stripe 1.18.0 → 1.30.0

data/lib/stripe.rb

@@ -1,9 +1,12 @@
 # Stripe Ruby bindings
 # API spec at https://stripe.com/docs/api
 require 'cgi'
-require 'set'
 require 'openssl'
-require 'rest_client'
+require 'rbconfig'
+require 'set'
+require 'socket'
+
+require 'rest-client'
 require 'json'
 
 # Version
@@ -14,6 +17,7 @@ require 'stripe/api_operations/create'
 require 'stripe/api_operations/update'
 require 'stripe/api_operations/delete'
 require 'stripe/api_operations/list'
+require 'stripe/api_operations/request'
 
 # Resources
 require 'stripe/util'
@@ -25,7 +29,6 @@ require 'stripe/account'
 require 'stripe/balance'
 require 'stripe/balance_transaction'
 require 'stripe/customer'
-require 'stripe/certificate_blacklist'
 require 'stripe/invoice'
 require 'stripe/invoice_item'
 require 'stripe/charge'
@@ -36,13 +39,19 @@ require 'stripe/token'
 require 'stripe/event'
 require 'stripe/transfer'
 require 'stripe/recipient'
+require 'stripe/bank_account'
 require 'stripe/card'
 require 'stripe/subscription'
 require 'stripe/application_fee'
 require 'stripe/refund'
+require 'stripe/reversal'
 require 'stripe/application_fee_refund'
 require 'stripe/bitcoin_receiver'
 require 'stripe/bitcoin_transaction'
+require 'stripe/dispute'
+require 'stripe/product'
+require 'stripe/sku'
+require 'stripe/order'
 
 # Errors
 require 'stripe/errors/stripe_error'
@@ -51,19 +60,24 @@ require 'stripe/errors/api_connection_error'
 require 'stripe/errors/card_error'
 require 'stripe/errors/invalid_request_error'
 require 'stripe/errors/authentication_error'
+require 'stripe/errors/rate_limit_error'
 
 module Stripe
   DEFAULT_CA_BUNDLE_PATH = File.dirname(__FILE__) + '/data/ca-certificates.crt'
+
   @api_base = 'https://api.stripe.com'
   @connect_base = 'https://connect.stripe.com'
+  @uploads_base = 'https://uploads.stripe.com'
 
   @ssl_bundle_path  = DEFAULT_CA_BUNDLE_PATH
   @verify_ssl_certs = true
-  @CERTIFICATE_VERIFIED = false
 
+  @open_timeout = 30
+  @read_timeout = 80
 
   class << self
-    attr_accessor :api_key, :api_base, :verify_ssl_certs, :api_version, :connect_base
+    attr_accessor :api_key, :api_base, :verify_ssl_certs, :api_version, :connect_base, :uploads_base,
+                  :open_timeout, :read_timeout
   end
 
   def self.api_url(url='', api_base_url=nil)
@@ -74,29 +88,31 @@ module Stripe
     api_base_url = api_base_url || @api_base
 
     unless api_key ||= @api_key
-      raise AuthenticationError.new('No API key provided. ' +
-        'Set your API key using "Stripe.api_key = <API-KEY>". ' +
-        'You can generate API keys from the Stripe web interface. ' +
-        'See https://stripe.com/api for details, or email support@stripe.com ' +
+      raise AuthenticationError.new('No API key provided. ' \
+        'Set your API key using "Stripe.api_key = <API-KEY>". ' \
+        'You can generate API keys from the Stripe web interface. ' \
+        'See https://stripe.com/api for details, or email support@stripe.com ' \
         'if you have any questions.')
     end
 
     if api_key =~ /\s/
-      raise AuthenticationError.new('Your API key is invalid, as it contains ' +
-        'whitespace. (HINT: You can double-check your API key from the ' +
-        'Stripe web interface. See https://stripe.com/api for details, or ' +
+      raise AuthenticationError.new('Your API key is invalid, as it contains ' \
+        'whitespace. (HINT: You can double-check your API key from the ' \
+        'Stripe web interface. See https://stripe.com/api for details, or ' \
         'email support@stripe.com if you have any questions.)')
     end
 
-    request_opts = { :verify_ssl => false }
-
-    if ssl_preflight_passed?
-      request_opts.update(:verify_ssl => OpenSSL::SSL::VERIFY_PEER,
-                          :ssl_ca_file => @ssl_bundle_path)
-    end
-
-    if @verify_ssl_certs and !@CERTIFICATE_VERIFIED
-      @CERTIFICATE_VERIFIED = CertificateBlacklist.check_ssl_cert(api_base_url, @ssl_bundle_path)
+    if verify_ssl_certs
+      request_opts = {:verify_ssl => OpenSSL::SSL::VERIFY_PEER,
+                      :ssl_ca_file => @ssl_bundle_path}
+    else
+      request_opts = {:verify_ssl => false}
+      unless @verify_ssl_warned
+        @verify_ssl_warned = true
+        $stderr.puts("WARNING: Running without SSL cert verification. " \
+          "You should never do this in production. " \
+          "Execute 'Stripe.verify_ssl_certs = true' to enable verification.")
+      end
     end
 
     params = Util.objects_to_ids(params)
@@ -105,19 +121,19 @@ module Stripe
     case method.to_s.downcase.to_sym
     when :get, :head, :delete
       # Make params into GET parameters
-      url += "#{URI.parse(url).query ? '&' : '?'}#{uri_encode(params)}" if params && params.any?
+      url += "#{URI.parse(url).query ? '&' : '?'}#{Util.encode_parameters(params)}" if params && params.any?
       payload = nil
     else
       if headers[:content_type] && headers[:content_type] == "multipart/form-data"
         payload = params
       else
-        payload = uri_encode(params)
+        payload = Util.encode_parameters(params)
       end
     end
 
     request_opts.update(:headers => request_headers(api_key).update(headers),
-                        :method => method, :open_timeout => 30,
-                        :payload => payload, :url => url, :timeout => 80)
+                        :method => method, :open_timeout => open_timeout,
+                        :payload => payload, :url => url, :timeout => read_timeout)
 
     begin
       response = execute_request(request_opts)
@@ -132,8 +148,8 @@ module Stripe
         raise
       end
     rescue RestClient::ExceptionWithResponse => e
-      if rcode = e.http_code and rbody = e.http_body
-        handle_api_error(rcode, rbody)
+      if e.response
+        handle_api_error(e.response)
       else
         handle_restclient_error(e, api_base_url)
       end
@@ -146,23 +162,6 @@ module Stripe
 
   private
 
-  def self.ssl_preflight_passed?
-    if !verify_ssl_certs && !@no_verify
-      $stderr.puts "WARNING: Running without SSL cert verification. " +
-        "Execute 'Stripe.verify_ssl_certs = true' to enable verification."
-
-      @no_verify = true
-
-    elsif !Util.file_readable(@ssl_bundle_path) && !@no_bundle
-      $stderr.puts "WARNING: Running without SSL cert verification " +
-        "because #{@ssl_bundle_path} isn't readable"
-
-      @no_bundle = true
-    end
-
-    !(@no_verify || @no_bundle)
-  end
-
   def self.user_agent
     @uname ||= get_uname
     lang_version = "#{RUBY_VERSION} p#{RUBY_PATCHLEVEL} (#{RUBY_RELEASE_DATE})"
@@ -172,21 +171,48 @@ module Stripe
       :lang => 'ruby',
       :lang_version => lang_version,
       :platform => RUBY_PLATFORM,
+      :engine => defined?(RUBY_ENGINE) ? RUBY_ENGINE : '',
       :publisher => 'stripe',
-      :uname => @uname
+      :uname => @uname,
+      :hostname => Socket.gethostname,
     }
 
   end
 
   def self.get_uname
-    `uname -a 2>/dev/null`.strip if RUBY_PLATFORM =~ /linux|darwin/i
-  rescue Errno::ENOMEM => ex # couldn't create subprocess
+    if File.exist?('/proc/version')
+      File.read('/proc/version').strip
+    else
+      case RbConfig::CONFIG['host_os']
+      when /linux|darwin|bsd|sunos|solaris|cygwin/i
+        _uname_uname
+      when /mswin|mingw/i
+        _uname_ver
+      else
+        "unknown platform"
+      end
+    end
+  end
+
+  def self._uname_uname
+    (`uname -a 2>/dev/null` || '').strip
+  rescue Errno::ENOMEM # couldn't create subprocess
     "uname lookup failed"
   end
 
+  def self._uname_ver
+    (`ver` || '').strip
+  rescue Errno::ENOMEM # couldn't create subprocess
+    "uname lookup failed"
+  end
+
+  # DEPRECATED. Use `Util#encode_parameters` instead.
   def self.uri_encode(params)
-    Util.flatten_params(params).
-      map { |k,v| "#{k}=#{Util.url_encode(v)}" }.join('&')
+    Util.encode_parameters(params)
+  end
+  class << self
+    extend Gem::Deprecate
+    deprecate :uri_encode, "Stripe::Util#encode_parameters", 2016, 01
   end
 
   def self.request_headers(api_key)
@@ -227,45 +253,54 @@ module Stripe
                  "(HTTP response code was #{rcode})", rcode, rbody)
   end
 
-  def self.handle_api_error(rcode, rbody)
+  def self.handle_api_error(resp)
     begin
-      error_obj = JSON.parse(rbody)
+      error_obj = JSON.parse(resp.body)
       error_obj = Util.symbolize_names(error_obj)
-      error = error_obj[:error] or raise StripeError.new # escape from parsing
+      error = error_obj[:error]
+      raise StripeError.new unless error && error.is_a?(Hash)
 
     rescue JSON::ParserError, StripeError
-      raise general_api_error(rcode, rbody)
+      raise general_api_error(resp.code, resp.body)
     end
 
-    case rcode
+    case resp.code
     when 400, 404
-      raise invalid_request_error error, rcode, rbody, error_obj
+      raise invalid_request_error(error, resp, error_obj)
     when 401
-      raise authentication_error error, rcode, rbody, error_obj
+      raise authentication_error(error, resp, error_obj)
     when 402
-      raise card_error error, rcode, rbody, error_obj
+      raise card_error(error, resp, error_obj)
+    when 429
+      raise rate_limit_error(error, resp, error_obj)
     else
-      raise api_error error, rcode, rbody, error_obj
+      raise api_error(error, resp, error_obj)
     end
 
   end
 
-  def self.invalid_request_error(error, rcode, rbody, error_obj)
-    InvalidRequestError.new(error[:message], error[:param], rcode,
-                            rbody, error_obj)
+  def self.invalid_request_error(error, resp, error_obj)
+    InvalidRequestError.new(error[:message], error[:param], resp.code,
+                            resp.body, error_obj, resp.headers)
+  end
+
+  def self.authentication_error(error, resp, error_obj)
+    AuthenticationError.new(error[:message], resp.code, resp.body, error_obj,
+                            resp.headers)
   end
 
-  def self.authentication_error(error, rcode, rbody, error_obj)
-    AuthenticationError.new(error[:message], rcode, rbody, error_obj)
+  def self.rate_limit_error(error, resp, error_obj)
+    RateLimitError.new(error[:message], resp.code, resp.body, error_obj,
+                       resp.headers)
   end
 
-  def self.card_error(error, rcode, rbody, error_obj)
+  def self.card_error(error, resp, error_obj)
     CardError.new(error[:message], error[:param], error[:code],
-                  rcode, rbody, error_obj)
+                  resp.code, resp.body, error_obj, resp.headers)
   end
 
-  def self.api_error(error, rcode, rbody, error_obj)
-    APIError.new(error[:message], rcode, rbody, error_obj)
+  def self.api_error(error, resp, error_obj)
+    APIError.new(error[:message], resp.code, resp.body, error_obj, resp.headers)
   end
 
   def self.handle_restclient_error(e, api_base_url=nil)

data/stripe.gemspec

@@ -13,14 +13,12 @@ spec = Gem::Specification.new do |s|
   s.license = 'MIT'
 
   s.add_dependency('rest-client', '~> 1.4')
-  s.add_dependency('mime-types', '>= 1.25', '< 3.0')
   s.add_dependency('json', '~> 1.8.1')
 
   s.add_development_dependency('mocha', '~> 0.13.2')
   s.add_development_dependency('shoulda', '~> 3.4.0')
   s.add_development_dependency('test-unit')
   s.add_development_dependency('rake')
-  s.add_development_dependency('pry')
 
   s.files = `git ls-files`.split("\n")
   s.test_files    = `git ls-files -- test/*`.split("\n")

data/test/stripe/account_test.rb

@@ -2,25 +2,154 @@ require File.expand_path('../../test_helper', __FILE__)
 
 module Stripe
   class AccountTest < Test::Unit::TestCase
-    should "account should be retrievable" do
-      resp = {:email => "test+bindings@stripe.com", :charge_enabled => false, :details_submitted => false}
-      @mock.expects(:get).once.returns(test_response(resp))
+    should "be retrievable" do
+      resp = make_account({
+        :charges_enabled => false,
+        :details_submitted => false,
+        :email => "test+bindings@stripe.com",
+      })
+      @mock.expects(:get).
+        once.
+        with('https://api.stripe.com/v1/account', nil, nil).
+        returns(make_response(resp))
       a = Stripe::Account.retrieve
       assert_equal "test+bindings@stripe.com", a.email
-      assert !a.charge_enabled
+      assert !a.charges_enabled
       assert !a.details_submitted
     end
 
+    should "be retrievable via plural endpoint" do
+      resp = make_account({
+        :charges_enabled => false,
+        :details_submitted => false,
+        :email => "test+bindings@stripe.com",
+      })
+      @mock.expects(:get).
+        once.
+        with('https://api.stripe.com/v1/accounts/acct_foo', nil, nil).
+        returns(make_response(resp))
+      a = Stripe::Account.retrieve('acct_foo')
+      assert_equal "test+bindings@stripe.com", a.email
+      assert !a.charges_enabled
+      assert !a.details_submitted
+    end
+
+    should "be retrievable using an API key as the only argument" do
+      account = mock
+      Stripe::Account.expects(:new).once.with(nil, {:api_key => 'sk_foobar'}).returns(account)
+      account.expects(:refresh).once
+      Stripe::Account.retrieve('sk_foobar')
+    end
+
+    should "allow access to keys by method" do
+      account = Stripe::Account.construct_from(make_account({
+        :keys => {
+          :publishable => 'publishable-key',
+          :secret => 'secret-key',
+        }
+      }))
+      assert_equal 'publishable-key', account.keys.publishable
+      assert_equal 'secret-key', account.keys.secret
+    end
+
+    should "be updatable" do
+      resp = {
+        :id => 'acct_foo',
+        :legal_entity => {
+          :address => {
+            :line1 => '1 Two Three'
+          }
+        }
+      }
+      @mock.expects(:get).
+        once.
+        with('https://api.stripe.com/v1/accounts/acct_foo', nil, nil).
+        returns(make_response(resp))
+
+      @mock.expects(:post).
+        once.
+        with('https://api.stripe.com/v1/accounts/acct_foo', nil, 'legal_entity[address][line1]=2+Three+Four&legal_entity[first_name]=Bob').
+        returns(make_response(resp))
+
+      a = Stripe::Account.retrieve('acct_foo')
+      a.legal_entity.first_name = 'Bob'
+      a.legal_entity.address.line1 = '2 Three Four'
+      a.save
+    end
+
+    should 'disallow direct overrides of legal_entity' do
+      account = Stripe::Account.construct_from(make_account({
+        :keys => {
+          :publishable => 'publishable-key',
+          :secret => 'secret-key',
+        },
+        :legal_entity => {
+          :first_name => 'Bling'
+        }
+      }))
+
+      assert_raise NoMethodError do
+        account.legal_entity = {:first_name => 'Blah'}
+      end
+
+      account.legal_entity.first_name = 'Blah'
+    end
+
     should "be able to deauthorize an account" do
       resp = {:id => 'acct_1234', :email => "test+bindings@stripe.com", :charge_enabled => false, :details_submitted => false}
-      @mock.expects(:get).once.returns(test_response(resp))
+      @mock.expects(:get).once.returns(make_response(resp))
       a = Stripe::Account.retrieve
 
 
       @mock.expects(:post).once.with do |url, api_key, params|
         url == "#{Stripe.connect_base}/oauth/deauthorize" && api_key.nil? && CGI.parse(params) == { 'client_id' => [ 'ca_1234' ], 'stripe_user_id' => [ a.id ]}
-      end.returns(test_response({ 'stripe_user_id' => a.id }))
+      end.returns(make_response({ 'stripe_user_id' => a.id }))
       a.deauthorize('ca_1234', 'sk_test_1234')
     end
+
+    should "reject nil api keys" do
+      assert_raise TypeError do
+        Stripe::Account.retrieve(nil)
+      end
+      assert_raise TypeError do
+        Stripe::Account.retrieve(:api_key => nil)
+      end
+    end
+
+    should "be able to create a bank account" do
+      resp = {
+        :id => 'acct_1234',
+        :external_accounts => {
+          :object => "list",
+          :url => "/v1/accounts/acct_1234/external_accounts",
+          :data => [],
+        }
+      }
+      @mock.expects(:get).once.returns(make_response(resp))
+      a = Stripe::Account.retrieve
+
+      @mock.expects(:post).
+        once.
+        with('https://api.stripe.com/v1/accounts/acct_1234/external_accounts', nil, 'external_account=btok_1234').
+        returns(make_response(resp))
+      a.external_accounts.create({:external_account => 'btok_1234'})
+    end
+
+    should "be able to retrieve a bank account" do
+      resp = {
+        :id => 'acct_1234',
+        :external_accounts => {
+          :object => "list",
+          :url => "/v1/accounts/acct_1234/external_accounts",
+          :data => [{
+            :id => "ba_1234",
+            :object => "bank_account",
+          }],
+        }
+      }
+      @mock.expects(:get).once.returns(make_response(resp))
+      a = Stripe::Account.retrieve
+      assert_equal(BankAccount, a.external_accounts.data[0].class)
+    end
   end
 end