omnipay 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: c3c13dede2e2ea788ee716eb834b225b1cae1ca9
+  data.tar.gz: 949abeb3bde942deb0c11d8c011814b692f538f1
+SHA512:
+  metadata.gz: afbd5ccc734ef955631e111ded2dbf447dc63ae3658069d7b72c1c8210dbee2eb707a989f5057dc0ec112f0a7dcfa43660b6f8d0aaa6b76a80155b6883331d09
+  data.tar.gz: d419fd51650c301b5c2a379fea3a11192921b1b585f146726af5ed2d933d0c1054afd28ac1c6d41cafb443e835e2075554048a85aa59faeddb8cb23af40934c3

data/lib/omnipay.rb

@@ -0,0 +1,32 @@
+require 'singleton'
+
+module Omnipay
+
+  autoload :Gateway, 'omnipay/gateway'
+  autoload :Adapter, 'omnipay/adapter'
+  autoload :RequestPhase, 'omnipay/request_phase'
+  autoload :CallbackPhase, 'omnipay/callback_phase'
+  autoload :AutosubmitForm, 'omnipay/autosubmit_form'
+  autoload :Signer, 'omnipay/signer'
+
+  # Error codes
+  INVALID_RESPONSE = :invalid_response
+  CANCELATION = :cancelation
+  PAYMENT_REFUSED = :payment_refused
+  WRONG_SIGNATURE = :wrong_signature
+
+  # Configuration
+  class Configuration
+    include Singleton
+    attr_accessor :secret_token
+  end
+
+  def self.configuration
+    Configuration.instance
+  end
+
+  def self.configure
+    yield configuration
+  end
+
+end

data/lib/omnipay/adapter.rb

@@ -0,0 +1,62 @@
+# Glue between the rack middleware and the adapter implementation
+# Responsible for initializing, configuring the adapter, and formatting
+# the responses for use in the middleware
+
+module Omnipay
+
+  class Adapter
+
+    attr_reader :uid
+
+    def initialize(uid, callback_url, config, dynamic_config)
+      @uid = uid
+      @callback_url = callback_url
+      @config = config
+      @dynamic_config = dynamic_config
+
+      @strategy = build_strategy
+    end
+
+    def valid?
+      @strategy != nil
+    end
+
+    def request_phase(amount, opts)
+      @strategy.request_phase(amount, opts)
+    end
+
+    def callback_hash(params)
+      @strategy.callback_hash(params)
+    end
+
+
+    private
+
+    def build_strategy
+      return nil unless strategy_class
+
+      strategy_class.new(@callback_url, strategy_config)
+    end
+
+    def strategy_class
+      params[:adapter]
+    end
+
+    def strategy_config
+      params[:config] || {}
+    end
+
+    def params
+      return @params if @params
+
+      if @dynamic_config
+        @params = @dynamic_config.call(@uid) || {}
+      else
+        @params = @config || {}
+      end
+
+      @params ||= {}
+    end
+
+  end
+end

data/lib/omnipay/adapters/mangopay.rb

@@ -0,0 +1,140 @@
+# Omnipay adapter for mangopay
+# documentation : http://docs.mangopay.com/api-references/
+#
+# Configuration :
+# - client_id:string (mandatory) : client id of your mangopay account
+# - client_passphrase:string (mandatory) : the passphrase for your account
+# - wallet_id:string (mandatory) : the wallet to be credited with the payments
+
+require_relative 'mangopay/client'
+
+
+module Omnipay
+  module Adapters
+
+    class Mangopay
+
+      attr_reader :client
+
+      def initialize(callback_url, config = {})
+
+        raise ArgumentError.new("Missing client_id, client_passphrase, or wallet_id parameter") unless [config[:client_id], config[:client_passphrase], config[:wallet_id]].all?
+
+        @client = Client.new(config[:client_id], config[:client_passphrase], :sandbox => !!config[:sandbox])
+        @callback_url = callback_url
+        @wallet_id = config[:wallet_id]
+
+      end
+
+
+      def request_phase(amount, params = {})
+
+        transaction_id, redirect_url = create_web_payin(amount, params)
+
+        # Generate the path and query parameters from the returned redirect_url string
+        uri = URI(redirect_url)
+
+        return [
+          'GET', 
+          "#{uri.scheme}://#{uri.host}#{uri.path}", 
+          Rack::Utils.parse_nested_query(uri.query), 
+          transaction_id
+        ]
+
+      end
+
+
+      def callback_hash(params)
+
+        transaction_id = params[:transactionId]
+
+        begin
+          response = @client.get "/payins/#{transaction_id}"
+        rescue Mangopay::Client::Error => e
+          return {
+            :success => false,
+            :error => Omnipay::INVALID_RESPONSE,
+            :error_message => "Could not fetch details of transaction #{transaction_id}"
+          }
+        end
+
+        # Check if the response is valid
+        if response['code'] != 200
+          return {
+            :success => false,
+            :error => Omnipay::INVALID_RESPONSE
+          }
+        end
+
+
+        # Successful transaction
+        if response['Status'] == 'SUCCEEDED'
+          {
+            :success => true,
+            :amount => response['DebitedFunds']['Amount'],
+            :transaction_id => transaction_id
+          }
+        else
+
+          # Cancelation
+          if ['101001', '101002'].include? response['ResultCode']
+            {
+              :success => false,
+              :error => Omnipay::CANCELATION
+            }
+          else
+            {
+              :success => false,
+              :error => Omnipay::PAYMENT_REFUSED,
+              :error_message => "Refused payment for transaction #{transaction_id}.\nCode : #{response['ResultCode']}\nMessage : #{response['ResultMessage']}"
+            }
+          end
+        end
+      end
+
+
+      private
+
+      def create_web_payin(amount, params)
+
+        # Create a user
+        random_key = "#{Time.now.to_i}-#{(0...3).map { ('a'..'z').to_a[rand(26)] }.join}"
+        user_params = {
+          :Email => "user-#{random_key}@host.tld",
+          :FirstName => "User #{random_key}",
+          :LastName => "User #{random_key}",
+          :Birthday => Time.now.to_i,
+          :Nationality => "FR",
+          :CountryOfResidence => "FR"
+        }
+
+        user_id = (@client.post('/users/natural', user_params))["Id"]
+
+        # Create the web payin        
+        payin_params = {
+          :AuthorId => user_id, 
+          :DebitedFunds => {
+            :Currency => 'EUR',
+            :Amount => amount
+          },
+          :Fees => {
+            :Currency => 'EUR',
+            :Amount => 0
+          },
+          :CreditedWalletId => @wallet_id,
+          :ReturnURL => @callback_url,
+          :Culture => (params[:locale] || 'fr').upcase,
+          :CardType => 'CB_VISA_MASTERCARD',
+          :SecureMode => 'FORCE'
+        }
+
+        payin = @client.post '/payins/card/web', payin_params
+
+        # Return the transaction reference, and the full redirection url
+        return [payin["Id"], payin["RedirectURL"]]
+      end
+
+    end
+
+  end
+end

data/lib/omnipay/adapters/mangopay/client.rb

@@ -0,0 +1,70 @@
+# Client for the mangopay API
+
+require 'httparty'
+
+module Omnipay
+  module Adapters
+    class Mangopay
+
+      class Client
+
+        class Error < ::StandardError ; end
+
+        include HTTParty
+
+        format :json
+
+        headers 'Accept' => 'application/json'
+        headers 'Content-Type' => 'application/json'
+
+        def initialize(key, secret, opts = {})
+          @key = key
+          @secret = secret
+
+          if opts[:sandbox]
+            @base_uri = 'https://api.sandbox.mangopay.com/v2'
+          else
+            @base_uri = 'https://api.mangopay.com/v2'
+          end
+        end
+
+        def get(path)
+          response = self.class.get "/#{@key}#{path}", 
+            :basic_auth => {:username => @key, :password => @secret}, 
+            :base_uri => @base_uri
+
+          check_errors(response)
+
+          response.parsed_response.merge("code" => response.code)
+        end
+
+        def post(path, params = {})
+          response = self.class.post "/#{@key}#{path}", 
+            :body => params.to_json,
+            :basic_auth => {:username => @key, :password => @secret},
+            :base_uri => @base_uri
+
+          check_errors(response)
+
+          response.parsed_response.merge("code" => response.code)
+        end
+
+
+        private
+
+        def check_errors(response)
+          # nocommit, log the request :/
+          if response.code != 200
+            error_message = response.parsed_response.merge(
+              "code" => response.code
+            )
+
+            raise Error, error_message.inspect
+          end
+        end
+
+      end
+
+    end
+  end
+end

data/lib/omnipay/adapters/oneclicpay.rb

@@ -0,0 +1,130 @@
+# Omnipay adapter for oneclicpay
+# documentation : docs.oneclicpay.com
+#
+# Configuration :
+# - tpe_id:string (mandatory) : serial number of your virutal payment terminal
+# - secret_key:string (mandatory) : security key for your account
+# - sandbox:boolean (default: false) : use the sandbox or the production environment
+
+require 'base64'
+require 'digest'
+require 'httparty'
+
+module Omnipay
+  module Adapters
+
+    class Oneclicpay
+
+      HTTP_METHOD = 'POST'
+
+      REDIRECT_URLS = {
+        :sandbox => 'https://secure.homologation.oneclicpay.com',
+        :production => 'https://secure.oneclicpay.com'
+      }
+
+      VALIDATION_URLS = {
+        :sandbox => 'https://secure.homologation.oneclicpay.com:60000',
+        :production => 'https://secure.oneclicpay.com:60000'
+      }
+
+      def initialize(callback_url, config)
+        @callback_url = callback_url
+
+        @tpe_id = config[:tpe_id]
+        @secret_key = config[:secret_key]
+        @is_sandbox = config[:sandbox]
+
+        raise ArgumentError.new("Missing tpe_id or secret_key parameter") unless [@tpe_id, @secret_key].all?
+      end
+
+
+      def request_phase(amount, params={})
+        product_name = params[:title] || ''
+        transaction_id = params[:transaction_id] || random_transaction_id
+        locale = params[:locale] || 'fr'
+
+        [
+          HTTP_METHOD,
+          redirect_url,
+          redirect_params_for(amount, product_name, transaction_id, locale),
+          transaction_id
+        ]
+      end
+
+
+      def callback_hash(params)
+
+        if params[:result] == "NOK" && params[:reason] == "Abandon de la transaction."
+          return { :success => false, :error => Omnipay::CANCELATION }
+        end
+
+
+        if params[:result] == "OK"
+
+          # Validate the response via the API
+          transaction_id = params[:transactionId]
+          amount = get_transaction_amount(transaction_id)
+
+          if amount
+            { :success => true, :amount => amount, :transaction_id => transaction_id }
+          else
+            { :success => false, :error => Omnipay::INVALID_RESPONSE, :error_message => "Could not fetch the amount of the transaction #{transaction_id}" }
+          end
+
+
+        elsif params[:result] == "NOK"
+          { :success => false, :error => Omnipay::PAYMENT_REFUSED, :error_message => params[:reason] }
+
+        else
+          { :success => false, :error => Omnipay::INVALID_RESPONSE, :error_message => "No :result key in the params #{params.inspect}" }
+        end
+      end
+
+
+      private
+
+      def redirect_params_for(amount, product_name, transaction_id, locale)
+        {
+          :montant => (amount.to_f/100).to_s,
+          :idTPE => @tpe_id,
+          :idTransaction => transaction_id,
+          :devise => 'EUR',
+          :lang => locale,
+          :nom_produit => product_name,
+          :urlRetourOK => @callback_url,
+          :urlRetourNOK => @callback_url
+        }.tap{|params|
+          params[:sec] = signature(params)
+        }
+      end
+
+      def random_transaction_id
+        "#{Time.now.to_i}-#{@tpe_id}-#{random_token}"
+      end
+
+      def random_token
+        (0...3).map { ('a'..'z').to_a[rand(26)] }.join
+      end
+
+      def signature(params)
+        to_sign = (params.values + [@secret_key]).join('|')
+        Digest::SHA512.hexdigest(Base64.encode64(to_sign).gsub(/\n/, ''))
+      end
+
+      def get_transaction_amount(transaction_id)
+        response = HTTParty.post("#{validation_url}/rest/payment/find?serialNumber=#{@tpe_id}&key=#{@secret_key}&transactionRef=#{transaction_id}")
+        (response.parsed_response["transaction"][0]["ok"] != 0) && response.parsed_response["transaction"][0]["amount"]
+      end
+
+      def redirect_url
+        @is_sandbox ? REDIRECT_URLS[:sandbox] : REDIRECT_URLS[:production]
+      end
+
+      def validation_url
+        @is_sandbox ? VALIDATION_URLS[:sandbox] : VALIDATION_URLS[:production]
+      end
+
+    end
+
+  end
+end

data/lib/omnipay/autosubmit_form.rb

@@ -0,0 +1,43 @@
+# Builds an html page with an autosubmitted form, to handle POST redirections
+module Omnipay
+  class AutosubmitForm
+
+    HEADER = <<-HEADER
+<!DOCTYPE html>
+<html>
+  <head>
+    <script type="text/javascript">
+      window.onload=function(){
+        document.getElementById('autosubmit-form').submit();
+      }
+    </script>
+  </head>
+
+  <body>
+    <h1>Redirecting...</h1>
+    HEADER
+
+    FOOTER = <<-FOOTER
+  </body>
+</html>
+FOOTER
+
+    def initialize(action, fields)
+      @action = action
+      @fields = fields.map{|name, value| {:name => name, :value => value}}
+    end
+
+    def html
+      HEADER + form_html + FOOTER
+    end
+
+    def form_html
+"    <form method=\"POST\" id=\"autosubmit-form\" action=\"#{@action}\">\n" + 
+      @fields.map{|field|
+"      <input type=\"hidden\" name=\"#{field[:name]}\" value=\"#{field[:value]}\"/>\n"
+      }.join +
+"    </form>\n"
+    end
+
+  end
+end

data/lib/omnipay/callback_phase.rb

@@ -0,0 +1,68 @@
+# Class responsible for updating the request env in the callback phase
+
+module Omnipay
+  class CallbackPhase
+
+    def initialize(request, adapter)
+      @request = request
+      @adapter = adapter
+    end
+
+
+    def update_env!
+
+      # The request params, keys symbolized
+      params = Hash[@request.params.map{|k,v|[k.to_sym,v]}]
+
+      # Get the callback hash
+      callback_hash = @adapter.callback_hash(params)
+
+      # Check the signature
+      if callback_hash[:success] && !valid_signature?(callback_hash)
+        callback_hash = {
+          :success => false, 
+          :error => Omnipay::WRONG_SIGNATURE, 
+          :error_message => "Signatures do not match."
+        }
+      end
+
+      # If not successful response, add informations to the error message
+      if !callback_hash[:success]
+        callback_hash[:error_message] = (callback_hash[:error_message] || callback_hash[:error].to_s) +
+          "\nAdapter : #{@adapter.uid}" +
+          "\nContext : #{context.inspect}" +
+          "\nStored signature : #{stored_signature}" +
+          "\nRequest : #{@request.inspect}"
+      end
+
+      # Store the response in the environment
+      @request.env['omnipay.response'] = callback_hash.merge(:raw => params, :context => context)
+
+      # Force GET request
+      @request.env['REQUEST_METHOD'] = 'GET'      
+    end
+
+
+    private
+
+    def valid_signature?(callback_hash)
+      callback_signature = Signer.new(callback_hash[:transaction_id], callback_hash[:amount], context).signature
+
+      callback_signature == stored_signature
+    end
+
+    def stored_signature
+      @stored_signature ||= @request.session['omnipay.signature'] && @request.session['omnipay.signature'].delete(@adapter.uid)
+    end
+
+    def callback_signature
+      @callback_signatureSigner.new(callback_hash[:transaction_id], callback_hash[:amount], context).signature
+    end
+
+    def context
+      @context ||= @request.session['omnipay.context'] && @request.session['omnipay.context'].delete(@adapter.uid)
+      @context ||= {}
+    end
+
+  end
+end

data/lib/omnipay/gateway.rb

@@ -0,0 +1,85 @@
+require 'rack'
+
+module Omnipay
+
+  # Gateway middleware
+  class Gateway
+
+    BASE_PATH = '/pay'
+
+    def initialize(app, options={}, &block)
+      @app = app
+
+      @adapter_options = options
+      @adapter_config_block = block
+
+      # Refreshed at each request
+      @uid = nil
+      @request = nil
+    end
+
+
+    def call(env)
+
+      # Get the current request
+      @request = Rack::Request.new(env)
+
+      # Check if the path is good, and extract the uid
+      @uid = extract_uid_from_path(@request.path)
+      return @app.call(env) unless @uid
+
+      # Get the adapter config for this uid (to handle dynamic configuration)
+      adapter = Adapter.new(@uid, callback_url, @adapter_options, @adapter_config_block)
+      return @app.call(env) unless adapter.valid?
+
+      # Handle the request phase
+      if request_phase?
+        return RequestPhase.new(@request, adapter).response
+      end
+
+      # Handle the callback phase
+      if callback_phase?
+        CallbackPhase.new(@request, adapter).update_env!
+      end
+
+      # Forward to the app
+      @app.call(env)
+
+    end
+
+
+    private
+
+    # Check if the current request matches the request or callback phase
+    def request_phase?
+      @request.path == "#{BASE_PATH}/#{@uid}" && @request.request_method == 'GET'
+    end
+
+    def callback_phase?
+      @request.path == "#{BASE_PATH}/#{@uid}/callback"
+    end
+
+
+    # Extract the uid from the path
+    # If uid already defined, check if it matches
+    # "/pay/foobar/callback" => "foobar"
+    def extract_uid_from_path(path)
+      if path.start_with? BASE_PATH
+        uid = path.gsub(/^#{BASE_PATH}/, '').split('/')[1]
+      end
+
+      if !@adapter_options.empty?
+        uid = nil unless uid == @adapter_options[:uid]
+      end
+
+      uid
+    end
+
+
+    # The callback url for a uid in the current host
+    def callback_url
+      "#{@request.base_url}#{BASE_PATH}/#{@uid}/callback"
+    end
+
+  end
+end

data/lib/omnipay/request_phase.rb

@@ -0,0 +1,76 @@
+# Class responsible for formatting the redirection in the request phase
+
+module Omnipay
+  class RequestPhase
+
+    def initialize(request, adapter)
+      @request = request
+      @adapter = adapter
+    end
+
+    def response
+      method, url, params, transaction_id = @adapter.request_phase(amount, adapter_params)
+
+      context = store_context!
+
+      signature = Signer.new(transaction_id, amount, context).signature
+      store_signature!(signature)
+
+      if method == 'GET'
+        get_redirect_response(url, params)
+      elsif method == 'POST'
+        post_redirect_response(url, params)
+      else
+        raise TypeError.new('request_phase returned http method must be \'GET\' or \'POST\'')
+      end
+    end
+
+
+    private
+
+    def amount
+      @request.params['amount'].tap{ |amount|
+        raise ArgumentError.new('No amount specified') unless amount
+      }.to_i
+    end
+
+    def adapter_params
+      params = @request.params.dup
+ 
+      params.delete 'amount'
+      params.delete 'context'
+
+      # Symbolize the keys
+      Hash[params.map{|k,v|[k.to_sym,v]}]
+    end
+
+    def get_redirect_response(url, params)
+      redirect_url = url + '?' + Rack::Utils.build_query(params)
+      Rack::Response.new.tap{|response| response.redirect(redirect_url)}
+    end
+
+    def post_redirect_response(url, params)
+      form = AutosubmitForm.new(url, params)
+      Rack::Response.new([form.html], 200, {'Content-Type' => 'text/html;charset=utf-8'})
+    end
+
+    # Store the request's context in session
+    def store_context!
+      context = @request.params.delete('context')
+
+      if context
+        @request.session['omnipay.context'] ||= {}
+        @request.session['omnipay.context'][@adapter.uid] = context
+      end
+
+      return context
+    end
+
+    # Store the requests signature in the session
+    def store_signature!(signature)
+      @request.session['omnipay.signature'] ||= {}
+      @request.session['omnipay.signature'][@adapter.uid] = signature
+    end
+
+  end
+end

data/lib/omnipay/signer.rb

@@ -0,0 +1,34 @@
+# Class responsible for signing the outgoing payments in the request phase, 
+# and validating them in the callback phase
+
+require 'openssl'
+
+module Omnipay
+  class Signer
+
+    def initialize(transaction_id, amount, context)
+      @transaction_id = transaction_id
+      @amount = amount
+      @context = context || {}
+    end
+
+    def signature
+      to_sign = "#{secret_token}:#{@transaction_id}:#{@amount}:#{self.class.hash_to_string @context}"
+      CGI.escape(Base64.encode64(OpenSSL::HMAC.digest('sha1', secret_token, to_sign)))
+    end
+
+
+    # Unique key : to configure globally
+    def secret_token
+      Omnipay.configuration.secret_token
+    end
+
+    private
+
+    def self.hash_to_string(hash)
+      # key/values appended by alphabetical key order
+      hash.sort_by{|k,_|k}.flatten.join('')
+    end
+
+  end
+end

data/lib/omnipay/version.rb

@@ -0,0 +1,3 @@
+module Omnipay
+  VERSION = "0.0.1"
+end

metadata

@@ -0,0 +1,83 @@
+--- !ruby/object:Gem::Specification
+name: omnipay
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- ClicRDV
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-01-10 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rack
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: httparty
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - <
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - <
+      - !ruby/object:Gem::Version
+        version: '1.0'
+description: Payment gateway abstraction for rack applications.  Think omniauth for
+  off-site payment.
+email:
+- contact@clicrdv.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/omnipay.rb
+- lib/omnipay/adapter.rb
+- lib/omnipay/adapters/mangopay.rb
+- lib/omnipay/adapters/mangopay/client.rb
+- lib/omnipay/adapters/oneclicpay.rb
+- lib/omnipay/autosubmit_form.rb
+- lib/omnipay/callback_phase.rb
+- lib/omnipay/gateway.rb
+- lib/omnipay/request_phase.rb
+- lib/omnipay/signer.rb
+- lib/omnipay/version.rb
+homepage: https://github.com/clicrdv/omnipay
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: '[none]'
+rubygems_version: 2.0.6
+signing_key: 
+specification_version: 4
+summary: Payment gateway abstraction for rack applications.
+test_files: []