straight-server-kit 0.1.0 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 371f0f2803fd90c9dcc9f1e81a3c0d6e3a760c01
-  data.tar.gz: 0c5fe9a5d52bca199d784acce675b55d222ff3ef
+  metadata.gz: 42c92cfbb55d2a9c63a48f6ba070178f21094291
+  data.tar.gz: 8d73b5ceb43e1744ecdf96b38beed1c328030539
 SHA512:
-  metadata.gz: c88f6c14842cb15fbd44d8efe1ff5a764fd3e39110979b24c23a7afb3b4704fba92b249777f6397fa407a1ad42faca002689fdce3f471b0e0b05d910abbfc08e
-  data.tar.gz: 34726dbfcb75815f75fea12ac78625ec95f671e3104da9edc99c2369d1e9582c01e9993a2b5bf7d9d21cb49ed7ca8ec2236a84bfcc8852fbe912b935c12ee828
+  metadata.gz: e35f434ba01efb2bafc93b3db053adb7b61b231c20fc6d6394ce0c3e9065eda6ea8355476e323b3ba53020da75aaf949e92ced25edf120ef6f5c94067817eb4e
+  data.tar.gz: ded69fc391c0babfad8a711b2bb66c89cca2aca360e38aa4ddfb81f44dbed056cdabc86ba51ce144f4d753c382c9482f84b6e8db28fa0a0995e37755bde2e884

data/README.md

@@ -21,27 +21,28 @@ Or install it yourself as:
 ## Usage
 
 ```ruby
-client = StraightServerKit::Client.new(url: 'http://gear.loc')
-client = StraightServerKit::Client.new
+client = StraightServerKit::Client.new(gateway_id: 'gateway_id', secret: 'secret', url: 'http://gear.loc')
 ```
 
-### Order resource
+## Order resource
 
+    client = StraightServerKit::Client.new(gateway_id: 1, secret: 'secret')
     client.orders #=> StraightServerKit::OrderResource
 
-Actions supported: 
+Actions supported:
 
-* `client.orders.create(order, gateway_id: 'gateway_id')`
-* `client.orders.find(gateway_id: 'gateway_id', id: 'id')`
+* `client.orders.create(order)`
+* `client.orders.find(id: 'id')`
+* `client.orders.cancel(id: 'id')`
 
-### Order signing
+### Order creation
 
     order = StraightServerKit::Order.new(amount: 0.01, callback_data: '123', keychain_id: 1)
-    order.sign_with 'gateway_secret'
+    client.orders.create(order)
 
 ### Callback validation
 
-    if StraightServerKit.valid_callback?(params, 'gateway_secret')
+    if StraightServerKit.valid_callback?(signature: headers['X-Signature'], request_uri: @env['REQUEST_URI'], secret: gateway_secret)
       # params can be trusted
     end
 

data/lib/straight-server-kit.rb

@@ -1,6 +1,7 @@
 require 'straight-server-kit/version'
 require 'resource_kit'
 require 'kartograph'
+require 'openssl'
 
 module StraightServerKit
   autoload :Client, File.expand_path('../straight-server-kit/client', __FILE__)
@@ -13,17 +14,20 @@ module StraightServerKit
   # Resources
   autoload :OrderResource, File.expand_path('../straight-server-kit/resources/order_resource', __FILE__)
 
-  def self.valid_callback?(params, secret)
-    return false unless params[:signature] && params[:order_id]
-    sign(content: params[:order_id], secret: secret) == params[:signature]
+  # @param [String] signature X-Signature header
+  # @param [String] request_uri /full/callback_path/with?order&callback_data
+  # @param [String] secret gateway secret
+  def self.valid_callback?(signature:, request_uri:, secret:)
+    signature == self.signature(nonce: nil, body: nil, method: 'GET', request_uri: request_uri, secret: secret)
   end
 
-  def self.sign(content:, secret:, level: 1)
-    return unless secret
-    result = content.to_s
-    level.times do
-      result = OpenSSL::HMAC.hexdigest('sha256', secret.to_s, result)
-    end
-    result
+  def self.valid_signature?(signature:, **args)
+    signature == self.signature(**args)
+  end
+
+  def self.signature(nonce:, body:, method:, request_uri:, secret:)
+    sha512  = OpenSSL::Digest::SHA512.new
+    request = "#{method.to_s.upcase}#{request_uri}#{sha512.digest("#{nonce}#{body}")}"
+    Base64.strict_encode64 OpenSSL::HMAC.digest(sha512, secret.to_s, request)
   end
 end

data/lib/straight-server-kit/client.rb

@@ -5,11 +5,13 @@ module StraightServerKit
 
     DEFAULT_API_URL = 'http://localhost:9000'.freeze
 
-    attr_reader :url, :resources
+    attr_reader :url, :resources, :gateway_id, :secret
 
-    def initialize(url: DEFAULT_API_URL)
-      @url       = url
-      @resources = {}
+    def initialize(gateway_id:, secret:, url: DEFAULT_API_URL)
+      @gateway_id = gateway_id
+      @secret     = secret
+      @url        = url
+      @resources  = {}
     end
 
     def pay_url(order)
@@ -17,14 +19,15 @@ module StraightServerKit
     end
 
     def connection
-      Faraday.new(connection_options) { |req|
-        req.adapter :net_http
-      }
+      Faraday.new(connection_options) do |faraday|
+        faraday.use SigningMiddleware, @secret
+        faraday.adapter :net_http
+      end
     end
 
     def method_missing(name, *args, &block)
-      if self.class.resources.keys.include?(name)
-        resources[name] ||= self.class.resources[name].new(connection: connection)
+      if self.class.resources.has_key?(name)
+        resources[name] ||= self.class.resources[name].for_gateway(@gateway_id).new(connection: connection)
       else
         super
       end
@@ -39,10 +42,33 @@ module StraightServerKit
     private def connection_options
       {
         url:     url,
+        ssl:     {
+          ca_path: ENV['SSL_CERT_DIR'] || '/etc/ssl/certs',
+        },
         headers: {
           content_type: 'application/json',
         }
       }
     end
+
+    class SigningMiddleware < Faraday::Middleware
+
+      def initialize(app, secret)
+        @app    = app
+        @secret = secret
+      end
+
+      def call(env)
+        env[:request_headers]['X-Nonce']     = nonce = (Time.now.to_f * 1e12).to_i.to_s
+        env[:request_headers]['X-Signature'] = StraightServerKit.signature(
+          nonce:       nonce,
+          body:        env[:body],
+          method:      env[:method],
+          request_uri: URI(env[:url]).request_uri,
+          secret:      @secret,
+        )
+        @app.call(env)
+      end
+    end
   end
 end

data/lib/straight-server-kit/models/order.rb

@@ -9,14 +9,9 @@ module StraightServerKit
     attribute :keychain_id, Integer
     attribute :last_keychain_id, Integer
     attribute :payment_id, String
-    attribute :signature, String
     attribute :status, Integer
     attribute :tid, String
 
-    def sign_with(secret)
-      self.signature = StraightServerKit.sign(content: keychain_id.to_s, secret: secret)
-    end
-
     def pay_path
       "/pay/#{payment_id}" if payment_id
     end
@@ -30,7 +25,6 @@ module StraightServerKit
           property :amount
           property :callback_data
           property :keychain_id
-          property :signature
         end
         scoped :created, :found do
           property :address

data/lib/straight-server-kit/resources/order_resource.rb

@@ -5,27 +5,43 @@ module StraightServerKit
       raise ApiError.new(status: response.status, message: response.body)
     end
 
-    resources do
-      action :create do
-        verb :post
-        path '/gateways/:gateway_id/orders'
-        body do |order|
-          Order::Mapping.representation_for(:create, order)
-        end
-        handler 200 do |response|
-          Order::Mapping.extract_single(response.body, :created)
-        end
-        handler &API_ERROR_HANDLER
-      end
+    def self.for_gateway(gateway_id)
+      name = "OrderResource_#{gateway_id.to_s.to_sym.object_id}"
+      return StraightServerKit.const_get(name) if StraightServerKit.const_defined?(name)
+      klass = Class.new self do
+        resources do
+          action :create do
+            verb :post
+            path "/gateways/#{gateway_id}/orders"
+            body do |order|
+              Order::Mapping.representation_for(:create, order)
+            end
+            handler 200 do |response|
+              Order::Mapping.extract_single(response.body, :created)
+            end
+            handler &API_ERROR_HANDLER
+          end
+
+          action :find do
+            verb :get
+            path "/gateways/#{gateway_id}/orders/:id"
+            handler 200 do |response|
+              Order::Mapping.extract_single(response.body, :found)
+            end
+            handler &API_ERROR_HANDLER
+          end
 
-      action :find do
-        verb :get
-        path '/gateways/:gateway_id/orders/:id'
-        handler 200 do |response|
-          Order::Mapping.extract_single(response.body, :found)
+          action :cancel do
+            verb :post
+            path "/gateways/#{gateway_id}/orders/:id/cancel"
+            handler 200 do
+              true
+            end
+            handler &API_ERROR_HANDLER
+          end
         end
-        handler &API_ERROR_HANDLER
       end
+      StraightServerKit.const_set name, klass
     end
   end
 end

data/lib/straight-server-kit/version.rb

@@ -1,3 +1,3 @@
 module StraightServerKit
-  VERSION = '0.1.0'
+  VERSION = '0.2.0'
 end

data/lib/tasks/resource_doc.rake

@@ -10,10 +10,17 @@ namespace :doc do
         next
       end
 
-      puts "## #{klass.name.demodulize.underscore.humanize}"
+      if klass == StraightServerKit::OrderResource
+        klass = klass.for_gateway(1)
+        klass_name = 'StraightServerKit::OrderResource'
+      else
+        klass_name = klass.name
+      end
+
+      puts "## #{klass_name.demodulize.underscore.humanize}"
       puts
-      puts "    client = StraightServerKit::Client.new"
-      puts "    client.#{key} #=> #{klass.name}"
+      puts "    client = StraightServerKit::Client.new(gateway_id: 1, secret: 'secret')"
+      puts "    client.#{key} #=> #{klass_name}"
       puts
       puts "Actions supported: "
       puts
@@ -22,7 +29,7 @@ namespace :doc do
         params         = []
 
         if action.body && action.body.arity > 0
-          params << klass.name.demodulize.underscore.downcase.gsub('_resource', '')
+          params << klass_name.demodulize.underscore.downcase.gsub('_resource', '')
         end
 
         if action_options.any?

data/spec/fixtures/vcr/cancel_new_order.yml

@@ -0,0 +1,42 @@
+---
+http_interactions:
+- request:
+    method: post
+    uri: http://gear.loc/gateways/a55c73f90728ea2750c0d92151e14f960a4cee1e3bca0cf2da8312573a98a8c5/orders/9eff7da15d0fb91ac5bd690fb2a5f7b465aa7fdfbe747028dd1579c8a9b36dba/cancel
+    body:
+      encoding: UTF-8
+      string: ''
+    headers:
+      Content-Type:
+      - application/json
+      User-Agent:
+      - Faraday v0.9.1
+      X-Nonce:
+      - '1435134015939447357440'
+      X-Signature:
+      - 7AMxBVTiH9e2GF0mWnIwHai8Pg+d5W3wlNc+GOmiIAZ4EazaWSo3T9Kzi1389Zfy8BjVP0Iy/h/WBO7GwcMaDQ==
+      Content-Length:
+      - '0'
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+  response:
+    status:
+      code: 200
+      message: OK
+    headers:
+      Server:
+      - nginx/1.9.1
+      Date:
+      - Wed, 24 Jun 2015 08:20:16 GMT
+      Content-Length:
+      - '0'
+      Connection:
+      - keep-alive
+    body:
+      encoding: UTF-8
+      string: ''
+    http_version: 
+  recorded_at: Wed, 24 Jun 2015 08:20:16 GMT
+recorded_with: VCR 2.9.3

data/spec/fixtures/vcr/find_order_by_id.yml

@@ -2,7 +2,7 @@
 http_interactions:
 - request:
     method: get
-    uri: http://gear.loc/gateways/c2809c9fd3465529d2946fb8299450b4f46b24fc40f0e3a641e7e19cd75a3adb/orders/15
+    uri: http://gear.loc/gateways/a55c73f90728ea2750c0d92151e14f960a4cee1e3bca0cf2da8312573a98a8c5/orders/5
     body:
       encoding: US-ASCII
       string: ''
@@ -11,6 +11,10 @@ http_interactions:
       - application/json
       User-Agent:
       - Faraday v0.9.1
+      X-Nonce:
+      - '1435134015332155129856'
+      X-Signature:
+      - ayhOtW3Si64mB5FMtnK4o6NTPqFIq/FeIQYbiv7s15b6EwSs+1GdqZoKDkaAFLbNyPcxHfyUcnQa7qSc/IMGlw==
       Accept-Encoding:
       - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
       Accept:
@@ -23,14 +27,14 @@ http_interactions:
       Server:
       - nginx/1.9.1
       Date:
-      - Wed, 10 Jun 2015 13:13:44 GMT
+      - Wed, 24 Jun 2015 08:20:15 GMT
       Content-Length:
-      - '238'
+      - '264'
       Connection:
       - keep-alive
     body:
       encoding: UTF-8
-      string: '{"status":5,"amount":4382,"address":"1EvNEJtVFuoGdGRMSKsDALxaZy5q66B2qq","tid":null,"id":15,"payment_id":"5d010bd6d45ec67ccd8d3c63dfdf038bd6310f89ed2b657d42b1831e551bc2fe","amount_in_btc":"0.00004382","keychain_id":1,"last_keychain_id":1}'
+      string: '{"status":0,"amount":398740,"address":"1Q8gGSuqyQk2rZeLKiPJz2nrSieTn3VrTy","tid":null,"id":5,"payment_id":"9eff7da15d0fb91ac5bd690fb2a5f7b465aa7fdfbe747028dd1579c8a9b36dba","amount_in_btc":"0.0039874","amount_paid_in_btc":"0.","keychain_id":1,"last_keychain_id":1}'
     http_version: 
-  recorded_at: Wed, 10 Jun 2015 13:13:44 GMT
+  recorded_at: Wed, 24 Jun 2015 08:20:15 GMT
 recorded_with: VCR 2.9.3

data/spec/fixtures/vcr/find_order_by_payment_id.yml

@@ -2,7 +2,7 @@
 http_interactions:
 - request:
     method: get
-    uri: http://gear.loc/gateways/c2809c9fd3465529d2946fb8299450b4f46b24fc40f0e3a641e7e19cd75a3adb/orders/5d010bd6d45ec67ccd8d3c63dfdf038bd6310f89ed2b657d42b1831e551bc2fe
+    uri: http://gear.loc/gateways/a55c73f90728ea2750c0d92151e14f960a4cee1e3bca0cf2da8312573a98a8c5/orders/9eff7da15d0fb91ac5bd690fb2a5f7b465aa7fdfbe747028dd1579c8a9b36dba
     body:
       encoding: US-ASCII
       string: ''
@@ -11,6 +11,10 @@ http_interactions:
       - application/json
       User-Agent:
       - Faraday v0.9.1
+      X-Nonce:
+      - '1435134015612564013056'
+      X-Signature:
+      - yhP5sDe/d+QDzsEEmLhpHgxXhQb/o1hjlTqI59oQZ2V/Yf3slCjXIkbtmk/SShPXJ8W2b2bR3tzl4nNYZ1oNDw==
       Accept-Encoding:
       - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
       Accept:
@@ -23,14 +27,14 @@ http_interactions:
       Server:
       - nginx/1.9.1
       Date:
-      - Wed, 10 Jun 2015 13:13:44 GMT
+      - Wed, 24 Jun 2015 08:20:15 GMT
       Content-Length:
-      - '238'
+      - '264'
       Connection:
       - keep-alive
     body:
       encoding: UTF-8
-      string: '{"status":5,"amount":4382,"address":"1EvNEJtVFuoGdGRMSKsDALxaZy5q66B2qq","tid":null,"id":15,"payment_id":"5d010bd6d45ec67ccd8d3c63dfdf038bd6310f89ed2b657d42b1831e551bc2fe","amount_in_btc":"0.00004382","keychain_id":1,"last_keychain_id":1}'
+      string: '{"status":0,"amount":398740,"address":"1Q8gGSuqyQk2rZeLKiPJz2nrSieTn3VrTy","tid":null,"id":5,"payment_id":"9eff7da15d0fb91ac5bd690fb2a5f7b465aa7fdfbe747028dd1579c8a9b36dba","amount_in_btc":"0.0039874","amount_paid_in_btc":"0.","keychain_id":1,"last_keychain_id":1}'
     http_version: 
-  recorded_at: Wed, 10 Jun 2015 13:13:44 GMT
+  recorded_at: Wed, 24 Jun 2015 08:20:15 GMT
 recorded_with: VCR 2.9.3

data/spec/fixtures/vcr/find_order_fails.yml

@@ -2,7 +2,7 @@
 http_interactions:
 - request:
     method: get
-    uri: http://gear.loc/gateways/c2809c9fd3465529d2946fb8299450b4f46b24fc40f0e3a641e7e19cd75a3adb/orders/meah
+    uri: http://gear.loc/gateways/a55c73f90728ea2750c0d92151e14f960a4cee1e3bca0cf2da8312573a98a8c5/orders/meah
     body:
       encoding: US-ASCII
       string: ''
@@ -11,6 +11,10 @@ http_interactions:
       - application/json
       User-Agent:
       - Faraday v0.9.1
+      X-Nonce:
+      - '1435134015890302697472'
+      X-Signature:
+      - b42hKPlUp5/+IjnqBVX+BOGQ1Kbl6QlqJkqUCwZYyx7LuFMxg9TrxcnizXJckoZBdX9LEySgJ1BWxCYFU4pOhw==
       Accept-Encoding:
       - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
       Accept:
@@ -23,15 +27,15 @@ http_interactions:
       Server:
       - nginx/1.9.1
       Date:
-      - Wed, 10 Jun 2015 13:37:14 GMT
+      - Wed, 24 Jun 2015 08:20:15 GMT
       Content-Length:
       - '100'
       Connection:
       - keep-alive
     body:
       encoding: UTF-8
-      string: GET /gateways/c2809c9fd3465529d2946fb8299450b4f46b24fc40f0e3a641e7e19cd75a3adb/orders/meah
+      string: GET /gateways/a55c73f90728ea2750c0d92151e14f960a4cee1e3bca0cf2da8312573a98a8c5/orders/meah
         Not found
     http_version: 
-  recorded_at: Wed, 10 Jun 2015 13:37:14 GMT
+  recorded_at: Wed, 24 Jun 2015 08:20:15 GMT
 recorded_with: VCR 2.9.3

data/spec/fixtures/vcr/orders_create.yml

@@ -2,15 +2,19 @@
 http_interactions:
 - request:
     method: post
-    uri: http://gear.loc/gateways/c2809c9fd3465529d2946fb8299450b4f46b24fc40f0e3a641e7e19cd75a3adb/orders
+    uri: http://gear.loc/gateways/a55c73f90728ea2750c0d92151e14f960a4cee1e3bca0cf2da8312573a98a8c5/orders
     body:
       encoding: UTF-8
-      string: '{"amount":"0.1E-1","callback_data":"123","keychain_id":1,"signature":"1d295e79be14197cea096afbcd898267aebaa93d6e6973227132ff35d5f64147"}'
+      string: '{"amount":"0.1E1","callback_data":"123","keychain_id":1}'
     headers:
       Content-Type:
       - application/json
       User-Agent:
       - Faraday v0.9.1
+      X-Nonce:
+      - '1435134015216702717952'
+      X-Signature:
+      - 5R+Xy+1GCQckZDiqThmqDbSOQJhkMT7DTDZaw+m4IsC4YafSNbb1il9Hv/rvgXZtY9Rj06l3iCzJUB62PIZJNA==
       Accept-Encoding:
       - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
       Accept:
@@ -23,14 +27,14 @@ http_interactions:
       Server:
       - nginx/1.9.1
       Date:
-      - Wed, 10 Jun 2015 11:54:27 GMT
+      - Wed, 24 Jun 2015 08:20:15 GMT
       Content-Length:
-      - '238'
+      - '264'
       Connection:
       - keep-alive
     body:
       encoding: UTF-8
-      string: '{"status":0,"amount":4382,"address":"1EvNEJtVFuoGdGRMSKsDALxaZy5q66B2qq","tid":null,"id":15,"payment_id":"5d010bd6d45ec67ccd8d3c63dfdf038bd6310f89ed2b657d42b1831e551bc2fe","amount_in_btc":"0.00004382","keychain_id":1,"last_keychain_id":1}'
+      string: '{"status":0,"amount":398740,"address":"1Q8gGSuqyQk2rZeLKiPJz2nrSieTn3VrTy","tid":null,"id":5,"payment_id":"9eff7da15d0fb91ac5bd690fb2a5f7b465aa7fdfbe747028dd1579c8a9b36dba","amount_in_btc":"0.0039874","amount_paid_in_btc":"0.","keychain_id":1,"last_keychain_id":1}'
     http_version: 
-  recorded_at: Wed, 10 Jun 2015 11:54:27 GMT
+  recorded_at: Wed, 24 Jun 2015 08:20:15 GMT
 recorded_with: VCR 2.9.3

data/spec/fixtures/vcr/{orders_create_unsigned.yml → orders_create_invalid.yml}

@@ -2,15 +2,19 @@
 http_interactions:
 - request:
     method: post
-    uri: http://gear.loc/gateways/c2809c9fd3465529d2946fb8299450b4f46b24fc40f0e3a641e7e19cd75a3adb/orders
+    uri: http://gear.loc/gateways/a55c73f90728ea2750c0d92151e14f960a4cee1e3bca0cf2da8312573a98a8c5/orders
     body:
       encoding: UTF-8
-      string: '{"amount":"0.1E-1","callback_data":"123","keychain_id":1,"signature":null}'
+      string: '{"amount":null,"callback_data":"123","keychain_id":1}'
     headers:
       Content-Type:
       - application/json
       User-Agent:
       - Faraday v0.9.1
+      X-Nonce:
+      - '1435134015292253143040'
+      X-Signature:
+      - 38R+VK1z2/HZzusiR0L9850nvIACu5grh3HpNiExW+2BJ3toe33r4YilV4X2jGN1RCWWv6h/rQZlu2FgEuoG4Q==
       Accept-Encoding:
       - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
       Accept:
@@ -23,14 +27,14 @@ http_interactions:
       Server:
       - nginx/1.9.1
       Date:
-      - Wed, 10 Jun 2015 13:01:45 GMT
+      - Wed, 24 Jun 2015 08:20:15 GMT
       Content-Length:
-      - '26'
+      - '61'
       Connection:
       - keep-alive
     body:
       encoding: UTF-8
-      string: 'Invalid signature for id: '
+      string: 'Invalid order: amount cannot be nil and should be more than 0'
     http_version: 
-  recorded_at: Wed, 10 Jun 2015 13:01:45 GMT
+  recorded_at: Wed, 24 Jun 2015 08:20:15 GMT
 recorded_with: VCR 2.9.3

data/spec/lib/straight-server-kit/client_spec.rb

@@ -1,17 +1,26 @@
 require 'spec_helper'
 
 RSpec.describe StraightServerKit::Client do
-  subject(:client) { StraightServerKit::Client.new }
+
+  let(:default_params) { {gateway_id: 1, secret: '0'} }
+  subject(:client) { described_class.new(**default_params) }
+
+  it "must be initialized with gateway_id and secret" do
+    expect { StraightServerKit::Client.new }.to raise_error ArgumentError
+    expect { StraightServerKit::Client.new(gateway_id: 1) }.to raise_error ArgumentError
+    expect(subject.gateway_id).to eq 1
+    expect(subject.secret).to eq '0'
+  end
 
   it "can be initializes with an url" do
-    @client = StraightServerKit::Client.new(url: 'http://gear.loc')
+    @client = StraightServerKit::Client.new(url: 'http://gear.loc', **default_params)
     expect(@client.url).to eq 'http://gear.loc'
   end
 
   it "constructs pay url" do
     @order = StraightServerKit::Order.new(payment_id: 'abc')
-    expect(described_class.new.pay_url(@order)).to eq 'http://localhost:9000/pay/abc'
-    expect(described_class.new(url: 'https://gear.loc').pay_url(@order)).to eq 'https://gear.loc/pay/abc'
+    expect(subject.pay_url(@order)).to eq 'http://localhost:9000/pay/abc'
+    expect(described_class.new(url: 'https://gear.loc', **default_params).pay_url(@order)).to eq 'https://gear.loc/pay/abc'
   end
 
   it "does respond to valid resources" do

data/spec/lib/straight-server-kit/resources/order_resource_spec.rb

@@ -2,73 +2,84 @@ require 'spec_helper'
 
 RSpec.describe StraightServerKit::OrderResource do
   include_context 'resources'
-  subject(:resource) { described_class.new(connection: connection) }
+
+  it "builds subclass for each gateway" do
+    resources = 3.times.map do |i|
+      resource = StraightServerKit::Client.new(gateway_id: i, secret: nil).orders
+      expect(resource.class.name).to eq "StraightServerKit::OrderResource_#{i.to_s.to_sym.object_id}"
+      resource
+    end
+    resources2 = 3.times.map do |i|
+      StraightServerKit::Client.new(gateway_id: i, secret: nil).orders
+    end
+    expect(resources.map(&:class)).to eq resources2.map(&:class)
+  end
 
   describe '#create' do
     it 'creates order' do
-      @order = StraightServerKit::Order.new(amount: 0.01, callback_data: '123', keychain_id: 1)
-      @order.sign_with gateway_secret
+      @order = StraightServerKit::Order.new(amount: 1, callback_data: '123', keychain_id: 1)
 
-      expect(@order.amount).to eq 0.01
+      expect(@order.amount).to eq 1
       expect(@order.amount).to be_kind_of BigDecimal
       expect(@order.callback_data).to eq '123'
       expect(@order.keychain_id).to eq 1
-      expect(@order.signature).to eq '1d295e79be14197cea096afbcd898267aebaa93d6e6973227132ff35d5f64147'
 
       VCR.use_cassette 'orders_create' do
-        @created_order = client.orders.create(@order, gateway_id: gateway_id)
+        @created_order = client.orders.create(@order)
       end
 
-      expect(@created_order.address).to eq '1EvNEJtVFuoGdGRMSKsDALxaZy5q66B2qq'
-      expect(@created_order.amount).to eq 4382
+      expect(@created_order.address.to_s).not_to be_empty
+      expect(@created_order.amount > 0).to eq true
       expect(@created_order.amount).to be_kind_of BigDecimal
-      expect(@created_order.amount_in_btc).to eq 0.00004382
+      expect(@created_order.amount_in_btc > 0).to eq true
       expect(@created_order.amount_in_btc).to be_kind_of BigDecimal
-      expect(@created_order.id).to eq 15
-      expect(@created_order.keychain_id).to eq 1
-      expect(@created_order.last_keychain_id).to eq 1
-      expect(@created_order.payment_id).to eq '5d010bd6d45ec67ccd8d3c63dfdf038bd6310f89ed2b657d42b1831e551bc2fe'
+      expect(@created_order.id > 0).to eq true
+      expect(@created_order.keychain_id > 0).to eq true
+      expect(@created_order.last_keychain_id > 0).to eq true
+      expect(@created_order.payment_id.to_s).not_to be_empty
       expect(@created_order.status).to eq 0
       expect(@created_order.tid).to eq nil
 
       # orders.create never sets these fields
       expect(@created_order.callback_data).to eq nil
-      expect(@created_order.signature).to eq nil
+
+      $order_id   = @created_order.id
+      $payment_id = @created_order.payment_id
     end
 
     it 'raises ApiError' do
-      @order = StraightServerKit::Order.new(amount: 0.01, callback_data: '123', keychain_id: 1)
-      VCR.use_cassette 'orders_create_unsigned' do
+      @order = StraightServerKit::Order.new(callback_data: '123', keychain_id: 1)
+      VCR.use_cassette 'orders_create_invalid' do
         begin
-          client.orders.create(@order, gateway_id: gateway_id)
+          client.orders.create(@order)
         rescue => @error
         end
       end
       expect(@error).to be_instance_of StraightServerKit::ApiError
       expect(@error.status).to eq 409
-      expect(@error.message).to start_with "Invalid signature"
+      expect(@error.message).to eq "Invalid order: amount cannot be nil and should be more than 0"
     end
   end
 
   describe '#find' do
     it 'finds existing order by id' do
       VCR.use_cassette 'find_order_by_id' do
-        @order = client.orders.find(id: 15, gateway_id: gateway_id)
+        @order = client.orders.find(id: $order_id)
       end
-      expect(@order.id).to eq 15
+      expect(@order.id).to eq $order_id
     end
 
     it 'finds existing order by payment_id' do
       VCR.use_cassette 'find_order_by_payment_id' do
-        @order = client.orders.find(id: '5d010bd6d45ec67ccd8d3c63dfdf038bd6310f89ed2b657d42b1831e551bc2fe', gateway_id: gateway_id)
+        @order = client.orders.find(id: $payment_id)
       end
-      expect(@order.id).to eq 15
+      expect(@order.id).to eq $order_id
     end
 
     it 'raises ApiError when not found' do
       VCR.use_cassette 'find_order_fails' do
         begin
-          @order = client.orders.find(id: 'meah', gateway_id: gateway_id)
+          @order = client.orders.find(id: 'meah')
         rescue => @error
         end
       end
@@ -77,4 +88,13 @@ RSpec.describe StraightServerKit::OrderResource do
       expect(@error.message).to end_with "Not found"
     end
   end
+
+  describe '#cancel' do
+    it "cancels new order" do
+      VCR.use_cassette 'cancel_new_order' do
+        @result = client.orders.cancel(id: $payment_id)
+      end
+      expect(@result).to eq true
+    end
+  end
 end

data/spec/lib/straight-server-kit_spec.rb

@@ -1,12 +1,14 @@
 require 'spec_helper'
 
 RSpec.describe StraightServerKit do
-  it "validates callback signature" do
-    secret    = 'secret'
-    signature = described_class.sign(content: 1, secret: secret)
-    expect(described_class.valid_callback?({}, secret)).to eq false
-    expect(described_class.valid_callback?({signature: 'asdf'}, secret)).to eq false
-    expect(described_class.valid_callback?({order_id: 1}, secret)).to eq false
-    expect(described_class.valid_callback?({order_id: 1, signature: signature}, secret)).to eq true
+  it "validates signature" do
+    secret      = 'secret'
+    request_uri = '/callback/path?order_id=1&callback_data=test'
+    signature   = described_class.signature(nonce: nil, body: nil, method: 'GET', request_uri: request_uri, secret: secret)
+    expect(described_class.valid_callback?(signature: nil, request_uri: request_uri, secret: nil)).to eq false
+    expect(described_class.valid_callback?(signature: nil, request_uri: request_uri, secret: secret)).to eq false
+    expect(described_class.valid_callback?(signature: signature, request_uri: request_uri, secret: nil)).to eq false
+    expect(described_class.valid_callback?(signature: signature, request_uri: request_uri, secret: secret)).to eq true
+    expect(described_class.valid_signature?(signature: signature, request_uri: request_uri, secret: secret, nonce: nil, body: nil, method: 'GET')).to eq true
   end
 end

data/spec/support/resource_context.rb

@@ -1,6 +1,5 @@
 shared_context 'resources' do
-  let(:client) { StraightServerKit::Client.new(url: 'http://gear.loc') }
-  let(:connection) { client.connection }
-  let(:gateway_id) { 'c2809c9fd3465529d2946fb8299450b4f46b24fc40f0e3a641e7e19cd75a3adb' }
-  let(:gateway_secret) { 'w4b1lc5qs3n0vx9q8q76yxparfcmto1dqlr6vo5hh7mfvaoz64epa4e7qhvmv4vg' }
+  let(:gateway_id) { 'a55c73f90728ea2750c0d92151e14f960a4cee1e3bca0cf2da8312573a98a8c5' }
+  let(:gateway_secret) { 'qx1r05e9i38q3g0lnknwaiwjeaufquw4wsmtra2nj5jqyl9m2jlx27jhclmm2mzp' }
+  let(:client) { StraightServerKit::Client.new(url: 'http://gear.loc', gateway_id: gateway_id, secret: gateway_secret) }
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: straight-server-kit
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors:
 - Alexander Pavlenko
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-06-11 00:00:00.000000000 Z
+date: 2015-07-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: virtus
@@ -159,11 +159,12 @@ files:
 - lib/straight-server-kit/resources/order_resource.rb
 - lib/straight-server-kit/version.rb
 - lib/tasks/resource_doc.rake
+- spec/fixtures/vcr/cancel_new_order.yml
 - spec/fixtures/vcr/find_order_by_id.yml
 - spec/fixtures/vcr/find_order_by_payment_id.yml
 - spec/fixtures/vcr/find_order_fails.yml
 - spec/fixtures/vcr/orders_create.yml
-- spec/fixtures/vcr/orders_create_unsigned.yml
+- spec/fixtures/vcr/orders_create_invalid.yml
 - spec/lib/straight-server-kit/client_spec.rb
 - spec/lib/straight-server-kit/models/base_model_spec.rb
 - spec/lib/straight-server-kit/models/order_spec.rb
@@ -192,16 +193,17 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.4.6
+rubygems_version: 2.4.8
 signing_key: 
 specification_version: 4
 summary: Straight Server Kit is the official Ruby library for Straight Server's API
 test_files:
+- spec/fixtures/vcr/cancel_new_order.yml
 - spec/fixtures/vcr/find_order_by_id.yml
 - spec/fixtures/vcr/find_order_by_payment_id.yml
 - spec/fixtures/vcr/find_order_fails.yml
 - spec/fixtures/vcr/orders_create.yml
-- spec/fixtures/vcr/orders_create_unsigned.yml
+- spec/fixtures/vcr/orders_create_invalid.yml
 - spec/lib/straight-server-kit/client_spec.rb
 - spec/lib/straight-server-kit/models/base_model_spec.rb
 - spec/lib/straight-server-kit/models/order_spec.rb