RubyGems - qiwi-pay - Versions diffs - 0.1.0 - Mend

qiwi-pay 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (32) hide show

checksums.yaml +7 -0
data/.gitignore +11 -0
data/.rspec +3 -0
data/.rubocop.yml +8 -0
data/.ruby-version +1 -0
data/.travis.yml +5 -0
data/Gemfile +6 -0
data/Gemfile.lock +65 -0
data/LICENSE +22 -0
data/README.md +296 -0
data/Rakefile +11 -0
data/bin/console +14 -0
data/bin/setup +8 -0
data/lib/qiwi-pay.rb +42 -0
data/lib/qiwi-pay/api/capture_operation.rb +44 -0
data/lib/qiwi-pay/api/payment_operation.rb +29 -0
data/lib/qiwi-pay/api/refund_operation.rb +47 -0
data/lib/qiwi-pay/api/response.rb +35 -0
data/lib/qiwi-pay/api/reversal_operation.rb +47 -0
data/lib/qiwi-pay/api/status_operation.rb +83 -0
data/lib/qiwi-pay/cheque.rb +103 -0
data/lib/qiwi-pay/confirmation.rb +138 -0
data/lib/qiwi-pay/credentials.rb +66 -0
data/lib/qiwi-pay/messages_for_codes.rb +91 -0
data/lib/qiwi-pay/payment_operation.rb +108 -0
data/lib/qiwi-pay/signature.rb +41 -0
data/lib/qiwi-pay/version.rb +5 -0
data/lib/qiwi-pay/wpf/auth_operation.rb +31 -0
data/lib/qiwi-pay/wpf/payment_operation.rb +64 -0
data/lib/qiwi-pay/wpf/sale_operation.rb +29 -0
data/qiwi-pay.gemspec +40 -0
metadata +165 -0

data/lib/qiwi-pay/confirmation.rb ADDED

@@ -0,0 +1,138 @@
+# frozen_string_literal: true
+module QiwiPay
+  # Qiwi payment confirmation (callback)
+  #
+  # @note Confirmation parameters list
+  #   Параметр          Тип данных  Описание
+  #   txn_id            integer     Идентификатор транзакции
+  #   txn_status        integer     Статус транзакции
+  #   txn_type          integer     Тип транзакции
+  #   txn_date          timestamp   Дата транзакции в формате ISO8601 с временной зоной
+  #   error_code        integer     Код ошибки работы системы
+  #   pan               string(19)  Номер карты Покупателя в формате 411111XXXXXX1111
+  #   amount            decimal     Сумма списания
+  #   currency          integer     Валюта суммы списания в цифровом формате согласно ISO 4217
+  #   auth_code         string(6)   Код авторизации
+  #   eci               string(2)   Индикатор E-Commerce операции
+  #   card_name         string(64)  Имя Покупателя, как указано на карте (латинские буквы)
+  #   card_bank         string(64)  Банк-эмитент карты
+  #   order_id          string(256) Уникальный номер заказа в системе ТСП
+  #   ip                string(15)  IP-адрес Покупателя
+  #   email             string(64)  E-mail Покупателя
+  #   country           string(3)   Страна Покупателя в формате 3-х буквенных кодов согласно ISO 3166-1
+  #   city              string(64)  Город местонахождения Покупателя
+  #   region            string(6)   Регион страны формате геокодов согласно ISO 3166-2
+  #   address           string(64)  Адрес местонахождения Покупателя
+  #   phone             string(15)  Контактный телефон Покупателя
+  #   cf1               string(256) Поля для ввода произвольной информации, дополняющей данные по операции. Например - описание услуг ТСП.
+  #   cf2               string(256) Поля для ввода произвольной информации, дополняющей данные по операции. Например - описание услуг ТСП.
+  #   cf3               string(256) Поля для ввода произвольной информации, дополняющей данные по операции. Например - описание услуг ТСП.
+  #   cf4               string(256) Поля для ввода произвольной информации, дополняющей данные по операции. Например - описание услуг ТСП.
+  #   cf5               string(256) Поля для ввода произвольной информации, дополняющей данные по операции. Например - описание услуг ТСП.
+  #   product_name      string(256) Описание услуги которую получает Плательщик.
+  #   card_token        string(40)  Токен карты (если функционал токенизации включен для данного сайта)
+  #   card_token_expire timestamp   Срок истечения токена карты (если функционал токенизации включен для данного сайта)
+  #   sign              string(64)  Контрольная сумма переданных параметров. Контрольная сумма передается в верхнем регистре.
+  #
+  # @note {timestamp} data type is represented by string in format {YYYY-MM-DDThh:mm:ss±hh:mm}
+  class Confirmation
+    include QiwiPay::MessagesForCodes
+    # Available confirmation parameters
+    ALLOWED_PARAMS = %i[
+      txn_id txn_status txn_type txn_date error_code pan
+      amount currency auth_code eci card_name card_bank
+      order_id ip email country city region address phone
+      cf1 cf2 cf3 cf4 cf5
+      product_name
+      card_token card_token_expire
+      sign
+    ].freeze
+    # Parameters of integer type
+    INTEGER_PARAMS = %i[
+      txn_id
+      txn_status
+      txn_type
+      error_code
+      currency
+    ]
+    # Request params used to calculate signature
+    SIGN_PARAMS = %i[
+      txn_id
+      txn_status
+      txn_type
+      error_code
+      amount
+      currency
+      ip
+      email
+    ].freeze
+    # IPs allowed to receive confirmation from
+    ALLOWED_IPS = %w[
+      91.232.231.36
+      79.142.22.81
+      79.142.28.154
+      195.189.102.81
+    ].freeze
+    attr_reader(*ALLOWED_PARAMS)
+    attr_reader :secret
+    # @param crds [Credentials] Api access credentials object
+    # @param params [Hash] Request params
+    def initialize(crds, params)
+      ALLOWED_PARAMS.each do |pname|
+        pval = params.fetch(pname, nil) || params.fetch(pname.to_s, nil)
+        pval = pval.to_i if INTEGER_PARAMS.include?(pname)
+        instance_variable_set "@#{pname}", pval
+      end
+      @secret = crds.secret
+    end
+    # Check server IP address validity
+    # @param ip [String]
+    # @return [Boolean]
+    def valid_server_ip?(ip)
+      ALLOWED_IPS.include? ip
+    end
+    # Check confirmation params signature validity
+    # @return [Boolean]
+    def valid_sign?
+      calculated_sign.upcase == sign
+    end
+    # Check if payment operation was successful (has valid sign and no errors)
+    def success?
+      valid_sign? && !error?
+    end
+    # Check if error code present in response
+    def error?
+      !error_code.zero?
+    end
+    # Converts confirmation data to hash
+    def to_h
+      {}.tap do |h|
+        ALLOWED_PARAMS.each { |p| h[p] = send(p) }
+        h[:txn_status_message] = txn_status_message
+        h[:txn_type_message] = txn_type_message
+      end
+    end
+    private
+    # Calculates signature for parameters
+    def calculated_sign
+      params = SIGN_PARAMS.each_with_object({}) do |p, h|
+        h[p] = send(p).tap { |v| v ? v.to_s : nil }
+      end
+      Signature.new(params, @secret).sign.upcase
+    end
+  end
+end

data/lib/qiwi-pay/credentials.rb ADDED

@@ -0,0 +1,66 @@
+# frozen_string_literal: true
+require 'openssl'
+module QiwiPay
+  # QiwiPay access credentials
+  class Credentials
+    # @return [String]
+    attr_reader :secret
+    # @return [OpenSSL::X509::Certificate]
+    attr_reader :certificate
+    # @return [OpenSSL::PKey::RSA]
+    attr_reader :key
+    # @param secret [String] Secret for signature calculation
+    # @param cert [String;OpenSSL::X509::Certificate] Certificate for API auth
+    # @param key [String;OpenSSL::PKey::RSA] Private key for certificate for API auth
+    # @param key_pass [String] Private key passphrase
+    # @param p12 [String;OpenSSL::PKCS12] Container with key and certificate
+    def initialize(secret:,
+                   cert: nil,
+                   key: nil,
+                   key_pass: nil,
+                   p12: nil)
+      @secret = secret
+      if p12
+        @certificate, @key = load_p12(p12)
+      else
+        @certificate = create_cert(cert) if cert
+        @key = create_key(key, key_pass) if key
+      end
+    end
+    private
+    def create_cert(cert)
+      case cert
+      when OpenSSL::X509::Certificate
+        cert
+      else
+        OpenSSL::X509::Certificate.new(File.read(cert.to_s))
+      end
+    end
+    def create_key(key, key_pass = nil)
+      case key
+      when OpenSSL::PKey::RSA
+        key
+      else
+        OpenSSL::PKey::RSA.new(File.read(key.to_s), key_pass)
+      end
+    end
+    def load_p12(p12_cont)
+      p12 = case p12_cont
+            when OpenSSL::PKCS12
+              p12_cont
+            else
+              OpenSSL::PKCS12.new(File.read(p12_cont.to_s))
+            end
+      [p12.certificate, p12.key]
+    end
+  end
+end

data/lib/qiwi-pay/messages_for_codes.rb ADDED

@@ -0,0 +1,91 @@
+# frozen_string_literal: true
+module QiwiPay
+  # Модуль содержит константы и методы для получения расшифровок кодов
+  module MessagesForCodes
+    # Transaction status messages for codes
+    # @see https://developer.qiwi.com/ru/qiwipay/index.html?json#txn_status
+    TXN_STATUS_MESSAGES = {
+      0 => 'Init',
+      1 => 'Declined',
+      2 => 'Authorized',
+      3 => 'Completed',
+      4 => 'Reconciled',
+      5 => 'Settled'
+    }.freeze
+    # Transaction type messages for codes
+    # @see https://developer.qiwi.com/ru/qiwipay/index.html?json#txn_type
+    TXN_TYPE_MESSAGES = {
+      1 => 'Single-step purchase',
+      2 => 'Purchase: auth',
+      6 => 'Single-step purchase: recurring init',
+      7 => 'Purchase: recurring auth',
+      4 => 'Reversal',
+      3 => 'Refund',
+      5 => 'Recurring',
+      8 => 'Payout',
+      0 => 'Unknown'
+    }.freeze
+    # Error messages for codes
+    # @see https://developer.qiwi.com/ru/qiwipay/index.html?json#errors
+    ERROR_MESSAGES = {
+      0    => 'No errors',
+      8001 => 'Internal error',
+      8002 => 'Operation not supported',
+      8004 => 'Temporary error',
+      8005 => 'Route not found',
+      8006 => 'Card not supported',
+      8018 => 'Parsing error',
+      8019 => 'Validation error',
+      8020 => 'Amount too big',
+      8021 => 'Merchant site not found',
+      8022 => 'Transaction not found',
+      8023 => 'Transaction expired',
+      8025 => 'Opcode is not allowed',
+      8026 => 'Incorrect parent transaction status',
+      8027 => 'Incorrect parent transaction type',
+      8028 => 'Card expired',
+      8051 => 'Merchant disabled',
+      8052 => 'Incorrect transaction state',
+      8054 => 'Invalid signature',
+      8055 => 'Order already payed',
+      8056 => 'In process',
+      8057 => 'Card locked',
+      8058 => 'Access denied',
+      8059 => 'Currency is not allowed',
+      8060 => 'Amount too big',
+      8061 => 'Currency mismatch',
+      8151 => 'Authentification failed',
+      8152 => 'Transaction rejected by security service',
+      8161 => 'Transaction rejected: try again',
+      8162 => 'Transaction rejected: try again',
+      8163 => 'Transaction rejected: contact QIWI support',
+      8164 => 'Transaction rejected: not enought funds, contact card issuer',
+      8165 => 'Transaction rejected: wrong payment details',
+      8168 => 'Transaction rejected: prohibited, contact card issuer'
+    }.freeze
+    # Transaction status description
+    # @return [String]
+    def txn_status_message
+      return unless txn_status
+      TXN_STATUS_MESSAGES[txn_status.to_i] || 'Unknown status'
+    end
+    # Transaction type description
+    # @return [String]
+    def txn_type_message
+      return unless txn_type
+      TXN_TYPE_MESSAGES[txn_type.to_i] || 'Unknown type'
+    end
+    # Error description for code
+    # @return [String]
+    def error_message
+      return unless error_code
+      ERROR_MESSAGES[error_code.to_i] || 'Unknown error'
+    end
+  end
+end

data/lib/qiwi-pay/payment_operation.rb ADDED

@@ -0,0 +1,108 @@
+# frozen_string_literal: true
+require 'cgi'
+module QiwiPay
+  # General patment operation
+  class PaymentOperation
+    # Код операции
+    def self.opcode
+      raise NotImplementedError
+    end
+    # Описание операции
+    def self.description
+      raise NotImplementedError
+    end
+    ATTRIBUTES = %i[
+      txn_id
+      merchant_site currency sign amount order_id
+      email country city region address phone
+      cf1 cf2 cf3 cf4 cf5
+      product_name merchant_uid modifiers card_token order_expire
+      callback_url success_url decline_url
+      cheque
+    ].freeze
+    attr_accessor(*ATTRIBUTES)
+    attr_writer :credentials
+    def initialize(credentials, params = {})
+      params.each do |k, v|
+        send("#{k}=", v) if in_params.include?(k.to_sym)
+      end
+      @credentials = credentials
+    end
+    def opcode
+      self.class.opcode
+    end
+    def description
+      self.class.description
+    end
+    # Formatted amount
+    # @return [String]
+    def amount
+      return unless @amount
+      format '%.2f', @amount
+    end
+    def callback_url=(url)
+      raise ArgumentError, 'Use https URI as callback_url' unless url.start_with?('https://')
+      @callback_url = url
+    end
+    # @param time [String;Time] time to expire order at
+    #   Must be a string in format {YYYY-MM-DDThh:mm:ss±hh:mm} or
+    #   anything responding to {strftime} message
+    # @example
+    #   op.order_expire = Time.now + 3600
+    #   op.order_expire = 15.minutes.since
+    def order_expire=(time)
+      @order_expire =
+        if time.respond_to? :strftime
+          time.strftime('%FT%T%:z')
+        else
+          time.to_s
+        end
+    end
+    private
+    attr_reader :credentials
+    # @return [Array<Symbol>] Operation input parameters
+    def self.in_params
+      raise NotImplementedError
+    end
+    def in_params
+      self.class.in_params
+    end
+    # Builds hash with meaningful params only
+    # @return [Hash]
+    def params_hash
+      %i[opcode].push(*ATTRIBUTES)
+                .map { |a| [a, send(a).to_s] }
+                .to_h
+                .reject { |_k, v| v.nil? || v.empty? }
+    end
+    # Builds and signs request parameters
+    # @return [Hash]
+    def request_params
+      params_hash.tap do |params|
+        params[:sign] = Signature.new(params, credentials.secret).sign
+      end
+    end
+    def cheque
+      return @cheque.encode if @cheque.is_a? Cheque
+      @cheque
+    end
+  end
+end

data/lib/qiwi-pay/signature.rb ADDED

@@ -0,0 +1,41 @@
+# frozen_string_literal: true
+require 'openssl'
+module QiwiPay
+  # Qiwi payment signature calculator
+  class Signature
+    # @param params [Hash] request parameters
+    # @param secret [String] secret key for signature
+    def initialize(params, secret)
+      @params = params.tap do |hs|
+        hs.delete :sign
+        hs.delete 'sign'
+      end
+      @secret = secret.to_s
+    end
+    # Calculates signature
+    # @return [String] params signature
+    def sign
+      digest = OpenSSL::Digest.new('sha256')
+      OpenSSL::HMAC.hexdigest(digest, @secret, build_params_string)
+    end
+    private
+    def build_params_string
+      map_sorted(@params) { |_k, v| v }.reject(&:nil?)
+                                       .map(&:to_s)
+                                       .reject(&:empty?)
+                                       .join('|')
+    end
+    # Maps hash yielding key-value pairs ordered by key
+    def map_sorted(hash)
+      hash.keys
+          .sort_by(&:to_sym)
+          .map { |k| yield k, hash[k] }
+    end
+  end
+end

data/lib/qiwi-pay/version.rb ADDED

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+module QiwiPay
+  VERSION = "0.1.0"
+end