straight-server 0.1.0

data/spec/lib/gateway_spec.rb

@@ -0,0 +1,191 @@
+require 'spec_helper'
+
+RSpec.describe StraightServer::Gateway do
+
+  before(:each) do
+    @gateway = StraightServer::GatewayOnConfig.find_by_id(1)
+    @order_mock = double("order mock")
+    [:id, :gateway=, :save, :to_h, :id=].each { |m| allow(@order_mock).to receive(m) }
+    @order_for_keychain_id_args = { amount: 1, keychain_id: 1, currency: nil, btc_denomination: nil }
+  end
+
+  it "checks for signature when creating a new order" do
+    @gateway.last_keychain_id = 0
+    expect( -> { @gateway.create_order(amount: 1, signature: 'invalid', id: 1) }).to raise_exception(StraightServer::GatewayModule::InvalidSignature)
+    expect(@gateway).to receive(:order_for_keychain_id).with(@order_for_keychain_id_args).once.and_return(@order_mock)
+    @gateway.create_order(amount: 1, signature: hmac_sha1(1, 'secret'), id: 1)
+  end
+
+  it "checks md5 signature only if that setting is set ON for a particular gateway" do
+    gateway1 = StraightServer::GatewayOnConfig.find_by_id(1)
+    gateway2 = StraightServer::GatewayOnConfig.find_by_id(2)
+    expect(gateway2).to receive(:order_for_keychain_id).with(@order_for_keychain_id_args).once.and_return(@order_mock)
+    expect( -> { gateway1.create_order(amount: 1, signature: 'invalid') }).to raise_exception
+    expect( -> { gateway2.create_order(amount: 1, signature: 'invalid') }).not_to raise_exception()
+  end
+
+  it "doesn't allow nil or empty order id if signature checks are enabled" do
+    expect( -> { @gateway.create_order(amount: 1, signature: 'invalid', id: nil) }).to raise_exception(StraightServer::GatewayModule::InvalidOrderId)
+    expect( -> { @gateway.create_order(amount: 1, signature: 'invalid', id: '') }).to raise_exception(StraightServer::GatewayModule::InvalidOrderId)
+  end
+
+  it "sets order amount in satoshis calculated from another currency" do
+    @gateway = StraightServer::GatewayOnConfig.find_by_id(2)
+    allow(@gateway).to receive(:address_for_keychain_id).and_return('address')
+    allow(@gateway.exchange_rate_adapters.first).to receive(:rate_for).and_return(450.5412)
+    expect(@gateway.create_order(amount: 2252.706, currency: 'USD').amount).to eq(500000000)
+  end
+
+  context "callback url" do
+
+    before(:each) do
+      @gateway = StraightServer::GatewayOnConfig.find_by_id(2) # Gateway 2 doesn't require signatures
+      @response_mock = double("http response mock")
+      expect(@response_mock).to receive(:body).once.and_return('body')
+      @order = create(:order)
+      allow(@order).to receive(:status).and_return(1)
+      allow(@order).to receive(:tid).and_return('tid1')
+    end
+
+    it "sends a request to the callback_url" do
+      expect(@response_mock).to receive(:code).twice.and_return("200")
+      expect(Net::HTTP).to receive(:get_response).and_return(@response_mock)
+      @gateway.order_status_changed(@order)
+    end
+
+    it "keeps sending request according to the callback schedule if there's an error" do
+      expect(@response_mock).to receive(:code).twice.and_return("404")
+      expect(@gateway).to receive(:sleep).exactly(10).times
+      expect(Net::HTTP).to receive(:get_response).exactly(11).times.and_return(@response_mock)
+      expect(URI).to receive(:parse).with('http://localhost:3001/payment-callback?' + @order.to_http_params).exactly(11).times
+      @gateway.order_status_changed(@order)
+    end
+
+    it "signs the callback if gateway has a secret" do
+      @gateway = StraightServer::GatewayOnConfig.find_by_id(1) # Gateway 1 requires signatures
+      expect(@response_mock).to receive(:code).twice.and_return("200")
+      expect(URI).to receive(:parse).with('http://localhost:3000/payment-callback?' + @order.to_http_params + "&signature=#{hmac_sha1(hmac_sha1(@order.id, 'secret'), 'secret')}")
+      expect(Net::HTTP).to receive(:get_response).and_return(@response_mock)
+      @gateway.order_status_changed(@order)
+    end
+
+    it "receives random data in :data params and sends it back in a callback request" do
+      @order.data = 'some random data'
+      expect(@gateway).to receive(:order_for_keychain_id).with(@order_for_keychain_id_args).once.and_return(@order)
+      @gateway.create_order(amount: 1, data: 'some random data')
+      expect(@response_mock).to receive(:code).twice.and_return("200")
+      expect(Net::HTTP).to receive(:get_response).and_return(@response_mock)
+      expect(URI).to receive(:parse).with('http://localhost:3001/payment-callback?' + @order.to_http_params + "&data=#{@order.data}")
+      @gateway.order_status_changed(@order)
+    end
+
+    it "saves callback url response in the order's record in DB" do
+      allow(@response_mock).to receive(:code).and_return("200")
+      allow(Net::HTTP).to receive(:get_response).and_return(@response_mock)
+      @gateway.order_status_changed(@order)
+      expect(@order.callback_response).to eq({code: "200", body: "body"}) 
+    end
+
+  end
+
+  describe "config based gateway" do
+
+    it "loads all the gateways from the config file and assigns correct attributes" do
+      gateway1 = StraightServer::GatewayOnConfig.find_by_id(1)
+      gateway2 = StraightServer::GatewayOnConfig.find_by_id(2)
+      expect(gateway1).to be_kind_of(StraightServer::GatewayOnConfig)
+      expect(gateway2).to be_kind_of(StraightServer::GatewayOnConfig)
+
+      expect(gateway1.pubkey).to eq('xpub-000') 
+      expect(gateway1.confirmations_required).to eq(0) 
+      expect(gateway1.order_class).to eq("StraightServer::Order") 
+      expect(gateway1.name).to eq("default") 
+
+      expect(gateway2.pubkey).to eq('xpub-001') 
+      expect(gateway2.confirmations_required).to eq(0) 
+      expect(gateway2.order_class).to eq("StraightServer::Order") 
+      expect(gateway2.name).to eq("second_gateway") 
+    end
+
+    it "saves and retrieves last_keychain_id from the file in the .straight dir" do
+      expect(File.read("#{ENV['HOME']}/.straight/default_last_keychain_id").to_i).to eq(0)
+      @gateway.increment_last_keychain_id!
+      expect(File.read("#{ENV['HOME']}/.straight/default_last_keychain_id").to_i).to eq(1)
+
+      expect(@gateway).to receive(:order_for_keychain_id).with(@order_for_keychain_id_args.merge({ keychain_id: 2})).once.and_return(@order_mock)
+      @gateway.create_order(amount: 1, signature: hmac_sha1(1, 'secret'), id: 1)
+      expect(File.read("#{ENV['HOME']}/.straight/default_last_keychain_id").to_i).to eq(2)
+    end
+
+  end
+
+  describe "db based gateway" do
+
+    before(:each) do
+      @gateway = StraightServer::GatewayOnDB.create(
+        confirmations_required: 0,
+        pubkey:      'xpub-000',
+        order_class: 'StraightServer::Order',
+        secret:      'secret',
+        name:        'default',
+        check_signature: true,
+        exchange_rate_adapter_names: ['Bitpay', 'Coinbase', 'Bitstamp']
+      )
+    end
+    
+    it "saves and retrieves last_keychain_id from the db" do
+      expect(DB[:gateways][:name => 'default'][:last_keychain_id]).to eq(0)
+      @gateway.increment_last_keychain_id!
+      expect(DB[:gateways][:name => 'default'][:last_keychain_id]).to eq(1)
+
+      expect(@gateway).to receive(:order_for_keychain_id).with(@order_for_keychain_id_args.merge({ keychain_id: 2})).once.and_return(@order_mock)
+      @gateway.create_order(amount: 1, signature: hmac_sha1(1, 'secret'), id: 1)
+      expect(DB[:gateways][:name => 'default'][:last_keychain_id]).to eq(2)
+    end
+
+  end
+
+  describe "handling websockets" do
+
+    before(:each) do
+      @gateway.instance_variable_set(:@websockets, {})
+      @ws = double("websocket mock")
+      allow(@ws).to receive(:on).with(:close)
+      allow(@order_mock).to receive(:id).and_return(1)
+      allow(@order_mock).to receive(:status).and_return(0)
+    end
+
+    it "adds a new websocket for the order" do
+      @gateway.add_websocket_for_order(@ws, @order_mock)
+      expect(@gateway.instance_variable_get(:@websockets)).to eq({ 1 => @ws})
+    end
+
+    it "sends a message to the websocket when status of the order is changed and closes the connection" do
+      allow(@gateway).to receive(:send_callback_http_request) # ignoring the callback which sends an callback_url request
+      expect(@order_mock).to receive(:to_json).and_return("order json info")
+      expect(@ws).to receive(:send).with("order json info")
+      expect(@ws).to receive(:close)
+      @gateway.add_websocket_for_order(@ws, @order_mock)
+      @gateway.order_status_changed(@order_mock)
+    end
+
+    it "doesn't allow to listen to orders with statuses other than 0 or 1" do
+      allow(@order_mock).to receive(:status).and_return(2)
+      expect( -> { @gateway.add_websocket_for_order(@ws, @order_mock) }).to raise_exception(StraightServer::Gateway::WebsocketForCompletedOrder)
+    end
+
+    it "doesn't allow to create a second websocket for the same order" do
+      allow(@order_mock).to receive(:status).and_return(0)
+      @gateway.add_websocket_for_order(@ws, @order_mock)
+      expect( -> { @gateway.add_websocket_for_order(@ws, @order_mock) }).to raise_exception(StraightServer::Gateway::WebsocketExists)
+    end
+
+  end
+
+  def hmac_sha1(key, secret)
+    h = HMAC::SHA1.new('secret')
+    h << key.to_s
+    h.hexdigest
+  end
+
+end

data/spec/lib/order_spec.rb

@@ -0,0 +1,82 @@
+require 'spec_helper'
+
+RSpec.describe StraightServer::Order do
+
+  before(:each) do
+    # clean the database
+    DB.run("DELETE FROM orders")
+    @gateway = double("Straight Gateway mock")
+    allow(@gateway).to receive(:id).and_return(1)
+    @order = create(:order, gateway_id: @gateway.id)
+    allow(@gateway).to receive(:fetch_transactions_for).with(anything).and_return([])
+    allow(@gateway).to receive(:order_status_changed).with(anything)
+    allow(StraightServer::Gateway).to receive(:find_by_id).and_return(@gateway)
+  end
+
+  it "prepares data as http params" do
+    allow(@order).to receive(:tid).and_return("tid1")
+    expect(@order.to_http_params).to eq("order_id=#{@order.id}&amount=10&status=#{@order.status}&address=#{@order.address}&tid=tid1")
+  end
+
+  describe "DB interaction" do
+
+    it "saves a new order into the database" do
+      expect(DB[:orders][:keychain_id => @order.id]).not_to be_nil 
+    end
+
+    it "updates an existing order" do
+      expect(DB[:orders][:keychain_id => @order.id][:status]).to eq(0) 
+      @order.status = 1
+      @order.save
+      expect(DB[:orders][:keychain_id => @order.id][:status]).to eq(1) 
+    end
+
+    it "finds first order in the database by id" do
+      expect(StraightServer::Order.find(id: @order.id)).to equal_order(@order)
+    end
+
+    it "finds first order in the database by keychain_id" do
+      expect(StraightServer::Order.find(keychain_id: @order.keychain_id)).to equal_order(@order)
+    end
+
+    it "finds orders in the database by any conditions" do
+      order1 = create(:order, gateway_id: @gateway.id)
+      order2 = create(:order, gateway_id: @gateway.id)
+      
+      expect(StraightServer::Order.where(keychain_id: order1.keychain_id).first).to equal_order(order1)
+      expect(StraightServer::Order.where(keychain_id: order2.keychain_id).first).to equal_order(order2)
+      expect(StraightServer::Order.where(keychain_id: order2.keychain_id+1).first).to be_nil
+
+    end
+
+    describe "with validations" do
+
+      it "doesn't save order if the order with the same id exists" do
+        order = create(:order, gateway_id: @gateway.id)
+        expect( -> { create(:order, id: order.id, gateway_id: @gateway.id) }).to raise_error()
+      end
+
+      it "doesn't save order if the order with the same address exists" do
+        order = create(:order, gateway_id: @gateway.id)
+        expect( -> { create(:order, address: order.address) }).to raise_error()
+      end
+
+      it "doesn't save order if the order with the same keychain_id and gateway_id exists" do
+        order = create(:order, gateway_id: @gateway.id)
+        expect( -> { create(:order, keychain_id: order.id, gateway_id: order.gateway_id+1) }).not_to raise_error()
+        expect( -> { create(:order, keychain_id: order.id, gateway_id: order.gateway_id)   }).to     raise_error()
+      end
+
+      it "doesn't save order if the amount is invalid" do
+        expect( -> { create(:order, amount: 0) }).to raise_error()
+      end
+
+      it "doesn't save order if gateway_id is invalid" do
+        expect( -> { create(:order, gateway_id: 0) }).to raise_error()
+      end
+
+    end
+
+  end
+
+end

data/spec/lib/orders_controller_spec.rb

@@ -0,0 +1,113 @@
+require 'spec_helper'
+
+RSpec.describe StraightServer::OrdersController do
+
+  before(:each) do
+    DB.run("DELETE FROM orders")
+    @gateway = gateway = StraightServer::Gateway.find_by_id(2)
+    allow(gateway).to receive(:address_for_keychain_id).and_return("address#{gateway.last_keychain_id+1}")
+    allow(gateway).to receive(:fetch_transactions_for).with(anything).and_return([])
+    allow(gateway).to receive(:send_callback_http_request)
+  end
+
+  describe "create action" do
+
+    it "creates an order and renders its attrs in json" do
+      allow(StraightServer::Thread).to receive(:new) # ignore periodic status checks, we're not testing it here
+      send_request "POST", '/gateways/2/orders', amount: 10
+      expect(response).to render_json_with(status: 0, amount: 10, address: "address1", tid: nil, id: :anything)
+    end
+
+    it "renders 409 error when an order cannot be created due to some validation errors" do
+      send_request "POST", '/gateways/2/orders', amount: 0
+      expect(response[0]).to eq(409)
+      expect(response[2]).to eq("Invalid order: amount is invalid")
+    end
+
+    it "starts tracking the order status in a separate thread" do
+      order_mock = double("order mock")
+      expect(order_mock).to receive(:start_periodic_status_check)
+      allow(order_mock).to  receive(:to_h).and_return({})
+      expect(@gateway).to   receive(:create_order).and_return(order_mock)
+      send_request "POST", '/gateways/2/orders', amount: 10
+    end
+
+  end
+
+  describe "show action" do
+
+    before(:each) do
+      @order_mock = double('order mock')
+      allow(@order_mock).to receive(:status).and_return(2)
+      allow(@order_mock).to receive(:to_json).and_return("order json mock")
+    end
+
+    it "renders json info about an order if it is found" do
+      allow(@order_mock).to receive(:status_changed?).and_return(false)
+      expect(StraightServer::Order).to receive(:[]).with(1).and_return(@order_mock)
+      send_request "GET", '/gateways/2/orders/1'
+      expect(response).to eq([200, {}, "order json mock"])
+    end
+
+    it "saves an order if status is updated" do
+      allow(@order_mock).to receive(:status_changed?).and_return(true)
+      expect(@order_mock).to receive(:save)
+      expect(StraightServer::Order).to receive(:[]).with(1).and_return(@order_mock)
+      send_request "GET", '/gateways/2/orders/1'
+      expect(response).to eq([200, {}, "order json mock"])
+    end
+
+    it "renders 404 if order is not found" do
+      expect(StraightServer::Order).to receive(:[]).with(1).and_return(nil)
+      send_request "GET", '/gateways/2/orders/1'
+      expect(response).to eq([404, {}, "GET /gateways/2/orders/1 Not found"])
+    end
+
+  end
+
+  describe "websocket action" do
+
+    before(:each) do
+      @gateway.instance_variable_set(:@websockets, {})
+      @ws_mock    = double("websocket mock")
+      @order_mock = double("order mock")
+      allow(@ws_mock).to receive(:rack_response).and_return("ws rack response")
+      [:id, :gateway=, :save, :to_h, :id=].each { |m| allow(@order_mock).to receive(m) }
+      allow(@ws_mock).to receive(:on)
+      allow(Faye::WebSocket).to receive(:new).and_return(@ws_mock)
+    end
+
+    it "returns a websocket connection" do
+      allow(@order_mock).to receive(:status).and_return(0)
+      allow(StraightServer::Order).to receive(:[]).with(1).and_return(@order_mock)
+      send_request "GET", '/gateways/2/orders/1/websocket'
+      expect(response).to eq("ws rack response")
+    end
+
+    it "returns 403 when socket already exists" do
+      allow(@order_mock).to receive(:status).and_return(0)
+      allow(StraightServer::Order).to receive(:[]).with(1).twice.and_return(@order_mock)
+      send_request "GET", '/gateways/2/orders/1/websocket'
+      send_request "GET", '/gateways/2/orders/1/websocket'
+      expect(response).to eq([403, {}, "Someone is already listening to that order"])
+    end
+
+    it "returns 403 when order has is completed (status > 1 )" do
+      allow(@order_mock).to receive(:status).and_return(2)
+      allow(StraightServer::Order).to receive(:[]).with(1).and_return(@order_mock)
+      send_request "GET", '/gateways/2/orders/1/websocket'
+      expect(response).to eq([403, {}, "You cannot listen to this order because it is completed (status > 1)"])
+    end
+
+  end
+
+  def send_request(method, path, params={})
+    env = Hashie::Mash.new({ 'REQUEST_METHOD' => method, 'REQUEST_PATH' => path, 'params' => params })
+    @controller = StraightServer::OrdersController.new(env)
+  end
+
+  def response
+    @controller.response
+  end
+
+end

data/spec/spec_helper.rb

@@ -0,0 +1,77 @@
+# !!! The order in which we require files here is very important.
+
+# 1. First, load dependencies and connect to the Database
+require 'sequel'
+require 'straight'
+require 'fileutils' # This is required to cleanup the test .straight dir
+require 'hashie'
+
+Sequel.extension :migration
+DB = Sequel.sqlite
+
+# 2. Then we can run migrations BEFORE we load actual models
+Sequel::Migrator.run(DB, File.expand_path('../', File.dirname(__FILE__)) + '/db/migrations/')
+
+# 3. Load config and initializer so that we can read our test config file located in
+# spec/.straight/config.yml
+
+# 3.1 This tells initializer where to read the config file from
+ENV['HOME'] = File.expand_path(File.dirname(__FILE__))
+
+# 3.2 Actually load the initializer
+require_relative "../lib/straight-server/config"
+require_relative "../lib/straight-server/initializer"
+include StraightServer::Initializer
+
+read_config_file
+
+# 4. Load the rest of the files, including models, which are now ready
+# to be used as intended and will follow all the previous configuration.
+require_relative '../lib/straight-server/order'
+require_relative '../lib/straight-server/gateway'
+require_relative '../lib/straight-server/orders_controller'
+require_relative '../lib/straight-server'
+
+require_relative 'support/custom_matchers'
+
+require "factory_girl"
+require_relative "factories"
+
+class StraightServer::Order
+  alias :save! :save
+end
+
+class StraightServer::Thread
+  def self.new(&block)
+    block.call
+  end
+end
+
+RSpec.configure do |config|
+
+  config.include FactoryGirl::Syntax::Methods
+
+  config.before(:suite) do
+    StraightServer.db_connection = DB #use a memory DB
+  end
+
+  config.before(:each) do
+    DB[:orders].delete
+    logger_mock = double("logger mock")
+    [:debug, :info, :warn, :fatal, :unknown, :blank_lines].each do |e|
+      allow(logger_mock).to receive(e)
+    end
+    StraightServer.logger = logger_mock
+    StraightServer::GatewayOnConfig.class_variable_get(:@@gateways).each do |g|
+      g.last_keychain_id = 0
+      g.save
+    end
+  end
+
+  config.after(:all) do
+    ["default_last_keychain_id", "second_gateway_last_keychain_id"].each do |f|
+      FileUtils.rm "#{ENV['HOME']}/.straight/#{f}" if File.exists?("#{ENV['HOME']}/.straight/#{f}")
+    end
+  end
+
+end

data/spec/support/custom_matchers.rb

@@ -0,0 +1,44 @@
+RSpec::Matchers.define :equal_order do |expected|
+  match do |actual|
+    true
+    actual.address == expected.address         &&
+    actual.status  == expected.status          &&
+    actual.keychain_id == expected.keychain_id &&
+    actual.amount      == expected.amount      &&
+    actual.gateway_id  == expected.gateway_id  &&
+    actual.id          == expected.id
+  end
+
+  diffable
+end
+
+RSpec::Matchers.define :render_json_with do |hash|
+
+  match do |r|
+    json_response = JSON.parse(r[2])
+    check_one_dimensional_hash(hash, json_response)
+  end
+
+  def check_one_dimensional_hash(hash, json_response)
+    hash.each do |k,v|
+      if v == :anything
+        expect(json_response[k.to_s]).to_not be_nil
+      elsif v == nil
+        expect(json_response[k.to_s]).to be_nil
+      elsif v.kind_of?(Hash)
+        expect(json_response[k.to_s].kind_of?(Hash)).to be_truthy
+        check_one_dimensional_hash(v, json_response[k.to_s])
+      else
+        expect(json_response[k.to_s]).to eq(v)
+      end
+    end
+  end
+
+  failure_message do |actual|
+    "expected that it had:\n\n\t\t#{hash},\n\nbut instead it had:\n\n\t\t#{JSON.parse(actual[2])}"
+  end
+  failure_message_when_negated do |actual|
+    "expected that it wouldn't render #{hash.inspect} but it did!"
+  end
+
+end

data/templates/config.yml

@@ -0,0 +1,46 @@
+# If set to db, then use DB table to store gateways,
+# useful when your run many gateways on the same server.
+gateways_source: config
+
+gateways:
+  default:
+    pubkey: xpub-xxx # <- TODO: change this to your BIP32 pubkey
+    confirmations_required: 0
+    order_class: "StraightServer::Order"
+    secret: 'secret'
+    check_signature: false
+    callback_url: 'http://localhost:3000/my_app/payment_callback'
+    default_currency: 'BTC'
+
+    # The order matters here, we check for prices with the first adapter,
+    # if it fails, move on to the next
+    exchange_rate_adapters:
+      - Bitpay
+      - Coinbase
+      - Bitstamp
+
+logmaster:
+  log_level: INFO # Wise to change to WARN for production
+  file: straight.log
+  raise_exception: false 
+  name: Straight server logger
+
+  # These options bellow send you email whenever a FATAL error occurs.
+  # You probably want to uncomment them for production. See https://github.com/snitko/logmaste
+  # for various email options.
+  #
+  #email_config:
+    #to: 'me@email.foo',
+    #from: "logmaster@yourapp.com"
+
+db:
+  adapter: sqlite
+  name: straight.db # file is always located in ~/.straight
+
+  # No need to set these options for sqlite,
+  # but other DBs may require them.
+  #
+  #user: username
+  #password: password
+  #host: hostname
+  #port: 1234