alcatraz-client 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 725aa0215082696d330926bbf9b4b07b1242723c
+  data.tar.gz: e31b724eeed37915f66d82d01607ec354af4af86
+SHA512:
+  metadata.gz: 68db6e29f012441ba0ffc36b789fa34421e3986662ee0009a6c90e20d8390dfc1fe10c2194cc191d1ac2c11f70942f4d35c21897c27c8143a38cd878ec380c43
+  data.tar.gz: 88bfc8fdccb2df476bd42e1aa892d3eeae468ccea037442d117eded4ebe491c8efc51752932f33caa752a648fb21df4e2571439c9c75975753a81967df634e2e

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in alcatraz-client.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2014 Brian McManus
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,110 @@
+# Alcatraz::Client
+
+A client library for the Alcatraz PCI-compliant data store.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+    gem 'alcatraz-client'
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install alcatraz-client
+
+## Usage
+
+You will need your Alcatraz API keys (both public and secret) to use alcatraz-client.
+
+First, set up your connection.
+
+    conn = Alcatraz::Client::Connection.new(public_key: ENV['ALCATRAZ_PUBLIC_KEY'], secret_key: ENV['ALCATRAZ_SECRET_KEY'])
+
+After that you can use any of the public API methods for Alcatraz.
+
+### Store credit card data
+
+The first thing you'll want to do with Alcatraz is store credit card data securely. That's the whole game after all!
+
+    card = conn.store_card!(
+      name: 'Jane Doe',
+      number: '4111111111111111',
+      expiration_month: '5',
+      expiration_year: '2015',
+      cvv: '123',
+      postal_code: '94107',
+      country_code: 'US'
+    )
+    card.href # => '/cards/afbfe408-8e66-4e11-aecb-e21825512b16'
+    card.number # => '411111******1111'
+
+The Alcatraz API does not technically require any sort of authentication to store data but in the case of this client,
+we provide it. Only masked data will be returned from a call to store_card!.
+
+If the card is created successfully it will automatically be authorized to your client.
+
+### Fetch credit card data
+
+You can pull card data back out of Alcatraz.  Depending on your client's level of access, this data may or may not be masked.
+
+    card = conn.get_card('afbfe408-8e66-4e11-aecb-e21825512b16')
+    # If your client had decryption access...
+    card.number # => '4111111111111111'
+    # otherwise...
+    card.number # => '411111******1111'
+
+### Store arbitrary secure data
+
+Alcatraz also allows for the storage of arbitrary "secure" data such as social security numbers, passport numbers, etc.
+
+The API to store arbitrary data is almost identical as storing credit card data.
+
+    data = conn.store_data!(
+      ssn: '123456789'
+    )
+    data.href # => '/secure_data/3a5ca937-7a08-434b-8648-4c34986bfb54'
+    data.ssn # => '*********'
+
+You'll notice that for arbitrary data, Alcatraz does not do any special processing like it does with credit cards because
+we do not know what you are sending in.  For masked data, the values sent in are fully masked instead of partially masked.
+
+### Fetch secure data
+
+Fetching secure data is the same as fetching card data.  Again, depending on your access level, the data may or may not be masked.
+
+    data = conn.get_data('3a5ca937-7a08-434b-8648-4c34986bfb54')
+    # With decryption enabled...
+    data.ssn # => '123456789'
+    # otherwise...
+    data.ssn # => '*********'
+
+### Create additional API clients
+
+Allows for creation of additional API clients for use with Alcatraz.  Your authenticated client must have appropriate authority
+to use this endpoint.  The newly created client will only return its public key.
+
+    client = conn.create_client!(name: 'Some Name')
+    client.inspect # => { id: '3a5ca937-7a08-434b-8648-4c34986bfb54', name: 'Some Name', href: 'api_clients/3a5ca937-7a08-434b-8648-4c34986bfb54', public_key: '3a5ca937-7a08-434b-8648-4c34986bfb54'}
+
+### Authorize/Deauthorize data to clients
+
+Allows you to control which of your clients have access to data using their API keys.  Used to "claim" data that has been stored in Alcatraz previously.
+If you store data using the API calls above you will automatically be authorized to it.  This method is only to authorize other API clients to access the
+data with their public/secret key pairs.
+
+    data = conn.get_data('3a5ca937-7a08-434b-8648-4c34986bfb54')
+    authorize_data_for_client!(data, 'some-other-client-public-key')
+    # Later, to revoke a client's authority to some data...
+    deauthorize_data_for_client!(data, 'some-other-client-public-key')
+
+## Contributing
+
+1. Fork it ( http://github.com/<my-github-username>/alcatraz-client/fork )
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1,9 @@
+require "bundler/gem_tasks"
+
+task :console do
+  require 'irb'
+  require 'irb/completion'
+  require 'alcatraz/client' # You know what to do.
+  ARGV.clear
+  IRB.start
+end

data/alcatraz-client.gemspec

@@ -0,0 +1,30 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'alcatraz/client/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'alcatraz-client'
+  spec.version       = Alcatraz::Client::VERSION
+  spec.authors       = ['Brian McManus']
+  spec.email         = ['brian@checkmate.io']
+  spec.summary       = %q{A client library for the Alcatraz PCI-compliant data store.}
+  spec.homepage      = ''
+  spec.license       = 'MIT'
+
+  spec.files         = `git ls-files`.split($/)
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ['lib']
+
+  spec.add_development_dependency 'bundler', '~> 1.5'
+  spec.add_development_dependency 'rake'
+  spec.add_development_dependency 'rspec'
+  spec.add_development_dependency 'webmock', '~> 1.15'
+  spec.add_development_dependency 'vcr', '~> 2.8.0'
+
+  spec.add_runtime_dependency 'hashie', '~> 2.1.1'
+  spec.add_runtime_dependency 'faraday', '~> 0.9.0'
+  spec.add_runtime_dependency 'faraday_middleware'
+  spec.add_runtime_dependency 'warden-hmac-authentication', '~> 0.6.4'
+end

data/lib/alcatraz/client.rb

@@ -0,0 +1,15 @@
+require 'faraday/request/hmac'
+require 'alcatraz/client/version'
+require 'alcatraz/client/configuration'
+require 'alcatraz/client/connection'
+
+module Alcatraz
+  module Client
+    extend Configuration
+    class << self
+      def new(options = {})
+        Alcatraz::Client::Connection.new(options)
+      end
+    end
+  end
+end

data/lib/alcatraz/client/configuration.rb

@@ -0,0 +1,26 @@
+module Alcatraz
+  module Client
+    module Configuration
+      VALID_OPTIONS = [ :public_key, :secret_key, :api_url ]
+      DEFAULT_API_URL = "https://alcatraz.checkmate.io"
+
+      attr_accessor *VALID_OPTIONS
+
+      def self.extended(base)
+        base.reset
+      end
+
+      def reset
+        self.api_url = DEFAULT_API_URL
+      end
+
+      def configure
+        yield self
+      end
+
+      def options
+        Hash[ * VALID_OPTIONS.map { |key| [key, send(key)] }.flatten ]
+      end
+    end
+  end
+end

data/lib/alcatraz/client/connection.rb

@@ -0,0 +1,103 @@
+require 'faraday_middleware'
+
+module Alcatraz
+  module Client
+    class Connection
+      attr_accessor *Configuration::VALID_OPTIONS
+
+      def initialize(options = {})
+        merged_options = ::Alcatraz::Client.options.merge(options)
+
+        Configuration::VALID_OPTIONS.each do |key|
+          public_send("#{key}=", merged_options[key])
+        end
+      end
+
+      def get_card(id)
+        parse_response_to_secure_object(get("/cards/#{id}"))
+      end
+
+      def store_card!(params)
+        card = parse_response_to_secure_object(post('/cards', params))
+        authorize_data_for_client!(card, public_key) if card && card.id
+        card
+      end
+
+      def get_data(id)
+        parse_response_to_secure_object(get("/secure_data/#{id}"))
+      end
+
+      def store_data!(params)
+        data = parse_response_to_secure_object(post('/secure_data', params))
+        authorize_data_for_client!(data, public_key) if data && data.id
+        data
+      end
+
+      def create_client!(name)
+        response = post('/api_clients', api_client: {name: name})
+        if response.success?
+          response.body.api_client
+        else
+          nil
+        end
+      end
+
+      def authorize_data_for_client!(data_or_id, client_or_public_key)
+        data_id = unwrap_to_id data_or_id
+        public_key = unwrap_to_key client_or_public_key
+        post("/secure_data/#{data_id}/authorizations", public_key: public_key).success?
+      end
+
+      def deauthorize_data_for_client!(data_or_id, client_or_public_key)
+        data_id = unwrap_to_id data_or_id
+        public_key = unwrap_to_key client_or_public_key
+        delete("/secure_data/#{data_id}/authorizations/#{public_key}")
+      end
+
+      private
+
+      def unwrap_to_id(object_or_id)
+        object_or_id = object_or_id.id unless object_or_id.kind_of?(String)
+        object_or_id
+      end
+
+      def unwrap_to_key(object_or_key)
+        object_or_key = object_or_key.public_key unless object_or_key.kind_of?(String)
+        object_or_key
+      end
+
+      def connection
+        Faraday.new(url: api_url) do |conn|
+          conn.request :json
+          conn.use Faraday::Request::Hmac, secret_key, nonce: (Time.now.to_f * 1e6).to_i.to_s, query_based: true, extra_auth_params: {public_key: public_key}
+          conn.use Faraday::Response::Mashify
+          conn.response :json, content_type: /\bjson$/
+          conn.adapter Faraday.default_adapter
+        end
+      end
+
+      def get(path, options = {})
+        connection.get(path, options)
+      end
+
+      def post(path, options = {})
+        connection.post(path, options)
+      end
+
+      def delete(path)
+        response = connection.delete(path)
+        response.success?
+      end
+
+      def parse_response_to_secure_object(response)
+        if response.body.respond_to? :card
+          response.body.card
+        elsif response.body.respond_to? :secure_datum
+          response.body.secure_datum
+        else
+          response.body
+        end
+      end
+    end
+  end
+end

data/lib/alcatraz/client/version.rb

@@ -0,0 +1,5 @@
+module Alcatraz
+  module Client
+    VERSION = "0.0.1"
+  end
+end

metadata

@@ -0,0 +1,180 @@
+--- !ruby/object:Gem::Specification
+name: alcatraz-client
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Brian McManus
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-06-17 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.5'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: webmock
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.15'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.15'
+- !ruby/object:Gem::Dependency
+  name: vcr
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.8.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.8.0
+- !ruby/object:Gem::Dependency
+  name: hashie
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.1.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.1.1
+- !ruby/object:Gem::Dependency
+  name: faraday
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.9.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.9.0
+- !ruby/object:Gem::Dependency
+  name: faraday_middleware
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: warden-hmac-authentication
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.6.4
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.6.4
+description: 
+email:
+- brian@checkmate.io
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- alcatraz-client.gemspec
+- lib/alcatraz/client.rb
+- lib/alcatraz/client/configuration.rb
+- lib/alcatraz/client/connection.rb
+- lib/alcatraz/client/version.rb
+homepage: ''
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.2
+signing_key: 
+specification_version: 4
+summary: A client library for the Alcatraz PCI-compliant data store.
+test_files: []