bitpay-sdk 2.1.0

data/lib/bitpay/client.rb

@@ -0,0 +1,181 @@
+# license Copyright 2011-2014 BitPay, Inc., MIT License
+# see http://opensource.org/licenses/MIT
+# or https://github.com/bitpay/php-bitpay-client/blob/master/LICENSE
+
+require 'uri'
+require 'net/https'
+require 'json'
+
+require_relative 'key_utils'
+
+module BitPay
+  # This class is used to instantiate a BitPay Client object. It is expected to be thread safe.
+  #
+  class Client
+    
+
+    # @return [Client]
+    # @example
+    #  # Create a client with a pem file created by the bitpay client:
+    #  client = BitPay::Client.new
+    def initialize(opts={})
+      @pem               = opts[:pem] || ENV['BITPAY_PEM'] || KeyUtils.generate_pem 
+      @key               = KeyUtils.create_key @pem
+      @priv_key          = KeyUtils.get_private_key @key
+      @pub_key           = KeyUtils.get_public_key @key
+      @client_id         = KeyUtils.generate_sin_from_pem @pem
+      @uri               = URI.parse opts[:api_uri] || API_URI
+      @user_agent        = opts[:user_agent] || USER_AGENT
+      @https             = Net::HTTP.new @uri.host, @uri.port
+      @https.use_ssl     = true
+      @https.ca_file     = CA_FILE
+      @tokens            = opts[:tokens] || {}
+
+      # Option to disable certificate validation in extraordinary circumstance.  NOT recommended for production use
+      @https.verify_mode = opts[:insecure] == true ? OpenSSL::SSL::VERIFY_NONE : OpenSSL::SSL::VERIFY_PEER
+      
+      # Option to enable http request debugging
+      @https.set_debug_output($stdout) if opts[:debug] == true
+
+    end
+
+    def pair_pos_client(claimCode)
+      raise BitPay::ArgumentError, "pairing code is not legal" unless verify_claim_code(claimCode)
+      response = set_pos_token(claimCode)
+      get_token 'pos'
+      response
+    end
+
+    def create_invoice(price:, currency:, facade: 'pos', params:{})
+      raise BitPay::ArgumentError, "Illegal Argument: Price must be formatted as a float" unless ( price.is_a?(Numeric) || /^[[:digit:]]+(\.[[:digit:]]{2})?$/.match(price) )
+      raise BitPay::ArgumentError, "Illegal Argument: Currency is invalid." unless /^[[:upper:]]{3}$/.match(currency)
+      params.merge!({price: price, currency: currency})
+      response = send_request("POST", "invoices", facade: facade, params: params)
+      response["data"]
+    end
+
+    def get_public_invoice(id:)
+      request = Net::HTTP::Get.new("/invoices/#{id}")
+      response = process_request(request)
+      response["data"]
+    end
+    
+    def set_token
+    end
+
+    def verify_token
+      server_tokens = load_tokens
+      @tokens.each{|key, value| return false if server_tokens[key] != value}
+      return true
+    end
+    ## Generates REST request to api endpoint
+
+    def send_request(verb, path, facade: 'merchant', params: {}, token: nil)
+      token ||= get_token(facade)
+
+      # Verb-specific logic
+      case verb.upcase
+        when "GET"
+          urlpath = '/' + path + '?nonce=' + KeyUtils.nonce + '&token=' + token
+          request = Net::HTTP::Get.new urlpath
+          request['X-Signature'] = KeyUtils.sign(@uri.to_s + urlpath, @priv_key)
+
+        when "PUT"
+
+        when "POST"  # Requires a GUID
+
+          urlpath = '/' + path
+          request = Net::HTTP::Post.new urlpath
+          params[:token] = token
+          params[:nonce] = KeyUtils.nonce
+          params[:guid]  = SecureRandom.uuid
+          params[:id] = @client_id
+          request.body = params.to_json
+          request['X-Signature'] = KeyUtils.sign(@uri.to_s + urlpath + request.body, @priv_key)
+
+        when "DELETE"
+       
+          raise(BitPayError, "Invalid HTTP verb: #{verb.upcase}")
+      end
+
+      # Build request headers and submit
+      request['X-Identity'] = @pub_key
+ 
+      response = process_request(request)
+    end
+
+##### PRIVATE METHODS #####
+    private
+
+    ## Processes HTTP Request and returns parsed response
+    # Otherwise throws error
+    #
+    def process_request(request)
+
+      request['User-Agent'] = @user_agent
+      request['Content-Type'] = 'application/json'
+      request['X-BitPay-Plugin-Info'] = 'Rubylib' + VERSION
+
+      begin
+        response = @https.request request
+      rescue => error
+        raise BitPay::ConnectionError, "#{error.message}"
+      end
+
+      if response.kind_of? Net::HTTPSuccess
+        return JSON.parse(response.body)
+      elsif JSON.parse(response.body)["error"]
+        raise(BitPayError, "#{response.code}: #{JSON.parse(response.body)['error']}")
+      else
+        raise BitPayError, "#{response.code}: #{JSON.parse(response.body)}"
+      end
+        
+    end
+
+    ## Requests token by appending nonce and signing URL
+    #  Returns a hash of available tokens
+    #
+    def load_tokens
+
+      urlpath = '/tokens?nonce=' + KeyUtils.nonce
+
+      request = Net::HTTP::Get.new(urlpath)
+      request['x-identity'] = @pub_key
+      request['x-signature'] = KeyUtils.sign(@uri.to_s + urlpath, @priv_key)
+
+      response = process_request(request)
+
+      token_array = response["data"] || {}
+
+      tokens = {}
+      token_array.each do |t|
+        tokens[t.keys.first] = t.values.first
+      end
+
+      @tokens = tokens
+      return tokens
+
+    end
+
+    ## Retrieves specified token from hash, otherwise tries to refresh @tokens and retry
+    def set_pos_token(claim_code)
+      params = {pairingCode: claim_code}
+      urlpath = '/tokens'
+      request = Net::HTTP::Post.new urlpath
+      params[:guid] = SecureRandom.uuid
+      params[:id] = @client_id
+      request.body = params.to_json
+      process_request(request)
+    end
+
+    def get_token(facade)
+      token = @tokens[facade] || load_tokens[facade] || raise(BitPayError, "Not authorized for facade: #{facade}")
+    end
+
+    def verify_claim_code(claim_code)
+      regex = /^[[:alnum:]]{7}$/
+      matches = regex.match(claim_code)
+      !(matches.nil?)
+    end
+  end
+end

data/lib/bitpay/key_utils.rb

@@ -0,0 +1,130 @@
+# license Copyright 2011-2014 BitPay, Inc., MIT License
+# see http://opensource.org/licenses/MIT
+# or https://github.com/bitpay/php-bitpay-client/blob/master/LICENSE
+
+require 'uri'
+require 'net/https'
+require 'json'
+require 'openssl'
+require 'ecdsa'
+require 'securerandom'
+require 'digest/sha2'
+require 'cgi'
+
+module BitPay
+  class KeyUtils
+    class << self
+      def nonce
+        Time.now.utc.strftime('%Y%m%d%H%M%S%L')
+      end
+
+      ## Generates a new private key 
+      #
+
+      def generate_pem
+        key = OpenSSL::PKey::EC.new("secp256k1")
+        key.generate_key
+        key.to_pem
+      end
+
+      def create_key pem
+        OpenSSL::PKey::EC.new(pem)
+      end
+
+      def create_new_key
+        key = OpenSSL::PKey::EC.new("secp256k1")
+        key.generate_key
+        key
+      end
+
+      ## Gets private key from ENV variable or local FS
+      #
+      def get_local_pem_file
+        ENV['BITPAY_PEM'] || (raise BitPayError, MISSING_KEY)
+      end
+    
+      def get_private_key key
+        key.private_key.to_int.to_s(16)
+      end
+
+      def get_public_key key 
+        key.public_key.group.point_conversion_form = :compressed
+        key.public_key.to_bn.to_s(16).downcase
+      end
+
+      def get_private_key_from_pem pem
+        raise BitPayError, "Missing key" unless pem
+        key = OpenSSL::PKey::EC.new(pem)
+        get_private_key key
+      end
+
+      def get_public_key_from_pem pem
+        raise BitPayError, MISSING_KEY unless pem
+        key = OpenSSL::PKey::EC.new(pem)
+        get_public_key key
+      end
+
+      def generate_sin_from_pem(pem = nil)
+        #http://blog.bitpay.com/2014/07/01/bitauth-for-decentralized-authentication.html
+        #https://en.bitcoin.it/wiki/Identity_protocol_v1
+
+        # NOTE:  All Digests are calculated against the binary representation, 
+        # hence the requirement to use [].pack("H*") to convert to binary for each step
+        
+        #Generate Private Key
+        key = OpenSSL::PKey::EC.new(pem ||= get_local_pem_file)
+        key.public_key.group.point_conversion_form = :compressed
+        public_key = key.public_key.to_bn.to_s(2)
+        step_one = Digest::SHA256.hexdigest(public_key)
+        step_two = Digest::RMD160.hexdigest([step_one].pack("H*")) 
+        step_three = "0F02" + step_two
+        step_four_a = Digest::SHA256.hexdigest([step_three].pack("H*"))
+        step_four = Digest::SHA256.hexdigest([step_four_a].pack("H*"))
+        step_five = step_four[0..7]
+        step_six = step_three + step_five
+        encode_base58(step_six)
+      end
+      
+      
+    ## Generate ECDSA signature
+    #  This is the last method that requires the ecdsa gem, which we would like to replace
+
+      def sign(message, privkey)
+        group = ECDSA::Group::Secp256k1
+        digest = Digest::SHA256.digest(message)
+        signature = nil
+        while signature.nil?
+          temp_key = 1 + SecureRandom.random_number(group.order - 1)
+          signature = ECDSA.sign(group, privkey.to_i(16), digest, temp_key)
+          return ECDSA::Format::SignatureDerString.encode(signature).unpack("H*").first
+        end
+      end
+  
+########## Private Class Methods ################
+
+    ## Base58 Encoding Method
+    #
+      private
+      def encode_base58 (data) 
+        code_string = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz"
+        base = 58
+        x = data.hex
+        output_string = ""
+        
+        while x > 0 do
+          remainder = x % base
+          x = x / base
+          output_string << code_string[remainder]
+        end
+
+        pos = 0
+        while data[pos,2] == "00" do
+          output_string << code_string[0]
+          pos += 2
+        end
+
+       output_string.reverse()
+      end
+    end
+  end
+end

data/lib/bitpay/version.rb

@@ -0,0 +1,7 @@
+# license Copyright 2011-2014 BitPay, Inc., MIT License
+# see http://opensource.org/licenses/MIT
+# or https://github.com/bitpay/php-bitpay-client/blob/master/LICENSE
+
+module BitPay
+  VERSION = '2.1.0'
+end

data/lib/harness.rb

@@ -0,0 +1,40 @@
+# license Copyright 2011-2014 BitPay, Inc., MIT License
+# see http://opensource.org/licenses/MIT
+# or https://github.com/bitpay/php-bitpay-client/blob/master/LICENSE
+
+require_relative 'bitpay.rb'
+require_relative 'bitpay/key_utils.rb'
+
+# Test SIN Generation class methods
+
+# Generate SIN
+ENV["PRIV_KEY"] = "16d7c3508ec59773e71ae728d29f41fcf5d1f380c379b99d68fa9f552ce3ebc3"
+puts "privkey: #{ENV['PRIV_KEY']}"
+puts "target SIN: TfFVQhy2hQvchv4VVG4c7j4XPa2viJ9HrR8"
+puts "Derived SIN: #{BitPay::KeyUtils.get_client_id}"
+
+puts "\n\n------------------\n\n"
+
+uri = "https://localhost:8088"
+#name = "Ridonculous.label That shouldn't work really"
+name = "somethinginnocuous"
+facade = "pos"
+client_id = BitPay::KeyUtils.get_client_id
+
+BitPay::KeyUtils.generate_registration_url(uri,name,facade,client_id)
+
+puts "\n\n------------------\n\n"
+
+#### Test Invoice Creation using directly assigned keys 
+## (Ultimately pubkey and SIN should be derived)
+
+ENV["PRIV_KEY"] = "16d7c3508ec59773e71ae728d29f41fcf5d1f380c379b99d68fa9f552ce3ebc3"
+#ENV["pub_key"] = "0353a036fb495c5846f26a3727a28198da8336ae4f5aaa09e24c14a4126b5d969d"
+#ENV['SIN'] = "TfFVQhy2hQvchv4VVG4c7j4XPa2viJ9HrR8"
+
+client = BitPay::Client.new({insecure: true, debug: false})
+
+invoice = client.post 'invoices', {:price => 10.00, :currency => 'USD'}
+
+puts "Here's the invoice: \n" + JSON.pretty_generate(invoice)
+

data/spec/client_spec.rb

@@ -0,0 +1,124 @@
+require 'spec_helper'
+
+def tokens
+    {"data" => 
+      [{"merchant" => "MERCHANTTOKEN"},
+      {"pos" =>"POSTOKEN"},
+      {"merchant/invoice" => "9kv7gGqZLoQ2fxbKEgfgndLoxwjp5na6VtGSH3sN7buX"}
+      ]
+    }
+end
+
+describe BitPay::Client do
+  let(:bitpay_client) { BitPay::Client.new({api_uri: BitPay::TEST_API_URI}) }
+  let(:claim_code) { "a12bc3d" }
+
+  before do
+      allow(BitPay::KeyUtils).to receive(:nonce).and_return('1')
+      stub_request(:get, /#{BitPay::TEST_API_URI}\/tokens.*/).to_return(:status => 200, :body => tokens.to_json, :headers => {})
+  end
+
+  describe "#initialize" do
+
+    it 'should be able to get pem file from the env' do
+      stub_const('ENV', {'BITPAY_PEM' => PEM})
+      expect {bitpay_client}.to_not raise_error
+    end
+    
+  end
+
+  describe "#send_request" do
+    before do
+      stub_const('ENV', {'BITPAY_PEM' => PEM})
+    end
+
+    context "GET" do    
+      it 'should generate a get request' do
+        stub_request(:get, /#{BitPay::TEST_API_URI}\/whatever.*/).to_return(:body => '{"awesome": "json"}')
+        bitpay_client.send_request("GET", "whatever", facade: "merchant")
+        expect(WebMock).to have_requested(:get, "#{BitPay::TEST_API_URI}/whatever?nonce=1&token=MERCHANTTOKEN") 
+      end
+    end
+
+    context "POST" do
+        it 'should generate a post request' do
+          stub_request(:post, /#{BitPay::TEST_API_URI}.*/).to_return(:body => '{"awesome": "json"}')
+          bitpay_client.send_request("POST", "whatever", facade: "merchant")
+          expect(WebMock).to have_requested(:post, "#{BitPay::TEST_API_URI}/whatever")
+        end
+    end
+
+  end
+
+  describe "#pair_pos_client" do
+    before do
+      stub_const('ENV', {'BITPAY_PEM' => PEM})
+    end
+
+    it 'throws a BitPayError with the error message if the token setting fails' do
+      stub_request(:any, /#{BitPay::TEST_API_URI}.*/).to_return(status: 500, body: "{\n  \"error\": \"Unable to create token\"\n}")
+      expect { bitpay_client.pair_pos_client(claim_code) }.to raise_error(BitPay::BitPayError, '500: Unable to create token')
+    end 
+
+    it 'gracefully handles 4xx errors' do
+      stub_request(:any, /#{BitPay::TEST_API_URI}.*/).to_return(status: 403, body: "{\n  \"error\": \"this is a 403 error\"\n}")
+      expect { bitpay_client.pair_pos_client(claim_code) }.to raise_error(BitPay::BitPayError, '403: this is a 403 error')
+    end
+
+    it 'short circuits on invalid pairing codes' do
+      100.times do
+        claim_code = an_illegal_claim_code
+        expect{bitpay_client.pair_pos_client(claim_code)}.to raise_error BitPay::ArgumentError, "pairing code is not legal"
+      end
+    end
+  end
+
+  describe "#create_invoice" do
+    subject { bitpay_client }
+    before {stub_const('ENV', {'BITPAY_PEM' => PEM})}
+    it { is_expected.to respond_to(:create_invoice) }
+
+    describe "should make the call to the server to create an invoice" do
+      it 'allows numeric input for the price' do
+        stub_request(:post, /#{BitPay::TEST_API_URI}\/invoices.*/).to_return(:body => '{"data": "awesome"}')
+        bitpay_client.create_invoice(price: 20.00, currency: "USD")
+        assert_requested :post, "#{BitPay::TEST_API_URI}/invoices"
+      end
+
+      it 'allows string input for the price' do
+        stub_request(:post, /#{BitPay::TEST_API_URI}\/invoices.*/).to_return(:body => '{"data": "awesome"}')
+        bitpay_client.create_invoice(price: "20.00", currency: "USD")
+        assert_requested :post, "#{BitPay::TEST_API_URI}/invoices"
+      end
+    end
+
+    it 'should pass through the API error message from load_tokens' do
+      stub_request(:get, /#{BitPay::TEST_API_URI}\/tokens.*/).to_return(status: 500, body: '{"error": "load_tokens_error"}')
+      expect { bitpay_client.create_invoice(price: 20, currency: "USD") }.to raise_error(BitPay::BitPayError, '500: load_tokens_error')         
+    end
+
+    it 'verifies the validity of the price argument' do
+      expect { bitpay_client.create_invoice(price: "3,999", currency: "USD") }.to raise_error(BitPay::ArgumentError, 'Illegal Argument: Price must be formatted as a float')
+    end
+    
+    it 'verifies the validity of the currency argument' do
+      expect { bitpay_client.create_invoice(price: "3999", currency: "UASD") }.to raise_error(BitPay::ArgumentError, 'Illegal Argument: Currency is invalid.')
+    end
+  end
+
+  describe '#set_token' do
+    subject { bitpay_client }
+    before {stub_const('ENV', {'BITPAY_PEM' => PEM})}
+    it { is_expected.to respond_to(:set_token) }
+    it 'sets a token in the client' do
+
+    end
+  end
+
+  describe "#verify_token" do
+    subject { bitpay_client }
+    before {stub_const('ENV', {'BITPAY_PEM' => PEM})}
+    it { is_expected.to respond_to(:verify_token) }
+  end
+end
+