paypal 0.5.0

data/MIT-LICENSE

@@ -0,0 +1,22 @@
+#--
+# Copyright (c) 2005 Tobias Luetke
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+#++

data/README

@@ -0,0 +1,83 @@
+== Welcome to Paypal/ruby
+
+This library is here to aid with integrating Paypal payments into ruby on rails 
+applications or similar. To set this up you will need to log into your paypal 
+business account and tell paypal where to send the IPN ( Instant payment notifications ). 
+
+== Download
+
+* Preferred method of installation is using rubygems. gem install --source http://dist.leetsoft.com paypal
+* Alternatively you can get the library packaged at http://dist.leetsoft.com/pkg/
+
+== Requirements
+
+* Valid paypal business account. 
+* The money library from http://dist.leetsoft.com/api/money
+
+== Installation 
+
+1) Either install the rubygem for this library ( rake install from source 
+   or gem install --source <url> paypal    using gems directly )
+   
+2) Create a new controller which handels the paypal related tasks.  
+    script/generate controller payment   
+    
+3) Add the Paypal::Helpers to the newly created controller.
+    module PaymentHelper
+      include Paypal::Helpers
+    end
+4) Create a paypal_ipn ( or similar ) action like the one in the "Example rails controller" appendix. 
+
+Within the new payment controller you can now create pages from which users can be sent to paypal. You always 
+have to sent users to paypal using a HTTP Post so a standard link won't work (well OK but you need some javascript for that). The +Paypal::Helper+ namespace has some examples of how such a forward page may look. 
+
+== Testing the integration
+
+Under https://developer.paypal.com/ you can signup for a paypal developer account.
+This allows you to set up "sandboxed" accounts which work and act like real accounts 
+with the difference that no money is exchanged. Its a good idea to sign up for a 
+sandbox account to use while the application is running in development mode. 
+
+
+== Example rails controller
+
+  class BackendController < ApplicationController
+   def paypal_ipn
+     notify = PaypalNotification.new(request.raw_post)
+ 
+     order = Order.find(notify.item_id)
+   
+     if notify.acknowledge 
+       begin
+         
+         if notify.complete? and order.total == notify.amount
+           order.status = 'success' 
+           
+           shop.ship(order)
+         else
+           logger.error("Failed to verify Paypal's notification, please investigate")
+         end
+ 
+       rescue => e
+         order.status = 'failed'      
+         raise
+       ensure
+         order.save
+       end
+     end
+ 
+     render :nothing
+   end
+ end
+
+
+== Example paypal forward page
+
+   <%= paypal_form_tag %>
+     <%= paypal_setup "Item 500", Money.us_dollar(50000), "bob@bigbusiness.com" %>  
+
+     Please press here to pay $500US using paypal. <br/>
+     <%= submit_tag "Go to paypal >>" %>
+
+   <% end_form_tag %> 
+

data/Rakefile

@@ -0,0 +1,221 @@
+require 'rubygems'
+require 'rake'
+require 'rake/testtask'
+require 'rake/rdoctask'
+require 'rake/gempackagetask'
+require 'rake/contrib/rubyforgepublisher'
+
+PKG_VERSION = "0.5.0"
+PKG_NAME = "paypal"
+PKG_FILE_NAME = "#{PKG_NAME}-#{PKG_VERSION}"
+
+PKG_FILES = FileList[
+    "lib/**/*", 
+    "test/*", 
+    "misc/*", 
+    "[A-Z]*", 
+    "MIT-LICENSE",
+    "Rakefile"
+].exclude(/\bCVS\b|~$/)
+
+desc "Default Task"
+task :default => [ :test ]
+
+desc "Delete tar.gz / zip / rdoc"
+task :cleanup => [ :rm_packages, :clobber_rdoc ]
+
+# Run the unit tests
+Rake::TestTask.new("test") { |t|
+  t.libs << "test"
+  t.pattern = 'test/*_test.rb'
+  t.verbose = false
+}
+
+desc "Create a rubygem and install it. Might need root rights"
+task :install => [:package] do
+  `gem install pkg/#{PKG_FILE_NAME}.gem`
+end
+
+# Genereate the RDoc documentation
+
+Rake::RDocTask.new { |rdoc|
+  rdoc.rdoc_dir = 'doc'
+  rdoc.title    = "Paypal library"
+  rdoc.options << '--line-numbers --inline-source'
+  rdoc.rdoc_files.include('README')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+}
+
+task :lines do
+  lines = 0
+  codelines = 0
+  Dir.foreach("lib") { |file_name| 
+    next unless file_name =~ /.*rb/
+
+    f = File.open("lib/" + file_name)
+
+    while line = f.gets
+      lines += 1
+      next if line =~ /^\s*$/
+      next if line =~ /^\s*#/
+      codelines += 1
+    end
+  }
+  puts "Lines #{lines}, LOC #{codelines}"
+end
+
+
+desc "Publish the gem on leetsoft"
+task :publish => [:rdoc, :package] do
+ Rake::SshFilePublisher.new("leetsoft.com", "dist/pkg", "pkg", "#{PKG_FILE_NAME}.zip").upload
+ Rake::SshFilePublisher.new("leetsoft.com", "dist/pkg", "pkg", "#{PKG_FILE_NAME}.tgz").upload
+ Rake::SshFilePublisher.new("leetsoft.com", "dist/gems", "pkg", "#{PKG_FILE_NAME}.gem").upload
+ `ssh tobi@leetsoft.com "mkdir -p dist/api/#{PKG_NAME}"`
+ Rake::SshDirPublisher.new("leetsoft.com", "dist/api/#{PKG_NAME}", "doc").upload
+ `ssh tobi@leetsoft.com './gemupdate'`
+end
+
+spec = Gem::Specification.new do |s|
+  s.name = PKG_NAME
+  s.version = PKG_VERSION
+  s.summary = "Paypal IPN integration for rails apps and similar"
+  s.has_rdoc = true
+
+  s.files = %w(README Rakefile MIT-LICENSE) + Dir['lib/**/*'] + Dir['misc/*'] + Dir['tests/*']
+
+  s.require_path = 'lib'
+  s.autorequire  = 'paypal'
+  s.author = "Tobias Luetke"
+  s.email = "tobi@leetsoft.com"
+  s.homepage = "http://dist.leetsoft.com/api/paypal"  
+  
+  s.add_dependency('money')
+end
+
+Rake::GemPackageTask.new(spec) do |p|
+  p.gem_spec = spec
+  p.need_tar = true
+  p.need_zip = true
+end
+
+
+# --- Ruby forge release manager by florian gross -------------------------------------------------
+
+RUBY_FORGE_PROJECT = 'paypal'
+RUBY_FORGE_USER = 'xal'
+RELEASE_NAME  = "REL #{PKG_VERSION}"
+
+desc "Publish the release files to RubyForge."
+task :release => [:gem] do
+  files = ["gem"].map { |ext| "pkg/#{PKG_FILE_NAME}.#{ext}" }
+
+  if RUBY_FORGE_PROJECT then
+    require 'net/http'
+    require 'open-uri'
+
+    project_uri = "http://rubyforge.org/projects/#{RUBY_FORGE_PROJECT}/"
+    project_data = open(project_uri) { |data| data.read }
+    group_id = project_data[/[?&]group_id=(\d+)/, 1]
+    raise "Couldn't get group id" unless group_id
+
+    # This echos password to shell which is a bit sucky
+    if ENV["RUBY_FORGE_PASSWORD"]
+      password = ENV["RUBY_FORGE_PASSWORD"]
+    else
+      print "#{RUBY_FORGE_USER}@rubyforge.org's password: "
+      password = STDIN.gets.chomp
+    end
+
+    login_response = Net::HTTP.start("rubyforge.org", 80) do |http|
+      data = [
+        "login=1",
+        "form_loginname=#{RUBY_FORGE_USER}",
+        "form_pw=#{password}"
+      ].join("&")
+      http.post("/account/login.php", data)
+    end
+
+    cookie = login_response["set-cookie"]
+    raise "Login failed" unless cookie
+    headers = { "Cookie" => cookie }
+
+    release_uri = "http://rubyforge.org/frs/admin/?group_id=#{group_id}"
+    release_data = open(release_uri, headers) { |data| data.read }
+    package_id = release_data[/[?&]package_id=(\d+)/, 1]
+    raise "Couldn't get package id" unless package_id
+
+    first_file = true
+    release_id = ""
+
+    files.each do |filename|
+      basename  = File.basename(filename)
+      file_ext  = File.extname(filename)
+      file_data = File.open(filename, "rb") { |file| file.read }
+
+      puts "Releasing #{basename}..."
+
+      release_response = Net::HTTP.start("rubyforge.org", 80) do |http|
+        release_date = Time.now.strftime("%Y-%m-%d %H:%M")
+        type_map = {
+          ".zip"    => "3000",
+          ".tgz"    => "3110",
+          ".gz"     => "3110",
+          ".gem"    => "1400"
+        }; type_map.default = "9999"
+        type = type_map[file_ext]
+        boundary = "rubyqMY6QN9bp6e4kS21H4y0zxcvoor"
+
+        query_hash = if first_file then
+          {
+            "group_id" => group_id,
+            "package_id" => package_id,
+            "release_name" => RELEASE_NAME,
+            "release_date" => release_date,
+            "type_id" => type,
+            "processor_id" => "8000", # Any
+            "release_notes" => "",
+            "release_changes" => "",
+            "preformatted" => "1",
+            "submit" => "1"
+          }
+        else
+          {
+            "group_id" => group_id,
+            "release_id" => release_id,
+            "package_id" => package_id,
+            "step2" => "1",
+            "type_id" => type,
+            "processor_id" => "8000", # Any
+            "submit" => "Add This File"
+          }
+        end
+
+        query = "?" + query_hash.map do |(name, value)|
+          [name, URI.encode(value)].join("=")
+        end.join("&")
+
+        data = [
+          "--" + boundary,
+          "Content-Disposition: form-data; name=\"userfile\"; filename=\"#{basename}\"",
+          "Content-Type: application/octet-stream",
+          "Content-Transfer-Encoding: binary",
+          "", file_data, ""
+          ].join("\x0D\x0A")
+
+        release_headers = headers.merge(
+          "Content-Type" => "multipart/form-data; boundary=#{boundary}"
+        )
+
+        target = first_file ? "/frs/admin/qrs.php" : "/frs/admin/editrelease.php"
+        http.post(target + query, data, release_headers)
+      end
+
+      if first_file then
+        release_id = release_response.body[/release_id=(\d+)/, 1]
+        raise("Couldn't get release id") unless release_id
+      end
+
+      first_file = false
+    end
+  end
+end

data/lib/helper.rb

@@ -0,0 +1,86 @@
+module Paypal 
+  # This is a collection of helpers which aid in the creation of paypal buttons 
+  # 
+  # Example:
+  #
+  #    <%= form_tag Paypal::Notification.ipn_url %>
+  #    
+  #      <%= paypal_setup "Item 500", Money.us_dollar(50000), "bob@bigbusiness.com" %>  
+  #      Please press here to pay $500US using paypal. <%= submit_tag %>
+  #    
+  #    <% end_form_tag %> 
+  #
+  # For this to work you have to include these methods as helpers in your rails application.
+  # One way is to add "include Paypal::Helpers" in your application_helper.rb
+  # See Paypal::Notification for information on how to catch payment events. 
+  module Helpers
+    
+    # Convenience helper. Can replace <%= form_tag Paypal::Notification.ipn_url %>
+    def paypal_form_tag
+      form_tag(Paypal::Notification.ipn_url)
+    end
+
+    # This helper creates the hidden form data which is needed for a paypal purchase. 
+    # 
+    # * <tt>item_number</tt> -- The first parameter is the item number. This is for your personal organization and can 
+    #   be arbitrary. Paypal will sent the item number back with the IPN so its a great place to 
+    #   store a user ID or a order ID or something like  this. 
+    #
+    # * <tt>amount</tt> -- should be a parameter of type Money ( see http://leetsoft.com/api/money ) but can also 
+    #   be a string of type "50.00" for 50$. If you use the string syntax make sure you set the current 
+    #   currency as part of the options hash. The default is USD
+    #
+    # * <tt>business</tt> -- This is your paypal account name ( a email ). This needs to be a valid paypal business account.
+    #
+    # The last parameter is a options hash. You can override several things:
+    #
+    # * <tt>:return_url</tt> -- default is nil. If provided paypal will redirect a user back to your application after a 
+    #   successful purchase. Useful for a kind of thankyou page. 
+    # * <tt>:item_name</tt> -- default is 'Store purchase'. This is the name of the purchase which will be displayed
+    #   on the paypal page. 
+    # * <tt>:no_shipping</tt> -- default is '1'. By default we tell paypal that no shipping is required. Usually
+    #   the shipping address should be collected in our application, not by paypal. 
+    # * <tt>:no_note</tt> -- default is '1'
+    # * <tt>:currency</tt> -- default is 'USD'
+    #
+    # Examples:
+    #   
+    #   <%= paypal_setup @order.id, Money.us_dollar(50000), "bob@bigbusiness.com" %>  
+    #   <%= paypal_setup @order.id, 50.00, "bob@bigbusiness.com", :currency => 'USD' %>  
+    #   <%= paypal_setup @order.id, Money.ca_dollar(50000), "bob@bigbusiness.com", :item_name => 'Snowdevil shop purchase', :return_url => url_for(:only_path => false, :action => 'thankyou')  %>  
+    # 
+    def paypal_setup(item_number, amount, business, options = {})
+
+      params = {
+        :item_name => 'Store purchase',
+        :no_shipping => '1',
+        :no_note => '1',
+        :currency => 'USD',
+        :return_url => nil
+      }.merge(options)
+
+      # We accept both, strings and money objects as amount    
+      amount = amount.cents / 100 if amount.respond_to?(:cents)
+      amount = sprintf("%.2f", amount)
+
+      # Build the form 
+      returning button = [] do
+        button << form_tag(Paypal::Notification.ipn_url)
+
+        button << tag(:input, :type => 'hidden', :name => 'cmd', :value => "_xclick")
+        button << tag(:input, :type => 'hidden', :name => 'business', :value => business)
+        button << tag(:input, :type => 'hidden', :name => 'amount', :value => amount)
+        button << tag(:input, :type => 'hidden', :name => 'item_number', :value => item_number)
+        button << tag(:input, :type => 'hidden', :name => 'item_name', :value => params[:item_name])
+        button << tag(:input, :type => 'hidden', :name => 'no_shipping', :value => params[:no_shipping])
+        button << tag(:input, :type => 'hidden', :name => 'no_note', :value => params[:no_note])
+        button << tag(:input, :type => 'hidden', :name => 'return', :value => params[:return_url]) if params[:return_url]
+
+        # if amount was a object of type money or something compatible we will use its currency, 
+        # otherwise get the currency from the options. default is USD
+        button << tag(:input, :type => 'hidden', :name => 'currency_code', :value => amount.respond_to?(:currency) ? amount.currency : params[:currency])
+      end.join("\n")
+    end
+    
+  end
+end

data/lib/notification.rb

@@ -0,0 +1,160 @@
+module Paypal
+  # Parser and handler for incoming Instant payment notifications from paypal. 
+  # The Example shows a typical handler in a rails application.
+  # 
+  # Example
+  #  
+  #   class BackendController < ApplicationController
+  #   
+  #     def paypal_ipn
+  #       notify = PaypalNotification.new(request.raw_post)
+  #   
+  #       order = Order.find(notify.item_id)
+  #     
+  #       if notify.acknowledge 
+  #         begin
+  #           
+  #           if notify.complete? and order.total == notify.amount
+  #             order.status = 'success' 
+  #             
+  #             shop.ship(order)
+  #           else
+  #             logger.error("Failed to verify Paypal's notification, please investigate")
+  #           end
+  #   
+  #         rescue => e
+  #           order.status        = 'failed'      
+  #           raise
+  #         ensure
+  #           order.save
+  #         end
+  #       end
+  #   
+  #       render :nothing
+  #     end
+  #   end
+  class Notification
+    attr_accessor :params
+    attr_accessor :raw
+
+    # Overwrite this url. It points to the Paypal sandbox by default.
+    # Please note that the Paypal technical overview (doc directory)
+    # speaks of a https:// address for production use. In my tests 
+    # this https address does not in fact work. 
+    # 
+    # Example: 
+    #   Paypal::Notification.ipn_url = http://www.paypal.com/cgi-bin/webscr
+    #
+    cattr_accessor :ipn_url
+    @@ipn_url = 'http://www.sandbox.paypal.com/cgi-bin/webscr'
+
+    # Creates a new paypal object. Pass the raw html you got from paypal in. 
+    # In a rails application this looks something like this
+    # 
+    #   def paypal_ipn
+    #     paypal = Paypal::Notification.new(request.raw_post)
+    #     ...
+    #   end
+    def initialize(post)
+      empty!
+      parse(post)
+    end
+
+    # Was the transaction complete?
+    def complete?
+      status == "Completed"
+    end
+
+    # When was this payment received by the client. 
+    # sometimes it can happen that we get the notification much later. 
+    # One possible scenario is that our web application was down. In this case paypal tries several 
+    # times an hour to inform us about the notification
+    def recieved_at
+      Time.parse params['payment_date']
+    end
+
+    # Whats the status of this transaction?
+    def status
+      params['payment_status']
+    end
+
+    # Id of this transaction (paypal number)
+    def transaction_id
+      params['txn_id']
+    end
+
+    # What type of transaction are we dealing with? 
+    #  "cart" "send_money" "web_accept" are possible here. 
+    def type
+      params['txn_type']
+    end
+
+    # the money amount we received in X.2 decimal.
+    def gross
+      params['mc_gross']
+    end
+
+    # the markup paypal charges for the transaction
+    def fee
+      params['mc_fee']
+    end
+
+    # What currency have we been dealing with
+    def currency
+      params['mc_currency']
+    end
+  
+    # This is the item number which we submitted to paypal 
+    def item_id
+      params['item_number']
+    end
+
+    # This combines the gross and currency and returns a proper Money object. 
+    # this requires the money library located at http://dist.leetsoft.com/api/money
+    def amount
+      amount = gross.sub(/[^\d]/, '').to_i
+      Money.new(amount, currency)
+    end
+    
+    # reset the notification. 
+    def empty!
+      @params  = Hash.new
+      @raw     = ""      
+    end
+
+    # Acknowledge the transaction to paypal. This method has to be called after a new 
+    # ipn arrives. Paypal will verify that all the information we received are correct and will return a 
+    # ok or a fail. 
+    # 
+    # Example:
+    # 
+    #   def paypal_ipn
+    #     notify = PaypalNotification.new(request.raw_post)
+    #
+    #     if notify.acknowledge 
+    #       ... process order ... if notify.complete?
+    #     else
+    #       ... log possible hacking attempt ...
+    #     end
+    def acknowledge
+      uri = URI.parse(self.class.ipn_url)
+      status = nil
+      Net::HTTP.start(uri.host, uri.port) do |request|
+        status = request.post(uri.path, raw + "&cmd=_notify-validate").body
+      end
+      status == "VERIFIED"
+    end
+
+    private
+    
+    # Take the posted data and move the relevant data into a hash
+    def parse(post)
+      @raw = post
+      for line in post.split('&')    
+        key, value = *line.scan( %r{^(\w+)\=(.*)$} ).flatten
+        params[key] = CGI.unescape(value)
+      end    
+    end
+
+  end
+end

data/lib/paypal.rb

@@ -0,0 +1,36 @@
+#--
+# Copyright (c) 2005 Tobias Luetke
+#
+# Permission is hereby granted, free of charge, to any person obtaining
+# a copy of this software and associated documentation files (the
+# "Software"), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be
+# included in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+#++
+
+require 'cgi'
+require 'net/http'
+require 'net/https'
+
+begin
+  require 'money' 
+rescue LoadError
+  require 'rubygems'
+  require_gem 'money'
+end
+    
+require File.dirname(__FILE__) + '/notification'
+require File.dirname(__FILE__) + '/helper'

metadata

@@ -0,0 +1,54 @@
+--- !ruby/object:Gem::Specification 
+rubygems_version: 0.8.10
+specification_version: 1
+name: paypal
+version: !ruby/object:Gem::Version 
+  version: 0.5.0
+date: 2005-06-08
+summary: Paypal IPN integration for rails apps and similar
+require_paths: 
+  - lib
+email: tobi@leetsoft.com
+homepage: http://dist.leetsoft.com/api/paypal
+rubyforge_project: 
+description: 
+autorequire: paypal
+default_executable: 
+bindir: bin
+has_rdoc: true
+required_ruby_version: !ruby/object:Gem::Version::Requirement 
+  requirements: 
+    - 
+      - ">"
+      - !ruby/object:Gem::Version 
+        version: 0.0.0
+  version: 
+platform: ruby
+authors: 
+  - Tobias Luetke
+files: 
+  - README
+  - Rakefile
+  - MIT-LICENSE
+  - lib/helper.rb
+  - lib/notification.rb
+  - lib/paypal.rb
+  - "misc/PayPal - Instant Payment Notification - Technical Overview.pdf"
+  - misc/paypal.psd
+test_files: []
+rdoc_options: []
+extra_rdoc_files: []
+executables: []
+extensions: []
+requirements: []
+dependencies: 
+  - !ruby/object:Gem::Dependency 
+    name: money
+    version_requirement: 
+    version_requirements: !ruby/object:Gem::Version::Requirement 
+      requirements: 
+        - 
+          - ">"
+          - !ruby/object:Gem::Version 
+            version: 0.0.0
+      version: