amazon_flex_pay 0.9.14 → 0.10.0

data/Rakefile

@@ -7,7 +7,6 @@ task :default => :test
 
 desc 'Test the AmazonFlexPay plugin.'
 Rake::TestTask.new(:test) do |t|
-  t.libs << 'lib'
   t.libs << 'test'
   t.pattern = 'test/**/*_test.rb'
   t.verbose = true

data/lib/amazon_flex_pay.rb

@@ -9,19 +9,35 @@ require 'active_support' # camelcase, underscore
 require 'active_support/inflector'
 require 'active_support/notifications'
 
-require 'amazon_flex_pay/signing'
-require 'amazon_flex_pay/model'
-require 'amazon_flex_pay/enumerations'
-require 'amazon_flex_pay/data_types'
+require_relative 'amazon_flex_pay/util'
+require_relative 'amazon_flex_pay/signature'
+require_relative 'amazon_flex_pay/model'
+require_relative 'amazon_flex_pay/enumerations'
+require_relative 'amazon_flex_pay/data_types'
 
-require 'amazon_flex_pay/api'
-require 'amazon_flex_pay/pipelines'
+require_relative 'amazon_flex_pay/api'
+require_relative 'amazon_flex_pay/pipelines'
 
 module AmazonFlexPay
-  VERSION = '0.9.14'
+  VERSION = '0.10.0'
   API_VERSION = '2011-09-20'
   PIPELINE_VERSION = '2009-01-09'
 
+  ENDPOINTS = {
+    :sandbox => {
+      :api => 'https://fps.sandbox.amazonaws.com/',
+      :cbui => 'https://authorize.payments-sandbox.amazon.com/cobranded-ui/actions/start'
+    }.freeze,
+    :live => {
+      :api => 'https://fps.amazonaws.com/',
+      :cbui => 'https://authorize.payments.amazon.com/cobranded-ui/actions/start'
+    }.freeze
+  }
+
+  extend Util
+  extend AmazonFlexPay::API
+  extend AmazonFlexPay::Pipelines
+
   class << self
     attr_accessor :access_key
     attr_accessor :secret_key
@@ -30,7 +46,7 @@ module AmazonFlexPay
     #
     # Defaults to the sandbox unless you set it explicitly or call <tt>go_live!</tt>.
     def api_endpoint
-      @api_endpoint ||= 'https://fps.sandbox.amazonaws.com/'
+      @api_endpoint ||= ENDPOINTS[:sandbox][:api]
     end
     attr_writer :api_endpoint
 
@@ -38,7 +54,7 @@ module AmazonFlexPay
     #
     # Defaults to the sandbox unless you set it explicitly or call <tt>go_live!</tt>.
     def pipeline_endpoint
-      @pipeline_endpoint ||= 'https://authorize.payments-sandbox.amazon.com/cobranded-ui/actions/start'
+      @pipeline_endpoint ||= ENDPOINTS[:sandbox][:cbui]
     end
     attr_writer :pipeline_endpoint
 
@@ -46,9 +62,14 @@ module AmazonFlexPay
     #
     # Call <tt>AmazonFlexPay.go_live!</tt> to enable live transactions and real money in this environment.
     def go_live!
-      self.api_endpoint = 'https://fps.amazonaws.com/'
-      self.pipeline_endpoint = 'https://authorize.payments.amazon.com/cobranded-ui/actions/start'
+      self.api_endpoint = ENDPOINTS[:live][:api]
+      self.pipeline_endpoint = ENDPOINTS[:live][:cbui]
     end
+
+    def sign(endpoint, params)
+      Signature.new(secret_key, endpoint, params).generate
+    end
+
   end
 
 end

data/lib/amazon_flex_pay/api.rb

@@ -1,21 +1,20 @@
-# load all api classes
-require 'amazon_flex_pay/api/base_request'
-Dir[File.dirname(__FILE__) + '/api/*'].each do |p| require "amazon_flex_pay/api/#{File.basename(p)}" end
+require_relative 'api/base_request'
+Dir[File.dirname(__FILE__) + '/api/*'].each do |p| require_relative "api/#{File.basename(p)}" end
 
 module AmazonFlexPay
-  class << self
+  module API
     # Cancels a transaction.
     #
     # See http://docs.amazonwebservices.com/AmazonFPS/latest/FPSAdvancedGuide/Cancel.html
     def cancel(transaction_id, options = {})
-      API::Cancel.new(options.merge(:transaction_id => transaction_id)).submit
+      submit Cancel.new(options.merge(:transaction_id => transaction_id))
     end
 
     # Cancels a token.
     #
     # See http://docs.amazonwebservices.com/AmazonFPS/latest/FPSAdvancedGuide/CancelToken.html
     def cancel_token(token_id, options = {})
-      API::CancelToken.new(options.merge(:token_id => token_id)).submit
+      submit CancelToken.new(options.merge(:token_id => token_id))
     end
 
     # Searches through transactions on your account. Helpful if you want to compare vs your own records,
@@ -23,21 +22,21 @@ module AmazonFlexPay
     #
     # See http://docs.amazonwebservices.com/AmazonFPS/latest/FPSAccountManagementGuide/GetAccountActivity.html
     def get_account_activity(start_date, end_date, options = {})
-      API::GetAccountActivity.new(options.merge(:start_date => start_date, :end_date => end_date)).submit
+      submit GetAccountActivity.new(options.merge(:start_date => start_date, :end_date => end_date))
     end
 
     # Gets your Amazon Payments account balance.
     #
     # See http://docs.amazonwebservices.com/AmazonFPS/latest/FPSAccountManagementGuide/GetAccountBalance.html
     def get_account_balance
-      API::GetAccountBalance.new.submit
+      submit GetAccountBalance.new
     end
 
     # Returns the status of a recipient's Amazon account.
     #
     # See http://docs.amazonwebservices.com/AmazonFPS/latest/FPSAdvancedGuide/GetRecipientVerificationStatus.html
     def get_recipient_verification_status(recipient_token_id)
-      API::GetRecipientVerificationStatus.new(:recipient_token_id => recipient_token_id).submit
+      submit GetRecipientVerificationStatus.new(:recipient_token_id => recipient_token_id)
     end
 
     # Returns information about a token's state from a caller reference.
@@ -48,21 +47,21 @@ module AmazonFlexPay
     #
     # See http://docs.amazonwebservices.com/AmazonFPS/latest/FPSAdvancedGuide/GetTokensByCaller.html
     def get_token_by_caller_reference(ref)
-      API::GetTokenByCaller.new(:caller_reference => ref).submit
+      submit GetTokenByCaller.new(:caller_reference => ref)
     end
 
     # Returns information about a token's state from a token id.
     #
     # See http://docs.amazonwebservices.com/AmazonFPS/latest/FPSAdvancedGuide/GetTokensByCaller.html
     def get_token_by_id(id)
-      API::GetTokenByCaller.new(:token_id => id).submit
+      submit GetTokenByCaller.new(:token_id => id)
     end
 
     # Returns information about how much of the token has been used, and what remains.
     #
     # See http://docs.amazonwebservices.com/AmazonFPS/latest/FPSAccountManagementGuide/GetTokenUsage.html
     def get_token_usage(id)
-      API::GetTokenUsage.new(:token_id => id).submit
+      submit GetTokenUsage.new(:token_id => id)
     end
 
     # Returns all of your tokens. Note that when you send someone through a recipient pipeline, that registers
@@ -74,7 +73,7 @@ module AmazonFlexPay
     #
     # See http://docs.amazonwebservices.com/AmazonFPS/latest/FPSAccountManagementGuide/GetTokens.html
     def get_tokens(options = {})
-      API::GetTokens.new(options).submit
+      submit GetTokens.new(options)
     end
 
     # Returns all of Amazon's details about a transaction, such as its status and when it began and finished
@@ -82,7 +81,7 @@ module AmazonFlexPay
     #
     # See http://docs.amazonwebservices.com/AmazonFPS/latest/FPSAccountManagementGuide/GetTransaction.html
     def get_transaction(id)
-      API::GetTransaction.new(:transaction_id => id).submit
+      submit GetTransaction.new(:transaction_id => id)
     end
 
     # Returns the current status of the transaction. Note that this information is also available from
@@ -90,7 +89,7 @@ module AmazonFlexPay
     #
     # See http://docs.amazonwebservices.com/AmazonFPS/latest/FPSAccountManagementGuide/GetTransactionStatus.html
     def get_transaction_status(id)
-      API::GetTransactionStatus.new(:transaction_id => id).submit
+      submit GetTransactionStatus.new(:transaction_id => id)
     end
 
     # Begins a Pay request for a sender token. If you are not also the recipient (this is a three-party marketplace
@@ -100,11 +99,11 @@ module AmazonFlexPay
     #
     # See http://docs.amazonwebservices.com/AmazonFPS/latest/FPSAdvancedGuide/Pay.html
     def pay(value, currency, sender_token_id, caller_reference, options = {})
-      API::Pay.new(options.merge(
+      submit Pay.new(options.merge(
         :transaction_amount => {:value => value, :currency_code => currency},
         :sender_token_id => sender_token_id,
         :caller_reference => caller_reference
-      )).submit
+      ))
     end
 
     # Begins a Reserve request for the sender token. Very similar to <tt>pay</tt>.
@@ -113,11 +112,11 @@ module AmazonFlexPay
     #
     # See http://docs.amazonwebservices.com/AmazonFPS/latest/FPSAdvancedGuide/Reserve.html
     def reserve(value, currency, sender_token_id, caller_reference, options = {})
-      API::Reserve.new(options.merge(
+      submit Reserve.new(options.merge(
         :transaction_amount => {:value => value, :currency_code => currency},
         :sender_token_id => sender_token_id,
         :caller_reference => caller_reference
-      )).submit
+      ))
     end
 
     # Refunds a transaction. By default it will refund the entire transaction, but you can
@@ -127,7 +126,7 @@ module AmazonFlexPay
     #
     # See http://docs.amazonwebservices.com/AmazonFPS/latest/FPSAdvancedGuide/Refund.html
     def refund(transaction_id, caller_reference, options = {})
-      API::Refund.new(options.merge(:transaction_id => transaction_id, :caller_reference => caller_reference)).submit
+      submit Refund.new(options.merge(:transaction_id => transaction_id, :caller_reference => caller_reference))
     end
 
     # If you have a Reserve transaction, use this to Settle (capture) it.
@@ -136,7 +135,7 @@ module AmazonFlexPay
     #
     # See http://docs.amazonwebservices.com/AmazonFPS/latest/FPSAdvancedGuide/Settle.html
     def settle(transaction_id, options = {})
-      API::Settle.new(options.merge(:reserve_transaction_id => transaction_id)).submit
+      submit Settle.new(options.merge(:reserve_transaction_id => transaction_id))
     end
 
     # This is how you verify IPNs and pipeline responses.
@@ -154,7 +153,35 @@ module AmazonFlexPay
     #
     # Please use <tt>verify_request</tt> instead to make sure the URL and params remain properly formatted.
     def verify_signature(url, params)
-      API::VerifySignature.new(:url_end_point => url, :http_parameters => params).submit
+      submit VerifySignature.new(:url_end_point => url, :http_parameters => params)
+    end
+
+    protected
+
+    # This compiles an API request object into a URL, sends it to Amazon, and processes
+    # the response.
+    def submit(request)
+      url = request.to_url
+      ActiveSupport::Notifications.instrument("amazon_flex_pay.api", :action => request.action_name, :request => url) do |payload|
+        begin
+          http = RestClient.get(url)
+
+          payload[:response] = http.body
+          payload[:code] = http.code
+
+          response = request.class::Response.from_xml(http.body)
+          response.request = request
+          response
+
+        rescue RestClient::BadRequest, RestClient::Unauthorized, RestClient::Forbidden => e
+          payload[:response] = e.http_body
+          payload[:code] = e.http_code
+
+          er = AmazonFlexPay::API::BaseRequest::ErrorResponse.from_xml(e.response.body)
+          klass = AmazonFlexPay::API.const_get(er.errors.first.code)
+          raise klass.new(er.errors.first.code, er.errors.first.message, er.request_id, request)
+        end
+      end
     end
   end
 end

data/lib/amazon_flex_pay/api/base_request.rb

@@ -1,45 +1,30 @@
 module AmazonFlexPay::API #:nodoc:
   class BaseRequest < AmazonFlexPay::Model
-    # This compiles an API request object into a URL, sends it to Amazon, and processes
-    # the response.
-    def submit
-      url = AmazonFlexPay.api_endpoint + '?' + AmazonFlexPay.query_string(self.to_params)
-      ActiveSupport::Notifications.instrument("amazon_flex_pay.api", :action => action_name, :request => url) do |payload|
-        begin
-          http = RestClient.get(url)
-
-          payload[:response] = http.body
-          payload[:code] = http.code
-
-          response = self.class::Response.from_xml(http.body)
-          response.request = self
-          response
-
-        rescue RestClient::BadRequest, RestClient::Unauthorized, RestClient::Forbidden => e
-          payload[:response] = e.http_body
-          payload[:code] = e.http_code
+    def to_url
+      AmazonFlexPay.api_endpoint + '?' + self.to_param
+    end
 
-          er = ErrorResponse.from_xml(e.response.body)
-          klass = AmazonFlexPay::API.const_get(er.errors.first.code)
-          raise klass.new(er.errors.first.code, er.errors.first.message, er.request_id, self)
-        end
-      end
+    def to_param
+      params = to_hash.merge(
+        'AWSAccessKeyId' => AmazonFlexPay.access_key,
+        'Timestamp' => format_value(Time.now),
+        'SignatureVersion' => 2,
+        'SignatureMethod' => 'HmacSHA256'
+      )
+      params['Signature'] = AmazonFlexPay.sign(AmazonFlexPay.api_endpoint, params)
+      AmazonFlexPay::Util.query_string(params)
     end
 
     # Converts the API request object into parameters and signs them.
-    def to_params
-      params = self.to_hash.merge(
+    def to_hash
+      super.merge(
         'Action' => action_name,
-        'AWSAccessKeyId' => AmazonFlexPay.access_key,
-        'Version' => AmazonFlexPay::API_VERSION,
-        'Timestamp' => format_value(Time.now)
+        'Version' => AmazonFlexPay::API_VERSION
       )
+    end
 
-      params['SignatureVersion'] = 2
-      params['SignatureMethod'] = 'HmacSHA256'
-      params['Signature'] = AmazonFlexPay.signature(AmazonFlexPay.api_endpoint, params)
-
-      params
+    def action_name #:nodoc:
+      self.class.to_s.split('::').last
     end
 
     class BaseResponse < AmazonFlexPay::Model
@@ -77,12 +62,5 @@ module AmazonFlexPay::API #:nodoc:
         attribute :message
       end
     end
-
-
-    protected
-
-    def action_name #:nodoc:
-      self.class.to_s.split('::').last
-    end
   end
 end

data/lib/amazon_flex_pay/pipelines.rb

@@ -1,15 +1,15 @@
-require 'amazon_flex_pay/pipelines/base'
-Dir[File.dirname(__FILE__) + '/pipelines/*'].each do |p| require "amazon_flex_pay/pipelines/#{File.basename(p)}" end
+require_relative 'pipelines/base'
+Dir[File.dirname(__FILE__) + '/pipelines/*'].each do |p| require_relative "pipelines/#{File.basename(p)}" end
 
 module AmazonFlexPay
-  class << self
+  module Pipelines
     # Creates a pipeline that may be used to change the payment method of a token.
     #
     # Note that this does not allow changing a token's limits or recipients or really anything but the method.
     #
     # See http://docs.amazonwebservices.com/AmazonFPS/latest/FPSAdvancedGuide/EditTokenPipeline.html
-    def edit_token_pipeline(caller_reference, options = {})
-      AmazonFlexPay::Pipelines::EditToken.new(options.merge(:caller_reference => caller_reference))
+    def edit_token_pipeline(caller_reference, return_url, options = {})
+      cbui EditToken.new(options.merge(:caller_reference => caller_reference, :return_url => return_url))
     end
 
     # Creates a pipeline that will authorize you to send money _from_ the user multiple times.
@@ -18,15 +18,15 @@ module AmazonFlexPay
     # you only plan to collect from the token once.
     #
     # See http://docs.amazonwebservices.com/AmazonFPS/latest/FPSAdvancedGuide/MultiUsePipeline.html
-    def multi_use_pipeline(caller_reference, options = {})
-      AmazonFlexPay::Pipelines::MultiUse.new(options.merge(:caller_reference => caller_reference))
+    def multi_use_pipeline(caller_reference, return_url, options = {})
+      cbui MultiUse.new(options.merge(:caller_reference => caller_reference, :return_url => return_url))
     end
 
     # Creates a pipeline that will authorize you to send money _to_ the user.
     #
     # See http://docs.amazonwebservices.com/AmazonFPS/latest/FPSAdvancedGuide/CBUIapiMerchant.html
-    def recipient_pipeline(caller_reference, options = {})
-      AmazonFlexPay::Pipelines::Recipient.new(options.merge(:caller_reference => caller_reference))
+    def recipient_pipeline(caller_reference, return_url, options = {})
+      cbui Recipient.new(options.merge(:caller_reference => caller_reference, :return_url => return_url))
     end
 
     # Creates a pipeline that will authorize you to send money _from_ the user one time.
@@ -34,8 +34,14 @@ module AmazonFlexPay
     # Note that if this payment fails, you must create another pipeline to get another token.
     #
     # See http://docs.amazonwebservices.com/AmazonFPS/2010-08-28/FPSBasicGuide/SingleUsePipeline.html
-    def single_use_pipeline(caller_reference, options = {})
-      AmazonFlexPay::Pipelines::SingleUse.new(options.merge(:caller_reference => caller_reference))
+    def single_use_pipeline(caller_reference, return_url, options = {})
+      cbui SingleUse.new(options.merge(:caller_reference => caller_reference, :return_url => return_url))
+    end
+
+    protected
+
+    def cbui(pipeline)
+      pipeline.to_url
     end
   end
 end

data/lib/amazon_flex_pay/pipelines/base.rb

@@ -1,29 +1,32 @@
 module AmazonFlexPay::Pipelines #:nodoc:
   class Base < AmazonFlexPay::Model
+    attribute :'returnURL' # required
     attribute :caller_reference # required
     attribute :cobranding_style
     attribute :cobranding_url
     attribute :website_description
 
     # Returns a full redirectable URL for this pipeline.
-    def url(return_url)
-      AmazonFlexPay.pipeline_endpoint + '?' + AmazonFlexPay.query_string(to_params(return_url))
+    def to_url
+      AmazonFlexPay.pipeline_endpoint + '?' + self.to_param
     end
 
     # Converts the Pipeline object into parameters and signs them.
-    def to_params(return_url)
-      params = self.to_hash.merge(
-        'pipelineName' => pipeline_name,
+    def to_param
+      params = to_hash.merge(
         'callerKey' => AmazonFlexPay.access_key,
-        'version' => AmazonFlexPay::PIPELINE_VERSION,
-        'returnURL' => return_url
+        'signatureVersion' => 2,
+        'signatureMethod' => 'HmacSHA256'
       )
+      params['signature'] = AmazonFlexPay.sign(AmazonFlexPay.pipeline_endpoint, params)
+      AmazonFlexPay::Util.query_string(params)
+    end
 
-      params['signatureVersion'] = 2
-      params['signatureMethod'] = 'HmacSHA256'
-      params['signature'] = AmazonFlexPay.signature(AmazonFlexPay.pipeline_endpoint, params)
-
-      params
+    def to_hash
+      super().merge(
+        'pipelineName' => pipeline_name,
+        'version' => AmazonFlexPay::PIPELINE_VERSION
+      )
     end
 
     protected

data/lib/amazon_flex_pay/signature.rb

@@ -0,0 +1,24 @@
+module AmazonFlexPay
+  # Generates a signature for the given URL and parameters.
+  class Signature
+    def initialize(secret_key, endpoint, params)
+      @secret_key, @endpoint, @params = secret_key, endpoint, params
+    end
+
+    def generate
+      Base64.encode64(OpenSSL::HMAC.digest(OpenSSL::Digest::SHA256.new, @secret_key, signable)).strip
+    end
+
+    private
+
+    def signable
+      uri = URI.parse(@endpoint)
+      [
+        'GET',
+        uri.host,
+        uri.path,
+        AmazonFlexPay::Util.query_string(@params)
+      ].join("\n")
+    end
+  end
+end