fintecture 0.1.6 → 0.1.7

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9d2e328d5922996c4f88d8bd4931fd0fe10b9e2ded4270918160dbd03a3c9054
-  data.tar.gz: c45cc0c0988156002c75f41f09cdb5584973157131f090d532ed1336c86dc156
+  metadata.gz: 363973dcc95af085243be930db8fe736d5c4a5cc7250a0085f976305b3f70381
+  data.tar.gz: f02d9c62439389ef1a01332990a4a5407ffb2950007534907fdb280922551086
 SHA512:
-  metadata.gz: 250762c82c3e56553028dfbc16a8c5927204720c685440c87d067eae785682f143abde7a9588093ad426f7bc80d57f0fdbedb36587c64bcd638a8c71923168cb
-  data.tar.gz: a8ef6c986acbde371ae675953d0dd26a41d441e661d92097c8bca0d33070fc9f28073ca938c4a7f5d0957f475c1d359b18cc7bec52beb314506c2c0e457468ad
+  metadata.gz: dfbbdea308ceca340c632e28c88cf6b47f05507405de850c6df3201bb389630ecc6ef0a2222f5a3dba9a51d3b0e4574b5f7ad5ce2c4202a4686df72a304e0e78
+  data.tar.gz: c50413e95387828349f132eb83e39d9cd3ec2c5e4af333c69306bd9bbd4bb5b0efee940f82dd7f04452532b9e758aa00006f82e5624b5dcf6bb3b7e66f112bc1

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    fintecture (0.1.5)
+    fintecture (0.1.7)
       faraday
 
 GEM

data/README.md

@@ -10,11 +10,6 @@ Add this line to your application's Gemfile:
 gem 'fintecture'
 ```
 
-or install it through our github repository
-
-```ruby
-gem 'fintecture', github: 'Fintecture/fintecture-sdk-ruby'
-```
 
 And then execute:
 
@@ -33,7 +28,7 @@ Initialize your client credentials
 ```ruby
 Fintecture.app_id = 'your_app_id'
 Fintecture.app_secret = 'your_app_secret'
-Fintecture.app_private_key = %q(your_app_private_key)
+Fintecture.private_key = %q(your_private_key)
 ```
     
     
@@ -56,7 +51,7 @@ You can also see the available environments
 #### Access token
 
 ```ruby
-Fintecture::Authentication.access_token
+Fintecture::Pis.get_access_token
 ```
 
 ### Connect 
@@ -70,41 +65,42 @@ payment_attrs = {
     customer_full_name: 'John Doe',
     customer_email: 'john.doe@email.com',
     customer_ip: '127.0.0.1',
-    end_to_end_id: '5f78e902907e4209aa8df63659b05d24', # uuid optional
     redirect_uri: 'http://example.com/callback',
-    origin_uri: '',
-    state: 'somestate'
+    origin_uri: 'http://example.com/checkout?session=123',
+    state: 'somestate',
+    psu_type: 'retail',
+    country: 'fr'
 }
-url = Fintecture::Connect.connect_url_pis payment_attrs
+tokens = Fintecture::Pis.get_access_token
+connect_response = Fintecture::Connect.get_pis_connect tokens['access_token'], payment_attrs
+url = connect_response[:url]
+
 ```
 Explanation of each field:
 
 * amount: **[mandatory]** The amount of the payment initiation request. Min 1.00 and Max is variable based on bank's policy.
 * currency: **[mandatory]** The currency of the payment initiation request. Currently, only EUR and GBP is supported.
 * communication: **[optional]** A message sent to the beneficiary of the payment and visible on his bank statement. In the context of ecommerce payment collection, the order reference is inputted here (with an optional prefer ex: REF#23444)
-* customer_full_name: **[mandatory]** the full name of the payer
-* customer_email: **[mandatory]** the email of the payer
-* customer_ip: **[mandatory]** the ip address of the payer
-* end_to_end_id: **[optional]** unique id of the payment which is sent to the bank but is invisible to the customer. Max 42 character string.
-* redirect_uri: **[mandatory]** the callback URL to which the customer is redirected after authentication with his bank
-* origin_uri: **[optional]** a  URL to which the customer will be redirected if he wants to exit Fintecture Connect
+* customer_full_name: **[mandatory]** The full name of the payer
+* customer_email: **[mandatory]** The email of the payer
+* customer_ip: **[mandatory]** The ip address of the payer
+* redirect_uri: **[mandatory]** The callback URL to which the customer is redirected after authentication with his bank
+* origin_uri: **[optional]** A URL to which the customer will be redirected if he wants to exit Fintecture Connect
 * state: **[optional]** A state parameter which is sent back on callback
+* retail: **[optional]** Possible values are **retail** and **corporate** (retail by default)
+* country: **[optional]** Loads a specific collection of providers filter by country
     
-#### Verify URL parameters
+#### Verify payment
 
 ```ruby
-callback_params = {
-    session_id: 'uri_session_id',
-    status: 'uri_status',
-    customer_id: 'uri_customer_id',
-    provider: 'uri_provider',
-    state: 'uri_state',
-    s: 'uri_s'
-}
 
-Fintecture::Connect.verify_url_parameters callback_params
+payment_response = Fintecture::Pis.get_payments tokens['access_token'], params[:session_id]
+payment_response_body = JSON.parse payment_response.body
+
+verified = (payment_response_body['meta']['status'] === 'payment_created')
 ```
-This function returns `true` if the parameters have verified, `false` in other case.
+
+If the payment was success, the status of the response (_payment_response_body['meta']['status']_) should be **payment_created**
 
 ## Development
 

data/lib/fintecture.rb

@@ -29,10 +29,10 @@ module Fintecture
   @logger = nil
   @environment = 'sandbox'
 
-  ENVIRONMENTS = %w[local sandbox production].freeze
+  ENVIRONMENTS = %w[local test sandbox production].freeze
 
   class << self
-    attr_accessor :app_id, :app_secret, :app_private_key
+    attr_accessor :app_id, :app_secret, :private_key
 
     def environment=(environment)
       environment = environment.downcase

data/lib/fintecture/api/endpoints/pis.rb

@@ -0,0 +1,13 @@
+module Fintecture
+  module Api
+    module Endpoints
+      module Pis
+        PIS = 'pis/v1'
+        PISPROVIDER = "#{PIS}/provider"
+        PISCUSTOMER = "#{PIS}/customer"
+        PREPARE = "#{PIS}/prepare"
+        PAYMENTS = "#{PIS}/payments"
+      end
+    end
+  end
+end

data/lib/fintecture/authentication.rb

@@ -16,10 +16,10 @@ module Fintecture
         ::Faraday.get "#{token_authorize_endpoint}#{query_string}"
       end
 
-      def access_token(auth_code =  nil)
+      def get_access_token(auth_code =  nil)
         body = access_token_data auth_code
 
-        Fintecture::Faraday::Authentication::Connection.post url: access_toke_url, req_body: body
+        Fintecture::Faraday::Authentication::Connection.post url: access_token_url, req_body: body
       end
 
       def refresh_token(refresh_token)
@@ -38,7 +38,7 @@ module Fintecture
         "#{base_url}#{Fintecture::Api::Endpoints::Authentication::OAUTH_TOKEN_AUTHORIZE}"
       end
 
-      def access_toke_url
+      def access_token_url
         "#{base_url}#{Fintecture::Api::Endpoints::Authentication::OAUTH_ACCESS_TOKEN}"
       end
 

data/lib/fintecture/connect.rb

@@ -1,26 +1,37 @@
 require 'base64'
 require 'json'
+require 'faraday'
+require 'fintecture/pis'
+require 'fintecture/utils/validation'
+require 'fintecture/exceptions'
+require 'fintecture/utils/date'
+require 'fintecture/utils/constants'
 
 module Fintecture
   class Connect
     class << self
       SIGNATURE_TYPE = 'rsa-sha256'.freeze
 
-      def connect_url_pis(payment_attrs = nil)
-        connect_url(payment_attrs: payment_attrs, type: 'pis')
+      def get_pis_connect(access_token = nil, payment_attrs = nil)
+        connect_url(access_token, payment_attrs, type: 'pis')
       end
 
-      def connect_url(payment_attrs: nil, type: 'pis')
+      def connect_url(access_token = nil, payment_attrs = nil, type: nil)
+        @access_token = access_token
         @payment_attrs = as_json payment_attrs
         @type = type
 
         validate_payment_integrity
 
-        @payment_attrs['end_to_end_id'] ||= Fintecture::Utils::Crypto.generate_uuid
+        @payment_attrs['end_to_end_id'] ||= Fintecture::Utils::Crypto.generate_uuid_only_chars
+
         payload = build_payload
-        state = build_state(payload).to_json.to_s
+        config = build_config(payload).to_json.to_s
 
-        "#{base_url}/#{type}?state=#{Base64.strict_encode64(state)}"
+        {
+            url: build_url(config),
+            session_id: payload[:meta][:session_id]
+        }
       end
 
       def verify_url_parameters(parameters = nil)
@@ -36,37 +47,41 @@ module Fintecture
 
       private
 
-      def raise_if_klass_mismatch(target, klass, param_name = nil)
-        return if target.is_a? klass
-
-        raise "invalid #{param_name ? param_name : 'parameter'} format, the parameter should be a #{klass} instead a #{target.class.name}"
+      def build_url(config)
+        "#{base_url}/#{@type}/#{@payment_attrs['psu_type']}/#{@payment_attrs['country']}?config=#{Base64.strict_encode64(config)}"
       end
 
       def validate_payment_integrity
-        raise_if_klass_mismatch @payment_attrs, Hash, 'payment_attrs'
+        Fintecture::Utils::Validation.raise_if_klass_mismatch @payment_attrs, Hash, 'payment_attrs'
+
+        raise Fintecture::ValidationException.new("access_token is a mandatory field") if @access_token.nil?
+
+        @payment_attrs['psu_type'] = 'retail' unless @payment_attrs['psu_type']
+        @payment_attrs['country'] = 'all' unless @payment_attrs['country']
 
         error_msg = 'invalid payment payload parameter'
 
-        raise "#{error_msg} type" unless %w[pis ais].include? @type
+        raise Fintecture::ValidationException.new("#{error_msg} type") unless Fintecture::Utils::Constants::SCOPES.include? @type
+        raise Fintecture::ValidationException.new("#{@payment_attrs['psu_type']} PSU type not allowed") unless Fintecture::Utils::Constants::PSU_TYPES.include? @payment_attrs['psu_type']
 
-        raise 'end_to_end_id must be an alphanumeric string' if(@payment_attrs['end_to_end_id'] && !@payment_attrs['end_to_end_id'].match(/^[0-9a-zA-Z]*$/))
+        raise Fintecture::ValidationException.new('end_to_end_id must be an alphanumeric string') if(@payment_attrs['end_to_end_id'] && !@payment_attrs['end_to_end_id'].match(/^[0-9a-zA-Z]*$/))
 
         %w[amount currency customer_full_name customer_email customer_ip redirect_uri].each do |param|
-          raise "#{param} is a mandatory field" if @payment_attrs[param].nil?
+          raise Fintecture::ValidationException.new("#{param} is a mandatory field") if @payment_attrs[param].nil?
         end
 
         # Check if string
         %w[communication redirect_uri].each do |param|
-          raise_if_klass_mismatch(@payment_attrs[param], String, param) if(@payment_attrs[param])
+          Fintecture::Utils::Validation.raise_if_klass_mismatch(@payment_attrs[param], String, param) if(@payment_attrs[param])
         end
 
       end
 
       def validate_post_payment_integrity
-        raise_if_klass_mismatch @post_payment_attrs, Hash, 'post_payment_attrs'
+        Fintecture::Utils::Validation.raise_if_klass_mismatch @post_payment_attrs, Hash, 'post_payment_attrs'
 
         %w[s state status session_id customer_id provider].each do |param|
-          raise "invalid post payment parameter #{param}" if @post_payment_attrs[param].nil?
+          raise Fintecture::ValidationException.new("invalid post payment parameter #{param}") if @post_payment_attrs[param].nil?
         end
       end
 
@@ -89,29 +104,39 @@ module Fintecture
             attributes: attributes,
         }
 
+        prepare_payment_response = Fintecture::Pis.prepare_payment( @access_token, {
+               data: data,
+               meta: meta
+          })
+        prepare_payment_response_body = JSON.parse(prepare_payment_response.body)
         {
-            data: data,
-            meta: meta
+            meta: {session_id: prepare_payment_response_body['meta']['session_id']},
+            data: { attributes: {amount: @payment_attrs['amount'], currency: @payment_attrs['currency']}}
         }
       end
 
-      def build_signature(payload)
-        Fintecture::Utils::Crypto.sign_payload payload
+      def build_signature(payload, date, x_request_id)
+        date_string = "x-date: #{date}"
+        digest_string = "digest: SHA-256=#{Fintecture::Utils::Crypto.hash_base64(payload.to_json)}"
+        x_request_id_string = "x-request-id: #{x_request_id}"
+
+        Fintecture::Utils::Crypto.sign_payload "#{digest_string}\n#{date_string}\n#{x_request_id_string}"
       end
 
-      def build_state(payload)
-        access_token_response = Fintecture::Authentication.access_token
-        access_token = JSON.parse(access_token_response.body)['access_token']
+      def build_config(payload)
+        header_time = Fintecture::Utils::Date.header_time
+        x_request_id = Fintecture::Utils::Crypto.generate_uuid
         {
             app_id: Fintecture.app_id,
-            access_token: access_token,
+            access_token: @access_token,
+            date: header_time,
+            request_id: x_request_id,
             signature_type: SIGNATURE_TYPE,
-            signature: build_signature(payload),
+            signature: build_signature(payload, header_time, x_request_id),
             redirect_uri: @payment_attrs['redirect_uri'] || '',
             origin_uri: @payment_attrs['origin_uri'] || '',
             state: @payment_attrs['state'],
-            payload: payload,
-            version: Fintecture::VERSION,
+            payload: payload
         }
       end
 
@@ -139,7 +164,7 @@ module Fintecture
           begin
             element.as_json
           rescue NoMethodError
-            raise "invalid parameter format, the parameter should be a Hash or an Object Model instead a #{element.class.name}"
+            raise Fintecture::ValidationException.new("invalid parameter format, the parameter should be a Hash or an Object Model instead a #{element.class.name}")
           end
       end
     end

data/lib/fintecture/exceptions.rb

@@ -0,0 +1,4 @@
+module Fintecture
+  class ValidationException < Exception; end
+  class CryptoException < Exception; end
+end

data/lib/fintecture/faraday/authentication/connection.rb

@@ -1,5 +1,8 @@
 require 'base64'
 require 'faraday'
+require 'uri'
+require 'fintecture/utils/crypto'
+require 'fintecture/utils/date'
 
 module Fintecture
   module Faraday
@@ -14,24 +17,54 @@ module Fintecture
             end
           end
 
-          def post(url:, req_body:)
+          def post(url:, req_body: nil, custom_content_type: nil, bearer: nil, secure_headers: false)
             conn = connection(url)
 
             conn.post do |req|
-              req.headers = req_headers
+              req.headers = req_headers(custom_content_type, bearer, secure_headers, method: 'post', body: req_body, url: url)
               req.body = req_body
             end
           end
 
-          def req_headers
+          def get(url:, req_body: nil, custom_content_type: nil, bearer: nil, secure_headers: false)
+            conn = connection(url)
+
+            conn.get do |req|
+              req.headers = req_headers(custom_content_type, bearer, secure_headers, method: 'get', url: url)
+              req.body = req_body
+            end
+          end
+
+          def req_headers(custom_content_type, bearer, secure_headers, method: '', body: {}, url:)
             client_token = Base64.strict_encode64("#{Fintecture.app_id}:#{Fintecture.app_secret}")
 
             {
                 'Accept' => 'application/json',
                 'User-Agent' => "Fintecture Ruby SDK v #{Fintecture::VERSION}",
-                'Authorization' => "Basic #{client_token}",
-                'Content-Type' => 'application/x-www-form-urlencoded',
-            }
+                'Authorization' => bearer ? bearer : "Basic #{client_token}",
+                'Content-Type' => custom_content_type ? custom_content_type : 'application/x-www-form-urlencoded',
+            }.merge(secure_headers ? req_secure_headers(body: body, url: url, method: method) : {})
+
+          end
+
+          def req_secure_headers(body: {}, url: '', method: '')
+            payload = ( body.class.name == 'String' ? body : body.to_s )
+            path_name = URI(url).path
+            search_params = URI(url).query
+
+            headers = {
+                'Date' => Fintecture::Utils::Date.header_time.to_s,
+                'X-Request-ID' => Fintecture::Utils::Crypto.generate_uuid
+            }.merge(payload ? load_digest(payload) : {})
+
+            request_target = search_params ? "#{method.downcase} #{path_name}?#{search_params}" : "#{method.downcase} #{path_name}"
+
+            headers['Signature'] = Fintecture::Utils::Crypto.create_signature_header({'(request-target)' => request_target}.merge(headers))
+            headers
+          end
+
+          def load_digest(payload)
+            {'Digest' => "SHA-256=#{Fintecture::Utils::Crypto.hash_base64(payload)}"}
           end
 
         end

data/lib/fintecture/pis.rb

@@ -0,0 +1,61 @@
+require 'json'
+require 'faraday'
+require 'fintecture/api/endpoints/pis'
+require 'fintecture/api/base_url'
+
+module Fintecture
+  class Pis
+    class << self
+
+      # Headers
+      def prepare_payment(access_token, payload)
+        url = prepare_payment_endpoint
+
+        Fintecture::Faraday::Authentication::Connection.post(
+            url: url,
+            req_body: payload.to_json,
+            custom_content_type: 'application/json',
+            bearer: "Bearer #{access_token}",
+            secure_headers: true
+        )
+      end
+
+      # This needs headers
+      def get_payments(access_token, session_id)
+        url = payment_endpoint
+
+        Fintecture::Faraday::Authentication::Connection.get(
+            url: "#{url}/#{session_id}",
+            custom_content_type: 'application/json',
+            bearer: "Bearer #{access_token}",
+            secure_headers: true
+        )
+      end
+
+      def get_access_token
+        response = Fintecture::Authentication.get_access_token
+
+        JSON.parse response.body
+      end
+
+      private
+
+      def prepare_payment_endpoint
+        "#{api_base_url}/#{Fintecture::Api::Endpoints::Pis::PREPARE}"
+      end
+
+      def payment_endpoint
+        "#{api_base_url}/#{Fintecture::Api::Endpoints::Pis::PAYMENTS}"
+      end
+
+      def base_url
+        Fintecture::Api::BaseUrl::FINTECTURE_CONNECT_URL[Fintecture.environment.to_sym]
+      end
+
+      def api_base_url
+        Fintecture::Api::BaseUrl::FINTECTURE_API_URL[Fintecture.environment.to_sym]
+      end
+
+    end
+  end
+end

data/lib/fintecture/utils/constants.rb

@@ -0,0 +1,14 @@
+
+
+
+module Fintecture
+  module Utils
+    module Constants
+
+      SIGNEDHEADERPARAMETERLIST = %w[(request-target) Date Digest X-Request-ID];
+      PSU_TYPES = %w[retail corporate]
+      SCOPES = %w[pis ais]
+
+    end
+  end
+end

data/lib/fintecture/utils/crypto.rb

@@ -2,7 +2,9 @@ require 'securerandom'
 require 'openssl'
 require 'base64'
 require 'json'
-
+require 'fintecture/exceptions'
+require 'fintecture/utils/constants'
+require 'uri'
 
 module Fintecture
   module Utils
@@ -10,31 +12,38 @@ module Fintecture
       class << self
 
         def generate_uuid
-          SecureRandom.uuid.gsub!('-','')
+          SecureRandom.uuid
+        end
+
+        def generate_uuid_only_chars
+          generate_uuid.gsub!('-','')
         end
 
         def sign_payload(payload)
           payload = payload.to_json.to_s if payload.is_a? Hash
 
           digest = OpenSSL::Digest::SHA256.new
-          private_key = OpenSSL::PKey::RSA.new(Fintecture.app_private_key)
+          private_key = OpenSSL::PKey::RSA.new(Fintecture.private_key)
 
           begin
             signature = private_key.sign(digest, payload)
             Base64.strict_encode64(signature)
           rescue
-            raise 'error during signature'
+            raise Fintecture::CryptoException.new('error during signature')
           end
         end
 
         def decrypt_private(digest)
+          digest = URI.unescape digest
           encrypted_string = Base64.decode64(digest)
-          private_key = OpenSSL::PKey::RSA.new(Fintecture.app_private_key)
+          private_key = OpenSSL::PKey::RSA.new(Fintecture.private_key)
 
           begin
             private_key.private_decrypt(encrypted_string, OpenSSL::PKey::RSA::PKCS1_OAEP_PADDING)
+          rescue OpenSSL::PKey::RSAError => e
+            raise Fintecture::CryptoException.new("error while decrypt, #{e.message}")
           rescue
-            raise 'error during decryption'
+            raise Fintecture::CryptoException.new('error during decryption')
           end
         end
 
@@ -43,6 +52,24 @@ module Fintecture
           Base64.strict_encode64(digest)
         end
 
+        def create_signature_header(headers)
+          signing = []
+          header = []
+
+          Fintecture::Utils::Constants::SIGNEDHEADERPARAMETERLIST.each do |param|
+            next unless headers[param]
+
+            param_low = param.downcase
+            signing << "#{param_low}: #{headers[param]}"
+            header << param_low
+          end
+
+          # Double quote in join needed. If not we will get two slashes \\n
+          signature = sign_payload signing.join("\n")
+
+          'keyId="' + Fintecture.app_id + '",algorithm="rsa-sha256",headers="' + header.join(' ') + '",signature="' + signature + '"'
+        end
+
       end
     end
   end

data/lib/fintecture/utils/date.rb

@@ -0,0 +1,15 @@
+require 'time'
+
+module Fintecture
+  module Utils
+    class Date
+      class << self
+
+        def header_time
+          Time.now.utc.strftime("%a, %d %b %Y %H:%M:%S GMT")
+        end
+
+      end
+    end
+  end
+end

data/lib/fintecture/utils/validation.rb

@@ -0,0 +1,17 @@
+require 'fintecture/exceptions'
+
+module Fintecture
+  module Utils
+    class Validation
+      class << self
+
+        def raise_if_klass_mismatch(target, klass, param_name = nil)
+          return if target.is_a? klass
+
+          raise Fintecture::ValidationException.new("invalid #{param_name ? param_name : 'parameter'} format, the parameter should be a #{klass} instead a #{target.class.name}")
+        end
+
+      end
+    end
+  end
+end

data/lib/fintecture/version.rb

@@ -1,3 +1,3 @@
 module Fintecture
-  VERSION = '0.1.6'
+  VERSION = '0.1.7'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: fintecture
 version: !ruby/object:Gem::Version
-  version: 0.1.6
+  version: 0.1.7
 platform: ruby
 authors:
 - Fintecture
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-01-17 00:00:00.000000000 Z
+date: 2020-02-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -88,10 +88,16 @@ files:
 - lib/fintecture.rb
 - lib/fintecture/api/base_url.rb
 - lib/fintecture/api/endpoints/authentication.rb
+- lib/fintecture/api/endpoints/pis.rb
 - lib/fintecture/authentication.rb
 - lib/fintecture/connect.rb
+- lib/fintecture/exceptions.rb
 - lib/fintecture/faraday/authentication/connection.rb
+- lib/fintecture/pis.rb
+- lib/fintecture/utils/constants.rb
 - lib/fintecture/utils/crypto.rb
+- lib/fintecture/utils/date.rb
+- lib/fintecture/utils/validation.rb
 - lib/fintecture/version.rb
 homepage: http://fintecture.com
 licenses: