nowpayments 0.2.0

data/lib/nowpayments/errors.rb

@@ -0,0 +1,60 @@
+# frozen_string_literal: true
+
+module NOWPayments
+  # Base error class for all NOWPayments errors
+  class Error < StandardError
+    attr_reader :status, :body, :headers
+
+    def initialize(env_or_message)
+      if env_or_message.is_a?(Hash)
+        @status = env_or_message[:status]
+        @body = env_or_message[:body]
+        @headers = env_or_message[:response_headers]
+        super(error_message)
+      else
+        super
+      end
+    end
+
+    private
+
+    def error_message
+      if body.is_a?(Hash) && body["message"]
+        "#{self.class.name}: #{body["message"]} (HTTP #{status})"
+      elsif body.is_a?(String)
+        "#{self.class.name}: #{body} (HTTP #{status})"
+      else
+        "#{self.class.name}: HTTP #{status}"
+      end
+    end
+  end
+
+  # Connection-level errors
+  class ConnectionError < Error
+    def initialize(message)
+      @message = message
+      super
+    end
+  end
+
+  # HTTP 400 - Bad Request
+  class BadRequestError < Error; end
+
+  # HTTP 401, 403 - Authentication/Authorization errors
+  class AuthenticationError < Error; end
+
+  # HTTP 404 - Resource Not Found
+  class NotFoundError < Error; end
+
+  # HTTP 429 - Rate Limit Exceeded
+  class RateLimitError < Error; end
+
+  # HTTP 500-599 - Server errors
+  class ServerError < Error; end
+
+  # Security/verification errors (e.g., invalid IPN signature)
+  class SecurityError < StandardError; end
+
+  # Client-side validation errors
+  class ValidationError < StandardError; end
+end

data/lib/nowpayments/middleware/error_handler.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+require "faraday"
+
+module NOWPayments
+  module Middleware
+    # Faraday middleware that converts HTTP errors into NOWPayments exceptions
+    class ErrorHandler < Faraday::Middleware
+      def on_complete(env)
+        case env[:status]
+        when 400
+          raise BadRequestError, env
+        when 401, 403
+          raise AuthenticationError, env
+        when 404
+          raise NotFoundError, env
+        when 429
+          raise RateLimitError, env
+        when 500..599
+          raise ServerError, env
+        end
+      end
+
+      def call(env)
+        @app.call(env).on_complete do |response_env|
+          on_complete(response_env)
+        end
+      rescue Faraday::ConnectionFailed, Faraday::TimeoutError => e
+        raise ConnectionError, e.message
+      end
+    end
+  end
+end

data/lib/nowpayments/rack.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module NOWPayments
+  # Rack/Rails integration helpers for webhook verification
+  module Rack
+    # Verify webhook from a Rack/Rails request object
+    # @param request [Rack::Request, ActionDispatch::Request] The request object
+    # @param ipn_secret [String] IPN secret key
+    # @return [Hash] Verified payload
+    # @raise [SecurityError] If verification fails
+    def self.verify_webhook(request, ipn_secret)
+      raw_body = request.body.read
+      request.body.rewind # Allow re-reading
+
+      # Try both header access methods (Rack vs Rails)
+      signature = request.get_header("HTTP_X_NOWPAYMENTS_SIG") if request.respond_to?(:get_header)
+      signature ||= request.headers["x-nowpayments-sig"] if request.respond_to?(:headers)
+      signature ||= request.env["HTTP_X_NOWPAYMENTS_SIG"]
+
+      raise SecurityError, "Missing x-nowpayments-sig header" unless signature
+
+      Webhook.verify!(raw_body, signature, ipn_secret)
+    end
+  end
+end

data/lib/nowpayments/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module NOWPayments
+  VERSION = "0.2.0"
+end

data/lib/nowpayments/webhook.rb

@@ -0,0 +1,62 @@
+# frozen_string_literal: true
+
+require "openssl"
+require "json"
+
+module NOWPayments
+  # Webhook verification utilities for IPN (Instant Payment Notifications)
+  module Webhook
+    class << self
+      # Verify IPN signature
+      # @param raw_body [String] Raw POST body from webhook
+      # @param signature [String] x-nowpayments-sig header value
+      # @param secret [String] IPN secret key from dashboard
+      # @return [Hash] Verified, parsed payload
+      # @raise [SecurityError] If signature is invalid
+      def verify!(raw_body, signature, secret)
+        raise ArgumentError, "raw_body required" if raw_body.nil? || raw_body.empty?
+        raise ArgumentError, "signature required" if signature.nil? || signature.empty?
+        raise ArgumentError, "secret required" if secret.nil? || secret.empty?
+
+        parsed = JSON.parse(raw_body)
+        sorted_json = sort_keys_recursive(parsed)
+        expected_sig = generate_signature(sorted_json, secret)
+
+        raise SecurityError, "Invalid IPN signature - webhook verification failed" unless secure_compare(expected_sig, signature)
+
+        parsed
+      end
+
+      private
+
+      # Recursively sort Hash keys (including nested hashes and arrays)
+      # This is critical for proper HMAC signature verification
+      def sort_keys_recursive(obj)
+        case obj
+        when Hash
+          obj.sort.to_h.transform_values { |v| sort_keys_recursive(v) }
+        when Array
+          obj.map { |v| sort_keys_recursive(v) }
+        else
+          obj
+        end
+      end
+
+      # Generate HMAC-SHA512 signature
+      def generate_signature(sorted_json, secret)
+        json_string = JSON.generate(sorted_json, space: "", indent: "")
+        OpenSSL::HMAC.hexdigest("SHA512", secret, json_string)
+      end
+
+      # Constant-time comparison to prevent timing attacks
+      def secure_compare(a, b)
+        return false unless a.bytesize == b.bytesize
+
+        l = a.unpack("C#{a.bytesize}")
+        res = 0
+        b.each_byte { |byte| res |= byte ^ l.shift }
+        res.zero?
+      end
+    end
+  end
+end

data/lib/nowpayments.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+require_relative "nowpayments/version"
+require_relative "nowpayments/errors"
+require_relative "nowpayments/middleware/error_handler"
+require_relative "nowpayments/client"
+require_relative "nowpayments/webhook"
+require_relative "nowpayments/rack"
+
+module NOWPayments
+  class Error < StandardError; end
+end

data/sig/nowpayments.rbs

@@ -0,0 +1,4 @@
+module Nowpayments
+  VERSION: String
+  # See the writing guide of rbs: https://github.com/ruby/rbs#guides
+end

metadata

@@ -0,0 +1,92 @@
+--- !ruby/object:Gem::Specification
+name: nowpayments
+version: !ruby/object:Gem::Version
+  version: 0.2.0
+platform: ruby
+authors:
+- Chayut Orapinpatipat
+autorequire:
+bindir: exe
+cert_chain: []
+date: 2025-11-01 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: faraday
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+description: A lightweight Ruby wrapper for the NOWPayments API that handles cryptocurrency
+  payments, invoices, and webhooks
+email:
+- chayut@canopusnet.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".env.example"
+- CHANGELOG.md
+- LICENSE.txt
+- README.md
+- Rakefile
+- docs/API.md
+- examples/jwt_authentication_example.rb
+- examples/simple_demo.rb
+- examples/webhook_server.rb
+- lib/nowpayments.rb
+- lib/nowpayments/api/authentication.rb
+- lib/nowpayments/api/conversions.rb
+- lib/nowpayments/api/currencies.rb
+- lib/nowpayments/api/custody.rb
+- lib/nowpayments/api/estimation.rb
+- lib/nowpayments/api/fiat_payouts.rb
+- lib/nowpayments/api/invoices.rb
+- lib/nowpayments/api/payments.rb
+- lib/nowpayments/api/payouts.rb
+- lib/nowpayments/api/status.rb
+- lib/nowpayments/api/subscriptions.rb
+- lib/nowpayments/client.rb
+- lib/nowpayments/errors.rb
+- lib/nowpayments/middleware/error_handler.rb
+- lib/nowpayments/rack.rb
+- lib/nowpayments/version.rb
+- lib/nowpayments/webhook.rb
+- sig/nowpayments.rbs
+homepage: https://github.com/Sentia/nowpayments
+licenses:
+- MIT
+metadata:
+  allowed_push_host: https://rubygems.org
+  homepage_uri: https://github.com/Sentia/nowpayments
+  source_code_uri: https://github.com/Sentia/nowpayments
+  changelog_uri: https://github.com/Sentia/nowpayments/blob/main/CHANGELOG.md
+  documentation_uri: https://rubydoc.info/gems/nowpayments
+  rubygems_mfa_required: 'true'
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 3.2.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.5.11
+signing_key:
+specification_version: 4
+summary: Ruby client for NOWPayments cryptocurrency payment processing API
+test_files: []