mixin_bot 0.0.1.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: b67635be46f18811338468b260f58143536dfba2
+  data.tar.gz: e5695a7e88236e880bf997d1d0880f0dca8ac08c
+SHA512:
+  metadata.gz: 4a80cf2b75cf00e1ce0726e504f70ae83a97683421b8c19dc846060cd6cfccc224898ee896c3f60e5fed29945afb8964a7c28d59e54606f67490a661256e33d5
+  data.tar.gz: e67b7bdc244c2995bd1ae33c044d4a7d7872c1c2bf5a1e70cd8a211f713ce4a1b2a3ded2a011e1904080d84c2e92a74f5704b02e3462796c6d169d1a08ffd282

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright 2018 an-lee
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/lib/mixin_bot.rb

@@ -0,0 +1,17 @@
+require 'active_support/all'
+require 'http'
+require 'base64'
+require 'openssl'
+require 'jwt'
+require 'jose'
+require_relative './mixin_bot/api'
+
+module MixinBot
+  class<< self
+    attr_accessor :client_id, :client_secret, :session_id, :pin_token, :private_key, :scope
+  end
+
+  def self.api
+    @api ||= MixinBot::API.new(options={})
+  end
+end

data/lib/mixin_bot/api.rb

@@ -0,0 +1,32 @@
+require_relative './client'
+require_relative './errors'
+require_relative './api/auth'
+require_relative './api/me'
+require_relative './api/payment'
+require_relative './api/pin'
+require_relative './api/transfer'
+require_relative './api/user'
+
+module MixinBot
+  class API
+    attr_reader :client_id, :client_secret, :session_id, :pin_token, :private_key, :scope
+    attr_reader :client
+
+    def initialize(options={})
+      @client_id = options[:client_id]  || MixinBot.client_id
+      @client_secret = options[:client_secret] || MixinBot.client_secret
+      @session_id = options[:session_id] || MixinBot.session_id
+      @pin_token = Base64.decode64 options[:pin_token] || MixinBot.pin_token
+      @private_key = OpenSSL::PKey::RSA.new options[:private_key] || MixinBot.private_key
+      @scope = options[:scope] || MixinBot.scope || 'PROFILE:READ+PHONE:READ+ASSETS:READ'
+      @client = Client.new
+    end
+
+    include MixinBot::API::Auth
+    include MixinBot::API::Me
+    include MixinBot::API::Payment
+    include MixinBot::API::Pin
+    include MixinBot::API::Transfer
+    include MixinBot::API::User
+  end
+end

data/lib/mixin_bot/api/auth.rb

@@ -0,0 +1,39 @@
+module MixinBot
+  class API
+    module Auth
+      def access_token(method, uri, body)
+        sig = Digest::SHA256.hexdigest (method + uri + body)
+        iat = Time.now.utc.to_i
+        exp = (Time.now.utc + 1.day).to_i
+        jti = SecureRandom.uuid
+        payload = {
+          'uid': client_id,
+          'sid': session_id,
+          'iat': iat,
+          'exp': exp,
+          'jti': jti,
+          'sig': sig
+        }
+        JWT.encode payload, private_key, 'RS512'
+      end
+
+      def oauth_token(code)
+        path = 'oauth/token'
+        payload = {
+          client_id: client_id,
+          client_secret: client_secret,
+          code: code
+        }
+        r = client.post(path, json: payload)
+
+        raise r.inspect if r['error'].present?
+
+        return r['data']['access_token']
+      end
+
+      def request_oauth
+        format('https://mixin.one/oauth/authorize?client_id=%s&scope=%s', client_id, scope)
+      end
+    end
+  end
+end

data/lib/mixin_bot/api/conversation.rb

@@ -0,0 +1,33 @@
+module MixinBot
+  class API
+    module Conversation
+      def create_conversation
+        path = '/conversations'
+        access_token ||= self.access_token('GET', path, '')
+        params = {
+          category: category,
+          conversation_id: conversation_id,
+          participants: [
+            {
+              action: 'ADD',
+              role: '',
+              user_id: user_id
+            }
+          ]
+        }
+      end
+
+      def unique_conversation_id(user_id)
+        md5 = Digest::MD5.new
+        md5 << user_id
+        md5 << client_id
+        digest = md5.digest
+        digest_6 = (digest[6].ord & 0x0f | 0x30).chr
+        digest_8 = (digest[8].ord & 0x3f | 0x80).chr
+        cipher = digest[0...6] + digest_6 + digest[7] + digest_8 + digest[9..-1]
+        hex = cipher.unpack('H*').first
+        conversation_id = format('%s-%s-%s-%s-%s', hex[0..7], hex[8..11], hex[12..15], hex[16..19], hex[20..-1])
+      end
+    end
+  end
+end

data/lib/mixin_bot/api/me.rb

@@ -0,0 +1,44 @@
+module MixinBot
+  class API
+    module Me
+      def read_me(access_token=nil)
+        path = '/me'
+        access_token ||= self.access_token('GET', path, '')
+        authorization = format('Bearer %s', access_token)
+        client.get(path, headers: { 'Authorization': authorization })
+      end
+
+      def update_me(full_name, avatar_base64, access_token=nil)
+        path = '/me'
+        payload = {
+          "full_name": full_name,
+          "avatar_base64": avatar_base64
+        }
+        access_token ||= self.access_token('POST', path, payload.to_json)
+        authorization = format('Bearer %s', access_token)
+        client.post(path, headers: { 'Authorization': authorization }, json: payload)
+      end
+
+      def read_assets(access_token=nil)
+        path = '/assets'
+        access_token ||= self.access_token('GET', path, '')
+        authorization = format('Bearer %s', access_token)
+        client.get(path, headers: { 'Authorization': authorization })
+      end
+
+      def read_asset(asset_id, access_token=nil)
+        path = format('/assets/%s', asset_id)
+        access_token ||= self.access_token('GET', path, '')
+        authorization = format('Bearer %s', access_token)
+        client.get(path, headers: { 'Authorization': authorization })
+      end
+
+      def read_friends(access_token=nil)
+        path = '/friends'
+        access_token ||= self.access_token('GET', path, '')
+        authorization = format('Bearer %s', access_token)
+        client.get(path, headers: { 'Authorization': authorization })
+      end
+    end
+  end
+end

data/lib/mixin_bot/api/message.rb

@@ -0,0 +1,27 @@
+module MixinBot
+  class API
+    module Message
+      def read_message(data)
+        io = StringIO.new(data.pack('c*'), 'rb')
+        gzip = Zlib::GzipReader.new io
+        msg = gzip.read
+        gzip.close
+        return msg
+      end
+
+      def write_message(action, params)
+        msg = {
+          "id": SecureRandom.uuid,
+          "action":  action,
+          "params": params
+        }.to_json
+
+        io = StringIO.new 'wb'
+        gzip = Zlib::GzipWriter.new io
+        gzip.write msg
+        gzip.close
+        data = io.string.unpack('c*')
+      end
+    end
+  end
+end

data/lib/mixin_bot/api/payment.rb

@@ -0,0 +1,31 @@
+module MixinBot
+  class API
+    module Payment
+      def pay_url(options)
+        options = options.with_indifferent_access
+        recipient_id = options.fetch('recipient_id')
+        asset_id = options.fetch('asset_id')
+        amount = options.fetch('amount')
+        memo = options.fetch('memo')
+        trace = options.fetch('trace')
+        url = format('https://mixin.one/pay?recipient=%s&asset=%s&amount=%s&trace=%s&memo=%s', recipient_id, asset_id, amount, trace, memo)
+      end
+
+      def verify_payment(options)
+        options = options.with_indifferent_access
+        recipient_id = options.fetch('recipient_id')
+        asset_id = options.fetch('asset_id')
+        amount = options.fetch('amount')
+        trace = options.fetch('trace')
+        path = 'payments'
+        payload = {
+          asset_id: asset_id,
+          opponent_id: recipient_id,
+          amount: amount,
+          trace_id: trace,
+        }
+        client.post(path, json: payload)
+      end
+    end
+  end
+end

data/lib/mixin_bot/api/pin.rb

@@ -0,0 +1,57 @@
+module MixinBot
+  class API
+    module Pin
+      def verify_pin(pin_code, access_token=nil)
+        path = '/pin/verify'
+        payload = {
+          pin: encrypt_pin(pin_code)
+        }
+
+        access_token ||= self.access_token('POST', path, payload.to_json)
+        authorization = format('Bearer %s', access_token)
+        client.post(path, headers: { 'Authorization': authorization }, json: payload)
+      end
+
+      def decrypt_pin(msg)
+        msg = Base64.strict_decode64 msg
+        iv = msg[0..15]
+        cipher = msg[16..47]
+        aes_key = JOSE::JWA::PKCS1::rsaes_oaep_decrypt('SHA256', pin_token, private_key, session_id)
+        alg = "AES-256-CBC"
+        decode_cipher = OpenSSL::Cipher.new(alg)
+        decode_cipher.decrypt
+        decode_cipher.iv = iv
+        decode_cipher.key = aes_key
+        plain = decode_cipher.update(cipher)
+        return plain
+      end
+
+      def encrypt_pin(pin_code)
+        aes_key = JOSE::JWA::PKCS1::rsaes_oaep_decrypt('SHA256', pin_token, private_key, session_id)
+        ts = Time.now.utc.to_i
+        tszero = ts % 0x100
+        tsone = (ts % 0x10000) >> 8
+        tstwo = (ts % 0x1000000) >> 16
+        tsthree = (ts % 0x100000000) >> 24
+        tsstring = tszero.chr + tsone.chr + tstwo.chr + tsthree.chr + "\0\0\0\0"
+        encrypt_content = pin_code + tsstring + tsstring
+        pad_count = 16 - encrypt_content.length % 16
+        if pad_count > 0
+          padded_content = encrypt_content + pad_count.chr * pad_count
+        else
+          padded_content = encrypt_content
+        end
+
+        alg = "AES-256-CBC"
+        aes = OpenSSL::Cipher.new(alg)
+        iv = OpenSSL::Cipher.new(alg).random_iv
+        aes.encrypt
+        aes.key = aes_key
+        aes.iv = iv
+        cipher = aes.update(padded_content)
+        msg = iv + cipher
+        return Base64.strict_encode64 msg
+      end
+    end
+  end
+end

data/lib/mixin_bot/api/transfer.rb

@@ -0,0 +1,44 @@
+module MixinBot
+  class API
+    module Transfer
+      def create_transfer(pin, options)
+        # data for test:
+        # asset_id = '965e5c6e-434c-3fa9-b780-c50f43cd955c'
+        # opponent_id = '7ed9292d-7c95-4333-aa48-a8c640064186'
+        # amount = '1'
+        # encrypted_pin = MixinBot.api_pin.encrypted_pin
+        # memo = 'test'
+
+        options = options.with_indifferent_access
+
+        asset_id = options.fetch('asset_id')
+        opponent_id = options.fetch('opponent_id')
+        amount = options.fetch('amount')
+        memo = options.fetch('memo')
+        trace_id = options.fetch('trace_id')
+        trace_id ||= SecureRandom.uuid
+
+        path = '/transfers'
+        payload = {
+          asset_id: asset_id,
+          opponent_id: opponent_id,
+          pin: pin,
+          amount: amount,
+          trace_id: trace_id,
+          memo: memo
+        }
+
+        access_token ||= self.access_token('POST', path, payload.to_json)
+        authorization = format('Bearer %s', access_token)
+        client.post(path, headers: { 'Authorization': authorization }, json: payload)
+      end
+
+      def read_transfer(trace_id)
+        path = format('/transfers/trace/%s', trace_id)
+        access_token ||= self.access_token('GET', path, '')
+        authorization = format('Bearer %s', access_token)
+        client.get(path, headers: { 'Authorization': authorization })
+      end
+    end
+  end
+end

data/lib/mixin_bot/api/user.rb

@@ -0,0 +1,31 @@
+module MixinBot
+  class API
+    module User
+      def read_user(user_id, access_token=nil)
+        # user_id: Mixin User Id
+        path = format('/users/%s', user_id)
+        access_token ||= self.access_token('GET', path, '')
+        authorization = format('Bearer %s', access_token)
+        client.get(path, headers: { 'Authorization': authorization })
+      end
+
+      def search_user(q, access_token=nil)
+        # q: Mixin Id or Phone Number
+        path = format('/search/%s', q)
+        access_token ||= self.access_token('GET', path, '')
+        authorization = format('Bearer %s', access_token)
+        client.get(path, headers: { 'Authorization': authorization })
+      end
+
+      def fetch_users(user_ids, access_token=nil)
+        # user_ids: a array of user_ids
+        path = '/users/fetch'
+        user_ids = [user_ids] if user_ids.is_a? String
+        payload = user_ids
+        access_token ||= self.access_token('POST', path, payload.to_json)
+        authorization = format('Bearer %s', access_token)
+        client.post(path, headers: { 'Authorization': authorization }, json: payload)
+      end
+    end
+  end
+end

data/lib/mixin_bot/client.rb

@@ -0,0 +1,108 @@
+module MixinBot
+  class Client
+    SERVER_SCHEME = 'https'.freeze
+    SERVER_HOST = 'api.mixin.one'.freeze
+
+    def get(path, options = {})
+      request(:get, path, options)
+    end
+
+    def post(path, options = {})
+      request(:post, path, options)
+    end
+
+    private
+
+    def request(verb, path, options = {})
+      uri = uri_for(path)
+      options = options.with_indifferent_access
+
+      options['headers'] ||= {}
+      if options['headers']['Content-Type'].blank?
+        options['headers']['Content-Type'] = 'application/json'
+      end
+
+      begin
+        response = HTTP.timeout(:global, connect: 5, write: 5, read: 5).request(verb, uri, options)
+      rescue HTTP::Error => ex
+        Rails.logger.error format('%s (%s):', ex.class.name, ex.message)
+        Rails.logger.error ex.backtrace.join("\n")
+        raise Errors::HttpError, ex.message
+      end
+
+      unless response.status.success?
+        raise Errors::APIError.new(nil, response.to_s)
+      end
+
+      parse_response(response) do |parse_as, result|
+        case parse_as
+        when :json
+          break result if result[:errcode].blank? || result[:errcode].zero?
+          raise Errors::APIError.new(result[:errcode], result[:errmsg])
+        else
+          result
+        end
+      end
+    end
+
+    def uri_for(path)
+      uri_options = {
+        scheme: SERVER_SCHEME,
+        host: SERVER_HOST,
+        path: path
+      }
+      Addressable::URI.new(uri_options)
+    end
+
+    def parse_response(response)
+      content_type = response.headers[:content_type]
+      parse_as = {
+        %r{^application\/json} => :json,
+        %r{^image\/.*}         => :file,
+        %r{^text\/html}        => :xml,
+        %r{^text\/plain}       => :plain
+      }.each_with_object([]) { |match, memo| memo << match[1] if content_type =~ match[0] }.first || :plain
+
+      if parse_as == :plain
+        result = ActiveSupport::JSON.decode(response.body.to_s).with_indifferent_access rescue nil
+        if result
+          return yield(:json, result)
+        else
+          return yield(:plain, response.body)
+        end
+      end
+
+      case parse_as
+      when :json
+        result = ActiveSupport::JSON.decode(response.body.to_s).with_indifferent_access
+      when :file
+        if response.headers[:content_type] =~ %r{^image\/.*}
+          extension =
+            case response.headers['content-type']
+            when 'image/gif'  then '.gif'
+            when 'image/jpeg' then '.jpg'
+            when 'image/png'  then '.png'
+            end
+        else
+          extension = ''
+        end
+
+        begin
+          file = Tempfile.new(['mixin-file-', extension])
+          file.binmode
+          file.write(response.body)
+        ensure
+          file&.close
+        end
+
+        result = file
+      when :xml
+        result = Hash.from_xml(response.body.to_s)
+      else
+        result = response.body
+      end
+
+      yield(parse_as, result)
+    end
+  end
+end

data/lib/mixin_bot/errors.rb

@@ -0,0 +1,21 @@
+module MixinBot
+  module Errors
+    # 通用异常
+    Error = Class.new(StandardError)
+
+    # HTTP 异常，比如请求超时等
+    HttpError = Class.new(Error)
+
+    # API 异常，比如返回失败状态码
+    class APIError < Error
+      attr_reader :errcode, :errmsg
+
+      def initialize(errcode, errmsg)
+        @errcode = errcode
+        @errmsg = errmsg
+
+        super(format('[%s]: %s', @errcode, @errmsg))
+      end
+    end
+  end
+end

data/lib/mixin_bot/version.rb

@@ -0,0 +1,3 @@
+module MixinBot
+  VERSION = '0.0.1.1'.freeze
+end

metadata

@@ -0,0 +1,58 @@
+--- !ruby/object:Gem::Specification
+name: mixin_bot
+version: !ruby/object:Gem::Version
+  version: 0.0.1.1
+platform: ruby
+authors:
+- an-lee
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2018-09-13 00:00:00.000000000 Z
+dependencies: []
+description: An API wrapper for Mixin Nexwork
+email:
+- an.lee.work@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- MIT-LICENSE
+- lib/mixin_bot.rb
+- lib/mixin_bot/api.rb
+- lib/mixin_bot/api/auth.rb
+- lib/mixin_bot/api/conversation.rb
+- lib/mixin_bot/api/me.rb
+- lib/mixin_bot/api/message.rb
+- lib/mixin_bot/api/payment.rb
+- lib/mixin_bot/api/pin.rb
+- lib/mixin_bot/api/transfer.rb
+- lib/mixin_bot/api/user.rb
+- lib/mixin_bot/client.rb
+- lib/mixin_bot/errors.rb
+- lib/mixin_bot/version.rb
+homepage: https://github.com/an-lee/mixin_bot
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.6.14
+signing_key: 
+specification_version: 4
+summary: An API wrapper for Mixin Nexwork
+test_files: []