revolut-connect 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 9267f44243fdcd4eb8506475f0766c8696e86c1ca1eff5d015b0023faed2ea10
+  data.tar.gz: b310c700d99c101e6f923a2066264a15b0b143d769b963d92df5e626c6021188
+SHA512:
+  metadata.gz: 3d3bf7d3d056bcf68e3199fd0d9f6264ba81301ae5dc9c503aa83d46f1de2172d74cb58fbded6c3c116479c6438ebf9b14488f76a7a2ddf8ab6173c4e870ad01
+  data.tar.gz: 6130b8b132106023f1f8aac3e924829e443119c4ec2b104403b9a2b38751142bd269997e103c3d635e72f32229f69b96c2490c0e03ca5197f2ac824bed003690

data/.env.sample

@@ -0,0 +1,6 @@
+REVOLUT_CLIENT_ID={YOUR APP CLIENT ID}
+REVOLUT_SIGNING_KEY="{YOUR APP SIGNING KEY IN ONE LINE JOINED BY NEW LINES (e.g: -----BEGIN PRIVATE KEY-----\n....)}"
+REVOLUT_AUTHORIZE_REDIRECT_URI=https://example.com
+REVOLUT_ISS=example.com
+REVOLUT_ENVIRONMENT=sandbox
+REVOLUT_AUTH_JSON="{PRELOADED AUTH SO THAT YOU CAN SKIP THE FIRST TIME AUTHORIZATION FLOW}"

data/.env.test

@@ -0,0 +1,5 @@
+REVOLUT_CLIENT_ID=fake_client_id
+REVOLUT_SIGNING_KEY=fake_signing_key
+REVOLUT_AUTHORIZE_REDIRECT_URI=https://example.com
+REVOLUT_ISS=example.com
+REVOLUT_ENVIRONMENT=sandbox

data/.rspec

@@ -0,0 +1,3 @@
+--format documentation
+--color
+--require spec_helper

data/.ruby-version

@@ -0,0 +1 @@
+3.2.2

data/.standard.yml

@@ -0,0 +1,3 @@
+# For available configuration options, see:
+#   https://github.com/testdouble/standard
+ruby_version: 3.2.2

data/.vscode/settings.json

@@ -0,0 +1,11 @@
+{
+  "rubyLsp.formatter": "none", // Use standard rbfmt instead
+  "editor.formatOnSave": true,
+  "editor.codeActionsOnSave": {
+    "source.organizeImports": "explicit"
+  },
+  "[ruby]": {
+    "editor.defaultFormatter": "testdouble.vscode-standard-ruby"
+  },
+  "standardRuby.autofix": true
+}

data/CHANGELOG.md

@@ -0,0 +1,5 @@
+## [Unreleased]
+
+## [0.1.0] - 2024-02-29
+
+- Initial release

data/CODE_OF_CONDUCT.md

@@ -0,0 +1,84 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+We as members, contributors, and leaders pledge to make participation in our community a harassment-free experience for everyone, regardless of age, body size, visible or invisible disability, ethnicity, sex characteristics, gender identity and expression, level of experience, education, socio-economic status, nationality, personal appearance, race, religion, or sexual identity and orientation.
+
+We pledge to act and interact in ways that contribute to an open, welcoming, diverse, inclusive, and healthy community.
+
+## Our Standards
+
+Examples of behavior that contributes to a positive environment for our community include:
+
+* Demonstrating empathy and kindness toward other people
+* Being respectful of differing opinions, viewpoints, and experiences
+* Giving and gracefully accepting constructive feedback
+* Accepting responsibility and apologizing to those affected by our mistakes, and learning from the experience
+* Focusing on what is best not just for us as individuals, but for the overall community
+
+Examples of unacceptable behavior include:
+
+* The use of sexualized language or imagery, and sexual attention or
+  advances of any kind
+* Trolling, insulting or derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or email
+  address, without their explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Enforcement Responsibilities
+
+Community leaders are responsible for clarifying and enforcing our standards of acceptable behavior and will take appropriate and fair corrective action in response to any behavior that they deem inappropriate, threatening, offensive, or harmful.
+
+Community leaders have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, and will communicate reasons for moderation decisions when appropriate.
+
+## Scope
+
+This Code of Conduct applies within all community spaces, and also applies when an individual is officially representing the community in public spaces. Examples of representing our community include using an official e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be reported to the community leaders responsible for enforcement at martin.mochetti@gmail.com. All complaints will be reviewed and investigated promptly and fairly.
+
+All community leaders are obligated to respect the privacy and security of the reporter of any incident.
+
+## Enforcement Guidelines
+
+Community leaders will follow these Community Impact Guidelines in determining the consequences for any action they deem in violation of this Code of Conduct:
+
+### 1. Correction
+
+**Community Impact**: Use of inappropriate language or other behavior deemed unprofessional or unwelcome in the community.
+
+**Consequence**: A private, written warning from community leaders, providing clarity around the nature of the violation and an explanation of why the behavior was inappropriate. A public apology may be requested.
+
+### 2. Warning
+
+**Community Impact**: A violation through a single incident or series of actions.
+
+**Consequence**: A warning with consequences for continued behavior. No interaction with the people involved, including unsolicited interaction with those enforcing the Code of Conduct, for a specified period of time. This includes avoiding interactions in community spaces as well as external channels like social media. Violating these terms may lead to a temporary or permanent ban.
+
+### 3. Temporary Ban
+
+**Community Impact**: A serious violation of community standards, including sustained inappropriate behavior.
+
+**Consequence**: A temporary ban from any sort of interaction or public communication with the community for a specified period of time. No public or private interaction with the people involved, including unsolicited interaction with those enforcing the Code of Conduct, is allowed during this period. Violating these terms may lead to a permanent ban.
+
+### 4. Permanent Ban
+
+**Community Impact**: Demonstrating a pattern of violation of community standards, including sustained inappropriate behavior,  harassment of an individual, or aggression toward or disparagement of classes of individuals.
+
+**Consequence**: A permanent ban from any sort of public interaction within the community.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 2.0,
+available at https://www.contributor-covenant.org/version/2/0/code_of_conduct.html.
+
+Community Impact Guidelines were inspired by [Mozilla's code of conduct enforcement ladder](https://github.com/mozilla/diversity).
+
+[homepage]: https://www.contributor-covenant.org
+
+For answers to common questions about this code of conduct, see the FAQ at
+https://www.contributor-covenant.org/faq. Translations are available at https://www.contributor-covenant.org/translations.

data/Gemfile

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+source "https://rubygems.org"
+
+# Specify your gem's dependencies in revolut-connect.gemspec
+gemspec
+
+gem "rake", "~> 13.0"
+
+group :development, :test do
+  gem "byebug", "~> 11.1"
+  gem "pry", "~> 0.14.2"
+  gem "pry-byebug", "~> 3.10"
+  gem "pry-rescue", "~> 1.5"
+  gem "pry-stack_explorer", "~> 0.6.1"
+  gem "dotenv"
+  gem "standard", "~> 1.3"
+end
+
+group :test do
+  gem "rspec", "~> 3.0"
+  gem "webmock", "~> 3.23.0"
+  gem "simplecov"
+  gem "simplecov-cobertura"
+end

data/Gemfile.lock

@@ -0,0 +1,143 @@
+PATH
+  remote: .
+  specs:
+    revolut-connect (0.1.0)
+      faraday (>= 1)
+      faraday-retry (>= 1)
+      jwt (>= 1)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    addressable (2.8.6)
+      public_suffix (>= 2.0.2, < 6.0)
+    ast (2.4.2)
+    base64 (0.2.0)
+    bigdecimal (3.1.6)
+    binding_of_caller (1.0.0)
+      debug_inspector (>= 0.0.1)
+    byebug (11.1.3)
+    coderay (1.1.3)
+    crack (1.0.0)
+      bigdecimal
+      rexml
+    debug_inspector (1.2.0)
+    diff-lcs (1.5.1)
+    docile (1.4.0)
+    dotenv (3.1.0)
+    faraday (2.9.0)
+      faraday-net_http (>= 2.0, < 3.2)
+    faraday-net_http (3.1.0)
+      net-http
+    faraday-retry (2.2.0)
+      faraday (~> 2.0)
+    hashdiff (1.1.0)
+    interception (0.5)
+    json (2.7.1)
+    jwt (2.8.1)
+      base64
+    language_server-protocol (3.17.0.3)
+    lint_roller (1.1.0)
+    method_source (1.0.0)
+    net-http (0.4.1)
+      uri
+    parallel (1.24.0)
+    parser (3.3.0.5)
+      ast (~> 2.4.1)
+      racc
+    pry (0.14.2)
+      coderay (~> 1.1)
+      method_source (~> 1.0)
+    pry-byebug (3.10.1)
+      byebug (~> 11.0)
+      pry (>= 0.13, < 0.15)
+    pry-rescue (1.6.0)
+      interception (>= 0.5)
+      pry (>= 0.12.0)
+    pry-stack_explorer (0.6.1)
+      binding_of_caller (~> 1.0)
+      pry (~> 0.13)
+    public_suffix (5.0.4)
+    racc (1.7.3)
+    rainbow (3.1.1)
+    rake (13.1.0)
+    regexp_parser (2.9.0)
+    rexml (3.2.6)
+    rspec (3.13.0)
+      rspec-core (~> 3.13.0)
+      rspec-expectations (~> 3.13.0)
+      rspec-mocks (~> 3.13.0)
+    rspec-core (3.13.0)
+      rspec-support (~> 3.13.0)
+    rspec-expectations (3.13.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.13.0)
+    rspec-mocks (3.13.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.13.0)
+    rspec-support (3.13.1)
+    rubocop (1.61.0)
+      json (~> 2.3)
+      language_server-protocol (>= 3.17.0)
+      parallel (~> 1.10)
+      parser (>= 3.3.0.2)
+      rainbow (>= 2.2.2, < 4.0)
+      regexp_parser (>= 1.8, < 3.0)
+      rexml (>= 3.2.5, < 4.0)
+      rubocop-ast (>= 1.30.0, < 2.0)
+      ruby-progressbar (~> 1.7)
+      unicode-display_width (>= 2.4.0, < 3.0)
+    rubocop-ast (1.31.1)
+      parser (>= 3.3.0.4)
+    rubocop-performance (1.20.2)
+      rubocop (>= 1.48.1, < 2.0)
+      rubocop-ast (>= 1.30.0, < 2.0)
+    ruby-progressbar (1.13.0)
+    simplecov (0.22.0)
+      docile (~> 1.1)
+      simplecov-html (~> 0.11)
+      simplecov_json_formatter (~> 0.1)
+    simplecov-cobertura (2.1.0)
+      rexml
+      simplecov (~> 0.19)
+    simplecov-html (0.12.3)
+    simplecov_json_formatter (0.1.4)
+    standard (1.34.0)
+      language_server-protocol (~> 3.17.0.2)
+      lint_roller (~> 1.0)
+      rubocop (~> 1.60)
+      standard-custom (~> 1.0.0)
+      standard-performance (~> 1.3)
+    standard-custom (1.0.2)
+      lint_roller (~> 1.0)
+      rubocop (~> 1.50)
+    standard-performance (1.3.1)
+      lint_roller (~> 1.1)
+      rubocop-performance (~> 1.20.2)
+    unicode-display_width (2.5.0)
+    uri (0.13.0)
+    webmock (3.23.0)
+      addressable (>= 2.8.0)
+      crack (>= 0.3.2)
+      hashdiff (>= 0.4.0, < 2.0.0)
+
+PLATFORMS
+  x86_64-darwin-23
+
+DEPENDENCIES
+  byebug (~> 11.1)
+  dotenv
+  pry (~> 0.14.2)
+  pry-byebug (~> 3.10)
+  pry-rescue (~> 1.5)
+  pry-stack_explorer (~> 0.6.1)
+  rake (~> 13.0)
+  revolut-connect!
+  rspec (~> 3.0)
+  simplecov
+  simplecov-cobertura
+  standard (~> 1.3)
+  webmock (~> 3.23.0)
+
+BUNDLED WITH
+   2.4.22

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2024 Martin Mochetti
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,236 @@
+# Revolut Connect
+
+<a href="https://codecov.io/github/moraki-finance/revolut-connect" >
+ <img src="https://codecov.io/github/moraki-finance/revolut-connect/graph/badge.svg?token=SKTT14JJGV"/>
+</a>
+
+[![Tests](https://github.com/moraki-finance/revolut-connect/actions/workflows/main.yml/badge.svg?branch=main)](https://github.com/moraki-finance/revolut-connect/actions/workflows/main.yml)
+
+A lightweight API connector for Revolut. Revolut docs: <https://developer.revolut.com/>
+
+_:warning: The extracted API objects don't do input parameters validations. It's a simple faraday wrapper that allows you to send as many inputs as you want. The Revolut API might fail when passing a wrong set of parameters._
+
+_:warning: For now this connector only supports the [Business API](https://developer.revolut.com/docs/business/business-api). Pull requests are welcomed to support other APIs._
+
+## Supported APIs & Resources
+
+### Business API
+
+- `Account`
+- `Counterparty`
+- `Payment`
+- `Transaction`
+- `TransferReason`
+
+## :construction: Roadmap
+
+### Business API
+
+- `Card` resource
+- `ForeignExchange` resource
+- `PaymentDraft` resource
+- `PayoutLink` resource
+- `Simulation` resource
+- `TeamMember` resource
+- `Transfer` resource
+- `Webhooks` resource
+
+### Merchants API
+
+- Authentication
+- Resources
+
+### Open Banking API
+
+- Authentication
+- Resources
+
+## Installation
+
+Install the gem and add to the application's Gemfile by executing:
+
+```bash
+  bundle add revolut-connect
+```
+
+If bundler is not being used to manage dependencies, install the gem by executing:
+
+```bash
+  gem install revolut-connect
+```
+
+## Usage
+
+### First Time Authorization
+
+1. Generate a certificate for your API integration and register the API into your Revolut business account by following [this tutorial](https://developer.revolut.com/docs/guides/manage-accounts/get-started/make-your-first-api-request#1-add-your-certificate).
+
+2. From the step above, you'll need to copy the `client id`, the `private key` and the `iss` values that Revolut asks you to generate. We'll set these as environment variables as follows:
+
+    ```text
+      REVOLUT_CLIENT_ID={YOUR APP CLIENT ID}
+      REVOLUT_SIGNING_KEY="{YOUR APP SIGNING KEY IN ONE LINE JOINED BY NEW LINES (e.g: -----BEGIN PRIVATE KEY-----\n....)}"
+      REVOLUT_ISS={YOUR ISS}
+    ```
+
+3. Set the Revolut authorization redirect URI. This URI is what Revolut will use to redirect to after the user has authorized the API to access the account. Revolut will redirect to this URL adding a `code` query param that we'll need to exchange for the first access token ([reference](https://developer.revolut.com/docs/guides/manage-accounts/get-started/make-your-first-api-request#3-consent-to-the-application)):
+
+    ```text
+    REVOLUT_AUTHORIZE_REDIRECT_URI={YOUR REVOLUT AUTH HANDLING DOMAIN}
+    ```
+
+4. In revolut, after adding all the API details (uploading the certificate, iss, etc), enable the API. This will take you to the APP authorization consent form. After you authorize the app, you should be redirected to the domain you set in the configuration with the authorization `code` in query params. Copy this code.
+
+    ![Screenshot 2024-03-01 at 6 45 45 AM](https://github.com/moraki-finance/revolut-connect/assets/3678598/94f3e3c0-143d-40e7-9f14-69d1ea4f68f5)
+
+    ![Screenshot 2024-03-01 at 6 46 11 AM](https://github.com/moraki-finance/revolut-connect/assets/3678598/a9c2a55d-3e7d-420c-8d9d-c9617438856f)
+
+5. Exchange the code for your first time access token:
+
+    ```rb
+    revolut_auth = Revolut::Auth.exchange(authorization_code: "{CODE YOU COPIED IN PREVIOUS STEP}")
+    ```
+
+6. This will return a `Revolut::Auth` object with the access token in it. It's highly recommended that you persist this information somewhere so that it can later be loaded without needing to go through this code exchange process again:
+
+    ```rb
+    auth_to_persist = revolut_auth.to_json # Persist this somewhere (database, redis, etc.). Remember to encrypt it if you persist it.
+    ```
+
+    And then, when you need to load the auth again:
+
+    ```rb
+    Revolut::Auth.load(auth_to_persist)
+    ```
+
+    You can also store this json in an environment variable and the gem will auto load it:
+
+    ```text
+      REVOLUT_AUTH_JSON={auth_to_persist}
+    ```
+
+    :tada: You're all set to start using the API.
+
+### Configuration
+
+In rails applications, it's standard to provide an initializer (e.g `config/initializers/revolut.rb`) to load all the configuration settings of the gem. If you follow the previous step (First Time Authorization), you can do the following:
+
+```rb
+Revolut.configure do |config|
+  # Your app client id. Typically stored in the environment variables as it's a sensitive secret.
+  config.client_id = ENV["REVOLUT_CLIENT_ID"]
+
+  # Your app private key. Typically stored in the environment variables as it's a sensitive secret.
+  config.signing_key = ENV["REVOLUT_SIGNING_KEY"]
+
+  # The URI that Revolut will redirect to upon a successful authorization.
+  # Used to get the authorization code and exchange it for an access_token.
+  config.authorize_redirect_uri = ENV["REVOLUT_AUTHORIZE_REDIRECT_URI"]
+
+  # Optional: JWT issuer domain. Typically your app domain.
+  # Default: example.com
+  config.iss = ENV["REVOLUT_ISS"]
+
+  # Optional: Timeout of the underlying faraday requests.
+  # Default: 120
+  config.request_timeout = 120
+
+  # Optional: Set extra headers that will get attached to every revolut api request.
+  # Useful for observability tools like Helicone: https://www.helicone.ai/
+  # Default: {}
+  config.global_headers = {
+    "Helicone-Auth": "Bearer {HELICONE_API_KEY}"
+    "helicone-stream-force-format" => "true",
+  }
+
+  # Optional: Set the environment to be production or sandbox.
+  # Default: sandbox
+  config.environment = ENV["REVOLUT_ENVIRONMENT"]
+end
+```
+
+### Resources
+
+#### Accounts
+
+<https://developer.revolut.com/docs/business/accounts>
+
+```rb
+# List revolut accounts
+accounts = Revolut::Account.list
+
+# Retrieve a single account
+account = Revolut::Account.retrieve(accounts.last.id)
+
+# List bank accounts
+bank_details = Revolut::Account.bank_details(accounts.last.id)
+```
+
+#### Counterparties
+
+<https://developer.revolut.com/docs/business/counterparties>
+
+```rb
+# List counterparties
+counterparties = Revolut::Counterparty.list
+
+# Create a counterparty
+created_counterparty = Revolut::Counterparty.create(
+  profile_type: "personal",
+  name: "John Smith",
+  revtag: "johnsmith"
+)
+
+# Retrieve a counterparty
+retrieved_counterparty = Revolut::Counterparty.retrieve(created_counterparty.id)
+
+# Delete a counterparty
+deleted = Revolut::Counterparty.delete(retrieved_counterparty.id)
+```
+
+#### Payments
+
+<https://developer.revolut.com/docs/business/create-payment>
+
+```rb
+# Create a payment transaction
+payment = Revolut::Payment.create(
+  request_id: "49c6a48b-6b58-40a0-b974-0b8c4888c8a7", # Your app's own payment ID.
+  account_id: "af98333c-ea53-482b-93c2-1fa5e4eae671",
+  receiver: {
+    counterparty_id: "49c6a48b-6b58-40a0-b974-0b8c4888c8a7",
+    account_id: "9116f03a-c074-4585-b261-18a706b3768b"
+  },
+  amount: 1000.99,
+  charge_bearer: "debtor",
+  currency: "EUR",
+  reference: "To John Doe"
+)
+
+# List payment transactions
+transactions = Revolut::Payment.list
+
+# Retrieve a payment transaction
+transaction = Revolut::Payment.retrieve(payment.id)
+
+# Delete a payment transaction
+deleted = Revolut::Payment.delete(transaction.id)
+```
+
+## Development
+
+After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and the created tag, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at <https://github.com/moraki-finance/revolut-connect>. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct](https://github.com/moraki-finance/revolut-connect/blob/main/CODE_OF_CONDUCT.md).
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
+
+## Code of Conduct
+
+Everyone interacting in the Revolut::Connect project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://github.com/[USERNAME]/revolut-connect/blob/main/CODE_OF_CONDUCT.md).

data/Rakefile

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec)
+
+require "standard/rake"
+
+task default: %i[spec standard]

data/lib/revolut/client.rb

@@ -0,0 +1,32 @@
+module Revolut
+  class Client
+    include Revolut::HTTP
+
+    CONFIG_KEYS = %i[
+      client_id
+      signing_key
+      iss
+      authorize_redirect_uri
+      base_uri
+      environment
+      request_timeout
+      global_headers
+    ].freeze
+
+    attr_reader(*CONFIG_KEYS)
+
+    def self.instance
+      @instance ||= new
+    end
+
+    private
+
+    def initialize
+      CONFIG_KEYS.each do |key|
+        # Set instance variables like api_type & access_token. Fall back to global config
+        # if not present.
+        instance_variable_set(:"@#{key}", Revolut.config.send(key))
+      end
+    end
+  end
+end

data/lib/revolut/http.rb

@@ -0,0 +1,117 @@
+require "uri"
+
+module Revolut
+  module HTTP
+    def get(path, headers: {}, **query)
+      full_uri = uri(path:, query:)
+
+      conn.get(full_uri) do |req|
+        req.headers = all_headers(headers)
+      end
+    end
+
+    def post(path, data: {}, headers: {}, **query)
+      full_uri = uri(path:, query:)
+
+      conn.post(full_uri) do |req|
+        req.body = data.to_json if data.any?
+        req.headers = all_headers(headers)
+      end
+    end
+
+    def patch(path, data: {}, headers: {}, **query)
+      full_uri = uri(path:, query:)
+
+      conn.patch(full_uri) do |req|
+        req.body = data.to_json if data.any?
+        req.headers = all_headers(headers)
+      end
+    end
+
+    def delete(path, headers: {}, **query)
+      full_uri = uri(path:, query:)
+
+      conn.delete(full_uri) do |req|
+        req.headers = all_headers(headers)
+      end
+    end
+
+    def get_access_token(authorization_code:)
+      full_uri = uri(path: "auth/token")
+
+      conn(content_type: :url_encoded, authed: false).post(full_uri) do |req|
+        req.headers = global_headers
+        req.body = URI.encode_www_form({
+          grant_type: "authorization_code",
+          code: authorization_code,
+          client_assertion_type: "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
+          client_assertion:
+        })
+      end
+    end
+
+    def refresh_access_token(refresh_token:)
+      full_uri = uri(path: "auth/token")
+
+      conn(content_type: :url_encoded, authed: false).post(full_uri) do |req|
+        req.headers = global_headers
+        req.body = URI.encode_www_form({
+          grant_type: "refresh_token",
+          refresh_token:,
+          client_assertion_type: "urn:ietf:params:oauth:client-assertion-type:jwt-bearer",
+          client_assertion:
+        })
+      end
+    end
+
+    private
+
+    def conn(content_type: :json, authed: true)
+      Faraday.new do |f|
+        f.options[:timeout] = request_timeout
+
+        # Request middlewares
+        f.request content_type
+        f.request :retry, { # Retries a request after refreshing the token if we get an UnauthorizedError
+          max: 1,
+          exceptions: [Faraday::UnauthorizedError],
+          retry_block: ->(env:, options:, retry_count:, exception:, will_retry_in:) {
+            Revolut::Auth.refresh(force: true)
+            env.request_headers = env.request_headers.merge("Authorization" => "Bearer #{Revolut::Auth.access_token}")
+          }
+        }
+        f.request :authorization, "Bearer", -> { Revolut::Auth.access_token } if authed
+
+        # Response middlewares
+        f.response :json
+        f.response ENV["CONSOLE"] ? :catch_error : :raise_error
+      end
+    end
+
+    def uri(path:, query: {})
+      File.join(base_uri, path) + "?#{URI.encode_www_form(query)}"
+    end
+
+    def all_headers(request_headers = {})
+      global_headers.merge(request_headers)
+    end
+
+    def client_assertion
+      private_key = OpenSSL::PKey::RSA.new(signing_key)
+
+      payload = {
+        iss:,
+        sub: client_id,
+        aud: "https://revolut.com",
+        exp: Time.now.to_i + 120 # Expires in 2 minutes
+      }
+
+      header = {
+        alg: "RS256",
+        typ: "JWT"
+      }
+
+      JWT.encode(payload, private_key, "RS256", header)
+    end
+  end
+end

data/lib/revolut/middlewares/catch_error.rb

@@ -0,0 +1,17 @@
+# Helper middleware only intended to be used in the console.
+# The idea is to have a fast extraction of the API error message from the response body.
+class CatchError < Faraday::Middleware
+  def on_complete(env)
+    raise_error_middleware.on_complete(env)
+  rescue Faraday::Error => e
+    raise e, JSON.parse(e.response[:body])["message"]
+  end
+
+  private
+
+  def raise_error_middleware
+    @raise_error_middleware ||= Faraday::Response::RaiseError.new
+  end
+end
+
+Faraday::Response.register_middleware catch_error: CatchError

data/lib/revolut/resources/account.rb

@@ -0,0 +1,16 @@
+module Revolut
+  # Reference: https://developer.revolut.com/docs/business/counterparties
+  class Account < Resource
+    not_allowed_to :create, :update, :delete
+
+    def self.resources_name
+      "accounts"
+    end
+
+    def self.bank_details(id)
+      response = http_client.get("/#{resources_name}/#{id}/bank-details")
+
+      response.body.map(&Revolut::BankAccount)
+    end
+  end
+end

data/lib/revolut/resources/auth.rb

@@ -0,0 +1,119 @@
+require "jwt"
+
+module Revolut
+  class Auth < Resource
+    class NotAuthorizedError < StandardError
+      def initialize
+        super(
+          "You need to authorize your app to access the Revolut business account of the user\n" \
+            "Please visit #{Revolut::Auth.authorize_url} to get an authorization code that you can then use with the Revolut::Auth.retrieve method to get an access token."
+        )
+      end
+    end
+
+    class << self
+      attr_accessor :token_type, :refresh_token
+      attr_writer :access_token, :expires_at
+
+      # Generates the authorization URL for the Revolut API.
+      # Use this URI to redirect the user to Revolut's authorization page
+      # to authorize your app to access her business account.
+      #
+      # @return [String] The authorization URL.
+      def authorize_url
+        "#{authorize_base_uri}?client_id=#{Revolut.config.client_id}&redirect_uri=#{Revolut.config.authorize_redirect_uri}&response_type=code#authorise"
+      end
+
+      # Exchanges the authorization code for an access token.
+      #
+      # @param authorization_code [String] The authorization code to retrieve the access token.
+      # @return [Auth] The newly created Revolut::Auth object.
+      def exchange(authorization_code:)
+        auth_json = http_client.get_access_token(authorization_code:).body
+        load(auth_json)
+        new(auth_json)
+      end
+
+      # Loads authentication data from a JSON object.
+      #
+      # @param auth_json [Hash] The JSON object containing authentication data.
+      # @return [void]
+      def load(auth_json)
+        @access_token = auth_json["access_token"]
+        @token_type = auth_json["token_type"]
+        @expires_at = Time.now.to_i + auth_json["expires_in"]
+        @refresh_token = auth_json["refresh_token"]
+      end
+
+      # Returns the access token too access the Revolut API.
+      # Raises Revolut::Auth::NotAuthorizedError if the access token is not set.
+      # Refreshes the access token if it has expired.
+      #
+      # @return [String] The access token.
+      def access_token
+        # If there's no token set in the authorization class, it means that we're trying to
+        # access the API without having gone through the authorization process.
+        raise Revolut::Auth::NotAuthorizedError if @access_token.nil?
+
+        refresh if expired?
+
+        @access_token
+      end
+
+      # Refreshes the access token if it has expired or if force is set to true.
+      #
+      # @param force [Boolean] Whether to force refresh the access token.
+      # @return [Revolut::Resources::Auth] The refreshed authentication object.
+      def refresh(force: false)
+        return unless expired? || force
+
+        new(http_client.refresh_access_token(refresh_token:).body).tap do |refreshed_auth|
+          @access_token = refreshed_auth.access_token
+          @token_type = refreshed_auth.token_type
+          @expires_at = Time.now.to_i + refreshed_auth.expires_in
+        end
+      end
+
+      # Returns the expiration date and time of the authentication token.
+      #
+      # @return [DateTime] The expiration date and time.
+      def expires_at
+        Time.at(@expires_at).utc.to_datetime
+      end
+
+      # Checks if the access_token has expired.
+      #
+      # Returns:
+      # - true if the access_token has expired
+      # - false otherwise
+      def expired?
+        expires_at && Time.now.to_i >= @expires_at
+      end
+
+      # Loads authentication information from environment variable REVOLUT_AUTH_JSON.
+      #
+      # If the access token is not already set and the environment variable REVOLUT_AUTH_JSON is present,
+      # this method loads the JSON data from the environment variable and calls the load method to set the authentication information.
+      #
+      # Example:
+      #   auth.load_from_env
+      #
+      # @return [void]
+      def load_from_env
+        env_json = ENV["REVOLUT_AUTH_JSON"]
+
+        return unless @access_token.nil? && env_json
+
+        load(JSON.parse(env_json))
+      end
+
+      private
+
+      def authorize_base_uri
+        Revolut.sandbox? ?
+          "https://sandbox-business.revolut.com/app-confirm" :
+          "https://business.revolut.com/app-confirm"
+      end
+    end
+  end
+end

data/lib/revolut/resources/bank_account.rb

@@ -0,0 +1,6 @@
+module Revolut
+  # Reference: https://developer.revolut.com/docs/business/counterparties
+  class BankAccount < Resource
+    shallow # do not allow any resource operations on this resource
+  end
+end

data/lib/revolut/resources/counterparty.rb

@@ -0,0 +1,15 @@
+module Revolut
+  # Reference: https://developer.revolut.com/docs/business/counterparties
+  class Counterparty < Resource
+    not_allowed_to :update
+    coerce_with accounts: Revolut::BankAccount
+
+    def self.resource_name
+      "counterparty"
+    end
+
+    def self.resources_name
+      "counterparties"
+    end
+  end
+end

data/lib/revolut/resources/payment.rb

@@ -0,0 +1,22 @@
+require "forwardable"
+
+module Revolut
+  class Payment < Resource
+    only :create
+
+    class << self
+      extend Forwardable
+
+      # Delegate list, retrieve, and delete to the transactions resource
+      def_delegators :transactions, :list, :retrieve, :delete
+
+      def resource_name
+        "pay"
+      end
+
+      def transactions
+        Revolut::Transaction
+      end
+    end
+  end
+end

data/lib/revolut/resources/resource.rb

@@ -0,0 +1,125 @@
+module Revolut
+  class Resource
+    class << self
+      def create(**attrs)
+        check_not_allowed
+
+        response = http_client.post("/#{resource_name}", data: attrs)
+
+        body = response.body
+
+        return body.map(&self) if body.is_a?(Array)
+
+        new(body)
+      end
+
+      def retrieve(id)
+        check_not_allowed
+
+        response = http_client.get("/#{resource_name}/#{id}")
+
+        new(response.body)
+      end
+
+      def update(id, **attrs)
+        check_not_allowed
+
+        response = http_client.patch("/#{resource_name}/#{id}", data: attrs)
+
+        new(response.body)
+      end
+
+      def list(**)
+        check_not_allowed
+
+        response = http_client.get("/#{resources_name}", **)
+
+        response.body.map(&self)
+      end
+
+      def delete(id)
+        check_not_allowed
+
+        http_client.delete("/#{resource_name}/#{id}")
+
+        true
+      end
+
+      def to_proc
+        ->(attrs) { new(attrs) }
+      end
+
+      def skip_coertion_for(*attrs)
+        @skip_coertion_for ||= attrs
+      end
+
+      def coerce_with(**attrs)
+        @coerce_with ||= attrs
+      end
+
+      protected
+
+      def http_client
+        @http_client ||= Revolut::Client.instance
+      end
+
+      def resource_name
+        resources_name
+      end
+
+      def resources_name
+        raise Revolut::NotImplementedError, "Implement #resources_name in subclass"
+      end
+
+      def not_allowed_to(*attrs)
+        @not_allowed_to ||= attrs
+      end
+
+      def shallow
+        # Adding :shallow will make all other resource methods fail.
+        only :shallow
+      end
+
+      def only(*attrs)
+        @only ||= attrs
+      end
+
+      private
+
+      def check_not_allowed
+        method = caller(1..1).first.match(/`(\w+)'/)[1].to_sym
+        raise Revolut::Error, "`#{method}` is not allowed on this resource" if not_allowed_to.include?(method) || only.any? && !only.include?(method)
+      end
+    end
+
+    def to_json
+      @_raw.to_json
+    end
+
+    protected
+
+    def initialize(attrs = {})
+      @_raw = attrs
+
+      attrs.each do |key, value|
+        if self.class.skip_coertion_for.include?(key.to_sym)
+          instance_variable_set(:"@#{key}", value)
+        else
+          coerce_class = self.class.coerce_with[key.to_sym] || Revolut::Resource
+          coerced_value = if value.is_a?(Hash)
+            coerce_class.new(value)
+          elsif value.is_a?(Array)
+            value.map do |v|
+              v.is_a?(Hash) ? coerce_class.new(v) : v
+            end
+          else
+            value
+          end
+          instance_variable_set(:"@#{key}", coerced_value)
+        end
+      end
+
+      instance_variables.each { |iv| self.class.send(:attr_accessor, iv.to_s[1..].to_sym) }
+    end
+  end
+end

data/lib/revolut/resources/transaction.rb

@@ -0,0 +1,13 @@
+module Revolut
+  class Transaction < Resource
+    only :list, :retrieve, :delete
+
+    def self.resource_name
+      "transaction"
+    end
+
+    def self.resources_name
+      "transactions"
+    end
+  end
+end

data/lib/revolut/resources/transfer_reason.rb

@@ -0,0 +1,9 @@
+module Revolut
+  class TransferReason < Resource
+    only :list
+
+    def self.resources_name
+      "transfer-reasons"
+    end
+  end
+end

data/lib/revolut/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module Revolut
+  VERSION = "0.1.0"
+end

data/lib/revolut.rb

@@ -0,0 +1,79 @@
+# frozen_string_literal: true
+
+require "faraday"
+require "faraday/retry"
+
+require_relative "revolut/middlewares/catch_error"
+require_relative "revolut/version"
+require_relative "revolut/http"
+require_relative "revolut/client"
+require_relative "revolut/resources/resource"
+Dir[File.join(__dir__, "revolut", "resources", "*.rb")].each { |file| require file }
+
+# Load the authentication information from the environment variable REVOLUT_AUTH_JSON right away if possible.
+Revolut::Auth.load_from_env
+
+module Revolut
+  class Error < StandardError; end
+
+  class ConfigurationError < Error; end
+
+  class NotImplementedError < Error; end
+
+  class Configuration
+    attr_accessor :request_timeout, :global_headers, :environment
+    attr_writer :client_id, :signing_key, :iss, :authorize_redirect_uri
+    attr_reader :base_uri
+
+    DEFAULT_BASE_URI = "https://sandbox-b2b.revolut.com/api/1.0/"
+    DEFAULT_ENVIRONMENT = "sandbox"
+    DEFAULT_REQUEST_TIMEOUT = 120
+
+    def initialize
+      @request_timeout = DEFAULT_REQUEST_TIMEOUT
+      @global_headers = {}
+      @client_id = ENV["REVOLUT_CLIENT_ID"]
+      @signing_key = ENV["REVOLUT_SIGNING_KEY"]&.gsub("\\n", "\n")
+      @iss = ENV.fetch("REVOLUT_ISS", "example.com")
+      @authorize_redirect_uri = ENV["REVOLUT_AUTHORIZE_REDIRECT_URI"]
+      @environment = ENV.fetch("REVOLUT_ENVIRONMENT", DEFAULT_ENVIRONMENT).to_sym
+      @base_uri = (environment == :sandbox) ? "https://sandbox-b2b.revolut.com/api/1.0/" : "https://b2b.revolut.com/api/1.0/"
+    end
+
+    def client_id
+      @client_id || (raise ConfigurationError, "Revolut client_id missing!")
+    end
+
+    def signing_key
+      @signing_key || (raise ConfigurationError, "Revolut signing_key missing!")
+    end
+
+    def iss
+      @iss || (raise ConfigurationError, "Revolut iss missing!")
+    end
+
+    def authorize_redirect_uri
+      @authorize_redirect_uri || (raise ConfigurationError, "Revolut authorize_redirect_uri missing!")
+    end
+  end
+
+  class << self
+    attr_writer :config
+
+    def config
+      @config ||= Revolut::Configuration.new
+    end
+
+    def env
+      config.environment
+    end
+
+    def sandbox?
+      env == :sandbox
+    end
+
+    def configure
+      yield(config)
+    end
+  end
+end

data/sig/revolut/connect.rbs

@@ -0,0 +1,6 @@
+module Revolut
+  module Connect
+    VERSION: String
+    # See the writing guide of rbs: https://github.com/ruby/rbs#guides
+  end
+end

metadata

@@ -0,0 +1,116 @@
+--- !ruby/object:Gem::Specification
+name: revolut-connect
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Martin Mochetti
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2024-03-01 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: jwt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1'
+- !ruby/object:Gem::Dependency
+  name: faraday
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1'
+- !ruby/object:Gem::Dependency
+  name: faraday-retry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1'
+description: Revolut API connector for Ruby. This gem is not official and is not supported
+  by Revolut. Use at your own risk.
+email:
+- martin.mochetti@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".env.sample"
+- ".env.test"
+- ".rspec"
+- ".ruby-version"
+- ".standard.yml"
+- ".vscode/settings.json"
+- CHANGELOG.md
+- CODE_OF_CONDUCT.md
+- Gemfile
+- Gemfile.lock
+- LICENSE.txt
+- README.md
+- Rakefile
+- lib/revolut.rb
+- lib/revolut/client.rb
+- lib/revolut/http.rb
+- lib/revolut/middlewares/catch_error.rb
+- lib/revolut/resources/account.rb
+- lib/revolut/resources/auth.rb
+- lib/revolut/resources/bank_account.rb
+- lib/revolut/resources/counterparty.rb
+- lib/revolut/resources/payment.rb
+- lib/revolut/resources/resource.rb
+- lib/revolut/resources/transaction.rb
+- lib/revolut/resources/transfer_reason.rb
+- lib/revolut/version.rb
+- sig/revolut/connect.rbs
+homepage: https://github.com/moraki-finance/revolut-connect
+licenses:
+- MIT
+metadata:
+  homepage_uri: https://github.com/moraki-finance/revolut-connect
+  source_code_uri: https://github.com/moraki-finance/revolut-connect
+  changelog_uri: https://github.com/moraki-finance/revolut-connect/blob/main/CHANGELOG.md
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 3.0.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.2.3
+signing_key:
+specification_version: 4
+summary: Revolut non-official API connector
+test_files: []