Access to Postbox-Archiv folder via new frontend

[chanzui]

Hi,

The old website login has been deactived by DKB.
Login via the new website still allows to access the old Postfach (Postfach -> Weitere Dokumente) in an iFrame. The iFrame is the old Website. In the iFrame only the old Postfach can be accessed.

I had no luck downloading the contents of the old Archiv folder with
dkb.scan_postbox(path, download_all True, archive True, prepend_date False).

Is this old website "Archiv" folder downlaodable?
Thanks a lot.

[grindsa]

Hi, currently its not possible but let me have a look what can be done...

[maresb]

I'm taking a quick look to see if there's something obvious going on.

The first time opening "Weitere Dokumente" I see a POST request to https://banking.dkb.de/api/sso-redirect. The response is OK and there's a response header of the form:

set-cookie: __Secure-ssoAuthCode=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx; Domain=.dkb.de; Path=/; Expires=Sun, 01 Dec 2024 11:35:17 GMT; HttpOnly; Secure; SameSite=Strict

where the xs seem to be a UUID. This is followed by a GET request to https://www.ib.dkb.de/ssohl/banking/postfach where the response has my name.

I haven't yet tried playing with the client...

[maresb]

Ah, ok... turns out what I just discovered above already implemented as Wrapper._do_sso_redirect(). This is even called on Wrapper.login(). But now I'm confused why I often get the "Entdecke dein neues Banking!" page. Maybe it's just because my session is expiring?

[maresb]

Making some good partial progress!!! In short, it looks like we need to adjust the base URL from https://www.ib.dkb.de to https://www.ib.dkb.de/ssohl. (We may need to do more on top of this.)

Here's my work from the REPL:

Set up logging:

import logging

debug = False
if debug:
    log_mode = logging.DEBUG
else:
    log_mode = logging.INFO

# define standard log format
log_format = '%(message)s'
logging.basicConfig(
    format=log_format,
    datefmt="%Y-%m-%d %H:%M:%S",
    level=log_mode)
logger = logging.getLogger('dkb_robo')

Set up wrapper (I used my own settings class):

from dkb_robo.api import Wrapper

w = Wrapper(
    dkb_user=settings.dkb_user,
    dkb_password=settings.dkb_password,
    mfa_device=3,
    logger=logger,
)

# login and get the account overview
(account_dic, last_login) = w.login()

Note that last_login is None. Possible bug?

Hold the session open (requires #70)

from dkb_robo.refresher import SessionRefresher

refresher = SessionRefresher(w.client)
refresher.start()

Define expected text in the old Postfach HTML:

my_name = "Mares"

Query it:

def query_old_banking_state() -> str:
    old_banking = w.client.get("https://www.ib.dkb.de/ssohl/banking/postfach")
    old_banking.raise_for_status()

    if "Entdecke dein neues Banking!" in old_banking.text:
        return "Unauthenticated"
    elif my_name in old_banking.text:
        return "Authenticated"
    else:
        return "Unknown state"

print(query_old_banking_state())

Trigger the redirect to authenticate on the old Postfach:

w._do_sso_redirect()
print(query_old_banking_state())

This should always be Authenticated.

Configure the legacy wrapper:

from dkb_robo.legacy import Wrapper as Legacywrapper

lw = Legacywrapper(logger=logger)
lw.base_url += "/ssohl"
lw.dkb_br = lw._new_instance(w.client.cookies)

Very important, the new legacy base URL has added /ssohl to the end!!!!! https://www.ib.dkb.de/ssohl

Now look at what we can do!

import json

postbox_dic = lw.scan_postbox()
print(json.dumps(postbox_dic, indent=2, ensure_ascii=False))

{
  "Mitteilungen": {
    "name": "Mitteilungen",
    "details": "https://www.ib.dkb.de/ssohl/ssohl/banking/postfach/ordner?$event=gotoFolder&folderNameOrId=%24inbox",
    "documents": {}
  },
  "Vertragsinformationen": {
    "name": "Vertragsinformationen",
    "details": "https://www.ib.dkb.de/ssohl/ssohl/banking/postfach/ordner?$event=gotoFolder&folderNameOrId=%24vertragsinformationen",
    "documents": {}
  },
  "Kontoauszüge": {
    "name": "Kontoauszüge",
    "details": "https://www.ib.dkb.de/ssohl/ssohl/banking/postfach/ordner?$event=gotoFolder&folderNameOrId=%24kontoauszuege",
    "documents": {}
  },
  "Kreditkartenabrechnungen": {
    "name": "Kreditkartenabrechnungen",
    "details": "https://www.ib.dkb.de/ssohl/ssohl/banking/postfach/ordner?$event=gotoFolder&folderNameOrId=%24kreditkartenabrechnungen",
    "documents": {}
  },
  "Wertpapierdokumente": {
    "name": "Wertpapierdokumente",
    "details": "https://www.ib.dkb.de/ssohl/ssohl/banking/postfach/ordner?$event=gotoFolder&folderNameOrId=%24wertpapierdokumente",
    "documents": {}
  },
  "Steuerbescheinigungen": {
    "name": "Steuerbescheinigungen",
    "details": "https://www.ib.dkb.de/ssohl/ssohl/banking/postfach/ordner?$event=gotoFolder&folderNameOrId=%24steuerbescheinigungen",
    "documents": {}
  },
  "Archiv": {
    "name": "Archiv",
    "details": "https://www.ib.dkb.de/ssohl/ssohl/banking/postfach/ordner?$event=gotoFolder&folderNameOrId=archiv",
    "documents": {}
  },
  "Tresor": {
    "name": "Tresor",
    "details": "https://www.ib.dkb.de/ssohl/ssohl/banking/postfach/ordner?$event=gotoFolder&folderNameOrId=tresor",
    "documents": {}
  }
}

[maresb]

We need to fix the reconstruction of the full details URLs above (note the double ssohl).

I'm experimenting with the timeouts for the old Postfach, and it seems that _do_sso_redirect() is good for 120s since the last activity, so the low timeout is why I've experienced those issues. But any query resets the countdown to 120s.

print(query_old_banking_state())
time.sleep(119)
print(query_old_banking_state())
time.sleep(119)
print(query_old_banking_state())
time.sleep(121)
print(query_old_banking_state())

Authenticated
Authenticated
Authenticated
Unauthenticated