ID
+      find Bank::SANDBOX_INSTITUTION_ID
     end
   end
 end
diff --git a/app/models/bank/requisition.rb b/app/models/bank/requisition.rb
index 13ddbde..4142b97 100644
--- a/app/models/bank/requisition.rb
+++ b/app/models/bank/requisition.rb
@@ -1,7 +1,7 @@
 class Bank::Requisition
   include Bank::Connection
 
-  attr_reader :id, :link, :reference_id, :institution_id
+  attr_reader :id, :link, :account_ids, :reference_id, :institution_id
 
   def initialize(id:, **attrs)
     @id = id
@@ -39,17 +39,8 @@ def find(id)
         .then { new(**it) }
     end
 
-    def create(institution,
-               reference_id: SecureRandom.uuid,
-               redirect_url: "http://localhost:3000")
-      connection
-        .post("agreements/enduser/", {
-          institution_id: institution.id,
-          max_historical_days: institution.transaction_total_days,
-          access_valid_for_days: institution.max_access_valid_for_days,
-          access_scope: %w[balances details transactions]
-        })
-        .body => { id: agreement_id }
+    def create(institution, reference_id: SecureRandom.uuid, redirect_url: "http://localhost:3000")
+      agreement_id = create_agreement(institution)
 
       connection
         .post("requisitions/", {
@@ -62,5 +53,19 @@ def create(institution,
         .body
         .then { new(**it) }
     end
+
+    private
+
+    def create_agreement(institution)
+      connection
+        .post("agreements/enduser/", {
+          institution_id: institution.id,
+          max_historical_days: institution.transaction_total_days,
+          access_valid_for_days: institution.max_access_valid_for_days,
+          access_scope: %w[balances details transactions]
+        })
+        .body
+        .fetch(:id)
+    end
   end
 end
diff --git a/test/fixtures/tokens.yml b/test/fixtures/tokens.yml
index 0c90730..4a13a43 100644
--- a/test/fixtures/tokens.yml
+++ b/test/fixtures/tokens.yml
@@ -2,21 +2,21 @@
 
 fresh:
   name: a fresh one
-  access_token: <%= SecureRandom.hex %>
-  refresh_token: <%= SecureRandom.hex %>
+  access_token: fresh_access_token
+  refresh_token: fresh_refresh_token
   access_expires_at: <%= Time.current + 1.hour %>
   refresh_expires_at: <%= Time.current + 1.day %>
 
 refreshable:
   name: a refreshable one
-  access_token: <%= SecureRandom.hex %>
-  refresh_token: <%= SecureRandom.hex %>
+  access_token: expired_access_token
+  refresh_token: fresh_refresh_token
   access_expires_at: <%= Time.current - 1.hour %>
   refresh_expires_at: <%= Time.current + 1.day %>
 
 expired:
   name: an expired one
-  access_token: <%= SecureRandom.hex %>
-  refresh_token: <%= SecureRandom.hex %>
+  access_token: expired_access_token
+  refresh_token: expired_refresh_token
   access_expires_at: <%= Time.current - 1.day %>
   refresh_expires_at: <%= Time.current - 1.hour %>
diff --git a/test/models/bank/client_test.rb b/test/models/bank/client_test.rb
deleted file mode 100644
index e76bafa..0000000
--- a/test/models/bank/client_test.rb
+++ /dev/null
@@ -1,66 +0,0 @@
-require "test_helper"
-require "test_helpers/bank/client_request_stubs"
-
-class Bank::ClientTest < ActiveSupport::TestCase
-  include Bank::ClientRequestStubs
-
-  def find_bank_client_token
-    Token.find_sole_by name: Bank::Client::TOKEN_NAME
-  end
-
-  def create_bank_client_token(**attributes)
-    Token.create! \
-      attributes.with_defaults \
-        name: Bank::Client::TOKEN_NAME,
-        access_token: :bank_client_access_token,
-        refresh_token: :bank_client_refresh_token,
-        access_expires_at: Time.current + 1.hour,
-        refresh_expires_at: Time.current + 1.day
-  end
-
-  test "with fresh token" do
-    skip
-
-    create_bank_client_token
-
-    client = Bank::Client.new
-    assert_equal "Bearer bank_client_access_token", client.authorization_header
-
-    token = find_bank_client_token
-    assert_equal "bank_client_access_token", token.access_token
-    assert_equal "bank_client_refresh_token", token.refresh_token
-    assert token.fresh?
-  end
-
-  test "with refreshable token" do
-    skip
-
-    create_bank_client_token access_expires_at: Time.current - 1.hour
-    stub_refresh_api_token_request
-
-    client = Bank::Client.new
-    assert_equal "Bearer refreshed_access_token", client.authorization_header
-
-    token = find_bank_client_token
-    assert_equal "refreshed_access_token", token.access_token
-    assert_equal "refreshed_refresh_token", token.refresh_token
-    assert token.fresh?
-  end
-
-  test "with expired token" do
-    skip
-
-    create_bank_client_token \
-      access_expires_at: Time.current - 1.hour,
-      refresh_expires_at: Time.current - 1.hour
-    stub_create_api_token_request
-
-    client = Bank::Client.new
-    assert_equal "Bearer brand_new_access_token", client.authorization_header
-
-    token = find_bank_client_token
-    assert_equal "brand_new_access_token", token.access_token
-    assert_equal "brand_new_refresh_token", token.refresh_token
-    assert token.fresh?
-  end
-end
diff --git a/test/models/bank/http_test.rb b/test/models/bank/http_test.rb
new file mode 100644
index 0000000..15e9500
--- /dev/null
+++ b/test/models/bank/http_test.rb
@@ -0,0 +1,40 @@
+require "test_helper"
+require "test_helpers/bank_request_stubs"
+
+class Bank::HttpTest < ActiveSupport::TestCase
+  include BankRequestStubs
+
+  test "with fresh token" do
+    stub_request :get, Bank::Http::URL
+
+    token = tokens(:fresh)
+    Bank::Http.client(authorized_by: token.name).get
+
+    assert_requested :get, Bank::Http::URL, headers: { Authorization: "Bearer fresh_access_token" }
+    assert token.reload.fresh?
+  end
+
+  test "with refreshable token" do
+    stub_request :get, Bank::Http::URL
+    stub_refresh_api_token_request
+
+    token = tokens(:refreshable)
+    Bank::Http.client(authorized_by: token.name).get
+
+    assert_requested :post, /token\/refresh/, body: { refresh: "fresh_refresh_token" }
+    assert_requested :get, Bank::Http::URL, headers: { Authorization: "Bearer fresh_access_token" }
+    assert token.reload.fresh?
+  end
+
+  test "with expired token" do
+    stub_request :get, Bank::Http::URL
+    stub_create_api_token_request
+
+    token = tokens(:expired)
+    Bank::Http.client(authorized_by: token.name).get
+
+    assert_requested :post, /token\/new/, body: { secret_id: "fake_secret_id", secret_key: "fake_secret_key" }
+    assert_requested :get, Bank::Http::URL, headers: { Authorization: "Bearer fresh_access_token" }
+    assert token.reload.fresh?
+  end
+end
diff --git a/test/models/bank_test.rb b/test/models/bank_test.rb
new file mode 100644
index 0000000..83b64ab
--- /dev/null
+++ b/test/models/bank_test.rb
@@ -0,0 +1,79 @@
+require "test_helper"
+require "test_helpers/bank_request_stubs"
+
+class BankTest < ActiveSupport::TestCase
+  include BankRequestStubs
+
+  setup do
+    stub_token_requests
+  end
+
+  test "countries" do
+    assert_equal 30, Bank.countries.count
+    assert_equal Bank::COUNTRIES, Bank.countries
+  end
+
+  test "institutions" do
+    stub_institutions_request country: "XX"
+
+    institutions = Bank.institutions country: "XX"
+    assert_equal 1, institutions.count
+    assert_equal "SANDBOXFINANCE_SFIN0000", institutions.first.id
+  end
+
+  test "institution" do
+    stub_institution_request SANDBOX_INSTITUTION
+
+    institution = Bank.institution SANDBOX_INSTITUTION_ID
+    assert_equal "SANDBOXFINANCE_SFIN0000", institution.id
+  end
+
+  test "sandbox institution" do
+    stub_institution_request SANDBOX_INSTITUTION
+
+    institution = Bank.sandbox_institution
+    assert_equal "SANDBOXFINANCE_SFIN0000", institution.id
+    assert_equal 180, institution.max_access_valid_for_days
+    assert_equal "Sandbox Finance", institution.name
+    assert_equal 90, institution.transaction_total_days
+  end
+
+  test "requisitions" do
+    stub_requisitions_request
+
+    requisitions = Bank.requisitions
+    assert_equal 1, requisitions.count
+
+    requisitions.first.tap do
+      assert_equal "780bcb92-c6cb-4cd8-9974-e0374177f7cd", it.id
+      assert_equal "SANDBOXFINANCE_SFIN0000", it.institution_id
+      assert_equal "be233689-b8b9-4c24-8b1f-9c4a7d522ea3", it.reference_id
+      assert_match /ob.gocardless.com\/ob-psd2\/start\/.*\/SANDBOXFINANCE_SFIN0000/, it.link
+      assert_equal %w[68d5b037-0706-41b7-ad63-5e62df8684d9 9daf5886-2d46-464b-9f2b-65accac9295e], it.account_ids
+    end
+  end
+
+  test "accounts" do
+    stub_accounts_request SANDBOX_REQUISITION, SANDBOX_ACCOUNT_ONE, SANDBOX_ACCOUNT_TWO
+
+    accounts = Bank.accounts requisition_id: SANDBOX_REQUISITION_ID
+    assert_equal 2, accounts.count
+
+    assert_equal "68d5b037-0706-41b7-ad63-5e62df8684d9", accounts.first.id
+    assert_equal "GL3510230000010234", accounts.first.iban
+    assert_equal "SANDBOXFINANCE_SFIN0000", accounts.first.institution_id
+
+    assert_equal "9daf5886-2d46-464b-9f2b-65accac9295e", accounts.last.id
+    assert_equal "GL2981370000081378", accounts.last.iban
+    assert_equal "SANDBOXFINANCE_SFIN0000", accounts.last.institution_id
+  end
+
+  test "account" do
+    stub_account_request SANDBOX_ACCOUNT_ONE
+
+    account = Bank.account SANDBOX_ACCOUNT_ONE_ID
+    assert_equal "68d5b037-0706-41b7-ad63-5e62df8684d9", account.id
+    assert_equal "GL3510230000010234", account.iban
+    assert_equal "SANDBOXFINANCE_SFIN0000", account.institution_id
+  end
+end
diff --git a/test/test_helpers/bank_fixtures.rb b/test/test_helpers/bank_fixtures.rb
new file mode 100644
index 0000000..1bea53e
--- /dev/null
+++ b/test/test_helpers/bank_fixtures.rb
@@ -0,0 +1,60 @@
+module BankFixtures
+  SANDBOX_INSTITUTION = {
+    id: "SANDBOXFINANCE_SFIN0000",
+    name: "Sandbox Finance",
+    bic: "SFIN0000",
+    transaction_total_days: "90",
+    countries: [ "XX" ],
+    logo: "https://cdn-logos.gocardless.com/ais/SANDBOXFINANCE_SFIN0000.png",
+    max_access_valid_for_days: "180",
+    supported_payments: {},
+    supported_features: [],
+    identification_codes: []
+  }
+
+  SANDBOX_INSTITUTION_ID = Bank::SANDBOX_INSTITUTION_ID
+
+  SANDBOX_REQUISITION = {
+    id: "780bcb92-c6cb-4cd8-9974-e0374177f7cd",
+    created: "2024-12-27T21:34:20.658531Z",
+    redirect: "http://localhost:3000",
+    status: "LN",
+    institution_id: "SANDBOXFINANCE_SFIN0000",
+    agreement: "bdaade38-3b03-4857-9ed9-4a33ce20da45",
+    reference: "be233689-b8b9-4c24-8b1f-9c4a7d522ea3",
+    accounts: [ "68d5b037-0706-41b7-ad63-5e62df8684d9", "9daf5886-2d46-464b-9f2b-65accac9295e" ],
+    user_language: "EN",
+    link: "https://ob.gocardless.com/ob-psd2/start/15321acf-7c3f-49d2-b19c-b8f749d91d7d/SANDBOXFINANCE_SFIN0000",
+    ssn: nil,
+    account_selection: false,
+    redirect_immediate: false
+  }
+
+  SANDBOX_REQUISITION_ID = SANDBOX_REQUISITION.fetch(:id)
+
+  SANDBOX_ACCOUNT_ONE = {
+    id: "68d5b037-0706-41b7-ad63-5e62df8684d9",
+    created: "2024-01-07T17:20:30.855119Z",
+    last_accessed: "2024-12-27T21:38:15.277931Z",
+    iban: "GL3510230000010234",
+    institution_id: "SANDBOXFINANCE_SFIN0000",
+    status: "READY",
+    owner_name: "John Doe",
+    bban: nil
+  }
+
+  SANDBOX_ACCOUNT_ONE_ID = SANDBOX_ACCOUNT_ONE.fetch(:id)
+
+  SANDBOX_ACCOUNT_TWO = {
+    id: "9daf5886-2d46-464b-9f2b-65accac9295e",
+    created: "2024-12-27T21:34:42.396133Z",
+    last_accessed: nil,
+    iban: "GL2981370000081378",
+    institution_id: "SANDBOXFINANCE_SFIN0000",
+    status: "READY",
+    owner_name: "Jane Doe",
+    bban: nil
+  }
+
+  SANDBOX_ACCOUNT_TWO_ID = SANDBOX_ACCOUNT_TWO.fetch(:id)
+end
diff --git a/test/test_helpers/bank_request_stubs.rb b/test/test_helpers/bank_request_stubs.rb
new file mode 100644
index 0000000..80481b1
--- /dev/null
+++ b/test/test_helpers/bank_request_stubs.rb
@@ -0,0 +1,103 @@
+require "test_helpers/bank_fixtures"
+
+module BankRequestStubs
+  extend ActiveSupport::Concern
+
+  include BankFixtures
+
+  DEFAULT_RESPONSE_HEADERS = {
+    "Content-Type": "application/json"
+  }
+
+  def stub_token_requests
+    stub_refresh_api_token_request
+    stub_create_api_token_request
+  end
+
+  def stub_refresh_api_token_request
+    stub_request(:post, "#{Bank::Http::URL}token/refresh/")
+      .with(body: { refresh: "fresh_refresh_token" })
+      .to_return(
+        status: 200,
+        headers: DEFAULT_RESPONSE_HEADERS,
+        body: {
+          access: "fresh_access_token",
+          refresh: "fresh_refresh_token",
+          access_expires: "321",
+          refresh_expires: "654"
+        }.to_json
+      )
+  end
+
+  def stub_create_api_token_request
+    stub_request(:post, "#{Bank::Http::URL}token/new/")
+      .with(body: { secret_id: "fake_secret_id", secret_key: "fake_secret_key" })
+      .to_return(
+        status: 200,
+        headers: DEFAULT_RESPONSE_HEADERS,
+        body: {
+          access: "fresh_access_token",
+          refresh: "fresh_refresh_token",
+          access_expires: "123",
+          refresh_expires: "456"
+
+        }.to_json
+      )
+  end
+
+  def stub_institutions_request(country:)
+    stub_request(:get, "#{Bank::Http::URL}institutions/")
+      .with(query: { country: })
+      .to_return(
+        status: 200,
+        headers: DEFAULT_RESPONSE_HEADERS,
+        body: [ SANDBOX_INSTITUTION ].to_json
+      )
+  end
+
+  def stub_institution_request(institution)
+    stub_request(:get, "#{Bank::Http::URL}institutions/#{institution.fetch(:id)}/")
+      .to_return(
+        status: 200,
+        headers: DEFAULT_RESPONSE_HEADERS,
+        body: institution.to_json
+      )
+  end
+
+  def stub_requisitions_request
+    stub_request(:get, "#{Bank::Http::URL}requisitions/")
+      .to_return(
+        status: 200,
+        headers: DEFAULT_RESPONSE_HEADERS,
+        body: {
+          count: 1,
+          next: nil,
+          previous: nil,
+          results: [ SANDBOX_REQUISITION ]
+        }.to_json
+      )
+  end
+
+  def stub_accounts_request(requisition, *accounts)
+    stub_requisition_request requisition
+    accounts.each { stub_account_request it }
+  end
+
+  def stub_requisition_request(requisition)
+    stub_request(:get, "#{Bank::Http::URL}requisitions/#{requisition.fetch(:id)}/")
+      .to_return(
+        status: 200,
+        headers: DEFAULT_RESPONSE_HEADERS,
+        body: requisition.to_json
+      )
+  end
+
+  def stub_account_request(account)
+    stub_request(:get, "#{Bank::Http::URL}accounts/#{account.fetch(:id)}/")
+      .to_return(
+        status: 200,
+        headers: DEFAULT_RESPONSE_HEADERS,
+        body: account.to_json
+      )
+  end
+end

From 806fbff2858a3fa78ca33c76dcf9da86922db0cf Mon Sep 17 00:00:00 2001
From: Murdho Savila <murdho@murdho.com>
Date: Sun, 29 Dec 2024 13:05:58 +0200
Subject: [PATCH 11/24] Tweak formatting

---
 app/models/bank.rb             | 8 ++++----
 app/models/bank/institution.rb | 4 ----
 2 files changed, 4 insertions(+), 8 deletions(-)

diff --git a/app/models/bank.rb b/app/models/bank.rb
index c2143be..1a6a01f 100644
--- a/app/models/bank.rb
+++ b/app/models/bank.rb
@@ -19,15 +19,15 @@ def countries
   end
 
   def institutions(country:)
-    Bank::Institution.find_by_country(country)
+    Bank::Institution.find_by_country country
   end
 
   def institution(id)
-    Bank::Institution.find(id)
+    Bank::Institution.find id
   end
 
   def sandbox_institution
-    Bank::Institution.sandbox
+    Bank::Institution.find SANDBOX_INSTITUTION_ID
   end
 
   def requisitions
@@ -39,6 +39,6 @@ def accounts(requisition_id:)
   end
 
   def account(id)
-    Bank::Account.find(id)
+    Bank::Account.find id
   end
 end
diff --git a/app/models/bank/institution.rb b/app/models/bank/institution.rb
index 3189307..d8914c9 100644
--- a/app/models/bank/institution.rb
+++ b/app/models/bank/institution.rb
@@ -24,9 +24,5 @@ def find(id)
         .body
         .then { new(**it) }
     end
-
-    def sandbox
-      find Bank::SANDBOX_INSTITUTION_ID
-    end
   end
 end

From ee1d3526093a176910aad6a2ec9f8f7f20dd7f4c Mon Sep 17 00:00:00 2001
From: Murdho Savila <murdho@murdho.com>
Date: Sun, 29 Dec 2024 13:38:23 +0200
Subject: [PATCH 12/24] Add more Bank::Account tests

---
 app/models/bank/http.rb                 |  2 +-
 test/models/bank/account_test.rb        | 38 +++++++++++++++++++
 test/test_helpers/bank_fixtures.rb      | 49 +++++++++++++++++++++++++
 test/test_helpers/bank_request_stubs.rb | 28 ++++++++++++++
 4 files changed, 116 insertions(+), 1 deletion(-)
 create mode 100644 test/models/bank/account_test.rb

diff --git a/app/models/bank/http.rb b/app/models/bank/http.rb
index 547bc12..a0adfc1 100644
--- a/app/models/bank/http.rb
+++ b/app/models/bank/http.rb
@@ -19,7 +19,7 @@ def client(authorized_by: nil)
       conn.response :json, parser_options: { decoder: [ Jason, :parse ] }
       conn.response :raise_error
 
-      conn.response(:logger, Rails.logger, headers: true, bodies: false) { add_logging_filters it } if Rails.env.local?
+      conn.response(:logger, Rails.logger, headers: true, bodies: true) { add_logging_filters it } if Rails.env.local?
     end
   end
 
diff --git a/test/models/bank/account_test.rb b/test/models/bank/account_test.rb
new file mode 100644
index 0000000..53d473f
--- /dev/null
+++ b/test/models/bank/account_test.rb
@@ -0,0 +1,38 @@
+require "test_helper"
+require "test_helpers/bank_request_stubs"
+
+class Bank::AccountTest < ActiveSupport::TestCase
+  include BankRequestStubs
+
+  setup do
+    stub_token_requests
+
+    @account = Bank::Account.new **SANDBOX_ACCOUNT_ONE
+  end
+
+  test "balances" do
+    stub_account_balances_request SANDBOX_ACCOUNT_ONE, SANDBOX_ACCOUNT_ONE_BALANCES
+
+    assert_equal SANDBOX_ACCOUNT_ONE_BALANCES, @account.balances
+  end
+
+  test "details" do
+    stub_account_details_request SANDBOX_ACCOUNT_ONE, SANDBOX_ACCOUNT_ONE_DETAILS
+
+    assert_equal SANDBOX_ACCOUNT_ONE_DETAILS, @account.details
+  end
+
+  test "transactions" do
+    stub_account_transactions_request SANDBOX_ACCOUNT_ONE, SANDBOX_ACCOUNT_ONE_TRANSACTIONS
+
+    assert_equal SANDBOX_ACCOUNT_ONE_TRANSACTIONS, @account.transactions
+  end
+
+  test "transactions from/to" do
+    stub_account_transactions_request \
+      SANDBOX_ACCOUNT_ONE, SANDBOX_ACCOUNT_ONE_TRANSACTIONS[1..], from: "2024-12-20", to: "2024-12-27"
+
+    transactions = @account.transactions(from: "2024-12-20", to: "2024-12-27")
+    assert_equal SANDBOX_ACCOUNT_ONE_TRANSACTIONS[1..], transactions
+  end
+end
diff --git a/test/test_helpers/bank_fixtures.rb b/test/test_helpers/bank_fixtures.rb
index 1bea53e..9ba27fc 100644
--- a/test/test_helpers/bank_fixtures.rb
+++ b/test/test_helpers/bank_fixtures.rb
@@ -45,6 +45,55 @@ module BankFixtures
 
   SANDBOX_ACCOUNT_ONE_ID = SANDBOX_ACCOUNT_ONE.fetch(:id)
 
+  SANDBOX_ACCOUNT_ONE_BALANCES = [
+    {
+      balance_amount: { amount: "1913.12", currency: "EUR" },
+      balance_type: "expected", reference_date: "2024-12-29"
+    },
+    {
+      balance_amount: { amount: "1913.12", currency: "EUR" },
+      balance_type: "interimAvailable", reference_date: "2024-12-29"
+    }
+  ]
+
+  SANDBOX_ACCOUNT_ONE_DETAILS = {
+    resource_id: "01F3NS4YV94RA29YCH8R0F6BMF",
+    iban: "GL3510230000010234",
+    currency: "EUR",
+    owner_name: "John Doe",
+    name: "Main Account",
+    product: "Checkings",
+    cash_account_type: "CACC"
+  }
+
+  SANDBOX_ACCOUNT_ONE_TRANSACTIONS = [
+    {
+      transaction_id: "2024122801773517-1",
+      entry_reference: "2024122801773517-1",
+      booking_date: "2024-12-28",
+      value_date: "2024-12-28",
+      transaction_amount: { amount: "-95.35", currency: "EUR" },
+      creditor_name: "Freshto Ideal",
+      remittance_information_unstructured: "Freshto Ideal Clerkenwell",
+      bank_transaction_code: "PMNT",
+      proprietary_bank_transaction_code: "PURCHASE",
+      internal_transaction_id: "fe956029a01f42f53e6ddec7058780f8"
+    },
+    {
+      transaction_id: "2024122801773516-1",
+      entry_reference: "2024122801773516-1",
+      booking_date: "2024-12-27",
+      value_date: "2024-12-27",
+      transaction_amount: { amount: "15.00", currency: "EUR" },
+      debtor_name: "Jennifer Houston",
+      debtor_account: { iban: "IE96BOFI900017816198" },
+      remittance_information_unstructured: "Cab sharing, thank you!",
+      bank_transaction_code: "PMNT",
+      proprietary_bank_transaction_code: "TRANSFER",
+      internal_transaction_id: "7e369a9f8826501041598e5bd05aca38"
+    }
+  ]
+
   SANDBOX_ACCOUNT_TWO = {
     id: "9daf5886-2d46-464b-9f2b-65accac9295e",
     created: "2024-12-27T21:34:42.396133Z",
diff --git a/test/test_helpers/bank_request_stubs.rb b/test/test_helpers/bank_request_stubs.rb
index 80481b1..62d946e 100644
--- a/test/test_helpers/bank_request_stubs.rb
+++ b/test/test_helpers/bank_request_stubs.rb
@@ -100,4 +100,32 @@ def stub_account_request(account)
         body: account.to_json
       )
   end
+
+  def stub_account_balances_request(account, balances)
+    stub_request(:get, "#{Bank::Http::URL}accounts/#{account.fetch(:id)}/balances/")
+      .to_return(
+        status: 200,
+        headers: DEFAULT_RESPONSE_HEADERS,
+        body: { balances: }.to_json
+      )
+  end
+
+  def stub_account_details_request(account, details)
+    stub_request(:get, "#{Bank::Http::URL}accounts/#{account.fetch(:id)}/details/")
+      .to_return(
+        status: 200,
+        headers: DEFAULT_RESPONSE_HEADERS,
+        body: { account: details }.to_json
+      )
+  end
+
+  def stub_account_transactions_request(account, transactions, from: nil, to: nil)
+    stub_request(:get, "#{Bank::Http::URL}accounts/#{account.fetch(:id)}/transactions/")
+      .with(query: { date_from: from, date_to: to }.compact)
+      .to_return(
+        status: 200,
+        headers: DEFAULT_RESPONSE_HEADERS,
+        body: { transactions: { booked: transactions } }.to_json
+      )
+  end
 end

From d7995efe3091abed5c9242df4cf67c18cc172c15 Mon Sep 17 00:00:00 2001
From: Murdho Savila <murdho@murdho.com>
Date: Sun, 29 Dec 2024 13:47:36 +0200
Subject: [PATCH 13/24] Add machinery for checking test coverage

---
 .gitignore          | 3 +++
 Gemfile             | 1 +
 Gemfile.lock        | 8 ++++++++
 lib/tasks/test.rake | 7 +++++++
 test/test_helper.rb | 5 +++++
 5 files changed, 24 insertions(+)
 create mode 100644 lib/tasks/test.rake

diff --git a/.gitignore b/.gitignore
index 5c94b28..6316b7f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -34,3 +34,6 @@
 # Ignore all default key files (if there happen to be any).
 /config/master.key
 /config/credentials/*.key
+
+# Ignore test coverage reports
+/coverage
diff --git a/Gemfile b/Gemfile
index 6666fcf..0a30531 100644
--- a/Gemfile
+++ b/Gemfile
@@ -64,6 +64,7 @@ group :test do
   gem "capybara"
   gem "selenium-webdriver"
   gem "webmock", require: false
+  gem "simplecov", require: false
 end
 
 gem "faraday", "~> 2.12"
diff --git a/Gemfile.lock b/Gemfile.lock
index 08fbbf5..c40d61b 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -133,6 +133,7 @@ GEM
     debug (1.10.0)
       irb (~> 1.10)
       reline (>= 0.3.8)
+    docile (1.4.1)
     dotenv (3.1.7)
     drb (2.2.1)
     ed25519 (1.3.0)
@@ -304,6 +305,12 @@ GEM
       rexml (~> 3.2, >= 3.2.5)
       rubyzip (>= 1.2.2, < 3.0)
       websocket (~> 1.0)
+    simplecov (0.22.0)
+      docile (~> 1.1)
+      simplecov-html (~> 0.11)
+      simplecov_json_formatter (~> 0.1)
+    simplecov-html (0.13.1)
+    simplecov_json_formatter (0.1.4)
     solid_cable (3.0.5)
       actioncable (>= 7.2)
       activejob (>= 7.2)
@@ -405,6 +412,7 @@ DEPENDENCIES
   rails!
   rubocop-rails-omakase
   selenium-webdriver
+  simplecov
   solid_cable
   solid_cache
   solid_queue
diff --git a/lib/tasks/test.rake b/lib/tasks/test.rake
new file mode 100644
index 0000000..7fcde7c
--- /dev/null
+++ b/lib/tasks/test.rake
@@ -0,0 +1,7 @@
+namespace :test do
+  desc "Run tests with coverage enabled"
+  task coverage: :environment do
+    ENV["COVERAGE"] = "true"
+    Rake::Task["test"].invoke
+  end
+end
diff --git a/test/test_helper.rb b/test/test_helper.rb
index 3910fec..5b1c80e 100644
--- a/test/test_helper.rb
+++ b/test/test_helper.rb
@@ -1,3 +1,8 @@
+if ENV["COVERAGE"]
+  require "simplecov"
+  SimpleCov.start
+end
+
 ENV["RAILS_ENV"] ||= "test"
 require_relative "../config/environment"
 require "rails/test_help"

From 80d0a91ec2936742c815cac396e0457c18af54e1 Mon Sep 17 00:00:00 2001
From: Murdho Savila <murdho@murdho.com>
Date: Sun, 29 Dec 2024 13:59:33 +0200
Subject: [PATCH 14/24] Add .env.test for tests

---
 .dockerignore                        |  1 +
 .env.test                            | 10 ++++++++++
 .gitignore                           |  1 +
 config/spendbetter.yml               |  8 +++-----
 test/application_system_test_case.rb |  2 ++
 test/system/entries_test.rb          |  2 +-
 test/system/folders_test.rb          |  2 +-
 7 files changed, 19 insertions(+), 7 deletions(-)
 create mode 100644 .env.test

diff --git a/.dockerignore b/.dockerignore
index b390350..e210bab 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -10,6 +10,7 @@
 # Ignore all environment files.
 /.env*
 !/.env.example.erb
+!/.env.test
 
 # Ignore all default key files.
 /config/master.key
diff --git a/.env.test b/.env.test
new file mode 100644
index 0000000..39866a7
--- /dev/null
+++ b/.env.test
@@ -0,0 +1,10 @@
+# Generated by `bin/dotenv_generate` at 2024-12-29 11:55:02 UTC
+
+SECRET_KEY_BASE=8c6c7e76595083a2b5e0b72d70c7e0a1abe9e18a4f2e4808920d1a896c0258a3b55773c20a2cd8cf33db8001b94074b6dc755955aaccd42641a87a0f80cb051b
+
+ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=ugv4fakdv28DyyCjx0KVy9Tpi2c2vgbL
+ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=u5YSUUdY8HKaYTbf6QWuwlPM5GnkGc4t
+ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=GjTAic8Ak0kkON6Ok40pZ9Jv1vRMi9HC
+
+GOCARDLESS_SECRET_ID=fake_secret_id
+GOCARDLESS_SECRET_KEY=fake_secret_key
diff --git a/.gitignore b/.gitignore
index 6316b7f..1999f2d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -10,6 +10,7 @@
 # Ignore all environment files.
 /.env*
 !/.env.example.erb
+!/.env.test
 
 # Ignore all logfiles and tempfiles.
 /log/*
diff --git a/config/spendbetter.yml b/config/spendbetter.yml
index 1820cc2..e676161 100644
--- a/config/spendbetter.yml
+++ b/config/spendbetter.yml
@@ -1,15 +1,13 @@
 default: &default
   gocardless:
-    secret_id: <%= ENV.fetch("GOCARDLESS_SECRET_ID") %>
-    secret_key: <%= ENV.fetch("GOCARDLESS_SECRET_KEY") %>
+    secret_id: <%= ENV["GOCARDLESS_SECRET_ID"] %>
+    secret_key: <%= ENV["GOCARDLESS_SECRET_KEY"] %>
 
 development:
   <<: *default
 
 test:
-  gocardless:
-    secret_id: fake_secret_id
-    secret_key: fake_secret_key
+  <<: *default
 
 production:
   <<: *default
diff --git a/test/application_system_test_case.rb b/test/application_system_test_case.rb
index cee29fd..22b199e 100644
--- a/test/application_system_test_case.rb
+++ b/test/application_system_test_case.rb
@@ -2,4 +2,6 @@
 
 class ApplicationSystemTestCase < ActionDispatch::SystemTestCase
   driven_by :selenium, using: :headless_chrome, screen_size: [ 1400, 1400 ]
+
+  WebMock.disable_net_connect! allow_localhost: true
 end
diff --git a/test/system/entries_test.rb b/test/system/entries_test.rb
index cfbe92b..f734db3 100644
--- a/test/system/entries_test.rb
+++ b/test/system/entries_test.rb
@@ -2,7 +2,7 @@
 
 class EntriesTest < ApplicationSystemTestCase
   setup do
-    @entry = entries(:one)
+    @entry = entries(:bus_ticket)
   end
 
   test "visiting the index" do
diff --git a/test/system/folders_test.rb b/test/system/folders_test.rb
index 3a28084..510c93d 100644
--- a/test/system/folders_test.rb
+++ b/test/system/folders_test.rb
@@ -2,7 +2,7 @@
 
 class FoldersTest < ApplicationSystemTestCase
   setup do
-    @folder = folders(:one)
+    @folder = folders(:main)
   end
 
   test "visiting the index" do

From 9a6c4ad652540a4e3cde1cd75cbb9f8bcfc338b3 Mon Sep 17 00:00:00 2001
From: Murdho Savila <murdho@murdho.com>
Date: Sun, 29 Dec 2024 16:52:14 +0200
Subject: [PATCH 15/24] Tweak some formatting

---
 test/models/bank/account_test.rb | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/test/models/bank/account_test.rb b/test/models/bank/account_test.rb
index 53d473f..608e176 100644
--- a/test/models/bank/account_test.rb
+++ b/test/models/bank/account_test.rb
@@ -6,32 +6,27 @@ class Bank::AccountTest < ActiveSupport::TestCase
 
   setup do
     stub_token_requests
-
     @account = Bank::Account.new **SANDBOX_ACCOUNT_ONE
   end
 
   test "balances" do
     stub_account_balances_request SANDBOX_ACCOUNT_ONE, SANDBOX_ACCOUNT_ONE_BALANCES
-
     assert_equal SANDBOX_ACCOUNT_ONE_BALANCES, @account.balances
   end
 
   test "details" do
     stub_account_details_request SANDBOX_ACCOUNT_ONE, SANDBOX_ACCOUNT_ONE_DETAILS
-
     assert_equal SANDBOX_ACCOUNT_ONE_DETAILS, @account.details
   end
 
   test "transactions" do
     stub_account_transactions_request SANDBOX_ACCOUNT_ONE, SANDBOX_ACCOUNT_ONE_TRANSACTIONS
-
     assert_equal SANDBOX_ACCOUNT_ONE_TRANSACTIONS, @account.transactions
   end
 
   test "transactions from/to" do
     stub_account_transactions_request \
       SANDBOX_ACCOUNT_ONE, SANDBOX_ACCOUNT_ONE_TRANSACTIONS[1..], from: "2024-12-20", to: "2024-12-27"
-
     transactions = @account.transactions(from: "2024-12-20", to: "2024-12-27")
     assert_equal SANDBOX_ACCOUNT_ONE_TRANSACTIONS[1..], transactions
   end

From c56eacc09386b9fd14be99b6409c5890c83c20a2 Mon Sep 17 00:00:00 2001
From: Murdho Savila <murdho@murdho.com>
Date: Sun, 29 Dec 2024 17:57:10 +0200
Subject: [PATCH 16/24] Add Bank.connect and Bank.disconnect with tests

---
 app/models/bank.rb                      |  8 +++++
 test/models/bank_test.rb                | 16 +++++++++
 test/test_helpers/bank_fixtures.rb      | 12 ++++++-
 test/test_helpers/bank_request_stubs.rb | 47 +++++++++++++++++++++++++
 4 files changed, 82 insertions(+), 1 deletion(-)

diff --git a/app/models/bank.rb b/app/models/bank.rb
index 1a6a01f..232ff10 100644
--- a/app/models/bank.rb
+++ b/app/models/bank.rb
@@ -14,6 +14,14 @@ module Bank
   #   .then { puts "%w[#{it}]"}
   COUNTRIES = %w[AT BE BG CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LT LU LV MT NL NO PL PT RO SE SI SK]
 
+  def connect(institution, **opts)
+    Bank::Requisition.create institution, **opts
+  end
+
+  def disconnect(requisition)
+    requisition.delete
+  end
+
   def countries
     COUNTRIES
   end
diff --git a/test/models/bank_test.rb b/test/models/bank_test.rb
index 83b64ab..08302c1 100644
--- a/test/models/bank_test.rb
+++ b/test/models/bank_test.rb
@@ -8,6 +8,22 @@ class BankTest < ActiveSupport::TestCase
     stub_token_requests
   end
 
+  test "connect" do
+    stub_create_agreement_request institution: SANDBOX_INSTITUTION
+    stub_create_requisition_request institution: SANDBOX_INSTITUTION, agreement: SANDBOX_AGREEMENT
+
+    requisition = Bank.connect Bank::Institution.new(**SANDBOX_INSTITUTION)
+    assert_equal "780bcb92-c6cb-4cd8-9974-e0374177f7cd", requisition.id
+    assert_equal "SANDBOXFINANCE_SFIN0000", requisition.institution_id
+  end
+
+  test "disconnect" do
+    stub_delete_requisition_request SANDBOX_REQUISITION
+
+    Bank.disconnect Bank::Requisition.new(**SANDBOX_REQUISITION)
+    assert_requested :delete, /requisitions\/780bcb92-c6cb-4cd8-9974-e0374177f7cd/
+  end
+
   test "countries" do
     assert_equal 30, Bank.countries.count
     assert_equal Bank::COUNTRIES, Bank.countries
diff --git a/test/test_helpers/bank_fixtures.rb b/test/test_helpers/bank_fixtures.rb
index 9ba27fc..55e6bca 100644
--- a/test/test_helpers/bank_fixtures.rb
+++ b/test/test_helpers/bank_fixtures.rb
@@ -14,13 +14,23 @@ module BankFixtures
 
   SANDBOX_INSTITUTION_ID = Bank::SANDBOX_INSTITUTION_ID
 
+  SANDBOX_AGREEMENT = {
+    id: "d915bfed-bbff-43c9-bf5a-4d62bdadbe29",
+    created: "2024-12-29T15:22:12.231989Z",
+    institution_id: "SANDBOXFINANCE_SFIN0000",
+    max_historical_days: 90,
+    access_valid_for_days: 180,
+    access_scope: [ "balances", "details", "transactions" ],
+    accepted: nil
+  }
+
   SANDBOX_REQUISITION = {
     id: "780bcb92-c6cb-4cd8-9974-e0374177f7cd",
     created: "2024-12-27T21:34:20.658531Z",
     redirect: "http://localhost:3000",
     status: "LN",
     institution_id: "SANDBOXFINANCE_SFIN0000",
-    agreement: "bdaade38-3b03-4857-9ed9-4a33ce20da45",
+    agreement: "d915bfed-bbff-43c9-bf5a-4d62bdadbe29",
     reference: "be233689-b8b9-4c24-8b1f-9c4a7d522ea3",
     accounts: [ "68d5b037-0706-41b7-ad63-5e62df8684d9", "9daf5886-2d46-464b-9f2b-65accac9295e" ],
     user_language: "EN",
diff --git a/test/test_helpers/bank_request_stubs.rb b/test/test_helpers/bank_request_stubs.rb
index 62d946e..5afb966 100644
--- a/test/test_helpers/bank_request_stubs.rb
+++ b/test/test_helpers/bank_request_stubs.rb
@@ -64,6 +64,41 @@ def stub_institution_request(institution)
       )
   end
 
+  def stub_create_agreement_request(institution:)
+    stub_request(:post, "#{Bank::Http::URL}agreements/enduser/")
+      .with(
+        body: {
+          institution_id: institution.fetch(:id),
+          max_historical_days: institution.fetch(:transaction_total_days).to_i,
+          access_valid_for_days: institution.fetch(:max_access_valid_for_days).to_i,
+          access_scope: %w[balances details transactions]
+        }
+      )
+      .to_return(
+        status: 200,
+        headers: DEFAULT_RESPONSE_HEADERS,
+        body: SANDBOX_AGREEMENT.to_json
+      )
+  end
+
+  def stub_create_requisition_request(institution:, agreement:)
+    stub_request(:post, "#{Bank::Http::URL}requisitions/")
+      .with(
+        body: {
+          institution_id: institution.fetch(:id),
+          agreement: agreement.fetch(:id),
+          reference: /^\h{8}-(\h{4}-){3}\h{12}$/, # Any UUID
+          redirect: "http://localhost:3000", # Placeholder value for now
+          user_language: "EN"
+        }
+      )
+      .to_return(
+        status: 200,
+        headers: DEFAULT_RESPONSE_HEADERS,
+        body: SANDBOX_REQUISITION.to_json
+      )
+  end
+
   def stub_requisitions_request
     stub_request(:get, "#{Bank::Http::URL}requisitions/")
       .to_return(
@@ -92,6 +127,18 @@ def stub_requisition_request(requisition)
       )
   end
 
+  def stub_delete_requisition_request(requisition)
+    stub_request(:delete, "#{Bank::Http::URL}requisitions/#{requisition.fetch(:id)}/")
+      .to_return(
+        status: 200,
+        headers: DEFAULT_RESPONSE_HEADERS,
+        body: {
+          summary: "Requisition deleted",
+          detail: "Requisition #{requisition.fetch(:id)} deleted with all its End User Agreements"
+        }.to_json
+      )
+  end
+
   def stub_account_request(account)
     stub_request(:get, "#{Bank::Http::URL}accounts/#{account.fetch(:id)}/")
       .to_return(

From bb8e0bb654452d07850908c692c523b17dde0dc3 Mon Sep 17 00:00:00 2001
From: Murdho Savila <murdho@murdho.com>
Date: Sun, 29 Dec 2024 20:37:35 +0200
Subject: [PATCH 17/24] Move class << self section to the beginning of class
 for readability

---
 app/models/bank/account.rb     | 18 +++++-----
 app/models/bank/institution.rb | 14 ++++----
 app/models/bank/requisition.rb | 61 +++++++++++++++++-----------------
 3 files changed, 46 insertions(+), 47 deletions(-)

diff --git a/app/models/bank/account.rb b/app/models/bank/account.rb
index ccd6db7..e6e2866 100644
--- a/app/models/bank/account.rb
+++ b/app/models/bank/account.rb
@@ -3,6 +3,15 @@ class Bank::Account
 
   attr_reader :id, :iban, :institution_id
 
+  class << self
+    def find(id)
+      connection
+        .get("accounts/#{id}/")
+        .body
+        .then { new(**it) }
+    end
+  end
+
   def initialize(id:, **attrs)
     @id = id
     @iban = attrs[:iban]
@@ -33,15 +42,6 @@ def transactions(from: nil, to: nil)
     end
   end
 
-  class << self
-    def find(id)
-      connection
-        .get("accounts/#{id}/")
-        .body
-        .then { new(**it) }
-    end
-  end
-
   private
     def fetch_transactions(from: nil, to: nil)
       connection
diff --git a/app/models/bank/institution.rb b/app/models/bank/institution.rb
index d8914c9..a52e888 100644
--- a/app/models/bank/institution.rb
+++ b/app/models/bank/institution.rb
@@ -3,13 +3,6 @@ class Bank::Institution
 
   attr_reader :id, :name, :transaction_total_days, :max_access_valid_for_days
 
-  def initialize(id:, **attrs)
-    @id = id
-    @name = attrs[:name]
-    @transaction_total_days = attrs[:transaction_total_days].to_i
-    @max_access_valid_for_days = attrs[:max_access_valid_for_days].to_i
-  end
-
   class << self
     def find_by_country(country)
       connection
@@ -25,4 +18,11 @@ def find(id)
         .then { new(**it) }
     end
   end
+
+  def initialize(id:, **attrs)
+    @id = id
+    @name = attrs[:name]
+    @transaction_total_days = attrs[:transaction_total_days].to_i
+    @max_access_valid_for_days = attrs[:max_access_valid_for_days].to_i
+  end
 end
diff --git a/app/models/bank/requisition.rb b/app/models/bank/requisition.rb
index 4142b97..963acb9 100644
--- a/app/models/bank/requisition.rb
+++ b/app/models/bank/requisition.rb
@@ -3,26 +3,6 @@ class Bank::Requisition
 
   attr_reader :id, :link, :account_ids, :reference_id, :institution_id
 
-  def initialize(id:, **attrs)
-    @id = id
-    @link = attrs[:link]
-    @account_ids = attrs[:accounts]
-    @reference_id = attrs[:reference]
-    @institution_id = attrs[:institution_id]
-  end
-
-  def accounts
-    raise "Cannot fetch accounts without account_ids" unless @account_ids.present?
-
-    @accounts ||= @account_ids.map { Bank::Account.find it }
-  end
-
-  def delete
-    connection
-      .delete("requisitions/#{id}/")
-      .body
-  end
-
   class << self
     def all
       connection
@@ -55,17 +35,36 @@ def create(institution, reference_id: SecureRandom.uuid, redirect_url: "http://l
     end
 
     private
+      def create_agreement(institution)
+        connection
+          .post("agreements/enduser/", {
+            institution_id: institution.id,
+            max_historical_days: institution.transaction_total_days,
+            access_valid_for_days: institution.max_access_valid_for_days,
+            access_scope: %w[balances details transactions]
+          })
+          .body
+          .fetch(:id)
+      end
+  end
 
-    def create_agreement(institution)
-      connection
-        .post("agreements/enduser/", {
-          institution_id: institution.id,
-          max_historical_days: institution.transaction_total_days,
-          access_valid_for_days: institution.max_access_valid_for_days,
-          access_scope: %w[balances details transactions]
-        })
-        .body
-        .fetch(:id)
-    end
+  def initialize(id:, **attrs)
+    @id = id
+    @link = attrs[:link]
+    @account_ids = attrs[:accounts]
+    @reference_id = attrs[:reference]
+    @institution_id = attrs[:institution_id]
+  end
+
+  def accounts
+    raise "Cannot fetch accounts without account_ids" unless @account_ids.present?
+
+    @accounts ||= @account_ids.map { Bank::Account.find it }
+  end
+
+  def delete
+    connection
+      .delete("requisitions/#{id}/")
+      .body
   end
 end

From bd04bc6896608ca40a7411ffcd2f8fcdb026de07 Mon Sep 17 00:00:00 2001
From: Murdho Savila <murdho@murdho.com>
Date: Sun, 29 Dec 2024 20:40:39 +0200
Subject: [PATCH 18/24] Add assert method for simple assertions

---
 app/models/bank/requisition.rb  |  3 +--
 config/initializers/core_ext.rb | 10 ++++++++++
 2 files changed, 11 insertions(+), 2 deletions(-)
 create mode 100644 config/initializers/core_ext.rb

diff --git a/app/models/bank/requisition.rb b/app/models/bank/requisition.rb
index 963acb9..2b34b6f 100644
--- a/app/models/bank/requisition.rb
+++ b/app/models/bank/requisition.rb
@@ -57,8 +57,7 @@ def initialize(id:, **attrs)
   end
 
   def accounts
-    raise "Cannot fetch accounts without account_ids" unless @account_ids.present?
-
+    assert @account_ids, "Cannot fetch accounts, @account_ids missing: #{self.inspect}"
     @accounts ||= @account_ids.map { Bank::Account.find it }
   end
 
diff --git a/config/initializers/core_ext.rb b/config/initializers/core_ext.rb
new file mode 100644
index 0000000..3b7bb12
--- /dev/null
+++ b/config/initializers/core_ext.rb
@@ -0,0 +1,10 @@
+class Object
+  AssertionFailed = Class.new(StandardError)
+
+  def assert(test, message = nil)
+    unless test
+      message ||= "Expected #{test.inspect} to be truthy."
+      raise AssertionFailed, message
+    end
+  end
+end

From abbaf1906d0aeb5f208d49dd524f7df98f3085a9 Mon Sep 17 00:00:00 2001
From: Murdho Savila <murdho@murdho.com>
Date: Sun, 29 Dec 2024 20:42:20 +0200
Subject: [PATCH 19/24] Run tests with coverage in CI

---
 .github/workflows/ci.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index f605d00..2239829 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -79,7 +79,7 @@ jobs:
         env:
           RAILS_ENV: test
           # REDIS_URL: redis://localhost:6379/0
-        run: bin/rails db:test:prepare test test:system
+        run: bin/rails db:test:prepare test:coverage test:system
 
       - name: Keep screenshots from failed system tests
         uses: actions/upload-artifact@v4

From 49219d1076b44ebbd41a96fa869e3206ad9f61ef Mon Sep 17 00:00:00 2001
From: Murdho Savila <murdho@murdho.com>
Date: Sun, 29 Dec 2024 20:45:15 +0200
Subject: [PATCH 20/24] ci: split system tests into separate step

---
 .github/workflows/ci.yml | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 2239829..c275099 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -79,7 +79,12 @@ jobs:
         env:
           RAILS_ENV: test
           # REDIS_URL: redis://localhost:6379/0
-        run: bin/rails db:test:prepare test:coverage test:system
+        run: bin/rails db:test:prepare test:coverage
+
+      - name: Run system tests
+        env:
+          RAILS_ENV: test
+        run: bin/rails db:test:prepare test:system
 
       - name: Keep screenshots from failed system tests
         uses: actions/upload-artifact@v4

From b9331f960fadfa9837b8ea1ab67a3fcee4c3989c Mon Sep 17 00:00:00 2001
From: Murdho Savila <murdho@murdho.com>
Date: Sun, 29 Dec 2024 20:57:08 +0200
Subject: [PATCH 21/24] Remove parentheses from calls with double splat

---
 app/models/bank/account.rb     | 2 +-
 app/models/bank/institution.rb | 4 ++--
 app/models/bank/requisition.rb | 6 +++---
 test/models/bank_test.rb       | 4 ++--
 4 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/app/models/bank/account.rb b/app/models/bank/account.rb
index e6e2866..69b51fb 100644
--- a/app/models/bank/account.rb
+++ b/app/models/bank/account.rb
@@ -8,7 +8,7 @@ def find(id)
       connection
         .get("accounts/#{id}/")
         .body
-        .then { new(**it) }
+        .then { new **it }
     end
   end
 
diff --git a/app/models/bank/institution.rb b/app/models/bank/institution.rb
index a52e888..939ced0 100644
--- a/app/models/bank/institution.rb
+++ b/app/models/bank/institution.rb
@@ -8,14 +8,14 @@ def find_by_country(country)
       connection
         .get("institutions/", { country: })
         .body
-        .map { new(**it) }
+        .map { new **it }
     end
 
     def find(id)
       connection
         .get("institutions/#{id}/")
         .body
-        .then { new(**it) }
+        .then { new **it }
     end
   end
 
diff --git a/app/models/bank/requisition.rb b/app/models/bank/requisition.rb
index 2b34b6f..afb6de7 100644
--- a/app/models/bank/requisition.rb
+++ b/app/models/bank/requisition.rb
@@ -9,14 +9,14 @@ def all
         .get("requisitions/")
         .body
         .fetch(:results)
-        .map { new(**it) }
+        .map { new **it }
     end
 
     def find(id)
       connection
         .get("requisitions/#{id}/")
         .body
-        .then { new(**it) }
+        .then { new **it }
     end
 
     def create(institution, reference_id: SecureRandom.uuid, redirect_url: "http://localhost:3000")
@@ -31,7 +31,7 @@ def create(institution, reference_id: SecureRandom.uuid, redirect_url: "http://l
           user_language: "EN"
         })
         .body
-        .then { new(**it) }
+        .then { new **it }
     end
 
     private
diff --git a/test/models/bank_test.rb b/test/models/bank_test.rb
index 08302c1..a154b6b 100644
--- a/test/models/bank_test.rb
+++ b/test/models/bank_test.rb
@@ -12,7 +12,7 @@ class BankTest < ActiveSupport::TestCase
     stub_create_agreement_request institution: SANDBOX_INSTITUTION
     stub_create_requisition_request institution: SANDBOX_INSTITUTION, agreement: SANDBOX_AGREEMENT
 
-    requisition = Bank.connect Bank::Institution.new(**SANDBOX_INSTITUTION)
+    requisition = Bank.connect Bank::Institution.new **SANDBOX_INSTITUTION
     assert_equal "780bcb92-c6cb-4cd8-9974-e0374177f7cd", requisition.id
     assert_equal "SANDBOXFINANCE_SFIN0000", requisition.institution_id
   end
@@ -20,7 +20,7 @@ class BankTest < ActiveSupport::TestCase
   test "disconnect" do
     stub_delete_requisition_request SANDBOX_REQUISITION
 
-    Bank.disconnect Bank::Requisition.new(**SANDBOX_REQUISITION)
+    Bank.disconnect Bank::Requisition.new **SANDBOX_REQUISITION
     assert_requested :delete, /requisitions\/780bcb92-c6cb-4cd8-9974-e0374177f7cd/
   end
 

From aedf4a59d3233fb960e0cd2a9cd288250ef71237 Mon Sep 17 00:00:00 2001
From: Murdho Savila <murdho@murdho.com>
Date: Sun, 29 Dec 2024 21:30:59 +0200
Subject: [PATCH 22/24] Reorganize core_ext and add tests

---
 config/initializers/core_ext.rb  | 11 +----------
 lib/core_ext/object.rb           | 10 ++++++++++
 test/lib/core_ext/object_test.rb | 17 +++++++++++++++++
 3 files changed, 28 insertions(+), 10 deletions(-)
 create mode 100644 lib/core_ext/object.rb
 create mode 100644 test/lib/core_ext/object_test.rb

diff --git a/config/initializers/core_ext.rb b/config/initializers/core_ext.rb
index 3b7bb12..24a6dd3 100644
--- a/config/initializers/core_ext.rb
+++ b/config/initializers/core_ext.rb
@@ -1,10 +1 @@
-class Object
-  AssertionFailed = Class.new(StandardError)
-
-  def assert(test, message = nil)
-    unless test
-      message ||= "Expected #{test.inspect} to be truthy."
-      raise AssertionFailed, message
-    end
-  end
-end
+require "core_ext/object"
diff --git a/lib/core_ext/object.rb b/lib/core_ext/object.rb
new file mode 100644
index 0000000..3b7bb12
--- /dev/null
+++ b/lib/core_ext/object.rb
@@ -0,0 +1,10 @@
+class Object
+  AssertionFailed = Class.new(StandardError)
+
+  def assert(test, message = nil)
+    unless test
+      message ||= "Expected #{test.inspect} to be truthy."
+      raise AssertionFailed, message
+    end
+  end
+end
diff --git a/test/lib/core_ext/object_test.rb b/test/lib/core_ext/object_test.rb
new file mode 100644
index 0000000..3ca1bbf
--- /dev/null
+++ b/test/lib/core_ext/object_test.rb
@@ -0,0 +1,17 @@
+require "test_helper"
+
+class CoreExt::ObjectTest < ActiveSupport::TestCase
+  setup do
+    @obj = Object.new
+  end
+
+  test "assert" do
+    assert_nothing_raised do
+      @obj.assert true, "something's afoot"
+    end
+
+    assert_raises AssertionFailed, match: /something's afoot/ do
+      @obj.assert false, "something's afoot"
+    end
+  end
+end

From ca544d3e566f0c7928dba0c5fd431f83d7dc683c Mon Sep 17 00:00:00 2001
From: Murdho Savila <murdho@murdho.com>
Date: Sun, 29 Dec 2024 21:32:43 +0200
Subject: [PATCH 23/24] Rename test class

---
 test/lib/core_ext/object_test.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/lib/core_ext/object_test.rb b/test/lib/core_ext/object_test.rb
index 3ca1bbf..63f83d6 100644
--- a/test/lib/core_ext/object_test.rb
+++ b/test/lib/core_ext/object_test.rb
@@ -1,6 +1,6 @@
 require "test_helper"
 
-class CoreExt::ObjectTest < ActiveSupport::TestCase
+class ObjectTest < ActiveSupport::TestCase
   setup do
     @obj = Object.new
   end

From f710199f096ba07304b8e315803598208ec33ecd Mon Sep 17 00:00:00 2001
From: Murdho Savila <murdho@murdho.com>
Date: Sun, 29 Dec 2024 21:36:01 +0200
Subject: [PATCH 24/24] Try to fix the core_ext loading issue

---
 config/initializers/core_ext.rb | 11 ++++++++++-
 lib/core_ext/object.rb          | 10 ----------
 2 files changed, 10 insertions(+), 11 deletions(-)
 delete mode 100644 lib/core_ext/object.rb

diff --git a/config/initializers/core_ext.rb b/config/initializers/core_ext.rb
index 24a6dd3..3b7bb12 100644
--- a/config/initializers/core_ext.rb
+++ b/config/initializers/core_ext.rb
@@ -1 +1,10 @@
-require "core_ext/object"
+class Object
+  AssertionFailed = Class.new(StandardError)
+
+  def assert(test, message = nil)
+    unless test
+      message ||= "Expected #{test.inspect} to be truthy."
+      raise AssertionFailed, message
+    end
+  end
+end
diff --git a/lib/core_ext/object.rb b/lib/core_ext/object.rb
deleted file mode 100644
index 3b7bb12..0000000
--- a/lib/core_ext/object.rb
+++ /dev/null
@@ -1,10 +0,0 @@
-class Object
-  AssertionFailed = Class.new(StandardError)
-
-  def assert(test, message = nil)
-    unless test
-      message ||= "Expected #{test.inspect} to be truthy."
-      raise AssertionFailed, message
-    end
-  end
-end