stripe 10.9.0 → 10.10.0.pre.beta.1

data/lib/stripe/resources/quote_preview_subscription_schedule.rb

@@ -0,0 +1,11 @@
+# File generated from our OpenAPI spec
+# frozen_string_literal: true
+
+module Stripe
+  class QuotePreviewSubscriptionSchedule < APIResource
+    OBJECT_NAME = "quote_preview_subscription_schedule"
+    def self.object_name
+      "quote_preview_subscription_schedule"
+    end
+  end
+end

data/lib/stripe/resources/subscription_schedule.rb

@@ -15,6 +15,16 @@ module Stripe
       "subscription_schedule"
     end
 
+    # Amends an existing subscription schedule.
+    def amend(params = {}, opts = {})
+      request_stripe_object(
+        method: :post,
+        path: format("/v1/subscription_schedules/%<schedule>s/amend", { schedule: CGI.escape(self["id"]) }),
+        params: params,
+        opts: opts
+      )
+    end
+
     # Cancels a subscription schedule and its associated subscription immediately (if the subscription schedule has an active subscription). A subscription schedule can only be canceled if its status is not_started or active.
     def cancel(params = {}, opts = {})
       request_stripe_object(
@@ -35,6 +45,16 @@ module Stripe
       )
     end
 
+    # Amends an existing subscription schedule.
+    def self.amend(schedule, params = {}, opts = {})
+      request_stripe_object(
+        method: :post,
+        path: format("/v1/subscription_schedules/%<schedule>s/amend", { schedule: CGI.escape(schedule) }),
+        params: params,
+        opts: opts
+      )
+    end
+
     # Cancels a subscription schedule and its associated subscription immediately (if the subscription schedule has an active subscription). A subscription schedule can only be canceled if its status is not_started or active.
     def self.cancel(schedule, params = {}, opts = {})
       request_stripe_object(

data/lib/stripe/resources/tax/form.rb

@@ -0,0 +1,49 @@
+# File generated from our OpenAPI spec
+# frozen_string_literal: true
+
+module Stripe
+  module Tax
+    # Tax forms are legal documents which are delivered to one or more tax authorities for information reporting purposes.
+    #
+    # Related guide: [US tax reporting for Connect platforms](https://stripe.com/docs/connect/tax-reporting)
+    class Form < APIResource
+      extend Stripe::APIOperations::List
+
+      OBJECT_NAME = "tax.form"
+      def self.object_name
+        "tax.form"
+      end
+
+      # Download the PDF for a tax form.
+      def pdf(params = {}, opts = {}, &read_body_chunk_block)
+        config = opts[:client]&.config || Stripe.config
+        opts = { api_base: config.uploads_base }.merge(opts)
+        request_stream(
+          method: :get,
+          path: format("/v1/tax/forms/%<id>s/pdf", { id: CGI.escape(self["id"]) }),
+          params: params,
+          opts: opts,
+          &read_body_chunk_block
+        )
+      end
+
+      # Download the PDF for a tax form.
+      def self.pdf(id, params = {}, opts = {}, &read_body_chunk_block)
+        config = opts[:client]&.config || Stripe.config
+        opts = { api_base: config.uploads_base }.merge(opts)
+        execute_resource_request_stream(
+          :get,
+          format("/v1/tax/forms/%<id>s/pdf", { id: CGI.escape(id) }),
+          params,
+          opts,
+          &read_body_chunk_block
+        )
+      end
+
+      # Returns a list of tax forms which were previously created. The tax forms are returned in sorted order, with the oldest tax forms appearing first.
+      def self.list(filters = {}, opts = {})
+        request_stripe_object(method: :get, path: "/v1/tax/forms", params: filters, opts: opts)
+      end
+    end
+  end
+end

data/lib/stripe/resources/terminal/reader.rb

@@ -27,6 +27,36 @@ module Stripe
         )
       end
 
+      # Initiates an input collection flow on a Reader.
+      def collect_inputs(params = {}, opts = {})
+        request_stripe_object(
+          method: :post,
+          path: format("/v1/terminal/readers/%<reader>s/collect_inputs", { reader: CGI.escape(self["id"]) }),
+          params: params,
+          opts: opts
+        )
+      end
+
+      # Initiates a payment flow on a Reader and updates the PaymentIntent with card details before manual confirmation.
+      def collect_payment_method(params = {}, opts = {})
+        request_stripe_object(
+          method: :post,
+          path: format("/v1/terminal/readers/%<reader>s/collect_payment_method", { reader: CGI.escape(self["id"]) }),
+          params: params,
+          opts: opts
+        )
+      end
+
+      # Finalizes a payment on a Reader.
+      def confirm_payment_intent(params = {}, opts = {})
+        request_stripe_object(
+          method: :post,
+          path: format("/v1/terminal/readers/%<reader>s/confirm_payment_intent", { reader: CGI.escape(self["id"]) }),
+          params: params,
+          opts: opts
+        )
+      end
+
       # Initiates a payment flow on a Reader.
       def process_payment_intent(params = {}, opts = {})
         request_stripe_object(
@@ -77,6 +107,36 @@ module Stripe
         )
       end
 
+      # Initiates an input collection flow on a Reader.
+      def self.collect_inputs(reader, params = {}, opts = {})
+        request_stripe_object(
+          method: :post,
+          path: format("/v1/terminal/readers/%<reader>s/collect_inputs", { reader: CGI.escape(reader) }),
+          params: params,
+          opts: opts
+        )
+      end
+
+      # Initiates a payment flow on a Reader and updates the PaymentIntent with card details before manual confirmation.
+      def self.collect_payment_method(reader, params = {}, opts = {})
+        request_stripe_object(
+          method: :post,
+          path: format("/v1/terminal/readers/%<reader>s/collect_payment_method", { reader: CGI.escape(reader) }),
+          params: params,
+          opts: opts
+        )
+      end
+
+      # Finalizes a payment on a Reader.
+      def self.confirm_payment_intent(reader, params = {}, opts = {})
+        request_stripe_object(
+          method: :post,
+          path: format("/v1/terminal/readers/%<reader>s/confirm_payment_intent", { reader: CGI.escape(reader) }),
+          params: params,
+          opts: opts
+        )
+      end
+
       # Initiates a payment flow on a Reader.
       def self.process_payment_intent(reader, params = {}, opts = {})
         request_stripe_object(

data/lib/stripe/resources.rb

@@ -3,6 +3,7 @@
 
 require "stripe/resources/account"
 require "stripe/resources/account_link"
+require "stripe/resources/account_notice"
 require "stripe/resources/account_session"
 require "stripe/resources/apple_pay_domain"
 require "stripe/resources/application_fee"
@@ -14,6 +15,9 @@ require "stripe/resources/bank_account"
 require "stripe/resources/billing_portal/configuration"
 require "stripe/resources/billing_portal/session"
 require "stripe/resources/capability"
+require "stripe/resources/capital/financing_offer"
+require "stripe/resources/capital/financing_summary"
+require "stripe/resources/capital/financing_transaction"
 require "stripe/resources/card"
 require "stripe/resources/cash_balance"
 require "stripe/resources/charge"
@@ -21,6 +25,7 @@ require "stripe/resources/checkout/session"
 require "stripe/resources/climate/order"
 require "stripe/resources/climate/product"
 require "stripe/resources/climate/supplier"
+require "stripe/resources/confirmation_token"
 require "stripe/resources/country_spec"
 require "stripe/resources/coupon"
 require "stripe/resources/credit_note"
@@ -28,34 +33,47 @@ require "stripe/resources/credit_note_line_item"
 require "stripe/resources/customer"
 require "stripe/resources/customer_balance_transaction"
 require "stripe/resources/customer_cash_balance_transaction"
+require "stripe/resources/customer_entitlement"
+require "stripe/resources/customer_entitlement_summary"
 require "stripe/resources/customer_session"
 require "stripe/resources/discount"
 require "stripe/resources/dispute"
+require "stripe/resources/entitlements/event"
+require "stripe/resources/entitlements/feature"
 require "stripe/resources/ephemeral_key"
 require "stripe/resources/event"
 require "stripe/resources/exchange_rate"
 require "stripe/resources/file"
 require "stripe/resources/file_link"
 require "stripe/resources/financial_connections/account"
+require "stripe/resources/financial_connections/account_inferred_balance"
 require "stripe/resources/financial_connections/account_owner"
 require "stripe/resources/financial_connections/account_ownership"
 require "stripe/resources/financial_connections/session"
 require "stripe/resources/financial_connections/transaction"
 require "stripe/resources/funding_instructions"
+require "stripe/resources/gift_cards/card"
+require "stripe/resources/gift_cards/transaction"
 require "stripe/resources/identity/verification_report"
 require "stripe/resources/identity/verification_session"
 require "stripe/resources/invoice"
 require "stripe/resources/invoice_item"
 require "stripe/resources/invoice_line_item"
+require "stripe/resources/invoice_payment"
 require "stripe/resources/issuing/authorization"
 require "stripe/resources/issuing/card"
 require "stripe/resources/issuing/cardholder"
+require "stripe/resources/issuing/credit_underwriting_record"
 require "stripe/resources/issuing/dispute"
+require "stripe/resources/issuing/personalization_design"
+require "stripe/resources/issuing/physical_bundle"
 require "stripe/resources/issuing/token"
 require "stripe/resources/issuing/transaction"
 require "stripe/resources/line_item"
 require "stripe/resources/login_link"
 require "stripe/resources/mandate"
+require "stripe/resources/margin"
+require "stripe/resources/order"
 require "stripe/resources/payment_intent"
 require "stripe/resources/payment_link"
 require "stripe/resources/payment_method"
@@ -68,6 +86,9 @@ require "stripe/resources/price"
 require "stripe/resources/product"
 require "stripe/resources/promotion_code"
 require "stripe/resources/quote"
+require "stripe/resources/quote_phase"
+require "stripe/resources/quote_preview_invoice"
+require "stripe/resources/quote_preview_subscription_schedule"
 require "stripe/resources/radar/early_fraud_warning"
 require "stripe/resources/radar/value_list"
 require "stripe/resources/radar/value_list_item"
@@ -87,6 +108,7 @@ require "stripe/resources/subscription_item"
 require "stripe/resources/subscription_schedule"
 require "stripe/resources/tax/calculation"
 require "stripe/resources/tax/calculation_line_item"
+require "stripe/resources/tax/form"
 require "stripe/resources/tax/registration"
 require "stripe/resources/tax/settings"
 require "stripe/resources/tax/transaction"

data/lib/stripe/stripe_client.rb

@@ -209,9 +209,10 @@ module Stripe
     end
 
     def execute_request(method, path,
-                        api_base: nil, api_key: nil, headers: {}, params: {}, usage: [])
+                        api_base: nil, api_key: nil,
+                        headers: {}, params: {}, api_mode: nil, usage: [])
       http_resp, api_key = execute_request_internal(
-        method, path, api_base, api_key, headers, params, usage
+        method, path, api_base, api_key, headers, params, api_mode, usage
       )
 
       begin
@@ -242,6 +243,7 @@ module Stripe
     def execute_request_stream(method, path,
                                api_base: nil, api_key: nil, usage: [],
                                headers: {}, params: {},
+                               api_mode: nil,
                                &read_body_chunk_block)
       unless block_given?
         raise ArgumentError,
@@ -249,7 +251,8 @@ module Stripe
       end
 
       http_resp, api_key = execute_request_internal(
-        method, path, api_base, api_key, headers, params, usage, &read_body_chunk_block
+        method, path, api_base, api_key,
+        headers, params, api_mode, usage, &read_body_chunk_block
       )
 
       # When the read_body_chunk_block is given, we no longer have access to the
@@ -428,8 +431,8 @@ module Stripe
     end
 
     private def execute_request_internal(method, path,
-                                         api_base, api_key, headers, params, usage,
-                                         &read_body_chunk_block)
+                                         api_base, api_key, headers, params,
+                                         api_mode, usage, &read_body_chunk_block)
       raise ArgumentError, "method should be a symbol" \
       unless method.is_a?(Symbol)
       raise ArgumentError, "path should be a string" \
@@ -437,9 +440,10 @@ module Stripe
 
       api_base ||= config.api_base
       api_key ||= config.api_key
+      authenticator ||= config.authenticator
       params = Util.objects_to_ids(params)
 
-      check_api_key!(api_key)
+      check_keys!(api_key, authenticator)
 
       body_params = nil
       query_params = nil
@@ -452,8 +456,9 @@ module Stripe
 
       query_params, path = merge_query_params(query_params, path)
 
-      headers = request_headers(api_key, method)
+      headers = request_headers(api_key, method, api_mode)
                 .update(Util.normalize_headers(headers))
+
       url = api_url(path, api_base)
 
       # Merge given query parameters with any already encoded in the path.
@@ -464,13 +469,16 @@ module Stripe
       # a log-friendly variant of the encoded form. File objects are displayed
       # as such instead of as their file contents.
       body, body_log =
-        body_params ? encode_body(body_params, headers) : [nil, nil]
+        body_params ? encode_body(body_params, headers, api_mode) : [nil, nil]
+
+      authenticator.authenticate(method, headers, body) unless api_key
 
       # stores information on the request we're about to make so that we don't
       # have to pass as many parameters around for logging.
       context = RequestLogContext.new
       context.account         = headers["Stripe-Account"]
       context.api_key         = api_key
+      context.authenticator   = authenticator
       context.api_version     = headers["Stripe-Version"]
       context.body            = body_log
       context.idempotency_key = headers["Idempotency-Key"]
@@ -507,8 +515,16 @@ module Stripe
       (api_base || config.api_base) + url
     end
 
-    private def check_api_key!(api_key)
-      unless api_key
+    private def check_keys!(api_key, authenticator)
+      if api_key && authenticator
+        raise AuthenticationError, "Can't specify both API key " \
+                                   "and authenticator. Either set your API key" \
+                                   'using "Stripe.api_key = <API-KEY>", or set your authenticator ' \
+                                   'using "Stripe.authenticator = <AUTHENTICATOR>"' \
+      end
+
+      unless api_key || authenticator
+        # Default to missing API key error message for general users.
         raise AuthenticationError, "No API key provided. " \
                                    'Set your API key using "Stripe.api_key = <API-KEY>". ' \
                                    "You can generate API keys from the Stripe web interface. " \
@@ -527,7 +543,7 @@ module Stripe
     # Encodes a set of body parameters using multipart if `Content-Type` is set
     # for that, or standard form-encoding otherwise. Returns the encoded body
     # and a version of the encoded body that's safe to be logged.
-    private def encode_body(body_params, headers)
+    private def encode_body(body_params, headers, api_mode)
       body = nil
       flattened_params = Util.flatten_params(body_params)
 
@@ -543,15 +559,22 @@ module Stripe
         flattened_params =
           flattened_params.map { |k, v| [k, v.is_a?(String) ? v : v.to_s] }.to_h
 
+      elsif api_mode == :preview
+        body = JSON.generate(body_params)
+        headers["Content-Type"] = "application/json"
       else
         body = Util.encode_parameters(body_params)
       end
 
-      # We don't use `Util.encode_parameters` partly as an optimization (to not
-      # redo work we've already done), and partly because the encoded forms of
-      # certain characters introduce a lot of visual noise and it's nice to
-      # have a clearer format for logs.
-      body_log = flattened_params.map { |k, v| "#{k}=#{v}" }.join("&")
+      body_log = if api_mode == :preview
+                   body
+                 else
+                   # We don't use `Util.encode_parameters` partly as an optimization (to
+                   # not redo work we've already done), and partly because the encoded
+                   # forms of certain characters introduce a lot of visual noise and it's
+                   # nice to have a clearer format for logs.
+                   flattened_params.map { |k, v| "#{k}=#{v}" }.join("&")
+                 end
 
       [body, body_log]
     end
@@ -738,10 +761,11 @@ module Stripe
     end
 
     private def specific_api_error(resp, error_data, context)
+      message = error_data[:message]
       Util.log_error("Stripe API error",
                      status: resp.http_status,
                      error_code: error_data[:code],
-                     error_message: error_data[:message],
+                     error_message: message,
                      error_param: error_data[:param],
                      error_type: error_data[:type],
                      idempotency_key: context.idempotency_key,
@@ -762,26 +786,26 @@ module Stripe
       when 400, 404
         case error_data[:type]
         when "idempotency_error"
-          IdempotencyError.new(error_data[:message], **opts)
+          IdempotencyError.new(message, **opts)
         else
           InvalidRequestError.new(
-            error_data[:message], error_data[:param],
+            message, error_data[:param],
             **opts
           )
         end
       when 401
-        AuthenticationError.new(error_data[:message], **opts)
+        AuthenticationError.new(message, **opts)
       when 402
         CardError.new(
-          error_data[:message], error_data[:param],
+          message, error_data[:param],
           **opts
         )
       when 403
-        PermissionError.new(error_data[:message], **opts)
+        PermissionError.new(message, **opts)
       when 429
-        RateLimitError.new(error_data[:message], **opts)
+        RateLimitError.new(message, **opts)
       else
-        APIError.new(error_data[:message], **opts)
+        APIError.new(message, **opts)
       end
     end
 
@@ -849,16 +873,20 @@ module Stripe
             message + "\n\n(Network error: #{error.message})"
     end
 
-    private def request_headers(api_key, method)
+    private def request_headers(api_key, method, api_mode)
       user_agent = "Stripe/v1 RubyBindings/#{Stripe::VERSION}"
       user_agent += " " + format_app_info(Stripe.app_info) unless Stripe.app_info.nil?
 
       headers = {
         "User-Agent" => user_agent,
         "Authorization" => "Bearer #{api_key}",
-        "Content-Type" => "application/x-www-form-urlencoded",
       }
 
+      if api_mode != :preview
+        # TODO: (major) don't set Content-Type if method is not post
+        headers["Content-Type"] = "application/x-www-form-urlencoded"
+      end
+
       if config.enable_telemetry? && !@last_request_metrics.nil?
         headers["X-Stripe-Client-Telemetry"] = JSON.generate(
           last_request_metrics: @last_request_metrics.payload
@@ -871,7 +899,12 @@ module Stripe
         headers["Idempotency-Key"] ||= SecureRandom.uuid
       end
 
-      headers["Stripe-Version"] = config.api_version if config.api_version
+      if api_mode == :preview
+        headers["Stripe-Version"] = ApiVersion::PREVIEW
+      elsif config.api_version
+        headers["Stripe-Version"] = config.api_version
+      end
+
       headers["Stripe-Account"] = config.stripe_account if config.stripe_account
 
       user_agent = @system_profiler.user_agent
@@ -954,7 +987,8 @@ module Stripe
     # that we can log certain information. It's useful because it means that we
     # don't have to pass around as many parameters.
     class RequestLogContext
-      attr_accessor :body, :account, :api_key, :api_version, :idempotency_key, :method, :path, :query, :request_id
+      attr_accessor :body, :account, :api_key, :authenticator, :api_version, :idempotency_key, :method, :path, :query,
+                    :request_id
 
       # The idea with this method is that we might want to update some of
       # context information because a response that we've received from the API

data/lib/stripe/stripe_configuration.rb

@@ -25,7 +25,7 @@ module Stripe
   # If `.logger` is set, the value of `.log_level` is ignored. The decision on
   # what levels to print is entirely deferred to the logger.
   class StripeConfiguration
-    attr_accessor :api_key, :api_version, :client_id, :enable_telemetry, :logger, :stripe_account
+    attr_accessor :api_key, :api_version, :authenticator, :client_id, :enable_telemetry, :logger, :stripe_account
 
     attr_reader :api_base, :uploads_base, :connect_base, :ca_bundle_path, :log_level, :initial_network_retry_delay,
                 # rubocop:todo Layout/LineLength
@@ -50,6 +50,7 @@ module Stripe
 
     def initialize
       @api_version = ApiVersion::CURRENT
+
       @ca_bundle_path = Stripe::DEFAULT_CA_BUNDLE_PATH
       @enable_telemetry = true
       @verify_ssl_certs = true

data/lib/stripe/util.rb

@@ -7,6 +7,7 @@ module Stripe
     # Options that a user is allowed to specify.
     OPTS_USER_SPECIFIED = Set[
       :api_key,
+      :authenticator,
       :idempotency_key,
       :stripe_account,
       :stripe_version
@@ -279,7 +280,13 @@ module Stripe
       when String
         { api_key: opts }
       when Hash
-        check_api_key!(opts.fetch(:api_key)) if opts.key?(:api_key)
+        # If the user is using request signing for authentication,
+        # no need to check the api_key per request.
+        if !(opts.key?(:client) &&
+           opts.fetch(:client).config.authenticator) &&
+           opts.key?(:api_key)
+          check_api_key!(opts.fetch(:api_key))
+        end
         # Explicitly use dup here instead of clone to avoid preserving freeze
         # state on input params.
         opts.dup

data/lib/stripe/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Stripe
-  VERSION = "10.9.0"
+  VERSION = "10.10.0-beta.1"
 end

data/lib/stripe.rb

@@ -13,6 +13,7 @@ require "set"
 require "socket"
 require "uri"
 require "forwardable"
+require "base64"
 
 # Version
 require "stripe/api_version"
@@ -45,6 +46,7 @@ require "stripe/api_resource_test_helpers"
 require "stripe/singleton_api_resource"
 require "stripe/webhook"
 require "stripe/stripe_configuration"
+require "stripe/request_signing_authenticator"
 
 # Named API resources
 require "stripe/resources"
@@ -71,6 +73,7 @@ module Stripe
 
     # User configurable options
     def_delegators :@config, :api_key, :api_key=
+    def_delegators :@config, :authenticator, :authenticator=
     def_delegators :@config, :api_version, :api_version=
     def_delegators :@config, :stripe_account, :stripe_account=
     def_delegators :@config, :api_base, :api_base=
@@ -117,6 +120,49 @@ module Stripe
       version: version,
     }
   end
+
+  class Preview
+    def self._get_default_opts(opts)
+      { api_mode: :preview }.merge(opts)
+    end
+
+    def self.get(url, opts = {})
+      Stripe.raw_request(:get, url, {}, _get_default_opts(opts))
+    end
+
+    def self.post(url, params = {}, opts = {})
+      Stripe.raw_request(:post, url, params, _get_default_opts(opts))
+    end
+
+    def self.delete(url, opts = {})
+      Stripe.raw_request(:delete, url, {}, _get_default_opts(opts))
+    end
+  end
+
+  class RawRequest
+    include Stripe::APIOperations::Request
+
+    def initialize
+      @opts = {}
+    end
+
+    def execute(method, url, params = {}, opts = {}, usage = [])
+      resp, = execute_resource_request(method, url, params, opts, usage)
+
+      resp
+    end
+  end
+
+  # Sends a request to Stripe REST API
+  def self.raw_request(method, url, params = {}, opts = {})
+    req = RawRequest.new
+    req.execute(method, url, params, opts, ["raw_request"])
+  end
+
+  def self.deserialize(data)
+    data = JSON.parse(data) if data.is_a?(String)
+    Util.convert_to_stripe_object(data, {})
+  end
 end
 
 Stripe.log_level = ENV["STRIPE_LOG"] unless ENV["STRIPE_LOG"].nil?