rack-in-app-purchase 0.0.1

data/Gemfile

@@ -0,0 +1,3 @@
+source :rubygems
+
+gemspec

data/Gemfile.lock

@@ -0,0 +1,42 @@
+PATH
+  remote: .
+  specs:
+    rack-in-app-purchase (0.0.1)
+      rack (~> 1.4)
+      sequel (~> 3.37.0)
+      sinatra (~> 1.3.2)
+      venice
+
+GEM
+  remote: http://rubygems.org/
+  specs:
+    commander (4.1.3)
+      highline (~> 1.6.11)
+    excon (0.17.0)
+    highline (1.6.15)
+    json (1.7.7)
+    rack (1.5.2)
+    rack-protection (1.3.2)
+      rack
+    rake (0.9.6)
+    rspec (0.6.4)
+    sequel (3.37.0)
+    sinatra (1.3.4)
+      rack (~> 1.4)
+      rack-protection (~> 1.3)
+      tilt (~> 1.3, >= 1.3.3)
+    terminal-table (1.4.5)
+    tilt (1.3.3)
+    venice (0.0.1)
+      commander (~> 4.1.2)
+      excon (~> 0.17.0)
+      json (~> 1.7.3)
+      terminal-table (~> 1.4.5)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  rack-in-app-purchase!
+  rake (~> 0.9.2)
+  rspec (~> 0.6.1)

data/LICENSE

@@ -0,0 +1,19 @@
+Copyright (c) 2013 Mattt Thompson (http://mattt.me/)
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,86 @@
+# Rack::InAppPurchase
+
+Rack::InAppPurchase is Rack middleware that manages products for in-app-purchases and verifies receipts. Verifying receipts on the server ensures guards against unauthorized use of paid content, as well as providing real-time metrics on purchase history and usage.
+
+Rack::InAppPurchase provides the following endpoints:
+
+- `GET /products/identifiers`: Returns a JSON array of product identifiers from the database
+- `POST /receipts/verify`: Verifies a receipt using Apple's receipt verification webservice, registers the receipt in the database, and returns the receipt.
+
+## Installation
+
+    $ gem install rack-in-app-purchase
+
+## Requirements
+
+- Ruby 1.9
+- PostgreSQL 9.1 running locally ([Postgres.app](http://postgresapp.com) is the easiest way to get a Postgres server running on your Mac)
+
+## Example Usage
+
+Rack::InAppPurchase can be run as Rack middleware or as a single web application. All that is required is a connection to a Postgres database.
+
+### config.ru
+
+```ruby
+require 'bundler'
+Bundler.require
+
+run Rack::InAppPurchase
+```
+
+### Objective-C
+
+```objective-c
+NSURL *url = [NSURL URLWithString:@"https://your-webservice-url.com/verifyReceipt"];
+NSMutableURLRequest *request = [[NSMutableURLRequest alloc] initWithURL:url];
+[request setHTTPMethod:@"POST"];
+
+NSString *params = [NSString stringWithFormat:@"receipt_data=%@", [receiptData base64EncodedString]];
+NSData *httpBody = [params dataUsingEncoding:NSUTF8StringEncoding];
+[request setHTTPBody:httpBody];
+
+[NSURLConnection sendAsynchronousRequest:request
+                                   queue:[NSOperationQueue mainQueue]
+                       completionHandler:^(NSURLResponse *response, NSData *data, NSError *error) {
+    NSHTTPURLResponse *httpResponse = (NSHTTPURLResponse *)response;
+    if (httpResponse.statusCode == 200) {
+        id receipt = [NSJSONSerialization JSONObjectWithData:data
+                                                     options:0 
+                                                     error:nil];
+        NSLog(@"Received receipt: %@", receipt);
+    } else {
+        NSLog(@"Body: %@", [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding]);
+        NSLog(@"ERROR: %@", error);
+    }
+}];
+```
+
+### `curl`
+
+    $ curl -X POST -i -d "receipt-data=(Base64-Encoded String)" https://your-webservice-url.com/verifyReceipt
+
+      HTTP/1.1 203 Non-Authoritative Information
+      Content-Type: application/json;charset=utf-8
+      Content-Length: 365
+      Connection: keep-alive
+      Server: thin 1.5.0 codename Knife
+
+      {"status":0,"receipt":{"quantity":1,"product_id":"com.example.download","transaction_id":"1000000000000001","purchase_date":"Mon, 01 Jan 2013 12:00:00 GMT","original_transaction_id":"1000000000000001","original_purchase_date":"Mon, 01 Jan 2013 12:00:00 GMT","app_item_id":null,"version_external_identifier":null,"bid":"com.example.app","bvrs":"123456789"}}
+
+An example application can be found in the `/example` directory of this repository.
+
+
+---
+
+## Contact
+
+Mattt Thompson
+
+- http://github.com/mattt
+- http://twitter.com/mattt
+- m@mattt.me
+
+## License
+
+Rack::InAppPurchase is available under the MIT license. See the LICENSE file for more info.

data/Rakefile

@@ -0,0 +1,10 @@
+require "bundler"
+Bundler.setup
+
+gemspec = eval(File.read("rack-in-app-purchase.gemspec"))
+
+task :build => "rack-in-app-purchase.gem"
+
+file "rack-in-app-purchase.gem" => gemspec.files + ["rack-in-app-purchase.gemspec"] do
+  system "gem build rack-in-app-purchase.gemspec"
+end

data/lib/rack/in-app-purchase.rb

@@ -0,0 +1,60 @@
+require 'rack'
+require 'rack/contrib'
+
+require 'sinatra/base'
+require 'sinatra/param'
+require 'rack'
+
+require 'sequel'
+
+require 'venice'
+
+module Rack
+  class InAppPurchase < Sinatra::Base
+    VERSION = '0.0.1'
+
+    use Rack::PostBodyContentTypeParser
+    helpers Sinatra::Param
+
+    Sequel.extension :core_extensions, :migration
+
+    autoload :Product, ::File.join(::File.dirname(__FILE__), 'in-app-purchase/models/product')
+    autoload :Receipt, ::File.join(::File.dirname(__FILE__), 'in-app-purchase/models/receipt')
+
+    disable :raise_errors, :show_exceptions
+
+    before do
+      content_type :json
+    end
+
+    get '/products/identifiers' do
+      Product.where(is_enabled: true).map(:product_identifier).to_json
+    end
+
+    post '/receipts/verify' do
+      param :'receipt-data', String, required: true
+
+      status 203
+
+      begin
+        receipt = Venice::Receipt.verify!(params[:'receipt-data'])
+
+        Receipt.create({ip_address: request.ip}.merge(receipt.to_h))
+
+        content = settings.content_callback.call(receipt) rescue nil
+
+        {
+          status: 0,
+          receipt: receipt.to_h,
+          content: content
+        }.select{|k,v| v}.to_json
+      rescue Venice::ReceiptVerificationError => error
+        {
+          status: Integer(error.message)
+        }.to_json
+      rescue
+        halt 500
+      end
+    end
+  end
+end

data/lib/rack/in-app-purchase/migrations/001_base_schema.rb

@@ -0,0 +1,44 @@
+Sequel.migration do
+  up do
+    create_table :in_app_purchase_products do
+      primary_key :id
+
+      column :product_identifier,           :varchar,   null: false
+      column :type,                         :varchar,   null: false
+      column :title,                        :varchar,   null: false
+      column :description,                  :varchar
+      column :price,                        :float8
+      column :price_locale,                 :varchar
+      column :is_enabled,                   :boolean,   default: true
+
+      index :product_identifier
+      index :type
+    end
+
+    create_table :in_app_purchase_receipts do
+      primary_key :id
+
+      column :quantity,                     :int4
+      column :product_id,                   :varchar,   null: false
+      column :transaction_id,               :varchar,   null: false
+      column :purchase_date,                :timestamp, null: false
+      column :original_transaction_id,      :varchar
+      column :original_purchase_date,       :timestamp
+      column :app_item_id,                  :varchar
+      column :version_external_identifier,  :varchar
+      column :bid,                          :varchar
+      column :bvrs,                         :varchar
+      column :ip_address,                   :inet
+      column :created_at,                   :timestamp
+
+      index :product_id
+      index :transaction_id
+      index :app_item_id
+    end
+  end
+  
+  down do
+    drop_table :in_app_purchase_products
+    drop_table :in_app_purchase_receipts
+  end
+end

data/lib/rack/in-app-purchase/models/product.rb

@@ -0,0 +1,23 @@
+module Rack
+  class InAppPurchase
+    class Product < Sequel::Model
+      TYPES = ["Consumable", "Non-Consumable", "Free Subscription", "Auto-Renewable Subscription", "Non-Renewable Subscription"]
+
+      plugin :json_serializer, naked: true, except: :id 
+      plugin :validation_helpers
+      plugin :timestamps, force: true, update_on_create: true
+      
+      self.dataset = :in_app_purchase_products
+      self.strict_param_setting = false
+      self.raise_on_save_failure = false
+
+      def validate
+        super
+      
+        validates_presence [:product_identifier, :title, :description, :price, :price_locale]
+        validates_numeric :price
+        validates_includes TYPES, :type
+      end
+    end
+  end
+end

data/lib/rack/in-app-purchase/models/receipt.rb

@@ -0,0 +1,23 @@
+module Rack
+  class InAppPurchase
+    DB = Sequel.connect(ENV['DATABASE_URL'] || "postgres://localhost:5432/in_app_purchase_example")
+    Sequel::Migrator.run(DB, ::File.join(::File.dirname(__FILE__), "../migrations"))
+
+    class Receipt < Sequel::Model
+      plugin :json_serializer, naked: true, except: :id 
+      plugin :validation_helpers
+      plugin :timestamps, force: true
+      
+      self.dataset = :in_app_purchase_receipts
+      self.strict_param_setting = false
+      self.raise_on_save_failure = false
+
+      def validate
+        super
+      
+        validates_presence [:product_id, :transaction_id, :purchase_date]
+        validates_unique :transaction_id
+      end
+    end
+  end
+end

data/rack-in-app-purchase.gemspec

@@ -0,0 +1,27 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "rack/in-app-purchase"
+
+Gem::Specification.new do |s|
+  s.name        = "rack-in-app-purchase"
+  s.authors     = ["Mattt Thompson"]
+  s.email       = "m@mattt.me"
+  s.homepage    = "http://mattt.me"
+  s.version     = Rack::InAppPurchase::VERSION
+  s.platform    = Gem::Platform::RUBY
+  s.summary     = "Rack::InAppPurchase"
+  s.description = "Rack middleware for in-app purchase receipt verification and product listing."
+
+  s.add_development_dependency "rspec", "~> 0.6.1"
+  s.add_development_dependency "rake",  "~> 0.9.2"
+
+  s.add_dependency "rack", "~> 1.4"
+  s.add_dependency "sinatra", "~> 1.3.2"
+  s.add_dependency "sequel", "~> 3.37.0"
+  s.add_dependency "venice"
+
+  s.files         = Dir["./**/*"].reject { |file| file =~ /\.\/(bin|example|log|pkg|script|spec|test|vendor)/ }
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+end

metadata

@@ -0,0 +1,127 @@
+--- !ruby/object:Gem::Specification
+name: rack-in-app-purchase
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+  prerelease: 
+platform: ruby
+authors:
+- Mattt Thompson
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2013-02-21 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: &70273146777820 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.6.1
+  type: :development
+  prerelease: false
+  version_requirements: *70273146777820
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: &70273146777160 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.9.2
+  type: :development
+  prerelease: false
+  version_requirements: *70273146777160
+- !ruby/object:Gem::Dependency
+  name: rack
+  requirement: &70273146776540 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.4'
+  type: :runtime
+  prerelease: false
+  version_requirements: *70273146776540
+- !ruby/object:Gem::Dependency
+  name: sinatra
+  requirement: &70273146775860 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 1.3.2
+  type: :runtime
+  prerelease: false
+  version_requirements: *70273146775860
+- !ruby/object:Gem::Dependency
+  name: sequel
+  requirement: &70273146775280 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 3.37.0
+  type: :runtime
+  prerelease: false
+  version_requirements: *70273146775280
+- !ruby/object:Gem::Dependency
+  name: venice
+  requirement: &70273146774760 !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: *70273146774760
+description: Rack middleware for in-app purchase receipt verification and product
+  listing.
+email: m@mattt.me
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ./Gemfile
+- ./Gemfile.lock
+- ./lib/rack/in-app-purchase/migrations/001_base_schema.rb
+- ./lib/rack/in-app-purchase/models/product.rb
+- ./lib/rack/in-app-purchase/models/receipt.rb
+- ./lib/rack/in-app-purchase.rb
+- ./LICENSE
+- ./rack-in-app-purchase.gemspec
+- ./Rakefile
+- ./README.md
+homepage: http://mattt.me
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+      segments:
+      - 0
+      hash: -3903980305270513918
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+      segments:
+      - 0
+      hash: -3903980305270513918
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.15
+signing_key: 
+specification_version: 3
+summary: Rack::InAppPurchase
+test_files: []