grindsa
Access to Postbox-Archiv folder via new frontend
Hi,
The old website login has been deactived by DKB. Login via the new website still allows to access the old Postfach (Postfach -> Weitere Dokumente) in an iFrame. The iFrame is the old Website. In the iFrame only the old Postfach can be accessed.
I had no luck downloading the contents of the old Archiv folder with dkb.scan_postbox(path, download_all True, archive True, prepend_date False).
Is this old website "Archiv" folder downlaodable? Thanks a lot.
I'm taking a quick look to see if there's something obvious going on.
The first time opening "Weitere Dokumente" I see a POST request to https://banking.dkb.de/api/sso-redirect. The response is OK and there's a response header of the form:
set-cookie: __Secure-ssoAuthCode=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx; Domain=.dkb.de; Path=/; Expires=Sun, 01 Dec 2024 11:35:17 GMT; HttpOnly; Secure; SameSite=Strict
where the xs seem to be a UUID. This is followed by a GET request to https://www.ib.dkb.de/ssohl/banking/postfach where the response has my name.
I haven't yet tried playing with the client...
Ah, ok... turns out what I just discovered above already implemented as Wrapper._do_sso_redirect(). This is even called on Wrapper.login(). But now I'm confused why I often get the "Entdecke dein neues Banking!" page. Maybe it's just because my session is expiring?
Making some good partial progress!!! In short, it looks like we need to adjust the base URL from https://www.ib.dkb.de to https://www.ib.dkb.de/ssohl. (We may need to do more on top of this.)
Here's my work from the REPL:
Set up logging:
import logging
debug = False
if debug:
log_mode = logging.DEBUG
else:
log_mode = logging.INFO
# define standard log format
log_format = '%(message)s'
logging.basicConfig(
format=log_format,
datefmt="%Y-%m-%d %H:%M:%S",
level=log_mode)
logger = logging.getLogger('dkb_robo')
Set up wrapper (I used my own settings class):
from dkb_robo.api import Wrapper
w = Wrapper(
dkb_user=settings.dkb_user,
dkb_password=settings.dkb_password,
mfa_device=3,
logger=logger,
)
# login and get the account overview
(account_dic, last_login) = w.login()
Note that last_login is None. Possible bug?
Hold the session open (requires #70)
from dkb_robo.refresher import SessionRefresher
refresher = SessionRefresher(w.client)
refresher.start()
Define expected text in the old Postfach HTML:
my_name = "Mares"
Query it:
def query_old_banking_state() -> str:
old_banking = w.client.get("https://www.ib.dkb.de/ssohl/banking/postfach")
old_banking.raise_for_status()
if "Entdecke dein neues Banking!" in old_banking.text:
return "Unauthenticated"
elif my_name in old_banking.text:
return "Authenticated"
else:
return "Unknown state"
print(query_old_banking_state())
Trigger the redirect to authenticate on the old Postfach:
w._do_sso_redirect()
print(query_old_banking_state())
This should always be Authenticated.
Configure the legacy wrapper:
from dkb_robo.legacy import Wrapper as Legacywrapper
lw = Legacywrapper(logger=logger)
lw.base_url += "/ssohl"
lw.dkb_br = lw._new_instance(w.client.cookies)
Very important, the new legacy base URL has added /ssohl to the end!!!!! https://www.ib.dkb.de/ssohl
Now look at what we can do!
import json
postbox_dic = lw.scan_postbox()
print(json.dumps(postbox_dic, indent=2, ensure_ascii=False))
{
"Mitteilungen": {
"name": "Mitteilungen",
"details": "https://www.ib.dkb.de/ssohl/ssohl/banking/postfach/ordner?$event=gotoFolder&folderNameOrId=%24inbox",
"documents": {}
},
"Vertragsinformationen": {
"name": "Vertragsinformationen",
"details": "https://www.ib.dkb.de/ssohl/ssohl/banking/postfach/ordner?$event=gotoFolder&folderNameOrId=%24vertragsinformationen",
"documents": {}
},
"Kontoauszüge": {
"name": "Kontoauszüge",
"details": "https://www.ib.dkb.de/ssohl/ssohl/banking/postfach/ordner?$event=gotoFolder&folderNameOrId=%24kontoauszuege",
"documents": {}
},
"Kreditkartenabrechnungen": {
"name": "Kreditkartenabrechnungen",
"details": "https://www.ib.dkb.de/ssohl/ssohl/banking/postfach/ordner?$event=gotoFolder&folderNameOrId=%24kreditkartenabrechnungen",
"documents": {}
},
"Wertpapierdokumente": {
"name": "Wertpapierdokumente",
"details": "https://www.ib.dkb.de/ssohl/ssohl/banking/postfach/ordner?$event=gotoFolder&folderNameOrId=%24wertpapierdokumente",
"documents": {}
},
"Steuerbescheinigungen": {
"name": "Steuerbescheinigungen",
"details": "https://www.ib.dkb.de/ssohl/ssohl/banking/postfach/ordner?$event=gotoFolder&folderNameOrId=%24steuerbescheinigungen",
"documents": {}
},
"Archiv": {
"name": "Archiv",
"details": "https://www.ib.dkb.de/ssohl/ssohl/banking/postfach/ordner?$event=gotoFolder&folderNameOrId=archiv",
"documents": {}
},
"Tresor": {
"name": "Tresor",
"details": "https://www.ib.dkb.de/ssohl/ssohl/banking/postfach/ordner?$event=gotoFolder&folderNameOrId=tresor",
"documents": {}
}
}
We need to fix the reconstruction of the full details URLs above (note the double ssohl).
I'm experimenting with the timeouts for the old Postfach, and it seems that _do_sso_redirect() is good for 120s since the last activity, so the low timeout is why I've experienced those issues. But any query resets the countdown to 120s.
print(query_old_banking_state())
time.sleep(119)
print(query_old_banking_state())
time.sleep(119)
print(query_old_banking_state())
time.sleep(121)
print(query_old_banking_state())
Authenticated
Authenticated
Authenticated
Unauthenticated
Hi! Reopening this, as the situation seems to have changed:
The "Archiv" seems to no longer be an iFrame (never checked before), but is now properly organized within the postbox folder structure. I can navigate to "Archivierte Dokumente" -> "Archiv", which contains all the old archive folders.
The JSON response contains a (new?) parameter "containsSubfolders" that indicates if the folder holds documents or subfolders.
I would like to download all my documents from the old archive. So it would be nice if this tool could be extended to iterate through those subfolders.
Thank you!
I've just created a pull-request that adds the command download-archive to create a local copy of all archived files.
Works find for me when running:
dkb -d -u <login> download-archive