revolut-connect 0.1.3 → 0.1.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3c3fcb46e2423e47f2597ae155daa4e0f86f0a861c4a862c04b7ca8e8064378d
-  data.tar.gz: aabf68cbbccf5c8e5e6c14bfb6ad329c45251e3621b0fc5c0f53373d3cf5e8ab
+  metadata.gz: 9010d58ab099e0739336f7645c70fa7f859aeb8742109a3f48459262221302b8
+  data.tar.gz: d53d5e9b0a475252d5b00eaf9984a8557c67b0e31d03eb80ea4f4f39fdacc0e8
 SHA512:
-  metadata.gz: 9687a994b4e4944c2f1148ddbd0d0a064655bbaf0534e230ff5367508f7a77cbe00f57dde98fa7a09811678448b4d1d4b03ca5a7a00874f8ec2ca52ee0d54bc8
-  data.tar.gz: fe4531d59a808adb461487693b146207ab5f54b254e2a07d1447448203cfba2cec9f19c06182aab41e36ce050951720f9548659c141b3306e17b0a1687f15a4c
+  metadata.gz: 638eea99c2401f8fcdf5053f4fcc664975c6e677bf67eca9a83747337bac1389138da6e8a4a8f9632552d1ef848084e6f003a324c3577a2875810989971c77e6
+  data.tar.gz: 4e6e92b18f575b031861890f8e7f93b0ea6070e0c9c7321a515e01e3ad52f72ce8a6250b9e9d969757fa5e5268b4bffff8423d6a104a32d3d3c13da7b4bb020b

data/Gemfile.lock

@@ -1,9 +1,9 @@
 PATH
   remote: .
   specs:
-    revolut-connect (0.1.3)
-      faraday (>= 1)
-      faraday-retry (>= 1)
+    revolut-connect (0.1.5)
+      faraday (>= 2)
+      faraday-retry (>= 2)
       jwt (>= 1)
 
 GEM

data/README.md

@@ -5,7 +5,7 @@
 |:-:|:-:|
 | [![Tests](https://github.com/moraki-finance/revolut-connect/actions/workflows/main.yml/badge.svg?branch=main)](https://github.com/moraki-finance/revolut-connect/actions/workflows/main.yml)  |  [![Codecov Coverage](https://codecov.io/github/moraki-finance/revolut-connect/graph/badge.svg?token=SKTT14JJGV)](https://codecov.io/github/moraki-finance/revolut-connect) |
 
-A lightweight API client for Revolut featuring authentication, permission scopes, token expiration and automatic renewal.
+A lightweight API client for Revolut featuring authentication, permission scopes, token expiration and automatic renewal, webhooks, webhook events, and much more!
 
 Revolut docs: <https://developer.revolut.com/>
 
@@ -22,6 +22,7 @@ _:warning: For now this connector only supports the [Business API](https://devel
 - `Payment`
 - `Transaction`
 - `TransferReason`
+- `Webhook`
 
 ## :construction: Roadmap
 
@@ -34,7 +35,6 @@ _:warning: For now this connector only supports the [Business API](https://devel
 - `Simulation` resource
 - `TeamMember` resource
 - `Transfer` resource
-- `Webhooks` resource
 
 ### Merchants API
 
@@ -160,9 +160,25 @@ Revolut.configure do |config|
   # Optional: The JWT for an already exchanged token.
   # Used to preload an existing auth token so that you don't have to exchange / renew it again.
   config.auth_json = ENV["REVOLUT_AUTH_JSON"]
+
+  # Optional: The revolut api version used. Generally used to hit the webhooks API as it requires api_version 2.0.
+  # Default: "1.0".
+  config.api_version = ENV["REVOLUT_API_VERSION"]
 end
 ```
 
+If you're setting the `auth_json` config, rembember to call `Revolut::Auth.load_from_env` right after the configuration is set so that the gem loads this JSON you just set:
+
+```rb
+Revolute.configure do |config|
+  ...
+  config.auth_json = ENV.fetch("REVOLUT_AUTH_JSON", nil)
+end
+
+# Load the `auth_json` value.
+Revolut::Auth.load_from_env
+```
+
 ### Resources
 
 #### Accounts

data/lib/revolut/client.rb

@@ -9,26 +9,27 @@ module Revolut
       token_duration
       scope
       authorize_redirect_uri
-      base_uri
+      api_version
       environment
       request_timeout
       global_headers
     ].freeze
 
-    attr_reader(*CONFIG_KEYS)
+    attr_reader(*CONFIG_KEYS, :base_uri)
 
-    def self.instance
-      @instance ||= new
-    end
-
-    private
-
-    def initialize
+    def initialize(**attrs)
       CONFIG_KEYS.each do |key|
         # Set instance variables like api_type & access_token. Fall back to global config
         # if not present.
-        instance_variable_set(:"@#{key}", Revolut.config.send(key))
+        instance_variable_set(:"@#{key}", attrs[key] || Revolut.config.send(key))
       end
+
+      @base_uri = (environment == :sandbox) ? "https://sandbox-b2b.revolut.com/api/#{api_version}/" : "https://b2b.revolut.com/api/#{api_version}/"
+    end
+
+    # Instance with all the defaults
+    def self.instance
+      @instance ||= new
     end
   end
 end

data/lib/revolut/http.rb

@@ -73,8 +73,8 @@ module Revolut
         # Request middlewares
         f.request content_type
         f.request :retry, { # Retries a request after refreshing the token if we get an UnauthorizedError
-          max: 1,
           exceptions: [Faraday::UnauthorizedError],
+          methods: Faraday::Retry::Middleware::IDEMPOTENT_METHODS + %i[post patch],
           retry_block: ->(env:, options:, retry_count:, exception:, will_retry_in:) {
             Revolut::Auth.refresh(force: true)
             env.request_headers = env.request_headers.merge("Authorization" => "Bearer #{Revolut::Auth.access_token}")

data/lib/revolut/resources/webhook.rb

@@ -0,0 +1,26 @@
+module Revolut
+  # Reference: https://developer.revolut.com/docs/business/counterparties
+  class Webhook < Resource
+    class << self
+      def resources_name
+        "webhooks"
+      end
+
+      def http_client
+        @http_client ||= Revolut::Client.new(api_version: "2.0")
+      end
+
+      def rotate_signing_secret(id, **data)
+        response = http_client.post("/#{resources_name}/#{id}/rotate-signing-secret", data:)
+
+        new(response.body)
+      end
+
+      def failed_events(id)
+        response = http_client.get("/#{resources_name}/#{id}/failed-events")
+
+        response.body.map(&Revolut::WebhookEvent)
+      end
+    end
+  end
+end

data/lib/revolut/resources/webhook_event.rb

@@ -0,0 +1,29 @@
+require "openssl"
+require "digest"
+
+module Revolut
+  class WebhookEvent < Resource
+    shallow # do not allow any resource operations on this resource
+
+    # Constructs a new instance of the WebhookEvent class from a request object and a signing secret.
+    #
+    # @param request [ActionDispatch::Request] The request object containing the webhook event data.
+    # @param signing_secret [String] The signing secret used to verify the signature of the webhook event.
+    # @return [WebhookEvent] A new instance of the WebhookEvent class.
+    # @raise [Revolut::SignatureVerificationError] If the signature verification fails.
+    def self.construct_from(request, signing_secret)
+      json = request.body.read
+      timestamp = request.headers["Revolut-Request-Timestamp"]
+      header_signature = request.headers["Revolut-Signature"]
+      payload_to_sign = "v1.#{timestamp}.#{json}"
+      digest = OpenSSL::Digest.new("sha256")
+      signature_digest = "v1=" + OpenSSL::HMAC.hexdigest(digest, signing_secret, payload_to_sign)
+
+      if signature_digest == header_signature
+        new(JSON.parse(json))
+      else
+        raise Revolut::SignatureVerificationError, "Signature verification failed"
+      end
+    end
+  end
+end

data/lib/revolut/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Revolut
-  VERSION = "0.1.3"
+  VERSION = "0.1.5"
 end

data/lib/revolut.rb

@@ -17,12 +17,13 @@ module Revolut
 
   class NotImplementedError < Error; end
 
+  class SignatureVerificationError < Error; end
+
   class Configuration
-    attr_accessor :request_timeout, :global_headers, :environment, :token_duration, :scope, :auth_json
+    attr_accessor :request_timeout, :global_headers, :environment, :token_duration, :scope, :auth_json, :api_version
     attr_writer :client_id, :signing_key, :iss, :authorize_redirect_uri
-    attr_reader :base_uri
 
-    DEFAULT_BASE_URI = "https://sandbox-b2b.revolut.com/api/1.0/"
+    DEFAULT_API_VERSION = "1.0"
     DEFAULT_ENVIRONMENT = "sandbox"
     DEFAULT_REQUEST_TIMEOUT = 120
     DEFAULT_TOKEN_DURATION = 120 # 2 minutes
@@ -37,8 +38,8 @@ module Revolut
       @token_duration = ENV.fetch("REVOLUT_TOKEN_DURATION", DEFAULT_TOKEN_DURATION)
       @auth_json = ENV["REVOLUT_AUTH_JSON"]
       @scope = ENV["REVOLUT_SCOPE"]
+      @api_version = ENV.fetch("REVOLUT_API_VERSION", DEFAULT_API_VERSION)
       @environment = ENV.fetch("REVOLUT_ENVIRONMENT", DEFAULT_ENVIRONMENT).to_sym
-      @base_uri = (environment == :sandbox) ? "https://sandbox-b2b.revolut.com/api/1.0/" : "https://b2b.revolut.com/api/1.0/"
     end
 
     def client_id

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: revolut-connect
 version: !ruby/object:Gem::Version
-  version: 0.1.3
+  version: 0.1.5
 platform: ruby
 authors:
 - Martin Mochetti
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-03-07 00:00:00.000000000 Z
+date: 2024-03-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jwt
@@ -30,28 +30,28 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '1'
+        version: '2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '1'
+        version: '2'
 - !ruby/object:Gem::Dependency
   name: faraday-retry
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '1'
+        version: '2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '1'
+        version: '2'
 description: Revolut API connector for Ruby. This gem is not official and is not supported
   by Revolut. Use at your own risk.
 email:
@@ -86,6 +86,8 @@ files:
 - lib/revolut/resources/resource.rb
 - lib/revolut/resources/transaction.rb
 - lib/revolut/resources/transfer_reason.rb
+- lib/revolut/resources/webhook.rb
+- lib/revolut/resources/webhook_event.rb
 - lib/revolut/version.rb
 - sig/revolut/connect.rbs
 homepage: https://github.com/moraki-finance/revolut-connect