boomerang 0.0.1

data/lib/boomerang.rb

@@ -0,0 +1,132 @@
+require "erb"
+require "net/https"
+require "openssl"
+require "rexml/document"
+require "uri"
+
+require "boomerang/errors"
+require "boomerang/utilities"
+require "boomerang/signature"
+require "boomerang/api_call"
+require "boomerang/response"
+
+class Boomerang
+  VERSION   = "0.0.1"
+  ENDPOINTS = { cbui:         "https://authorize.payments.amazon.com/" +
+                              "cobranded-ui/actions/start",
+                cbui_sandbox: "https://authorize.payments-sandbox.amazon.com/" +
+                              "cobranded-ui/actions/start",
+                fps:          "https://fps.amazonaws.com",
+                fps_sandbox:  "https://fps.sandbox.amazonaws.com" }
+  PIPELINES = %w[ SingleUse     MultiUse Recurring Recipient SetupPrepaid
+                  SetupPostpaid EditToken ]
+  
+  def initialize(access_key_id, secret_access_key, use_sandbox)
+    @access_key_id     = access_key_id
+    @secret_access_key = secret_access_key
+    @use_sandbox       = use_sandbox
+  end
+  
+  def use_sandbox?
+    @use_sandbox
+  end
+  alias_method :using_sandbox?, :use_sandbox?
+  
+  def cbui_form(pipeline, parameters)
+    submit_tag = parameters.delete(:submit_tag) || %Q{<input type="submit">}
+    pipeline   = Utilities.CamelCase(pipeline)
+    parameters = Utilities.camelCase(parameters).merge(
+      "version"      => "2009-01-09",
+      "pipelineName" => pipeline
+    )
+    fail ArgumentError, "parameters must be a Hash" unless parameters.is_a? Hash
+    unless PIPELINES.include? pipeline
+      choices = "#{PIPELINES[0..-2].join(', ')}, or #{PIPELINES[-1]}"
+      fail ArgumentError, "pipline must be one of #{choices}"
+    end
+    unless parameters["returnUrl"]
+      fail ArgumentError, "returnUrl is a required parameter"
+    end
+    required_fields = case pipeline
+                      when "Recipient"
+                        %w[callerReference recipientPaysFee]
+                      when "Recurring"
+                        %w[callerReference recurringPeriod transactionAmount]
+                      end
+    required_fields.each do |required_field|
+      unless parameters[required_field]
+        fail ArgumentError, "#{required_field} is a required parameter"
+      end
+    end
+    
+    url        = ENDPOINTS[use_sandbox? ? :cbui_sandbox : :cbui]
+    signature  = Signature.new("GET", url, parameters)
+    signature.sign(@access_key_id, @secret_access_key)
+    
+    form = %Q{<form action="#{url}" method="GET">}
+    signature.signed_fields.each do |name, value|
+      form << %Q{<input type="hidden" } +
+              %Q{name="#{ERB::Util.h name}" value="#{ERB::Util.h value}">}
+    end
+    form << %Q{#{submit_tag}</form>}
+  end
+  
+  def pay(parameters)
+    %w[marketplace_fixed_fee transaction_amount].each do |amount|
+      if dollars = parameters.delete(amount.to_sym)
+        parameters["#{amount}.currency_code"] = "USD"
+        parameters["#{amount}.value"]         = dollars
+      end
+    end
+    parameters = Utilities.CamelCase(parameters)
+    %w[ CallerReference SenderTokenId TransactionAmount.CurrencyCode
+        TransactionAmount.Value ].each do |required_field|
+      unless parameters[required_field]
+        fail ArgumentError, "#{required_field} is a required parameter"
+      end
+    end
+    
+    call = APICall.new( ENDPOINTS[use_sandbox? ? :fps_sandbox : :fps],
+                        :pay,
+                        parameters )
+    call.sign(@access_key_id, @secret_access_key)
+
+    Response.new(call.response)
+            .parse( "/xmlns:PayResponse/",
+                    "PayResult/TransactionId",
+                    "PayResult/TransactionStatus",
+                    "ResponseMetadata/RequestId" )
+  end
+  
+  def get_transaction_status(transaction_id)
+    call = APICall.new( ENDPOINTS[use_sandbox? ? :fps_sandbox : :fps],
+                        :get_transaction_status,
+                        transaction_id: transaction_id )
+    call.sign(@access_key_id, @secret_access_key)
+
+    Response.new(call.response)
+            .parse( "/xmlns:GetTransactionStatusResponse/",
+                    "GetTransactionStatusResult/TransactionId",
+                    "GetTransactionStatusResult/TransactionStatus",
+                    "GetTransactionStatusResult/CallerReference",
+                    "GetTransactionStatusResult/StatusCode",
+                    "GetTransactionStatusResult/StatusMessage",
+                    "ResponseMetadata/RequestId" )
+  end
+  
+  def verify_signature?(url, parameters)
+    parameters = parameters.is_a?(Hash) ? Utilities.build_query(parameters) :
+                                          parameters.to_s
+
+    call = APICall.new( ENDPOINTS[use_sandbox? ? :fps_sandbox : :fps],
+                        :verify_signature,
+                        url_end_point:   url,
+                        http_parameters: parameters )
+
+    parsed = Response.new(call.response)
+                     .parse( "/xmlns:VerifySignatureResponse/",
+                             "VerifySignatureResult/VerificationStatus",
+                             "ResponseMetadata/RequestId" )
+    parsed[:verification_status] == "Success"
+  end
+end

data/lib/boomerang/api_call.rb

@@ -0,0 +1,66 @@
+class Boomerang
+  class APICall
+    CA_PATH = File.join(File.dirname(__FILE__), *%w[.. .. data ca-bundle.crt])
+    
+    def initialize(host, action, parameters)
+      @host       = host
+      @parameters = Utilities.CamelCase(parameters)
+                             .merge( "Action"  => Utilities.CamelCase(action),
+                                     "Version" => "2008-09-17" )
+    end
+    
+    def sign(access_key_id, secret_access_key)
+      signature = Signature.new("GET", @host, @parameters)
+      signature.sign(access_key_id, secret_access_key)
+      @parameters = signature.signed_fields
+    end
+    
+    def response
+      url               = "#{@host}/?#{Utilities.build_query(@parameters)}"
+      uri               = URI.parse(url)
+      http              = Net::HTTP.new(uri.host, uri.port)
+      http.use_ssl      = true
+      http.ca_file      = CA_PATH
+      http.verify_mode  = OpenSSL::SSL::VERIFY_PEER
+      http.verify_depth = 5
+      
+      begin
+        response = http.start { |session|
+          get    = Net::HTTP::Get.new("#{uri.path}?#{uri.query}")
+          if (response = session.request(get)).is_a? Net::HTTPSuccess
+            begin
+              response.body
+            rescue StandardError => error
+              fail wrap_error( "HTTP",
+                               "#{error.message} (#{error.class.name})",
+                               http_response:  response,
+                               original_error: error )
+            end
+          else
+            fail wrap_error( "HTTP",
+                             "#{response.message} (#{response.class.name})",
+                             http_response: response )
+          end
+        }
+      rescue Errors::HTTPError
+        fail  # pass through already wrapped errors
+      rescue StandardError => error
+        fail wrap_error( "Connection",
+                         "#{error.message} (#{error.class.name})",
+                         original_error: error )
+      end
+    end
+    
+    #######
+    private
+    #######
+    
+    def wrap_error(base, message, additional_fields)
+      wrapped_error = Errors.const_get("#{base}Error").new(message)
+      additional_fields.each do |field_name, field_data|
+        wrapped_error.send("#{field_name}=", field_data)
+      end
+      wrapped_error
+    end
+  end
+end

data/lib/boomerang/errors.rb

@@ -0,0 +1,23 @@
+class Boomerang
+  module Errors
+    class BoomerangError < RuntimeError
+      # do nothing:  just creating a base error type
+    end
+    
+    class ConnectionError < BoomerangError
+      attr_accessor :original_error
+    end
+    
+    class HTTPError < BoomerangError
+      attr_accessor :http_response, :original_error
+    end
+
+    class AWSError < BoomerangError
+      attr_accessor :other_errors, :request_id
+    end
+    
+    def self.const_missing(error_name)  # :nodoc:
+      const_set(error_name, Class.new(AWSError))
+    end
+  end
+end

data/lib/boomerang/response.rb

@@ -0,0 +1,43 @@
+class Boomerang
+  class Response
+    def initialize(body)
+      @body = body
+    end
+    
+    def parse(prefix, *elements)
+      xml = REXML::Document.new(@body)
+      parse_and_fail_with_errors_if_any(xml)
+      parse_response(xml, prefix, elements)
+    end
+    
+    #######
+    private
+    #######
+    
+    def parse_and_fail_with_errors_if_any(xml)
+      errors = [ ]
+      xml.elements.each("/Response/Errors/Error") do |error|
+        if (code    = error.elements["Code"]) and
+           (message = error.elements["Message"])
+          errors << Errors.const_get(code.text).new(message.text)
+        end
+      end
+      unless errors.empty?
+        first_error              = errors.first
+        first_error.other_errors = Array(errors[1..-1])
+        if node = xml.elements["/Response/RequestID"]
+          first_error.request_id = node.text
+        end
+        fail first_error
+      end
+    end
+    
+    def parse_response(xml, prefix, elements)
+      Hash[ elements.map { |field|
+        if node = xml.elements["#{prefix}#{field}"]
+          [Utilities.snake_case(field[/\w+\z/]).to_sym, node.text]
+        end
+      }.compact ]
+    end
+  end
+end

data/lib/boomerang/signature.rb

@@ -0,0 +1,77 @@
+class Boomerang
+  class Signature
+    SHA1_ALGORITHM   = OpenSSL::Digest::Digest.new("sha1")
+    SHA256_ALGORITHM = OpenSSL::Digest::Digest.new("sha256")
+    
+    def initialize(http_verb, url, parameters, algorithm = SHA256_ALGORITHM)
+      @fps        = !!(url =~ /\bfps\b/)
+      @http_verb  = http_verb
+      @url        = URI.parse(url)
+      @parameters = parameters.merge(
+        Utilities.camel_case(
+          { :signature_version => "2",
+            :signature_method  => algorithm == SHA256_ALGORITHM ?
+                                  "HmacSHA256"                  :
+                                  "HmacSHA1" },
+          fps?
+        )
+      )
+      if fps?
+        @parameters["Timestamp"] = Time.now.utc.strftime("%Y-%m-%dT%H:%M:%SZ")
+      end
+      @algorithm  = algorithm
+      @signature  = nil
+    end
+    
+    def sign(access_key_id, secret_access_key)
+      @parameters[ fps? ? "AWSAccessKeyId" :
+                          "callerKey" ] = access_key_id
+      @signature                        = hash(secret_access_key)
+    end
+    
+    def signed_fields
+      @parameters.merge(Utilities.camel_case(:signature, fps?) => @signature)
+    end
+    
+    #######
+    private
+    #######
+    
+    def fps?
+      @fps
+    end
+    
+    def canonicalized_query_string
+      @parameters.keys
+                 .map(&Utilities.method(:utf8))
+                 .sort
+                 .map { |name| [
+                   Utilities.url_encode(name),
+                   Utilities.url_encode(Utilities.utf8(@parameters[name]))
+                 ].join("=") }
+                 .join("&")
+    end
+    
+    def value_of_host_header_in_lowercase
+      @url.host
+    end
+    
+    def http_request_uri
+      path = @url.path
+      path.nil? || path.empty? ? "/" : path
+    end
+    
+    def string_to_sign
+      [ @http_verb,
+        value_of_host_header_in_lowercase,
+        http_request_uri,
+        canonicalized_query_string ].join("\n")
+    end
+    
+    def hash(secret_access_key)
+      [ OpenSSL::HMAC.digest( @algorithm,
+                              secret_access_key,
+                              string_to_sign ) ].pack("m").chomp
+    end
+  end
+end

data/lib/boomerang/utilities.rb

@@ -0,0 +1,45 @@
+class Boomerang
+  module Utilities
+    extend self
+    
+    def camel_case(hash_or_string, first_cap = true)
+      if hash_or_string.is_a? Hash
+        Hash[hash_or_string.map { |k, v| [camel_case(k, first_cap), v]}]
+      else
+        string = hash_or_string.to_s
+        string = string.gsub(/(\A|\.)[a-z]/) { $&.upcase } if first_cap
+        string.gsub(/_([a-z])/) { $1.upcase }
+      end
+    end
+    alias_method :CamelCase, :camel_case
+    def camelCase(hash_or_string, first_cap = false)
+      camel_case(hash_or_string, first_cap)
+    end
+    
+    def snake_case(hash_or_string)
+      if hash_or_string.is_a? Hash
+        Hash[hash_or_string.map { |k, v| [snake_case(k), v]}]
+      else
+        hash_or_string.to_s
+                      .gsub(/([a-z])([A-Z])/) { "#{$1}_#{$2.downcase}" }
+                      .downcase
+      end
+    end
+    
+    def utf8(string)
+      string.to_s.encode(Encoding::UTF_8)
+    end
+    
+    def url_encode(string)
+      string.chars
+            .map { |char| char =~ /\A[-A-Za-z0-9_.~]\z/ ?
+                          char                          :
+                          char.bytes.map { |byte| "%%%02X" % byte }.join }
+            .join
+    end
+    
+    def build_query(parameters)
+      parameters.map { |k, v| "#{url_encode k}=#{url_encode v}" }.join("&")
+    end
+  end
+end

metadata

@@ -0,0 +1,80 @@
+--- !ruby/object:Gem::Specification 
+name: boomerang
+version: !ruby/object:Gem::Version 
+  prerelease: false
+  segments: 
+  - 0
+  - 0
+  - 1
+  version: 0.0.1
+platform: ruby
+authors: 
+- James Edward Gray II
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2011-03-06 00:00:00 -06:00
+default_executable: 
+dependencies: []
+
+description: A library for working with Amazon.com's FPS API. The code is especially intended for "marketplace applications."
+email: 
+- james@graysoftinc.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: []
+
+files: 
+- .gitignore
+- .rvmrc
+- README.markdown
+- Rakefile
+- boomerang.gemspec
+- data/ca-bundle.crt
+- lib/boomerang.rb
+- lib/boomerang/api_call.rb
+- lib/boomerang/errors.rb
+- lib/boomerang/response.rb
+- lib/boomerang/signature.rb
+- lib/boomerang/utilities.rb
+has_rdoc: true
+homepage: https://github.com/okrb/boomerang
+licenses: []
+
+post_install_message: 
+rdoc_options: []
+
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ~>
+    - !ruby/object:Gem::Version 
+      segments: 
+      - 1
+      - 9
+      - 2
+      version: 1.9.2
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ~>
+    - !ruby/object:Gem::Version 
+      segments: 
+      - 1
+      - 3
+      - 7
+      version: 1.3.7
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.7
+signing_key: 
+specification_version: 3
+summary: A Ruby library wrapping Amazon.com's FPS API.
+test_files: []
+