Tuesday, August 1, 2017

Patch / Update Available


Last Updated: 8/27/2017

Recent changes at Vanguard prompted another round of minor patches to the scripts, which can be downloaded @ https://sites.google.com/site/pocketsense/home/msmoneyfixp1/p2


Detail: Vanguard is now using session tokens (cookies).  There were a number of ways to handle it, but I chose to allow the first connection attempt to fail, and return the server-response cookie on the next attempt, thus using the same tokens as the server.  We could instead send a client token on the first pass, and skip the double-connect, but that requires an assumption re: expected server tokens.  The hope is that the chosen method will support changes at other banks, should they choose to use session keys, regardless of token schema.


45 comments:

  1. Thank you again, update works!

    Kale

    ReplyDelete
  2. Setting a timeOffset in sites.dat, such as
    timeOffset : -30

    gives an error "type object 'datetime.datetime' has no attribute 'timedelta'"

    A cure is to change "from datetime import datetime" to "from datetime import datetime, timedelta" and to change "datetime.timedelta(hours=h)" to "timedelta(hours=h)".

    I don't know why that is needed.

    CL





    ReplyDelete
    Replies
    1. What version of Python are you using?

      Delete
    2. Never mind... it's a bug introduced somewhere along the way. I replaced datetime.datetime calls w/ a datetime import. Missed the timedelta part, since I don't use it. Will fix.

      Delete
  3. Thanks for all the work you have done.
    There is an issue i am facing. I am using Google finance and not yahoo finance. If i check for quotes for symbol "BOM:500012", the result given is wrong i.e. i think it is multiplying the code itself i.e. 500012 * the day's price and giving wrong result. e.g. today's rate is 32.05 but getdata is returning like G: BOM:500012 16025384.6 8/24/2017 4:00pm

    ReplyDelete
    Replies
    1. I see the problem, and you're correct re: the multiplier. The scripts allow a multiplier option for each quote line, and is specified using a M:# parameter. The BOM: is being interpreted incorrectly, so I'll modify the script to handle it better.

      Delete
    2. Thanks. The update works fine now.

      Delete
  4. The scripts have been updated to address the two issues mentioned above.

    ReplyDelete
  5. I finally got my acct defined properly with USAA, at least it said it downloaded successfully. But I get this error message:OFXAdapter: Failed to parse request: Unable to parse a composite field "OFXRequest.OFXRequest": postTag "/OFX" not found. I can see no OFX data when I open the XFER file other than that msg. Any idea where I go from here?

    ReplyDelete
    Replies
    1. Just a guess here, but try explicitly setting ofxVer:102 in sites.dat for USAA. If that doesn't work, see if they support ofx 2.x (e.g., ofxVer:211).

      Delete
  6. No, that did not work. Msg: OFXAdapter: Failed to parse request: Unable to parse a composite field "OFXRequest.OFXRequest": postTag "/OFX" not found.
    I will ask them if they support 2.X

    ReplyDelete
    Replies
    1. I did a quick search and found another comment from long ago: "Apparently, with USAA, leading 0's in an account number are really necessary". Just a fyi, since many banks/sites require leading zeros be included w/ the account number (e.g., 00001987567).

      Delete
  7. Yes, I already knew that from my past experience with Quicken. I use two leading zero's. I also found that if I did not get the acct number correct, the error msg tells me that. But in this case, it says the data downloaded, even though I get the error msg above.

    ReplyDelete
  8. I have multiple accounts at USAA that are working, here's the USAA section from my sites.dat:

    SiteName : USAA
    AcctType : BASTMT #bank
    fiorg : USAA
    fid : 24591
    url : https://service2.usaa.com/ofx/OFXServlet
    bankid : 314074269
    brokerid :
    appid : QWIN
    appver : 1700
    mininterval:
    timeOffset :

    I also noted that usernames must be zero-padded to exactly 9 digits and account numbers must be zero-padded to exactly 10 digits.

    Hope that helps!

    ReplyDelete
  9. Thank you. That is for USAA Federal Savings Bank, I am trying to get it to work for USAA Investment Management Co. which uses different stuff. I did know that the user ID needed to be 9 digits with leading zeros. I wonder if I can dummy in the appid and appver?

    ReplyDelete


  10. LarryB, what is your sites.dat entry for USAA Investment Management Co?

    CL

    ReplyDelete
    Replies
    1. Name: USAA Investment Mgmt Co
      AcctType: INVSTMT
      fi: USAA
      Fid: 24592
      url: https://service2.usaa.com/ofx/OFXServlet
      brokerid USAA.com

      Delete
    2. Is that a copy/paste from the actual sites.dat file? Some field names aren't what's expected. Specifically: Name should be SiteName and fi should be FiOrg. Also, the colon is missing after brokerid.

      Delete
  11. It is not a cut/paste since it is on a different computer. It is all entered properly in the form on the sites.dat file

    ReplyDelete
  12. Hi Robert! Got a question. For accounts that use the same bank, how hard would it be to set it up to get all files on the same login session? I have just changed the password on BoA where I have multiple accounts. I forgot to change the password on PocketSense, so it issued an incorrect login multiple times... boom. BoA locked me out. My fault entirely, but it would be less likely to happen if only one login was used for all accounts in the bank.

    ReplyDelete
    Replies
    1. I'm pretty sure the OFX standard supports it, but ... the scripts are written w/ an explicit "one connection per statement" logic. I like the idea, but I'd need to think it through. I'm certain that it can't be done "as is", and that some core logic would need to be revamped. The nice thing about "one connection per request" is that each account is processed independently, and therefore no assumptions re "grouping by sign-on credentials".

      Delete
  13. Has anyone been using Pocketsense with what used to be Hewitt Associates and is now Alight Solutions? I have been getting an error message "EOF occurred in violation of protocol" for about a month now, and I assume that they have changed things at their end. However, they have been remarkably and breathtakingly unresponsive in telling me what changed, so I wondered if anybody here had been using them and knew what to change to make it work again?

    Harold

    ReplyDelete
  14. In Windows Internet Options, in the Advanced tab, make sure that Use TLS 1.0, Use TLS 1.1, and Use TLS 1.2 are all enabled.

    CL

    ReplyDelete
    Replies
    1. I already had it set that way, but I tried turning it off and on... didn't fix it. Which means the problem still persists...

      Delete
    2. I upgraded to Active Python 2.7.13, and that solved the problem.

      Delete
  15. My BofA accounts stopped working this week (my last successful run was last week) with the error "An incorrect username/password combination has been entered. Please try again." Neither the username nor the password has changed and I was able to successfully login via their website as usual. I have a credit card and 3 checking accounts I use with PocketSense. The downloads have been working perfectly for a couple of years. Any ideas before I try to call BofA and see if my OFX access was disabled?

    ReplyDelete
  16. Same issue with BoA here. Last successful download was Sept 23.

    ReplyDelete
  17. Just a FYI for folks having issues... be sure you've updated to the latest Python 2.7.x version.

    ReplyDelete
    Replies
    1. Do you mean the updated scripts (from 8/27) or upgrading Python itself? I did download the 8/27 scripts yesterday and am still getting the same error.

      Delete
    2. TO ALL BOA CUSTOMERS:

      Change the ODXVER in Sites.dat to 103 and give it a go.

      The Bank is clueless and helpless as usual.

      Ray

      Delete
    3. I added this line to the BofA site profile in sites.dat but the error remained the same:

      ofxVer : 103

      Delete
    4. I was referring to Python itself, since there were one or two versions that caused SSL connection issues. Probably not related in this case, but a good idea.

      Delete
    5. I upgraded to Active Python 2.7.13, and that solved my problem with Hewitt Associates / Alight Soutions that began on 8/17/17 (presumably due to some kind of library upgrade on their side). Thanks!

      Delete
  18. Thank you Anonymous.

    ofxVer: 103 worked for me in solving BoA issues.

    It worked on my BoA personal accounts, BoA business accounts (different bankid) and BoA credit card. I'm using ActivePython 2.7.1.4

    Robert - are the order and spacing of the sites.dat entries critical? Don't know if that might have affected B-Man and why 103 didn't work for him.

    Here is my working entry:

    SiteName : BOA BANKING
    AcctType : BASTMT
    fiorg : HAN
    fid : 5959
    url : https://eftx.bankofamerica.com/eftxweb/access.ofx
    bankid : 052001633
    brokerid :
    ofxVer : 103
    appid :
    appver :
    mininterval: 30

    ReplyDelete
    Replies
    1. Field order doesn't matter, but probably a good idea to cross-check all parameters vs your working set.

      Delete
    2. I updated to ActivePython 2.7.13.27 and still same error. Here's my Sites.dat entry for BofA:


      SiteName : BOFACHECK
      AcctType : BASTMT #bank
      fiorg : HAN
      fid : 5959
      url : https://eftx.bankofamerica.com/eftxweb/access.ofx
      bankid : 053000196
      brokerid :
      ofxVer : 103
      appid : QWIN
      appver : 2300
      mininterval:
      timeOffset :

      Delete
    3. moneydance's config file is located at http://moneydance.com/synch/moneydance/fi2004.dict

      This is their entry for BofA:
      {
      "id" = "md:1039"
      "access_type" = "OFX"
      "fi_name" = "Bank of America"
      "bootstrap_url" = "https://eftx.bankofamerica.com/eftxweb/access.ofx"
      "fi_id" = "5959"
      "uses_fi_tag" = "y"
      "fi_org" = "HAN"
      "app_id" = "QWIN"
      "app_ver" = "2400"
      }

      It looks like you need to set appver to 2400. The bankid looks like it is the ABA routing number for your account, double check that yours is correct. I also do not use BofA.

      Delete
    4. What I had to do to get BofA downloading again:
      1. ofxVer : 103
      2. run Setup.py, test accounts, test BofA, it fails.
      3. Use my browser to login to bankofamerica.com, it will prompt you with a below message.
      4. Click OK, it will start the 10 minutes countdown.
      5. Go back to the command prompt where I have my Setup.py still running, test my BofA account again (within the 10 minutes). It works.

      --------------------------
      Thanks for signing in.


      We want to make sure you stay protected when you link your Bank of America account to financial management software.

      To stay secure, you’ll need to sign in to Online Banking when you:

      ◾Use Quicken or QuickBooks on an unrecognized device
      ◾Add a new Bank of America account to record transactions
      ◾Receive a software update for Quicken or QuickBooks

      Now that you’ve signed in, you can go back to Quicken or QuickBooks and continue to download your transactions.




      Please note: You’ll need to sign in to Quicken or QuickBooks within 10 minutes of selecting OK or you’ll have to repeat this sign-in process at another time.

      Delete
    5. Whew! I got the prompt when I signed in through BofA OLB and now the downloads are working. Thanks all!

      Delete
  19. Looking at the GnuCash site OFX_Direct_Connect_Bank_Settings page, you might try removing your appid or using "appid: QBW".

    I don't use BofA. Just an idea.

    CL

    ReplyDelete
    Replies
    1. Thanks for the continued suggestions all. Nothing's helping, though. Same error when I removed the appid and when I changed it to QBW.

      Delete
  20. Thanks to all for the help with the recent issue on Bank of America! Keep up the good work.

    ReplyDelete
  21. I got my BOA checking/savings accounts working by adding in the ofxVer : 103 line and then logging into the website and approving the access. However, I still can't get my BOA credit card to work. It just gives the old username/password error. Here is my entry.


    SiteName : BOACC
    AcctType : CCSTMT #credit card
    fiorg : HAN
    fid : 5959
    url : https://eftx.bankofamerica.com/eftxweb/access.ofx
    bankid :
    brokerid :
    ofxVer : 103
    appid :
    appver :
    mininterval:
    timeOffset :

    ReplyDelete
  22. The CC is working now. I had not added the ofxVer:103 line until after I had done it on the checking/savings and tested those. When I ran it again they all errored out with the 'or log on' error so I logged on to the website, gave permission, and now everything works.

    ReplyDelete
  23. Another BoA update. ofxVer initially worked for me, and then today I started getting invalid username/password errors. Login on via the web site gave me the Quicken permissions prompt, and then everything went back to normal.

    Bottom line - there is something BoA is doing which may cause you to loose Quicken access. So first order of defense, if PocketSense fails, immediately log unto web interface to make sure you give permissions.

    I'm not sure if they are now sensitive to IP changes or some other variable. This might make sense, since they are effectively trying to set up a two-step initial authentication.

    ReplyDelete