atpay_ruby 0.0.5

data/lib/atpay/card.rb

@@ -0,0 +1,6 @@
+module AtPay
+  class Card
+    attr_accessor :token
+    # TODO: Accessors and utilities for fetching card details
+  end
+end

data/lib/atpay/email_address.rb

@@ -0,0 +1,4 @@
+module AtPay
+  class EmailAddress < Struct.new(:name, :address)
+  end
+end

data/lib/atpay/error.rb

@@ -0,0 +1,15 @@
+module AtPay
+  # TODO: differentiation on the transaction errors
+
+  class Error                   < RuntimeError; end;
+  class FatalError              < Error; end;
+  class InvalidSignatureError   < Error; end;
+  class TransactionError        < Error; end;
+  class ProcessorError          < TransactionError; end;
+  class EmailReservedError      < TransactionError; end;
+  class EmailNotRegisteredError < TransactionError; end;
+  class AddressMismatch         < TransactionError; end;
+  class OfferExpiredError       < TransactionError; end;
+  class DuplicateTokenError     < TransactionError; end;
+  class DuplicateGroupError     < TransactionError; end;
+end

data/lib/atpay/hook.rb

@@ -0,0 +1,34 @@
+require 'openssl'
+require 'multi_json'
+
+module AtPay
+  class Hook
+    def initialize(session, params)
+      @session   = session
+      @details   = params['details']
+      @signature = params['signature']
+
+      verify_signature!
+      verify_success!
+    end
+
+    def details
+      MultiJson.load(@details)
+    end
+
+    private
+    def verify_signature!
+      unless OpenSSL::HMAC.hexdigest('sha1', @session.private_key, @details) == @signature
+        raise InvalidSignatureError
+      end
+    end
+
+    def verify_success!
+      if @details['type'] == 'error'
+        raise Error.new(@details['error'])
+      elsif @details['type'] == 'fatal'
+        raise FatalError.new(@details['error'])
+      end
+    end
+  end
+end

data/lib/atpay/railtie.rb

@@ -0,0 +1,6 @@
+require 'rails'
+
+module AtPay
+  class Railtie < Rails::Railtie
+  end
+end

data/lib/atpay/session.rb

@@ -0,0 +1,17 @@
+module AtPay
+  class Session < Struct.new(:partner_id, :public_key, :private_key)
+    attr_accessor :endpoint
+
+    def atpay_public_key=(atpay_public_key)
+      @atpay_public_key = Base64.decode64(atpay_public_key)
+    end
+
+    def atpay_public_key
+      @atpay_public_key || PUBLIC_KEY
+    end
+
+    def endpoint
+      @endpoint || "https://dashboard.atpay.com"
+    end
+  end
+end

data/lib/atpay/token/bulk.rb

@@ -0,0 +1,16 @@
+require 'atpay/token/core'
+require 'atpay/token/encoder'
+
+module AtPay
+  module Token
+    class Bulk < Core
+      def initialize(session, amount, custom_data = {})
+        super
+
+        self.session               = session
+        self.amount                = amount
+        self.user_data.custom_data = custom_data
+      end
+    end
+  end
+end

data/lib/atpay/token/core.rb

@@ -0,0 +1,122 @@
+require 'ostruct'
+require 'multi_json'
+require 'atpay/token/registration'
+
+module AtPay
+  module Token
+    class Core
+      attr_accessor :session          # AtPay::Session instance
+      attr_accessor :version          # nil: Auth + Capture / 1: Validation (deprecated) / 2: Authorization Only
+      attr_accessor :amount           # Dollar amount to capture
+      attr_accessor :url
+      attr_accessor :email_address
+      attr_accessor :user_data
+      attr_accessor :expires
+      attr_accessor :group
+
+      def initialize(*args)
+        self.version            = nil
+        self.expires_in_seconds = (86400*14)        # two weeks
+        self.user_data          = OpenStruct.new
+      end
+
+      def email_address
+        if @email_address.is_a? String
+          email_address = EmailAddress.new
+          email_address.address = @email_address
+          email_address
+        else
+          @email_address
+        end
+      end
+
+      def name=(name)
+        self.user_data.name = name
+      end
+
+      def name
+        self.user_data.name
+      end
+
+      def url=(url)
+        self.user_data.url = url
+        @url = url
+      end
+
+      def expires_in_seconds=(seconds)
+        self.expires = Time.now.to_i + seconds
+      end
+
+      def estimated_fulfillment_days=(days)
+        self.auth_only!
+        self.user_data.fulfillment = days
+      end
+
+      def requires_shipping_address?
+        address_options.include?('shipping')
+      end
+
+      def requires_shipping_address=(v)
+        v ? add_address_option('shipping') : remove_address_option('shipping')
+      end
+
+      def requires_billing_address?
+        address_options.include?('billing')
+      end
+
+      def requires_billing_address=(v)
+        v ? add_address_option('billing') : remove_address_option('billing')
+      end
+
+      def custom_user_data=(str)
+        self.user_data.custom_user_data = str
+      end
+
+      def set_item_details=(item_details)
+        self.user_data.item_details = item_details
+      end
+
+      def set_item_quantity=(qty)
+        self.user_data.quantity = qty
+      end
+
+      def request_custom_data!(name, options={})
+        self.user_data.custom_fields ||= []
+        self.user_data.custom_fields << { name: name, required: !!options[:required] }
+      end
+
+      def auth_only!
+        self.version = 2
+      end
+
+      def register!
+        AtPay::Token::Registration.new(session, to_s)
+      end
+
+      def to_s
+        AtPay::Token::Encoder.new(session, version, amount, email_address, expires, url, encoded_user_data, group).email
+      end
+
+      private
+      def address_options
+        self.user_data.address.split(',')
+      rescue
+        []
+      end
+
+      def remove_address_option(address_option)
+        options = (address_options - [address_option])
+        self.user_data.address = options.uniq.join(',')
+      end
+
+      def add_address_option(address_option)
+        options = (address_options << address_option)
+        self.user_data.address = options.uniq.join(',')
+      end
+
+      def encoded_user_data
+        MultiJson.dump(user_data.to_h)
+      end
+    end
+  end
+end

data/lib/atpay/token/encoder.rb

@@ -0,0 +1,81 @@
+require 'atpay'
+require 'rbnacl'
+require 'base64'
+require 'securerandom'
+require 'atpay/email_address'
+require 'atpay/card'
+
+module AtPay
+  module Token
+    class Encoder < Struct.new(:session, :version, :amount, :target, :expires, :url, :user_data, :group)
+      def email
+        version_and_encode(nonce, partner_frame, body_frame) 
+      end
+
+      def site(remote_addr, headers)
+        version_and_encode(nonce, partner_frame, site_frame(remote_addr, headers), body_frame)
+      end
+
+      private
+      def version_and_encode(*frames)
+        "@#{version_tag}#{Base64.urlsafe_encode64(frames.join)}@"
+      ensure
+        @nonce = nil
+      end
+
+      def version_tag
+        version ? (Base64.urlsafe_encode64([version].pack("Q>")) + '~') : nil
+      end
+
+      def site_frame(remote_addr, headers)
+        message = boxer.box(nonce, Digest::SHA1.hexdigest([
+          headers["HTTP_USER_AGENT"],
+          headers["HTTP_ACCEPT_LANGUAGE"],
+          headers["HTTP_ACCEPT_CHARSET"],
+          remote_addr
+        ].join))
+
+        [[message.length].pack("l>"), message,
+          [remote_addr.length].pack("l>"), remote_addr].join
+      end
+
+      def partner_frame
+        [session.partner_id].pack("Q>")
+      end
+
+      def body_frame
+        boxer.box(nonce, crypted_frame)
+      end
+
+      def crypted_frame
+        [target_tag, options_group, '/', options_frame, '/', user_data].flatten.compact.join
+      end
+
+      def options_frame
+        [amount, expires].pack("g l>")
+      end
+
+      def options_group
+        ":#{group || SecureRandom.hex(5)}"
+      end
+
+      def target_tag
+        if target.is_a? EmailAddress
+          "email<#{target.address}>"
+        elsif target.is_a? Card
+          "card<#{target.token}>"
+        else
+          "url<#{self.url}>"
+        end
+      end
+
+      def boxer
+        RbNaCl::Box.new(session.atpay_public_key, Base64.decode64(session.private_key))
+      end
+
+      def nonce
+        @nonce ||= SecureRandom.random_bytes(24)
+      end
+    end
+  end
+end

data/lib/atpay/token/invoice.rb

@@ -0,0 +1,17 @@
+require 'atpay/token/core'
+require 'atpay/token/encoder'
+
+module AtPay
+  module Token
+    class Invoice < Core
+      def initialize(session, amount, email_address, custom_data={})
+        super
+
+        self.session               = session
+        self.amount                = amount
+        self.email_address         = email_address
+        self.user_data.custom_data = custom_data
+      end
+    end
+  end
+end

data/lib/atpay/token/registration.rb

@@ -0,0 +1,35 @@
+require 'httpi'
+
+module AtPay
+  module Token
+    class Registration < Struct.new(:session, :token)
+      def initialize(*args)
+        super(*args)
+        registration  # The registration should occur even if we don't access a url or id
+      end
+
+      def url
+        registration['url']
+      end
+
+      def id
+        registration['id']
+      end
+
+      def short
+        "atpay://#{id}"
+      end
+
+      private
+      def registration
+        @registration ||= (
+          request = HTTPI::Request.new("#{session.endpoint}/token/registrations")
+          request.body = { token: self.token }
+
+          response = HTTPI.post(request)
+          MultiJson.load(response.body)
+        )
+      end
+    end
+  end
+end

data/spec/button_spec.rb

@@ -0,0 +1,42 @@
+require 'spec_helper'
+require 'atpay/button'
+
+describe AtPay::Button do
+  let(:token) { 'xyz' }
+  let(:amount) { 20.00 }
+  let(:merchant_name) { 'Toys for Code' }
+  let(:yahoo_providers) { %w(test@yahoo.com test@ymail.com test@rocketmail.com) }
+  
+  it 'renders without exception' do
+    button = AtPay::Button.new(token, amount, merchant_name)
+    expect(button.render).to_not be_nil
+  end
+  
+  context 'when using a yahoo provider email address' do
+    it 'renders the wrap_yahoo template with the wrap' do
+      button = AtPay::Button.new(token, amount, merchant_name, wrap:true)
+      allow(button).to receive(:provider).and_return(:yahoo)
+      expect(button.send(:template_name)).to eq('wrap_yahoo.liquid')
+    end
+
+    it 'renders the yahoo template without the wrap' do
+      button = AtPay::Button.new(token, amount, merchant_name, wrap:false)
+      allow(button).to receive(:provider).and_return(:yahoo)
+      expect(button.send(:template_name)).to eq('yahoo.liquid')
+    end
+  end
+
+  context 'when using a standard email address' do
+    it 'renders the wrap_yahoo template with the wrap' do
+      button = AtPay::Button.new(token, amount, merchant_name, wrap:true)
+      allow(button).to receive(:provider).and_return(:default)
+      expect(button.send(:template_name)).to eq('wrap_default.liquid')
+    end
+
+    it 'renders the yahoo template without the wrap' do
+      button = AtPay::Button.new(token, amount, merchant_name, wrap:false)
+      allow(button).to receive(:provider).and_return(:default)
+      expect(button.send(:template_name)).to eq('default.liquid')
+    end
+  end
+end

data/spec/hook_spec.rb

@@ -0,0 +1,29 @@
+require 'spec_helper'
+require 'atpay'
+require 'multi_json'
+require 'securerandom'
+
+describe AtPay::Hook do
+  let(:partner_private_key)       { '1ED8952DAA4B863DA9EECDFBE8F1FA' }
+  let(:params)                    { { 'details' => details, 'signature' => signature } }
+  let(:details)                   { '{"type":"charge.sale","transaction":"XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX","partner":"XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX","balance":0.0,"unit_price":50.0,"quantity":1,"date":1373388625,"user":null,"card":"Yjc0YzA1ZDkxZFHbuNyMpQA=","email":"johnsmith@example.com","name":"John Smith","user_data":null,"referrer_context":"my-data-ref-50"}' }
+  let(:signature)                 { '28b91cf0482304c6bfe36fc2b84d2c50867a3e05' }
+
+  context 'when the signature is invalid' do
+    it 'should raise an exception' do
+      session = AtPay::Session.new('', '', '1234BADKEY')
+
+      expect {
+        AtPay::Hook.new(session, params)
+      }.to raise_error(AtPay::InvalidSignatureError)
+    end
+  end
+
+  context 'when the signature is valid' do
+    it 'make the details available' do
+      session = AtPay::Session.new('', '', partner_private_key)
+      hook = AtPay::Hook.new(session, params)
+      expect(hook.details).to be_a_kind_of(Hash)
+    end
+  end
+end