RubyGems - paymob_accept - Versions diffs - 0.2.1 → 0.3.1 - Mend

paymob_accept 0.2.1 → 0.3.1

Files changed (10) hide show

checksums.yaml +4 -4
data/Gemfile.lock +4 -4
data/README.md +23 -11
data/lib/paymob_accept/api/base.rb +5 -6
data/lib/paymob_accept/api/pay.rb +6 -6
data/lib/paymob_accept/configuration.rb +1 -1
data/lib/paymob_accept/hmac.rb +21 -0
data/lib/paymob_accept/version.rb +1 -1
data/lib/paymob_accept.rb +1 -0
metadata +3 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a6ebddca8de134c54bbf5d5f8dceecde5ae4f65cc735f403e40c04afa13e3f5e
-  data.tar.gz: f635a17547b178a9ed8428d1fccf8a8157440e1656b6808375d5984b4e26a8e4
+  metadata.gz: 3f07b80f4fe23b6ca6da25649d650917ebf48802ce93903ca44dde300acf0f89
+  data.tar.gz: 4238ee5fa6e5267b27deac4b3f45701759515420ae4cfc255621691ef8f9b616
 SHA512:
-  metadata.gz: 3925164b5d6519cf7216d719222c79c3882a70e88d56b1227c59a9c6bec93e4c9e499f22a7351620eb66c320550104615dddd2bc99b9da03fc82335c41d0c3b1
-  data.tar.gz: 6009edcbbbc9f9feeaad04f26169cd14b9131102fb651944fee152b4c8c2b2bd62e109a1030b87ee5be5831faea4f0077bff157add1535a0cd87e5d9343616b1
+  metadata.gz: f29651bddc3f492f908304e0aa1f552b597ba9e8feeaff5f67f1bb045b2b8791f5bf66cf72a16291ae43b7036da4277dc5276dd75550351a4fe476396e7af127
+  data.tar.gz: f761e0b4eb1faafd6688beafdf195416ec2db6160265d9227b3e94c332bddf5c4f493965d2a3ce2767c0f9622ad36b90a5e699e21b7d1307f7c85c1ebe499d91

data/Gemfile.lock CHANGED Viewed

@@ -1,15 +1,15 @@
 PATH
   remote: .
   specs:
-    paymob_accept (0.2.0)
+    paymob_accept (0.3.1)
       faraday
       json-schema
 GEM
   remote: https://rubygems.org/
   specs:
-    addressable (2.8.0)
-      public_suffix (>= 2.0.2, < 5.0)
+    addressable (2.8.1)
+      public_suffix (>= 2.0.2, < 6.0)
     diff-lcs (1.5.0)
     faraday (2.5.2)
       faraday-net_http (>= 2.0, < 3.1)
@@ -17,7 +17,7 @@ GEM
     faraday-net_http (3.0.0)
     json-schema (3.0.0)
       addressable (>= 2.8)
-    public_suffix (4.0.7)
+    public_suffix (5.0.0)
     rake (13.0.6)
     rspec (3.11.0)
       rspec-core (~> 3.11.0)

data/README.md CHANGED Viewed

@@ -1,4 +1,4 @@
-# PaymobAccept
+# Paymob Accept
 `paymob_accept` is a Ruby gem created by [OneOrder](https://www.oneorder.net/) for integrating [Paymob](https://paymob.com/en) payment solutions with your Ruby application.
@@ -26,13 +26,14 @@ Configure the gem with your configuration
 ```ruby
 PaymobAccept.configure do |config|
-	config.api_key = "######"
-	config.online_integration_id = "######"
-	config.kiosk_integration_id = "######"
-	config.cash_integration_id = "######"
-	config.wallet_integration_id = "######"
-	config.auth_integration_id = "######"
-	config.moto_integration_id = "######"
+    config.api_key = "######"
+    config.hmac_key = "######"
+    config.online_integration_id = "######"
+    config.kiosk_integration_id = "######"
+    config.cash_integration_id = "######"
+    config.wallet_integration_id = "######"
+    config.auth_integration_id = "######"
+    config.moto_integration_id = "######"
 end
 ```
@@ -111,11 +112,15 @@ The `:method` key in the `charge` method could be one of the following:
 Please refer to the official Paymob documentation for in-depth explanation about each payment method.
-The return value of the `charge` method in general is the response of Paymob's server which varies according to the payment method except in `:online`. In an `:online` payment if an `iframe_id` is provided, the return value is an iFrame URL with an embedded payment token. If the `iframe_id` is not provided, only the payment token is returned
+The return value of the `charge` method in general is the response of Paymob's server which varies according to the payment method except in `:online`. In an `:online` payment if an `iframe_id` is provided, the return value is an iFrame URL with an embedded payment token. If the `iframe_id` is not provided, only the payment token and order_id is returned
 ### Paying with a saved card token
-To pre-fill an iFrame with a customer card data or process a MOTO charge, make sure the `customer_data` hash has a `cc_token` key in addition to the fields mentioned above.
+```ruby
+ def pay_moto(customer:, address:, cc_token:, amount_cents:, amount_currency:)
+```
+- To pre-fill an iFrame with a customer card data or process a MOTO charge, make sure to pass the `cc_token` key in addition to the fields mentioned above.
 ## Dealing with charges
@@ -130,9 +135,16 @@ To pre-fill an iFrame with a customer card data or process a MOTO charge, make s
 - Void a transaction: `service.void!(transaction_id: transaction_id)`
 - Capture an auth transaction: `service.capture!(transaction_id: transaction_id, amount_cents: amount_cents)`
+## HMAC validation
+`PaymobAccept::Hmac.validate(paymob_response: , hmac_key:)`
+`hmac_key` can be either passed once to the configuration block, otherwise, it must be passed to the `validate` function.
 ## Roadmap
-- [ ] HMAC validation
+- [x] HMAC validation
 ## Contributing

data/lib/paymob_accept/api/base.rb CHANGED Viewed

@@ -28,20 +28,20 @@ module PaymobAccept
       end
       # 3. Payment Key Request
-      def generate_payment_intent(customer:, address:, integration_id:, amount_cents:, amount_currency:, iframe_id: nil, order_id: nil, auth_token: get_auth_token)
+      def generate_payment_intent(customer:, address:, integration_id:, amount_cents:, amount_currency:, cc_token: nil, iframe_id: nil, order_id: nil, auth_token: get_auth_token)
         if order_id.nil?
           order = create_order(amount_cents: amount_cents, amount_currency: amount_currency)
           order_id = order['id']
         end
         payment_token = generate_payment_key(auth_token: auth_token, customer: customer, address: address, order_id: order_id, amount_cents: amount_cents, amount_currency: amount_currency,
-                                             integration_id: integration_id)
+                                             integration_id: integration_id, cc_token: cc_token)
-        format_bill_reference(payment_token, iframe_id)
+        { token: format_bill_reference(payment_token, iframe_id), order_id: order_id }
       end
       private
-      def generate_payment_key(customer:, address:, amount_cents:, amount_currency:, integration_id:, order_id: nil, auth_token: get_auth_token)
+      def generate_payment_key(customer:, address:, amount_cents:, amount_currency:, integration_id:, cc_token: nil, order_id: nil, auth_token: get_auth_token)
         body = {
           "auth_token": auth_token,
           "amount_cents": amount_cents.to_i,
@@ -65,7 +65,7 @@ module PaymobAccept
           },
           "integration_id": integration_id
         }
-        body['token'] = customer[:cc_token] unless customer[:cc_token].nil?
+        body['token'] = cc_token unless cc_token.nil?
         response = @client.request('/acceptance/payment_keys', body)
@@ -98,7 +98,6 @@ module PaymobAccept
             "last_name": { "type": 'string' },
             "email": { "type": 'string' },
             "phone_number": { "type": 'string' },
-            "cc_token": { "type": 'string' },
             "wallet_mobile_number": { "type": 'string' }
           },
           "required": %w[email phone_number]

data/lib/paymob_accept/api/pay.rb CHANGED Viewed

@@ -36,15 +36,15 @@ module PaymobAccept
       end
       # Return an iFrame URL if an iframe_id is provided. Otherwise, returns a payment token
-      # The iFrame will be prepoulated with the credit card info if customer[cc_token] is present and is valid stored credit card token on Paymob's server
-      def pay_online(customer:, address:, amount_cents:, amount_currency:, iframe_id: nil)
+      # The iFrame will be prepoulated with the credit card info if cc_token is present and is valid stored credit card token on Paymob's server
+      def pay_online(customer:, address:, amount_cents:, amount_currency:, cc_token: nil, iframe_id: nil)
         generate_payment_intent(customer: customer, address: address, amount_cents: amount_cents, amount_currency: amount_currency,
-                                integration_id: online_integration_id, iframe_id: iframe_id)
+                                integration_id: online_integration_id, iframe_id: iframe_id, cc_token: cc_token)
       end
       # Paying MOTO (ie. with a saved card token)
-      def pay_moto(customer:, address:, amount_cents:, amount_currency:)
-        if customer[:cc_token].nil?
+      def pay_moto(customer:, address:, cc_token:, amount_cents:, amount_currency:)
+        if cc_token.nil?
           raise ArgumentError,
                 'You need to provide a credit card token for MOTO payments'
         end
@@ -52,7 +52,7 @@ module PaymobAccept
         bill_reference = generate_payment_intent(customer: customer, address: address, amount_cents: amount_cents, amount_currency: amount_currency,
                                                  integration_id: auth_integration_id)
         body = {
-          "source": { "subtype": 'TOKEN', "identifier": customer[:cc_token] },
+          "source": { "subtype": 'TOKEN', "identifier": cc_token },
           "payment_token": bill_reference
         }
         @client.request('/acceptance/payments/pay', body)

data/lib/paymob_accept/configuration.rb CHANGED Viewed

@@ -1,7 +1,7 @@
 module PaymobAccept
   class Configuration
     attr_accessor :api_key, :online_integration_id, :cash_integration_id, :kiosk_integration_id,
-                  :auth_integration_id, :wallet_integration_id, :moto_integration_id
+                  :auth_integration_id, :wallet_integration_id, :moto_integration_id, :hmac_key
   end
   class ConfigurationMissingError < StandardError; end

data/lib/paymob_accept/hmac.rb ADDED Viewed

@@ -0,0 +1,21 @@
+module PaymobAccept
+  module Hmac
+    FILTERED_KEYS = %w[amount_cents created_at currency error_occured has_parent_transaction id
+                       integration_id is_3d_secure is_auth is_capture is_refunded is_standalone_payment
+                       is_voided order.id owner
+                       pending source_data.pan source_data.sub_type source_data.type success].freeze
+    class << self
+      def validate(paymob_response:, hmac_key: PaymobAccept.configuration.hmac_key)
+        raise ArgumentError, 'hmac_key is required' if hmac_key.nil?
+        digest = OpenSSL::Digest.new('sha512')
+        concatenated_str = FILTERED_KEYS.map do |element|
+          paymob_response.dig('obj', *element.split('.'))
+        end.join
+        secure_hash = OpenSSL::HMAC.hexdigest(digest, hmac_key, concatenated_str)
+        secure_hash == paymob_response['hmac']
+      end
+    end
+  end
+end

data/lib/paymob_accept/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module PaymobAccept
-  VERSION = '0.2.1'
+  VERSION = '0.3.1'
 end

data/lib/paymob_accept.rb CHANGED Viewed

@@ -9,6 +9,7 @@ require 'paymob_accept/api/pay'
 require 'paymob_accept/api/client'
 require 'paymob_accept/api/charge'
+require 'paymob_accept/hmac'
 require 'json'
 require 'faraday'
 require 'faraday/net_http'

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: paymob_accept
 version: !ruby/object:Gem::Version
-  version: 0.2.1
+  version: 0.3.1
 platform: ruby
 authors:
 - OneOrder
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2022-10-02 00:00:00.000000000 Z
+date: 2022-10-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: faraday
@@ -63,6 +63,7 @@ files:
 - lib/paymob_accept/api/pay.rb
 - lib/paymob_accept/configuration.rb
 - lib/paymob_accept/errors/bad_gateway.rb
+- lib/paymob_accept/hmac.rb
 - lib/paymob_accept/version.rb
 - paymob_accept.gemspec
 homepage: https://github.com/oneorder-tech/paymob-accept