pass-ruby 0.1.0

data/lib/pass.rb

@@ -0,0 +1,242 @@
+# Pass Ruby API
+
+require 'cgi'
+require 'set'
+require 'openssl'
+require 'rest_client'
+require 'multi_json'
+
+# Version
+require 'pass/version'
+
+# API operations
+require 'pass/api_operations/create'
+
+# API
+require 'pass/util'
+require 'pass/json'
+require 'pass/pass_object'
+require 'pass/api_resource'
+require 'pass/session'
+
+# Errors
+require 'pass/errors/pass_error'
+require 'pass/errors/api_error'
+require 'pass/errors/api_connection_error'
+require 'pass/errors/invalid_request_error'
+require 'pass/errors/authentication_error'
+
+module Pass
+  @@ssl_bundle_path = File.join(File.dirname(__FILE__), 'data/ca-certificates.crt')
+  @@api_token = nil
+  @@api_base = 'https://api.passauth.net'
+  @@verify_ssl_certs = true
+  @@api_version = nil
+
+  def self.api_url(url='')
+    @@api_base + url
+  end
+
+  def self.api_token=(api_token)
+    @@api_token = api_token
+  end
+
+  def self.api_token
+    @@api_token
+  end
+
+  def self.api_base=(api_base)
+    @@api_base = api_base
+  end
+
+  def self.api_base
+    @@api_base
+  end
+
+  def self.verify_ssl_certs=(verify)
+    @@verify_ssl_certs = verify
+  end
+
+  def self.verify_ssl_certs
+    @@verify_ssl_certs
+  end
+
+  def self.api_version=(version)
+    @@api_version = version
+  end
+
+  def self.api_version
+    @@api_version
+  end
+
+  def self.request(method, url, api_token, params={}, headers={})
+    api_token ||= @@api_token
+    raise AuthenticationError.new('No API token provided.  (HINT: set your API token using "Pass.api_token = <API-TOKEN>".') unless api_token
+
+    if !verify_ssl_certs
+      unless @no_verify
+        $stderr.puts "WARNING: Running without SSL cert verification.  Execute 'Pass.verify_ssl_certs = true' to enable verification."
+        @no_verify = true
+      end
+      ssl_opts = { :verify_ssl => false }
+    elsif !Util.file_readable(@@ssl_bundle_path)
+      unless @no_bundle
+        $stderr.puts "WARNING: Running without SSL cert verification because #{@@ssl_bundle_path} isn't readable"
+        @no_bundle = true
+      end
+      ssl_opts = { :verify_ssl => false }
+    else
+      ssl_opts = {
+        :verify_ssl => OpenSSL::SSL::VERIFY_PEER,
+        :ssl_ca_file => @@ssl_bundle_path
+      }
+    end
+    uname = (@@uname ||= RUBY_PLATFORM =~ /linux|darwin/i ? `uname -a 2>/dev/null`.strip : nil)
+    lang_version = "#{RUBY_VERSION} p#{RUBY_PATCHLEVEL} (#{RUBY_RELEASE_DATE})"
+    ua = {
+      :bindings_version => Pass::VERSION,
+      :lang => 'ruby',
+      :lang_version => lang_version,
+      :platform => RUBY_PLATFORM,
+      :publisher => 'pass',
+      :uname => uname
+    }
+
+    params = Util.objects_to_ids(params)
+    url = self.api_url(url)
+    case method.to_s.downcase.to_sym
+    when :get, :head, :delete
+      # Make params into GET parameters
+      if params && params.count > 0
+        query_string = Util.flatten_params(params).collect{|key, value| "#{key}=#{Util.url_encode(value)}"}.join('&')
+        url += "#{URI.parse(url).query ? '&' : '?'}#{query_string}"
+      end
+      payload = nil
+    else
+      payload = Util.flatten_params(params).collect{|(key, value)| "#{key}=#{Util.url_encode(value)}"}.join('&')
+    end
+
+    begin
+      headers = { :x_pass_client_user_agent => Pass::JSON.dump(ua) }.merge(headers)
+    rescue => e
+      headers = {
+        :x_pass_client_raw_user_agent => ua.inspect,
+        :error => "#{e} (#{e.class})"
+      }.merge(headers)
+    end
+
+    headers = {
+      :user_agent => "Pass/v1 RubyBindings/#{Pass::VERSION}",
+      :authorization => "Token #{api_token}",
+      :content_type => 'application/x-www-form-urlencoded',
+      :accept => 'application/vnd.pass.v1'
+    }.merge(headers)
+
+    if self.api_version
+      headers[:pass_version] = self.api_version
+    end
+
+    opts = {
+      :method => method,
+      :url => url,
+      :headers => headers,
+      :open_timeout => 30,
+      :payload => payload,
+      :timeout => 80
+    }.merge(ssl_opts)
+
+    begin
+      response = execute_request(opts)
+    rescue SocketError => e
+      self.handle_restclient_error(e)
+    rescue NoMethodError => e
+      # Work around RestClient bug
+      if e.message =~ /\WRequestFailed\W/
+        e = APIConnectionError.new('Unexpected HTTP response code')
+        self.handle_restclient_error(e)
+      else
+        raise
+      end
+    rescue RestClient::ExceptionWithResponse => e
+      if rcode = e.http_code and rbody = e.http_body
+        self.handle_api_error(rcode, rbody)
+      else
+        self.handle_restclient_error(e)
+      end
+    rescue RestClient::Exception, Errno::ECONNREFUSED => e
+      self.handle_restclient_error(e)
+    end
+
+    rbody = response.body
+    rcode = response.code
+    begin
+      # Would use :symbolize_names => true, but apparently there is
+      # some library out there that makes symbolize_names not work.
+      resp = Pass::JSON.load(rbody)
+    rescue MultiJson::DecodeError
+      raise APIError.new("Invalid response object from API: #{rbody.inspect} (HTTP response code was #{rcode})", rcode, rbody)
+    end
+
+    resp = Util.symbolize_names(resp)
+    [resp, api_token]
+  end
+
+  private
+
+  def self.execute_request(opts)
+    RestClient::Request.execute(opts)
+  end
+
+  def self.handle_api_error(rcode, rbody)
+    begin
+      error_obj = Pass::JSON.load(rbody)
+      error_obj = Util.symbolize_names(error_obj)
+      error = error_obj[:error] or raise PassError.new # escape from parsing
+    rescue MultiJson::DecodeError, PassError
+      raise APIError.new("Invalid response object from API: #{rbody.inspect} (HTTP response code was #{rcode})", rcode, rbody)
+    end
+
+    case rcode
+    when 400, 404 then
+      raise invalid_request_error(error, rcode, rbody, error_obj)
+    when 401
+      raise authentication_error(error, rcode, rbody, error_obj)
+    when 402
+      raise invalid_request_error(error, rcode, rbody, error_obj)
+    else
+      raise api_error(error, rcode, rbody, error_obj)
+    end
+  end
+
+  def self.invalid_request_error(error, rcode, rbody, error_obj)
+    InvalidRequestError.new(error[:message], error[:param], rcode, rbody, error_obj)
+  end
+
+  def self.authentication_error(error, rcode, rbody, error_obj)
+    AuthenticationError.new(error[:message], rcode, rbody, error_obj)
+  end
+
+  def self.card_error(error, rcode, rbody, error_obj)
+    CardError.new(error[:message], error[:param], error[:code], rcode, rbody, error_obj)
+  end
+
+  def self.api_error(error, rcode, rbody, error_obj)
+    APIError.new(error[:message], rcode, rbody, error_obj)
+  end
+
+  def self.handle_restclient_error(e)
+    case e
+    when RestClient::ServerBrokeConnection, RestClient::RequestTimeout
+      message = "Could not connect to Pass (#{@@api_base}).  Please check your internet connection and try again.  If this problem persists, you should check Pass's service status at https://twitter.com/passstatus, or let us know at support@passauth.net."
+    when RestClient::SSLCertificateNotVerified
+      message = "Could not verify Pass's SSL certificate.  Please make sure that your network is not intercepting certificates.  (Try going to https://api.passauth.net/v1 in your browser.)  If this problem persists, let us know at support@passauth.net."
+    when SocketError
+      message = "Unexpected error communicating when trying to connect to Pass.  HINT: You may be seeing this message because your DNS is not working.  To check, try running 'host passauth.net' from the command line."
+    else
+      message = "Unexpected error communicating with Pass. If this problem persists, let us know at support@passauth.net."
+    end
+    message += "\n\n(Network error: #{e.message})"
+    raise APIConnectionError.new(message)
+  end
+
+end

data/lib/pass/api_operations/create.rb

@@ -0,0 +1,16 @@
+module Pass
+  module APIOperations
+    module Create
+      module ClassMethods
+        def create(params={}, api_token=nil)
+          response, api_token = Pass.request(:post, self.url, api_token, params)
+          Util.convert_to_pass_object(response, api_token)
+        end
+      end
+
+      def self.included(base)
+        base.extend(ClassMethods)
+      end
+    end
+  end
+end

data/lib/pass/api_operations/list.rb

@@ -0,0 +1,16 @@
+module Stripe
+  module APIOperations
+    module List
+      module ClassMethods
+        def all(filters={}, api_key=nil)
+          response, api_key = Stripe.request(:get, url, api_key, filters)
+          Util.convert_to_stripe_object(response, api_key)
+        end
+      end
+
+      def self.included(base)
+        base.extend(ClassMethods)
+      end
+    end
+  end
+end

data/lib/pass/api_resource.rb

@@ -0,0 +1,33 @@
+module Pass
+  class APIResource < PassObject
+    def self.class_name
+      self.name.split('::')[-1]
+    end
+
+    def self.url()
+      if self == APIResource
+        raise NotImplementedError.new('APIResource is an abstract class.  You should perform actions on its subclasses (Charge, Customer, etc.)')
+      end
+      "/#{CGI.escape(class_name.downcase)}s"
+    end
+
+    def url
+      unless id = self['id']
+        raise InvalidRequestError.new("Could not determine which URL to request: #{self.class} instance has invalid ID: #{id.inspect}", 'id')
+      end
+      "#{self.class.url}/#{CGI.escape(id)}"
+    end
+
+    def refresh
+      response, api_token = Pass.request(:get, url, @api_token, @retrieve_options)
+      refresh_from(response, api_token)
+      self
+    end
+
+    def self.retrieve(id, api_token=nil)
+      instance = self.new(id, api_token)
+      instance.refresh
+      instance
+    end
+  end
+end

data/lib/pass/errors/api_connection_error.rb

@@ -0,0 +1,4 @@
+module Pass
+  class APIConnectionError < PassError
+  end
+end

data/lib/pass/errors/api_error.rb

@@ -0,0 +1,4 @@
+module Pass
+  class APIError < PassError
+  end
+end

data/lib/pass/errors/authentication_error.rb

@@ -0,0 +1,4 @@
+module Pass
+  class AuthenticationError < PassError
+  end
+end

data/lib/pass/errors/invalid_request_error.rb

@@ -0,0 +1,10 @@
+module Pass
+  class InvalidRequestError < PassError
+    attr_accessor :param
+
+    def initialize(message, param, http_status=nil, http_body=nil, json_body=nil)
+      super(message, http_status, http_body, json_body)
+      @param = param
+    end
+  end
+end

data/lib/pass/errors/pass_error.rb

@@ -0,0 +1,20 @@
+module Pass
+  class PassError < StandardError
+    attr_reader :message
+    attr_reader :http_status
+    attr_reader :http_body
+    attr_reader :json_body
+
+    def initialize(message=nil, http_status=nil, http_body=nil, json_body=nil)
+      @message = message
+      @http_status = http_status
+      @http_body = http_body
+      @json_body = json_body
+    end
+
+    def to_s
+      status_string = @http_status.nil? ? "" : "(Status #{@http_status}) "
+      "#{status_string}#{@message}"
+    end
+  end
+end

data/lib/pass/json.rb

@@ -0,0 +1,21 @@
+module Pass
+  module JSON
+    if MultiJson.respond_to?(:dump)
+      def self.dump(*args)
+        MultiJson.dump(*args)
+      end
+
+      def self.load(*args)
+        MultiJson.load(*args)
+      end
+    else
+      def self.dump(*args)
+        MultiJson.encode(*args)
+      end
+
+      def self.load(*args)
+        MultiJson.decode(*args)
+      end
+    end
+  end
+end

data/lib/pass/pass_object.rb

@@ -0,0 +1,159 @@
+module Pass
+  class PassObject
+    include Enumerable
+
+    attr_accessor :api_token
+    @@permanent_attributes = Set.new([:api_token, :id])
+
+    # The default :id method is deprecated and isn't useful to us
+    if method_defined?(:id)
+      undef :id
+    end
+
+    def initialize(id=nil, api_token=nil)
+      # parameter overloading!
+      if id.kind_of?(Hash)
+        @retrieve_options = id.dup
+        @retrieve_options.delete(:id)
+        id = id[:id]
+      else
+        @retrieve_options = {}
+      end
+
+      @api_token = api_token
+      @values = {}
+      # This really belongs in APIResource, but not putting it there allows us
+      # to have a unified inspect method
+      @unsaved_values = Set.new
+      @transient_values = Set.new
+      self.id = id if id
+    end
+
+    def self.construct_from(values, api_token=nil)
+      obj = self.new(values[:id], api_token)
+      obj.refresh_from(values, api_token)
+      obj
+    end
+
+    def to_s(*args)
+      Pass::JSON.dump(@values, :pretty => true)
+    end
+
+    def inspect()
+      id_string = (self.respond_to?(:id) && !self.id.nil?) ? " id=#{self.id}" : ""
+      "#<#{self.class}:0x#{self.object_id.to_s(16)}#{id_string}> JSON: " + Pass::JSON.dump(@values, :pretty => true)
+    end
+
+    def refresh_from(values, api_token, partial=false)
+      @api_token = api_token
+
+      removed = partial ? Set.new : Set.new(@values.keys - values.keys)
+      added = Set.new(values.keys - @values.keys)
+      # Wipe old state before setting new.  This is useful for e.g. updating a
+      # customer, where there is no persistent card parameter.  Mark those values
+      # which don't persist as transient
+
+      instance_eval do
+        remove_accessors(removed)
+        add_accessors(added)
+      end
+      removed.each do |k|
+        @values.delete(k)
+        @transient_values.add(k)
+        @unsaved_values.delete(k)
+      end
+      values.each do |k, v|
+        @values[k] = Util.convert_to_pass_object(v, api_token)
+        @transient_values.delete(k)
+        @unsaved_values.delete(k)
+      end
+    end
+
+    def [](k)
+      k = k.to_sym if k.kind_of?(String)
+      @values[k]
+    end
+
+    def []=(k, v)
+      send(:"#{k}=", v)
+    end
+
+    def keys
+      @values.keys
+    end
+
+    def values
+      @values.values
+    end
+
+    def to_json(*a)
+      Pass::JSON.dump(@values)
+    end
+
+    def as_json(*a)
+      @values.as_json(*a)
+    end
+
+    def to_hash
+      @values
+    end
+
+    def each(&blk)
+      @values.each(&blk)
+    end
+
+    protected
+
+    def metaclass
+      class << self; self; end
+    end
+
+    def remove_accessors(keys)
+      metaclass.instance_eval do
+        keys.each do |k|
+          next if @@permanent_attributes.include?(k)
+          k_eq = :"#{k}="
+          remove_method(k) if method_defined?(k)
+          remove_method(k_eq) if method_defined?(k_eq)
+        end
+      end
+    end
+
+    def add_accessors(keys)
+      metaclass.instance_eval do
+        keys.each do |k|
+          next if @@permanent_attributes.include?(k)
+          k_eq = :"#{k}="
+          define_method(k) { @values[k] }
+          define_method(k_eq) do |v|
+            @values[k] = v
+            @unsaved_values.add(k)
+          end
+        end
+      end
+    end
+
+    def method_missing(name, *args)
+      # TODO: only allow setting in updateable classes.
+      if name.to_s.end_with?('=')
+        attr = name.to_s[0...-1].to_sym
+        @values[attr] = args[0]
+        @unsaved_values.add(attr)
+        add_accessors([attr])
+        return
+      else
+        return @values[name] if @values.has_key?(name)
+      end
+
+      begin
+        super
+      rescue NoMethodError => e
+        if @transient_values.include?(name)
+          raise NoMethodError.new(e.message + ".  HINT: The '#{name}' attribute was set in the past, however.  It was then wiped when refreshing the object with the result returned by Pass's API, probably as a result of a save().  The attributes currently available on this object are: #{@values.keys.join(', ')}")
+        else
+          raise
+        end
+      end
+    end
+  end
+end