buckaroo_client 0.0.1.pre

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 2911056e32cd71be8234f88bf7dd089fe06adadf
+  data.tar.gz: cfbec2e5be8084042f248a16bd456aae797d187b
+SHA512:
+  metadata.gz: f5c6d596217c75f66e093138cfe01170f55f2d6a1080a7437a1db9e7856384548cd7726f6900ffe321d10fcec58dab96364889eb065f16ad1571979f14afbd6c
+  data.tar.gz: 1b1bd2230444f5a8154af5800c92a8a7dc19a27856332f9d280bbd3c3ca4d41581e402ef16ed1194ae768e9bf9ba45555eac5bc8557ff0f4d87eb84595f26561

data/.gitignore

@@ -0,0 +1,15 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+*.bundle
+*.so
+*.o
+*.a
+mkmf.log
+.env

data/.rspec

@@ -0,0 +1,2 @@
+--color
+--require spec_helper

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in buckaroo_client.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2014 Floris Huetink
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,98 @@
+# BuckarooClient
+
+Ruby support for Buckaroo Payment Engine 3.0
+
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'buckaroo_client'
+```
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install buckaroo_client
+
+
+## Usage
+
+### Setup
+
+Set the following `ENV` vars in your application:
+
+  * `BUCKAROO_CLIENT_WEBSITEKEY`: website key as generated by Buckaroo
+  * `BUCKAROO_CLIENT_SECRET`: shared secret to digitally sign API requests
+  * `BUCKAROO_CLIENT_ENVIRONMENT`: set this to `production` to create real
+    transactions. Defaults to `test`.
+
+Or alternatively, configure using a block (e.g. in a Rails initializer script):
+
+```ruby
+BuckarooClient.configure do |c|
+  c.websitekey = 'yourwebsitekey'
+  c.secret = 'randomsharedsecretstring'
+  c.environment = 'production'
+end
+```
+
+### Creating a transaction
+
+Start by creating a base transaction:
+
+```ruby
+transaction = BuckarooClient.transaction(amount: 9.99, description: 'Payment')
+```
+
+After that, you must select a primary service:
+
+```ruby
+transaction.select_service(:pay_per_email) do |s|
+  s.customeremail = 'example@example.com'
+  # ... and some more values
+end
+```
+
+Optionally select additional payment services as you please:
+
+```ruby
+transaction.select_additional_service(:invoice_specification) do |s|
+  s.add_invoice_line(description: 'Some Product', amount: 10.00)
+  s.add_total_line(description: 'Total', amount: 10.00)
+end
+transaction.select_additional_service(:credit_management) do |s|
+  s.invoice_date = Date.current
+  s.date_due = s.invoice_date.next_day(14)
+end
+```
+
+### Sending data to Buckaroo Payment Engine
+
+Use `BuckarooClient.gateway` to set up Buckaroo NVP Gateway transactions:
+
+```ruby
+BuckarooClient.gateway.transaction_request(transaction.gateway_attributes)
+```
+
+This will send a signed `POST` request to the Buckaroo gateway.
+
+
+## Known limitations
+
+  * This gem currently only supports PayPerEmail transactions.
+  * Batch file creation is experimental and cannot handle invoices with
+    mixed numbers of invoice lines.
+
+
+## Contributing
+
+1. Fork it ( https://github.com/brightin/buckaroo_client/fork )
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create a new Pull Request

data/Rakefile

@@ -0,0 +1,2 @@
+require "bundler/gem_tasks"
+

data/buckaroo_client.gemspec

@@ -0,0 +1,26 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'buckaroo_client/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "buckaroo_client"
+  spec.version       = BuckarooClient::VERSION
+  spec.authors       = ["Floris Huetink"]
+  spec.email         = ["floris@brightin.nl"]
+  spec.summary       = %q{Ruby support for Buckaroo Payment Engine 3.0}
+  spec.homepage      = "https://github.com/brightin/buckaroo_client"
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files -z`.split("\x0")
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.add_dependency "addressable"
+
+  spec.add_development_dependency "bundler", "~> 1.7"
+  spec.add_development_dependency "dotenv", "~> 1.0"
+  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "rspec", "~> 3.0"
+end

data/lib/buckaroo_client.rb

@@ -0,0 +1,35 @@
+require 'buckaroo_client/gateway'
+require 'buckaroo_client/service'
+require 'buckaroo_client/transaction'
+require 'buckaroo_client/version'
+
+module BuckarooClient
+  DEFAULT_TRANSACTION_ATTRIBUTES = {
+    websitekey: ENV['BUCKAROO_CLIENT_WEBSITEKEY']
+  }
+
+  def self.gateway
+    Gateway::NVP
+  end
+
+  def self.batch(attributes = {})
+    Gateway::Batch.new(attributes)
+  end
+
+  def self.transaction(attributes = {})
+    Transaction.new(DEFAULT_TRANSACTION_ATTRIBUTES.merge(attributes))
+  end
+
+  def self.service(name, attributes = {})
+    case name.to_s
+    when 'credit_management'
+      Service::CreditManagement.new
+    when 'invoice_specification'
+      Service::InvoiceSpecification.new
+    when 'pay_per_email'
+      Service::PayPerEmail.new(attributes)
+    else
+      raise ArgumentError.new("service '#{name}' does not exist")
+    end
+  end
+end

data/lib/buckaroo_client/gateway.rb

@@ -0,0 +1,7 @@
+require 'buckaroo_client/gateway/batch'
+require 'buckaroo_client/gateway/nvp'
+
+module BuckarooClient
+  module Gateway
+  end
+end

data/lib/buckaroo_client/gateway/batch.rb

@@ -0,0 +1,31 @@
+require 'forwardable'
+require 'csv'
+
+module BuckarooClient
+  module Gateway
+    class Batch
+      attr_reader :transactions
+
+      extend Forwardable
+      def_delegators :@transactions, :<<, :size, :each
+
+      def initialize(args = {})
+        @transactions = args.fetch(:transactions, [])
+      end
+
+      def to_csv
+        table = CSV::Table.new([])
+        transactions.each { |t| table << transaction_to_csv(t) }
+        table.to_csv(col_sep: ';')
+      end
+
+      private
+
+      def transaction_to_csv(transaction)
+        data = transaction.gateway_attributes
+        CSV::Row.new(data.keys, data.values)
+      end
+
+    end
+  end
+end

data/lib/buckaroo_client/gateway/nvp.rb

@@ -0,0 +1,84 @@
+require 'addressable/uri'
+require 'digest/sha1'
+require 'buckaroo_client/gateway/nvp/response'
+require 'buckaroo_client/gateway/nvp/signature'
+
+module BuckarooClient
+  module Gateway
+    module NVP
+      extend Signature
+
+      def self.environment
+        ENV['BUCKAROO_CLIENT_ENVIRONMENT'] || 'test'
+      end
+
+      def self.websitekey
+        ENV['BUCKAROO_CLIENT_WEBSITEKEY'] || raise("BUCKAROO_CLIENT_WEBSITEKEY not set")
+      end
+
+      def self.url(action: nil)
+        path = case environment
+          when 'production'
+            'https://checkout.buckaroo.nl/nvp/'
+          else
+            'https://testcheckout.buckaroo.nl/nvp/'
+          end
+        path += "?op=#{action}" unless action.nil?
+        URI.parse(path)
+      end
+
+      def self.transaction_request(buckaroo_variables, custom: {}, additional: {})
+        do_request('transactionrequest', buckaroo_variables, custom, additional)
+      end
+
+      def self.transaction_status(buckaroo_variables, custom: {}, additional: {})
+        do_request('transactionstatus', buckaroo_variables, custom, additional)
+      end
+
+      def self.invoice_info(buckaroo_variables, custom: {}, additional: {})
+        do_request('invoiceinfo', buckaroo_variables, custom, additional)
+      end
+
+      def self.transaction_request_specification(buckaroo_variables, custom: {}, additional: {})
+        do_request('transactionrequestspecification', buckaroo_variables, custom, additional)
+      end
+
+      private
+
+      def self.do_request(action, buckaroo_variables, custom = {}, additional = {})
+        nvp_data = prefixed_and_signed_request_data(buckaroo_variables, custom, additional)
+        Response.for_action(action, post_data(action, nvp_data))
+      end
+
+      def self.post_data(action, data)
+        Net::HTTP.post_form(url(action: action), data)
+      end
+
+      def self.prefixed_and_signed_request_data(buckaroo, custom, additional)
+        output = prefix_if_needed(data: buckaroo, prefix: 'brq_')
+        output.merge!(prefix_if_needed(data: custom, prefix: 'cust_'))
+        output.merge!(prefix_if_needed(data: additional, prefix: 'add_'))
+        output['brq_websitekey'] ||= websitekey
+        if output.key?('brq_service')
+          output['brq_payment_method'] = output.delete('brq_service')
+        end
+        sign!(output)
+        return output
+      end
+
+      def self.prefix_if_needed(prefix:, data:)
+        output = {}
+        data.each do |key, value|
+          prefixed_key = key.to_s.index(prefix) == 0 ? key : "#{prefix}#{key}"
+          output[prefixed_key] = value
+        end
+        return output
+      end
+
+      def self.sign!(input)
+        input['brq_signature'] = signature(input)
+        input
+      end
+    end
+  end
+end

data/lib/buckaroo_client/gateway/nvp/invoice_info_response.rb

@@ -0,0 +1,16 @@
+require 'buckaroo_client/gateway/nvp/response'
+
+module BuckarooClient
+  module Gateway
+    module NVP
+      class InvoiceInfoResponse < Response
+
+        def paid?
+          return nil unless response.key?('BRQ_INVOICE_1_PAID')
+          response['BRQ_INVOICE_1_PAID'].to_s.downcase == 'true'
+        end
+
+      end
+    end
+  end
+end

data/lib/buckaroo_client/gateway/nvp/response.rb

@@ -0,0 +1,56 @@
+# Partly taken from:
+# https://github.com/inventid/buckaroo/blob/develop/lib/buckaroo/response.rb
+require 'addressable/uri'
+require 'digest/sha1'
+require 'buckaroo_client/gateway/nvp/signature'
+
+module BuckarooClient
+  module Gateway
+    module NVP
+      class Response
+
+        include Signature
+
+        attr_reader :body, :response, :status_code, :success
+
+        def self.for_action(action, response)
+          klass = case action
+          when 'invoiceinfo'
+            require 'buckaroo_client/gateway/nvp/invoice_info_response'
+            InvoiceInfoResponse
+          else
+            Response
+          end
+          klass.new(response)
+        end
+
+        def initialize(response)
+          @body = response.body
+          @response = Hash[Addressable::URI.form_unencode(body)]
+          @status_code = @response['BRQ_STATUSCODE'].to_i
+          @success = !error_occurred?
+        end
+
+        alias_method :success?, :success
+
+        def verify!
+          verified? or raise "Response signature does not match expected value"
+        end
+
+        def verified?
+          input = response.dup
+          given_hash = input['BRQ_SIGNATURE']
+          input.delete('BRQ_SIGNATURE')
+          signature(input) == given_hash
+        end
+
+        private
+
+        def error_occurred?
+          !verified? || status_code == 491 || status_code == 492
+        end
+
+      end
+    end
+  end
+end

data/lib/buckaroo_client/gateway/nvp/signature.rb

@@ -0,0 +1,38 @@
+require 'digest/sha1'
+
+module BuckarooClient
+  module Gateway
+    module NVP
+      module Signature
+        def secret_key
+          ENV['BUCKAROO_CLIENT_SECRET'] || raise("BUCKAROO_CLIENT_SECRET not set")
+        end
+
+        def signature(input)
+          # Base logic and comments taken from github.com/inventid/buckaroo
+          #
+          # This might actually need some explanation why we are converting do lowercase here
+          # BuckarooClient specifies to sort these parameters, although the exact matter of sorting
+          # is quite ambigious. So after quite a while of debugging, I discovered that by
+          # sorting they do not use the ASCII based sorting Ruby uses. In fact, the sorting
+          # is specified to place symbols first (which ASCII does, except for the underscore (_)
+          # which is located between the capitals and lowercase letters (jeej ASCII!).
+          # So in this case, by converting everything to lowercase before comparing, we ensure
+          # that all symbols are in the table before the letters.
+          #
+          # Actual case where it went wrong: keys BRQ_TRANSACTIONS and BRQ_TRANSACTION_CANCELABLE
+          # Ruby would sort these in this exact order, whereas BuckarooClient would reverse them. And
+          # since for hashing the reversal generates a totally different sequence, that would
+          # break message validation.
+          #
+          # TLDR; Leave it with a downcase
+          sorted_data = input.sort_by { |key, _| key.to_s.downcase }
+          to_hash = ''
+          sorted_data.each { |key, value| to_hash << key.to_s+'='+value.to_s }
+          to_hash << secret_key
+          Digest::SHA1.hexdigest(to_hash)
+        end
+      end
+    end
+  end
+end