RubyGems - reward_station - Versions diffs - 0.0.1 → 0.0.2 - Mend

reward_station 0.0.1 → 0.0.2

Files changed (31) hide show

data/.gitignore CHANGED Viewed

@@ -2,3 +2,4 @@
 .bundle
 Gemfile.lock
 pkg/*
+.idea

data/Gemfile CHANGED Viewed

@@ -1,8 +1,8 @@
 source :rubygems
-gemspec
+gem 'rake'
-gem 'savon', '0.9.6'
+gemspec
 group 'development' do
   gem 'rspec', '2.6.0'

data/README.md CHANGED Viewed

@@ -1,5 +1,126 @@
 ### Xceleration Reward Station
+Client library for Xceleration rewardstation.com service
 ## Basic Usage
+#Initialization
+    reward_station = RewardStation::Service.new :client_id => "112112", :client_password => "fsdftr#"
+# Return Token
+Request access token
+    token = reward_station.return_token
+# Award Points
+Update award points
+    user_id = "130"
+    points = 10
+    description = "Action 'Call to client' "
+    program_id = 90 # optional
+    point_reasond_code_id = 129 # optional
+    confirmation_number = reward_station.award_points user_id, points, description, program_id, point_reason_code_id
+# Create User
+    user_attributes = reward_station.create_user :organization_id => '150',
+                                                 :email => 'john5@company.com',
+                                                 :first_name => 'John',
+                                                 :last_name => 'Smith',
+                                                 :user_name => 'john5@company.com',
+                                                 :balance => 0
+    puts user_attributes.inspect
+    # {
+    #    :user_id => '6727',
+    #    :client_id => '100080',
+    #    :user_name => 'john5@company.com',
+    #    :email => 'john5@company.com',
+    #    :encrypted_password => nil,
+    #    :first_name => 'John',
+    #    :last_name => 'Smith',
+    #    :address_one => nil,
+    #    :address_two => nil,
+    #    :city => nil,
+    #    :state_code => nil,
+    #    :province => nil,
+    #    :postal_code => nil,
+    #    :country_code => 'USA',
+    #    :phone => nil,
+    #    :organization_id => '150',
+    #    :organization_name => nil,
+    #    :rep_type_id => '0',
+    #    :client_region_id => '0',
+    #
+    #    :is_active => true,
+    #    :point_balance => '0',
+    #    :manager_id => '0',
+    #    :error_message => nil
+    # }
+## Single-Sign-On
+Basic SSO logic implemented in SAML::AuthResponse class. Example usage of AuthResponse:
+#SessionController
+    require 'saml/auth_response'
+    class SessionController < ApplicationController
+      def create
+        @user_session = UserSession.new(params[:user_session])
+        if @user_session.save
+            if session[:saml_request].present?
+                sso_params(session[:saml_request], session[:relay_state], current_user)
+                session[:saml_request] = session[:relay_state] = nil
+                render :template => "session/signon"
+                return
+             ...
+            end
+          ...
+        end
+      end
+      def signon
+        if current_user.present?
+          sso_params(params[:SAMLRequest], params[:RelayState], current_user)
+          render :template => "session/signon"
+        else
+          session[:saml_request] = params[:SAMLRequest]
+          session[:relay_state] = params[:RelayState]
+          redirect_to signin_url
+        end
+      end
+      def destroy
+        current_user_session.destroy
+        redirect_to signin_url
+      end
+      protected
+      def sso_params saml_request, relay_state, user
+        @saml_response = SAML::AuthResponse.new(saml_request).response_url(user.xceleration_id)
+        @relay_state = relay_state
+      end
+    end
+# signon.html.erb
+    <html>
+      <body>
+        <form  id="sso_form" action="http://www6.rewardstation.net/sso/100080/AssertionService.aspx?binding=urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" method="post">
+          <input type="hidden" name="SAMLResponse" value="<%= @saml_response %>"/>
+          <input type="hidden" name="RelayState" value="<%= @relay_state %>"/>
+        </form>
+        <script type="text/javascript">
+          document.getElementById('sso_form').submit();
+        </script>
+      </body>
+    </html>

data/{spec/fixtures/savon/reward_station → lib/responses}/award_points/award_points.xml RENAMED Viewed

File without changes

data/{spec/fixtures/savon/reward_station → lib/responses}/award_points/award_points_invalid_token.xml RENAMED Viewed

File without changes

data/{spec/fixtures/savon/reward_station → lib/responses}/return_point_summary/return_point_summary.xml RENAMED Viewed

File without changes

data/{spec/fixtures/savon/reward_station → lib/responses}/return_point_summary/return_point_summary_invalid_token.xml RENAMED Viewed

File without changes

data/{spec/fixtures/savon/reward_station → lib/responses}/return_popular_products/return_popular_products.xml RENAMED Viewed

File without changes

data/{spec/fixtures/savon/reward_station → lib/responses}/return_popular_products/return_popular_products_invalid_token.xml RENAMED Viewed

File without changes

data/{spec/fixtures/savon/reward_station → lib/responses}/return_token/return_token.xml RENAMED Viewed

File without changes

data/{spec/fixtures/savon/reward_station → lib/responses}/return_token/return_token_invalid.xml RENAMED Viewed

File without changes

data/{spec/fixtures/savon/reward_station → lib/responses}/return_user/return_user.xml RENAMED Viewed

File without changes

data/{spec/fixtures/savon/reward_station → lib/responses}/return_user/return_user_invalid_token.xml RENAMED Viewed

File without changes

data/{spec/fixtures/savon/reward_station → lib/responses}/return_user/return_user_invalid_user.xml RENAMED Viewed

File without changes

data/{spec/fixtures/savon/reward_station → lib/responses}/update_user/create_user.xml RENAMED Viewed

File without changes

data/{spec/fixtures/savon/reward_station → lib/responses}/update_user/create_user_exists.xml RENAMED Viewed

File without changes

data/lib/reward_station.rb CHANGED Viewed

@@ -1 +1,10 @@
-require 'xceleration/reward_station'
+require 'savon'
+require "savon/mock"
+require 'savon/macros'
+require 'savon/mock_response'
+require 'reward_station/errors'
+require 'reward_station/service'

data/lib/reward_station/errors.rb ADDED Viewed

@@ -0,0 +1,31 @@
+module RewardStation
+  module NestingError
+    attr_reader :cause
+    def initialize message = nil, cause = $!
+      @cause = cause
+      super(message || cause && cause.message)
+    end
+    def set_backtrace bt
+      if cause
+        cause.backtrace.reverse.each do |line|
+          bt.last == line ? bt.pop : break
+        end
+        bt << "cause: #{cause.class.name}: #{cause}"
+        bt.concat cause.backtrace
+      end
+      super bt
+    end
+  end
+  class InvalidAccount < StandardError; end
+  class InvalidToken < StandardError; end
+  class InvalidUser < StandardError; end
+  class UserAlreadyExists < StandardError; end
+  class ConnectionError < StandardError
+    include NestingError
+  end
+end

data/lib/reward_station/service.rb ADDED Viewed

@@ -0,0 +1,167 @@
+module RewardStation
+  class Service
+    def initialize options = {}
+      [:client_id, :client_password].each do |arg|
+        raise ArgumentError, "Missing required option '#{arg}'" unless options.has_key? arg
+      end
+      @client_id = options[:client_id]
+      @client_password = options[:client_password]
+      @token = options[:token]
+      @organization_id = options[:organization_id]
+      @program_id = options[:program_id]
+      @point_reason_code_id = options[:point_reason_code_id]
+      if options[:new_token_callback]
+        raise ArgumentError, "new_token_callback option should be proc or lambda" unless options[:new_token_callback].is_a?(Proc)
+        @new_token_callback = options[:new_token_callback]
+      end
+      @mode = :default
+      if options[:mode]
+        raise ArgumentError, "supported modes :default and :mock" unless [:mock, :default].include?(options[:mode].to_sym)
+        @mode = options[:mode].to_sym
+      end
+    end
+    def new_token_callback &block
+      @new_token_callback = block
+    end
+    class << self
+      def client
+        @@client ||= Savon::Client.new do |wsdl|
+          wsdl.document = File.join(File.dirname(__FILE__), '..', 'wsdl', 'reward_services.xml')
+        end
+      end
+      def logger
+        @@logger ||= defined?(Rails) ? Rails.logger : Logger.new(STDOUT)
+      end
+    end
+    def logger
+      Service.logger
+    end
+    def return_token
+      result = request :return_token, :body => {
+          'AccountNumber' => @client_id,
+          'AccountCode' => @client_password
+      }
+      logger.info "xceleration token #{result[:token]}"
+      result[:token]
+    end
+    def return_user user_id
+      request_with_token(:return_user, :body => { 'UserID' => user_id} )[:user_profile]
+    end
+    def award_points user_id, points, description, program_id = nil, point_reason_code_id = nil
+      request_with_token(:award_points, :body => {
+          'UserID' => user_id,
+          'Points' => points,
+          'ProgramID' => program_id || @program_id,
+          'PointReasonCodeID' => point_reason_code_id || @point_reason_code_id,
+          'Description' => description
+      })[:confirmation_number]
+    end
+    def return_point_summary user_id
+      request_with_token(:return_point_summary, :body => {
+          'clientId' => @client_id,
+          'userId' => user_id
+      })[:point_summary_collection][:point_summary]
+    end
+    def update_user user_id, attrs = {}
+      organization_id = attrs[:organization_id] || @organization_id
+      email = attrs[:email] || ""
+      first_name = attrs[:first_name] || ""
+      last_name = attrs[:last_name] || ""
+      user_name = attrs[:user_name] || email
+      balance = attrs[:balance] || 0
+      request_with_token(:update_user , :body => {
+          'updateUser' => {
+              'UserID' => user_id,
+              'ClientID' => @client_id,
+              'UserName' => user_name,
+              'FirstName' => first_name,
+              'LastName' => last_name,
+              'CountryCode' => 'USA',
+              'Email' => email,
+              'IsActive' => true,
+              'PointBalance' => balance,
+              'OrganizationID' => organization_id
+          }
+      })[:update_user]
+    end
+    def create_user attrs = {}
+      update_user -1, attrs
+    end
+    def return_popular_products user_id
+      request_with_token(:return_popular_products , :body => { 'userId' => user_id} )[:products][:product]
+    end
+    protected
+    def mock?
+      @mode == :mock
+    end
+    def update_token
+      @token = return_token
+      @new_token_callback.call(@token) if @new_token_callback
+    end
+    def inject_token params = {}
+      (params[:body] ||= {})['Token'] = @token
+    end
+    def request_with_token method_name, params
+      update_token unless @token
+      inject_token params
+      request method_name, params
+    rescue InvalidToken
+      update_token
+      inject_token params
+      request method_name, params
+    end
+    def request method_name, params
+      if mock?
+        #TODO
+      end
+      response = Service.client.request(:wsdl, method_name , params).to_hash
+      logger.debug response.inspect
+      result = response[:"#{method_name}_response"][:"#{method_name}_result"]
+      unless (error_message = result.delete(:error_message).to_s).nil?
+        raise InvalidToken if error_message.start_with?("Invalid Token")
+        raise InvalidAccount if error_message.start_with?("Invalid Account Number")
+        raise InvalidUser if error_message.start_with?("Invalid User")
+        raise UserAlreadyExists if error_message.start_with?("User Name:") && error_message.end_with?("Please enter a different user name.")
+      end
+      result
+    rescue Savon::SOAP::Fault, Savon::HTTP::Error => ex
+      logger.error ex.to_s
+      logger.error ex.backtrace.inspect
+      raise ConnectionError.new
+    end
+  end
+end

data/lib/reward_station/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module RewardStation
-  VERSION = "0.0.1"
+  VERSION = "0.0.2"
 end

data/lib/saml/auth_response.rb ADDED Viewed

@@ -0,0 +1,174 @@
+module SAML
+  class AuthResponse
+    attr_accessor :request, :document, :logger
+    include Onelogin::Saml::Codeing
+    def initialize(request, logger = nil)
+      raise ArgumentError.new("Response cannot be nil") if request.nil?
+      self.logger = logger || ActiveRecord::Base.logger
+      self.request = inflate(decode(request))
+      self.document = Nokogiri::XML(self.request)
+    end
+    def get_sp_response_to
+      document.xpath("//samlp:AuthnRequest").first["ID"]
+    end
+    def get_sp_destination
+      Settings.sso.sp_destination
+    end
+    def get_idp_issuer
+      Settings.host
+    end
+#    def get_sp_audience
+#      Settings.sso.sp_audience
+#    end
+#
+    def xml_time_format time
+      time.strftime("%Y-%m-%dT%H:%M:%SZ")
+    end
+    def response_url(name_id, params={})
+      prepared_result = create(name_id)
+      base64_request = encode(prepared_result)
+#      deflated_request = deflate(create(name_id))
+#      base64_request = encode(deflated_request)
+      base64_request.gsub!(/\s/,"")
+#      encoded_response = escape(base64_request)
+#
+#      encoded_response
+##      request_params = "?SAMLResponse=" + encoded_response
+#
+#      params.each_pair do |key, value|
+#        request_params << "&#{key}=#{escape(value.to_s)}"
+#      end
+#      Settings.sso.sp_destination+ request_params
+    end
+    def create(name_id)
+      time_line = Time.now.utc
+      request_id = UUID.new.generate
+      assert_id = UUID.new.generate
+      time = xml_time_format(time_line)
+      assertion = build_assertion_content(name_id, assert_id, time_line)
+#      assertion_parsed = Nokogiri::XML(assertion)
+#      assertion_parsed.xpath("//saml:Assertion//saml:Issuer").first.add_next_sibling(make_signature(assertion, assert_id))
+      response = Builder::XmlMarkup.new
+      response.tag!('samlp:Response', {"xmlns:samlp" => "urn:oasis:names:tc:SAML:2.0:protocol",
+                                       "xmlns:saml" => "urn:oasis:names:tc:SAML:2.0:assertion",
+                                       "xmlns:ds" => "http://www.w3.org/2000/09/xmldsig#",
+                                       "ID" => request_id,
+                                       "Version" => "2.0",
+                                       "InResponseTo" => get_sp_response_to,
+                                       "IssueInstant" => time,
+                                       "Destination" => get_sp_destination}) do
+        response.tag!("saml:Issuer", get_idp_issuer)
+        response.tag!("samlp:Status") do
+          response.tag!("samlp:StatusCode", "Value" => "urn:oasis:names:tc:SAML:2.0:status:Success")
+        end
+        response << build_assertion_content(name_id, assert_id, time_line, make_signature(assertion, assert_id))
+        #todo if insert node this way - need to canonicalize. nokogiri 1.4.4 has no possibility to do it. only it's branch can do it:(
+#        response << assertion_parsed.xpath("//saml:Assertion").canonicalize.to_s
+      end
+      response.target!
+    end
+    def build_assertion_content(name_id, assert_id, time_line, sign =nil)
+      time_and_ten = xml_time_format(time_line + 10.minutes)
+      time = xml_time_format(time_line)
+      xml = Builder::XmlMarkup.new
+      xml.tag!('saml:Assertion', {"xmlns:saml"=>"urn:oasis:names:tc:SAML:2.0:assertion", "ID"=>assert_id, "Version"=>"2.0", "IssueInstant"=> time}) do
+        xml.tag!("saml:Issuer", get_idp_issuer)
+        xml << sign if sign.present?
+        xml.tag! "saml:Subject" do
+          xml.tag!("saml:NameID", {"Format"=>"urn:oasis:names:tc:SAML:2.0:nameid-format:transient"}, name_id)
+          xml.tag!("saml:SubjectConfirmation", {"Method" => "urn:oasis:names:tc:SAML:2.0:cm:bearer"}) do
+            xml.tag!("saml:SubjectConfirmationData", {"InResponseTo" => get_sp_response_to, "Recipient" => get_sp_destination, "NotOnOrAfter" => time_and_ten})
+          end
+        end
+#        xml.tag!("saml:Conditions", {"NotBefore" => time, "NotOnOrAfter" => time_and_ten}) do
+#          xml.tag!("saml:AudienceRestriction") do
+#            xml.tag!("saml:Audience", get_sp_audience)
+#          end
+#        end
+        xml.tag!("saml:AuthnStatement", {"AuthnInstant" => time, "SessionIndex" => assert_id}) do
+          xml.tag!("saml:AuthnContext") do
+            xml.tag!("saml:AuthnContextClassRef", "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport")
+          end
+        end
+      end
+      xml.target!
+    end
+    def make_signature(assertion, assert_id)
+      certificate = File.read("#{Rails.root}/config/cert/#{Rails.env}/idp.ignite.com.crt")
+#      certificate = File.read("#{Rails.root}/config/cert/development/IdpCertificate.cer")
+      certificate.gsub!("-----BEGIN CERTIFICATE-----", "")
+      certificate.gsub!("-----END CERTIFICATE-----", "")
+      sign_info_xml_builder = Builder::XmlMarkup.new
+      sign_info_xml_builder.tag!("ds:SignedInfo", {"xmlns:ds"=>"http://www.w3.org/2000/09/xmldsig#"}) do
+        sign_info_xml_builder.tag!("ds:CanonicalizationMethod", {"Algorithm"=>"http://www.w3.org/2001/10/xml-exc-c14n#"})
+        sign_info_xml_builder.tag!("ds:SignatureMethod", {"Algorithm"=>"http://www.w3.org/2000/09/xmldsig#rsa-sha1"})
+        sign_info_xml_builder.tag!("ds:Reference", {"URI" => "##{assert_id}"}) do
+          sign_info_xml_builder.tag!("ds:Transforms") do
+            sign_info_xml_builder.tag!("ds:Transform", {"Algorithm"=>"http://www.w3.org/2000/09/xmldsig#enveloped-signature"})
+            sign_info_xml_builder.tag!("ds:Transform", {"Algorithm"=>"http://www.w3.org/2001/10/xml-exc-c14n#"})
+          end
+          sign_info_xml_builder.tag!("ds:DigestMethod", {"Algorithm"=>"http://www.w3.org/2000/09/xmldsig#sha1"})
+          sign_info_xml_builder.tag!("ds:DigestValue", {"URI" => assert_id}, signature_digest_value(assertion))
+        end
+      end
+      sign_info_xml = sign_info_xml_builder.target!
+      s_value = signature_sign_value(sign_info_xml)
+      xml = Builder::XmlMarkup.new
+      xml.tag!('ds:Signature', {"xmlns:ds" => "http://www.w3.org/2000/09/xmldsig#"}) do
+        xml << sign_info_xml
+        xml.tag!("ds:SignatureValue", {"xmlns:ds" => "http://www.w3.org/2000/09/xmldsig#"}, s_value)
+        xml.tag!('ds:KeyInfo') do
+          xml.tag!('ds:X509Data') do
+            xml.tag!('ds:X509Certificate', certificate)
+          end
+        end
+      end
+      xml.target!
+    end
+    def signature_sign_value(xml)
+      document = XMLSecurity::SignedDocument.new(xml)
+      canoner = XML::Util::XmlCanonicalizer.new(false, true)
+      signed_info_element = REXML::XPath.first(document, "//ds:SignedInfo", {"ds"=>"http://www.w3.org/2000/09/xmldsig#"})
+      canon_string = canoner.canonicalize(signed_info_element)
+#      private_key = OpenSSL::PKey::RSA.new(File.read("#{Rails.root}/config/cert/#{Rails.env}/idp.ignite.com.key"))
+      #private_key = OpenSSL::PKey::RSA.new(File.read("#{Rails.root}/config/cert/development/SPkey.key"))
+      private_key = OpenSSL::PKey::RSA.new(File.read("#{Rails.root}/config/cert/development/IgniteKeyDecrypted.key"))
+      sig = private_key.sign(OpenSSL::Digest::SHA1.new, canon_string)
+      Base64.encode64(sig).chomp
+    end
+    def signature_digest_value(xml)
+      document = XMLSecurity::SignedDocument.new(xml)
+      canoner = XML::Util::XmlCanonicalizer.new(false, true)
+      canon_hashed_element = canoner.canonicalize(document)
+      Base64.encode64(Digest::SHA1.digest(canon_hashed_element)).chomp
+    end
+  end
+end