RubyGems - paymob_accept - Versions diffs - 0.2.1 → 0.3.1 - Mend

paymob_accept 0.2.1 → 0.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

checksums.yaml +4 -4
data/Gemfile.lock +4 -4
data/README.md +23 -11
data/lib/paymob_accept/api/base.rb +5 -6
data/lib/paymob_accept/api/pay.rb +6 -6
data/lib/paymob_accept/configuration.rb +1 -1
data/lib/paymob_accept/hmac.rb +21 -0
data/lib/paymob_accept/version.rb +1 -1
data/lib/paymob_accept.rb +1 -0
metadata +3 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a6ebddca8de134c54bbf5d5f8dceecde5ae4f65cc735f403e40c04afa13e3f5e
-  data.tar.gz: f635a17547b178a9ed8428d1fccf8a8157440e1656b6808375d5984b4e26a8e4
+  metadata.gz: 3f07b80f4fe23b6ca6da25649d650917ebf48802ce93903ca44dde300acf0f89
+  data.tar.gz: 4238ee5fa6e5267b27deac4b3f45701759515420ae4cfc255621691ef8f9b616
 SHA512:
-  metadata.gz: 3925164b5d6519cf7216d719222c79c3882a70e88d56b1227c59a9c6bec93e4c9e499f22a7351620eb66c320550104615dddd2bc99b9da03fc82335c41d0c3b1
-  data.tar.gz: 6009edcbbbc9f9feeaad04f26169cd14b9131102fb651944fee152b4c8c2b2bd62e109a1030b87ee5be5831faea4f0077bff157add1535a0cd87e5d9343616b1
+  metadata.gz: f29651bddc3f492f908304e0aa1f552b597ba9e8feeaff5f67f1bb045b2b8791f5bf66cf72a16291ae43b7036da4277dc5276dd75550351a4fe476396e7af127
+  data.tar.gz: f761e0b4eb1faafd6688beafdf195416ec2db6160265d9227b3e94c332bddf5c4f493965d2a3ce2767c0f9622ad36b90a5e699e21b7d1307f7c85c1ebe499d91

data/Gemfile.lock CHANGED Viewed

@@ -1,15 +1,15 @@
 PATH
   remote: .
   specs:
-    paymob_accept (0.2.0)
+    paymob_accept (0.3.1)
       faraday
       json-schema
 GEM
   remote: https://rubygems.org/
   specs:
-    addressable (2.8.0)
-      public_suffix (>= 2.0.2, < 5.0)
+    addressable (2.8.1)
+      public_suffix (>= 2.0.2, < 6.0)
     diff-lcs (1.5.0)
     faraday (2.5.2)
       faraday-net_http (>= 2.0, < 3.1)
@@ -17,7 +17,7 @@ GEM
     faraday-net_http (3.0.0)
     json-schema (3.0.0)
       addressable (>= 2.8)
-    public_suffix (4.0.7)
+    public_suffix (5.0.0)
     rake (13.0.6)
     rspec (3.11.0)
       rspec-core (~> 3.11.0)

data/README.md CHANGED Viewed

@@ -1,4 +1,4 @@
-# PaymobAccept
+# Paymob Accept
 `paymob_accept` is a Ruby gem created by [OneOrder](https://www.oneorder.net/) for integrating [Paymob](https://paymob.com/en) payment solutions with your Ruby application.
@@ -26,13 +26,14 @@ Configure the gem with your configuration
 ```ruby
 PaymobAccept.configure do |config|
-	config.api_key = "######"
-	config.online_integration_id = "######"
-	config.kiosk_integration_id = "######"
-	config.cash_integration_id = "######"
-	config.wallet_integration_id = "######"
-	config.auth_integration_id = "######"
-	config.moto_integration_id = "######"
+    config.api_key = "######"
+    config.hmac_key = "######"
+    config.online_integration_id = "######"
+    config.kiosk_integration_id = "######"
+    config.cash_integration_id = "######"
+    config.wallet_integration_id = "######"
+    config.auth_integration_id = "######"
+    config.moto_integration_id = "######"
 end
 ```
@@ -111,11 +112,15 @@ The `:method` key in the `charge` method could be one of the following:
 Please refer to the official Paymob documentation for in-depth explanation about each payment method.
-The return value of the `charge` method in general is the response of Paymob's server which varies according to the payment method except in `:online`. In an `:online` payment if an `iframe_id` is provided, the return value is an iFrame URL with an embedded payment token. If the `iframe_id` is not provided, only the payment token is returned
+The return value of the `charge` method in general is the response of Paymob's server which varies according to the payment method except in `:online`. In an `:online` payment if an `iframe_id` is provided, the return value is an iFrame URL with an embedded payment token. If the `iframe_id` is not provided, only the payment token and order_id is returned
 ### Paying with a saved card token
-To pre-fill an iFrame with a customer card data or process a MOTO charge, make sure the `customer_data` hash has a `cc_token` key in addition to the fields mentioned above.
+```ruby
+ def pay_moto(customer:, address:, cc_token:, amount_cents:, amount_currency:)
+```
+- To pre-fill an iFrame with a customer card data or process a MOTO charge, make sure to pass the `cc_token` key in addition to the fields mentioned above.
 ## Dealing with charges
@@ -130,9 +135,16 @@ To pre-fill an iFrame with a customer card data or process a MOTO charge, make s
 - Void a transaction: `service.void!(transaction_id: transaction_id)`
 - Capture an auth transaction: `service.capture!(transaction_id: transaction_id, amount_cents: amount_cents)`
+## HMAC validation
+`PaymobAccept::Hmac.validate(paymob_response: , hmac_key:)`
+`hmac_key` can be either passed once to the configuration block, otherwise, it must be passed to the `validate` function.
 ## Roadmap
-- [ ] HMAC validation
+- [x] HMAC validation
 ## Contributing

data/lib/paymob_accept/api/base.rb CHANGED Viewed

@@ -28,20 +28,20 @@ module PaymobAccept
       end
       # 3. Payment Key Request
-      def generate_payment_intent(customer:, address:, integration_id:, amount_cents:, amount_currency:, iframe_id: nil, order_id: nil, auth_token: get_auth_token)
+      def generate_payment_intent(customer:, address:, integration_id:, amount_cents:, amount_currency:, cc_token: nil, iframe_id: nil, order_id: nil, auth_token: get_auth_token)
         if order_id.nil?
           order = create_order(amount_cents: amount_cents, amount_currency: amount_currency)
           order_id = order['id']
         end
         payment_token = generate_payment_key(auth_token: auth_token, customer: customer, address: address, order_id: order_id, amount_cents: amount_cents, amount_currency: amount_currency,
-                                             integration_id: integration_id)
+                                             integration_id: integration_id, cc_token: cc_token)
-        format_bill_reference(payment_token, iframe_id)
+        { token: format_bill_reference(payment_token, iframe_id), order_id: order_id }
       end
       private
-      def generate_payment_key(customer:, address:, amount_cents:, amount_currency:, integration_id:, order_id: nil, auth_token: get_auth_token)
+      def generate_payment_key(customer:, address:, amount_cents:, amount_currency:, integration_id:, cc_token: nil, order_id: nil, auth_token: get_auth_token)
         body = {
           "auth_token": auth_token,
           "amount_cents": amount_cents.to_i,
@@ -65,7 +65,7 @@ module PaymobAccept
           },
           "integration_id": integration_id
         }
-        body['token'] = customer[:cc_token] unless customer[:cc_token].nil?
+        body['token'] = cc_token unless cc_token.nil?
         response = @client.request('/acceptance/payment_keys', body)
@@ -98,7 +98,6 @@ module PaymobAccept
             "last_name": { "type": 'string' },
             "email": { "type": 'string' },
             "phone_number": { "type": 'string' },
-            "cc_token": { "type": 'string' },
             "wallet_mobile_number": { "type": 'string' }
           },
           "required": %w[email phone_number]

data/lib/paymob_accept/api/pay.rb CHANGED Viewed

@@ -36,15 +36,15 @@ module PaymobAccept
       end
       # Return an iFrame URL if an iframe_id is provided. Otherwise, returns a payment token
-      # The iFrame will be prepoulated with the credit card info if customer[cc_token] is present and is valid stored credit card token on Paymob's server
-      def pay_online(customer:, address:, amount_cents:, amount_currency:, iframe_id: nil)
+      # The iFrame will be prepoulated with the credit card info if cc_token is present and is valid stored credit card token on Paymob's server
+      def pay_online(customer:, address:, amount_cents:, amount_currency:, cc_token: nil, iframe_id: nil)
         generate_payment_intent(customer: customer, address: address, amount_cents: amount_cents, amount_currency: amount_currency,
-                                integration_id: online_integration_id, iframe_id: iframe_id)
+                                integration_id: online_integration_id, iframe_id: iframe_id, cc_token: cc_token)
       end
       # Paying MOTO (ie. with a saved card token)
-      def pay_moto(customer:, address:, amount_cents:, amount_currency:)
-        if customer[:cc_token].nil?
+      def pay_moto(customer:, address:, cc_token:, amount_cents:, amount_currency:)
+        if cc_token.nil?
           raise ArgumentError,
                 'You need to provide a credit card token for MOTO payments'
         end
@@ -52,7 +52,7 @@ module PaymobAccept
         bill_reference = generate_payment_intent(customer: customer, address: address, amount_cents: amount_cents, amount_currency: amount_currency,
                                                  integration_id: auth_integration_id)
         body = {
-          "source": { "subtype": 'TOKEN', "identifier": customer[:cc_token] },
+          "source": { "subtype": 'TOKEN', "identifier": cc_token },
           "payment_token": bill_reference
         }
         @client.request('/acceptance/payments/pay', body)

data/lib/paymob_accept/configuration.rb CHANGED Viewed

@@ -1,7 +1,7 @@
 module PaymobAccept
   class Configuration
     attr_accessor :api_key, :online_integration_id, :cash_integration_id, :kiosk_integration_id,
-                  :auth_integration_id, :wallet_integration_id, :moto_integration_id
+                  :auth_integration_id, :wallet_integration_id, :moto_integration_id, :hmac_key
   end
   class ConfigurationMissingError < StandardError; end

data/lib/paymob_accept/hmac.rb ADDED Viewed

@@ -0,0 +1,21 @@
+module PaymobAccept
+  module Hmac
+    FILTERED_KEYS = %w[amount_cents created_at currency error_occured has_parent_transaction id
+                       integration_id is_3d_secure is_auth is_capture is_refunded is_standalone_payment
+                       is_voided order.id owner
+                       pending source_data.pan source_data.sub_type source_data.type success].freeze
+    class << self
+      def validate(paymob_response:, hmac_key: PaymobAccept.configuration.hmac_key)
+        raise ArgumentError, 'hmac_key is required' if hmac_key.nil?
+        digest = OpenSSL::Digest.new('sha512')
+        concatenated_str = FILTERED_KEYS.map do |element|
+          paymob_response.dig('obj', *element.split('.'))
+        end.join
+        secure_hash = OpenSSL::HMAC.hexdigest(digest, hmac_key, concatenated_str)
+        secure_hash == paymob_response['hmac']
+      end
+    end
+  end
+end

data/lib/paymob_accept/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module PaymobAccept
-  VERSION = '0.2.1'
+  VERSION = '0.3.1'
 end

data/lib/paymob_accept.rb CHANGED Viewed

@@ -9,6 +9,7 @@ require 'paymob_accept/api/pay'
 require 'paymob_accept/api/client'
 require 'paymob_accept/api/charge'
+require 'paymob_accept/hmac'
 require 'json'
 require 'faraday'
 require 'faraday/net_http'

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: paymob_accept
 version: !ruby/object:Gem::Version
-  version: 0.2.1
+  version: 0.3.1
 platform: ruby
 authors:
 - OneOrder
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2022-10-02 00:00:00.000000000 Z
+date: 2022-10-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: faraday
@@ -63,6 +63,7 @@ files:
 - lib/paymob_accept/api/pay.rb
 - lib/paymob_accept/configuration.rb
 - lib/paymob_accept/errors/bad_gateway.rb
+- lib/paymob_accept/hmac.rb
 - lib/paymob_accept/version.rb
 - paymob_accept.gemspec
 homepage: https://github.com/oneorder-tech/paymob-accept