candy_check 0.0.1

data/lib/candy_check/play_store/config.rb

@@ -0,0 +1,51 @@
+module CandyCheck
+  module PlayStore
+    # Configure the usage of the official Google API SDK client
+    class Config < Utils::Config
+      # @return [String] your application name
+      attr_reader :application_name
+      # @return [String] your application's version
+      attr_reader :application_version
+      # @return [String] an optional file to cache the discovery API result
+      attr_reader :cache_file
+      # @return [String] your issuer's service account e-mail
+      attr_reader :issuer
+      # @return [String] the path to your local *.p12 certificate file
+      attr_reader :key_file
+      # @return [String] the secret to load your certificate file
+      attr_reader :key_secret
+
+      # Initializes a new configuration from a hash
+      # @param attributes [Hash]
+      # @example Initialize with a discovery cache file
+      #   ClientConfig.new(
+      #     application_name: 'YourApplication',
+      #     application_version: '1.0',
+      #     cache_file: 'tmp/google_api_cache',
+      #     issuer: 'abcdefg@developer.gserviceaccount.com',
+      #     key_file: 'local/google.p12',
+      #     key_secret: 'notasecret'
+      #   )
+      def initialize(attributes)
+        super
+      end
+
+      # @return [String] the decrypted API key from Google
+      def api_key
+        @api_key ||= begin
+          Google::APIClient::KeyUtils.load_from_pkcs12(key_file, key_secret)
+        end
+      end
+
+      private
+
+      def validate!
+        validates_presence(:application_name)
+        validates_presence(:application_version)
+        validates_presence(:issuer)
+        validates_presence(:key_file)
+        validates_presence(:key_secret)
+      end
+    end
+  end
+end

data/lib/candy_check/play_store/discovery_repository.rb

@@ -0,0 +1,33 @@
+module CandyCheck
+  module PlayStore
+    # A file-based repository to cache a local copy of the Google API
+    # discovery as suggested by Google.
+    # @see https://github.com/google/google-api-ruby-client
+    class DiscoveryRepository
+      # Create a new instance bound to a single file path
+      # @param file_path [String] to save and load the cached copy
+      def initialize(file_path)
+        @file_path = file_path
+      end
+
+      # Tries to load a cached copy of the discovery API. Me be nil if
+      # no cached version is available
+      # @return [Google::APIClient::API]
+      def load
+        return unless @file_path && File.exist?(@file_path)
+        File.open(@file_path, 'rb') do |file|
+          return Marshal.load(file)
+        end
+      end
+
+      # Tries to save a local copy of the discovery API.
+      # @param discovery [Google::APIClient::API]
+      def save(discovery)
+        return unless @file_path && discovery
+        File.open(@file_path, 'wb') do |file|
+          Marshal.dump(discovery, file)
+        end
+      end
+    end
+  end
+end

data/lib/candy_check/play_store/receipt.rb

@@ -0,0 +1,81 @@
+module CandyCheck
+  module PlayStore
+    # Describes a successful response from the Google verification server
+    class Receipt
+      include Utils::AttributeReader
+
+      # @return [Hash] the raw attributes returned from the server
+      attr_reader :attributes
+
+      # Purchased product (0 is purchased, don't ask me why)
+      # @see https://developers.google.com/android-publisher/api-ref/purchases/products
+      PURCHASE_STATE_PURCHASED = 0
+
+      # A consumed product
+      CONSUMPTION_STATE_CONSUMED = 1
+
+      # Initializes a new instance which bases on a JSON result
+      # from Google API servers
+      # @param attributes [Hash]
+      def initialize(attributes)
+        @attributes = attributes
+      end
+
+      # A product may be purchased or canceled. Ensure a receipt
+      # is valid before granting some candy
+      # @return [Boolean]
+      def valid?
+        purchase_state == PURCHASE_STATE_PURCHASED
+      end
+
+      # A purchased product may already be consumed. In this case you
+      # should grant candy even if it's valid.
+      # @return [Boolean]
+      def consumed?
+        consumption_state == CONSUMPTION_STATE_CONSUMED
+      end
+
+      # The purchase state of the order. Possible values are:
+      #   * 0: Purchased
+      #   * 1: Cancelled
+      # @return [Fixnum]
+      def purchase_state
+        read_integer('purchaseState')
+      end
+
+      # The consumption state of the inapp product. Possible values are:
+      #   * 0: Yet to be consumed
+      #   * 1: Consumed
+      # @return [Fixnum]
+      def consumption_state
+        read_integer('consumptionState')
+      end
+
+      # The developer payload which was used when buying the product
+      # @return [String]
+      def developer_payload
+        read('developerPayload')
+      end
+
+      # This kind represents an inappPurchase object in the androidpublisher
+      # service.
+      # @return [String]
+      def kind
+        read('kind')
+      end
+
+      # The time the product was purchased, in milliseconds since the
+      # epoch (Jan 1, 1970)
+      # @return [Fixnum]
+      def purchase_time_millis
+        read_integer('purchaseTimeMillis')
+      end
+
+      # The date and time the product was purchased
+      # @return [DateTime]
+      def purchased_at
+        read_datetime_from_millis('purchaseTimeMillis')
+      end
+    end
+  end
+end

data/lib/candy_check/play_store/verification.rb

@@ -0,0 +1,46 @@
+module CandyCheck
+  module PlayStore
+    # Verifies a purchase token against the Google API
+    # The call return either an {Receipt} or an {VerificationFailure}
+    class Verification
+      # @return [String] the package which will be queried
+      attr_reader :package
+      # @return [String] the item id which will be queried
+      attr_reader :product_id
+      # @return [String] the token for authentication
+      attr_reader :token
+
+      # Initializes a new call to the API
+      # @param client [Client] a shared client instance
+      # @param package [String]
+      # @param product_id [String]
+      # @param token [String]
+      def initialize(client, package, product_id, token)
+        @client = client
+        @package, @product_id, @token = package, product_id, token
+      end
+
+      # Performs the verification against the remote server
+      # @return [Receipt] if successful
+      # @return [VerificationFailure] otherwise
+      def call!
+        verify!
+        if valid?
+          Receipt.new(@response)
+        else
+          VerificationFailure.new(@response['error'])
+        end
+      end
+
+      private
+
+      def valid?
+        @response && @response['purchaseState'] && @response['consumptionState']
+      end
+
+      def verify!
+        @response = @client.verify(package, product_id, token)
+      end
+    end
+  end
+end

data/lib/candy_check/play_store/verification_failure.rb

@@ -0,0 +1,30 @@
+module CandyCheck
+  module PlayStore
+    # Represents a failing call against the Google API server
+    class VerificationFailure
+      include Utils::AttributeReader
+
+      # @return [Hash] the raw attributes returned from the server
+      attr_reader :attributes
+
+      # Initializes a new instance which bases on a JSON result
+      # from Google API servers
+      # @param attributes [Hash]
+      def initialize(attributes)
+        @attributes = attributes || {}
+      end
+
+      # The code of the failure
+      # @return [Fixnum]
+      def code
+        read('code') || -1
+      end
+
+      # The message of the failure
+      # @return [String]
+      def message
+        read('message') || 'Unknown error'
+      end
+    end
+  end
+end

data/lib/candy_check/play_store/verifier.rb

@@ -0,0 +1,52 @@
+module CandyCheck
+  module PlayStore
+    # Verifies purchase tokens against the Google API.
+    # The call return either an {Receipt} or a {VerificationFailure}
+    class Verifier
+      # Error thrown when the verifier isn't booted before the first
+      # verification check or on double invocation
+      class BootRequiredError < RuntimeError; end
+
+      # @return [Config] the current configuration
+      attr_reader :config
+
+      # Initializes a new verifier for the application which is bound
+      # to a configuration
+      # @param config [Config]
+      def initialize(config)
+        @config = config
+      end
+
+      # Boot the module
+      def boot!
+        boot_error('You\'re only allowed to boot the verifier once') if @client
+        @client = Client.new(config)
+        @client.boot!
+      end
+
+      # Contacts the Google API and requests the product state
+      # @param package [String] to query
+      # @param product_id [String] to query
+      # @param token [String] to use for authentication
+      # @return [Receipt] if successful
+      # @return [VerificationFailure] otherwise
+      def verify(package, product_id, token)
+        check_boot!
+        verification = Verification.new(@client, package, product_id, token)
+        verification.call!
+      end
+
+      private
+
+      def check_boot!
+        return if @client
+        boot_error 'You need to boot the verifier service first: '\
+                   'CandyCheck::PlayStore::Verifier#boot!'
+      end
+
+      def boot_error(message)
+        fail BootRequiredError, message
+      end
+    end
+  end
+end

data/lib/candy_check/play_store.rb

@@ -0,0 +1,15 @@
+require 'google/api_client'
+
+require 'candy_check/play_store/discovery_repository'
+require 'candy_check/play_store/client'
+require 'candy_check/play_store/config'
+require 'candy_check/play_store/receipt'
+require 'candy_check/play_store/verification'
+require 'candy_check/play_store/verification_failure'
+require 'candy_check/play_store/verifier'
+
+module CandyCheck
+  # Module to request and verify a AppStore receipt
+  module PlayStore
+  end
+end

data/lib/candy_check/utils/attribute_reader.rb

@@ -0,0 +1,30 @@
+require 'date'
+
+module CandyCheck
+  module Utils
+    # @private
+    module AttributeReader
+      protected
+
+      def read(field)
+        attributes[field]
+      end
+
+      def has?(field)
+        attributes.key?(field)
+      end
+
+      def read_integer(field)
+        (val = read(field)) && val.to_i
+      end
+
+      def read_datetime_from_string(field)
+        (val = read(field)) && DateTime.parse(val)
+      end
+
+      def read_datetime_from_millis(field)
+        (val = read_integer(field)) && Time.at(val / 1000).utc.to_datetime
+      end
+    end
+  end
+end

data/lib/candy_check/utils/config.rb

@@ -0,0 +1,40 @@
+module CandyCheck
+  module Utils
+    # Very basic base implementation to store and validate a configuration
+    class Config
+      # Initializes a new configuration from a hash
+      # @param attributes [Hash]
+      def initialize(attributes)
+        attributes.each do |k, v|
+          instance_variable_set "@#{k}", v
+        end if attributes.is_a? Hash
+        validate!
+      end
+
+      protected
+
+      # Hook to check for validation error in the sub classes
+      # should raise an error if not passed
+      def validate!
+        # pass
+      end
+
+      # Check for the presence of an attribute
+      # @param name [String]
+      # @raise [ArgumentError] if attribute is missing
+      def validates_presence(name)
+        return if send(name)
+        fail ArgumentError, "Configuration field #{name} is missing"
+      end
+
+      # Checks for the inclusion of an attribute
+      # @param name [String]
+      # @param values [Array] of possible values
+      def validates_inclusion(name, *values)
+        return if values.include?(send(name))
+        fail ArgumentError, "Configuration field #{name} should be "\
+                            "one of: #{values.join(', ')}"
+      end
+    end
+  end
+end

data/lib/candy_check/utils.rb

@@ -0,0 +1,2 @@
+require 'candy_check/utils/attribute_reader'
+require 'candy_check/utils/config'

data/lib/candy_check/version.rb

@@ -0,0 +1,4 @@
+module CandyCheck
+  # The current gem's version
+  VERSION = '0.0.1'
+end

data/lib/candy_check.rb

@@ -0,0 +1,8 @@
+require 'candy_check/version'
+require 'candy_check/utils'
+require 'candy_check/app_store'
+require 'candy_check/play_store'
+
+# Module to check and verify in-app receipts
+module CandyCheck
+end

data/spec/app_store/client_spec.rb

@@ -0,0 +1,55 @@
+require 'spec_helper'
+
+describe CandyCheck::AppStore::Client do
+  let(:endpoint_url) { 'https://some.endpoint.com/verify' }
+  let(:receipt_data) do
+    'some_very_long_receipt_information_which_is_normaly_base64_encoded'
+  end
+  let(:password) do
+    'some_secret_password'
+  end
+  let(:response) do
+    '{"status": 0}'
+  end
+
+  subject { CandyCheck::AppStore::Client.new(endpoint_url) }
+
+  describe 'valid response' do
+    it 'sends JSON and parses the JSON response without a secret' do
+      stub_endpoint
+        .with(
+          body: {
+            'receipt-data' => receipt_data
+          }
+        )
+        .to_return(
+          body: response
+        )
+      result   = subject.verify(receipt_data)
+      expected = { 'status' => 0 }
+      result.must_equal expected
+    end
+
+    it 'sends JSON and parses the JSON response with a secret' do
+      stub_endpoint
+        .with(
+          body: {
+            'receipt-data' => receipt_data,
+            'password'     => password
+          }
+        )
+        .to_return(
+          body: response
+        )
+      result   = subject.verify(receipt_data, password)
+      expected = { 'status' => 0 }
+      result.must_equal expected
+    end
+  end
+
+  private
+
+  def stub_endpoint
+    stub_request(:post, endpoint_url)
+  end
+end