braintree 2.30.0 → 2.30.2

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 8344ccd108c80b288f1aa06fe5ba464b7b30fc72
+  data.tar.gz: 1f31b8e13d92045c7f195764aff85bf54d0e822f
+SHA512:
+  metadata.gz: 1433ff6de818797a42e80d011fb76cbb8365e7b83f2071c2c8f8f9855bc1f9acee30c3a133f0d804453e1695345bcdd44c74248438730876017e67dac1279b9f
+  data.tar.gz: c2c7febb1f2827454eb232ed952e03500d0fb720dec58234cdbfe36b0c72b387065cc5fb8b968928f19788ff18a82497bbbeb1acf670598b2eb5d9a61ec71e07

data/LICENSE

@@ -1,4 +1,4 @@
-Copyright (c) 2009-2010 Braintree Payment Solutions
+Copyright (c) 2009-2014 Braintree, a division of PayPal, Inc.
 
 Permission is hereby granted, free of charge, to any person
 obtaining a copy of this software and associated documentation

data/lib/braintree.rb

@@ -22,10 +22,12 @@ require "braintree/modification"
 
 require "braintree/add_on"
 require "braintree/add_on_gateway"
-require "braintree/address/country_names"
 require "braintree/address"
+require "braintree/address/country_names"
 require "braintree/address_gateway"
 require "braintree/advanced_search"
+require "braintree/client_token"
+require "braintree/client_token_gateway"
 require "braintree/configuration"
 require "braintree/credit_card"
 require "braintree/credit_card_gateway"
@@ -56,6 +58,8 @@ require "braintree/plan_gateway"
 require "braintree/settlement_batch_summary"
 require "braintree/settlement_batch_summary_gateway"
 require "braintree/resource_collection"
+require "braintree/sha256_digest"
+require "braintree/signature_service"
 require "braintree/subscription"
 require "braintree/subscription_gateway"
 require "braintree/subscription_search"

data/lib/braintree/client_token.rb

@@ -0,0 +1,18 @@
+require 'json'
+
+module Braintree
+  module ClientToken
+    def self.generate(options={})
+      _validate_options(options)
+      Configuration.gateway.client_token.generate(options)
+    end
+
+    def self._validate_options(options)
+      [:make_default, :fail_on_duplicate_payment_method, :verify_card].each do |credit_card_option|
+        if options[credit_card_option]
+          raise ArgumentError.new("cannot specify #{credit_card_option} without a customer_id") unless options[:customer_id]
+        end
+      end
+    end
+  end
+end

data/lib/braintree/client_token_gateway.rb

@@ -0,0 +1,30 @@
+module Braintree
+  class ClientTokenGateway
+    def initialize(gateway)
+      @gateway = gateway
+      @config = gateway.config
+    end
+
+    def generate(options={})
+      params = nil
+      if options
+        Util.verify_keys(ClientTokenGateway._generate_signature, options)
+        params = {:client_token => options}
+      end
+      result = @config.http.post("/client_token", params)
+
+      if result[:client_token]
+        result[:client_token][:value]
+      else
+        raise ArgumentError, result[:api_error_response][:message]
+      end
+    end
+
+    def self._generate_signature # :nodoc:
+      [
+        :customer_id, :proxy_merchant_id,
+        {:options => [:make_default, :verify_card, :fail_on_duplicate_payment_method]}
+      ]
+    end
+  end
+end

data/lib/braintree/configuration.rb

@@ -48,6 +48,14 @@ module Braintree
       @logger ||= _default_logger
     end
 
+    def self.signature_service
+      instantiate.signature_service
+    end
+
+    def self.sha256_signature_service
+      instantiate.sha256_signature_service
+    end
+
     def initialize(options = {})
       [:endpoint, :environment, :public_key, :private_key, :custom_user_agent, :logger].each do |attr|
         instance_variable_set "@#{attr}", options[attr]
@@ -110,6 +118,19 @@ module Braintree
       end
     end
 
+    def auth_url
+      case @environment
+      when :development
+        "http://auth.venmo.dev:9292"
+      when :production
+        "https://auth.venmo.com"
+      when :qa
+        "https://auth.venmo.qa2.braintreegateway.com"
+      when :sandbox
+        "https://auth.venmo.sandbox.braintreegateway.com"
+      end
+    end
+
     def ssl? # :nodoc:
       case @environment
       when :development
@@ -133,5 +154,13 @@ module Braintree
     def inspect
       super.gsub(/@private_key=\".*\"/, '@private_key="[FILTERED]"')
     end
+
+    def signature_service
+      @signature_service ||= SignatureService.new(@private_key)
+    end
+
+    def sha256_signature_service
+      @sha256_signature_service ||= SignatureService.new(@private_key, SHA256Digest)
+    end
   end
 end

data/lib/braintree/credit_card.rb

@@ -94,6 +94,10 @@ module Braintree
       Configuration.gateway.credit_card.find(token)
     end
 
+    def self.from_nonce(nonce)
+      Configuration.gateway.credit_card.from_nonce(nonce)
+    end
+
     # See http://www.braintreepayments.com/docs/ruby/transactions/create_from_vault
     def self.sale(token, transaction_attributes)
       Configuration.gateway.transaction.sale(transaction_attributes.merge(:payment_method_token => token))

data/lib/braintree/credit_card_gateway.rb

@@ -48,6 +48,14 @@ module Braintree
       raise NotFoundError, "payment method with token #{token.inspect} not found"
     end
 
+    def from_nonce(nonce)
+      raise ArgumentError if nonce.nil? || nonce.to_s.strip == ""
+      response = @config.http.get "/payment_methods/from_nonce/#{nonce}"
+      CreditCard._new(@gateway, response[:credit_card])
+    rescue NotFoundError
+      raise NotFoundError, "nonce #{nonce.inspect} locked, consumed, or not found"
+    end
+
     def update(token, attributes)
       Util.verify_keys(CreditCardGateway._update_signature, attributes)
       _do_update(:put, "/payment_methods/#{token}", :credit_card => attributes)
@@ -80,7 +88,7 @@ module Braintree
       signature = [
         :billing_address_id, :cardholder_name, :cvv, :device_session_id, :expiration_date,
         :expiration_month, :expiration_year, :number, :token, :venmo_sdk_payment_method_code,
-        :device_data, :fraud_merchant_id,
+        :device_data, :fraud_merchant_id, :payment_method_nonce,
         {:options => options},
         {:billing_address => billing_address_params}
       ]

data/lib/braintree/customer.rb

@@ -202,5 +202,9 @@ module Braintree
         :created_at, :updated_at
       ]
     end
+
+    def self._now_timestamp # :nodoc:
+      Time.now.to_i
+    end
   end
 end

data/lib/braintree/gateway.rb

@@ -21,6 +21,10 @@ module Braintree
       AddressGateway.new(self)
     end
 
+    def client_token
+      ClientTokenGateway.new(self)
+    end
+
     def credit_card
       CreditCardGateway.new(self)
     end

data/lib/braintree/http.rb

@@ -14,7 +14,8 @@ module Braintree
       end
     end
 
-    def get(path)
+    def get(_path, query_params={})
+      path = _path + _build_query_string(query_params)
       response = _http_do Net::HTTP::Get, path
       if response.code.to_i == 200 || response.code.to_i == 422
         Xml.hash_from_xml(_body(response))
@@ -46,6 +47,17 @@ module Braintree
       Braintree::Xml.hash_to_xml params
     end
 
+    def _build_query_string(params)
+      if params.empty?
+        ""
+      else
+        "?" + params.map do |x, y|
+          raise(ArgumentError, "Nested hashes aren't supported in query parameters") if y.respond_to?(:to_hash)
+          "#{x}=#{y}"
+        end.join("&")
+      end
+    end
+
     def _http_do(http_verb, path, body = nil)
       connection = Net::HTTP.new(@config.server, @config.port)
       connection.read_timeout = 60

data/lib/braintree/sha256_digest.rb

@@ -0,0 +1,13 @@
+module Braintree
+  module SHA256Digest # :nodoc:
+    def self.hexdigest(private_key, string)
+      _hmac(private_key, string)
+    end
+
+    def self._hmac(key, message)
+      key_digest = ::Digest::SHA256.digest(key)
+      sha256 = OpenSSL::Digest::Digest.new("sha256")
+      OpenSSL::HMAC.hexdigest(sha256, key_digest, message.to_s)
+    end
+  end
+end

data/lib/braintree/signature_service.rb

@@ -0,0 +1,19 @@
+module Braintree
+  class SignatureService
+    attr_reader :key
+
+    def initialize(key, digest=Braintree::Digest)
+      @key = key
+      @digest = digest
+    end
+
+    def sign(data)
+      query_string = Util.hash_to_query_string(data)
+      "#{hash(query_string)}|#{query_string}"
+    end
+
+    def hash(data)
+      @digest.hexdigest(@key, data)
+    end
+  end
+end

data/lib/braintree/subscription_gateway.rb

@@ -60,6 +60,7 @@ module Braintree
         :never_expires,
         :number_of_billing_cycles,
         :payment_method_token,
+        :payment_method_nonce,
         :plan_id,
         :price,
         :trial_duration,
@@ -77,6 +78,7 @@ module Braintree
         :never_expires,
         :number_of_billing_cycles,
         :payment_method_token,
+        :payment_method_nonce,
         :plan_id,
         :price,
         {:options => [

data/lib/braintree/successful_result.rb

@@ -3,14 +3,12 @@ module Braintree
   class SuccessfulResult
     include BaseModule
 
+    attr_reader :address, :credit_card, :customer, :merchant_account, :settlement_batch_summary, :subscription, :new_transaction, :transaction
+
     def initialize(attributes = {}) # :nodoc:
       @attrs = attributes.keys
-      singleton_class.class_eval do
-        attributes.each do |key, value|
-          define_method key do
-            value
-          end
-        end
+      attributes.each do |key, value|
+        instance_variable_set("@#{key}", value)
       end
     end
 

data/lib/braintree/transaction_gateway.rb

@@ -117,7 +117,7 @@ module Braintree
         :amount, :customer_id, :merchant_account_id, :order_id, :channel, :payment_method_token,
         :purchase_order_number, :recurring, :shipping_address_id, :type, :tax_amount, :tax_exempt,
         :venmo_sdk_payment_method_code, :device_session_id, :service_fee_amount, :device_data, :fraud_merchant_id,
-        :billing_address_id,
+        :billing_address_id, :payment_method_nonce,
         {:credit_card => [:token, :cardholder_name, :cvv, :expiration_date, :expiration_month, :expiration_year, :number]},
         {:customer => [:id, :company, :email, :fax, :first_name, :last_name, :phone, :website]},
         {

data/lib/braintree/transparent_redirect_gateway.rb

@@ -51,7 +51,7 @@ module Braintree
 
       query_strings_without_hash = [query_string_without_hash, encoded_query_string_without_hash, decoded_query_string_without_hash]
 
-      if query_strings_without_hash.any? { |query_string| _hash(query_string) == params[:hash] }
+      if query_strings_without_hash.any? { |query_string| @config.signature_service.hash(query_string) == params[:hash] }
         params
       else
         raise ForgedQueryString
@@ -92,17 +92,12 @@ module Braintree
 
     def _data(params) # :nodoc:
       raise ArgumentError, "expected params to contain :redirect_url" unless params[:redirect_url]
-      tr_data_segment = Util.hash_to_query_string(params.merge(
+
+      @config.signature_service.sign(params.merge(
         :api_version => @config.api_version,
         :time => Time.now.utc.strftime("%Y%m%d%H%M%S"),
         :public_key => @config.public_key
       ))
-      tr_data_hash = _hash(tr_data_segment)
-      "#{tr_data_hash}|#{tr_data_segment}"
-    end
-
-    def _hash(string) # :nodoc:
-      ::Braintree::Digest.hexdigest(@config.private_key, string)
     end
   end
 end

data/lib/braintree/version.rb

@@ -2,7 +2,7 @@ module Braintree
   module Version
     Major = 2
     Minor = 30
-    Tiny = 0
+    Tiny = 2
 
     String = "#{Major}.#{Minor}.#{Tiny}"
   end

data/lib/braintree/webhook_notification_gateway.rb

@@ -6,6 +6,9 @@ module Braintree
     end
 
     def parse(signature_string, payload)
+      if payload =~ /[^A-Za-z0-9+=\/\n]/
+        raise InvalidSignature, "payload contains illegal characters"
+      end
       _verify_signature(signature_string, payload)
       attributes = Xml.hash_from_xml(Base64.decode64(payload))
       WebhookNotification._new(@gateway, attributes[:notification])
@@ -25,12 +28,15 @@ module Braintree
       end
     end
 
-    def _verify_signature(signature, payload)
-      public_key, signature = _matching_signature_pair(signature)
-      payload_signature = Braintree::Digest.hexdigest(@config.private_key, payload)
+    def _verify_signature(signature_string, payload)
+      public_key, signature = _matching_signature_pair(signature_string)
+      raise InvalidSignature, 'no matching public key' if public_key.nil?
 
-      raise InvalidSignature if public_key.nil?
-      raise InvalidSignature unless Braintree::Digest.secure_compare(signature, payload_signature)
+      signature_matches = [payload, payload + "\n"].any? do |payload|
+        payload_signature = Braintree::Digest.hexdigest(@config.private_key, payload)
+        Braintree::Digest.secure_compare(signature, payload_signature)
+      end
+      raise InvalidSignature, 'signature does not match payload - one has been modified' unless signature_matches
     end
   end
 end

data/lib/braintree/webhook_testing_gateway.rb

@@ -65,31 +65,31 @@ module Braintree
     def _partner_merchant_connected_sample_xml(data)
 
       <<-XML
-        <partner_merchant>
-          <merchant_public_id>public_id</merchant_public_id>
-          <public_key>public_key</public_key>
-          <private_key>private_key</private_key>
-          <partner_merchant_id>abc123</partner_merchant_id>
-          <client_side_encryption_key>cse_key</client_side_encryption_key>
-        </partner_merchant>
+        <partner-merchant>
+          <merchant-public-id>public_id</merchant-public-id>
+          <public-key>public_key</public-key>
+          <private-key>private_key</private-key>
+          <partner-merchant-id>abc123</partner-merchant-id>
+          <client-side-encryption-key>cse_key</client-side-encryption-key>
+        </partner-merchant>
       XML
     end
 
     def _partner_merchant_disconnected_sample_xml(data)
 
       <<-XML
-        <partner_merchant>
-          <partner_merchant_id>abc123</partner_merchant_id>
-        </partner_merchant>
+        <partner-merchant>
+          <partner-merchant-id>abc123</partner-merchant-id>
+        </partner-merchant>
       XML
     end
 
     def _partner_merchant_declined_sample_xml(data)
 
       <<-XML
-        <partner_merchant>
-          <partner_merchant_id>abc123</partner_merchant_id>
-        </partner_merchant>
+        <partner-merchant>
+          <partner-merchant-id>abc123</partner-merchant-id>
+        </partner-merchant>
       XML
     end
 

data/spec/httpsd.pid

@@ -1 +1 @@
-15069
+5195

data/spec/integration/braintree/client_api/client_token_spec.rb

@@ -0,0 +1,143 @@
+require File.expand_path(File.dirname(__FILE__) + "/../../spec_helper")
+require File.expand_path(File.dirname(__FILE__) + "/spec_helper")
+
+describe Braintree::ClientToken do
+
+  describe "self.generate" do
+    it "generates a fingerprint that the gateway accepts" do
+      config = Braintree::Configuration.instantiate
+      client_token = Braintree::ClientToken.generate
+      http = ClientApiHttp.new(
+        config,
+        :authorization_fingerprint => JSON.parse(client_token)["authorizationFingerprint"],
+        :shared_customer_identifier => "fake_identifier",
+        :shared_customer_identifier_type => "testing"
+      )
+
+      response = http.get_cards
+
+      response.code.should == "200"
+    end
+
+    it "raises ArgumentError on invalid parameters (422)" do
+      expect do
+        Braintree::ClientToken.generate(:options => {:make_default => true})
+      end.to raise_error(ArgumentError)
+    end
+
+    it "can pass verify_card" do
+      config = Braintree::Configuration.instantiate
+      result = Braintree::Customer.create
+      client_token = Braintree::ClientToken.generate(
+        :customer_id => result.customer.id,
+        :options => {
+          :verify_card => true
+        }
+      )
+
+      http = ClientApiHttp.new(
+        config,
+        :authorization_fingerprint => JSON.parse(client_token)["authorizationFingerprint"],
+        :shared_customer_identifier => "fake_identifier",
+        :shared_customer_identifier_type => "testing"
+      )
+
+      response = http.add_card(
+        :credit_card => {
+          :number => "4000111111111115",
+          :expiration_month => "11",
+          :expiration_year => "2099"
+        }
+      )
+
+      response.code.should == "422"
+    end
+
+    it "can pass make_default" do
+      config = Braintree::Configuration.instantiate
+      result = Braintree::Customer.create
+      customer_id = result.customer.id
+      client_token = Braintree::ClientToken.generate(
+        :customer_id => customer_id,
+        :options => {
+          :make_default => true
+        }
+      )
+
+      http = ClientApiHttp.new(
+        config,
+        :authorization_fingerprint => JSON.parse(client_token)["authorizationFingerprint"],
+        :shared_customer_identifier => "fake_identifier",
+        :shared_customer_identifier_type => "testing"
+      )
+
+      response = http.add_card(
+        :credit_card => {
+          :number => "4111111111111111",
+          :expiration_month => "11",
+          :expiration_year => "2099"
+        }
+      )
+
+      response.code.should == "201"
+
+      response = http.add_card(
+        :credit_card => {
+          :number => "4005519200000004",
+          :expiration_month => "11",
+          :expiration_year => "2099"
+        }
+      )
+
+      response.code.should == "201"
+
+      customer = Braintree::Customer.find(customer_id)
+      customer.credit_cards.select { |c| c.bin == "400551" }[0].should be_default
+    end
+
+    it "can pass fail_on_duplicate_payment_method" do
+      config = Braintree::Configuration.instantiate
+      result = Braintree::Customer.create
+      customer_id = result.customer.id
+      client_token = Braintree::ClientToken.generate(
+        :customer_id => customer_id
+      )
+
+      http = ClientApiHttp.new(
+        config,
+        :authorization_fingerprint => JSON.parse(client_token)["authorizationFingerprint"],
+        :shared_customer_identifier => "fake_identifier",
+        :shared_customer_identifier_type => "testing"
+      )
+
+      response = http.add_card(
+        :credit_card => {
+          :number => "4111111111111111",
+          :expiration_month => "11",
+          :expiration_year => "2099"
+        }
+      )
+
+      response.code.should == "201"
+
+      client_token = Braintree::ClientToken.generate(
+        :customer_id => customer_id,
+        :options => {
+          :fail_on_duplicate_payment_method => true
+        }
+      )
+
+      http.fingerprint = JSON.parse(client_token)["authorizationFingerprint"]
+
+      response = http.add_card(
+        :credit_card => {
+          :number => "4111111111111111",
+          :expiration_month => "11",
+          :expiration_year => "2099"
+        }
+      )
+
+      response.code.should == "422"
+    end
+  end
+end