amazon_flex_pay 0.9.2

data/lib/amazon_flex_pay/data_types.rb

@@ -0,0 +1,138 @@
+# Complex Data Types pulled from the documentation, with some obvious corrections.
+#
+# See http://docs.amazonwebservices.com/AmazonFPS/latest/FPSAdvancedGuide/ComplexDataTypes.html
+module AmazonFlexPay::DataTypes
+  # moved from Enumerations
+  class AccountBalance < AmazonFlexPay::Model #:nodoc:
+    attribute :available_balances, :type => :available_balances
+    attribute :pending_in_balance, :type => :amount
+    attribute :pending_out_balance, :type => :amount
+    attribute :total_balance, :type => :amount
+  end
+
+  class Amount < AmazonFlexPay::Model #:nodoc:
+    attribute :currency_code, :enumeration => :currency_code
+    attribute :value
+  end
+
+  class AvailableBalances < AmazonFlexPay::Model #:nodoc:
+    attribute :disburse_balance, :type => :amount
+    attribute :refund_balance, :type => :amount
+  end
+
+  class DebtBalance < AmazonFlexPay::Model #:nodoc:
+    attribute :available_balance, :type => :amount
+    attribute :pending_out_balance, :type => :amount
+  end
+
+  class DescriptorPolicy < AmazonFlexPay::Model #:nodoc:
+    attribute :'CSOwner', :enumeration => :cs_owner
+    attribute :soft_descriptor_type, :enumeration => :soft_descriptor_type
+  end
+
+  class OutstandingDebtBalance < AmazonFlexPay::Model #:nodoc:
+    attribute :outstanding_balance, :type => :amount
+    attribute :pending_out_balance, :type => :amount
+  end
+
+  class OutstandingPrepaidLiability < AmazonFlexPay::Model #:nodoc:
+    attribute :outstanding_balance, :type => :amount
+    attribute :pending_in_balance, :type => :amount
+  end
+
+  class PrepaidBalance < AmazonFlexPay::Model #:nodoc:
+    attribute :available_balance, :type => :amount
+    attribute :pending_in_balance, :type => :amount
+  end
+
+  class RelatedTransaction < AmazonFlexPay::Model #:nodoc:
+    attribute :relation_type, :enumeration => :relation_type
+    attribute :transaction_id
+  end
+
+  class StatusHistory < AmazonFlexPay::Model #:nodoc:
+    attribute :amount, :type => :amount
+    attribute :date
+    attribute :status_code
+    attribute :transaction_status, :enumeration => :transaction_status
+  end
+
+  class Token < AmazonFlexPay::Model #:nodoc:
+    attribute :caller_reference
+    attribute :date_installed
+    attribute :friendly_name
+    attribute :old_token_id
+    attribute :payment_reason
+    attribute :token_id
+    attribute :token_status, :enumeration => :token_status
+    attribute :token_type, :enumeration => :token_type
+  end
+
+  class TokenUsageLimit < AmazonFlexPay::Model #:nodoc:
+    attribute :amount, :type => :amount
+    attribute :last_reset_amount, :type => :amount
+    attribute :count
+    attribute :last_reset_count
+    attribute :last_reset_timestamp
+  end
+
+  class Transaction < AmazonFlexPay::Model #:nodoc:
+    attribute :balance, :type => :amount
+    attribute :caller_name
+    attribute :caller_transaction_date
+    attribute :date_completed
+    attribute :date_received
+    attribute :'FPSFees', :type => :amount
+    attribute :'FPSOperation', :enumeration => :fps_operation
+    attribute :original_transaction_id
+    attribute :payment_method, :enumeration => :payment_method
+    attribute :recipient_name
+    attribute :recipient_token_id
+    attribute :sender_name
+    attribute :sender_token_id
+    attribute :status_code
+    attribute :status_message
+    attribute :transaction_amount, :type => :amount
+    attribute :transaction_id
+    attribute :transaction_part, :collection => :transaction_part
+    attribute :transaction_status, :enumeration => :transaction_status
+  end
+
+  class TransactionDetail < AmazonFlexPay::Model #:nodoc:
+    attribute :caller_name
+    attribute :caller_description
+    attribute :caller_reference
+    attribute :credit_instrument_id
+    attribute :date_received
+    attribute :date_completed
+    attribute :'FPSFees', :type => :amount
+    attribute :'FPSFeesPaidBy', :enumeration => :transactional_role
+    attribute :'FPSOperation', :enumeration => :fps_operation
+    attribute :marketplace_fees, :type => :amount
+    attribute :payment_method, :enumeration => :payment_method
+    attribute :prepaid_instrument_id
+    attribute :recipient_email
+    attribute :recipient_name
+    attribute :recipient_token_id
+    attribute :related_transaction, :type => :related_transaction
+    attribute :sender_description
+    attribute :sender_email
+    attribute :sender_name
+    attribute :sender_token_id
+    attribute :status_code
+    attribute :status_history, :collection => :status_history
+    attribute :status_message
+    attribute :transaction_amount, :type => :amount
+    attribute :transaction_id
+    attribute :transaction_status, :enumeration => :transaction_status
+  end
+
+  class TransactionPart < AmazonFlexPay::Model #:nodoc:
+    attribute :description
+    attribute :fees_paid, :type => :amount
+    attribute :instrument_id
+    attribute :name
+    attribute :reference
+    attribute :role, :enumeration => :transactional_role
+  end
+end

data/lib/amazon_flex_pay/enumerations.rb

@@ -0,0 +1,23 @@
+# Enumerated sets pulled from documentation, with some obvious corrections.
+#
+# See http://docs.amazonwebservices.com/AmazonFPS/latest/FPSAdvancedGuide/EnumeratedDataTypes.html
+module AmazonFlexPay::Enumerations
+  AmountType = %w(Exact Maximum Minimum) # undocumented
+  ChargeFeeTo = %w(Caller Recipient)
+  CsOwner = %w(Caller Recipient) # undocumented
+  CurrencyCode = %w(USD)
+  FpsOperation = %w(Pay Refund Settle SettleDebt WriteOffDebt FundPrepaid Reserve)
+  InstrumentId = %w(InstrumentId) # whaaaaaaat? should go in DataTypes probably, but it actually seems like a simple field.
+  InstrumentStatus = %w(Active All Cancelled)
+  MarketplaceRefundPolicy = %w(MarketplaceTxnOnly MasterAndMarketplaceTxn MasterTxnOnly) # moved from DataTypes
+  PaymentMethod = %w(ABT ACH CC Debt Prepaid)
+  RecipientVerificationStatus = %w(VerificationComplete VerificationPending VerificationCompleteNoLimits) # moved from DataTypes
+  RelationType = %w(MarketplaceFee Parent Refund RefundReversal Reserve Settle)
+  SoftDescriptorType = %w(Static Dynamic) # undocumented
+  SortOrderByDate = %w(Ascending Descending)
+  TokenStatus = %w(Active Inactive)
+  TokenType = %w(MultiUse Recurring SingleUse Unrestricted)
+  TransactionalRole = %w(Caller Recipient Sender)
+  TransactionStatus = %w(Cancelled Failure Pending Reserved Success)
+  UsageLimitType = %w(Amount Count) # undocumented
+end

data/lib/amazon_flex_pay/model.rb

@@ -0,0 +1,130 @@
+module AmazonFlexPay
+  
+  class Model
+    class << self
+      # Creates an attribute by defining reader and writer methods. These attributes will
+      # also be returned by AmazonFlexPay::Model#to_hash for processing into query strings, etc.
+      #
+      # A few different attribute types are supported.
+      #
+      # === Enumerated Attributes
+      # If Amazon only supports certain values, this will enforce a whitelist. Name one of
+      # the existing enumerations from AmazonFlexPay::Enumerations like this:
+      #
+      #   attribute :status, :enumeration => :token_status
+      #
+      # === Complex Attributes
+      # When the attribute itself has attributes, name one of the existing complex data types
+      # from AmazonFlexPay::DataTypes like this:
+      #
+      #   attribute :final_amount, :type => :amount
+      #
+      # === Arrays of Complex Attributes
+      # When Amazon's XML returns (or has the potential to return) multiples of a complex data
+      # type, declare it like this:
+      #
+      #   attribute :transaction, :collection => :transaction_detail
+      #
+      # And then for convenience and readability, alias a plural method:
+      #
+      #   alias_method :transactions, :transaction
+      def attribute(attr, options = {})
+        attribute_names << attr.to_s.camelcase
+        name = attr.to_s.underscore
+
+        # reader
+        attr_reader name
+
+        # writer
+        if options[:enumeration]
+          enumerated_attribute(name, options[:enumeration])
+        elsif options[:type]
+          complex_attribute(name, options[:type])
+        elsif options[:collection]
+          collection_attribute(name, options[:collection])
+        else
+          attr_writer name
+        end
+      end
+
+      # The names of all of the attributes of this model, in CamelCase.
+      def attribute_names
+        @attributes ||= (self == Model) ? [] : superclass.attribute_names.dup
+      end
+
+      def enumerated_attribute(attr, source = nil) #:nodoc:
+        source ||= attr
+        class_eval <<-END
+          def #{attr}=(val)
+            options = AmazonFlexPay::Enumerations::#{source.to_s.camelcase}
+            unless options.include?(val)
+              raise ArgumentError.new("\#{val} is not an allowed option (\#{options.join(', ')})")
+            end
+            @#{attr} = val
+          end
+        END
+      end
+
+      def complex_attribute(attr, data_type = nil) #:nodoc:
+        data_type ||= attr
+        class_eval <<-END
+          def #{attr}=(hash)
+            @#{attr} = AmazonFlexPay::DataTypes::#{data_type.to_s.camelcase}.new(hash)
+          end
+        END
+      end
+
+      def collection_attribute(attr, data_type = nil) #:nodoc:
+        class_eval <<-END
+          def #{attr}=(array)
+            @#{attr} = [array].flatten.map{|hash| AmazonFlexPay::DataTypes::#{data_type.to_s.camelcase}.new(hash)}
+          end
+        END
+      end
+    end
+
+    def initialize(hash = {}) #:nodoc:
+      assign(hash)
+    end
+
+    protected
+
+    # Formats all attributes into a hash of parameters.
+    def to_hash
+      self.class.attribute_names.inject({}) do |hash, name|
+        val = send(name.underscore)
+        if val.nil? or val == ''
+          hash
+        else
+          hash.merge(format_key(name) => val.is_a?(AmazonFlexPay::Model) ? val.to_hash : format_value(val))
+        end
+      end
+    end
+
+    # By default all parameter keys are CamelCase.
+    def format_key(key)
+      key.camelcase
+    end
+
+    # Formats times and booleans as Amazon desires them.
+    def format_value(val)
+      case val
+        when Time
+        val.utc.strftime('%Y-%m-%dT%H:%M:%SZ')
+
+        when TrueClass, FalseClass
+        val.to_s.capitalize
+
+        else
+        val.to_s
+      end
+    end
+
+    # Allows easy initialization for a model by assigning attributes from a hash.
+    def assign(hash)
+      hash.each do |k, v|
+        send("#{k.to_s.underscore}=", v.respond_to?(:strip) ? v.strip : v)
+      end
+    end
+  end
+end

data/lib/amazon_flex_pay/pipelines/base.rb

@@ -0,0 +1,40 @@
+module AmazonFlexPay::Pipelines #:nodoc:
+  class Base < AmazonFlexPay::Model
+    attribute :caller_reference # required
+    attribute :cobranding_style
+    attribute :cobranding_url
+    attribute :website_description
+
+    # Returns a full redirectable URL for this pipeline.
+    def url(return_url)
+      AmazonFlexPay.pipeline_endpoint + '?' + AmazonFlexPay.query_string(to_params(return_url))
+    end
+
+    # Converts the Pipeline object into parameters and signs them.
+    def to_params(return_url)
+      params = self.to_hash.merge(
+        'pipelineName' => pipeline_name,
+        'callerKey' => AmazonFlexPay.access_key,
+        'version' => AmazonFlexPay::PIPELINE_VERSION,
+        'returnURL' => return_url
+      )
+
+      params['signatureVersion'] = 2
+      params['signatureMethod'] = 'HmacSHA256'
+      params['signature'] = AmazonFlexPay.signature(AmazonFlexPay.pipeline_endpoint, params)
+
+      params
+    end
+
+    protected
+
+    # For pipelines, parameter keys are camelCase instead of CamelCase.
+    def format_key(key)
+      key.camelcase(:lower)
+    end
+
+    def pipeline_name #:nodoc:
+      self.class.to_s.split('::').last
+    end
+  end
+end

data/lib/amazon_flex_pay/pipelines/edit_token.rb

@@ -0,0 +1,6 @@
+module AmazonFlexPay::Pipelines #:nodoc:
+  class EditToken < Base #:nodoc:
+    attribute :token_id # required
+    attribute :payment_method, :enumeration => :payment_method
+  end
+end

data/lib/amazon_flex_pay/pipelines/multi_use.rb

@@ -0,0 +1,28 @@
+module AmazonFlexPay::Pipelines #:nodoc:
+  class MultiUse < Base #:nodoc:
+    attribute :global_amount_limit # required
+    attribute :amount_type, :enumeration => :amount_type
+    attribute :transaction_amount
+    attribute :currency_code, :enumeration => :currency_code
+    attribute :payment_method, :enumeration => :payment_method
+    attribute :payment_reason
+    attribute :is_recipient_cobranding
+    attribute :recipient_token_list
+    attribute :usage_limit_type1, :enumeration => :usage_limit_type
+    attribute :usage_limit_period1
+    attribute :usage_limit_value1
+    attribute :usage_limit_type2, :enumeration => :usage_limit_type
+    attribute :usage_limit_period2
+    attribute :usage_limit_value2
+    attribute :validity_expiry
+    attribute :validity_start
+    attribute :collect_shipping_address
+    attribute :address_name
+    attribute :address_line1
+    attribute :address_line2
+    attribute :city
+    attribute :state
+    attribute :zip
+    attribute :phone_number
+  end
+end

data/lib/amazon_flex_pay/pipelines/recipient.rb

@@ -0,0 +1,10 @@
+module AmazonFlexPay::Pipelines #:nodoc:
+  class Recipient < Base #:nodoc:
+    attribute :recipient_pays_fee # required
+    attribute :payment_method, :enumeration => :payment_method
+    attribute :max_fixed_fee
+    attribute :max_variable_fee
+    attribute :validity_expiry
+    attribute :validity_start
+  end
+end

data/lib/amazon_flex_pay/pipelines/single_use.rb

@@ -0,0 +1,24 @@
+module AmazonFlexPay::Pipelines #:nodoc:
+  class SingleUse < Base #:nodoc:
+    attribute :recipient_token # required
+    attribute :transaction_amount # required
+    attribute :currency_code, :enumeration => :currency_code
+    attribute :item_total
+    attribute :shipping
+    attribute :handling
+    attribute :discount
+    attribute :tax
+    attribute :address_name
+    attribute :address_line1
+    attribute :address_line2
+    attribute :city
+    attribute :state
+    attribute :zip
+    attribute :phone_number
+    attribute :collect_shipping_address
+    attribute :gift_wrapping
+    attribute :payment_method, :enumeration => :payment_method
+    attribute :payment_reason
+    attribute :reserve
+  end
+end

data/lib/amazon_flex_pay/pipelines.rb

@@ -0,0 +1,41 @@
+require 'amazon_flex_pay/pipelines/base'
+Dir[File.dirname(__FILE__) + '/pipelines/*'].each do |p| require "amazon_flex_pay/pipelines/#{File.basename(p)}" end
+
+module AmazonFlexPay
+  class << self
+    # Creates a pipeline that may be used to change the payment method of a token.
+    #
+    # Note that this does not allow changing a token's limits or recipients or really anything but the method.
+    #
+    # See http://docs.amazonwebservices.com/AmazonFPS/latest/FPSAdvancedGuide/EditTokenPipeline.html
+    def edit_token_pipeline(caller_reference, options = {})
+      AmazonFlexPay::Pipelines::EditToken.new(options.merge(:caller_reference => caller_reference))
+    end
+
+    # Creates a pipeline that will authorize you to send money _from_ the user multiple times.
+    #
+    # This is also necessary to create sender tokens that are valid for a long period of time, even if
+    # you only plan to collect from the token once.
+    #
+    # See http://docs.amazonwebservices.com/AmazonFPS/latest/FPSAdvancedGuide/MultiUsePipeline.html
+    def multi_use_pipeline(caller_reference, options = {})
+      AmazonFlexPay::Pipelines::MultiUse.new(options.merge(:caller_reference => caller_reference))
+    end
+
+    # Creates a pipeline that will authorize you to send money _to_ the user.
+    #
+    # See http://docs.amazonwebservices.com/AmazonFPS/latest/FPSAdvancedGuide/CBUIapiMerchant.html
+    def recipient_pipeline(caller_reference, options = {})
+      AmazonFlexPay::Pipelines::Recipient.new(options.merge(:caller_reference => caller_reference))
+    end
+
+    # Creates a pipeline that will authorize you to send money _from_ the user one time.
+    #
+    # Note that if this payment fails, you must create another pipeline to get another token.
+    #
+    # See http://docs.amazonwebservices.com/AmazonFPS/2010-08-28/FPSBasicGuide/SingleUsePipeline.html
+    def single_use_pipeline(caller_reference, options = {})
+      AmazonFlexPay::Pipelines::SingleUse.new(options.merge(:caller_reference => caller_reference))
+    end
+  end
+end

data/lib/amazon_flex_pay/signing.rb

@@ -0,0 +1,42 @@
+module AmazonFlexPay
+  class << self
+    # Returns a signature for the given URL and parameters.
+    def signature(endpoint, params)
+      uri = URI.parse(endpoint)
+
+      signable_string = [
+        'GET',
+        uri.host,
+        uri.path,
+        query_string(params)
+      ].join("\n")
+
+      Base64.encode64(OpenSSL::HMAC.digest(OpenSSL::Digest::SHA256.new, AmazonFlexPay.secret_key, signable_string)).strip
+    end
+
+    # Flattens a possibly-nested hash into a query string for Amazon.
+    # With Amazon, nested hashes are flattened with a period, as follows:
+    #
+    #   AmazonFlexPay.query_string(:foo => {:hello => 'world'})
+    #   => "foo.hello=world"
+    #
+    def query_string(params, prefix = nil) #:nodoc:
+      prefix = "#{prefix}." if prefix
+      params.keys.sort { |a, b| a.to_s <=> b.to_s }.collect do |key|
+        case val = params[key]
+          when Hash
+          query_string(val, key)
+          else
+          "#{prefix}#{key}=#{escape val}"
+        end
+      end.join('&')
+    end
+
+    UNSAFE = /[^A-Za-z0-9_.~-]/ #:nodoc:
+    # Amazon is very specific about which chars should be escaped, and which should not.
+    def escape(value) #:nodoc:
+      # note that URI.escape(' ') => '%20', and CGI.escape(' ') => '+'
+      URI.escape(value.to_s, UNSAFE)
+    end
+  end
+end

data/lib/amazon_flex_pay.rb

@@ -0,0 +1,53 @@
+require 'uri'
+require 'base64'
+require 'openssl'
+
+require 'rubygems'
+require 'rest_client'
+require 'multi_xml'
+require 'active_support/core_ext/string/inflections' # camelcase, underscore
+
+require 'amazon_flex_pay/signing'
+require 'amazon_flex_pay/model'
+require 'amazon_flex_pay/data_types'
+require 'amazon_flex_pay/enumerations'
+
+require 'amazon_flex_pay/api'
+require 'amazon_flex_pay/pipelines'
+
+module AmazonFlexPay
+  VERSION = '0.9.2'
+  API_VERSION = '2010-08-28'
+  PIPELINE_VERSION = '2009-01-09'
+
+  class << self
+    attr_accessor :access_key
+    attr_accessor :secret_key
+
+    # The URL used for API calls.
+    #
+    # Defaults to the sandbox unless you set it explicitly or call <tt>go_live!</tt>.
+    def api_endpoint
+      @api_endpoint ||= 'https://fps.sandbox.amazonaws.com/'
+    end
+    attr_writer :api_endpoint
+
+    # The URL used for pipeline redirects.
+    #
+    # Defaults to the sandbox unless you set it explicitly or call <tt>go_live!</tt>.
+    def pipeline_endpoint
+      @pipeline_endpoint ||= 'https://authorize.payments-sandbox.amazon.com/cobranded-ui/actions/start'
+    end
+    attr_writer :pipeline_endpoint
+
+    # By default all API calls and pipeline redirects are in the Amazon Payments sandbox.
+    #
+    # Call <tt>AmazonFlexPay.go_live!</tt> to enable live transactions and real money in this environment.
+    def go_live!
+      self.api_endpoint = 'https://fps.amazonaws.com/'
+      self.pipeline_endpoint = 'https://authorize.payments.amazon.com/cobranded-ui/actions/start'
+    end
+  end
+
+end
+

data/test/amazon_flex_pay_test.rb

@@ -0,0 +1,117 @@
+require File.dirname(__FILE__) + '/test_helper'
+
+class AmazonFlexPayTest < AmazonFlexPay::Test
+  ## signing
+
+  should "generate a valid v2 signature" do
+    # NOTE: I'm not sure of a supplied signature example that I can copy, so
+    # I set this one up by making sure signatures were being accepted by
+    # Amazon and then generating and saving my own example. Kinda backwards
+    # but good enough for regression testing.
+    assert_equal "Ro7iH0M+1hIR/SXGvT1kmF6Tg5uUKRSUd1AWaJHOcpE=", AmazonFlexPay.signature('http://example.com/api', {:hello => 'world'})
+  end
+
+  ## query strings
+
+  should "create a sorted query string" do
+    assert_equal "a=1&b=2&c=3&d=4&e=5", AmazonFlexPay.query_string(:a => 1, :b => 2, :c => 3, :d => 4, :e => 5)
+  end
+
+  should "flatten nested hashes into a query string using periods" do
+    assert_equal "a.a=1&a.b=2&b=3", AmazonFlexPay.query_string(:b => 3, :a => {:a => 1, :b => 2})
+  end
+
+  should "percent-encode spaces and other characters for a query string" do
+    assert_equal 'a=hello%20world%21', AmazonFlexPay.query_string(:a => 'hello world!')
+  end
+
+  ## verifying a request
+
+  should "verify a GET request" do
+    request = stub(:get? => true, :protocol => 'http://', :host_with_port => 'example.com', :path => '/foo/bar', :query_string => 'a=1&b=2')
+    AmazonFlexPay.expects(:verify_signature).with('http://example.com/foo/bar', 'a=1&b=2').returns(true)
+    assert AmazonFlexPay.verify_request(request)
+  end
+
+  should "verify a POST request" do
+    request = stub(:get? => false, :protocol => 'http://', :host_with_port => 'example.com', :path => '/foo/bar', :raw_post => 'a=1&b=2')
+    AmazonFlexPay.expects(:verify_signature).with('http://example.com/foo/bar', 'a=1&b=2').returns(true)
+    assert AmazonFlexPay.verify_request(request)
+  end
+
+  # api basics
+
+  class TestRequest < AmazonFlexPay::API::Base
+    attribute :foo
+    attribute :amount, :type => :amount
+
+    class Response < AmazonFlexPay::API::Base::BaseResponse; end
+  end
+
+  should "add necessary fields and sign api requests" do
+    Time.stubs(:now).returns(Time.parse('Jan 1 2011')) # so the signature remains constant
+
+    request = TestRequest.new(:foo => 'bar', :amount => {:value => '3.14', :currency_code => 'USD'})
+    params = request.to_params
+
+    # simple attributes
+    assert_equal 'bar', params['Foo']
+
+    # complex attributes
+    assert_equal '3.14', params['Amount']['Value']
+    assert_equal 'USD', params['Amount']['CurrencyCode']
+
+    # standard additions
+    assert_equal 'foo', params['AWSAccessKeyId']
+    assert_equal 'TestRequest', params['Action']
+    assert_equal '2010-08-28', params['Version']
+
+    # the signature is backwards-calculated for regression testing
+    assert_equal 'kVNr+W7L3Z/A6sBrcz1FHdshQqPFU0YOPZJpMglofNk=', params['Signature']
+    assert_equal 'HmacSHA256',                                   params['SignatureMethod']
+    assert_equal 2,                                              params['SignatureVersion']
+  end
+
+  should "store the request in the response" do
+    RestClient.expects(:get).returns(stub(:body => cancel_token_response))
+    response = TestRequest.new(:foo => 'bar').submit
+    assert_equal 'bar', response.request.foo
+  end
+
+  should "catch and parse errors" do
+    http_response = RestClient::Response.create(error_response, nil, nil)
+    RestClient.expects(:get).raises(RestClient::BadRequest.new(http_response))
+
+    response = TestRequest.new(:foo => 'bar').submit
+    assert response.request_id
+    assert response.error?
+    assert response.errors.first.code
+    assert response.errors.first.message
+  end
+
+  should "not allow unknown values for enumerated attributes" do
+    assert_raises ArgumentError do TestRequest.new(:amount => {:currency_code => 'UNKOWN'}) end
+  end
+
+  # pipeline basics
+
+  class TestPipeline < AmazonFlexPay::Pipelines::Base
+    attribute :foo
+  end
+
+  should "add necessary fields and sign pipeline urls" do
+    Time.stubs(:now).returns(Time.parse('Jan 1 2011')) # so the signature remains constant
+
+    pipeline = TestPipeline.new(:foo => 'bar')
+    params = pipeline.to_params('http://example.com/return')
+
+    assert_equal 'TestPipeline', params['pipelineName']
+    assert_equal 'foo', params['callerKey']
+    assert_equal '2009-01-09', params['version']
+    assert_equal 'http://example.com/return', params['returnURL']
+
+    assert_equal 2,                                              params['signatureVersion']
+    assert_equal 'HmacSHA256',                                   params['signatureMethod']
+    assert_equal 'OuUJQqFBJhezmcWOAhDGcsD/6OXpOLVlcbF3XMIZO3U=', params['signature']
+  end
+end