scanpay 0.1.0 → 1.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 6093d5e45c3d89d5d0a00932332b77480fc9302f
-  data.tar.gz: 3816e82d5806ccf80cda78133eafb099e741a380
+  metadata.gz: 5ffa65f23cd1a8b6c6266024ba9d4b1f23c87c23
+  data.tar.gz: 15c61f463bbe53410e9ef42e055b854dbd9db854
 SHA512:
-  metadata.gz: 8c6efd2da4e67b56d8b9cbbe412d1517d1a2c6faf2b5c93143a58b914158c616a91a0c3c6304b1d3827cbedb6a790303cf420590b6ea89937787d3bbfc022223
-  data.tar.gz: 87d7e4fd38b66776004915cb3b7aa0cf77eb4a3399123b4cc332ade055c501c838daeb00808d34ef84b8377a9d679042224bb830320e4aaf7fabcfff866ddfcf
+  metadata.gz: 236a61508993ebfea15fda6c90b0b8b51b0236920d0e3e07ac048b4e26023a935b2196c89f8cf9834208a3e06c1b37104cf144a97690c2522ff66917d32bc203
+  data.tar.gz: f3218fdf758c3dfd77f10f653af61bffc310c1dae7eb82818d411f1f8a08ad7f99e3fab8ef2030d49a76cbc99d70bb99cf7c1d6277523e6651ba86151319f4d7

data/lib/scanpay.rb

@@ -1,72 +1,83 @@
-require 'net/http'
+# help@scanpay.dk || irc.scanpay.dk:6697 || scanpay.dk/slack
 require 'base64'
 require 'json'
 require 'openssl'
-require 'httpclient'
+require 'httpclient' # Thread-Safe. Consider https://github.com/httprb/http
 
 module Scanpay
-
-  class Error < Exception
-  end
+  class Error < StandardError; end
 
   class Client
-    @httpclient
+    @https
+    @headers
     @apikey
 
     def initialize(apikey)
-      @httpclient = HTTPClient.new
-      @httpclient.ssl_config.set_default_paths
+      @https = HTTPClient.new
+      @https.ssl_config.set_default_paths
+      @https.connect_timeout = 20 # seconds
       @apikey = apikey
+      @headers = {
+        'authorization' => 'basic ' + Base64.strict_encode64(apikey),
+        'x-sdk' => 'Ruby-1.0.0/' + RUBY_VERSION,
+        'content-type'  => 'application/json',
+      }
     end
 
-    def consttime_streq(a, b)
+    def timesafe_equals(a, b)
       return false if a.bytesize != b.bytesize
       neq = 0
       a.bytes.each_index { |i|
         neq |= a.bytes[i] ^ b.bytes[i];
       }
-      neq == 0
+      return neq === 0
     end
 
-    def request(uri, data, opts)
-      header = {
-        'Authorization' => 'Basic ' + Base64.strict_encode64(@apikey),
-        'X-Scanpay-SDK' => 'Ruby-1.0.0',
-        'Content-Type'  => 'application/json',
-      }
-      res = nil
-      if data == nil
-        res = @httpclient.get('https://api.scanpay.dk/v1' + uri, nil, header)
-      else
-        res = @httpclient.post('https://api.scanpay.dk/v1' + uri, data.to_json, header)
+    def request(path, data, opts={})
+      hostname = opts['hostname'] || 'api.scanpay.dk'
+      headers = @headers.clone
+
+      # Let merchant override HTTP headers
+      if opts.has_key? 'headers'
+        opts['headers'].each do |key, value|
+          headers[key.downcase] = value
+        end
       end
-      raise Error, 'Invalid API-key' if res.code == 403
-      raise Error, 'Unexpected http response code: ' + res.code.to_s unless res.code == 200
-      resobj = JSON.parse(res.body)
-      raise Error, 'Received error from Scanpay: ' + resobj['error'] if resobj['error'] != nil
-      resobj
+      res = (data === nil) ? @https.get('https://' + hostname + path, nil, headers) :
+            @https.post('https://' + hostname + path, data.to_json, headers)
+
+      return JSON.parse(res.body) if res.code == 200
+      raise Error, res.reason
     end
 
-    def newURL(data)
-      resobj = request('/new', data, nil)
-      if !resobj.has_key? 'url'
-        raise Error, 'Missing url field'
-      end
-      resobj['url']
+    # newURL: Create a new payment link
+    def newURL(data, opts={})
+      o = request('/v1/new', data, opts)
+      return o['url'] if o['url'].is_a? String
+      raise Error, 'invalid response from server'
     end
 
-    def seq(seqnum)
-      request('/seq/' + seqnum.to_s, nil, nil)
+    # seq: Get array of changes since the reqested sequence number
+    def seq(num, opts={})
+      if !num.is_a? Integer
+        raise ArgumentError, 'first argument is not an integer'
+      end
+      o = request('/v1/seq/' + num.to_s, nil, opts)
+      return o if (o['changes'].kind_of? Array) && (o['seq'].is_a? Integer)
+      raise Error, 'invalid response from server'
     end
 
-    def handlePing(body, signature)
-      myrawsig = OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha256'), @apikey, body || '')
-      mysig = Base64.strict_encode64(myrawsig)
-      raise Error, 'invalid signature' unless consttime_streq(mysig, signature || '')
-      resobj = JSON.parse(body)
-      raise Error, 'missing fields' unless [resobj['shopid'], resobj['seq']].all? { |i| i.is_a?(Integer) }
-      resobj
+    # handlePing: Convert body to JSON and validate signature
+    def handlePing(body='', signature='')
+      digest = OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha256'), @apikey, body)
+      is_valid = timesafe_equals(Base64.strict_encode64(digest), signature)
+      raise Error, 'invalid signature' unless is_valid
+
+      o = JSON.parse(body)
+      return o if (o['shopid'].is_a? Integer) && (o['seq'].is_a? Integer)
+      raise Error, 'invalid ping'
     end
-    private :request, :consttime_streq
+
+    private :request
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: scanpay
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 1.0.0
 platform: ruby
 authors:
 - Scanpay
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-02-28 00:00:00.000000000 Z
+date: 2017-12-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: httpclient
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.8'
+        version: '2.6'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.8'
+        version: '2.6'
 description: Accept payments with the Scanpay payment gateway. See https://scanpay.dk
   for more details.
 email: contact@scanpay.dk
@@ -31,16 +31,15 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".gitignore"
-- LICENSE
 - lib/scanpay.rb
-- tests/newURL.rb
-- tests/ping.rb
-- tests/seq.rb
-homepage: https://github.com/scanpaydk/ruby-scanpay
+homepage: https://scanpay.dk
 licenses:
 - MIT
-metadata: {}
+metadata:
+  bug_tracker_uri: https://github.com/scanpaydk/ruby-scanpay/issues
+  documentation_uri: https://docs.scanpay.dk
+  homepage_uri: https://scanpay.dk
+  source_code_uri: https://github.com/scanpaydk/ruby-scanpay
 post_install_message: 
 rdoc_options: []
 require_paths:
@@ -49,7 +48,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 2.0.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
@@ -57,11 +56,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.10
+rubygems_version: 2.5.2.1
 signing_key: 
 specification_version: 4
 summary: Ruby bindings for the Scanpay API
-test_files:
-- tests/newURL.rb
-- tests/ping.rb
-- tests/seq.rb
+test_files: []

data/.gitignore

@@ -1,50 +0,0 @@
-*.gem
-*.rbc
-/.config
-/coverage/
-/InstalledFiles
-/pkg/
-/spec/reports/
-/spec/examples.txt
-/test/tmp/
-/test/version_tmp/
-/tmp/
-
-# Used by dotenv library to load environment variables.
-# .env
-
-## Specific to RubyMotion:
-.dat*
-.repl_history
-build/
-*.bridgesupport
-build-iPhoneOS/
-build-iPhoneSimulator/
-
-## Specific to RubyMotion (use of CocoaPods):
-#
-# We recommend against adding the Pods directory to your .gitignore. However
-# you should judge for yourself, the pros and cons are mentioned at:
-# https://guides.cocoapods.org/using/using-cocoapods.html#should-i-check-the-pods-directory-into-source-control
-#
-# vendor/Pods/
-
-## Documentation cache and generated files:
-/.yardoc/
-/_yardoc/
-/doc/
-/rdoc/
-
-## Environment normalization:
-/.bundle/
-/vendor/bundle
-/lib/bundler/man/
-
-# for a library or gem, you might want to ignore these files since the code is
-# intended to run in multiple environments; otherwise, check them in:
-# Gemfile.lock
-# .ruby-version
-# .ruby-gemset
-
-# unless supporting rvm < 1.11.0 or doing something fancy, ignore this:
-.rvmrc

data/LICENSE

@@ -1,21 +0,0 @@
-MIT License
-
-Copyright (c) 2017 scanpay
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.

data/tests/newURL.rb

@@ -1,46 +0,0 @@
-require '../lib/scanpay'
-
-client = Scanpay::Client.new(' API KEY ')
-data = {
-    'orderid'    => 'a766409',
-    'language'   => 'da',
-    'successurl' => 'https://insertyoursuccesspage.dk',
-    'items'    => [
-        {
-            'name'     => 'Pink Floyd: The Dark Side Of The Moon',
-            'quantity' => 2,
-            'price'    => '99.99 DKK',
-            'sku'      => 'fadf23',
-        }, {
-            'name'     => '巨人宏偉的帽子',
-            'quantity' => 2,
-            'price'    => '420 DKK',
-            'sku'      => '124',
-        },
-    ],
-    'billing'  => {
-        'name'    => 'John Doe',
-        'company' => 'The Shop A/S',
-        'email'   => 'john@doe.com',
-        'phone'   => '+4512345678',
-        'address' => ['Langgade 23, 2. th'],
-        'city'    => 'Havneby',
-        'zip'     => '1234',
-        'state'   => '',
-        'country' => 'DK',
-        'vatin'   => '35413308',
-        'gln'     => '7495563456235',
-    },
-    'shipping' => {
-        'name'    => 'Jan Dåh',
-        'company' => 'The Choppa A/S',
-        'email'   => 'jan@doh.com',
-        'phone'   => '+4587654321',
-        'address' => ['Langgade 23, 1. th', 'C/O The Choppa'],
-        'city'    => 'Haveby',
-        'zip'     => '1235',
-        'state'   => '',
-        'country' => 'DK',
-    },
-}
-puts "Generated payment url: #{client.newURL(data)}"

data/tests/ping.rb

@@ -1,13 +0,0 @@
-require 'webrick'
-require '../lib/scanpay'
-
-client = Scanpay::Client.new(' API KEY ')
-
-server = WEBrick::HTTPServer.new :Port => 8080
-server.mount_proc '/' do |req, res|
-    ping = client.handlePing(req.body(), req.header['x-signature'][0])
-    puts 'Succesfully received ping: shopid=' + ping['shopid'].to_s + ', seq=' + ping['seq'].to_s
-end
-
-trap 'INT' do server.shutdown end
-server.start

data/tests/seq.rb

@@ -1,18 +0,0 @@
-require '../lib/scanpay'
-
-client = Scanpay::Client.new(' API KEY ')
-seqobj = client.seq(3)
-
-puts "After applying the changes your system will be at seq=#{seqobj['seq'].to_s}"
-puts "Listing transaction changes(#{seqobj['changes'].length}) since old seq:"
-seqobj['changes'].each do |trn|
-  puts "  Tranaction id: #{trn['id'].to_s}"
-  if trn['error']
-    puts "    Encountered error: #{trn['error']}"
-    next
-  end
-  puts "  Order id:      #{trn['orderid']}"
-  puts "  Authorized:    #{trn['totals']['authorized'].to_s}"
-  puts "  Captured:      #{trn['totals']['captured'].to_s}"
-  puts "  Refunded:      #{trn['totals']['refunded']}\n\n"
-end