DhanHQ 2.1.10 → 2.2.1

data/VERSION_UPDATE.md

@@ -0,0 +1,82 @@
+# Version Update Summary
+
+**Previous Version**: 2.1.10  
+**New Version**: 2.1.11  
+**Release Date**: 2025-01-27
+
+## Version Bump Rationale
+
+This is a **PATCH version** bump (2.1.10 → 2.1.11) because:
+
+1. **All changes are backward compatible** - No breaking API changes
+2. **Primarily bug fixes** - Critical thread safety, memory leaks, and error handling improvements
+3. **No new features** - Only improvements to existing functionality
+4. **Follows semantic versioning** - PATCH for bug fixes
+
+## Changes Included
+
+### Critical Fixes (4)
+- Rate limiter race condition
+- Client initialization validation
+- WebSocket error handling
+- Price field validation (NaN/Infinity)
+
+### High Priority Fixes (5)
+- Order tracker memory leak
+- JSON parse error handling
+- Timeout configuration
+- WebSocket thread safety
+- Error object handling consistency
+
+### Medium Priority Fixes (8)
+- Retry logic for transient errors
+- Order modification state validation
+- Error mapping improvements
+- Rate limiter cleanup thread shutdown
+- Order operation logging
+- And more...
+
+### Low Priority Fixes (6)
+- Code cleanup and deduplication
+- Type checking improvements
+- Response format logging
+- And more...
+
+### API Compliance (2)
+- Header validation
+- 202 Accepted status handling
+
+## Files Updated
+
+- `lib/DhanHQ/version.rb` - Version updated to 2.1.11
+- `CHANGELOG.md` - Added comprehensive changelog entry
+- All fix files as documented in `FIXES_APPLIED.md`
+
+## Testing
+
+All fixes include comprehensive test coverage:
+- ✅ 36 spec files total
+- ✅ New test files created for new functionality
+- ✅ Existing tests updated for improved behavior
+- ✅ No linter errors
+
+## Backward Compatibility
+
+✅ **100% Backward Compatible - Verified**
+- No breaking API changes
+- All existing code continues to work without modification
+- Validation moved to request time (not initialization) to maintain compatibility
+- Order modification validation is warning-only (API handles final validation)
+- JSON parsing handles empty strings gracefully (backward compatible)
+- New features are opt-in via environment variables
+- Default behavior unchanged
+- All fixes align with API documentation at https://api.dhan.co/v2/#/
+
+## Next Steps
+
+1. Run full test suite: `bundle exec rspec`
+2. Verify integration tests pass
+3. Update documentation if needed
+4. Tag release: `git tag v2.1.11`
+5. Build gem: `gem build DhanHQ.gemspec`
+6. Push to repository

data/docs/AUTHENTICATION.md

@@ -0,0 +1,63 @@
+# Authentication & token handling
+
+This document describes how the gem handles access tokens, including dynamic resolution, retry-on-401, and related errors.
+
+## Static token (default)
+
+Set `access_token` once; it is sent on every request:
+
+```ruby
+DhanHQ.configure do |config|
+  config.client_id = ENV["DHAN_CLIENT_ID"]
+  config.access_token = ENV["ACCESS_TOKEN"]
+end
+```
+
+## Dynamic access token
+
+For production or OAuth-style flows, resolve the token at **request time** so it can rotate without restarting the app:
+
+```ruby
+DhanHQ.configure do |config|
+  config.client_id = ENV["DHAN_CLIENT_ID"]
+  config.access_token_provider = lambda do
+    record = YourTokenStore.active  # e.g. from DB or OAuth
+    raise "Token expired or missing" unless record
+    record.access_token
+  end
+  config.on_token_expired = ->(error) { YourTokenStore.refresh! }  # optional
+end
+```
+
+- **`access_token_provider`**: Callable (Proc/lambda) that returns the access token string. Called on **every request** (no memoization). When set, the gem uses it instead of `access_token`.
+- **`on_token_expired`**: Optional callable invoked when a 401/token-expired triggers a **single retry** (only when `access_token_provider` is set). Use for logging or refreshing your store; the retry then uses the token from the provider.
+
+REST and WebSocket clients both use `config.resolved_access_token`, which calls the provider when set or falls back to `access_token`.
+
+## Retry-on-401
+
+When the API returns **401** or a token-expired error (e.g. error code **807**), and `access_token_provider` is set:
+
+1. The client catches the auth error (`InvalidAuthenticationError`, `InvalidTokenError`, `TokenExpiredError`, or `AuthenticationFailedError`).
+2. It calls `on_token_expired&.call(error)` if configured.
+3. It retries the request **once**. The retry uses `build_headers` → `resolved_access_token` → provider again, so the next token is used.
+
+If the provider is not set, or the retry also returns 401, the error is raised. There is no second retry for auth failures.
+
+## Errors
+
+| Error | When |
+| ----- | ----- |
+| **`DhanHQ::AuthenticationError`** | Token could not be resolved: missing config, or `access_token_provider` returned nil/empty. |
+| **`DhanHQ::InvalidAuthenticationError`** | API returned 401 or error code DH-901 (invalid/expired token). |
+| **`DhanHQ::TokenExpiredError`** | API returned error code **807** (token expired). |
+| **`DhanHQ::InvalidTokenError`** | API returned error code 809 (invalid token). |
+| **`DhanHQ::AuthenticationFailedError`** | API returned error code 808 (auth failed). |
+
+Rescue `AuthenticationError` for local config/token resolution failures; rescue `InvalidAuthenticationError` / `TokenExpiredError` for API-reported auth failures.
+
+## See also
+
+- [README.md](../README.md) — Configuration and “Dynamic access token”
+- [rails_integration.md](rails_integration.md) — Rails initializer with optional `access_token_provider`
+- [CHANGELOG.md](../CHANGELOG.md) — 2.2.0 auth and token changes

data/docs/DATA_API_PARAMETERS.md

@@ -0,0 +1,278 @@
+# Data API Required Parameters
+
+This document lists all required parameters for data APIs from LTP (Last Traded Price) to Option Chain.
+
+## 1. Market Feed APIs
+
+### 1.1 LTP (Last Traded Price)
+**Method:** `DhanHQ::Models::MarketFeed.ltp`
+
+**Required Parameters:**
+- `params` [Hash{String => Array<Integer>}] - Payload mapping exchange segments to arrays of security IDs
+  - Keys: Exchange segment strings (e.g., "NSE_EQ", "NSE_FNO", "BSE_EQ", "BSE_FNO", "IDX_I", etc.)
+  - Values: Arrays of security IDs (integers)
+
+**Example:**
+```ruby
+payload = {
+  "NSE_EQ" => [11536, 3456],
+  "NSE_FNO" => [49081, 49082]
+}
+response = DhanHQ::Models::MarketFeed.ltp(payload)
+```
+
+**Notes:**
+- Up to 1000 instruments per request
+- Rate limit: 1 request per second
+
+---
+
+### 1.2 OHLC (Open, High, Low, Close)
+**Method:** `DhanHQ::Models::MarketFeed.ohlc`
+
+**Required Parameters:**
+- `params` [Hash{String => Array<Integer>}] - Payload mapping exchange segments to arrays of security IDs
+  - Keys: Exchange segment strings (e.g., "NSE_EQ", "NSE_FNO", "BSE_EQ", "BSE_FNO", "IDX_I", etc.)
+  - Values: Arrays of security IDs (integers)
+
+**Example:**
+```ruby
+payload = {
+  "NSE_EQ" => [11536]
+}
+response = DhanHQ::Models::MarketFeed.ohlc(payload)
+```
+
+**Notes:**
+- Up to 1000 instruments per request
+- Rate limit: 1 request per second
+
+---
+
+### 1.3 Quote (Full Market Depth)
+**Method:** `DhanHQ::Models::MarketFeed.quote`
+
+**Required Parameters:**
+- `params` [Hash{String => Array<Integer>}] - Payload mapping exchange segments to arrays of security IDs
+  - Keys: Exchange segment strings (e.g., "NSE_EQ", "NSE_FNO", "BSE_EQ", "BSE_FNO", "IDX_I", etc.)
+  - Values: Arrays of security IDs (integers)
+
+**Example:**
+```ruby
+payload = {
+  "NSE_FNO" => [49081]
+}
+response = DhanHQ::Models::MarketFeed.quote(payload)
+```
+
+**Notes:**
+- Up to 1000 instruments per request
+- Rate limit: 1 request per second (uses separate quote API)
+
+---
+
+## 2. Historical Data APIs
+
+### 2.1 Daily Historical Data
+**Method:** `DhanHQ::Models::HistoricalData.daily`
+
+**Required Parameters:**
+- `security_id` [String] - Exchange standard ID for each scrip
+- `exchange_segment` [String] - Exchange and segment identifier
+  - Valid values: See `DhanHQ::Constants::EXCHANGE_SEGMENTS` (e.g., "NSE_EQ", "NSE_FNO", "BSE_EQ", "IDX_I", etc.)
+- `instrument` [String] - Instrument type of the scrip
+  - Valid values: See `DhanHQ::Constants::INSTRUMENTS` (e.g., "EQUITY", "FUTIDX", "FUTSTK", "OPTIDX", "OPTSTK", "INDEX", etc.)
+- `from_date` [String] - Start date in YYYY-MM-DD format
+- `to_date` [String] - End date (non-inclusive) in YYYY-MM-DD format
+
+**Optional Parameters:**
+- `expiry_code` [Integer] - Expiry of instruments for derivatives (0, 1, or 2)
+- `oi` [Boolean] - Include Open Interest data for Futures & Options (default: false)
+
+**Example:**
+```ruby
+data = DhanHQ::Models::HistoricalData.daily(
+  security_id: "1333",
+  exchange_segment: "NSE_EQ",
+  instrument: "EQUITY",
+  from_date: "2022-01-08",
+  to_date: "2022-02-08"
+)
+```
+
+---
+
+### 2.2 Intraday Historical Data
+**Method:** `DhanHQ::Models::HistoricalData.intraday`
+
+**Required Parameters:**
+- `security_id` [String] - Exchange standard ID for each scrip
+- `exchange_segment` [String] - Exchange and segment identifier
+  - Valid values: See `DhanHQ::Constants::EXCHANGE_SEGMENTS`
+- `instrument` [String] - Instrument type of the scrip
+  - Valid values: See `DhanHQ::Constants::INSTRUMENTS`
+- `interval` [String] - Minute intervals for the timeframe
+  - Valid values: "1", "5", "15", "25", "60"
+- `from_date` [String] - Start date
+  - Format: YYYY-MM-DD or YYYY-MM-DD HH:MM:SS (e.g., "2024-09-11" or "2024-09-11 09:30:00")
+- `to_date` [String] - End date
+  - Format: YYYY-MM-DD or YYYY-MM-DD HH:MM:SS (e.g., "2024-09-15" or "2024-09-15 13:00:00")
+
+**Optional Parameters:**
+- `expiry_code` [Integer] - Expiry of instruments for derivatives (0, 1, or 2)
+- `oi` [Boolean] - Include Open Interest data for Futures & Options (default: false)
+
+**Example:**
+```ruby
+data = DhanHQ::Models::HistoricalData.intraday(
+  security_id: "1333",
+  exchange_segment: "NSE_EQ",
+  instrument: "EQUITY",
+  interval: "15",
+  from_date: "2024-09-11",
+  to_date: "2024-09-15"
+)
+```
+
+**Notes:**
+- Maximum 90 days of data can be fetched in a single request
+- Data available for the last 5 years
+
+---
+
+## 3. Option Chain APIs
+
+### 3.1 Fetch Option Chain
+**Method:** `DhanHQ::Models::OptionChain.fetch`
+
+**Required Parameters:**
+- `underlying_scrip` [Integer] - Security ID of the underlying instrument
+- `underlying_seg` [String] - Exchange and segment of underlying
+  - Valid values: "IDX_I" (Index), "NSE_FNO" (NSE F&O), "BSE_FNO" (BSE F&O), "MCX_FO" (MCX)
+- `expiry` [String] - Expiry date in YYYY-MM-DD format
+
+**Example:**
+```ruby
+chain = DhanHQ::Models::OptionChain.fetch(
+  underlying_scrip: 13,
+  underlying_seg: "IDX_I",
+  expiry: "2024-10-31"
+)
+```
+
+**Notes:**
+- Rate limit: 1 request per 3 seconds
+- Automatically filters out strikes where both CE and PE have zero `last_price`
+
+---
+
+### 3.2 Fetch Expiry List
+**Method:** `DhanHQ::Models::OptionChain.fetch_expiry_list`
+
+**Required Parameters:**
+- `underlying_scrip` [Integer] - Security ID of the underlying instrument
+- `underlying_seg` [String] - Exchange and segment of underlying
+  - Valid values: "IDX_I" (Index), "NSE_FNO" (NSE F&O), "BSE_FNO" (BSE F&O), "MCX_FO" (MCX)
+
+**Example:**
+```ruby
+expiries = DhanHQ::Models::OptionChain.fetch_expiry_list(
+  underlying_scrip: 13,
+  underlying_seg: "IDX_I"
+)
+```
+
+**Notes:**
+- Returns array of expiry dates in "YYYY-MM-DD" format
+- Use this to get valid expiry dates before calling `fetch`
+
+---
+
+## 4. Expired Options Data API
+
+**Method:** `DhanHQ::Models::ExpiredOptionsData.fetch`
+
+**Required Parameters:**
+- `exchange_segment` [String] - Exchange and segment identifier
+  - Valid values: "NSE_FNO", "BSE_FNO", "NSE_EQ", "BSE_EQ"
+- `interval` [String] - Minute intervals for the timeframe
+  - Valid values: "1", "5", "15", "25", "60"
+- `security_id` [Integer] - Underlying exchange standard ID for each scrip
+- `instrument` [String] - Instrument type of the scrip
+  - Valid values: "OPTIDX" (Index Options), "OPTSTK" (Stock Options)
+- `expiry_flag` [String] - Expiry interval of the instrument
+  - Valid values: "WEEK", "MONTH"
+- `expiry_code` [Integer] - Expiry code for the instrument
+- `strike` [String] - Strike price specification
+  - Format: "ATM" for At The Money, "ATM+X" or "ATM-X" for offset strikes
+  - For Index Options (near expiry): Up to ATM+10 / ATM-10
+  - For all other contracts: Up to ATM+3 / ATM-3
+- `drv_option_type` [String] - Option type
+  - Valid values: "CALL", "PUT"
+- `required_data` [Array<String>] - Array of required data fields
+  - Valid values: "open", "high", "low", "close", "iv", "volume", "strike", "oi", "spot"
+- `from_date` [String] - Start date in YYYY-MM-DD format
+  - Cannot be more than 5 years ago
+- `to_date` [String] - End date (non-inclusive) in YYYY-MM-DD format
+  - Date range cannot exceed 31 days from from_date
+
+**Example:**
+```ruby
+data = DhanHQ::Models::ExpiredOptionsData.fetch(
+  exchange_segment: "NSE_FNO",
+  interval: "1",
+  security_id: 13,
+  instrument: "OPTIDX",
+  expiry_flag: "MONTH",
+  expiry_code: 1,
+  strike: "ATM",
+  drv_option_type: "CALL",
+  required_data: ["open", "high", "low", "close", "volume", "iv", "oi", "spot"],
+  from_date: "2021-08-01",
+  to_date: "2021-09-01"
+)
+```
+
+**Notes:**
+- Up to 31 days of data can be fetched in a single request
+- Historical data available for up to the last 5 years
+- Data is organized by strike price relative to spot
+
+---
+
+## Summary Table
+
+| API                     | Required Parameters                                                                                                                                             | Optional Parameters | Rate Limit  |
+| ----------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------- | ----------- |
+| **LTP**                 | `params` (Hash: segment => [security_ids])                                                                                                                      | None                | 1 req/sec   |
+| **OHLC**                | `params` (Hash: segment => [security_ids])                                                                                                                      | None                | 1 req/sec   |
+| **Quote**               | `params` (Hash: segment => [security_ids])                                                                                                                      | None                | 1 req/sec   |
+| **Daily Historical**    | `security_id`, `exchange_segment`, `instrument`, `from_date`, `to_date`                                                                                         | `expiry_code`, `oi` | Standard    |
+| **Intraday Historical** | `security_id`, `exchange_segment`, `instrument`, `interval`, `from_date`, `to_date`                                                                             | `expiry_code`, `oi` | Standard    |
+| **Option Chain**        | `underlying_scrip`, `underlying_seg`, `expiry`                                                                                                                  | None                | 1 req/3 sec |
+| **Expiry List**         | `underlying_scrip`, `underlying_seg`                                                                                                                            | None                | 1 req/3 sec |
+| **Expired Options**     | `exchange_segment`, `interval`, `security_id`, `instrument`, `expiry_flag`, `expiry_code`, `strike`, `drv_option_type`, `required_data`, `from_date`, `to_date` | None                | Standard    |
+
+---
+
+## Exchange Segments
+
+Common exchange segment values:
+- `IDX_I` - Index
+- `NSE_EQ` - NSE Equity Cash
+- `NSE_FNO` - NSE Futures & Options
+- `NSE_CURRENCY` - NSE Currency
+- `BSE_EQ` - BSE Equity Cash
+- `BSE_FNO` - BSE Futures & Options
+- `BSE_CURRENCY` - BSE Currency
+- `MCX_COMM` - MCX Commodity
+
+## Instrument Types
+
+Common instrument type values:
+- `EQUITY` - Equity
+- `INDEX` - Index
+- `FUTIDX` - Futures Index
+- `FUTSTK` - Futures Stock
+- `OPTIDX` - Options Index
+- `OPTSTK` - Options Stock

data/docs/PR_2.2.0.md

@@ -0,0 +1,48 @@
+# PR: Dynamic access token resolution, auto-expiry detection, retry-on-401
+
+## Summary
+
+Adds production-grade auth handling to `dhanhq-client`:
+
+1. **Dynamic access token resolution** — Token can come from a callable (`access_token_provider`) at request time.
+2. **Auto-expiry detection** — API error code 807 (token expired) raises `DhanHQ::TokenExpiredError`.
+3. **Retry-on-401 with token re-fetch** — On 401/token-expired, if `access_token_provider` is set, the client retries once; the next request calls the provider again for a fresh token.
+4. **Optional `on_token_expired` hook** — Invoked before retry when auth failure triggers a retry (e.g. for logging or refreshing token in your store).
+
+## Changes
+
+- **Configuration**: `access_token_provider`, `on_token_expired`, `resolved_access_token`.
+- **Errors**: `DhanHQ::AuthenticationError` (local token resolution failure), `DhanHQ::TokenExpiredError` (API 807).
+- **Client**: Retry-on-401 for `InvalidAuthenticationError`, `InvalidTokenError`, `TokenExpiredError`, `AuthenticationFailedError` when provider is set (single retry).
+- **REST + WebSocket**: All token usage goes through `config.resolved_access_token` (no memoization).
+
+## Backward compatibility
+
+- **Non-breaking**. Existing `config.access_token = "static-token"` still works. `access_token_provider` is optional. Safe as a **minor** version bump (2.2.0).
+
+## Testing
+
+- `spec/dhan_hq/configuration_spec.rb` — `#resolved_access_token` (provider, fallback, nil/empty).
+- `spec/dhan_hq/client_spec.rb` — WebMock: 401, 403, 807, retry-on-401 success, retry then raise, `on_token_expired` hook.
+- `spec/dhan_hq/helpers/response_helper_spec.rb` — 807 → TokenExpiredError.
+
+## Changelog
+
+See [CHANGELOG.md](../CHANGELOG.md) — section **## [2.2.0] - 2026-01-31**.
+
+## README & docs
+
+- **README.md**: New subsection “Dynamic access token (optional)” under Configuration (access_token_provider, on_token_expired, retry-on-401, AuthenticationError / TokenExpiredError).
+- **GUIDE.md**: Short “Dynamic access token” note and link to docs/AUTHENTICATION.md.
+- **docs/AUTHENTICATION.md**: New doc for static vs dynamic token, retry-on-401, and auth-related errors.
+- **docs/TESTING_GUIDE.md**: Optional access_token_provider / on_token_expired in config examples; verify “Token provider” in console.
+- **docs/rails_integration.md**: New “Dynamic access token (optional)” with Rails initializer example.
+- **docs/websocket_integration.md**, **docs/live_order_updates.md**: One-line pointer to docs/AUTHENTICATION.md for dynamic token.
+
+## Checklist
+
+- [x] All specs pass
+- [x] No breaking changes
+- [x] CHANGELOG updated
+- [x] Version bumped to 2.2.0
+- [x] README and docs updated