MVola 0.1.0.pre.alpha

data/CODE_OF_CONDUCT.md

@@ -0,0 +1,132 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+We as members, contributors, and leaders pledge to make participation in our
+community a harassment-free experience for everyone, regardless of age, body
+size, visible or invisible disability, ethnicity, sex characteristics, gender
+identity and expression, level of experience, education, socio-economic status,
+nationality, personal appearance, race, caste, color, religion, or sexual
+identity and orientation.
+
+We pledge to act and interact in ways that contribute to an open, welcoming,
+diverse, inclusive, and healthy community.
+
+## Our Standards
+
+Examples of behavior that contributes to a positive environment for our
+community include:
+
+* Demonstrating empathy and kindness toward other people
+* Being respectful of differing opinions, viewpoints, and experiences
+* Giving and gracefully accepting constructive feedback
+* Accepting responsibility and apologizing to those affected by our mistakes,
+  and learning from the experience
+* Focusing on what is best not just for us as individuals, but for the overall
+  community
+
+Examples of unacceptable behavior include:
+
+* The use of sexualized language or imagery, and sexual attention or advances of
+  any kind
+* Trolling, insulting or derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or email address,
+  without their explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Enforcement Responsibilities
+
+Community leaders are responsible for clarifying and enforcing our standards of
+acceptable behavior and will take appropriate and fair corrective action in
+response to any behavior that they deem inappropriate, threatening, offensive,
+or harmful.
+
+Community leaders have the right and responsibility to remove, edit, or reject
+comments, commits, code, wiki edits, issues, and other contributions that are
+not aligned to this Code of Conduct, and will communicate reasons for moderation
+decisions when appropriate.
+
+## Scope
+
+This Code of Conduct applies within all community spaces, and also applies when
+an individual is officially representing the community in public spaces.
+Examples of representing our community include using an official email address,
+posting via an official social media account, or acting as an appointed
+representative at an online or offline event.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported to the community leaders responsible for enforcement at
+[INSERT CONTACT METHOD].
+All complaints will be reviewed and investigated promptly and fairly.
+
+All community leaders are obligated to respect the privacy and security of the
+reporter of any incident.
+
+## Enforcement Guidelines
+
+Community leaders will follow these Community Impact Guidelines in determining
+the consequences for any action they deem in violation of this Code of Conduct:
+
+### 1. Correction
+
+**Community Impact**: Use of inappropriate language or other behavior deemed
+unprofessional or unwelcome in the community.
+
+**Consequence**: A private, written warning from community leaders, providing
+clarity around the nature of the violation and an explanation of why the
+behavior was inappropriate. A public apology may be requested.
+
+### 2. Warning
+
+**Community Impact**: A violation through a single incident or series of
+actions.
+
+**Consequence**: A warning with consequences for continued behavior. No
+interaction with the people involved, including unsolicited interaction with
+those enforcing the Code of Conduct, for a specified period of time. This
+includes avoiding interactions in community spaces as well as external channels
+like social media. Violating these terms may lead to a temporary or permanent
+ban.
+
+### 3. Temporary Ban
+
+**Community Impact**: A serious violation of community standards, including
+sustained inappropriate behavior.
+
+**Consequence**: A temporary ban from any sort of interaction or public
+communication with the community for a specified period of time. No public or
+private interaction with the people involved, including unsolicited interaction
+with those enforcing the Code of Conduct, is allowed during this period.
+Violating these terms may lead to a permanent ban.
+
+### 4. Permanent Ban
+
+**Community Impact**: Demonstrating a pattern of violation of community
+standards, including sustained inappropriate behavior, harassment of an
+individual, or aggression toward or disparagement of classes of individuals.
+
+**Consequence**: A permanent ban from any sort of public interaction within the
+community.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage],
+version 2.1, available at
+[https://www.contributor-covenant.org/version/2/1/code_of_conduct.html][v2.1].
+
+Community Impact Guidelines were inspired by
+[Mozilla's code of conduct enforcement ladder][Mozilla CoC].
+
+For answers to common questions about this code of conduct, see the FAQ at
+[https://www.contributor-covenant.org/faq][FAQ]. Translations are available at
+[https://www.contributor-covenant.org/translations][translations].
+
+[homepage]: https://www.contributor-covenant.org
+[v2.1]: https://www.contributor-covenant.org/version/2/1/code_of_conduct.html
+[Mozilla CoC]: https://github.com/mozilla/diversity
+[FAQ]: https://www.contributor-covenant.org/faq
+[translations]: https://www.contributor-covenant.org/translations

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2024 Kassam
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,78 @@
+# MVola
+
+![Build Status](https://github.com/Ksm125/mvola/actions/workflows/ruby.yml/badge.svg)
+
+MVola is a Ruby gem that provides a simple way to interact with the [Mvola Payment API](https://mvola.mg/).
+
+## Installation
+
+Install the gem and add to the application's Gemfile by executing:
+
+```bash
+bundle add mvola
+```
+
+If bundler is not being used to manage dependencies, install the gem by executing:
+
+```bash
+gem install mvola
+```
+
+## Usage
+
+before using the gem, ensure you have the credentials required to interact with the Mvola API (**Consumer Key** and **Consumer Secret**).
+
+### Get Access Token
+
+To get an access token, use the `MVola::Client` class and call the `token`
+
+```ruby
+client = MVola::Client.new(consumer_key: 'your_consumer_key', consumer_secret: 'your_consumer_secret')
+# For sandbox environment, pass the sandbox option as true
+# client = MVola::Client.new(consumer_key: 'your_consumer_key', consumer_secret: 'your_consumer_secret', sandbox: true)
+
+client.token # <MVola::Client::Token access_token="your_access_token", token_type="Bearer", expires_at=2024-12-30 16:19:42 +0100, scope="EXT_INT_MVOLA_SCOPE">
+```
+
+The `token` method store the data at instance level, so that we when called multiple times, we don't have to request a new token each time, until the token expires.
+If you want to force a new token, you can use the method:
+```ruby
+client.token!
+```
+
+#### Tips
+
+We suggest that you store the token in cache system (like `Redis`) and passes the value directly into the client to avoid requesting a new token each time, across multiple instances of the application:
+```ruby
+token = client.token
+# Store the value in cache
+cache.write('mvola_token', token.to_h)
+
+# then next time, you can use the value from cache
+token = cache.read('mvola_token')
+client = MVola::Client.new(consumer_key: 'your_consumer_key', consumer_secret: 'your_consumer_secret', token: token)
+
+client.token # will use the provided token if it's still valid/not expired
+```
+
+## Development
+
+After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests.
+You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run `bundle exec rake install`.
+
+To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and the created tag, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/Ksm125/MVola.
+This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct](https://github.com/Ksm125/MVola/blob/main/CODE_OF_CONDUCT.md).
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
+
+## Code of Conduct
+
+Everyone interacting in the MVola project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/[USERNAME]/MVola/blob/main/CODE_OF_CONDUCT.md).

data/Rakefile

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec)
+
+require "standard/rake"
+
+task default: %i[spec standard]

data/lib/mvola/client/token.rb

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+
+module MVola
+  class Client
+    Token = Struct.new(:access_token, :scope, :token_type, :expires_at, keyword_init: true) do
+      def expired?
+        Time.now >= expires_at - expires_margin
+      end
+
+      def valid?
+        !expired?
+      end
+
+      private
+
+      # Add a margin to the expiration time to avoid using an expired token.
+      def expires_margin
+        5 * 60 # 5 minutes
+      end
+    end
+  end
+end

data/lib/mvola/client.rb

@@ -0,0 +1,113 @@
+# frozen_string_literal: true
+
+require_relative "client/token"
+require_relative "request"
+
+module MVola
+  class Client
+    include Request
+
+    SANDBOX_URL = "https://devapi.mvola.mg"
+    PRODUCTION_URL = "https://api.mvola.mg"
+    SANDBOX_PARTNER_PHONE_NUMBER = "0343500003"
+
+    USER_LANGUAGES = {
+      fr: "FR",
+      mg: "MG"
+    }.freeze
+
+    attr_reader :consumer_key, :consumer_secret, :partner_name, :partner_phone_number, :user_language, :sandbox
+    alias_method :sandbox?, :sandbox
+
+    # @param consumer_key [String] the consumer key provided by MVola for the application
+    # @param consumer_secret [String] the consumer secret provided by MVola for the application
+    # @param partner_name [String] the name of the partner account
+    # @param partner_phone_number [String] the phone number of the partner account.
+    #   This is replaced by a default value in the sandbox environment
+    # @param sandbox [Boolean] whether to use the sandbox environment or not.
+    # @param token [Hash, Token] a previous stored token to use for the client.
+    #   If provided and that it is still valid, it will be used instead of fetching a new one.
+    def initialize(consumer_key: ENV["MVOLA_CONSUMER_KEY"],
+      consumer_secret: ENV["MVOLA_CONSUMER_SECRET"],
+      partner_name: ENV["MVOLA_PARTNER_NAME"],
+      partner_phone_number: ENV["MVOLA_PARTNER_PHONE_NUMBER"],
+      sandbox: false,
+      user_language: USER_LANGUAGES[:fr],
+      token: nil)
+      raise ArgumentError, "consumer_key is required" unless consumer_key
+      raise ArgumentError, "consumer_secret is required" unless consumer_secret
+      raise ArgumentError, "partner_name is required" unless partner_name
+
+      partner_phone_number = SANDBOX_PARTNER_PHONE_NUMBER if sandbox
+      raise ArgumentError, "partner_phone_number is required" unless partner_phone_number
+
+      # Warn invalid user language if not one of the supported languages
+      unless USER_LANGUAGES.key?(user_language.downcase.to_sym)
+        logger.warn "Invalid user language: #{user_language}. Using default language: #{USER_LANGUAGES[:fr]}"
+      end
+
+      @consumer_key = consumer_key
+      @consumer_secret = consumer_secret
+      @partner_name = partner_name
+      @partner_phone_number = partner_phone_number
+      @sandbox = sandbox
+      @token = build_token_from(token)
+      @user_language = USER_LANGUAGES.fetch(user_language.downcase.to_sym, USER_LANGUAGES[:fr])
+      @mutex = Mutex.new
+    end
+
+    # Get the token. If the token is not valid, it will be refreshed.
+    def token
+      return @token if @token&.valid?
+
+      @mutex.synchronize do
+        @token = build_token_from(fetch_token)
+      end
+    end
+
+    # Force the token to be refreshed, even if it is still valid.
+    def token!
+      @token = nil
+      token
+    end
+
+    # This method is used to determine the base URL for the API requests.
+    def base_url
+      sandbox? ? SANDBOX_URL : PRODUCTION_URL
+    end
+
+    private
+
+    # This method is used to build a token object from a hash or a token object.
+    def build_token_from(data)
+      return data if data.is_a?(Token)
+      return unless data.is_a?(Hash)
+
+      hash = data.dup
+      hash[:expires_at] ||= Time.now + hash.delete(:expires_in).to_i
+      hash[:expires_at] = Time.parse(hash[:expires_at].to_s) if hash[:expires_at].is_a?(String)
+      Token.new(**hash)
+    end
+
+    def headers
+      {
+        "Authorization" => "Basic #{Base64.strict_encode64("#{consumer_key}:#{consumer_secret}")}",
+        "Content-Type" => "application/x-www-form-urlencoded",
+        "Cache-Control" => "no-cache"
+      }
+    end
+
+    # Perform a request to fetch a new token from the MVola API.
+    def fetch_token
+      url = URI.join(base_url, "token").to_s
+      body = {
+        grant_type: "client_credentials",
+        scope: "EXT_INT_MVOLA_SCOPE"
+      }
+
+      response = post(url, headers: headers, body: body)
+
+      JSON.parse(response.body, symbolize_names: true)
+    end
+  end
+end

data/lib/mvola/errors.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+module MVola
+  class Error < StandardError; end
+
+  class InvalidRequest < Error; end
+
+  class Unauthorized < Error; end
+end

data/lib/mvola/request.rb

@@ -0,0 +1,80 @@
+# frozen_string_literal: true
+
+require "net/http"
+require "forwardable"
+
+module MVola
+  module Request
+    extend Forwardable
+
+    def_delegators MVola, :logger
+
+    # Method to perform a GET request
+    # @param url [String] the URL to perform the request
+    # @param args [Hash] the arguments to pass to the request
+    # @option args [Hash] :params the parameters to pass to the request
+    # @option args [Hash] :headers the headers to pass to the request
+    def get(url, args = {})
+      uri = URI.parse(url)
+      headers = args.delete(:headers) || {}
+      request = Net::HTTP::Get.new(uri.request_uri, headers)
+
+      logger.debug("GET #{url} #{args}")
+      response = build_http(uri, args).request(request)
+      logger.debug("Response: #{response.code} #{response.body.inspect}")
+
+      handle_error(response)
+
+      response
+    end
+
+    # Method to perform a POST request
+    # @param url [String] the URL to perform the request
+    # @param args [Hash] the arguments to pass to the request
+    # @option args [Hash] :params the parameters to pass to the request
+    # @option args [Hash] :headers the headers to pass to the request
+    # @option args [Hash] :body the body to pass to the request
+    # @option args [Hash] :json the JSON to pass to the request body. Replace the body if present
+    def post(url, args = {})
+      uri = URI.parse(url)
+      headers = args.delete(:headers) || {}
+      headers["Content-Type"] = "application/json" if args.key?(:json)
+
+      request = Net::HTTP::Post.new(uri.request_uri, headers)
+
+      request.form_data = args[:body] if args[:body]
+      if (json = args.delete(:json))
+        request.body = json.to_json
+      end
+
+      puts("POST #{url} #{args}")
+      response = build_http(uri, args).request(request)
+      puts("Response: #{response.code} #{response.body.inspect}")
+
+      handle_error(response)
+
+      response
+    end
+
+    private
+
+    def build_http(uri, args)
+      uri.query = URI.encode_www_form(args[:params]) if args[:params]
+      http = Net::HTTP.new(uri.host, uri.port)
+      http.use_ssl = true
+
+      http
+    end
+
+    def handle_error(response)
+      case response.code.to_i
+      when 200..299
+        # Do nothing
+      when 401
+        raise MVola::Unauthorized, response.body
+      else
+        raise MVola::InvalidRequest, "Code: #{response.code}, Body: #{response.body}"
+      end
+    end
+  end
+end

data/lib/mvola/transaction/payment_status.rb

@@ -0,0 +1,48 @@
+# frozen_string_literal: true
+
+module MVola
+  class Transaction
+    # PaymentStatus is a class that represents the status of a payment.
+    # It is used as return value of the initiate_payment! and status of a transaction.
+    # This is aimed to be used internally, and not exposed to the public API.
+    class PaymentStatus
+      extend Forwardable
+
+      attr_reader :raw_response, :client_correlation_id
+
+      # raw_response is a hash data returned from the API
+      def initialize(raw_response, client_correlation_id:)
+        @raw_response = raw_response
+        @client_correlation_id = client_correlation_id
+      end
+
+      def status
+        raw_response["status"]
+      end
+
+      def server_correlation_id
+        raw_response["serverCorrelationId"]
+      end
+
+      def notification_method
+        raw_response["notificationMethod"]
+      end
+
+      def transaction_reference
+        raw_response["objectReference"]
+      end
+
+      def pending?
+        status == "pending"
+      end
+
+      def completed?
+        status == "completed"
+      end
+
+      def failed?
+        status == "failed"
+      end
+    end
+  end
+end

data/lib/mvola/transaction.rb

@@ -0,0 +1,105 @@
+# frozen_string_literal: true
+
+require_relative "client"
+require_relative "transaction/payment_status"
+
+module MVola
+  class Transaction
+    include Request
+
+    API_VERSION = "1.0.0"
+    ENDPOINT = "mvola/mm/transactions/type/merchantpay/#{API_VERSION}"
+    CURRENCY = "Ar"
+
+    attr_reader :client
+
+    def initialize(client: nil)
+      @client = client || Client.new
+    end
+
+    # Initiate a payment from a debit phone number to a credit phone number.
+    # @param [Number | String] amount the amount to transfer
+    # @param [String] debit_phone_number the phone number to debit
+    # @param [String] credit_phone_number the phone number to credit
+    # @param [String] transaction_reference the transaction reference
+    # @param [String] original_transaction_reference the original transaction reference.
+    #   Defaults to the `transaction_reference` if not provided
+    # @param [String] client_correlation_id the client correlation ID. Defaults to a random UUID
+    # @param [String] description the description of the payment
+    # @param [String] callback_url the callback URL to use for the payment
+    # @param [Array<Hash>] metadata additional metadata to use for the payment.
+    #  Eg: [{ key: "fc", value: "USD" }, { key: "amountFc", value: "1" }]
+    def initiate_payment!(amount:,
+      debit_phone_number:,
+      credit_phone_number:,
+      transaction_reference:,
+      original_transaction_reference: transaction_reference,
+      client_correlation_id: SecureRandom.uuid,
+      description: nil,
+      callback_url: nil,
+      metadata: [])
+      payload = {
+        amount: amount.to_s,
+        currency: CURRENCY,
+        descriptionText: description,
+        requestDate: Time.now.strftime("%Y-%m-%dT%H:%M:%S.%LZ"),
+        requestingOrganisationTransactionReference: transaction_reference,
+        originalTransactionReference: original_transaction_reference,
+        debitParty: [{key: "msisdn", value: debit_phone_number}],
+        creditParty: [{key: "msisdn", value: credit_phone_number}],
+        metadata: [{key: "partnerName", value: client.partner_name}, *metadata]
+      }
+      headers = build_headers(client_correlation_id: client_correlation_id, callback_url: callback_url)
+      logger.info "Initiating payment with payload: #{payload}"
+      response = post(url_for, json: payload, headers: headers)
+      logger.info "Payment initiated. Response: #{response.body}"
+
+      parsed_body = JSON.parse(response.body)
+      PaymentStatus.new(parsed_body, client_correlation_id: client_correlation_id)
+    end
+
+    # Get the status of a payment using the server correlation ID.
+    # This can be used to poll the status of a payment.
+    def get_status(server_correlation_id, client_correlation_id: SecureRandom.uuid)
+      url = url_for("status/#{server_correlation_id}")
+
+      headers = build_headers(client_correlation_id: client_correlation_id)
+      response = get(url, headers: headers)
+
+      parsed_body = JSON.parse(response.body)
+      PaymentStatus.new(parsed_body, client_correlation_id: client_correlation_id)
+    end
+
+    # Get the details of a transaction using the transaction ID returned from the API.
+    def get_details(transaction_id, client_correlation_id: SecureRandom.uuid)
+      url = url_for(transaction_id)
+
+      headers = build_headers(client_correlation_id: client_correlation_id)
+      get url, headers: headers
+    end
+
+    private
+
+    # Generate the URL for the given path by joining the base URL and the endpoint.
+    def url_for(path = "")
+      safe_path = path.gsub(/^\//, "") # Remove  starting slash from the path (if any) to avoid incorrect URL generation
+      Pathname.new(client.base_url).join(ENDPOINT, safe_path).to_s
+    end
+
+    def build_headers(client_correlation_id:, callback_url: nil)
+      value = {
+        "Authorization" => "Bearer #{client.token.access_token}",
+        "Version" => "1.0",
+        "X-CorrelationID" => client_correlation_id,
+        "UserLanguage" => client.user_language,
+        "Cache-Control" => "no-cache",
+        "userAccountIdentifier" => "msisdn;#{client.partner_phone_number}",
+        "partnerName" => client.partner_name
+      }
+
+      value["X-Callback-URL"] = callback_url if callback_url
+
+      value
+    end
+  end
+end

data/lib/mvola/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module MVola
+  VERSION = "0.1.0-alpha"
+end

data/lib/mvola.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+require "logger"
+require "base64"
+require "json"
+require "time"
+require_relative "mvola/version"
+require_relative "mvola/errors"
+require_relative "mvola/client"
+require_relative "mvola/transaction"
+
+module MVola
+  class << self
+    attr_accessor :logger
+  end
+
+  # Set up a default logger
+  self.logger = Logger.new($stdout) # Logs to the console
+  logger.level = Logger::INFO  # Default log level
+end

data/sig/lib/mvola/client/token.rbs

@@ -0,0 +1,21 @@
+module MVola
+  class Client
+    class Token
+      attr_reader access_token: String
+      attr_reader scope: String
+      attr_reader token_type: String
+      attr_reader expires_at: Time
+
+      def initialize: (
+          access_token: String,
+          scope: String,
+          token_type: String,
+          expires_at: Time
+        ) -> void
+
+      def expired?: () -> bool
+
+      def valid?: () -> bool
+    end
+  end
+end