ibanity 1.7.0 → 1.11.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c7fd6f89318c851b7400543ff611a42ae6212bd62ce5073422d1bd36c822369a
-  data.tar.gz: c8fe8aaf323a55636815cd8c6669192005eb358fc396bb9e0528add3790ba3e3
+  metadata.gz: f0b9e9d3d5bd37f738613c1e77292d6cee3fcbf5016d3d5200d7f4715d673735
+  data.tar.gz: a757cd1e70e6588174e56de7584d10f04b1b2023c6cf9e0c02e5377c8b6a226b
 SHA512:
-  metadata.gz: 4190b626cf11725cd578cf7865307eb65610bf98e4c6c89f47e3559a679d8e07be9423b0dc44263c23b07361f6d050b0fface497077c26dfa30cd41c39dcfa06
-  data.tar.gz: 19e030f8f098906171c1784c88b25a58e51f486b15c8cdad4e8ca61ddba81b18d83684478c6e77681d4f28c287762f256228c24876261fe924d5af4f025dd364
+  metadata.gz: 6c9b41e71c94eac22e8416d5689bb1c02c6cee7c1ba73a0fad1da4d6154a3bd18e7ae16baf154b3e5d881a72e18d77e991580f3dd3486ceb5a5fa157b1b652cd
+  data.tar.gz: 6fbd44ba0f4d06bb8e890728311bdf8f28e00008688f6d9005e9da6c55377e98644f1e0d8890543a69de7884a83ed6cfabe1e97f01cf381067ad84a801878bd6

data/.github/workflows/gem-push.yml

@@ -2,7 +2,7 @@ name: Ruby Gem
 
 on:
   release:
-    types: [created]
+    types: [published]
 
 jobs:
   build:

data/CHANGELOG.md

@@ -1,4 +1,31 @@
 # Changelog
+
+## 1.11
+
+* Allow to tweak RestClient's timeout.
+
+## 1.10
+
+* [Ponto Connect] Add support for payment activation requests.
+
+* [Webhooks] Add support for webhook signature validation, keys endpoint, and events.
+
+## 1.9
+
+* [Ponto Connect] Add account reauthorization requests
+
+* [Isabel Connect] Deprecate `Ibanity::IsabelConnect::AccessToken` and `Ibanity::IsabelConnect::RefreshToken`, please use `Ibanity::IsabelConnect::Token` instead
+
+## 1.8
+
+* [XS2A] Update sandbox transactions
+
+* [XS2A] Add support to list updated transaction using `synchronization_id`
+
+* [Ponto Connect] Add support to BulkPayments
+
+* [Isabel Connect] Add `hideDetails` and `isShared` parameters to `BulkPaymentInititationRequest.create`
+
 ## 1.7
 ### Enhancements
 
@@ -29,7 +56,7 @@
 
 ### Enhancements
 
-* Default signature algorithm is now ["hs2019"](https://tools.ietf.org/html/draft-cavage-http-signatures-12#appendix-E.2) 
+* Default signature algorithm is now ["hs2019"](https://tools.ietf.org/html/draft-cavage-http-signatures-12#appendix-E.2)
 * Add support for periodic and bulk payments
 * Add snake-case transformation for deeply nested data structures
 

data/ibanity.gemspec

@@ -19,5 +19,6 @@ Gem::Specification.new do |spec|
   spec.require_paths = ["lib"]
 
   spec.add_dependency "rest-client", ">= 1.8.0"
+  spec.add_dependency "jose", ">= 1.1.3"
   spec.add_development_dependency "rspec", "3.9.0"
 end

data/lib/ibanity/api/base_resource.rb

@@ -86,6 +86,8 @@ module Ibanity
     private
 
     def prepare_attributes(raw)
+      raise "Unexpected raw type, expected hash, got #{raw}" unless raw.is_a?(Hash)
+
       base = {
         "id"  => raw["id"],
       }
@@ -97,23 +99,47 @@ module Ibanity
 
     def setup_relationships(relationships, customer_access_token = nil)
       relationships.each do |key, relationship|
-        if relationship["data"]
-          self[Ibanity::Util.underscore("#{key}_id")] = relationship["data"]["id"]
-          return unless relationship.dig("links", "related")
-
-          klass = relationship_klass(key)
-          method_name = Ibanity::Util.underscore(key)
-          define_singleton_method(method_name) do |headers: nil|
-            klass.find_by_uri(uri: relationship["links"]["related"], headers: headers, customer_access_token: customer_access_token)
-          end
-        else
-          singular_key = key[0..-2]
-          klass        = relationship_klass(singular_key)
-          method_name  = Ibanity::Util.underscore(key)
-          define_singleton_method(method_name) do |headers: nil, **query_params|
-            uri = relationship["links"]["related"]
-            klass.list_by_uri(uri: uri, headers: headers, query_params: query_params, customer_access_token: customer_access_token)
-          end
+        url = relationship.dig("links", "related")
+        id = relationship.dig("data", "id")
+
+        if url
+          setup_relationship(customer_access_token, key, relationship, url)
+        elsif id
+          self[Ibanity::Util.underscore("#{key}_id")] = id
+        end
+      end
+    end
+
+    def setup_relationship(customer_access_token, key, relationship, url)
+      if relationship["data"]
+        resource = relationship.dig("data", "type") || key
+        klass = relationship_klass(resource)
+        method_name = Ibanity::Util.underscore(key)
+        define_singleton_method(method_name) do |headers: nil|
+          klass.find_by_uri(uri: url, headers: headers, customer_access_token: customer_access_token)
+        end
+        self[Ibanity::Util.underscore("#{key}_id")] = relationship.dig("data", "id")
+      elsif relationship["meta"]
+        resource = relationship.dig("meta", "type")
+        klass = relationship_klass(resource)
+        method_name = Ibanity::Util.underscore(key)
+        define_singleton_method(method_name) do |headers: nil|
+          klass.find_by_uri(uri: url, headers: headers, customer_access_token: customer_access_token)
+        end
+      elsif relationship.dig("links", "meta", "type")
+        resource = relationship.dig("links", "meta", "type")
+        klass = relationship_klass(resource)
+        method_name = Ibanity::Util.underscore(key)
+        define_singleton_method(method_name) do |headers: nil, **query_params|
+          klass.list_by_uri(uri: url, headers: headers, query_params: query_params, customer_access_token: customer_access_token)
+        end
+      else
+        resource = key
+        singular_resource = resource[0..-2]
+        klass = relationship_klass(singular_resource)
+        method_name = Ibanity::Util.underscore(resource)
+        define_singleton_method(method_name) do |headers: nil, **query_params|
+          klass.list_by_uri(uri: url, headers: headers, query_params: query_params, customer_access_token: customer_access_token)
         end
       end
     end
@@ -126,11 +152,13 @@ module Ibanity
 
     def relationship_klass(name)
       camelized_name = Ibanity::Util.camelize(name)
-      enclosing_module = if camelized_name == "FinancialInstitution"
-        Ibanity::Xs2a
-      else
-        Object.const_get(self.class.to_s.split("::")[0...-1].join("::"))
-      end
+      enclosing_module =
+        if camelized_name == "FinancialInstitution"
+          Ibanity::Xs2a
+        else
+          Object.const_get(self.class.to_s.split("::")[0...-1].join("::"))
+        end
+
       enclosing_module.const_get(camelized_name)
     end
   end

data/lib/ibanity/api/flat_resource.rb

@@ -0,0 +1,20 @@
+module Ibanity
+  class FlatResource < OpenStruct
+    def self.list_by_uri(uri:, key:)
+      raw_response = Ibanity.client.get(uri: uri)
+      items = raw_response[key].map { |raw_item| new(raw_item) }
+      Ibanity::Collection.new(
+        klass:                  self,
+        items:                  items,
+        links:                  nil,
+        paging:                 nil,
+        synchronized_at:        nil,
+        latest_synchronization: nil
+      )
+    end
+
+    def initialize(raw)
+      super(raw)
+    end
+  end
+end

data/lib/ibanity/api/isabel_connect/access_token.rb

@@ -2,6 +2,7 @@ module Ibanity
   module IsabelConnect
     class AccessToken < Ibanity::OAuthResource
       def self.create(refresh_token:, idempotency_key: nil)
+        warn "WARNING: Ibanity::IsabelConnect::AccessToken.create is deprecated, please use Ibanity::IsabelConnect::Token.create instead"
         uri = Ibanity.isabel_connect_api_schema["oAuth2"]["accessTokens"]
         arguments = [
           ["grant_type", "refresh_token"],

data/lib/ibanity/api/isabel_connect/bulk_payment_initiation_request.rb

@@ -1,7 +1,7 @@
 module Ibanity
   module IsabelConnect
     class BulkPaymentInitiationRequest < Ibanity::BaseResource
-      def self.create(access_token:, raw_content:, filename:, idempotency_key: nil)
+      def self.create(access_token:, raw_content:, filename:, idempotency_key: nil, is_shared: true, hide_details: false)
         uri = Ibanity.isabel_connect_api_schema["bulkPaymentInitiationRequests"].sub("{bulkPaymentInitiationRequestId}", "")
         create_file_by_uri(
           uri: uri,
@@ -11,7 +11,9 @@ module Ibanity
           idempotency_key: idempotency_key,
           headers: {
             content_type: :xml,
-            "Content-Disposition": "inline; filename=#{filename}"
+            "Content-Disposition": "inline; filename=#{filename}",
+            "Is-Shared": is_shared,
+            "Hide-Details": hide_details
           }
         )
       end

data/lib/ibanity/api/isabel_connect/refresh_token.rb

@@ -2,6 +2,7 @@ module Ibanity
   module IsabelConnect
     class RefreshToken < Ibanity::OAuthResource
       def self.create(authorization_code:, redirect_uri:, idempotency_key: nil)
+        warn "WARNING: Ibanity::IsabelConnect::RefreshToken.create is deprecated, please use Ibanity::IsabelConnect::Token.create instead"
         uri = Ibanity.isabel_connect_api_schema["oAuth2"]["refreshTokens"]["create"]
         arguments = [
           ["grant_type", "authorization_code"],
@@ -13,8 +14,9 @@ module Ibanity
         payload = URI.encode_www_form(arguments)
         create_by_uri(uri: uri, payload: payload, idempotency_key: idempotency_key)
       end
-
+      
       def self.delete(token:)
+        warn "WARNING: Ibanity::IsabelConnect::RefreshToken.delete is deprecated, please use Ibanity::IsabelConnect::Token.delete instead"
         uri = Ibanity.isabel_connect_api_schema["oAuth2"]["refreshTokens"]["revoke"]
         arguments = [
           ["token", token],

data/lib/ibanity/api/isabel_connect/token.rb

@@ -0,0 +1,39 @@
+module Ibanity
+  module IsabelConnect
+    class Token < Ibanity::OAuthResource
+      def self.create(refresh_token: nil, authorization_code: nil, redirect_uri: nil, idempotency_key: nil)
+        uri = Ibanity.isabel_connect_api_schema["oAuth2"]["token"]
+        arguments =
+          if refresh_token
+            [
+              ["grant_type", "refresh_token"],
+              ["refresh_token", refresh_token],
+              ["client_id", Ibanity.client.isabel_connect_client_id],
+              ["client_secret", Ibanity.client.isabel_connect_client_secret]
+            ]
+          elsif authorization_code
+            [
+              ["grant_type", "authorization_code"],
+              ["code", authorization_code],
+              ["client_id", Ibanity.client.isabel_connect_client_id],
+              ["client_secret", Ibanity.client.isabel_connect_client_secret],
+              ["redirect_uri", redirect_uri]
+            ]
+          end
+        payload = URI.encode_www_form(arguments)
+        create_by_uri(uri: uri, payload: payload, idempotency_key: idempotency_key)
+      end
+
+      def self.delete(token:)
+        uri = Ibanity.isabel_connect_api_schema["oAuth2"]["revoke"]
+        arguments = [
+          ["token", token],
+          ["client_id", Ibanity.client.isabel_connect_client_id],
+          ["client_secret", Ibanity.client.isabel_connect_client_secret]
+        ]
+        payload = URI.encode_www_form(arguments)
+        create_by_uri(uri: uri, payload: payload)
+      end
+    end
+  end
+end

data/lib/ibanity/api/ponto_connect/bulk_payment.rb

@@ -0,0 +1,20 @@
+module Ibanity
+  module PontoConnect
+    class BulkPayment < Ibanity::BaseResource
+      def self.find(access_token:, account_id:, id:)
+        uri = Ibanity.ponto_connect_api_schema["account"]["bulkPayments"].sub("{accountId}", account_id).sub("{bulkPaymentId}", id)
+        find_by_uri(uri: uri, customer_access_token: access_token)
+      end
+
+      def self.create(account_id:, access_token: nil, **attributes)
+        uri = Ibanity.ponto_connect_api_schema["account"]["bulkPayments"].gsub("{accountId}", account_id).gsub("{bulkPaymentId}", "")
+        create_by_uri(uri: uri, resource_type: "bulkPayment", attributes: attributes, customer_access_token: access_token)
+      end
+
+      def self.delete(id:, account_id:, access_token:)
+        uri = Ibanity.ponto_connect_api_schema["account"]["bulkPayments"].gsub("{accountId}", account_id).gsub("{bulkPaymentId}", id)
+        destroy_by_uri(uri: uri, customer_access_token: access_token)
+      end
+    end
+  end
+end

data/lib/ibanity/api/ponto_connect/payment_activation_request.rb

@@ -0,0 +1,10 @@
+module Ibanity
+  module PontoConnect
+    class PaymentActivationRequest < Ibanity::BaseResource
+      def self.create(access_token:, **attributes)
+        uri = Ibanity.ponto_connect_api_schema["paymentActivationRequests"]
+        create_by_uri(uri: uri, resource_type: "paymentActivationRequest", attributes: attributes, customer_access_token: access_token)
+      end
+    end
+  end
+end

data/lib/ibanity/api/ponto_connect/reauthorization_request.rb

@@ -0,0 +1,10 @@
+module Ibanity
+  module PontoConnect
+    class ReauthorizationRequest < Ibanity::BaseResource
+      def self.create(account_id:, access_token:, **attributes)
+        uri = Ibanity.ponto_connect_api_schema["account"]["reauthorizationRequests"].gsub("{accountId}", account_id)
+        create_by_uri(uri: uri, resource_type: "reauthorizationRequest", attributes: attributes, customer_access_token: access_token)
+      end
+    end
+  end
+end

data/lib/ibanity/api/ponto_connect/sandbox/financial_institution_transaction.rb

@@ -25,6 +25,14 @@ module Ibanity
             .sub("{financialInstitutionTransactionId}", "")
           create_by_uri(uri: uri, resource_type: "financialInstitutionTransaction", attributes: attributes, customer_access_token: access_token)
         end
+
+        def self.update(access_token:, id:, financial_institution_id:, financial_institution_account_id:, **attributes)
+          uri = Ibanity.ponto_connect_api_schema["sandbox"]["financialInstitution"]["financialInstitutionAccount"]["financialInstitutionTransactions"]
+            .sub("{financialInstitutionId}", financial_institution_id)
+            .sub("{financialInstitutionAccountId}", financial_institution_account_id)
+            .sub("{financialInstitutionTransactionId}", id)
+          update_by_uri(uri: uri, resource_type: "financialInstitutionTransaction", attributes: attributes, customer_access_token: access_token)
+        end
       end
     end
   end

data/lib/ibanity/api/sandbox/financial_institution_transaction.rb

@@ -31,6 +31,16 @@ module Ibanity
         find_by_uri(uri: uri)
       end
 
+      def self.update(id:, financial_institution_user_id:, financial_institution_id:, financial_institution_account_id:, idempotency_key: nil, **attributes)
+        path = Ibanity.sandbox_api_schema["financialInstitution"]["financialInstitutionAccount"]["financialInstitutionTransactions"]
+          .gsub("{financialInstitutionId}", financial_institution_id)
+          .gsub("{financialInstitutionUserId}", financial_institution_user_id)
+          .gsub("{financialInstitutionAccountId}", financial_institution_account_id)
+          .gsub("{financialInstitutionTransactionId}", id)
+        uri = Ibanity.client.build_uri(path)
+        update_by_uri(uri: uri, resource_type: "financialInstitutionTransaction", attributes: attributes, idempotency_key: idempotency_key)
+      end
+
       def self.delete(id:, financial_institution_user_id:, financial_institution_id:, financial_institution_account_id:)
         path = Ibanity.sandbox_api_schema["financialInstitution"]["financialInstitutionAccount"]["financialInstitutionTransactions"]
           .gsub("{financialInstitutionId}", financial_institution_id)

data/lib/ibanity/api/webhooks/key.rb

@@ -0,0 +1,11 @@
+module Ibanity
+  module Webhooks
+    class Key < Ibanity::FlatResource
+      def self.list
+        path = Ibanity.webhooks_api_schema["keys"]
+        uri = Ibanity.client.build_uri(path)
+        list_by_uri(uri: uri, key: "keys")
+      end
+    end
+  end
+end

data/lib/ibanity/api/webhooks/ponto_connect.rb

@@ -0,0 +1,24 @@
+module Ibanity
+  module Webhooks
+    module PontoConnect
+      module Synchronization
+        class SucceededWithoutChange < Ibanity::BaseResource
+        end
+
+        class Failed < Ibanity::BaseResource
+        end
+      end
+
+      module Account
+        class DetailsUpdated < Ibanity::BaseResource
+        end
+
+        class TransactionsCreated < Ibanity::BaseResource
+        end
+
+        class TransactionsUpdated < Ibanity::BaseResource
+        end
+      end
+    end
+  end
+end

data/lib/ibanity/api/webhooks/xs2a.rb

@@ -0,0 +1,24 @@
+module Ibanity
+  module Webhooks
+    module Xs2a
+      module Synchronization
+        class SucceededWithoutChange < Ibanity::BaseResource
+        end
+
+        class Failed < Ibanity::BaseResource
+        end
+      end
+
+      module Account
+        class DetailsUpdated < Ibanity::BaseResource
+        end
+
+        class TransactionsCreated < Ibanity::BaseResource
+        end
+
+        class TransactionsUpdated < Ibanity::BaseResource
+        end
+      end
+    end
+  end
+end

data/lib/ibanity/api/xs2a/transaction.rb

@@ -1,11 +1,16 @@
 module Ibanity
   module Xs2a
     class Transaction < Ibanity::BaseResource
-      def self.list(financial_institution_id:, account_id:, customer_access_token:, headers: nil,  **query_params)
-        uri = Ibanity.xs2a_api_schema["customer"]["financialInstitution"]["transactions"]
-          .sub("{financialInstitutionId}", financial_institution_id)
-          .sub("{accountId}", account_id)
-          .sub("{transactionId}", "")
+      def self.list(financial_institution_id: nil, account_id: nil, synchronization_id: nil, customer_access_token:, headers: nil,  **query_params)
+        uri = if synchronization_id
+          Ibanity.xs2a_api_schema["customer"]["synchronization"]["updatedTransactions"]
+          .sub("{synchronizationId}", synchronization_id)
+        else
+          Ibanity.xs2a_api_schema["customer"]["financialInstitution"]["transactions"]
+            .sub("{financialInstitutionId}", financial_institution_id)
+            .sub("{accountId}", account_id)
+            .sub("{transactionId}", "")
+        end
         list_by_uri(uri: uri, query_params: query_params, customer_access_token: customer_access_token, headers: headers)
       end
 

data/lib/ibanity/client.rb

@@ -1,22 +1,43 @@
 module Ibanity
   class Client
 
-    attr_reader :base_uri, :signature_certificate, :signature_key, :isabel_connect_client_id, :isabel_connect_client_secret, :ponto_connect_client_id, :ponto_connect_client_secret
+    attr_reader :base_uri, :signature_certificate, :signature_key, :isabel_connect_client_id, :isabel_connect_client_secret, :ponto_connect_client_id, :ponto_connect_client_secret, :application_id
 
-    def initialize(certificate:, key:, key_passphrase:, signature_certificate: nil, signature_certificate_id: nil, signature_key: nil, signature_key_passphrase: nil, api_scheme: "https", api_host: "api.ibanity.com", api_port: "443", ssl_ca_file: nil, isabel_connect_client_id: "valid_client_id", isabel_connect_client_secret: "valid_client_secret", ponto_connect_client_id: nil, ponto_connect_client_secret: nil)
+    def initialize(
+        certificate:,
+        key:,
+        key_passphrase:,
+        signature_certificate: nil,
+        signature_certificate_id: nil,
+        signature_key: nil,
+        signature_key_passphrase: nil,
+        api_scheme: "https",
+        api_host: "api.ibanity.com",
+        ssl_ca_file: nil,
+        isabel_connect_client_id: "valid_client_id",
+        isabel_connect_client_secret: "valid_client_secret",
+        ponto_connect_client_id: nil,
+        ponto_connect_client_secret: nil,
+        application_id: nil,
+        debug_http_requests: false,
+        timeout: 60
+      )
       @isabel_connect_client_id     = isabel_connect_client_id
       @isabel_connect_client_secret = isabel_connect_client_secret
       @ponto_connect_client_id      = ponto_connect_client_id
       @ponto_connect_client_secret  = ponto_connect_client_secret
       @certificate                  = OpenSSL::X509::Certificate.new(certificate)
       @key                          = OpenSSL::PKey::RSA.new(key, key_passphrase)
+      @http_debug                   = debug_http_requests
       if signature_certificate
         @signature_certificate    = OpenSSL::X509::Certificate.new(signature_certificate)
         @signature_certificate_id = signature_certificate_id
         @signature_key            = OpenSSL::PKey::RSA.new(signature_key, signature_key_passphrase)
       end
-      @base_uri              = "#{api_scheme}://#{api_host}:#{api_port}"
+      @base_uri              = "#{api_scheme}://#{api_host}"
       @ssl_ca_file           = ssl_ca_file
+      @application_id        = application_id
+      @timeout               = timeout
     end
 
     def get(uri:, query_params: {}, customer_access_token: nil, headers: nil, json: true)
@@ -25,12 +46,12 @@ module Ibanity
     end
 
     def post(uri:, payload:, query_params: {}, customer_access_token: nil, idempotency_key: nil, json: true, headers: nil)
-      headers = build_headers(customer_access_token: customer_access_token, idempotency_key: idempotency_key, extra_headers: headers, json: json)
+      headers = build_headers(customer_access_token: customer_access_token, idempotency_key: idempotency_key, extra_headers: headers, json: json, payload: payload)
       execute(method: :post, uri: uri, headers: headers, query_params: query_params, payload: payload, json: json)
     end
 
     def patch(uri:, payload:, query_params: {}, customer_access_token: nil, idempotency_key: nil, json: true)
-      headers = build_headers(customer_access_token: customer_access_token, idempotency_key: idempotency_key, json: json)
+      headers = build_headers(customer_access_token: customer_access_token, idempotency_key: idempotency_key, json: json, payload: payload)
       execute(method: :patch, uri: uri, headers: headers, query_params: query_params, payload: payload, json: json)
     end
 
@@ -46,6 +67,15 @@ module Ibanity
     private
 
     def execute(method:, uri:, headers:, query_params: {}, payload: nil, json:)
+      case payload
+      when NilClass
+        payload = ''
+      when Hash
+        payload = json ? payload.to_json : payload
+      when Pathname
+        payload = File.open(payload, 'rb')
+      end
+
       if @signature_certificate
         signature = Ibanity::HttpSignature.new(
           certificate:    @signature_certificate,
@@ -55,23 +85,31 @@ module Ibanity
           uri:            uri,
           query_params:   query_params,
           headers:        headers,
-          payload:        payload && json ? payload.to_json : payload
+          payload:        payload
         )
         headers.merge!(signature.signature_headers)
       end
+
       query = {
         method:          method,
         url:             uri,
         headers:         headers.merge(params: query_params),
-        payload:         payload && json ? payload.to_json : payload,
+        payload:         payload,
         ssl_client_cert: @certificate,
         ssl_client_key:  @key,
-        ssl_ca_file:     @ssl_ca_file
+        ssl_ca_file:     @ssl_ca_file,
+        timeout:         @timeout
       }
+
+      log("HTTP Request", query) if @http_debug
+
       raw_response = RestClient::Request.execute(query) do |response, request, result, &block|
+        log("HTTP response", { status: response.code, headers: response.headers, body: response.body }) if @http_debug
+
         if response.code >= 400
           ibanity_request_id = response.headers[:ibanity_request_id]
           body = JSON.parse(response.body)
+
           raise Ibanity::Error.new(body["errors"] || body, ibanity_request_id), "Ibanity request failed."
         else
           response.return!(&block)
@@ -80,12 +118,15 @@ module Ibanity
       JSON.parse(raw_response)
     rescue JSON::ParserError => e
       return raw_response.body
+    ensure
+      payload.close if payload.is_a?(File)
     end
 
-    def build_headers(customer_access_token: nil, idempotency_key: nil, extra_headers: nil, json:)
+    def build_headers(customer_access_token: nil, idempotency_key: nil, extra_headers: nil, json:, payload: nil)
       headers = {
         accept: :json,
       }
+      headers["Transfer-Encoding"]       = "chunked" if payload.is_a?(Pathname)
       headers[:content_type]             = :json if json
       headers["Authorization"]           = "Bearer #{customer_access_token}" unless customer_access_token.nil?
       headers["Ibanity-Idempotency-Key"] = idempotency_key unless idempotency_key.nil?
@@ -95,5 +136,38 @@ module Ibanity
         headers.merge(extra_headers)
       end
     end
+
+    def log(tag, info)
+      unless info.is_a?(Hash)
+        puts "[DEBUG] #{tag}: #{info}"
+        return
+      end
+
+      info = JSON.parse(info.to_json)
+
+      if info.dig("headers", "Authorization")
+        info["headers"]["Authorization"] = "[filtered]"
+      end
+      info.delete("proxy")
+      info.delete("ssl_client_cert")
+      info.delete("ssl_client_key")
+      if info.dig("payload").is_a?(Hash) && info.dig("payload", "client_secret")
+        info["payload"]["client_secret"] = "[filtered]"
+      end
+
+      if info["body"]&.is_a?(String)
+        begin
+          info["body"] = JSON.parse(info["body"])
+        rescue => exception
+          info["body"] = Base64.strict_encode64(info["body"])
+        end
+      end
+
+      begin
+        puts "[DEBUG] #{tag}: #{info.to_json}"
+      rescue => e
+        puts "[DEBUG] #{tag}: #{info}"
+      end
+    end
   end
 end

data/lib/ibanity/error.rb

@@ -22,6 +22,8 @@ module Ibanity
         formatted_errors.join("\n")
       elsif @errors.is_a?(Hash)
         "* #{@errors["error"]}: #{@errors["error_description"]}\n * Error hint: #{@errors["error_hint"]}\n * ibanity_request_id: #{@ibanity_request_id}"
+      elsif @errors.is_a?(String)
+        @errors
       else
         super
       end

data/lib/ibanity/http_signature.rb

@@ -1,4 +1,5 @@
 require "base64"
+require "pathname"
 
 module Ibanity
   class HttpSignature
@@ -29,16 +30,38 @@ module Ibanity
       }
     end
 
-    private
-
     def payload_digest
-      digest         = OpenSSL::Digest::SHA512.new
-      string_payload = @payload.nil? ? "" : @payload
-      digest.update(string_payload)
+      @payload_digest ||= compute_digest
+    end
+
+    def compute_digest
+      case @payload
+        when NilClass
+          digest = compute_digest_string("")
+        when String
+          digest = compute_digest_string(@payload)
+        when File
+          digest = compute_digest_file(@payload)
+      end
       base64 = Base64.urlsafe_encode64(digest.digest)
       "SHA-512=#{base64}"
     end
 
+    def compute_digest_string(str)
+      digest = OpenSSL::Digest::SHA512.new
+      digest.update(str)
+    end
+
+    def compute_digest_file(pathname)
+      digest = OpenSSL::Digest::SHA512.new
+      File.open(pathname, 'rb') do |f|
+        while buffer = f.read(256_000)
+          digest << buffer
+        end
+      end
+      digest
+    end
+
     def headers_to_sign
       result = ["(request-target)", "host", "digest", "(created)"]
       result << "authorization" unless @headers["Authorization"].nil?

data/lib/ibanity/version.rb

@@ -1,3 +1,3 @@
 module Ibanity
-  VERSION = "1.7.0"
+  VERSION = "1.11.0"
 end

data/lib/ibanity/webhook.rb

@@ -0,0 +1,94 @@
+module Ibanity
+  module Webhook
+    DEFAULT_TOLERANCE = 30
+    SIGNING_ALGORITHM = "RS512"
+
+    # Initializes an Ibanity Webhooks event object from a JSON payload.
+    #
+    # This may raise JSON::ParserError if the payload is not valid JSON, or
+    # Ibanity::Error if the signature verification fails.
+    def self.construct_event!(payload, signature_header, tolerance: DEFAULT_TOLERANCE)
+      Signature.verify!(payload, signature_header, tolerance)
+
+      raw_item = JSON.parse(payload)
+      klass = raw_item["data"]["type"].split(".").map{|klass| klass.sub(/\S/, &:upcase)}.join("::")
+      Ibanity::Webhooks.const_get(klass).new(raw_item["data"])
+    end
+
+    module Signature
+      # Verifies the signature header for a given payload.
+      #
+      # Raises an Ibanity::Error in the following cases:
+      # - the header does not match the expected format
+      # - the digest does not match the payload
+      # - the issued at or expiration timestamp is not within the tolerance
+      # - the audience or issuer does not match the application config
+      #
+      # Returns true otherwise
+      def self.verify!(payload, signature_header, tolerance)
+        begin
+          key_details = JOSE::JWT.peek_protected(signature_header).to_hash
+          raise unless key_details["alg"] == SIGNING_ALGORITHM && key_details["kid"]
+        rescue
+          raise Ibanity::Error.new("Key details could not be parsed from the header", nil)
+        end
+
+        key = Ibanity.webhook_keys.find { |key| key.kid == key_details["kid"] }
+
+        if key.nil?
+          raise Ibanity::Error.new("The key id from the header didn't match an available signing key", nil)
+        end
+        signer = JOSE::JWK.from(key.to_h {|key, value| [key.to_s, value] })
+        verified, claims_string, _jws = JOSE::JWT.verify_strict(signer, [SIGNING_ALGORITHM], signature_header)
+
+        raise Ibanity::Error.new("The signature verification failed", nil) unless verified
+
+        jwt = JOSE::JWT.from(claims_string)
+
+        validate_digest!(jwt, payload)
+        validate_issued_at!(jwt, tolerance)
+        validate_expiration!(jwt, tolerance)
+        validate_issuer!(jwt)
+        validate_audience!(jwt)
+
+        true
+      end
+
+      private
+
+      def self.validate_digest!(jwt, payload)
+        unless Digest::SHA512.base64digest(payload) == jwt.fields["digest"]
+          raise_invalid_signature_error!("digest")
+        end
+      end
+
+      def self.validate_issued_at!(jwt, tolerance)
+        unless jwt.fields["iat"] <= Time.now.to_i + tolerance
+          raise_invalid_signature_error!("iat")
+        end
+      end
+
+      def self.validate_expiration!(jwt, tolerance)
+        unless jwt.fields["exp"] >= Time.now.to_i - tolerance
+          raise_invalid_signature_error!("exp")
+        end
+      end
+
+      def self.validate_issuer!(jwt)
+        unless jwt.fields["iss"] == Ibanity.client.base_uri
+          raise_invalid_signature_error!("iss")
+        end
+      end
+
+      def self.validate_audience!(jwt)
+        unless jwt.fields["aud"] == Ibanity.client.application_id
+          raise_invalid_signature_error!("aud")
+        end
+      end
+
+      def self.raise_invalid_signature_error!(field)
+        raise Ibanity::Error.new("The signature #{field} is invalid", nil)
+      end
+    end
+  end
+end

data/lib/ibanity.rb

@@ -4,6 +4,7 @@ require "uri"
 require "rest_client"
 require "json"
 require "securerandom"
+require "jose"
 
 require_relative "ibanity/util"
 require_relative "ibanity/error"
@@ -11,6 +12,8 @@ require_relative "ibanity/collection"
 require_relative "ibanity/client"
 require_relative "ibanity/http_signature"
 require_relative "ibanity/api/base_resource"
+require_relative "ibanity/api/flat_resource"
+require_relative "ibanity/webhook"
 require_relative "ibanity/api/xs2a/account"
 require_relative "ibanity/api/xs2a/transaction"
 require_relative "ibanity/api/xs2a/holding"
@@ -33,6 +36,7 @@ require_relative "ibanity/api/isabel_connect/intraday_transaction"
 require_relative "ibanity/api/isabel_connect/account_report"
 require_relative "ibanity/api/isabel_connect/access_token"
 require_relative "ibanity/api/isabel_connect/refresh_token"
+require_relative "ibanity/api/isabel_connect/token"
 require_relative "ibanity/api/isabel_connect/bulk_payment_initiation_request"
 require_relative "ibanity/api/sandbox/financial_institution_account"
 require_relative "ibanity/api/sandbox/financial_institution_transaction"
@@ -46,18 +50,24 @@ require_relative "ibanity/api/ponto_connect/synchronization"
 require_relative "ibanity/api/consent/consent"
 require_relative "ibanity/api/consent/processing_operation"
 require_relative "ibanity/api/ponto_connect/payment"
+require_relative "ibanity/api/ponto_connect/bulk_payment"
 require_relative "ibanity/api/ponto_connect/user_info"
 require_relative "ibanity/api/ponto_connect/usage"
 require_relative "ibanity/api/ponto_connect/integration"
 require_relative "ibanity/api/ponto_connect/sandbox/financial_institution_account"
 require_relative "ibanity/api/ponto_connect/sandbox/financial_institution_transaction"
 require_relative "ibanity/api/ponto_connect/onboarding_details"
+require_relative "ibanity/api/ponto_connect/reauthorization_request"
+require_relative "ibanity/api/ponto_connect/payment_activation_request"
+require_relative "ibanity/api/webhooks/key"
+require_relative "ibanity/api/webhooks/xs2a"
+require_relative "ibanity/api/webhooks/ponto_connect"
 
 module Ibanity
   class << self
     def client
       options = configuration.to_h.delete_if { |_, v| v.nil? }
-      @client ||= Ibanity::Client.new(options)
+      @client ||= Ibanity::Client.new(**options)
     end
 
     def configure
@@ -66,6 +76,7 @@ module Ibanity
       @isabel_connect_api_schema = nil
       @consent_api_schema        = nil
       @ponto_connect_api_schema  = nil
+      @webhooks_api_schema       = nil
       @sandbox_api_schema        = nil
       @configuration             = nil
       yield configuration
@@ -86,8 +97,10 @@ module Ibanity
         :ponto_connect_client_secret,
         :api_scheme,
         :api_host,
-        :api_port,
-        :ssl_ca_file
+        :ssl_ca_file,
+        :application_id,
+        :debug_http_requests,
+        :timeout
       ).new
     end
 
@@ -111,6 +124,14 @@ module Ibanity
       @consent_api_schema ||= client.get(uri: "#{client.base_uri}/consent")["links"]
     end
 
+    def webhooks_api_schema
+      @webhooks_api_schema ||= client.get(uri: "#{client.base_uri}/webhooks")["links"]
+    end
+
+    def webhook_keys
+      @webhook_keys ||= Ibanity::Webhooks::Key.list
+    end
+
     def respond_to_missing?(method_name, include_private = false)
       client.respond_to?(method_name, include_private)
     end

data/spec/lib/ibanity/base_resource_spec.rb

@@ -0,0 +1,42 @@
+require "ibanity"
+
+class Ibanity::Xs2a::Car < Ibanity::BaseResource; end
+class Ibanity::Xs2a::Manufacturer < Ibanity::BaseResource; end
+
+RSpec.describe Ibanity::BaseResource do
+  describe "#relationship_klass" do
+    context "when 'data' attribute is present" do
+      it "retrieves the resource name from the 'type' attribute if it is present" do
+        car = Ibanity::Xs2a::Car.new(Fixture.load_json("relationships/data_with_type.json"))
+
+        expect(car).to respond_to(:maker)
+      end
+
+      it "falls back to the element name otherwise" do
+        car = Ibanity::Xs2a::Car.new(Fixture.load_json("relationships/data_without_type.json"))
+
+        expect(car).to respond_to(:manufacturer)
+      end
+    end
+
+    context "when the 'links' attribute is present" do
+      it "retrieves the resource name from the 'type' attribute within the 'links' attribute" do
+        car = Ibanity::Xs2a::Car.new(Fixture.load_json("relationships/meta_with_type.json"))
+  
+        expect(car).to respond_to(:manufacturer)
+      end
+    end
+
+    context "when there's no 'links/related' element" do
+      let(:car) { Ibanity::Xs2a::Car.new(Fixture.load_json("relationships/no_links_related.json")) }
+
+      it "sets up a '<relationship_key>_id' property when there is a 'data/id' element" do
+        expect(car.manufacturer_id).to eq("6680437c")
+      end
+
+      it "discards the relationship" do
+        expect(car).not_to respond_to(:manufacturer)
+      end
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -12,10 +12,16 @@
 # the additional setup, and require it from the spec files that actually need
 # it.
 #
+
+Pathname.glob(Pathname.pwd().join("spec", "support", "**/*.rb")).each do |f|
+  require f
+end
+
 # See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
 Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each { |f| require f }
 
 RSpec.configure do |config|
+  config.include(Fixture)
   # rspec-expectations config goes here. You can use an alternate
   # assertion/expectation library such as wrong or the stdlib/minitest
   # assertions if you prefer.

data/spec/support/fixture.rb

@@ -0,0 +1,8 @@
+require "json"
+
+module Fixture
+  def self.load_json(filename)
+    path = Pathname([File.dirname(__FILE__ ), "fixtures", "json", filename].join("/"))
+    JSON.parse(File.read(path))
+  end
+end

data/spec/support/fixtures/json/relationships/data_with_type.json

@@ -0,0 +1,21 @@
+{
+  "attributes": {
+    "color": "blue"
+  },
+  "id": "62ebd4687e",
+  "links": {
+    "self": "https://www.cardb.com/models/62ebd4687e"
+  },
+  "relationships": {
+    "maker": {
+      "data": {
+        "id": "c4ebf0f7",
+        "type": "manufacturer"
+      },
+      "links": {
+        "related": "https://www.cardb.com/manufacturers/c4ebf0f7"
+      }
+    }
+  },
+  "type": "car"
+}

data/spec/support/fixtures/json/relationships/data_without_type.json

@@ -0,0 +1,20 @@
+{
+  "attributes": {
+    "color": "blue"
+  },
+  "id": "62ebd4687e",
+  "links": {
+    "self": "https://www.cardb.com/models/62ebd4687e"
+  },
+  "relationships": {
+    "manufacturer": {
+      "data": {
+        "id": "c4ebf0f7"
+      },
+      "links": {
+        "related": "https://www.cardb.com/manufacturers/c4ebf0f7"
+      }
+    }
+  },
+  "type": "car"
+}

data/spec/support/fixtures/json/relationships/meta_with_type.json

@@ -0,0 +1,20 @@
+{
+  "attributes": {
+    "color": "blue"
+  },
+  "id": "62ebd4687e",
+  "links": {
+    "self": "https://www.cardb.com/models/62ebd4687e"
+  },
+  "relationships": {
+    "manufacturer": {
+      "links": {
+        "related": "https://www.cardb.com/manufacturers/c4ebf0f7"        
+      },
+      "meta": {
+        "type": "manufacturer"
+      }
+    }
+  },
+  "type": "car"
+}

data/spec/support/fixtures/json/relationships/no_links_related.json

@@ -0,0 +1,15 @@
+{
+  "id": "62ebd4687e",
+  "attributes": {
+    "color": "blue"
+  },
+  "relationships": {
+    "manufacturer": {
+      "data": {
+        "type": "manufacturer",
+        "id": "6680437c"
+      }
+    }
+  },
+  "type": "car"
+}

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ibanity
 version: !ruby/object:Gem::Version
-  version: 1.7.0
+  version: 1.11.0
 platform: ruby
 authors:
 - Ibanity
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-03-05 00:00:00.000000000 Z
+date: 2022-01-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rest-client
@@ -24,6 +24,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 1.8.0
+- !ruby/object:Gem::Dependency
+  name: jose
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.1.3
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.1.3
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -60,6 +74,7 @@ files:
 - lib/ibanity/api/base_resource.rb
 - lib/ibanity/api/consent/consent.rb
 - lib/ibanity/api/consent/processing_operation.rb
+- lib/ibanity/api/flat_resource.rb
 - lib/ibanity/api/isabel_connect/access_token.rb
 - lib/ibanity/api/isabel_connect/account.rb
 - lib/ibanity/api/isabel_connect/account_report.rb
@@ -67,13 +82,17 @@ files:
 - lib/ibanity/api/isabel_connect/bulk_payment_initiation_request.rb
 - lib/ibanity/api/isabel_connect/intraday_transaction.rb
 - lib/ibanity/api/isabel_connect/refresh_token.rb
+- lib/ibanity/api/isabel_connect/token.rb
 - lib/ibanity/api/isabel_connect/transaction.rb
 - lib/ibanity/api/o_auth_resource.rb
 - lib/ibanity/api/ponto_connect/account.rb
+- lib/ibanity/api/ponto_connect/bulk_payment.rb
 - lib/ibanity/api/ponto_connect/financial_institution.rb
 - lib/ibanity/api/ponto_connect/integration.rb
 - lib/ibanity/api/ponto_connect/onboarding_details.rb
 - lib/ibanity/api/ponto_connect/payment.rb
+- lib/ibanity/api/ponto_connect/payment_activation_request.rb
+- lib/ibanity/api/ponto_connect/reauthorization_request.rb
 - lib/ibanity/api/ponto_connect/sandbox/financial_institution_account.rb
 - lib/ibanity/api/ponto_connect/sandbox/financial_institution_transaction.rb
 - lib/ibanity/api/ponto_connect/synchronization.rb
@@ -85,6 +104,9 @@ files:
 - lib/ibanity/api/sandbox/financial_institution_holding.rb
 - lib/ibanity/api/sandbox/financial_institution_transaction.rb
 - lib/ibanity/api/sandbox/financial_institution_user.rb
+- lib/ibanity/api/webhooks/key.rb
+- lib/ibanity/api/webhooks/ponto_connect.rb
+- lib/ibanity/api/webhooks/xs2a.rb
 - lib/ibanity/api/xs2a/account.rb
 - lib/ibanity/api/xs2a/account_information_access_request.rb
 - lib/ibanity/api/xs2a/account_information_access_request_authorization.rb
@@ -105,10 +127,17 @@ files:
 - lib/ibanity/http_signature.rb
 - lib/ibanity/util.rb
 - lib/ibanity/version.rb
+- lib/ibanity/webhook.rb
+- spec/lib/ibanity/base_resource_spec.rb
 - spec/lib/ibanity/http_signature_spec.rb
 - spec/lib/ibanity/util_spec.rb
 - spec/spec_helper.rb
 - spec/support/crypto_helper.rb
+- spec/support/fixture.rb
+- spec/support/fixtures/json/relationships/data_with_type.json
+- spec/support/fixtures/json/relationships/data_without_type.json
+- spec/support/fixtures/json/relationships/meta_with_type.json
+- spec/support/fixtures/json/relationships/no_links_related.json
 - spec/support/fixtures/signature/test-certificate.pem
 - spec/support/fixtures/signature/test-private_key.pem
 - spec/support/fixtures/signature/test-public_key.pem
@@ -131,15 +160,21 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.0.3.1
 signing_key: 
 specification_version: 4
 summary: Ibanity Ruby Client
 test_files:
+- spec/lib/ibanity/base_resource_spec.rb
 - spec/lib/ibanity/http_signature_spec.rb
 - spec/lib/ibanity/util_spec.rb
 - spec/spec_helper.rb
 - spec/support/crypto_helper.rb
+- spec/support/fixture.rb
+- spec/support/fixtures/json/relationships/data_with_type.json
+- spec/support/fixtures/json/relationships/data_without_type.json
+- spec/support/fixtures/json/relationships/meta_with_type.json
+- spec/support/fixtures/json/relationships/no_links_related.json
 - spec/support/fixtures/signature/test-certificate.pem
 - spec/support/fixtures/signature/test-private_key.pem
 - spec/support/fixtures/signature/test-public_key.pem