paypal_permissions 0.0.1

data/.gitignore

@@ -0,0 +1,8 @@
+*.gem
+.bundle
+Gemfile.lock
+pkg/*
+.rvmrc
+*~
+.emacs.desktop
+tmp/

data/Gemfile

@@ -0,0 +1,4 @@
+source "http://rubygems.org"
+
+# Specify your gem's dependencies in paypal_permissions.gemspec
+gemspec

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/bin/autospec

@@ -0,0 +1,16 @@
+#!/usr/bin/env ruby
+#
+# This file was generated by Bundler.
+#
+# The application 'autospec' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require 'pathname'
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require 'rubygems'
+require 'bundler/setup'
+
+load Gem.bin_path('paypal_permissions', 'autospec')

data/bin/erubis

@@ -0,0 +1,16 @@
+#!/usr/bin/env ruby
+#
+# This file was generated by Bundler.
+#
+# The application 'erubis' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require 'pathname'
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require 'rubygems'
+require 'bundler/setup'
+
+load Gem.bin_path('erubis', 'erubis')

data/bin/htmldiff

@@ -0,0 +1,16 @@
+#!/usr/bin/env ruby
+#
+# This file was generated by Bundler.
+#
+# The application 'htmldiff' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require 'pathname'
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require 'rubygems'
+require 'bundler/setup'
+
+load Gem.bin_path('paypal_permissions', 'htmldiff')

data/bin/ldiff

@@ -0,0 +1,16 @@
+#!/usr/bin/env ruby
+#
+# This file was generated by Bundler.
+#
+# The application 'ldiff' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require 'pathname'
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require 'rubygems'
+require 'bundler/setup'
+
+load Gem.bin_path('paypal_permissions', 'ldiff')

data/bin/rackup

@@ -0,0 +1,16 @@
+#!/usr/bin/env ruby
+#
+# This file was generated by Bundler.
+#
+# The application 'rackup' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require 'pathname'
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require 'rubygems'
+require 'bundler/setup'
+
+load Gem.bin_path('rack', 'rackup')

data/bin/rails

@@ -0,0 +1,16 @@
+#!/usr/bin/env ruby
+#
+# This file was generated by Bundler.
+#
+# The application 'rails' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require 'pathname'
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require 'rubygems'
+require 'bundler/setup'
+
+load Gem.bin_path('railties', 'rails')

data/bin/rake

@@ -0,0 +1,16 @@
+#!/usr/bin/env ruby
+#
+# This file was generated by Bundler.
+#
+# The application 'rake' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require 'pathname'
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require 'rubygems'
+require 'bundler/setup'
+
+load Gem.bin_path('paypal_permissions', 'rake')

data/bin/rake2thor

@@ -0,0 +1,16 @@
+#!/usr/bin/env ruby
+#
+# This file was generated by Bundler.
+#
+# The application 'rake2thor' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require 'pathname'
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require 'rubygems'
+require 'bundler/setup'
+
+load Gem.bin_path('thor', 'rake2thor')

data/bin/rdoc

@@ -0,0 +1,16 @@
+#!/usr/bin/env ruby
+#
+# This file was generated by Bundler.
+#
+# The application 'rdoc' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require 'pathname'
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require 'rubygems'
+require 'bundler/setup'
+
+load Gem.bin_path('rdoc', 'rdoc')

data/bin/ri

@@ -0,0 +1,16 @@
+#!/usr/bin/env ruby
+#
+# This file was generated by Bundler.
+#
+# The application 'ri' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require 'pathname'
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require 'rubygems'
+require 'bundler/setup'
+
+load Gem.bin_path('rdoc', 'ri')

data/bin/rspec

@@ -0,0 +1,16 @@
+#!/usr/bin/env ruby
+#
+# This file was generated by Bundler.
+#
+# The application 'rspec' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require 'pathname'
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require 'rubygems'
+require 'bundler/setup'
+
+load Gem.bin_path('paypal_permissions', 'rspec')

data/bin/thor

@@ -0,0 +1,16 @@
+#!/usr/bin/env ruby
+#
+# This file was generated by Bundler.
+#
+# The application 'thor' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require 'pathname'
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require 'rubygems'
+require 'bundler/setup'
+
+load Gem.bin_path('thor', 'thor')

data/bin/tilt

@@ -0,0 +1,16 @@
+#!/usr/bin/env ruby
+#
+# This file was generated by Bundler.
+#
+# The application 'tilt' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require 'pathname'
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require 'rubygems'
+require 'bundler/setup'
+
+load Gem.bin_path('tilt', 'tilt')

data/bin/tt

@@ -0,0 +1,16 @@
+#!/usr/bin/env ruby
+#
+# This file was generated by Bundler.
+#
+# The application 'tt' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require 'pathname'
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+require 'rubygems'
+require 'bundler/setup'
+
+load Gem.bin_path('treetop', 'tt')

data/config/locales/en.yml

@@ -0,0 +1,13 @@
+en:
+  errors:
+    messages:
+      not_found: "not found"
+      already_confirmed: "was already confirmed, please try signing in"
+      not_locked: "was not locked"
+      not_saved:
+        one: "1 error prohibited this %{resource} from being saved:"
+        other: "%{count} errors prohibited this %{resource} from being saved:"
+
+  paypal_permissions:
+    success: 'That was a fantastic success.'
+    failure: 'That failed miserably.'

data/lib/active_merchant.rb

@@ -0,0 +1,17 @@
+require 'active_support'
+require 'active_support/core_ext/string/inflections'
+require 'active_support/core_ext/hash/indifferent_access'
+require 'active_support/core_ext/hash/conversions'
+require 'active_support/core_ext/class/attribute'
+require 'active_support/core_ext/class/attribute_accessors'
+require 'active_support/core_ext/class/delegating_attributes'
+require 'active_support/core_ext/module/attribute_accessors'
+require 'active_support/base64'
+
+require 'securerandom'
+require 'builder'
+require 'cgi'
+require 'rexml/document'
+
+require 'active_utils'
+require 'active_merchant/billing'

data/lib/active_merchant/billing.rb

@@ -0,0 +1 @@
+require 'active_merchant/billing/gateways'

data/lib/active_merchant/billing/gateways.rb

@@ -0,0 +1,17 @@
+module ActiveMerchant
+  module Billing
+    autoload :Gateway, 'active_merchant/billing/gateway'
+
+    Dir[File.dirname(__FILE__) + '/gateways/**/*.rb'].each do |f|
+      # Get camelized class name
+      filename = File.basename(f, '.rb')
+      # Add _gateway suffix
+      gateway_name = filename + '_gateway'
+      # Camelize the string to get the class name
+      gateway_class = gateway_name.camelize
+
+      # Register for autoloading
+      autoload gateway_class, f
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/paypal_permissions.rb

@@ -0,0 +1,246 @@
+require 'active_merchant'
+require 'uri'
+require 'cgi'
+require 'openssl'
+require 'base64'
+
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class PaypalPermissionsGateway < Gateway # :nodoc
+      public
+      def self.setup
+        yield self
+      end
+
+      public
+      def initialize(options = {})
+        requires!(options, :login, :password, :signature, :app_id)
+        request_permissions_headers = {
+          'X-PAYPAL-SECURITY-USERID' => options.delete(:login),
+          'X-PAYPAL-SECURITY-PASSWORD' => options.delete(:password),
+          'X-PAYPAL-SECURITY-SIGNATURE' => options.delete(:signature),
+          'X-PAYPAL-APPLICATION-ID' => options.delete(:app_id),
+          'X-PAYPAL-REQUEST-DATA-FORMAT' => 'NV',
+          'X-PAYPAL-RESPONSE-DATA-FORMAT' => 'NV',
+        }
+        request_permissions_headers = {
+          'X-PAYPAL-SECURITY-USERID' => options.delete(:login),
+          'X-PAYPAL-SECURITY-PASSWORD' => options.delete(:password),
+          'X-PAYPAL-SECURITY-SIGNATURE' => options.delete(:signature),
+          'X-PAYPAL-APPLICATION-ID' => options.delete(:app_id),
+          'X-PAYPAL-REQUEST-DATA-FORMAT' => 'NV',
+          'X-PAYPAL-RESPONSE-DATA-FORMAT' => 'NV',
+        }
+        @options = {
+          :request_permissions_headers => request_permissions_headers,
+        }.update(options)
+        super
+      end
+
+      public
+      def request_permissions(callback_url, scope)
+        query_string = build_request_permissions_query_string callback_url, scope
+        nvp_response = ssl_get "#{request_permissions_url}?#{query_string}", @options[:request_permissions_headers]
+        if nvp_response =~ /error\(\d+\)/
+          puts "request: #{request_permissions_url}?#{query_string}\n"
+          puts "nvp_response: #{nvp_response}\n"
+        end
+        response = parse_request_permissions_nvp(nvp_response)
+      end
+
+      public
+      def request_permissions_url
+        test? ? URLS[:test][:request_permissions] : URLS[:live][:request_permissions]
+      end
+
+      public
+      def get_access_token_url
+        test? ? URLS[:test][:get_access_token] : URLS[:live][:get_access_token]
+      end
+
+      public
+      def get_permissions_url
+        test? ? URLS[:test][:get_permissions] : URLS[:live][:get_permissions]
+      end
+
+      private
+      URLS = {
+        :test => {
+          :request_permissions => 'https://svcs.sandbox.paypal.com/Permissions/RequestPermissions',
+          :get_access_token => 'https://svcs.sandbox.paypal.com/Permissions/GetAccessToken',
+          :get_permissions => 'https://svcs.sandbox.paypal.com/Permissions/GetPermissions',
+        },
+        :live => {
+          :request_permissions => 'https://svcs.paypal.com/Permissions/RequestPermissions',
+          :get_access_token => 'https://svcs.paypal.com/Permissions/GetAccessToken',
+          :get_permissions => 'https://svcs.sandbox.paypal.com/Permissions/GetPermissions',
+        }
+      }
+
+      private
+      def build_request_permissions_query_string(callback_url, scope)
+        scopes_query = build_scopes_query_string(scope)
+        "requestEnvelope.errorLanguage=en_US&#{scopes_query}&callback=#{URI.encode(callback_url)}"
+      end
+
+      private
+      def build_scopes_query_string(scope)
+        if scope.is_a? String
+          scopes = scope.split(',')
+        elsif scope.is_a? Array
+          scopes = scope
+        else
+          scopes = []
+        end
+        scopes.collect{ |s| "scope=#{URI.encode(s.to_s.strip.upcase)}" }.join("&")
+      end
+
+      private
+      def setup_request_permission
+        callback
+        scope
+      end
+
+      private
+      def parse_request_permissions_nvp(nvp)
+        response = {
+          :errors => [
+          ],
+        }
+        pairs = nvp.split "&"
+        pairs.each do |pair|
+          n,v = pair.split "="
+          n = CGI.unescape n
+          v = CGI.unescape v
+          case n
+          when "responseEnvelope.timestamp"
+            response[:timestamp] = v
+          when "responseEnvelope.ack"
+            response[:ack] = v
+=begin
+# Client should implement these with logging...
+            case v
+            when "Success"
+            when "Failure"
+            when "Warning"
+            when "SuccessWithWarning"
+            when "FailureWithWarning"
+            end
+=end
+          when "responseEnvelope.correlationId"
+            response[:correlation_id] = v
+          when "responseEnvelope.build"
+            # do nothing
+          when "token"
+            response[:token] = v
+          when /^error\((?<error_idx>\d+)\)/
+            error_idx = error_idx.to_i
+            if response[:errors].length <= error_idx
+              response[:errors] << { :parameters => [] }
+              raise if response[:errors].length <= error_idx
+            end
+            case n
+            when /^error\(\d+\)\.errorId$/
+              response[:errors][error_idx][:error_id] = v
+=begin
+# Client should implement these with logging. PayPal doesn't distinguish
+# between errors which can be corrected by the user and errors which need
+# to be corrected by a developer or merchant, say, in configuration.
+#             case v
+#             when "520002"
+#             when
+=end            
+            when /^error\(\d+\)\.domain$/
+              response[:errors][error_idx][:domain] = v
+            when /^error\(\d+\)\.subdomain$/
+              response[:errors][error_idx][:subdomain] = v
+            when /^error\(\d+\)\.severity$/
+              response[:errors][error_idx][:severity] = v
+            when /^error\(\d+\)\.category$/
+              response[:errors][error_idx][:category] = v
+            when /^error\(\d+\)\.message$/
+              response[:errors][error_idx][:message] = v
+            when /^error\(\d+\)\.parameter\((?<parameter_idx>\d+)\)$/
+              parameter_idx = parameter_idx.to_i
+              if response[:errors][error_idx][:parameters].length <= parameter_idx
+                response[:errors][error_idx][:parameters] << {}
+                raise if response[:errors][error_idx][:parameters].length <= parameter_idx
+              end
+              response[:errors][error_idx][:parameters][parameter_idx] = v
+            end
+          end
+        end
+        response
+      end
+
+      private
+      def authentication_header url
+        timestamp = Time.now.to_i
+        signature = authentication_signature url, timestamp
+        { 'X-PAYPAL-AUTHORIZATION' => "token=#{access_token}, signature=#{signature}, timeStamp=#{timestamp}" }
+      end
+
+      private
+      def authentication_signature url, timestamp
+        # no query params, but if there were, this is where they'd go
+        query_params = {}
+        key = [ password, verifier ].join("&")
+        params = query_params.dup.merge({
+          "oauth_consumer_key" => @options[:request_permissions_headers]['X-PAYPAL-SECURITY-USERID'],
+          "oauth_version" => "1.0",
+          "oauth_signature_method" => "HMAC-SHA1",
+          "oauth_token" => access_token,
+          "oauth_timestamp" => timestamp,
+        })
+        sorted_params = Hash[params.sort]
+        sorted_query_string = sorted_params.to_query
+        data = [ "POST", url, sorted_query_string ].join("&")  # ? "https://api.sandbox.paypal.com/nvp"
+        digest = OpenSSL::Digest::Digest.new('sha1')
+        OpenSSL::HMAC.digest(digest, key, data)
+        enc = Base64.encode64('Send reinforcements')  # encode per RFC 2045 (not 4648
+      end
+        
+
+=begin
+	public static Map getAuthHeader(String apiUserName, String apiPassword,
+			String accessToken, String tokenSecret, HTTPMethod httpMethod,
+			String scriptURI,Map queryParams) throws OAuthException {
+		
+		Map headers=new HashMap();
+		String consumerKey = apiUserName;
+		String consumerSecretStr = apiPassword;
+		String time = String.valueOf(System.currentTimeMillis()/1000);
+		
+		OAuthSignature oauth = new OAuthSignature(consumerKey,consumerSecretStr);
+		if(HTTPMethod.GET.equals(httpMethod) && queryParams != null){
+			Iterator itr = queryParams.entrySet().iterator();
+		    while (itr.hasNext()) {
+		        Map.Entry param = (Map.Entry)itr.next();
+		        String key=(String)param.getKey();
+		        String value=(String)param.getValue();
+		        oauth.addParameter(key,value);
+		    }
+		  }	
+		oauth.setToken(accessToken);
+		oauth.setTokenSecret(tokenSecret);
+		oauth.setHTTPMethod(httpMethod);
+		oauth.setTokenTimestamp(time);
+		oauth.setRequestURI(scriptURI);
+		//Compute Signature
+		String sig = oauth.computeV1Signature();
+		
+		headers.put("Signature", sig);
+		headers.put("TimeStamp", time);
+		return headers;
+		
+	}
+=end
+
+      private
+      def setup_purchase(options)
+        commit('Pay', build_adaptive_payment_pay_request(options))
+      end
+    end
+  end
+end