bunq-client 0.1.2 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 22487972e1aebeb56b45b8781968b99da449bc9a
-  data.tar.gz: 2f1b2e7500ae78bf18a066d45b751e38cf56fbc8
+SHA256:
+  metadata.gz: f43869cbdc6e1d596f972aac0752ca7ed25fe6884814ea592a7e34e97fae6948
+  data.tar.gz: 38a49c91d8e233921b8d21b1e5852e01acfff630157abe0dd3bfa4f715f4a10f
 SHA512:
-  metadata.gz: 00f65e325aa9b546c8f1124c6debf626b07d21a546be70f8af5f901bcb8d74bcdff85b067775ed17c2dd103502d422499201904d5f2fc1673780a363f42546e4
-  data.tar.gz: 29544093b45a56c096c45599263fcd29fccfd124a5e2a52515bc4d3eb8434ed0b59f5bba687d1f45ff63f88c68cae2768f8c727057a1ecc66f56df2f1503fb86
+  metadata.gz: a853e3ae7694c1bfb5a41aa735c4942ff015c8614602f6efd45d9a9aa08300ee1e89da4ad2ff3f354d82ef4ba519f10229badd1338dd9730d61ec8d8b2cb475d
+  data.tar.gz: ac8ee43d4bb61f30ce45937b7b90af82087cccd0d248396d27decdcbcdfae6584f4bf40f5c434135cc9ac7d248ebafdd9f44039557d59a433b8124ab1a06e4d2

data/.ruby-version

@@ -1 +1,2 @@
-2.3.2
+2.5.3
+

data/.travis.yml

@@ -1,5 +1,5 @@
 sudo: false
 language: ruby
 rvm:
-  - 2.3.2
-before_install: gem install bundler -v 1.13.6
+  - 2.3.4
+before_install: gem install bundler -v 1.16.1

data/README.md

@@ -137,6 +137,17 @@ Bunq.client.me_as_user.monetary_accounts.index.each do |monetary_account|
 end
 ```
 
+## Session caching
+
+By default, each `Bunq.client` creates a new session. If you want to share a session between multiple
+`Bunq.client`s, use the following configuration:
+
+```
+Bunq.configure do |config|
+  config.session_cache = Bunq::ThreadSafeSessionCache.new
+end
+```
+
 ## Development
 
 After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.

data/bunq-client.gemspec

@@ -10,11 +10,13 @@ Gem::Specification.new do |spec|
     'Lars Vonk',
     'Bob Forma',
     'Derek Kraan',
+    'Mike van Diepen',
   ]
   spec.email         = [
     'lars.vonk@gmail.com',
     'bforma@zilverline.com',
-    'dkraan@zilverline.com',
+    'derek.kraan@gmail.com',
+    'mvdiepen@zilverline.com',
   ]
 
   spec.summary       = %q{Ruby client for the bunq public API.}
@@ -22,7 +24,6 @@ Gem::Specification.new do |spec|
   spec.homepage      = "https://github.com/jorttbv/bunq-client"
   spec.license       = "MIT"
 
-
   spec.files         = `git ls-files -z`.split("\x0").reject do |f|
     f.match(%r{^(test|spec|features)/})
   end
@@ -31,11 +32,12 @@ Gem::Specification.new do |spec|
   spec.require_paths = ["lib"]
 
   spec.add_runtime_dependency 'rest-client', '~> 2.0'
+  spec.add_runtime_dependency 'thread_safe', '~> 0.3.6'
 
-  spec.add_development_dependency "bundler", "~> 1.13"
-  spec.add_development_dependency "rake", "~> 10.0"
-  spec.add_development_dependency "rspec", "~> 3.5"
-  spec.add_development_dependency "webmock", "~> 2.3.2"
+  spec.add_development_dependency "bundler", "~> 1.16"
+  spec.add_development_dependency "rake", "~> 12.3"
+  spec.add_development_dependency "rspec", "~> 3.7"
+  spec.add_development_dependency "webmock", "~> 3.2.1"
   spec.add_development_dependency "rspec-json_expectations", "~> 2.1"
   spec.add_development_dependency "codecov", "~> 0.1.10"
 end

data/lib/bunq/attachment_public_content.rb

@@ -0,0 +1,19 @@
+module Bunq
+  ##
+  # https://doc.bunq.com/api/1/call/attachment-public-content
+  class AttachmentPublicContent
+    def initialize(client, id)
+      @resource = Bunq::Resource.new(client, "/v1/attachment-public/#{id}/content")
+    end
+
+    ##
+    # https://doc.bunq.com/api/1/call/attachment-public-content/method/list
+    # Returns the raw content of a public attachment with given ID.
+    # The raw content is the binary representation of a file.
+    def show
+      @resource.with_session do 
+        @resource.get { |response| response.body }
+      end
+    end
+  end
+end

data/lib/bunq/card.rb

@@ -0,0 +1,15 @@
+module Bunq
+  class Card
+    def initialize(parent_resource, id)
+      @resource = parent_resource.append("/card/#{id}")
+    end
+
+    def show
+      @resource.with_session { @resource.get }['Response']
+    end
+
+    def update(card)
+      @resource.with_session { @resource.put(card, encrypt: true) }['Response']
+    end
+  end
+end

data/lib/bunq/cards.rb

@@ -0,0 +1,11 @@
+module Bunq
+  class Cards
+    def initialize(parent_resource)
+      @resource = parent_resource.append("/card")
+    end
+
+    def index
+      @resource.with_session { @resource.get }['Response']
+    end
+  end
+end

data/lib/bunq/client.rb

@@ -1,5 +1,6 @@
 require 'openssl'
 require 'base64'
+require 'thread_safe'
 
 require_relative './version'
 require_relative './resource'
@@ -7,20 +8,24 @@ require_relative './resource'
 require_relative './installations'
 require_relative './installation'
 require_relative './device_servers'
+require_relative './encryptor'
 require_relative './session_servers'
 require_relative './user'
 require_relative './user_company'
+require_relative './user_person'
 require_relative './monetary_account'
 require_relative './monetary_accounts'
+require_relative './payment'
 require_relative './payments'
 require_relative './signature'
+require_relative './attachment_public_content.rb'
 
 ##
 # Usage
 #
 #   Bunq.configure do |config|
 #     config.api_key = 'YOUR_APIKEY'
-#     config.installation_token = 'YOUR_INSTALLATION_TOKEN' 
+#     config.installation_token = 'YOUR_INSTALLATION_TOKEN'
 #     config.private_key = 'YOUR PRIVATE KEY'
 #     config.server_public_key = 'SERVER PUBLIC KEY'
 #   end
@@ -38,8 +43,10 @@ module Bunq
       yield(configuration)
 
       configuration.base_url = Configuration::SANDBOX_BASE_URL if configuration.sandbox
+    end
 
-      fail 'api_key is mandatory' unless self.configuration.api_key
+    def reset_configuration
+      self.configuration = nil
     end
 
     ##
@@ -49,13 +56,43 @@ module Bunq
       fail "No configuration! Call Bunq.configure first." unless configuration
       Client.new(configuration)
     end
+  end
 
-    ##
-    # Returns a new instance of +Signature+
-    #
-    def signature
-      fail "No configuration! Call Bunq.configure first." unless configuration
-      Signature.new(configuration.private_key, configuration.server_public_key)
+  class NoSessionCache
+    def get(&block)
+      block.call if block_given?
+    end
+
+    def clear
+      # no-op
+    end
+  end
+
+  ##
+  # A thread-safe session cache that can hold one (the current) session.
+  #
+  # Usage:
+  #
+  # Bunq.configure do |config|
+  #   config.session_cache = Bunq::ThreadSafeSessionCache.new
+  # end
+  #
+  # After this, all +Bunq.client+ calls will use the same session. When the session times out,
+  # a new one is started automatically.
+  #
+  class ThreadSafeSessionCache
+    CACHE_KEY = 'CURRENT_BUNQ_SESSION'
+
+    def initialize
+      clear
+    end
+
+    def get(&block)
+      @cache.fetch_or_store(CACHE_KEY) { block.call if block_given? }
+    end
+
+    def clear
+      @cache = ThreadSafe::Cache.new
     end
   end
 
@@ -63,13 +100,15 @@ module Bunq
   # Configuration object for connecting to the bunq api
   #
   class Configuration
-    SANDBOX_BASE_URL = 'https://sandbox.public.api.bunq.com'
+    SANDBOX_BASE_URL = 'https://public-api.sandbox.bunq.com'
     PRODUCTION_BASE_URL = 'https://api.bunq.com'
 
     DEFAULT_LANGUAGE = 'nl_NL'
     DEFAULT_REGION = 'nl_NL'
     DEFAULT_GEOLOCATION = '0 0 0 0 000'
     DEFAULT_USER_AGENT = "bunq ruby client #{Bunq::VERSION}"
+    DEFAULT_TIMEOUT = 60
+    DEFAULT_SESSION_CACHE = NoSessionCache.new
 
     # Base url for the bunq api. Defaults to +PRODUCTION_BASE_URL+
     attr_accessor :base_url,
@@ -100,8 +139,13 @@ module Bunq
       # The private key for signing the request
       :private_key,
       # The public key of this installation for verifying the response
-      :server_public_key
-
+      :server_public_key,
+      # Timeout in seconds to wait for bunq api. Defaults to +DEFAULT_TIMEOUT+
+      :timeout,
+      # Cache to retrieve current session from. Defaults to +DEFAULT_SESSION_CACHE+,
+      # which will create a new session per `Bunq.client` instance.
+      # See +ThreadSafeSessionCache+ for more advanced use.
+      :session_cache
 
     def initialize
       @sandbox = false
@@ -111,6 +155,8 @@ module Bunq
       @geolocation = DEFAULT_GEOLOCATION
       @user_agent = DEFAULT_USER_AGENT
       @disable_response_signature_verification = false
+      @timeout = DEFAULT_TIMEOUT
+      @session_cache = DEFAULT_SESSION_CACHE
     end
   end
 
@@ -119,11 +165,11 @@ module Bunq
   #
   # An instance of a +Client+ can be obtained via +Bunq.client+
   class Client
-
     attr_accessor :current_session
     attr_reader :configuration
 
     def initialize(configuration)
+      fail ArgumentError.new('configuration is required') unless configuration
       @configuration = configuration
     end
 
@@ -151,6 +197,20 @@ module Bunq
       Bunq::UserCompany.new(self, id)
     end
 
+    def user_person(id)
+      Bunq::UserPerson.new(self, id)
+    end
+
+    # Returns the +Bunq::AttachmentPublicContent+ represented by the given id
+    def attachment_public_content(id)
+      with_session { Bunq::AttachmentPublicContent.new(self, id) }
+    end
+
+    # Returns the +Bunq::UserPerson+ represented by the +Bunq::Configuration.api_key+
+    def me_as_user_person
+      with_session { user_person(current_session_user_id) }
+    end
+
     # Returns the +Bunq::UserCompany+ represented by the +Bunq::Configuration.api_key+
     def me_as_user_company
       with_session { user_company(current_session_user_id) }
@@ -162,12 +222,30 @@ module Bunq
     end
 
     def ensure_session!
-      @current_session ||= session_servers.create
+      @current_session ||= configuration.session_cache.get { create_session }
+    end
+
+    def create_session
+      session_servers.create
     end
 
     def with_session(&block)
+      retries ||= 0
       ensure_session!
       block.call
+    rescue UnauthorisedResponse => e
+      configuration.session_cache.clear
+      @current_session = nil
+      retry if (retries += 1) < 2
+      raise e
+    end
+
+    def signature
+      @signature ||= Signature.new(configuration.private_key, configuration.server_public_key)
+    end
+
+    def encryptor
+      @encryptor ||= Encryptor.new(configuration.server_public_key)
     end
 
     def headers

data/lib/bunq/device_servers.rb

@@ -13,10 +13,20 @@ module Bunq
 
     ##
     # https://doc.bunq.com/api/1/call/device-server/method/post
-    def create(description)
+    #
+    # You can add a wildcard IP by passing an array of the current IP,
+    # and the `*` character. E.g.: ['1.2.3.4', '*'].
+    #
+    # @param description [String] The description of this device server.
+    # @param permitted_ips [Array|nil] Array of permitted IP addresses.
+    def create(description, permitted_ips: nil)
       fail ArgumentError.new('description is required') unless description
+      fail 'Cannot create session, please add the api_key to your configuration' unless @client.configuration.api_key
+
+      params = { description: description, secret: @client.configuration.api_key }
+      params[:permitted_ips] = permitted_ips if permitted_ips
 
-      @resource.post(description: description, secret: @client.configuration.api_key)['Response']
+      @resource.post(params)['Response']
     end
 
     ##

data/lib/bunq/encryptor.rb

@@ -0,0 +1,53 @@
+module Bunq
+  class Encryptor
+    HEADER_CLIENT_ENCRYPTION_HMAC = 'X-Bunq-Client-Encryption-Hmac'
+    HEADER_CLIENT_ENCRYPTION_IV = 'X-Bunq-Client-Encryption-Iv'
+    HEADER_CLIENT_ENCRYPTION_KEY = 'X-Bunq-Client-Encryption-Key'
+    AES_ENCRYPTION_METHOD = 'aes-256-cbc'
+    HMAC_ALGORITHM = 'sha1'
+
+    def initialize(server_public_key)
+      fail ArgumentError.new('server_public_key is mandatory') unless server_public_key
+
+      @server_public_key = OpenSSL::PKey::RSA.new(server_public_key)
+    end
+
+    def encrypt(body)
+      headers = {}
+
+      iv, key, encrypted_body = encrypt_body(body)
+
+      headers[HEADER_CLIENT_ENCRYPTION_IV] = Base64.strict_encode64(iv)
+
+      encrypted_key = server_public_key.public_encrypt(key)
+      headers[HEADER_CLIENT_ENCRYPTION_KEY] = Base64.strict_encode64(encrypted_key)
+
+      digest = hmac(key, iv + encrypted_body)
+      headers[HEADER_CLIENT_ENCRYPTION_HMAC] = Base64.strict_encode64(digest)
+
+      [encrypted_body, headers]
+    end
+
+    private
+
+    attr_reader :server_public_key
+
+    def encrypt_body(body)
+      cipher = OpenSSL::Cipher.new(AES_ENCRYPTION_METHOD)
+      cipher.encrypt
+
+      iv = cipher.random_iv
+      key = cipher.random_key
+
+      encrypted_body = cipher.update(body) + cipher.final
+
+      [iv, key, encrypted_body]
+    end
+
+    def hmac(key, content)
+      hmac = OpenSSL::HMAC.new(key, OpenSSL::Digest.new(HMAC_ALGORITHM))
+      hmac << content
+      hmac.digest
+    end
+  end
+end

data/lib/bunq/errors.rb

@@ -0,0 +1,33 @@
+module Bunq
+  class ResponseError < StandardError
+    attr_reader :code
+    attr_reader :headers
+    attr_reader :body
+
+    def initialize(msg = "Response error", code: nil, headers: nil, body: nil)
+      @code = code
+      @headers = headers || {}
+      @body = body
+      super("#{msg}: #{body}")
+    end
+
+    # Returns the parsed body if it is a JSON document, nil otherwise.
+    # @param opts [Hash] Optional options that are passed to `JSON.parse`.
+    def parsed_body(opts = {})
+      JSON.parse(@body, opts) if @body && @headers['content-type'] && @headers['content-type'].include?('application/json')
+    end
+
+    # Returns an array of errors returned from the API, or nil if no errors are returned.
+    # @return [Array|nil]
+    def errors
+      json = parsed_body
+      json ? json['Error'] : nil
+    end
+  end
+
+  class UnexpectedResponse < ResponseError; end
+  class AbsentResponseSignature < ResponseError; end
+  class TooManyRequestsResponse < ResponseError; end
+  class UnauthorisedResponse < ResponseError; end
+  class Timeout < StandardError; end
+end

data/lib/bunq/installations.rb

@@ -7,7 +7,7 @@ module Bunq
     def create(public_key)
       fail ArgumentError.new('public_key is required') unless public_key
 
-      @resource.post({client_public_key: public_key}, true)['Response']
+      @resource.post({client_public_key: public_key}, skip_verify: true)['Response']
     end
 
     def index

data/lib/bunq/monetary_account.rb

@@ -6,6 +6,10 @@ module Bunq
       @resource = parent_resource.append("/monetary-account/#{id}")
     end
 
+    def payment(id)
+      Bunq::Payment.new(@resource, id)
+    end
+
     def payments
       Bunq::Payments.new(@resource)
     end

data/lib/bunq/paginated.rb

@@ -1,4 +1,4 @@
-require_relative 'unexpected_response'
+require_relative 'errors'
 
 module Bunq
   class MissingPaginationObject < UnexpectedResponse; end
@@ -40,12 +40,22 @@ module Bunq
           pagination = result['Pagination']
           fail MissingPaginationObject unless pagination
 
-          last_page = !pagination['older_url']
-          next_params = params.merge(older_id: param('older_id', pagination['older_url'])) unless last_page
+          last_page = !pagination[paging_url(params)]
+          next_params = params.merge(:"#{paging_id(params)}" => param(paging_id(params), pagination[paging_url(params)])) unless last_page
         end
       end
     end
 
+    def paging_url(params)
+      return 'newer_url' if params[:newer_id]
+      'older_url'
+    end
+
+    def paging_id(params)
+      return 'newer_id' if params[:newer_id]
+      'older_id'
+    end
+
     def param(name, url)
       CGI.parse(URI(url).query)[name]&.first
     end

data/lib/bunq/payment.rb

@@ -0,0 +1,13 @@
+module Bunq
+  # https://doc.bunq.com/api/1/call/payment
+  class Payment
+    def initialize(parent_resource, id)
+      @resource = parent_resource.append("/payment/#{id}")
+    end
+
+    # https://doc.bunq.com/api/1/call/payment/method/get
+    def show
+      @resource.with_session { @resource.get }['Response']
+    end
+  end
+end

data/lib/bunq/resource.rb

@@ -1,5 +1,4 @@
-require_relative 'signature'
-require_relative 'unexpected_response'
+require_relative 'errors'
 require 'restclient'
 require 'json'
 
@@ -11,74 +10,89 @@ module Bunq
     def initialize(client, path)
       @client = client
       @path = path
-      @resource = RestClient::Resource.new(
-        "#{client.configuration.base_url}#{path}",
-        {
-          headers: client.headers
-        }.tap do |x|
-          if client.configuration.sandbox
-            x[:user] = client.configuration.sandbox_user
-            x[:password] = client.configuration.sandbox_password
-          end
-        end
-      )
     end
 
     def get(params = {}, &block)
-      @resource.get({params: params}.merge(bunq_request_headers('GET', params))) do |response, request, result|
+      resource.get({params: params}.merge(bunq_request_headers('GET', params))) do |response, request, result|
         verify_and_handle_response(response, request, result, &block)
       end
+    rescue RestClient::Exceptions::Timeout
+      raise Bunq::Timeout
     end
 
 
-    def post(payload, skip_verify = false, &block)
-      json = JSON.generate(payload)
-      if skip_verify
-        @resource.post(json, bunq_request_headers('POST', NO_PARAMS, json)) do |response, request, result|
+    def post(payload, skip_verify: false, encrypt: false, &block)
+      body = JSON.generate(payload)
+      body, headers = client.encryptor.encrypt(body) if encrypt
+
+      headers = bunq_request_headers('POST', NO_PARAMS, body, headers || {})
+
+      resource.post(body, headers) do |response, request, result|
+        if skip_verify
           handle_response(response, request, result, &block)
-        end
-      else
-        @resource.post(json, bunq_request_headers('POST', NO_PARAMS, json)) do |response, request, result|
+        else
           verify_and_handle_response(response, request, result, &block)
         end
       end
+    rescue RestClient::Exceptions::Timeout
+      raise Bunq::Timeout
     end
 
-    def put(payload, &block)
-      json = JSON.generate(payload)
-      @resource.put(json, bunq_request_headers('PUT', NO_PARAMS, json)) do |response, request, result|
+    def put(payload, encrypt: false, &block)
+      body = JSON.generate(payload)
+      body, headers = client.encryptor.encrypt(body) if encrypt
+
+      headers = bunq_request_headers('PUT', NO_PARAMS, body, headers || {})
+
+      resource.put(body, headers) do |response, request, result|
         verify_and_handle_response(response, request, result, &block)
       end
+    rescue RestClient::Exceptions::Timeout
+      raise Bunq::Timeout
     end
 
     def append(path)
       Bunq::Resource.new(client, @path + path)
     end
 
-    def ensure_session!
-      client.ensure_session!
-    end
-
     def with_session(&block)
       client.with_session(&block)
     end
 
     private
 
-    attr_reader :client
+    attr_reader :client, :path
 
-    def bunq_request_headers(verb, params, payload = nil)
-      request_id_header = {'X-Bunq-Client-Request-Id' => SecureRandom.uuid}
+    def resource
+      RestClient::Resource.new(
+        "#{client.configuration.base_url}#{path}",
+        {
+          headers: client.headers,
+          timeout: client.configuration.timeout,
+        }.tap do |x|
+          if client.configuration.sandbox
+            x[:user] = client.configuration.sandbox_user
+            x[:password] = client.configuration.sandbox_password
+          end
+        end
+      )
+    end
+
+    def bunq_request_headers(verb, params, payload = nil, headers = {})
+      headers['X-Bunq-Client-Request-Id'] = SecureRandom.uuid
+
+      unless @path.end_with?('/installation') && verb == 'POST'
+        headers['X-Bunq-Client-Signature'] = sign_request(verb, params, headers, payload)
+      end
 
-      return request_id_header if @path.end_with?('/installation') && verb == 'POST'
-      request_id_header.merge('X-Bunq-Client-Signature' => sign_request(verb, params, request_id_header, payload))
+      headers
     end
 
-    def sign_request(verb, params, request_id_header, payload = nil)
-      Bunq.signature.create(
+    def sign_request(verb, params, headers, payload = nil)
+      client.signature.create(
         verb,
         encode_params(@path, params),
-        @resource.headers.merge(request_id_header),
+        resource.headers.merge(headers),
         payload
       )
     end
@@ -89,18 +103,21 @@ module Bunq
     end
 
     def verify_and_handle_response(response, request, result, &block)
-      Bunq.signature.verify!(response) unless client.configuration.disable_response_signature_verification
+      client.signature.verify!(response) unless client.configuration.disable_response_signature_verification
       handle_response(response, request, result, &block)
     end
 
     def handle_response(response, _request, _result, &block)
-      case response.code
-      when 200, 201
+      if response.code == 200 || response.code == 201
         if block_given?
           yield(response)
         else
           JSON.parse(response.body)
         end
+      elsif (response.code == 409 && Bunq.configuration.sandbox) || response.code == 429
+        fail TooManyRequestsResponse.new(code: response.code, headers: response.raw_headers, body: response.body)
+      elsif response.code == 401
+        fail UnauthorisedResponse.new(code: response.code, headers: response.raw_headers, body: response.body)
       else
         fail UnexpectedResponse.new(code: response.code, headers: response.raw_headers, body: response.body)
       end

data/lib/bunq/session_servers.rb

@@ -10,7 +10,7 @@ module Bunq
     ##
     # https://doc.bunq.com/api/1/call/session-server/method/post
     def create
-      fail 'Cannot create session, please provide api_key to Bunq::Client' unless @api_key
+      fail 'Cannot create session, please add the api_key to your configuration' unless @api_key
       @resource.post(secret: @api_key)['Response']
     end
   end

data/lib/bunq/signature.rb

@@ -1,4 +1,4 @@
-require_relative 'unexpected_response'
+require_relative 'errors'
 
 module Bunq
   class Signature
@@ -27,13 +27,18 @@ module Bunq
     end
 
     def verify!(response)
+      return if skip_signature_check(response.code)
+
       sorted_bunq_headers = response.raw_headers.select(&method(:verifiable_header?)).sort.to_h.map { |k, v| "#{k.to_s.split('-').map(&:capitalize).join('-')}: #{v.first}" }
       data = %Q{#{response.code}\n#{sorted_bunq_headers.join("\n")}\n\n#{response.body}}
 
-      signature_headers = response.raw_headers.find { |k, _| k.to_s.downcase == BUNQ_SERVER_SIGNATURE_RESPONSE_HEADER }[1]
-      fail UnexpectedResponse.new(code: response.code, headers: response.raw_headers, body: response.body) unless signature_headers
+      signature_headers = response.raw_headers.find { |k, _| k.to_s.downcase == BUNQ_SERVER_SIGNATURE_RESPONSE_HEADER }
+      fail AbsentResponseSignature.new(code: response.code, headers: response.raw_headers, body: response.body) unless signature_headers
+
+      signature_headers_value = signature_headers[1]
+      fail AbsentResponseSignature.new(code: response.code, headers: response.raw_headers, body: response.body) unless signature_headers_value
 
-      signature = Base64.strict_decode64(signature_headers.first)
+      signature = Base64.strict_decode64(signature_headers_value.first)
       fail UnexpectedResponse.new(code: response.code, headers: response.raw_headers, body: response.body) unless server_public_key.verify(digest, signature, data)
     end
 
@@ -63,5 +68,9 @@ module Bunq
       _header_name = header_name.to_s.downcase
       _header_name.start_with?(BUNQ_HEADER_PREFIX) && _header_name != BUNQ_SERVER_SIGNATURE_RESPONSE_HEADER
     end
+
+    def skip_signature_check(responseCode)
+      (Bunq::configuration.sandbox && responseCode == 409) || responseCode == 429
+    end
   end
 end

data/lib/bunq/user.rb

@@ -4,6 +4,8 @@ require_relative 'monetary_accounts'
 require_relative 'draft_share_invite_bank'
 require_relative 'draft_share_invite_banks'
 require_relative 'certificate_pinned'
+require_relative 'card'
+require_relative 'cards'
 
 module Bunq
   class User
@@ -31,6 +33,14 @@ module Bunq
       Bunq::CertificatePinned.new(@resource)
     end
 
+    def card(id)
+      Bunq::Card.new(@resource, id)
+    end
+
+    def cards
+      Bunq::Cards.new(@resource)
+    end
+
     def show
       @resource.with_session { @resource.get }['Response']
     end

data/lib/bunq/user_person.rb

@@ -0,0 +1,17 @@
+require_relative 'resource'
+
+module Bunq
+  class UserPerson
+    def initialize(client, id)
+      @resource = Bunq::Resource.new(client, "/v1/user-person/#{id}")
+    end
+
+    def show
+      @resource.with_session { @resource.get }['Response']
+    end
+
+    def update(attributes)
+      @resource.with_session { @resource.put(attributes) }['Response']
+    end
+  end
+end

data/lib/bunq/version.rb

@@ -1,3 +1,3 @@
 module Bunq
-  VERSION = "0.1.2"
+  VERSION = "0.2.0"
 end

metadata

@@ -1,16 +1,17 @@
 --- !ruby/object:Gem::Specification
 name: bunq-client
 version: !ruby/object:Gem::Version
-  version: 0.1.2
+  version: 0.2.0
 platform: ruby
 authors:
 - Lars Vonk
 - Bob Forma
 - Derek Kraan
+- Mike van Diepen
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2017-05-19 00:00:00.000000000 Z
+date: 2019-06-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rest-client
@@ -26,62 +27,76 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: thread_safe
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.3.6
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.3.6
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.13'
+        version: '1.16'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.13'
+        version: '1.16'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '12.3'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '12.3'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.5'
+        version: '3.7'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.5'
+        version: '3.7'
 - !ruby/object:Gem::Dependency
   name: webmock
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.3.2
+        version: 3.2.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.3.2
+        version: 3.2.1
 - !ruby/object:Gem::Dependency
   name: rspec-json_expectations
   requirement: !ruby/object:Gem::Requirement
@@ -114,7 +129,8 @@ description: Ruby client for the bunq public API. Extracted from www.jortt.nl
 email:
 - lars.vonk@gmail.com
 - bforma@zilverline.com
-- dkraan@zilverline.com
+- derek.kraan@gmail.com
+- mvdiepen@zilverline.com
 executables: []
 extensions: []
 extra_rdoc_files: []
@@ -129,25 +145,31 @@ files:
 - README.md
 - Rakefile
 - bunq-client.gemspec
+- lib/bunq/attachment_public_content.rb
 - lib/bunq/bunq.rb
+- lib/bunq/card.rb
+- lib/bunq/cards.rb
 - lib/bunq/certificate_pinned.rb
 - lib/bunq/client.rb
 - lib/bunq/device_servers.rb
 - lib/bunq/draft_share_invite_bank.rb
 - lib/bunq/draft_share_invite_banks.rb
+- lib/bunq/encryptor.rb
+- lib/bunq/errors.rb
 - lib/bunq/installation.rb
 - lib/bunq/installations.rb
 - lib/bunq/monetary_account.rb
 - lib/bunq/monetary_accounts.rb
 - lib/bunq/paginated.rb
+- lib/bunq/payment.rb
 - lib/bunq/payments.rb
 - lib/bunq/qr_code_content.rb
 - lib/bunq/resource.rb
 - lib/bunq/session_servers.rb
 - lib/bunq/signature.rb
-- lib/bunq/unexpected_response.rb
 - lib/bunq/user.rb
 - lib/bunq/user_company.rb
+- lib/bunq/user_person.rb
 - lib/bunq/version.rb
 homepage: https://github.com/jorttbv/bunq-client
 licenses:
@@ -169,7 +191,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.2
+rubygems_version: 2.7.6
 signing_key: 
 specification_version: 4
 summary: Ruby client for the bunq public API.

data/lib/bunq/unexpected_response.rb

@@ -1,5 +0,0 @@
-module Bunq
-
-  class UnexpectedResponse < StandardError; end
-
-end