razorpay 3.2.1 → 3.2.3

data/lib/razorpay/oauth_token.rb

@@ -0,0 +1,109 @@
+require 'razorpay/request'
+require 'razorpay/entity'
+require 'razorpay/payload_validator'
+require 'razorpay/validation_config'
+
+module Razorpay
+  # OAuth APIs allow to you create and manage access tokens
+  class OAuthToken < Entity
+    def self.request
+      Razorpay::Request.new('token', Razorpay::AUTH_HOST)
+    end
+
+    def self.get_auth_url(options)
+      validate_auth_url_request(options)
+      uri = URI.join(Razorpay::AUTH_URL, '/authorize')
+
+      query_params = {
+        'response_type' => 'code',
+        'client_id' => options['client_id'], 
+        'redirect_uri' => options['redirect_uri'], 
+        'state' => options['state']
+      }
+
+      options['scopes'].each { |scope| query_params["scope[]"] = scope }
+
+      if options.has_key?('onboarding_signature')
+        query_params['onboarding_signature'] = options['onboarding_signature']
+      end
+      uri.query = URI.encode_www_form(query_params)
+      uri.to_s
+    end
+
+    def self.get_access_token(options)
+      validate_access_token_request(options)
+      r = request
+      r.request :post, "/token", options
+    end
+
+    def self.refresh_token(options)
+        options['grant_type'] = 'refresh_token'
+      validate_refresh_token_request(options)
+      r = request
+      r.request :post, "/token", options
+    end
+
+    def self.revoke_token(options)
+      validate_revoke_token_request(options)
+      r = request
+      r.request :post, "/revoke", options
+    end
+
+    class << self
+        
+      private
+      
+      def validate_auth_url_request(options)
+        Razorpay::PayloadValidator.validate(options, get_validations_for_auth_request_url)
+      end
+
+      def validate_access_token_request(options)
+        Razorpay::PayloadValidator.validate(options, get_validations_for_access_token_request)
+      end
+
+      def validate_refresh_token_request(options)
+        Razorpay::PayloadValidator.validate(options, get_validations_for_refresh_token_request)
+      end
+
+      def validate_revoke_token_request(options)
+        Razorpay::PayloadValidator.validate(options, get_validations_for_revoke_token_request)
+      end
+
+      def get_validations_for_auth_request_url
+        [
+          Razorpay::ValidationConfig.new('client_id', [:id]),
+          Razorpay::ValidationConfig.new('redirect_uri', [:non_empty_string, :url]),
+          Razorpay::ValidationConfig.new('scopes', [:non_null]),
+          Razorpay::ValidationConfig.new('state', [:non_empty_string])
+        ]
+      end
+
+      def get_validations_for_access_token_request
+        [
+          Razorpay::ValidationConfig.new('client_id', [:id]),
+          Razorpay::ValidationConfig.new('client_secret', [:non_empty_string]),
+          Razorpay::ValidationConfig.new('redirect_uri', [:non_empty_string, :url]),
+          Razorpay::ValidationConfig.new('grant_type', [:token_grant])
+        ]
+      end
+
+      def get_validations_for_refresh_token_request
+        [
+          Razorpay::ValidationConfig.new('client_id', [:id]),
+          Razorpay::ValidationConfig.new('client_secret', [:non_empty_string]),
+          Razorpay::ValidationConfig.new('refresh_token', [:non_empty_string]),
+          Razorpay::ValidationConfig.new('grant_type', [:token_grant])
+        ]
+      end
+
+      def get_validations_for_revoke_token_request
+        [
+          Razorpay::ValidationConfig.new('client_id', [:id]),
+          Razorpay::ValidationConfig.new('client_secret', [:non_empty_string]),
+          Razorpay::ValidationConfig.new('token', [:non_empty_string]),
+          Razorpay::ValidationConfig.new('token_type_hint', [:non_empty_string])
+        ]
+      end
+    end
+  end 
+end

data/lib/razorpay/order.rb

@@ -35,5 +35,13 @@ module Razorpay
       # Docs: https://razorpay.com/docs/api/payments/route/#fetch-transfer-for-an-order
       request.get "#{id}/?expand[]=transfers&status"
     end
+
+    def self.view_rto(id)
+      request.post "#{id}/rto_review"
+    end
+    
+    def self.edit_fulfillment(id, options = {})
+      request.post "#{id}/fulfillment", options
+    end
   end
 end

data/lib/razorpay/payload_validator.rb

@@ -0,0 +1,93 @@
+module Razorpay
+
+  ValidationType = {
+    non_null: :non_null,
+    non_empty_string: :non_empty_string,
+    url: :url,
+    id: :id,
+    mode: :mode,
+    token_grant: :token_grant
+  }
+
+  # PayloadValidator allows to perform basic validations
+  class PayloadValidator
+    def self.validate(request, validation_configs)
+      validation_configs.each do |config|
+        field_name = config.field_name
+        config.validations.each do |validation_type|
+          apply_validation(request, field_name, validation_type)
+        end
+      end
+    end
+
+    class << self
+
+      private
+
+      def apply_validation(payload, field, validation_type)
+        case validation_type
+        when ValidationType[:non_null]
+          validate_non_null(payload, field)
+        when ValidationType[:non_empty_string]
+          validate_non_empty_string(payload, field)
+        when ValidationType[:url]
+          validate_url(payload, field)
+        when ValidationType[:id]
+          validate_id(payload, field)
+        when ValidationType[:mode]
+          validate_mode(payload, field)
+        when ValidationType[:token_grant]
+          validate_grant_type(payload, field)
+        end
+      end
+
+      def validate_non_null(payload, field)
+        raise Razorpay::Error.new, "Field #{field} cannot be null" unless payload.key?(field) && !payload[field].nil?
+      end
+
+      def validate_non_empty_string(payload, field)
+        raise Razorpay::Error.new, "Field #{field} cannot be empty" if payload[field].to_s.strip.empty?
+      end
+
+      def validate_url(payload, field)
+        url = payload[field]
+        url_regex = /^(http[s]?):\/\/[^\s\/$.?#].[^\s]*$/
+        
+        unless url_regex.match?(url)
+          error_message = "Field #{field} is not a valid URL"
+          raise Razorpay::Error.new, error_message
+        end
+      end
+
+      def validate_id(payload, field)
+        validate_non_null(payload, field)
+        validate_non_empty_string(payload, field)
+        value = payload[field]
+        id_regex = /^[A-Za-z0-9]{1,14}$/
+
+        unless value.match?(id_regex)
+          error_message = "Field #{field} is not a valid ID"
+          raise Razorpay::Error.new, error_message
+        end
+      end
+
+      def validate_mode(payload, field)
+        validate_non_null(payload, field)
+        unless ["test", "live"].include?(payload[field])
+          error_message = "Invalid value provided for field #{field}"
+          raise Razorpay::Error.new, error_message
+        end
+      end
+
+      def validate_grant_type(payload, field)
+        validate_non_null(payload, field)
+        case payload[field]
+        when 'authorization_code'
+          validate_non_null(payload, 'code');
+        when 'refresh_token'
+          validate_non_null(payload, 'refresh_token');
+        end
+      end
+    end
+  end
+end

data/lib/razorpay/payment.rb

@@ -112,5 +112,9 @@ module Razorpay
     def self.validate_vpa(data={})
       request.post "validate/vpa" , data
     end
+
+    def self.expand_details(id, options={})
+      request.get "#{id}", options
+    end
   end
 end

data/lib/razorpay/request.rb

@@ -11,20 +11,30 @@ module Razorpay
 
     ssl_ca_file File.dirname(__FILE__) + '/../ca-bundle.crt'
 
-    def initialize(entity_name = nil)
-      self.class.base_uri(Razorpay::BASE_URI)
+    def initialize(entity_name = nil, host = Razorpay::API_HOST)
+      self.class.base_uri(get_base_url(host))
       @entity_name = entity_name
       custom_headers = Razorpay.custom_headers || {}
       predefined_headers = {
         'User-Agent' => "Razorpay-Ruby/#{Razorpay::VERSION}; Ruby/#{RUBY_VERSION}"
       }
+
       # Order is important to give precedence to predefined headers
       headers = custom_headers.merge(predefined_headers)
-      @options = {
-        basic_auth: Razorpay.auth,
-        timeout: 30,
-        headers: headers
-      }
+
+      if Razorpay.auth_type == Razorpay::OAUTH
+        @options = {
+          timeout: 30,
+          headers: headers
+        }
+        headers['Authorization'] = 'Bearer ' + Razorpay.access_token 
+      else 
+        @options = {
+          basic_auth: Razorpay.auth,
+          timeout: 30,
+          headers: headers
+        }
+      end
     end
 
     def fetch(id, version="v1")
@@ -74,6 +84,13 @@ module Razorpay
       self.class.send(method, url, @options)
     end
 
+    def get_base_url(host)
+      if host == Razorpay::AUTH_HOST
+        return Razorpay::AUTH_URL
+      end 
+      Razorpay::BASE_URI
+    end
+
     # Since we need to change the base route
     def make_test_request
       self.class.get Razorpay::TEST_URL, @options

data/lib/razorpay/transfer.rb

@@ -31,5 +31,9 @@ module Razorpay
     def self.fetch_settlements
       request.get "?expand[]=recipient_settlement"
     end
+
+    def self.reversals(id)
+      request.get "#{id}/reversals"
+    end  
   end
 end

data/lib/razorpay/utility.rb

@@ -26,6 +26,11 @@ module Razorpay
       verify_signature(body, signature, secret)
     end
 
+    def self.generate_onboarding_signature(body, secret)
+      json_data = body.to_json
+      encrypt(json_data, secret);
+    end
+
     class << self
       private
 
@@ -52,6 +57,25 @@ module Razorpay
 
         r.zero?
       end
+
+      def encrypt(data, secret)
+        iv = secret[0, 12]
+        key = secret[0, 16]
+
+        cipher = OpenSSL::Cipher.new('aes-128-gcm')
+        cipher.encrypt
+        cipher.key = key
+        cipher.iv = iv
+
+        cipher.auth_data = ""
+
+        encrypted = cipher.update(data) + cipher.final
+
+        tag = cipher.auth_tag
+        combined_encrypted_data = encrypted + tag
+
+        encrypted_data_hex = combined_encrypted_data.unpack1("H*")
+      end
     end
   end
 end

data/lib/razorpay/validation_config.rb

@@ -0,0 +1,11 @@
+module Razorpay
+
+  class ValidationConfig
+    attr_reader :field_name, :validations
+
+    def initialize(field_name, validations)
+      @field_name = field_name
+      @validations = validations
+    end
+  end
+end

data/lib/razorpay.rb

@@ -26,15 +26,24 @@ require 'razorpay/token'
 require 'razorpay/product'
 require 'razorpay/stakeholder'
 require 'razorpay/account'
+require 'razorpay/document'
+require 'razorpay/dispute'
+require 'razorpay/oauth_token'
 
 # Base Razorpay module
 module Razorpay
   class << self
-    attr_accessor :auth, :custom_headers
+    attr_accessor :auth, :custom_headers, :access_token, :auth_type
   end
 
   def self.setup(key_id, key_secret)
     self.auth = { username: key_id, password: key_secret }
+    self.auth_type = Razorpay::PRIVATE_AUTH
+  end
+
+  def self.setup_with_oauth(access_token)
+    self.access_token = access_token
+    self.auth_type = Razorpay::OAUTH
   end
 
   def self.headers=(headers = {})

data/test/fixtures/dispute_collection.json

@@ -0,0 +1,67 @@
+{
+    "entity": "collection",
+    "count": 2,
+    "items": [
+      {
+        "id": "disp_Esz7KAitoYM7PJ",
+        "entity": "dispute",
+        "payment_id": "pay_EsyWjHrfzb59eR",
+        "amount": 10000,
+        "currency": "INR",
+        "amount_deducted": 0,
+        "reason_code": "pre_arbitration",
+        "respond_by": 1590604200,
+        "status": "open",
+        "phase": "pre_arbitration",
+        "created_at": 1590059211,
+        "evidence": {
+          "amount": 10000,
+          "summary": null,
+          "shipping_proof": null,
+          "billing_proof": null,
+          "cancellation_proof": null,
+          "customer_communication": null,
+          "proof_of_service": null,
+          "explanation_letter": null,
+          "refund_confirmation": null,
+          "access_activity_log": null,
+          "refund_cancellation_policy": null,
+          "term_and_conditions": null,
+          "others": null,
+          "submitted_at": null
+        }
+      },
+      {
+        "id": "disp_Esyvk3kZj0isXk",
+        "entity": "dispute",
+        "payment_id": "pay_EsyWjHrfzb59eR",
+        "amount": 5000,
+        "currency": "INR",
+        "amount_deducted": 0,
+        "reason_code": "warning_bulletin_or_exception_file",
+        "respond_by": 1590604200,
+        "status": "won",
+        "phase": "chargeback",
+        "created_at": 1590058554,
+        "evidence": {
+          "amount": 5000,
+          "summary": null,
+          "shipping_proof": [
+            "doc_EFtmUsbwpXwBH9",
+            "doc_EFtmUsbwpXwBH8"
+          ],
+          "billing_proof": null,
+          "cancellation_proof": null,
+          "customer_communication": null,
+          "proof_of_service": null,
+          "explanation_letter": null,
+          "refund_confirmation": null,
+          "access_activity_log": null,
+          "refund_cancellation_policy": null,
+          "term_and_conditions": null,
+          "others": null,
+          "submitted_at": 1590604100
+        }
+      }
+    ]
+  }

data/test/fixtures/dispute_error.json

@@ -0,0 +1,10 @@
+{
+    "error": {
+        "code": "BAD_REQUEST_ERROR",
+        "description": "The id provided does not exist",
+        "source": "business",
+        "step": "payment_initiation",
+        "reason": "input_validation_failed",
+        "metadata": {}
+    }
+}

data/test/fixtures/document_error.json

@@ -0,0 +1,10 @@
+{
+    "error": {
+        "code": "BAD_REQUEST_ERROR",
+        "description": "Invalid file id provided or merchant is unauthorized to access the fileId(s) provided",
+        "source": "NA",
+        "step": "NA",
+        "reason": "NA",
+        "metadata": {}
+    }
+}

data/test/fixtures/error_customer.json

@@ -0,0 +1,10 @@
+{
+    "error": {
+        "code": "BAD_REQUEST_ERROR",
+        "description": "The id provided does not exist",
+        "source": "business",
+        "step": "payment_initiation",
+        "reason": "input_validation_failed",
+        "metadata": {}
+    }
+}

data/test/fixtures/error_eligibility.json

@@ -0,0 +1,10 @@
+{
+    "error": {
+        "code": "BAD_REQUEST_ERROR",
+        "description": "The eligibility  id does not exist.",
+        "source": "NA",
+        "step": "NA",
+        "reason": "NA",
+        "metadata": {}
+    }
+}

data/test/fixtures/error_eligibility_check.json

@@ -0,0 +1,10 @@
+{
+    "error": {
+        "code": "BAD_REQUEST_ERROR",
+        "description": "Amount is required.",
+        "source": "NA",
+        "step": "NA",
+        "reason": "NA",
+        "metadata": {}
+    }
+}

data/test/fixtures/fake_bank_account.json

@@ -0,0 +1,9 @@
+{
+    "id": "ba_LSZht1Cm7xFTwF",
+    "entity": "bank_account",
+    "ifsc": "ICIC0001207",
+    "bank_name": "ICICI Bank",
+    "name": "Gaurav Kumar",
+    "notes": [],
+    "account_number": "XXXXXXXXXXXXXXX0434"
+}

data/test/fixtures/fake_dispute.json

@@ -0,0 +1,29 @@
+{
+    "id": "disp_XXXXXXXXXXXXX",
+    "entity": "dispute",
+    "payment_id": "pay_EsyWjHrfzb59eR",
+    "amount": 10000,
+    "currency": "INR",
+    "amount_deducted": 0,
+    "reason_code": "pre_arbitration",
+    "respond_by": 1590604200,
+    "status": "open",
+    "phase": "pre_arbitration",
+    "created_at": 1590059211,
+    "evidence": {
+      "amount": 10000,
+      "summary": "goods delivered",
+      "shipping_proof": null,
+      "billing_proof": null,
+      "cancellation_proof": null,
+      "customer_communication": null,
+      "proof_of_service": null,
+      "explanation_letter": null,
+      "refund_confirmation": null,
+      "access_activity_log": null,
+      "refund_cancellation_policy": null,
+      "term_and_conditions": null,
+      "others": null,
+      "submitted_at": null
+    }
+  }

data/test/fixtures/fake_document.json

@@ -0,0 +1,9 @@
+{
+    "entity": "document",
+    "id": "doc_O4KANwWi2kHGiV",
+    "purpose": "dispute_evidence",
+    "created_at": 1714368859,
+    "mime_type": "image/jpeg",
+    "display_name": "Screenshot 2022-09-12 at 5.48.23 PM",
+    "size": 334201
+}

data/test/fixtures/fake_eligiblity.json

@@ -0,0 +1,79 @@
+{
+  "amount": "500000",
+  "customer": {
+    "id": "KkBhM9EC1Y0HTm",
+    "contact": "+918220722114"
+  },
+  "instruments": [
+    {
+      "method": "emi",
+      "issuer": "HDFC",
+      "type": "debit",
+      "eligibility_req_id": "elig_KkCNLzlNeMYQyZ",
+      "eligibility": {
+        "status": "eligible"
+      }
+    },
+    {
+      "method": "paylater",
+      "provider": "getsimpl",
+      "eligibility_req_id": "elig_KkCNLzlNeMYQyZ",
+      "eligibility": {
+        "status": "eligible"
+      }
+    },
+    {
+      "method": "paylater",
+      "provider": "icic",
+      "eligibility_req_id": "elig_KkCNLzlNeMYQyZ",
+      "eligibility": {
+        "status": "eligible"
+      }
+    },
+    {
+      "method": "cardless_emi",
+      "provider": "walnut369",
+      "eligibility_req_id": "elig_KkCNLzlNeMYQyZ",
+      "eligibility": {
+        "status": "ineligible",
+        "error": {
+          "code": "GATEWAY_ERROR",
+          "description": "The customer has not been approved by the partner.",
+          "source": "business",
+          "step": "inquiry",
+          "reason": "user_not_approved"
+        }
+      }
+    },
+    {
+      "method": "cardless_emi",
+      "provider": "zestmoney",
+      "eligibility_req_id": "elig_KkCNLzlNeMYQyZ",
+      "eligibility": {
+        "status": "ineligible",
+        "error": {
+          "code": "GATEWAY_ERROR",
+          "description": "The customer has exhausted their credit limit.",
+          "source": "business",
+          "step": "inquiry",
+          "reason": "credit_limit_exhausted"
+        }
+      }
+    },
+    {
+      "method": "paylater",
+      "provider": "lazypay",
+      "eligibility_req_id": "elig_KkCNLzlNeMYQyZ",
+      "eligibility": {
+        "status": "ineligible",
+        "error": {
+          "code": "GATEWAY_ERROR",
+          "description": "The order amount is less than the minimum transaction amount.",
+          "source": "business",
+          "step": "inquiry",
+          "reason": "min_amt_required"
+        }
+      }
+    }
+  ]
+}

data/test/fixtures/fake_fulfillment.json

@@ -0,0 +1,10 @@
+{
+   "entity": "order.fulfillment",
+   "order_id": "EKwxwAgItXXXX",
+   "payment_method": "upi",
+   "shipping": {
+     "waybill": "123456789",
+     "status": "rto",
+     "provider": "Bluedart"
+   }
+}

data/test/fixtures/fake_oauth_token.json

@@ -0,0 +1,8 @@
+{
+    "public_token": "rzp_test_oauth_9xu1rkZqoXlClS",
+    "token_type": "Bearer",
+    "expires_in": 7862400,
+    "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6IkY1Z0NQYkhhRzRjcUpnIn0.eyJhdWQiOiJGNFNNeEgxanMxbkpPZiIsImp0aSI6IkY1Z0NQYkhhRzRjcUpnIiwiaWF0IjoxNTkyODMxMDExLCJuYmYiOjE1OTI4MzEwMTEsInN1YiI6IiIsImV4cCI6MTYwMDc3OTgxMSwidXNlcl9pZCI6IkYycVBpejJEdzRPRVFwIiwibWVyY2hhbnRfaWQiOiJGMnFQaVZ3N0lNV01GSyIsInNjb3BlcyI6WyJyZWFkX29ubHkiXX0.Wwqt5czhoWpVzP5_aoiymKXoGj-ydo-4A_X2jf_7rrSvk4pXdqzbA5BMrHxPdPbeFQWV6vsnsgbf99Q3g-W4kalHyH67LfAzc3qnJ-mkYDkFY93tkeG-MCco6GJW-Jm8xhaV9EPUak7z9J9jcdluu9rNXYMtd5qxD8auyRYhEgs",
+    "refresh_token": "def50200f42e07aded65a323f6c53181d802cc797b62cc5e78dd8038d6dff253e5877da9ad32f463a4da0ad895e3de298cbce40e162202170e763754122a6cb97910a1f58e2378ee3492dc295e1525009cccc45635308cce8575bdf373606c453ebb5eb2bec062ca197ac23810cf9d6cf31fbb9fcf5b7d4de9bf524c89a4aa90599b0151c9e4e2fa08acb6d2fe17f30a6cfecdfd671f090787e821f844e5d36f5eacb7dfb33d91e83b18216ad0ebeba2bef7721e10d436c3984daafd8654ed881c581d6be0bdc9ebfaee0dc5f9374d7184d60aae5aa85385690220690e21bc93209fb8a8cc25a6abf1108d8277f7c3d38217b47744d7",
+    "razorpay_account_id": "acc_Dhk2qDbmu6FwZH"
+}