codehog-google-checkout 1

data/lib/duck_punches/hpricot.rb

@@ -0,0 +1,24 @@
+
+class Nokogiri::XML::NodeSet
+
+  ##
+  # Assume a Google standard money node with a currency attribute.
+  #
+  # Returns a Ruby Money object.
+  
+  def to_money
+    dollar_amount = inner_html
+    cents = (dollar_amount.to_f * 100).round
+    currency = first[:currency]
+    Money.new(cents, currency)    
+  end
+
+  ##
+  # Return boolean true if the value of an element is the 
+  # string 'true'.
+  
+  def to_boolean
+    inner_html == 'true'
+  end
+  
+end

data/lib/google-checkout.rb

@@ -0,0 +1,61 @@
+##
+# Ref:
+#
+#  https://sandbox.google.com/checkout/cws/v2/Merchant/MERCHANT_ID/merchantCheckout
+#  https://checkout.google.com/cws/v2/Merchant/MERCHANT_ID/merchantCheckout
+
+$: << File.dirname(__FILE__)
+$: << File.dirname(__FILE__) + "/vendor/ruby-hmac/lib"
+
+require 'rubygems'
+
+require 'openssl'
+require 'base64'
+require 'builder/xmlmarkup'
+require 'nokogiri'
+require 'money'
+require 'net/https'
+require 'active_support'
+
+require 'duck_punches/hpricot'
+require 'google-checkout/notification'
+require 'google-checkout/command'
+require 'google-checkout/cart'
+
+##
+# TODO
+# 
+#   * Analytics integration
+#     http://code.google.com/apis/checkout/developer/checkout_analytics_integration.html
+
+module GoogleCheckout
+
+  VERSION = '0.5.1'
+
+  @@live_system = true
+  
+  ##
+  # Submit commands to the Google Checkout test servers.
+  
+  def self.use_sandbox
+    @@live_system = false
+  end
+  
+  ##
+  # The default.
+  
+  def self.use_production
+    @@live_system = true
+  end
+
+  def self.sandbox?
+    !@@live_system
+  end
+
+  def self.production?
+    @@live_system
+  end
+
+  class APIError < Exception; end
+
+end

data/lib/google-checkout/cart.rb

@@ -0,0 +1,357 @@
+
+module GoogleCheckout
+
+  # These are the only sizes allowed by Google.  These shouldn't be needed
+  # by most people; just specify the :size and :buy_or_checkout options to
+  # Cart#checkout_button and the sizes are filled in automatically.
+  ButtonSizes = {
+    :checkout => {
+      :small => { :w => 160, :h => 43 },
+      :medium => { :w => 168, :h => 44 },
+      :large => { :w => 180, :h => 46 },
+    },
+
+    :buy_now => {
+      :small => { :w => 117, :h => 48 },
+      :medium => { :w => 121, :h => 44 },
+      :large => { :w => 121, :h => 44 },
+    },
+  }
+
+  ##
+  # This class represents a cart for Google Checkout.  After initializing it
+  # with a +merchant_id+ and +merchant_key+, you add items via add_item,
+  # and can then get xml via to_xml, or html code for a form that
+  # provides a checkout button via checkout_button.
+  #
+  # Example:
+  #
+  #   item = {
+  #            :name => 'A Quarter',
+  #            :description => 'One shiny quarter.',
+  #            :price => 0.25
+  #          }
+  #   @cart = GoogleCheckout::Cart.new(merchant_id, merchant_key, item)
+  #   @cart.add_item(:name => "Pancakes",
+  #                  :description => "Flapjacks by mail."
+  #                  :price => 0.50,
+  #                  :quantity => 10,
+  #                  "merchant-item-id" => '2938292839')
+  #
+  # Then in your view:
+  #
+  #   Checkout here! <%= @cart.checkout_button %>
+  #
+  # This object is also useful for getting back a url to the image for a Google
+  # Checkout button. You can use this image in forms that submit back to your own
+  # server for further processing via Google Checkout's level 2 XML API.
+
+  class Cart < Command
+
+    include GoogleCheckout
+
+    SANDBOX_CHECKOUT_URL    = "https://sandbox.google.com/checkout/cws/v2/Merchant/%s/checkout"
+    PRODUCTION_CHECKOUT_URL = "https://checkout.google.com/cws/v2/Merchant/%s/checkout"
+
+    ##
+    # You can provide extra data that will be sent to Google and returned with
+    # the NewOrderNotification.
+    #
+    # This should be a Hash and will be turned into XML with proper escapes.
+    #
+    # Beware using symbols as values. They may be set as sub-keys instead of values,
+    # so use a String or other datatype.
+
+    attr_accessor :merchant_private_data
+
+    attr_accessor :edit_cart_url
+    attr_accessor :continue_shopping_url
+
+    # The default options for drawing in the button that are filled in when
+    # checkout_button or button_url is called.
+    DefaultButtonOpts = {
+      :size => :medium,
+      :style => 'white',
+      :variant => 'text',
+      :loc => 'en_US',
+      :buy_or_checkout => nil,
+    }
+
+    # You need to supply, as strings, the +merchant_id+ and +merchant_key+
+    # used to identify your store to Google.  You may optionally supply one
+    # or more items to put inside the cart.
+    def initialize(merchant_id, merchant_key, *items)
+      super(merchant_id, merchant_key)
+      @contents = []
+      @merchant_private_data = {}
+      items.each { |i| add_item i }
+    end
+
+
+    # This method sets the flat rate shipping for the entire cart.
+    # If set, it will over ride the per product flat rate shipping.
+    # +frs_options+ should be a hash containing the following options:
+    # * price
+    # You may fill an some optional values as well:
+    # * currency (defaults to 'USD')
+    def flat_rate_shipping(frs_options)
+      # We need to check that the necessary keys are in the hash,
+      # Otherwise the error will happen in the middle of to_xml,
+      # and the bug will be harder to track.
+      unless frs_options.include? :price
+        raise ArgumentError,
+        "Required keys missing: :price"
+      end
+
+      @flat_rate_shipping = {:currency => 'USD'}.merge(frs_options)
+    end
+
+    def empty?
+      @contents.empty?
+    end
+
+    # Number of items in the cart.
+    def size
+      @contents.size
+    end
+
+    def submit_domain
+      (GoogleCheckout.production? ? 'checkout' : 'sandbox') + ".google.com"
+    end
+
+    ##
+    # The Google Checkout form submission url.
+
+    def submit_url
+      GoogleCheckout.sandbox? ? (SANDBOX_CHECKOUT_URL % @merchant_id) : (PRODUCTION_CHECKOUT_URL % @merchant_id)
+    end
+
+    # This method puts items in the cart.
+    # +item+ may be a hash, or have a method named +to_google_product+ that
+    # returns a hash with the required values.
+    # * name
+    # * description (a brief description as it will appear on the bill)
+    # * price
+    # You may fill in some optional values as well:
+    # * quantity (defaults to 1)
+    # * currency (defaults to 'USD')
+    def add_item(item)
+      @xml = nil
+      if item.respond_to? :to_google_product
+        item = item.to_google_product
+      end
+
+      # We need to check that the necessary keys are in the hash,
+      # Otherwise the error will happen in the middle of to_xml,
+      # and the bug will be harder to track.
+      missing_keys = [ :name, :description, :price ].select { |key|
+        !item.include? key
+      }
+
+      unless missing_keys.empty?
+        raise ArgumentError,
+        "Required keys missing: #{missing_keys.inspect}"
+      end
+
+      @contents << { :quantity => 1, :currency => 'USD' }.merge(item)
+      item
+    end
+
+    # This is the important method; it generatest the XML call.
+    # It's fairly lengthy, but trivial.  It follows the docs at
+    # http://code.google.com/apis/checkout/developer/index.html#checkout_api
+    #
+    # It returns the raw XML string, not encoded.
+    def to_xml
+      raise RuntimeError, "Empty cart" if self.empty?
+
+      xml = Builder::XmlMarkup.new
+      xml.instruct!
+      @xml = xml.tag!('checkout-shopping-cart', :xmlns => "http://checkout.google.com/schema/2") {
+        xml.tag!("shopping-cart") {
+          xml.items {
+            @contents.each { |item|
+              xml.item {
+                if item.key?(:item_id)
+                  xml.tag!('merchant-item-id', item[:item_id])
+                end
+                xml.tag!('item-name') {
+                  xml.text! item[:name].to_s
+                }
+                xml.tag!('item-description') {
+                  xml.text! item[:description].to_s
+                }
+                xml.tag!('unit-price', :currency => (item[:currency] || 'USD')) {
+                  xml.text! item[:price].to_s
+                }
+                xml.quantity {
+                  xml.text! item[:quantity].to_s
+                }
+              }
+            }
+          }
+          unless @merchant_private_data.empty?
+            xml.tag!("merchant-private-data") {
+              @merchant_private_data.each do |key, value|
+                xml.tag!(key, value)
+              end
+            }
+          end
+        }
+        xml.tag!('checkout-flow-support') {
+          xml.tag!('merchant-checkout-flow-support') {
+            xml.tag!('edit-cart-url', @edit_cart_url) if @edit_cart_url
+            xml.tag!('continue-shopping-url', @continue_shopping_url) if @continue_shopping_url
+
+            xml.tag!("request-buyer-phone-number", false)
+
+            # TODO tax-tables
+            xml.tag!("tax-tables") {
+              xml.tag!("default-tax-table") {
+                xml.tag!("tax-rules") {
+                  xml.tag!("default-tax-rule") {
+                    xml.tag!("shipping-taxed", false)
+                    xml.tag!("rate", "0.00")
+                    xml.tag!("tax-area") {
+                      xml.tag!("world-area")
+                    }
+                  }
+                }
+              }
+            }
+
+            # TODO Shipping calculations
+            #      These are currently hard-coded for PeepCode.
+            #      Does anyone care to send a patch to enhance
+            #      this for more flexibility?
+            xml.tag!('shipping-methods') {
+              xml.tag!('pickup', :name =>'Shipping') {
+                xml.tag!('price', "2.00", :currency => currency)
+              }
+            }
+          }
+        }
+      }
+      @xml.dup
+    end
+
+    # Generates the XML for the shipping cost, conditional on
+    # @flat_rate_shipping being set.
+    def shipping_cost_xml
+      xml = Builder::XmlMarkup.new
+      if @flat_rate_shipping
+        xml.price(:currency => currency) {
+          xml.text! @flat_rate_shipping[:price].to_s
+        }
+      else
+        xml.price(:currency => @currency) {
+          xml.text! shipping_cost.to_s
+        }
+      end
+    end
+
+    # Returns the shipping cost for the contents of the cart.
+    def shipping_cost
+      currency = 'USD'
+      shipping = @contents.inject(0) { |total,item|
+        total + item[:regular_shipping].to_i
+      }.to_s
+    end
+
+    # Returns the currency for the cart.  Mixing currency not allowed; this
+    # library can't convert between currencies.
+    def currency
+      # Mixing currency not allowed; this
+      # library can't convert between
+      # currencies.
+      currencies = @contents.map { |item| item[:currency] }.uniq || "USD"
+
+      case currencies.count
+        when 0
+          "USD"
+        when 1
+          currencies.first
+        else
+          raise RuntimeError.new("Mixing currency not allowed")
+      end
+
+    end
+
+    # Returns the signature for the cart XML.
+    def signature
+      @xml or to_xml
+
+      digest  = OpenSSL::Digest::Digest.new('sha1')
+      OpenSSL::HMAC.digest(digest, @merchant_key, @xml)
+    end
+
+    # Returns HTML for a checkout form for buying all the items in the
+    # cart.
+    def checkout_button(button_opts = {})
+      @xml or to_xml
+      burl = button_url(button_opts)
+      html = Builder::XmlMarkup.new(:indent => 2)
+      html.form({
+                  :action => submit_url,
+                  :style => 'border: 0;',
+                  :id => 'BB_BuyButtonForm',
+                  :method => 'post',
+                  :name => 'BB_BuyButtonForm'
+                }) do
+        html.input({
+                     :name => 'cart',
+                     :type => 'hidden',
+                     :value => Base64.encode64(@xml).gsub("\n", '')
+                   })
+        html.input({
+                     :name => 'signature',
+                     :type => 'hidden',
+                     :value => Base64.encode64(signature).gsub("\n", '')
+                   })
+        html.input({
+                     :alt => 'Google Checkout',
+                     :style => "width: auto;",
+                     :src => button_url(button_opts),
+                     :type => 'image'
+                   })
+      end
+    end
+
+    # Given a set of options for the button, button_url returns the URL
+    # for the button image.
+    # The options are the same as those specified on
+    # http://checkout.google.com/seller/checkout_buttons.html , with a
+    # couple of extra options for convenience.  Rather than specifying the
+    # width and height manually, you may specify :size to be one of :small,
+    # :medium, or :large, and that you may set :buy_or_checkout to :buy_now
+    # or :checkout to get a 'Buy Now' button versus a 'Checkout' button. If
+    # you don't specify :buy_or_checkout, the Cart will try to guess based
+    # on if the cart has more than one item in it.  Whatever you don't pass
+    # will be filled in with the defaults from DefaultButtonOpts.
+    #
+    #   http://checkout.google.com/buttons/checkout.gif
+    #   http://sandbox.google.com/checkout/buttons/checkout.gif
+
+    def button_url(opts = {})
+      opts = DefaultButtonOpts.merge opts
+      opts[:buy_or_checkout] ||= @contents.size > 1 ? :checkout : :buy_now
+      opts.merge! ButtonSizes[opts[:buy_or_checkout]][opts[:size]]
+      bname = opts[:buy_or_checkout] == :buy_now ? 'buy.gif' : 'checkout.gif'
+      opts.delete :size
+      opts.delete :buy_or_checkout
+      opts[:merchant_id] = @merchant_id
+
+      path = opts.map { |k,v| "#{k}=#{v}" }.join('&')
+
+      # HACK Sandbox graphics are in the checkout subdirectory
+      subdir = ""
+      if GoogleCheckout.sandbox? && bname == "checkout.gif"
+        subdir = "checkout/"
+      end
+
+      # TODO Use /checkout/buttons/checkout.gif if in sandbox.
+      "https://#{submit_domain}/#{ subdir }buttons/#{bname}?#{path}"
+    end
+  end
+
+end

data/lib/google-checkout/command.rb

@@ -0,0 +1,191 @@
+
+# TODO
+#
+#   * Use standard ssl certs
+
+module GoogleCheckout
+
+  ##
+  # Abstract class for commands.
+  #
+  #  https://sandbox.google.com/checkout/cws/v2/Merchant/1234567890/request
+  #  https://checkout.google.com/cws/v2/Merchant/1234567890/request
+
+  class Command
+
+    attr_accessor :merchant_id, :merchant_key, :currency
+
+    SANDBOX_REQUEST_URL = "https://sandbox.google.com/checkout/cws/v2/Merchant/%s/request"
+    PRODUCTION_REQUEST_URL = "https://checkout.google.com/cws/v2/Merchant/%s/request"
+
+    def initialize(merchant_id, merchant_key)
+      @merchant_id = merchant_id
+      @merchant_key = merchant_key
+
+      @currency = "USD"
+    end
+
+    ##
+    # Returns the appropriate sandbox or production url for posting API requests.
+
+    def url
+      GoogleCheckout.sandbox? ? (SANDBOX_REQUEST_URL % @merchant_id) : (PRODUCTION_REQUEST_URL % @merchant_id)
+    end
+
+    ##
+    # Sends the Command's XML to GoogleCheckout via HTTPS with Basic Auth.
+    #
+    # Returns a GoogleCheckout::RequestReceived or a GoogleCheckout::Error object.
+
+    def post
+      # Create HTTP(S) POST command and set up Basic Authentication.
+      uri = URI.parse(url)
+
+      request = Net::HTTP::Post.new(uri.path)
+      request.basic_auth(@merchant_id, @merchant_key)
+
+      # Set up the HTTP connection object and the SSL layer.
+      https = Net::HTTP.new(uri.host, uri.port)
+      https.use_ssl = true
+      https.cert_store = self.class.x509_store
+      https.verify_mode = OpenSSL::SSL::VERIFY_PEER
+      https.verify_depth = 5
+
+      # Send the request to Google.
+      response = https.request(request, self.to_xml)
+
+      # NOTE Because Notification.parse() is used, the content of objects
+      #      will be correctly parsed no matter what the HTTP response code
+      #      is from the server.
+      case response
+      when Net::HTTPSuccess, Net::HTTPClientError
+        notification = Notification.parse(response.body)
+        if notification.error?
+          raise APIError, "#{notification.message} [in #{GoogleCheckout.production? ? 'production' : 'sandbox' }]"
+        end
+        return notification
+      when Net::HTTPRedirection, Net::HTTPServerError, Net::HTTPInformation
+        raise "Unexpected response code (#{response.class}): #{response.code} - #{response.message}"
+      else
+        raise "Unknown response code: #{response.code} - #{response.message}"
+      end
+    end
+
+    ##
+    # Class method to return the OpenSSL::X509::Store instance for the
+    # CA certificates.
+    #
+    # NOTE May not be thread-safe.
+
+    def self.x509_store
+      return @@x509_store if defined?(@@x509_store)
+
+      cacert_path = File.expand_path(File.dirname(__FILE__) + '/../../support/cacert.pem')
+
+      @@x509_store = OpenSSL::X509::Store.new
+      @@x509_store.add_file(cacert_path)
+
+      return @@x509_store
+    end
+
+  end
+
+  ##
+  # Abstract class for all commands associated with an existing order.
+
+  class OrderCommand < Command
+
+    attr_accessor :google_order_number, :amount
+
+    ##
+    # Make a new object. Last argument is the Google's order number as received
+    # in the NewOrderNotification.
+
+    def initialize(merchant_id, merchant_key, google_order_number)
+      # TODO raise "Not an order number!" unless google_order_number.is_a? String
+      super(merchant_id, merchant_key)
+      @google_order_number = google_order_number
+      @amount = 0.00
+    end
+
+  end
+
+  ##
+  # Create a new ChargeOrder object, set the +amount+, then
+  # +post+ it.
+
+  class ChargeOrder < OrderCommand
+
+    def to_xml
+      raise "Charge amount must be greater than 0!" unless @amount.to_f > 0.0
+
+      xml = Builder::XmlMarkup.new
+      xml.instruct!
+      @xml = xml.tag!('charge-order', {
+        :xmlns => "http://checkout.google.com/schema/2",
+        "google-order-number" => @google_order_number
+      }) do
+        xml.tag!("amount", @amount, {:currency => @currency})
+      end
+      @xml
+    end
+
+  end
+
+  ##
+  # Tells Google that the order has shipped.
+
+  class DeliverOrder < OrderCommand
+
+    def to_xml
+
+      xml = Builder::XmlMarkup.new
+      xml.instruct!
+      @xml = xml.tag!('deliver-order', {
+        :xmlns => "http://checkout.google.com/schema/2",
+        "google-order-number" => @google_order_number
+      }) do
+        xml.tag!("send-email", false)
+      end
+      @xml
+    end
+
+  end
+
+  ##
+  # Send a message to the buyer associated with an order.
+  #
+  # Google will actually send the message to their email address.
+
+  class SendBuyerMessage < OrderCommand
+
+    ##
+    # Make a new message to send.
+    #
+    # The last argument is the actual message.
+    #
+    # Call +post+ on the resulting object to submit it to Google for sending.
+
+    def initialize(merchant_id, merchant_key, google_order_number, message)
+      # TODO Raise meaninful error if message is longer than 255 characters
+      raise "Google won't send anything longer than 255 characters! Sorry!" if message.length > 255
+      @message = message
+      super(merchant_id, merchant_key, google_order_number)
+    end
+
+    def to_xml # :nodoc:
+      xml = Builder::XmlMarkup.new
+      xml.instruct!
+      @xml = xml.tag!('send-buyer-message', {
+        :xmlns => "http://checkout.google.com/schema/2",
+        "google-order-number" => @google_order_number
+      }) do
+        xml.tag!("message", @message)
+        xml.tag!("send-email", true)
+      end
+      @xml
+    end
+
+  end
+
+end