aliquot 2.3.1 → 3.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e752bf7cf311e4fe611e3c868ed08510c54d9e1b05b327d5dfa390b3eeb8cee7
-  data.tar.gz: 5c7df397cabccc5009c712546838c67329f4e2c835935ba56e62f71b6c368920
+  metadata.gz: f8e2a9a7e324874ed68aeaacd8a072ea00dedfce4e6022494f7333c94b55ec1d
+  data.tar.gz: 5bfc71f786436d227100470dc37a0d8715196b59d474d0b39b6dd3afa730ff61
 SHA512:
-  metadata.gz: 648c2bb459b2a09b602c13dab8c8221fc726c886e047789c84ebf51d1436a3f5fece61255905744cf817dcf114d9833f3f0281d5c7ed18a6eb1c44a60b770521
-  data.tar.gz: eb060ab6212f664bf3545a306dee4eaac7f63a6388921faf70cc28393e7bc606731d408edb3224ce737c3bc9ef8be8efa16942df717e157a1f3e0f746ad467f6
+  metadata.gz: c95f8f7f99e9bbb9dfa7685927521e135b480e8a9e098c265771d592e1ebbd9c16e75be9b11b03cb369d0290e6fbb5c860be7cfad2252543b84950448011e13b
+  data.tar.gz: 9983ede008609ae095ce8dc863e361c7f3c46e449efe59c7d0422331284b9e18ec8b1182d14da9a71b5361266435c68d6fb125750165968d82ea755365ec9ff3

data/lib/aliquot/payment.rb

@@ -66,6 +66,9 @@ module Aliquot
 
       begin
         @message = JSON.parse(decrypt(aes_key, @signed_message[:encryptedMessage]))
+        @message['paymentMethodDetails'].merge!(
+          'threedsCryptogram' => @message['paymentMethodDetails']
+          .delete('3dsCryptogram')) if @message['paymentMethodDetails']['3dsCryptogram']
       rescue JSON::JSONError => e
         raise InputError, "encryptedMessage JSON is invalid, #{e.message}"
       rescue => e
@@ -221,7 +224,20 @@ module Aliquot
       validator.validate
 
       # Output is hashed with symbolized keys.
-      validator.output
+      message_hash = validator.output
+
+      payment_method_details_message = message_hash[:paymentMethodDetails]
+      message_details_validator =
+        if message_hash[:paymentMethod] == 'TOKENIZED_CARD' ||
+           message_hash[:paymentMethodDetails]['authMethod'] == 'CRYPTOGRAM_3DS'
+          Aliquot::Validator::PaymentMethodDetailsValidator.new(payment_method_details_message, protocol_version, true)
+        else
+          Aliquot::Validator::PaymentMethodDetailsValidator.new(payment_method_details_message, protocol_version, false)
+        end
+      message_details_validator.validate
+      message_hash[:paymentMethodDetails] = message_details_validator.output
+
+      message_hash
     end
 
     ##

data/lib/aliquot/validator.rb

@@ -21,8 +21,8 @@ module Aliquot
       base64_asn1?:    'must be base64-encoded ANS.1 value',
       json?:           'must be valid JSON',
 
-      is_authMethodCryptogram3DS: 'authMethod CRYPTOGRAM_3DS requires eciIndicator',
-      is_authMethodCard:          'eciIndicator/cryptogram must be omitted when PAN_ONLY',
+      is_authMethodCryptogram3DS: 'authMethod CRYPTOGRAM_3DS or 3DS requires eciIndicator',
+      is_authMethodCard:          'eciIndicator/cryptogram/3dsCryptogram must be omitted when PAN_ONLY',
     }.freeze
 
     def self.base64_check(value)
@@ -118,8 +118,6 @@ module Aliquot
       rule(:keyValue).validate(:ec_public_key?)
     end
 
-    SignedKeySchema = SignedKeyContract.new
-
     # Schema used for the 'intermediateSigningKey' hash included in ECv2.
     class IntermediateSigningKeyContract < Dry::Validation::Contract
       json do
@@ -129,12 +127,10 @@ module Aliquot
       rule(:signedKey).validate(:json?)
       rule(:signatures).each do
         key.failure('must be Base64') unless Aliquot::Validator.base64_check(value) &&
-          Aliquot::Validator.ans1_check(value)
+                                             Aliquot::Validator.ans1_check(value)
       end
     end
 
-    IntermediateSigningKeySchema = IntermediateSigningKeyContract.new
-
     # DRY-Validation schema for Google Pay token
     class TokenContract < Dry::Validation::Contract
       json do
@@ -147,13 +143,11 @@ module Aliquot
       rule(:signedMessage).validate(:json?)
 
       rule(:intermediateSigningKey) do
-        key.failure('is missing') if 'ECv2'.eql?(values[:protocolVersion]) &&
-          values[:intermediateSigningKey].nil?
+        key.failure('is missing') if values[:protocolVersion] == 'ECv2' &&
+                                     values[:intermediateSigningKey].nil?
       end
     end
 
-    TokenSchema = TokenContract.new
-
     # DRY-Validation schema for signedMessage component Google Pay token
     class SignedMessageContract < Dry::Validation::Contract
       json do
@@ -166,41 +160,55 @@ module Aliquot
       rule(:tag).validate(:base64?)
     end
 
-    SignedMessageSchema = SignedMessageContract.new
-
-    # DRY-Validation schema for paymentMethodDetails component Google Pay token
-    class PaymentMethodDetailsContract < Dry::Validation::Contract
+    class CommonPaymentMethodDetailsContract < Dry::Validation::Contract
       json do
-        required(:pan).filled(:str?)
         required(:expirationMonth).filled(:int?)
         required(:expirationYear).filled(:int?)
-        required(:authMethod).filled(:str?, included_in?: %w[PAN_ONLY CRYPTOGRAM_3DS])
-
-        optional(:cryptogram).filled(:str?)
-        optional(:eciIndicator).filled(:str?)
       end
-      rule(:pan).validate(:integer_string?, :pan?)
       rule(:expirationMonth).validate(:month?)
       rule(:expirationYear).validate(:year?)
-      rule(:eciIndicator).validate(:eci?)
+    end
 
-      rule(:cryptogram) do
-        key.failure('is missing') if 'CRYPTOGRAM_3DS'.eql?(values[:authMethod]) &&
-          values[:cryptogram].nil?
+    class ECv1_PaymentMethodDetailsContract < CommonPaymentMethodDetailsContract
+      json(CommonPaymentMethodDetailsContract.schema) do
+        required(:pan).filled(:str?)
       end
 
-      rule(:cryptogram) do
-        key.failure('cannot be defined') if 'PAN_ONLY'.eql?(values[:authMethod]) &&
-          !values[:cryptogram].nil?
+      rule(:pan).validate(:integer_string?, :pan?)
+    end
+
+    class ECv1_TokenizedPaymentMethodDetailsContract < CommonPaymentMethodDetailsContract
+      json(CommonPaymentMethodDetailsContract.schema) do
+        required(:dpan).filled(:str?)
+        required(:threedsCryptogram).filled(:str?)
+        required(:eciIndicator).filled(:str?)
+        required(:authMethod).filled(:str?, included_in?: %w[3DS])
       end
 
-      rule(:eciIndicator) do
-        key.failure('cannot be defined') if 'PAN_ONLY'.eql?(values[:authMethod]) &&
-          !values[:eciIndicator].nil?
+      rule(:dpan).validate(:integer_string?, :pan?)
+      rule(:eciIndicator).validate(:eci?)
+    end
+
+    class ECv2_PaymentMethodDetailsContract < CommonPaymentMethodDetailsContract
+      json(CommonPaymentMethodDetailsContract.schema) do
+        required(:pan).filled(:str?)
+        required(:authMethod).filled(:str?, included_in?: %w[PAN_ONLY])
       end
+
+      rule(:pan).validate(:integer_string?, :pan?)
     end
 
-    PaymentMethodDetailsSchema = PaymentMethodDetailsContract.new
+    class ECv2_TokenizedPaymentMethodDetailsContract < CommonPaymentMethodDetailsContract
+      json(CommonPaymentMethodDetailsContract.schema) do
+        required(:pan).filled(:str?)
+        required(:cryptogram).filled(:str?)
+        required(:eciIndicator).filled(:str?)
+        required(:authMethod).filled(:str?, included_in?: %w[CRYPTOGRAM_3DS])
+      end
+
+      rule(:pan).validate(:integer_string?, :pan?)
+      rule(:eciIndicator).validate(:eci?)
+    end
 
     # DRY-Validation schema for encryptedMessage component Google Pay token
     class EncryptedMessageContract < Dry::Validation::Contract
@@ -208,17 +216,40 @@ module Aliquot
         required(:messageExpiration).filled(:str?)
         required(:messageId).filled(:str?)
         required(:paymentMethod).filled(:str?)
-        required(:paymentMethodDetails).filled(:hash).schema(PaymentMethodDetailsContract.schema)
+        required(:paymentMethodDetails).filled(:hash)
         optional(:gatewayMerchantId).filled(:str?)
       end
       rule(:messageExpiration).validate(:integer_string?)
+
+      rule(:paymentMethodDetails).validate do
+        contract =
+        if values[:protocolVersion] == 'ECv1'
+          if values[:paymentMethod] == 'TOKENIZED_CARD'
+             ECv1_TokenizedPaymentMethodDetailsContract.new
+          else
+             ECv1_PaymentMethodDetailsContract.new
+          end
+        else
+          if  values[:authMethod] == 'CRYPTOGRAM_3DS'
+             ECv2_TokenizedPaymentMethodDetailsContract.new
+          else
+             ECv2_PaymentMethodDetailsContract.new
+          end
+        end
+        contract.call(values[:paymentMethodDetails])
+      end
+
       rule(:paymentMethod) do
-        key.failure('must be equal to CARD') unless 'CARD'.eql?(value)
+        if values[:paymentMethodDetails].is_a?(Hash)
+          if '3DS'.eql?(values[:paymentMethodDetails]['authMethod']) # Tokenized ECv1
+            key.failure('must be equal to TOKENIZED_CARD') unless value == 'TOKENIZED_CARD'
+          else
+            key.failure('must be equal to CARD') unless value == 'CARD'
+          end
+        end
       end
     end
 
-    EncryptedMessageSchema = EncryptedMessageContract.new
-
     module InstanceMethods
       attr_reader :output
 
@@ -259,7 +290,7 @@ module Aliquot
 
       def initialize(input)
         @input = input
-        @schema = TokenSchema
+        @schema = TokenContract.new
       end
     end
 
@@ -271,7 +302,7 @@ module Aliquot
 
       def initialize(input)
         @input = input
-        @schema = SignedMessageSchema
+        @schema = SignedMessageContract.new
       end
     end
 
@@ -283,7 +314,32 @@ module Aliquot
 
       def initialize(input)
         @input = input
-        @schema = EncryptedMessageSchema
+        @schema = EncryptedMessageContract.new
+      end
+    end
+
+    # Class for validating the encryptedMessage component of a Google Pay token
+    class PaymentMethodDetailsValidator
+      include InstanceMethods
+
+      class Error < ::Aliquot::Error; end
+
+      def initialize(input, version, tokenized)
+        @input = input
+        @schema =
+        if version == 'ECv1'
+          if tokenized
+            Aliquot::Validator::ECv1_TokenizedPaymentMethodDetailsContract.new
+          else
+            Aliquot::Validator::ECv1_PaymentMethodDetailsContract.new
+          end
+        else
+          if tokenized
+            Aliquot::Validator::ECv2_TokenizedPaymentMethodDetailsContract.new
+          else
+            Aliquot::Validator::ECv2_PaymentMethodDetailsContract.new
+          end
+        end
       end
     end
 
@@ -294,7 +350,7 @@ module Aliquot
 
       def initialize(input)
         @input = input
-        @schema = SignedKeySchema
+        @schema = SignedKeyContract.new
       end
     end
   end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aliquot
 version: !ruby/object:Gem::Version
-  version: 2.3.1
+  version: 3.0.0
 platform: ruby
 authors:
 - Clearhaus
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-09-29 00:00:00.000000000 Z
+date: 2024-02-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dry-validation
@@ -58,14 +58,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: '4.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: '4.0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -94,7 +94,7 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 0.14.1
-description: 
+description:
 email: hello@clearhaus.com
 executables: []
 extensions: []
@@ -108,7 +108,7 @@ homepage: https://github.com/clearhaus/aliquot
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -123,8 +123,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.5
-signing_key: 
+rubygems_version: 3.1.6
+signing_key:
 specification_version: 4
 summary: Validates Google Pay tokens
 test_files: []