justifi 0.5.0 → 0.6.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3c34231d16ea73027351523d6309369021705f687926de6467fd4e81d1ff122f
-  data.tar.gz: 8c0009bd8453cf885113b081c3527ce6f074c08b0ba7086ba82348d89f8ce09e
+  metadata.gz: bcd2d68a4fce4e0a644aa81c8c65e9e0a11bb31991583379b86b00d5db3f79e2
+  data.tar.gz: 5c7edcdb32022a4f56bbd3a688b496d376838dbce1b4528ccb6201e0e2eaddf1
 SHA512:
-  metadata.gz: ce6dc69cbc087eaa57536791686380791ba816ef7acebad501ad5f6133567dd37c1475ef0ada32d666282f1d556dae668950fd3806297392b95e42703d6d1c61
-  data.tar.gz: fff1e3c1f3d49da9dd15a248f43ee1f2330860a7ab0d492bdfd223f1ce80d77c1ea4088511bc577f7ca761c99aeaafd60377ee19bdcb9e97c71716cf2ca76d4c
+  metadata.gz: 150f2bb84c5fba3693dbf7d4c6889963809c00314e468845c3c6dbab3a9b2eec6b2b574fde0ab85821c62a9b519b116eddeafc65280dd0cf188e9941ff052bf5
+  data.tar.gz: e3612d77657510b4bcadaf8fbe6a316b642a9292f3048a5c7a4925b3d3852f9da8d3a14a58e0f04b1399f50b21ee5dd2d63b9dfd3c4bd62fb4c78b913e99ea7b

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    justifi (0.5.0)
+    justifi (0.6.1)
 
 GEM
   remote: https://rubygems.org/
@@ -22,7 +22,7 @@ GEM
     public_suffix (4.0.7)
     rainbow (3.1.1)
     rake (13.0.6)
-    regexp_parser (2.3.0)
+    regexp_parser (2.4.0)
     repo-small-badge (0.2.7)
       victor (~> 0.2.8)
     rexml (3.2.5)
@@ -39,16 +39,16 @@ GEM
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.11.0)
     rspec-support (3.11.0)
-    rubocop (1.27.0)
+    rubocop (1.29.1)
       parallel (~> 1.10)
       parser (>= 3.1.0.0)
       rainbow (>= 2.2.2, < 4.0)
       regexp_parser (>= 1.8, < 3.0)
-      rexml
-      rubocop-ast (>= 1.16.0, < 2.0)
+      rexml (>= 3.2.5, < 4.0)
+      rubocop-ast (>= 1.17.0, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 1.4.0, < 3.0)
-    rubocop-ast (1.17.0)
+    rubocop-ast (1.18.0)
       parser (>= 3.1.1.0)
     rubocop-performance (1.13.3)
       rubocop (>= 1.7.0, < 2.0)
@@ -63,8 +63,8 @@ GEM
       repo-small-badge (~> 0.2.7)
       simplecov (~> 0.17)
     simplecov_json_formatter (0.1.4)
-    standard (1.10.0)
-      rubocop (= 1.27.0)
+    standard (1.12.1)
+      rubocop (= 1.29.1)
       rubocop-performance (= 1.13.3)
     unicode-display_width (2.1.0)
     victor (0.2.8)
@@ -89,4 +89,4 @@ DEPENDENCIES
   webmock (>= 3.8.0)
 
 BUNDLED WITH
-   2.2.3
+   2.2.15

data/README.md

@@ -5,24 +5,15 @@ It includes a pre-defined set of modules and classes that are essentially wrappe
 
 ## Installation
 
-From the command line:
-```bash
-gem install justifi --version "0.4.0" --source "https://rubygems.pkg.github.com/justifi-tech"
-```
-OR
-
 Add these lines to your application's Gemfile:
 
 ```ruby
-source "https://rubygems.pkg.github.com/justifi-tech" do
-  gem "justifi", "0.4.0"
-end
+gem "justifi"
 ```
 And then execute:
 
     $ bundle install
 
-
 ## Setup
 
 The gem needs to be configured with your `client_id` and `client_secret` in order to access JustiFi API resources.
@@ -204,6 +195,20 @@ Justifi::PaymentIntent.create(params: payment_intent_params, seller_account_id:
 Any API resource using the `seller_account_id` variable will include the `Seller-Account` header and be
 processed as the seller account.
 
+## Webhook Signature Verification
+
+Webhooks are secured by signature verification. An encrypted header is sent as a POST to your API endpoint (JUSTIFI-SIGNATURE),
+which will need to be decrypted and verified with the signature secret provided.
+You can use the JustiFi Ruby gem to validate the signature.
+
+```ruby
+received_event = { id: "py_..." } # JustiFi webhook event
+signature = "2463896d3cb..." # justifi-signature header
+timestamp  = "1651076887..." # justifi-timestamp header
+secret_key  = "sigk_2..." # secret key used for this webhook
+Justifi::Webhook.verify_signature(received_event: received_event, timestamp: timestamp, secret_key: secret_key, signature: signature) # valid or not
+```
+
 ## Contributing
 
 ### Release a new version of the gem

data/lib/justifi/balance_transaction.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+module Justifi
+  module BalanceTransaction
+    class << self
+      def list(params: {}, headers: {}, seller_account_id: nil)
+        headers[:seller_account] = seller_account_id if seller_account_id
+        JustifiOperations.execute_get_request("/v1/balance_transactions", params, headers)
+      end
+
+      def get(id:, headers: {})
+        JustifiOperations.execute_get_request("/v1/balance_transactions/#{id}",
+          {},
+          headers)
+      end
+    end
+  end
+end

data/lib/justifi/payment.rb

@@ -11,8 +11,8 @@ module Justifi
           headers: headers)
       end
 
-      def create_refund(amount:, payment_id:, reason: nil, description: nil)
-        refund_params = {amount: amount, description: description, reason: reason}
+      def create_refund(amount:, payment_id:, reason: nil, description: nil, metadata: nil)
+        refund_params = {amount: amount, description: description, reason: reason, metadata: metadata}
         JustifiOperations.idempotently_request("/v1/payments/#{payment_id}/refunds",
           method: :post,
           params: refund_params,

data/lib/justifi/util.rb

@@ -78,5 +78,12 @@ module Justifi
       end
       result
     end
+
+    # Creates a computed signature that can verify the payload sent.
+    # Each webhook has its own signature key that can be achieved in JustiFi's platform
+    def self.compute_signature(received_event, timestamp, secret_key)
+      timestamp_payload = "#{timestamp}.#{received_event.to_json}"
+      OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new("sha256"), secret_key, timestamp_payload)
+    end
   end
 end

data/lib/justifi/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Justifi
-  VERSION = "0.5.0"
+  VERSION = "0.6.1"
 end

data/lib/justifi/webhook.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Justifi
+  module Webhook
+    class << self
+      def verify_signature(received_event:, timestamp:, secret_key:, signature:)
+        signature == Util.compute_signature(received_event, timestamp, secret_key)
+      end
+    end
+  end
+end

data/lib/justifi.rb

@@ -15,10 +15,12 @@ require "justifi/oauth"
 require "justifi/payment"
 require "justifi/refund"
 require "justifi/payout"
+require "justifi/balance_transaction"
 require "justifi/dispute"
 require "justifi/payment_method"
 require "justifi/payment_intent"
 require "justifi/in_memory_cache"
+require "justifi/webhook"
 
 module Justifi
   @config = Justifi::Configuration.setup

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: justifi
 version: !ruby/object:Gem::Version
-  version: 0.5.0
+  version: 0.6.1
 platform: ruby
 authors:
 - JustiFi
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2022-04-28 00:00:00.000000000 Z
+date: 2022-06-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: byebug
@@ -161,6 +161,7 @@ files:
 - justifi.gemspec
 - lib/justifi.rb
 - lib/justifi/api_operations.rb
+- lib/justifi/balance_transaction.rb
 - lib/justifi/configuration.rb
 - lib/justifi/dispute.rb
 - lib/justifi/in_memory_cache.rb
@@ -177,6 +178,7 @@ files:
 - lib/justifi/refund.rb
 - lib/justifi/util.rb
 - lib/justifi/version.rb
+- lib/justifi/webhook.rb
 homepage: https://justifi.ai
 licenses: []
 metadata: