simplify 1.0.1 → 1.1.0

data/lib/simplify/payment.rb

@@ -33,12 +33,28 @@ module Simplify
 #
 class Payment < Hash
 
-    # Public key used to access the API.
-    attr_accessor :public_key
+    # Authentication object used to access the API (See Simplify::Authentication for details)
+    attr_accessor :authentication
 
-    # Private key used to access the API.
-    attr_accessor :private_key
+    # Returns the public key used when accessing this object. <b>Deprecated: please use 'authentication' instead.</b>
+    def public_key
+        return self.authentication.public_key
+    end
 
+    # Sets the public key used when accessing this object. <b>Deprecated: please use 'authentication' instead.</b>
+    def public_key=(k)
+        return self.authentication.public_key = k
+    end
+
+    # Returns the private key used when accessing this object. <b>Deprecated: please use 'authentication' instead.</b>
+    def private_key
+        return self.authentication.private_key
+    end
+
+    # Sets the private key used when accessing this object. <b>Deprecated: please use 'authentication' instead.</b>
+    def private_key=(k)
+        return self.authentication.private_key = k
+    end
 
 
     # Creates an Payment object
@@ -59,23 +75,17 @@ class Payment < Hash
     # * <code>currency</code>    Currency code (ISO-4217) for the transaction. Must match the currency associated with your account. <b>required </b><b>default:USD</b>
     # * <code>customer</code>    ID of customer. If specified, card on file of customer will be used. 
     # * <code>description</code>    Custom naming of payment for external systems to use. 
+    # * <code>reference</code>    Custom reference field to be used with outside systems. 
     # * <code>token</code>    If specified, card associated with card token will be used. 
-    # public_key:: Public to use for the API call. If nil, the value of Simplify::public_key will be used.
-    # private_key:: Private key to use for the API call. If nil, the value of Simplify::private_key will be used.
+    # auth:: Authentication information used for the API call.  If no value is passed the global keys Simplify::public_key and Simplify::private_key are used.  For backwards compatibility the public and private keys may be passed instead of the authentication object.
     # Returns a Payment object.
-    def self.create(parms, public_key = nil, private_key = nil)
-        if public_key == nil then
-            public_key = Simplify::public_key
-        end
-        if private_key == nil then
-            private_key = Simplify::private_key
-        end
-
-        h = Simplify::PaymentsApi.execute("payment", 'create', parms, public_key, private_key)
+    def self.create(parms, *auth)
+
+        auth_obj = Simplify::PaymentsApi.create_auth_object(auth)
+        h = Simplify::PaymentsApi.execute("payment", 'create', parms, auth_obj)
         obj = Payment.new()
-        obj.public_key = public_key
-        obj.private_key = private_key
-        obj = obj.merge(h)
+        obj.authentication = auth_obj
+        obj = obj.merge!(h)
         obj
     end
 
@@ -85,24 +95,16 @@ class Payment < Hash
     # * <code>max</code>    Allows up to a max of 50 list items to return.  <b>default:20</b>
     # * <code>offset</code>    Used in paging of the list.  This is the start offset of the page.  <b>default:0</b>
     # * <code>sorting</code>    Allows for ascending or descending sorting of the list. The value maps properties to the sort direction (either <code>asc</code> for ascending or <code>desc</code> for descending).  Sortable properties are: <code> dateCreated</code><code> amount</code><code> id</code><code> description</code><code> paymentDate</code>. 
-    # public_key:: Public to use for the API call. If nil, the value of Simplify::public_key will be used.
-    # private_key:: Private key to use for the API call. If nil, the value of Simplify::private_key will be used.
+    # auth:: Authentication information used for the API call.  If no value is passed the global keys Simplify::public_key and Simplify::private_key are used.  For backwards compatibility the public and private keys may be passed instead of the authentication object.
     # Returns an object where the <code>list</code> property contains the list of Payment objects and the <code>total</code>
     # property contains the total number of Payment objects available for the given criteria.
-    def self.list(criteria = nil, public_key = nil, private_key = nil)
+    def self.list(criteria = nil, *auth)
 
-        if public_key == nil then
-            public_key = Simplify::public_key
-        end
-        if private_key == nil then
-           private_key = Simplify::private_key
-        end
-
-        h = Simplify::PaymentsApi.execute("payment", 'list', criteria, public_key, private_key)
+        auth_obj = Simplify::PaymentsApi.create_auth_object(auth)
+        h = Simplify::PaymentsApi.execute("payment", 'list', criteria, auth_obj)
         obj = Payment.new()
-        obj.public_key = public_key
-        obj.private_key = private_key
-        obj = obj.merge(h)
+        obj.authentication = auth_obj
+        obj = obj.merge!(h)
         obj
 
     end
@@ -110,22 +112,15 @@ class Payment < Hash
     # Retrieve a Payment object from the API
     #
     # id:: ID of object to retrieve
-    # public_key:: Public to use for the API call. If nil, the value of Simplify::public_key will be used.
-    # private_key:: Private key to use for the API call. If nil, the value of Simplify::private_key will be used.
+    # auth:: Authentication information used for the API call.  If no value is passed the global keys Simplify::public_key and Simplify::private_key are used.  For backwards compatibility the public and private keys may be passed instead of the authentication object.
     # Returns a Payment object.
-    def self.find(id, public_key = nil, private_key = nil)
-        if public_key == nil then
-             public_key = Simplify::public_key
-        end
-        if private_key == nil then
-            private_key = Simplify::private_key
-        end
-
-        h = Simplify::PaymentsApi.execute("payment", 'show', {"id" => id}, public_key, private_key)
+    def self.find(id, *auth)
+
+        auth_obj = Simplify::PaymentsApi.create_auth_object(auth)
+        h = Simplify::PaymentsApi.execute("payment", 'show', {"id" => id}, auth_obj)
         obj = Payment.new()
-        obj.public_key = public_key
-        obj.private_key = private_key
-        obj = obj.merge(h)
+        obj.authentication = auth_obj
+        obj = obj.merge!(h)
         obj
     end
 

data/lib/simplify/paymentsapi.rb

@@ -31,6 +31,7 @@ require 'open-uri'
 require 'json'
 require 'hmac-sha2'
 require 'securerandom'
+require 'simplify/authentication'
 require 'simplify/apiexception'
 require 'simplify/constants'
 require 'simplify/event'
@@ -41,6 +42,7 @@ module Simplify
   @@private_key = nil
   @@api_base_live_url = Constants::api_base_live_url
   @@api_base_sandbox_url = Constants::api_base_sandbox_url
+  @@oauth_base_url = Constants::oauth_base_url
   @@user_agent = nil
 
 
@@ -84,6 +86,16 @@ module Simplify
     @@api_base_sandbox_url = url
   end
 
+  # Returns the base URL for the OAuth API.
+  def self.oauth_base_url
+    @@oauth_base_url
+  end
+
+  # Sets the base URL for the OAuth API.
+  def self.oauth_base_url=(url)
+    @@oauth_base_url = url
+  end
+
   # Returns the user agent value sent in requests to the API.
   def self.user_agent
     @@user_agent
@@ -104,6 +116,8 @@ module Simplify
     @@JWS_HDR_URI            = 'api.simplifycommerce.com/uri'
     @@JWS_HDR_TIMESTAMP      = 'api.simplifycommerce.com/timestamp'
     @@JWS_HDR_NONCE          = 'api.simplifycommerce.com/nonce'
+    @@JWS_HDR_TOKEN          = "api.simplifycommerce.com/token";
+
     @@JWS_TIMESTAMP_MAX_DIFF = 1000 * 60 * 5   # 5 minutes
 
     @@HTTP_SUCCESS  = 200
@@ -112,29 +126,59 @@ module Simplify
     @@HTTP_NOT_FOUND = 404
     @@HTTP_NOT_ALLOWED = 405
     @@HTTP_BAD_REQUEST = 400
+    @@HTTP_SERVER_ERROR = 500
+
+    def self.create_auth_object(auth)
+
+      case auth.length
+          when 0
+              auth_obj = Authentication.new(:public_key => Simplify::public_key, :private_key => Simplify::private_key)
+          when 1
+              auth_obj = auth[0]
+              if ! auth_obj.is_a? Authentication
+                  raise ArgumentError.new("Invalid Authentication object passed")
+              end
+          when 2
+              # Deprecated case where public and private keys are passed
+              public_key = auth[0]
+              if public_key == nil
+                 public_key = Simplify::public_key
+              end
+              private_key = auth[1]
+              if private_key == nil
+                 private_key = Simplify::private_key
+              end
+              auth_obj = Authentication.new(:public_key => public_key, :private_key => private_key)
+          else
+              raise ArgumentError.new("Invalid authentication arguments passed")
+      end
 
-    def self.execute(type, action, objectMap, public_key = nil, private_key = nil)
+      return auth_obj
+    end
 
-      if public_key == nil
-          public_key = Simplify::public_key
+    def self.check_auth(auth)
+      if auth == nil
+          raise ArgumentError.new("Missing authentication object")
       end
 
-      if public_key == nil
-           raise ArgumentError.new("Must have a valid public key to connect to the API")
+      if auth.public_key == nil
+          raise ArgumentError.new("Must have a valid public key to connect to the API")
       end
 
-      if private_key == nil
-          private_key = Simplify::private_key
+      if auth.private_key == nil
+          raise ArgumentError.new("Must have a valid private key to connect to the API")
       end
+    end
 
-      if private_key == nil
-           raise ArgumentError.new("Must have a valid API key to connect to the API", nil, nil)
-      end
+
+    def self.execute(type, action, objectMap, auth)
+
+      check_auth(auth)
 
       content_type = 'application/json'
-      url = build_url(get_base_url(public_key), type, action, objectMap)
+      url = build_url(get_base_url(auth.public_key), type, action, objectMap)
 
-      signature = jws_encode(public_key,  private_key, url, objectMap, action == 'update' || action == 'create')
+      signature = jws_encode(auth, url, objectMap, action == 'update' || action == 'create')
 
       opts = case action
       when 'show', 'projections' then
@@ -190,7 +234,7 @@ module Simplify
         end
 
         if e.response.code == @@HTTP_REDIRECTED
-            raise BadRequestException.new("Unexpected response code returned from the API, have you got the correct URL?", responseCode, e.response.code, errorData)
+            raise BadRequestException.new("Unexpected response code returned from the API, have you got the correct URL?", e.response.code, errorData)
         elsif e.response.code == @@HTTP_BAD_REQUEST
             raise BadRequestException.new("Bad request", e.response.code, errorData)
         elsif e.response.code == @@HTTP_UNAUTHORIZED
@@ -199,7 +243,7 @@ module Simplify
             raise ObjectNotFoundException.new("Object not found", e.response.code, errorData)
         elsif e.response.code == @@HTTP_NOT_ALLOWED
             raise NotAllowedException.new("Operation not allowed", e.response.code, errorData)
-        elsif e.response.code < 500
+        elsif e.response.code < @@HTTP_SERVER_ERROR
             raise BadRequestException.new("Bad request", e.response.code, errorData)
         else
             raise SystemException.new("An unexpected error has been raised.  Looks like there's something wrong at our end.", e.response.code, errorData)
@@ -207,6 +251,78 @@ module Simplify
       end
     end
 
+
+    def self.send_auth_request(props, context, auth)
+
+      check_auth(auth)
+
+      content_type = 'application/json'
+
+      url = "#{Simplify::oauth_base_url}/#{context}"
+
+      signature = oauth_jws_encode(auth, url, props)
+
+      opts = {
+        :method => 'POST',
+        :payload => signature
+      }
+
+      user_agent = "Ruby-SDK/#{Constants::version}"
+      if Simplify::user_agent != nil
+          user_agent = "#{user_agent} #{Simplify::user_agent}"
+      end
+
+      opts = opts.merge({
+        :url => url,
+        :headers => {
+          'Content-Type' => content_type,
+          'Accept' => 'application/json',
+          'User-Agent' => user_agent
+        }.merge(opts[:headers] || {})
+      })
+
+      begin
+        response = RestClient::Request.execute(opts)
+        JSON.parse(response.body)
+      rescue RestClient::Exception => e
+
+        begin
+           errorData = JSON.parse(e.response.body)
+        rescue JSON::ParserError => e2
+           raise ApiException.new("Unknown error", nil, nil)
+        end
+
+        if e.response.code == @@HTTP_REDIRECTED
+            raise BadRequestException.new("Unexpected response code returned from the API, have you got the correct URL?", e.response.code, {})
+        elsif e.response.code >= @@HTTP_BAD_REQUEST and e.response.code < @@HTTP_SERVER_ERROR
+            error_code = errorData['error']
+            error_desc = errorData['error_description']
+            if (error_code == 'invalid_request')
+                raise BadRequestException.new("", e.response.code, get_oauth_error("Error during OAuth request", error_code, error_desc))
+            elsif (error_code == 'access_denied')
+                raise AuthenticationException.new("", e.response.code, get_oauth_error("Access denied for OAuth request", error_code, error_desc))
+            elsif (error_code == 'invalid_client')
+                raise AuthenticationException.new("", e.response.code, get_oauth_error("Invalid client ID in OAuth request", error_code, error_desc))
+            elsif (error_code == 'unauthorized_client')
+                raise AuthenticationException.new("", e.response.code, get_oauth_error("Unauthorized client in OAuth request", error_code, error_desc))
+            elsif (error_code == 'unsupported_grant_type')
+                raise BadRequestException.new("", e.response.code, get_oauth_error("Unsupported grant type in OAuth request", error_code, error_desc))
+            elsif (error_code == 'invalid_scope')
+                raise BadRequestException.new("", e.response.code, get_oauth_error("Invalid scope in OAuth request", error_code, error_desc))
+            else
+                raise BadRequestException.new("", e.response.code, get_oauth_error("Unknown OAuth error", error_code, error_desc))
+            end
+        else
+            raise SystemException.new("An unexpected error has been raised.  Looks like there's something wrong at our end.", e.response.code, nil)
+        end
+      end
+
+    end
+
+    def self.get_oauth_error(msg, error_code, error_desc)
+        error_data = {'error' => {'code' => 'oauth_error', 'message' => "#{msg}, error code '#{error_code}', description '#{error_desc}'"}}
+    end
+
     def self.build_url(base_url, type, action, objectMap)
       parts = []
       parts << base_url
@@ -256,15 +372,20 @@ module Simplify
 
     end
 
-    def self.jws_encode(public_key, private_key, url, objectMap, hasPayload)
+    def self.jws_encode(auth, url, objectMap, hasPayload)
 
         jws_hdr = {'typ' => @@JWS_TYPE,
                    'alg' => @@JWS_ALGORITHM,
-                   'kid' => public_key,
+                   'kid' => auth.public_key,
 		            @@JWS_HDR_URI => url,
 		            @@JWS_HDR_TIMESTAMP => Time.now.to_i * 1000,
        		        @@JWS_HDR_NONCE => SecureRandom.hex }
 
+        token = auth.access_token
+        if token != nil && !token.empty?
+            jws_hdr[@@JWS_HDR_TOKEN] = token
+        end
+
         hdr = urlsafe_encode64(jws_hdr.to_json)
 
         payload = ''
@@ -273,19 +394,30 @@ module Simplify
         end
 
         msg = hdr + '.' + payload
-        return msg + '.' + jws_sign(private_key, msg)
+        return msg + '.' + jws_sign(auth.private_key, msg)
 
     end
 
-    def self.jws_decode(params, public_key, private_key)
+    def self.oauth_jws_encode(auth, url, props)
 
-      if public_key == nil
-           raise ArgumentError.new("Must have a valid public key to connect to the API")
-      end
+        jws_hdr = {'typ' => @@JWS_TYPE,
+                   'alg' => @@JWS_ALGORITHM,
+                   'kid' => auth.public_key,
+		            @@JWS_HDR_URI => url,
+		            @@JWS_HDR_TIMESTAMP => Time.now.to_i * 1000,
+       		        @@JWS_HDR_NONCE => SecureRandom.hex }
 
-      if private_key == nil
-           raise ArgumentError.new("Must have a valid API key to connect to the API")
-      end
+        hdr = urlsafe_encode64(jws_hdr.to_json)
+
+        msg = hdr + '.' + urlsafe_encode64(props.map{|k,v| "#{k}=#{v}"}.join('&'))
+
+        return msg + '.' + jws_sign(auth.private_key, msg)
+
+    end
+
+    def self.jws_decode(params, auth)
+
+      check_auth(auth)
 
       payload = params['payload']
       if payload == nil 
@@ -304,8 +436,8 @@ module Simplify
 	    header = urlsafe_decode64(data[0])
 	    payload = urlsafe_decode64(data[1])
 
-	    jws_verify_header(header, params['url'], public_key)
-	    if !jws_verify_signature(private_key, msg, data[2])
+	    jws_verify_header(header, params['url'], auth.public_key)
+	    if !jws_verify_signature(auth.private_key, msg, data[2])
 	       jws_auth_error("JWS signature does not match")
 	    end
 	    

data/lib/simplify/plan.rb

@@ -33,12 +33,28 @@ module Simplify
 #
 class Plan < Hash
 
-    # Public key used to access the API.
-    attr_accessor :public_key
+    # Authentication object used to access the API (See Simplify::Authentication for details)
+    attr_accessor :authentication
 
-    # Private key used to access the API.
-    attr_accessor :private_key
+    # Returns the public key used when accessing this object. <b>Deprecated: please use 'authentication' instead.</b>
+    def public_key
+        return self.authentication.public_key
+    end
 
+    # Sets the public key used when accessing this object. <b>Deprecated: please use 'authentication' instead.</b>
+    def public_key=(k)
+        return self.authentication.public_key = k
+    end
+
+    # Returns the private key used when accessing this object. <b>Deprecated: please use 'authentication' instead.</b>
+    def private_key
+        return self.authentication.private_key
+    end
+
+    # Sets the private key used when accessing this object. <b>Deprecated: please use 'authentication' instead.</b>
+    def private_key=(k)
+        return self.authentication.private_key = k
+    end
 
 
     # Creates an Plan object
@@ -48,28 +64,21 @@ class Plan < Hash
     # * <code>currency</code>    Currency code (ISO-4217) for the plan. Must match the currency associated with your account. <b>required </b><b>default:USD</b>
     # * <code>frequency</code>    Frequency of payment for the plan. Example: Monthly <b>required </b>
     # * <code>name</code>    Name of the plan <b>required </b>
-    # public_key:: Public to use for the API call. If nil, the value of Simplify::public_key will be used.
-    # private_key:: Private key to use for the API call. If nil, the value of Simplify::private_key will be used.
+    # auth:: Authentication information used for the API call.  If no value is passed the global keys Simplify::public_key and Simplify::private_key are used.  For backwards compatibility the public and private keys may be passed instead of the authentication object.
     # Returns a Plan object.
-    def self.create(parms, public_key = nil, private_key = nil)
-        if public_key == nil then
-            public_key = Simplify::public_key
-        end
-        if private_key == nil then
-            private_key = Simplify::private_key
-        end
-
-        h = Simplify::PaymentsApi.execute("plan", 'create', parms, public_key, private_key)
+    def self.create(parms, *auth)
+
+        auth_obj = Simplify::PaymentsApi.create_auth_object(auth)
+        h = Simplify::PaymentsApi.execute("plan", 'create', parms, auth_obj)
         obj = Plan.new()
-        obj.public_key = public_key
-        obj.private_key = private_key
-        obj = obj.merge(h)
+        obj.authentication = auth_obj
+        obj = obj.merge!(h)
         obj
     end
 
     # Delete this object
     def delete()
-        h = Simplify::PaymentsApi.execute("plan", 'delete', self, self.public_key, self.private_key)
+        h = Simplify::PaymentsApi.execute("plan", 'delete', self, self.authentication)
         self.merge!(h)
         self
     end
@@ -80,24 +89,16 @@ class Plan < Hash
     # * <code>max</code>    Allows up to a max of 50 list items to return.  <b>default:20</b>
     # * <code>offset</code>    Used in paging of the list.  This is the start offset of the page.  <b>default:0</b>
     # * <code>sorting</code>    Allows for ascending or descending sorting of the list. The value maps properties to the sort direction (either <code>asc</code> for ascending or <code>desc</code> for descending).  Sortable properties are: <code> dateCreated</code><code> amount</code><code> frequency</code><code> name</code><code> id</code>. 
-    # public_key:: Public to use for the API call. If nil, the value of Simplify::public_key will be used.
-    # private_key:: Private key to use for the API call. If nil, the value of Simplify::private_key will be used.
+    # auth:: Authentication information used for the API call.  If no value is passed the global keys Simplify::public_key and Simplify::private_key are used.  For backwards compatibility the public and private keys may be passed instead of the authentication object.
     # Returns an object where the <code>list</code> property contains the list of Plan objects and the <code>total</code>
     # property contains the total number of Plan objects available for the given criteria.
-    def self.list(criteria = nil, public_key = nil, private_key = nil)
+    def self.list(criteria = nil, *auth)
 
-        if public_key == nil then
-            public_key = Simplify::public_key
-        end
-        if private_key == nil then
-           private_key = Simplify::private_key
-        end
-
-        h = Simplify::PaymentsApi.execute("plan", 'list', criteria, public_key, private_key)
+        auth_obj = Simplify::PaymentsApi.create_auth_object(auth)
+        h = Simplify::PaymentsApi.execute("plan", 'list', criteria, auth_obj)
         obj = Plan.new()
-        obj.public_key = public_key
-        obj.private_key = private_key
-        obj = obj.merge(h)
+        obj.authentication = auth_obj
+        obj = obj.merge!(h)
         obj
 
     end
@@ -105,22 +106,15 @@ class Plan < Hash
     # Retrieve a Plan object from the API
     #
     # id:: ID of object to retrieve
-    # public_key:: Public to use for the API call. If nil, the value of Simplify::public_key will be used.
-    # private_key:: Private key to use for the API call. If nil, the value of Simplify::private_key will be used.
+    # auth:: Authentication information used for the API call.  If no value is passed the global keys Simplify::public_key and Simplify::private_key are used.  For backwards compatibility the public and private keys may be passed instead of the authentication object.
     # Returns a Plan object.
-    def self.find(id, public_key = nil, private_key = nil)
-        if public_key == nil then
-             public_key = Simplify::public_key
-        end
-        if private_key == nil then
-            private_key = Simplify::private_key
-        end
-
-        h = Simplify::PaymentsApi.execute("plan", 'show', {"id" => id}, public_key, private_key)
+    def self.find(id, *auth)
+
+        auth_obj = Simplify::PaymentsApi.create_auth_object(auth)
+        h = Simplify::PaymentsApi.execute("plan", 'show', {"id" => id}, auth_obj)
         obj = Plan.new()
-        obj.public_key = public_key
-        obj.private_key = private_key
-        obj = obj.merge(h)
+        obj.authentication = auth_obj
+        obj = obj.merge!(h)
         obj
     end
 
@@ -129,7 +123,7 @@ class Plan < Hash
     # The properties that can be updated:
     # * <code>name</code> Name of the plan. <b>(required)</b>
     def update()
-          h = Simplify::PaymentsApi.execute("plan", 'update', self, self.public_key, self.private_key)
+          h = Simplify::PaymentsApi.execute("plan", 'update', self, self.authentication)
           self.merge!(h)
           self
     end