payment-highway 0.1.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 3a4fe0337abc26665ec45dae9e0691a6bd2005b7aeede8a256737d8195eb5b71
+  data.tar.gz: a9bbcaf86fb0ce81c3e72d26da42b70656c3ff6280acb5f8762b46153b08568b
+SHA512:
+  metadata.gz: 2e6036ce704755fe054e28cd814cbc5a9444ed3b61b73fbb30ee38e6022a7c445a732a5bc8c8e151d3024290dc899f94d6ce4fe95ae5e62297d7b28084e6ce8b
+  data.tar.gz: 8013ca17103e081cfdd248675253175326bcf2adf3b4b8d267108c4226c4a7ae791b67ef08e9bcb0b31c13f0f129888dcfeda6cf86e16de0c8238df0d131bf2a

data/Gemfile

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+source "https://rubygems.org"
+
+git_source(:github) {|repo_name| "https://github.com/#{repo_name}" }
+
+gemspec
+
+group :development do
+  gem "rspec", "~> 3.8"
+  gem "webmock", "~> 3.4"
+end

data/Gemfile.lock

@@ -0,0 +1,50 @@
+PATH
+  remote: .
+  specs:
+    payment_highway (0.1)
+      faraday (~> 0.15)
+      openssl
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    addressable (2.5.2)
+      public_suffix (>= 2.0.2, < 4.0)
+    crack (0.4.3)
+      safe_yaml (~> 1.0.0)
+    diff-lcs (1.3)
+    faraday (0.15.4)
+      multipart-post (>= 1.2, < 3)
+    hashdiff (0.3.7)
+    multipart-post (2.0.0)
+    openssl (2.1.2)
+    public_suffix (3.0.3)
+    rspec (3.8.0)
+      rspec-core (~> 3.8.0)
+      rspec-expectations (~> 3.8.0)
+      rspec-mocks (~> 3.8.0)
+    rspec-core (3.8.0)
+      rspec-support (~> 3.8.0)
+    rspec-expectations (3.8.2)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.8.0)
+    rspec-mocks (3.8.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.8.0)
+    rspec-support (3.8.0)
+    safe_yaml (1.0.4)
+    webmock (3.4.2)
+      addressable (>= 2.3.6)
+      crack (>= 0.3.2)
+      hashdiff
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  payment_highway!
+  rspec (~> 3.8)
+  webmock (~> 3.4)
+
+BUNDLED WITH
+   1.16.4

data/LICENSE

@@ -0,0 +1,7 @@
+Copyright 2018 Payment Highway
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,31 @@
+# Payment Highway Ruby Library
+
+This gem is ruby api client for Payment Highway
+
+## Examples
+### Batch Report fetching
+You can find this in api documentation too: https://dev.paymenthighway.io/#daily-batch-report
+
+```ruby
+config = PaymentHighway::Config.new(
+  account: 'test',
+  merchant: 'test_merchantId',
+  key: 'testKey',
+  secret: 'testSecret',
+   # Testing environment, remove this to use production
+  service: 'https://v1-hub-staging.sph-test-solinor.com'
+)
+
+report = PaymentHighway::BatchReport.new(
+  config: config,
+  date: Date.today
+)
+
+puts report.settlements.inspect
+```
+
+## TODO
+Currently only batch reports are working
+
+## License
+MIT

data/lib/payment_highway.rb

@@ -0,0 +1,21 @@
+# Needed libraries
+require 'faraday'
+require 'date'
+require 'securerandom'
+require 'json'
+require 'time'
+require 'openssl'
+
+# Version
+require 'payment_highway/version'
+
+# Support classes
+require 'payment_highway/config'
+require 'payment_highway/signer'
+require 'payment_highway/error'
+
+# Api client
+require 'payment_highway/api'
+
+# Support classes for api resources
+require 'payment_highway/batch_report'

data/lib/payment_highway/api.rb

@@ -0,0 +1,84 @@
+module PaymentHighway
+  class Api
+    def initialize(config:)
+      @config = config
+    end
+
+    def get_batch(date:)
+      get "/report/batch/#{date.strftime('%Y%m%d')}"
+    end
+
+    private
+
+    def get(resource)
+      response = Faraday.new(url: @config.service).get do |req|
+
+        req.headers['Content-Type'] = 'application/json'
+
+        # Add Payment Highway specific headers
+        signed_headers(
+          method: 'GET',
+          uri: resource,
+          config: @config,
+          values: [],
+        ).each do |header, value|
+          req.headers[header] = value
+        end
+
+        req.url resource
+      end
+
+      validate(response)
+
+      [response, JSON.parse(response.body)]
+    end
+
+    def signed_headers(method:, uri:, config:, values:, body: "", timestamp: Time.now.utc.strftime('%FT%TZ'), request_id: SecureRandom.uuid)
+      headers = {
+        'sph-account': config.account,
+        'sph-merchant': config.merchant,
+        'sph-timestamp': timestamp,
+        'sph-request-id': request_id,
+        'sph-api-version': config.version,
+      }.compact # Removes optional nil parameters
+      headers.merge({ signature: Signer.signature(config: config, method: method, uri: uri, headers: headers, body: body) })
+    end
+
+    def validate(response)
+      # If server did not respond with 200 output the error message from the body
+      unless response.status == 200
+        raise Error, response.body
+      end
+
+      missing_mandatory_headers = [
+        'sph-timestamp',
+        'sph-request-id',
+        'sph-response-id',
+        'signature'
+      ] - response.env[:response_headers].keys
+      unless missing_mandatory_headers.empty?
+        raise Error, "Mandatory headers #{missing_mandatory_headers} are missing from response"
+      end
+      # SPEC: the timestamp must be checked and it must not differ more than five (5) minutes from the correct global UTC time
+      if (Time.now - Time.parse(response.env[:response_headers]['sph-timestamp'])) > 5 * 60
+        raise Error, "Latency between server and client was over 5 minutes. Results should not be trusted!"
+      end
+      # SPEC: Check that request and response headers were the same
+      if response.env[:response_headers]['sph-request-id'] != response.env[:request_headers]['sph-request-id']
+        raise Error, "sph-request-id mismatch! request: (#{response.env[:request_headers]['sph-request-id']}) was not response: (#{response.env[:response_headers]['sph-request-id']})"
+      end
+
+      # Calculate signature again here and we should end up to the same result
+      calculated_signature = Signer.signature(
+        config: @config,
+        method: response.env.method.to_s.upcase,
+        uri: response.env.url.path.to_s,
+        headers: response.env.response_headers.select {|h,v| h.start_with? 'sph-'}, # Only sph- headers are needed for signature
+        body: response.env.body
+      )
+      if response.env[:response_headers]['signature'] != calculated_signature
+        raise Error, "signature mismatch! sph-request-id: #{response.env[:response_headers]['sph-request-id']}"
+      end
+    end
+  end
+end

data/lib/payment_highway/batch_report.rb

@@ -0,0 +1,13 @@
+module PaymentHighway
+  class BatchReport
+    attr_reader :settlements, :result, :request_id, :response_id, :url
+    def initialize(config:, date:)
+      response, result = Api.new(config: config).get_batch(date: date)
+      @settlements = result['settlements']
+      @result = result['result']
+      @url = response.env.url.to_s
+      @request_id = response.env.response_headers['sph-request-id']
+      @response_id = response.env.response_headers['sph-response-id']
+    end
+  end
+end

data/lib/payment_highway/config.rb

@@ -0,0 +1,20 @@
+module PaymentHighway
+  class Config
+    attr_accessor :account, :merchant, :key, :secret, :service, :version
+    def initialize(
+      account:,
+      key:,
+      secret:,
+      merchant: nil, # This is optional only and it's used if account has sub merchant
+      service: 'https://v1.api.paymenthighway.io',
+      version: PaymentHighway::API_VERSION
+    )
+      @account = account
+      @merchant = merchant
+      @key = key
+      @secret = secret
+      @service = service
+      @version = version
+    end
+  end
+end

data/lib/payment_highway/error.rb

@@ -0,0 +1,4 @@
+module PaymentHighway
+  class Error < ::RuntimeError
+  end
+end

data/lib/payment_highway/signer.rb

@@ -0,0 +1,9 @@
+module PaymentHighway
+  class Signer
+    def self.signature(config:, method:, uri:, headers:, body: "")
+      payload = ([method, uri] + Hash[headers.sort].map{|k,v| "#{k}:#{v}"} + [body]).join("\n")
+      hmac = OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA256.new, config.secret, payload)
+      "SPH1 #{config.key} #{hmac}"
+    end
+  end
+end

data/lib/payment_highway/version.rb

@@ -0,0 +1,4 @@
+module PaymentHighway
+  VERSION = '0.1.1'
+  API_VERSION = '20180927'
+end

data/payment_highway.gemspec

@@ -0,0 +1,24 @@
+# coding: utf-8
+lib = File.expand_path(File.join(__dir__,'lib'))
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+
+require "payment_highway/version"
+
+Gem::Specification.new do |s|
+  s.name        = 'payment-highway'
+  s.version     = PaymentHighway::VERSION
+  s.summary     = "Hola!"
+  s.description = "Custom payments for your custom app. Api client for Payment Highway"
+  s.authors     = ['Payment Highway']
+  s.email       = 'support@paymenthighway.fi'
+
+  s.homepage    = 'https://github.com/paymenthighway/paymenthighway-rb'
+  s.license     = 'MIT'
+
+  s.add_dependency("faraday", "~> 0.15")
+  s.add_dependency("openssl")
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- spec/*`.split("\n")
+  s.require_paths = ['lib']
+end

data/spec/batch_report_spec.rb

@@ -0,0 +1,89 @@
+require 'spec_helper'
+
+describe PaymentHighway::BatchReport do
+
+  before(:each) do
+    @now = Time.parse('2018-11-20 12:55:15')
+    @request_id = '30cbbf47-12a1-4e02-875a-69eaa65c23a1'
+    @data = {"settlements"=>[], "result"=>{"code"=>100, "message"=>"OK"}}
+    @config = PaymentHighway::Config.new(
+      account: 'test',
+      merchant: 'test_merchantId',
+      key: 'testKey',
+      secret: 'testSecret'
+    )
+    @report_url = "#{@config.service}/report/batch/20181120"
+    # Mock uuid so that we will get the same value from mocked server
+    allow(SecureRandom).to receive(:uuid).and_return(@request_id)
+
+    # Mock time because otherwise signature calculation won't work
+    allow(Time).to receive(:now) { @now }
+
+    @valid_headers = {
+      'sph-request-id': @request_id,
+      'sph-timestamp': Time.now.utc.strftime('%FT%TZ'),
+      'sph-response-id': '0bcae09d-cd72-4768-bb51-80962e96ac52',
+      'signature': 'SPH1 testKey bd68d2d5453541c0c0deefc008df0d1eb0a0544590c60c1af7ef0e41b82c7802'
+    }
+  end
+
+  it "should throw exception from missing headers empty reports" do
+    stub_request(:get, @report_url).to_return( body: @data.to_json, headers: {})
+
+    expect {
+      described_class.new(config: @config, date: @now.to_date)
+    }.to raise_error( PaymentHighway::Error,
+      'Mandatory headers ["sph-timestamp", "sph-request-id", "sph-response-id", "signature"] are missing from response'
+    )
+  end
+
+  it "should throw exception from mismatching request id" do
+    stub_request(:get, @report_url).to_return( body: @data.to_json, headers: @valid_headers.merge({
+      'sph-request-id': '8cc1167b-eaf3-4394-893d-9e02f825311a'
+    }))
+
+    expect {
+      described_class.new(config: @config, date: @now.to_date)
+    }.to raise_error( PaymentHighway::Error, /request-id mismatch!/)
+  end
+
+  it "should throw exception from broken signature" do
+    stub_request(:get, @report_url).
+      to_return( body: @data.to_json, headers: @valid_headers.merge({
+      'signature': 'SPH1 testKey 724651aab8aa41f9402b9de9dbfade5ac392b93f141a77b82df8d8e91d182e32'
+    }))
+
+    expect {
+      described_class.new(config: @config, date: @now.to_date)
+    }.to raise_error( PaymentHighway::Error, /signature mismatch!/)
+  end
+
+  it "should return empty reports on valid response" do
+    # Stub the request to batch reports
+    stub_request(:get, @report_url).
+      to_return(body: @data.to_json, headers: @valid_headers)
+
+    report = described_class.new(config: @config, date: @now.to_date)
+    expect(report.settlements).to eq(@data['settlements'])
+    expect(report.result).to eq(@data['result'])
+
+    expect(report.url).to eq(@report_url)
+    expect(report.request_id).to eq(@request_id)
+    expect(report.response_id).to eq(@valid_headers[:'sph-response-id'])
+  end
+
+  it "should return empty reports even without merchant" do
+    # Stub the request to batch reports
+    stub_request(:get, @report_url).
+      to_return(body: @data.to_json, headers: @valid_headers)
+
+    conf = PaymentHighway::Config.new(
+      account: 'test',
+      key: 'testKey',
+      secret: 'testSecret'
+    )
+    result = described_class.new(config: conf, date: @now.to_date)
+    expect(result.settlements).to eq(@data['settlements'])
+    expect(result.result).to eq(@data['result'])
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,4 @@
+require 'webmock/rspec'
+require 'json'
+
+require File.expand_path("../lib/payment_highway", __dir__)

metadata

@@ -0,0 +1,87 @@
+--- !ruby/object:Gem::Specification
+name: payment-highway
+version: !ruby/object:Gem::Version
+  version: 0.1.1
+platform: ruby
+authors:
+- Payment Highway
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2018-12-21 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: faraday
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.15'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.15'
+- !ruby/object:Gem::Dependency
+  name: openssl
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Custom payments for your custom app. Api client for Payment Highway
+email: support@paymenthighway.fi
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- Gemfile
+- Gemfile.lock
+- LICENSE
+- README.md
+- lib/payment_highway.rb
+- lib/payment_highway/api.rb
+- lib/payment_highway/batch_report.rb
+- lib/payment_highway/config.rb
+- lib/payment_highway/error.rb
+- lib/payment_highway/signer.rb
+- lib/payment_highway/version.rb
+- payment_highway.gemspec
+- spec/batch_report_spec.rb
+- spec/spec_helper.rb
+homepage: https://github.com/paymenthighway/paymenthighway-rb
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.7.3
+signing_key: 
+specification_version: 4
+summary: Hola!
+test_files:
+- spec/batch_report_spec.rb
+- spec/spec_helper.rb