cronofy 0.37.2 → 0.37.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3e09c2030d7992753a4e8f0e52af1d00d2ab6ced77f5e5b81336cb97a5c98ec6
-  data.tar.gz: 464b7a63bdfb341f67da6f4556e4ee66b36db144d9d41270c9204ee6a10ca56c
+  metadata.gz: e21c23685801f569da765f2572e20cb66870a8eb2615628279bc6ff7cdcd49d9
+  data.tar.gz: 3c595df2b4fb1cf29c6bf76e31865a30cd7f09aaa12bcd80c485d8e3edc8c3e7
 SHA512:
-  metadata.gz: f6a6f59a184da190d6905b495a0c067437ab422561ccf26f23e1e7d6f48fd0a0d2c63bb033d46f760b9ce24e958539a58e319b8a160c2fc2a719f4f1e3f31bcd
-  data.tar.gz: a777db3452a6cc462ba526447c17fe0790d73dd8b08517d62363ac3f5d9b7cb076d2b77ef614ed51f981941451362bd0f568fab4749c08bdc9bc38533974729b
+  metadata.gz: 151382f0d9c593b19637dd8d6c452c61dceab8e4345a361def1aee2e934545a6fc97ea73dd10ece22fb83073b1670e724bcfa32a6a712112f1c2f115010a5809
+  data.tar.gz: 95391561459fba368ef63ff522288ce50fdb08ae90c6205c825ae781495cbdb515d7ae6d9d0814080674c2fe608cb77ad306409bf28f1b62f686eb79dc5a7ca1

data/CHANGELOG.md

@@ -1,14 +1,26 @@
+## [0.37.5]
+
+ * Support `query_periods` as well as the original `available_periods` for Real-Time Scheduling and Real-Time Sequencing [#99]
+
+## [0.37.4]
+
+ * Support client_secret only clients being able to authorize `#availability` calls. [#97]
+
+## [0.37.3]
+
+ * Support `hmac_valid` as well as the original `hmac_match` for Client to verify a HMAC from a push notification using the client's secret.[#95]
+
 ## [0.37.2]
 
- * Support `query_periods` as well as the original `available_periods` for Availability Query and Sequenced Availability [#91] 
+ * Support `query_periods` as well as the original `available_periods` for Availability Query and Sequenced Availability [#91]
 
 ## [0.37.1]
 
- * Rename `data_centre` to `data_centre` (with aliases for backwards compatibility) [#90] 
+ * Rename `data_centre` to `data_centre` (with aliases for backwards compatibility) [#90]
 
 ## [0.37.0]
 
- * Add `revoke_by_token` and `revoke_by_sub` to the Client [#86] 
+ * Add `revoke_by_token` and `revoke_by_sub` to the Client [#86]
 
 ## [0.36.1]
 
@@ -187,6 +199,9 @@
 [0.37.0]: https://github.com/cronofy/cronofy-ruby/releases/tag/v0.37.0
 [0.37.1]: https://github.com/cronofy/cronofy-ruby/releases/tag/v0.37.1
 [0.37.2]: https://github.com/cronofy/cronofy-ruby/releases/tag/v0.37.2
+[0.37.3]: https://github.com/cronofy/cronofy-ruby/releases/tag/v0.37.3
+[0.37.4]: https://github.com/cronofy/cronofy-ruby/releases/tag/v0.37.4
+[0.37.5]: https://github.com/cronofy/cronofy-ruby/releases/tag/v0.37.5
 
 [#13]: https://github.com/cronofy/cronofy-ruby/pull/13
 [#16]: https://github.com/cronofy/cronofy-ruby/pull/16
@@ -231,3 +246,6 @@
 [#86]: https://github.com/cronofy/cronofy-ruby/pull/86
 [#90]: https://github.com/cronofy/cronofy-ruby/pull/90
 [#91]: https://github.com/cronofy/cronofy-ruby/pull/91
+[#95]: https://github.com/cronofy/cronofy-ruby/pull/95
+[#97]: https://github.com/cronofy/cronofy-ruby/pull/97
+[#99]: https://github.com/cronofy/cronofy-ruby/pull/99

data/README.md

@@ -1,6 +1,6 @@
 # Cronofy
 
-[![Build Status](https://travis-ci.org/cronofy/cronofy-ruby.svg?branch=master)](https://travis-ci.org/cronofy/cronofy-ruby)
+[![ruby CI](https://github.com/cronofy/cronofy-ruby/actions/workflows/ci.yml/badge.svg)](https://github.com/cronofy/cronofy-ruby/actions/workflows/ci.yml)
 [![Gem Version](https://badge.fury.io/rb/cronofy.svg)](http://badge.fury.io/rb/cronofy)
 
 [Cronofy](https://www.cronofy.com) - the scheduling platform for business
@@ -134,6 +134,15 @@ To delete an event from user's calendar:
 cronofy.delete_event(calendar_id, 'uniq-id')
 ```
 
+## A feature I want is not in the SDK, how do I get it?
+
+We add features to this SDK as they are requested, to focus on developing the Cronofy API.
+
+If you're comfortable contributing support for an endpoint or attribute, then we love to receive pull requests!
+Please create a PR mentioning the feature/API endpoint you’ve added and we’ll review it as soon as we can.
+
+If you would like to request a feature is added by our team then please let us know by getting in touch via [support@cronofy.com](mailto:support@cronofy.com).
+
 ## Links
 
  * [API documentation](https://www.cronofy.com/developers/api)

data/lib/cronofy/client.rb

@@ -471,24 +471,33 @@ module Cronofy
       parse_json(Channel, "channel", response)
     end
 
+    # DEPRECATED: Please use hmac_valid instead.
+    def hmac_match?(args)
+      warn "[DEPRECATION] `hmac_match?` is deprecated. Please use `hmac_valid?` instead."
+      hmac_valid?(args)
+    end
+
     # Public: Verifies a HMAC from a push notification using the client secret.
     #
     # args - A Hash containing the details of the push notification:
     #        :body - A String of the body of the notification.
-    #        :hmac - A String of the HMAC of the notification taken from the
+    #        :hmac - A String containing comma-separated values describing HMACs of the notification taken from the
     #                Cronofy-HMAC-SHA256 header.
     #
-    # Returns true if the HMAC provided matches the one calculated using the
+    # Returns true if one of the HMAC provided matches the one calculated using the
     # client secret, otherwise false.
-    def hmac_match?(args)
+    def hmac_valid?(args)
       body = args[:body]
       hmac = args[:hmac]
 
+      return false if hmac.nil? || hmac.empty?
+
       sha256 = OpenSSL::Digest.new('sha256')
       digest = OpenSSL::HMAC.digest(sha256, @client_secret, body)
       calculated = Base64.encode64(digest).strip
 
-      calculated == hmac
+      hmac_list = hmac.split(',')
+      hmac_list.include?(calculated)
     end
 
     # Public: Lists all the notification channels for the account.
@@ -835,7 +844,7 @@ module Cronofy
 
       translate_available_periods(options[:query_periods] || options[:available_periods])
 
-      response = post("/v1/availability", options)
+      response = availability_post("/v1/availability", options)
 
       parse_collections(
         response,
@@ -880,7 +889,7 @@ module Cronofy
 
       translate_available_periods(options[:query_periods] || options[:available_periods])
 
-      response = post("/v1/sequenced_availability", options)
+      response = availability_post("/v1/sequenced_availability", options)
       parse_collection(Sequence, "sequences", response)
     end
 
@@ -1024,7 +1033,7 @@ module Cronofy
     #                                         call
     #                    :required_duration - A hash stating the length of time the event will
     #                                         last for
-    #                    :available_periods - A hash stating the available periods for the event
+    #                    :query_periods     - A hash stating the available periods for the event
     #                    :start_interval    - An Integer representing the start interval
     #                                         of minutes for the availability query.
     #                    :buffer            - An Hash containing the buffer to apply to
@@ -1060,7 +1069,7 @@ module Cronofy
     #       }
     #     ],
     #     required_duration: { minutes: 60 },
-    #     available_periods: [{
+    #     query_periods: [{
     #       start: Time.utc(2017, 1, 1, 9, 00),
     #       end:   Time.utc(2017, 1, 1, 17, 00),
     #     }]
@@ -1101,7 +1110,7 @@ module Cronofy
         end
       end
 
-      translate_available_periods(availability[:available_periods])
+      translate_available_periods(availability[:query_periods] || availability[:available_periods])
       body[:availability] = availability
 
       response = raw_post("/v1/real_time_scheduling", body)
@@ -1167,7 +1176,7 @@ module Cronofy
     #                                         an array of invitees to invite to or reject from
     #                                         the event. Invitees are represented by a hash of
     #                                         :email and :display_name (optional).
-    #          :available_periods - A hash stating the available periods for the event
+    #          :query_periods - A hash stating the query periods for the event
     # target_calendars - An array of hashes stating into which calendars to insert the created
     #                    event
     # Raises Cronofy::CredentialsMissingError if no credentials available.
@@ -1185,7 +1194,8 @@ module Cronofy
 
       if availability = args[:availability]
         availability[:sequence] = map_availability_sequence(availability[:sequence])
-        translate_available_periods(availability[:available_periods]) if availability[:available_periods]
+        periods = availability[:query_periods] || availability[:available_periods]
+        translate_available_periods(periods) if periods
       end
 
       body[:availability] = availability
@@ -1739,8 +1749,10 @@ module Cronofy
             hash[:required_duration] = map_availability_required_duration(value)
           end
 
-          if sequence_item[:available_periods]
-            translate_available_periods(sequence_item[:available_periods])
+          periods = sequence_item[:query_periods] || sequence_item[:available_periods]
+
+          if periods
+            translate_available_periods(periods)
           end
 
           if value = sequence_item[:start_interval]
@@ -1802,6 +1814,17 @@ module Cronofy
       wrapped_request { @auth.api_client.request(:post, url, json_request_args(body)) }
     end
 
+    # Availability Query could originally be authenticated via an access_token
+    # Whilst it should be authed via an API key now, we try access_token first
+    # for backward compatibility
+    def availability_post(url, body)
+      if @auth.access_token
+        post(url, body)
+      else
+        wrapped_request { api_key!.post(url, json_request_args(body)) }
+      end
+    end
+
     def wrapped_request
       yield
     rescue OAuth2::Error => e

data/lib/cronofy/version.rb

@@ -1,3 +1,3 @@
 module Cronofy
-  VERSION = "0.37.2".freeze
+  VERSION = "0.37.5".freeze
 end

data/spec/lib/cronofy/client_spec.rb

@@ -1257,6 +1257,17 @@ describe Cronofy::Client do
       let(:request_url) { 'https://api.cronofy.com/v1/availability' }
       let(:request_headers) { json_request_headers }
 
+      let(:client_id) { 'example_id' }
+      let(:client_secret) { 'example_secret' }
+      let(:token) { client_secret }
+
+      let(:client) do
+        Cronofy::Client.new(
+          client_id: client_id,
+          client_secret: client_secret,
+        )
+      end
+
       let(:request_body) do
         {
           "participants" => [
@@ -1770,6 +1781,87 @@ describe Cronofy::Client do
         it_behaves_like 'a Cronofy request'
         it_behaves_like 'a Cronofy request with mapped return value'
       end
+
+      context "when trying to auth with only an access_token, as originally implemented" do
+        let(:access_token) { "access_token_123"}
+        let(:client) { Cronofy::Client.new(access_token: access_token) }
+        let(:request_headers) do
+          {
+            "Authorization" => "Bearer #{access_token}",
+            "User-Agent" => "Cronofy Ruby #{::Cronofy::VERSION}",
+            "Content-Type" => "application/json; charset=utf-8",
+          }
+        end
+
+        let(:participants) do
+          { members: %w{acc_567236000909002 acc_678347111010113} }
+        end
+
+        let(:required_duration) { 60 }
+
+        let(:available_periods) do
+          [
+            { start: Time.parse("2017-01-03T09:00:00Z"), end: Time.parse("2017-01-03T18:00:00Z") },
+            { start: Time.parse("2017-01-04T09:00:00Z"), end: Time.parse("2017-01-04T18:00:00Z") },
+          ]
+        end
+
+        it_behaves_like 'a Cronofy request'
+        it_behaves_like 'a Cronofy request with mapped return value'
+      end
+
+      context "when trying to auth with both a client_secret and access_token" do
+        let(:access_token) { "access_token_123" }
+        let(:client_secret) { "client_secret_456" }
+        let(:client) { Cronofy::Client.new(access_token: access_token, client_secret: client_secret) }
+        let(:request_headers) do
+          {
+            "Authorization" => "Bearer #{access_token}",
+            "User-Agent" => "Cronofy Ruby #{::Cronofy::VERSION}",
+            "Content-Type" => "application/json; charset=utf-8",
+          }
+        end
+
+        let(:participants) do
+          { members: %w{acc_567236000909002 acc_678347111010113} }
+        end
+
+        let(:required_duration) { 60 }
+
+        let(:available_periods) do
+          [
+            { start: Time.parse("2017-01-03T09:00:00Z"), end: Time.parse("2017-01-03T18:00:00Z") },
+            { start: Time.parse("2017-01-04T09:00:00Z"), end: Time.parse("2017-01-04T18:00:00Z") },
+          ]
+        end
+
+        describe "it prefers the access_token for backward compatibility" do
+          it_behaves_like 'a Cronofy request'
+          it_behaves_like 'a Cronofy request with mapped return value'
+        end
+      end
+
+      context "when trying to auth without a client_secret or access_token" do
+        let(:client) { Cronofy::Client.new }
+
+        let(:participants) do
+          { members: %w{acc_567236000909002 acc_678347111010113} }
+        end
+
+        let(:required_duration) { 60 }
+
+        let(:available_periods) do
+          [
+            { start: Time.parse("2017-01-03T09:00:00Z"), end: Time.parse("2017-01-03T18:00:00Z") },
+            { start: Time.parse("2017-01-04T09:00:00Z"), end: Time.parse("2017-01-04T18:00:00Z") },
+          ]
+        end
+
+
+        it "raises an API Key error" do
+          expect{ subject }.to raise_error(Cronofy::CredentialsMissingError)
+        end
+      end
     end
   end
 
@@ -1779,6 +1871,17 @@ describe Cronofy::Client do
       let(:request_url) { 'https://api.cronofy.com/v1/sequenced_availability' }
       let(:request_headers) { json_request_headers }
 
+      let(:client_id) { 'example_id' }
+      let(:client_secret) { 'example_secret' }
+      let(:token) { client_secret }
+
+      let(:client) do
+        Cronofy::Client.new(
+          client_id: client_id,
+          client_secret: client_secret,
+        )
+      end
+
       let(:request_body) do
         {
           "sequence" => [
@@ -1937,6 +2040,45 @@ describe Cronofy::Client do
         it_behaves_like 'a Cronofy request'
         it_behaves_like 'a Cronofy request with mapped return value'
       end
+
+      context "when trying to auth with access_token only" do
+        let(:access_token) { "access_token_123"}
+        let(:client) { Cronofy::Client.new(access_token: access_token) }
+        let(:request_headers) do
+          {
+            "Authorization" => "Bearer #{access_token}",
+            "User-Agent" => "Cronofy Ruby #{::Cronofy::VERSION}",
+            "Content-Type" => "application/json; charset=utf-8",
+          }
+        end
+
+        it_behaves_like 'a Cronofy request'
+        it_behaves_like 'a Cronofy request with mapped return value'
+      end
+
+      context "when trying to auth with both access_token and client_secret provided" do
+        let(:client_id) { 'example_id' }
+        let(:client_secret) { 'example_secret' }
+        let(:access_token) { "access_token_123"}
+
+        let(:client) do
+          Cronofy::Client.new(
+            client_id: client_id,
+            client_secret: client_secret,
+            access_token: access_token,
+          )
+        end
+        let(:request_headers) do
+          {
+            "Authorization" => "Bearer #{access_token}",
+            "User-Agent" => "Cronofy Ruby #{::Cronofy::VERSION}",
+            "Content-Type" => "application/json; charset=utf-8",
+          }
+        end
+
+        it_behaves_like 'a Cronofy request'
+        it_behaves_like 'a Cronofy request with mapped return value'
+      end
     end
   end
 
@@ -2199,6 +2341,14 @@ describe Cronofy::Client do
       it_behaves_like 'a Cronofy request'
     end
 
+    context 'when passing query periods' do
+      it_behaves_like 'a Cronofy request'
+
+      before do
+        availability[:query_periods] = availability.delete(:available_periods)
+        mapped_availability[:query_periods] = mapped_availability.delete(:available_periods)
+      end
+    end
   end
 
   describe "Real time sequencing" do
@@ -2387,6 +2537,21 @@ describe Cronofy::Client do
       it_behaves_like 'a Cronofy request'
     end
 
+    context 'when passing query periods' do
+      it_behaves_like 'a Cronofy request'
+
+      before do
+        availability[:query_periods] = availability.delete(:available_periods)
+        availability[:sequence].each do |sequence|
+          sequence[:query_periods] = sequence.delete(:available_periods)
+        end
+
+        mapped_availability[:query_periods] = mapped_availability.delete(:available_periods)
+        mapped_availability[:sequence].each do |sequence|
+          sequence[:query_periods] = sequence.delete(:available_periods)
+        end
+      end
+    end
   end
 
   describe "specifying data_centre" do
@@ -2481,11 +2646,27 @@ describe Cronofy::Client do
     let(:body) { "{\"example\":\"well-known\"}" }
 
     it "verifies the correct HMAC" do
-      expect(client.hmac_match?(body: body, hmac: "6r2/HjBkqymGegX0wOfifieeUXbbHwtV/LohHS+jv6c=")).to be true
+      expect(client.hmac_valid?(body: body, hmac: "6r2/HjBkqymGegX0wOfifieeUXbbHwtV/LohHS+jv6c=")).to be true
     end
 
     it "rejects an incorrect HMAC" do
-      expect(client.hmac_match?(body: body, hmac: "something-else")).to be false
+      expect(client.hmac_valid?(body: body, hmac: "something-else")).to be false
+    end
+
+    it "verifies the correct HMAC when one of the multiple HMACs splitted by ',' match" do
+      expect(client.hmac_valid?(body: body, hmac: "6r2/HjBkqymGegX0wOfifieeUXbbHwtV/LohHS+jv6c=,something-else")).to be true
+    end
+
+    it "rejects incorrect when multiple HMACs splitted by ',' don't match" do
+      expect(client.hmac_valid?(body: body, hmac: "something-else,something-else2")).to be false
+    end
+
+    it "rejects if empty HMAC" do
+      expect(client.hmac_valid?(body: body, hmac: "")).to be false
+    end
+
+    it "rejects if nil HMAC" do
+      expect(client.hmac_valid?(body: body, hmac: nil)).to be false
     end
   end
 

metadata

@@ -1,15 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: cronofy
 version: !ruby/object:Gem::Version
-  version: 0.37.2
+  version: 0.37.5
 platform: ruby
 authors:
 - Sergii Paryzhskyi
 - Garry Shutler
-autorequire:
+autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-01-15 00:00:00.000000000 Z
+date: 2022-03-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: hashie
@@ -141,7 +141,7 @@ homepage: https://github.com/cronofy/cronofy-ruby
 licenses:
 - MIT
 metadata: {}
-post_install_message:
+post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
@@ -156,8 +156,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.4
-signing_key:
+rubygems_version: 3.2.33
+signing_key: 
 specification_version: 4
 summary: Cronofy - the scheduling platform for business
 test_files: