paymob_accept 0.2.0 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9be4b1690f4a848451740b6b49bed06814dece0eb6cfc8d4bebb8e0445fbd86f
-  data.tar.gz: 94ab14e1b12819055f982b23e29e5fb7c8f4a35b87ed18d2f8a122ff5aca2a45
+  metadata.gz: 74ac2d808d84a3858e5ea44a1b6db205c28d0f092bc06fac9569766aca7f993a
+  data.tar.gz: 0104bfacb501475891edebcdf30f7f68e61ac259b45b75a9c556a0cc917009a4
 SHA512:
-  metadata.gz: 86ab02b708a4415b8c1cb4a17d96f7e303472a431653b449c7805a0ae884c512930929c8db34045ab83f470f63f819c0f130acb68bef2e7de594aaa913867353
-  data.tar.gz: d846e0ccf9ad28d591f923c56193e25d98a073794ec3da2c13dbcd7db6bc2815606a1432422dc4f340119378260571e0785ba706b65c22cb7e619a38efc3917f
+  metadata.gz: 52bc4b9d8af84a9df149edf279aa782391346bcd1de3adfe21ec4416c39f625b2dc5afa7b12b1e74a4fde43ed4575ec07bfbea292818403df5796c5e0a0f9096
+  data.tar.gz: 959e4ab4f5257eb40d115d2e70edc43e593b52acba626a5eed866df261f0b2171648c48231f191c33bf019c5cf2c48fe4c7c9f170f0d4d616fa55aabbb0e9579

data/Gemfile.lock

@@ -1,15 +1,15 @@
 PATH
   remote: .
   specs:
-    paymob_accept (0.2.0)
+    paymob_accept (0.3.0)
       faraday
       json-schema
 
 GEM
   remote: https://rubygems.org/
   specs:
-    addressable (2.8.0)
-      public_suffix (>= 2.0.2, < 5.0)
+    addressable (2.8.1)
+      public_suffix (>= 2.0.2, < 6.0)
     diff-lcs (1.5.0)
     faraday (2.5.2)
       faraday-net_http (>= 2.0, < 3.1)
@@ -17,7 +17,7 @@ GEM
     faraday-net_http (3.0.0)
     json-schema (3.0.0)
       addressable (>= 2.8)
-    public_suffix (4.0.7)
+    public_suffix (5.0.0)
     rake (13.0.6)
     rspec (3.11.0)
       rspec-core (~> 3.11.0)

data/README.md

@@ -1,4 +1,4 @@
-# PaymobAccept
+# Paymob Accept
 
 `paymob_accept` is a Ruby gem created by [OneOrder](https://www.oneorder.net/) for integrating [Paymob](https://paymob.com/en) payment solutions with your Ruby application.
 
@@ -26,13 +26,14 @@ Configure the gem with your configuration
 
 ```ruby
 PaymobAccept.configure do |config|
-	config.api_key = "######"
-	config.online_integration_id = "######"
-	config.kiosk_integration_id = "######"
-	config.cash_integration_id = "######"
-	config.wallet_integration_id = "######"
-	config.auth_integration_id = "######"
-	config.moto_integration_id = "######"
+    config.api_key = "######"
+    config.hmac_key = "######"
+    config.online_integration_id = "######"
+    config.kiosk_integration_id = "######"
+    config.cash_integration_id = "######"
+    config.wallet_integration_id = "######"
+    config.auth_integration_id = "######"
+    config.moto_integration_id = "######"
 end
 ```
 
@@ -76,7 +77,7 @@ service.online_integration_id = "123"
     token = service.get_auth_token
     ```
 
-2.  Create_order
+2.  Create order
     ```ruby
     service.create_order(auth_token: token, amount_cents:  1000,  amount_currency:  'EGP', items:  [])
     ```
@@ -107,12 +108,16 @@ The `:method` key in the `charge` method could be one of the following:
 - :kiosk => Aman/Masary kiosk network
 - :cash => Cash on delivery
 - :wallet => Vodafone cash
-- :moto => Paying with a saved token
+- :moto => Paying with a saved car token
 
 Please refer to the official Paymob documentation for in-depth explanation about each payment method.
 
 The return value of the `charge` method in general is the response of Paymob's server which varies according to the payment method except in `:online`. In an `:online` payment if an `iframe_id` is provided, the return value is an iFrame URL with an embedded payment token. If the `iframe_id` is not provided, only the payment token is returned
 
+### Paying with a saved card token
+
+To pre-fill an iFrame with a customer card data or process a MOTO charge, make sure the `customer_data` hash has a `cc_token` key in addition to the fields mentioned above.
+
 ## Dealing with charges
 
 - **Initialize your Charge service**
@@ -126,11 +131,21 @@ The return value of the `charge` method in general is the response of Paymob's s
 - Void a transaction: `service.void!(transaction_id: transaction_id)`
 - Capture an auth transaction: `service.capture!(transaction_id: transaction_id, amount_cents: amount_cents)`
 
+## HMAC validation
+
+`PaymobAccept::Hmac.validate(paymob_response: , hmac_key:)`
+
+`hmac_key` can be either passed once to the configuration block, otherwise, it must be passed to the `validate` function.
+
+
+## Roadmap
+
+- [x] HMAC validation
 
 ## Contributing
 
-Bug reports and pull requests are welcome on [GitHub](https://github.com/oneorder-tech/paymob).
-This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct](https://github.com/oneorder-tech/paymob/blob/master/CODE_OF_CONDUCT.md).
+Bug reports and pull requests are welcome on [GitHub](https://github.com/oneorder-tech/paymob-accept).
+This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct](https://github.com/oneorder-tech/paymob-accept/blob/master/CODE_OF_CONDUCT.md).
 
 ## License
 
@@ -138,4 +153,4 @@ The gem is available as open source under the terms of the [MIT License](https:/
 
 ## Code of Conduct
 
-Everyone interacting in the PaymobAccept project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/oneorder-tech/paymob/blob/master/CODE_OF_CONDUCT.md).
+Everyone interacting in the PaymobAccept project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/oneorder-tech/paymob-accept/blob/master/CODE_OF_CONDUCT.md).

data/lib/paymob_accept/configuration.rb

@@ -1,7 +1,7 @@
 module PaymobAccept
   class Configuration
     attr_accessor :api_key, :online_integration_id, :cash_integration_id, :kiosk_integration_id,
-                  :auth_integration_id, :wallet_integration_id, :moto_integration_id
+                  :auth_integration_id, :wallet_integration_id, :moto_integration_id, :hmac_key
   end
 
   class ConfigurationMissingError < StandardError; end

data/lib/paymob_accept/hmac.rb

@@ -0,0 +1,21 @@
+module PaymobAccept
+  module Hmac
+    FILTERED_KEYS = %w[amount_cents created_at currency error_occured has_parent_transaction id
+                       integration_id is_3d_secure is_auth is_capture is_refunded is_standalone_payment
+                       is_voided order.id owner
+                       pending source_data.pan source_data.sub_type source_data.type success].freeze
+
+    class << self
+      def validate(paymob_response:, hmac_key: PaymobAccept.configuration.hmac_key)
+        raise ArgumentError, 'hmac_key is required' if hmac_key.nil?
+
+        digest = OpenSSL::Digest.new('sha512')
+        concatenated_str = FILTERED_KEYS.map do |element|
+          paymob_response.dig('obj', *element.split('.'))
+        end.join
+        secure_hash = OpenSSL::HMAC.hexdigest(digest, hmac_key, concatenated_str)
+        secure_hash == paymob_response['hmac']
+      end
+    end
+  end
+end

data/lib/paymob_accept/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PaymobAccept
-  VERSION = '0.2.0'
+  VERSION = '0.3.0'
 end

data/lib/paymob_accept.rb

@@ -9,6 +9,7 @@ require 'paymob_accept/api/pay'
 require 'paymob_accept/api/client'
 require 'paymob_accept/api/charge'
 
+require 'paymob_accept/hmac'
 require 'json'
 require 'faraday'
 require 'faraday/net_http'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: paymob_accept
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.3.0
 platform: ruby
 authors:
 - OneOrder
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2022-08-21 00:00:00.000000000 Z
+date: 2022-10-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: faraday
@@ -63,6 +63,7 @@ files:
 - lib/paymob_accept/api/pay.rb
 - lib/paymob_accept/configuration.rb
 - lib/paymob_accept/errors/bad_gateway.rb
+- lib/paymob_accept/hmac.rb
 - lib/paymob_accept/version.rb
 - paymob_accept.gemspec
 homepage: https://github.com/oneorder-tech/paymob-accept