stripe 3.3.1 → 5.38.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (205) hide show
  1. checksums.yaml +5 -5
  2. data/CHANGELOG.md +962 -0
  3. data/CODE_OF_CONDUCT.md +77 -0
  4. data/Gemfile +24 -22
  5. data/History.txt +1 -689
  6. data/README.md +202 -55
  7. data/Rakefile +18 -12
  8. data/VERSION +1 -1
  9. data/bin/stripe-console +5 -3
  10. data/lib/stripe/api_operations/create.rb +4 -2
  11. data/lib/stripe/api_operations/delete.rb +31 -3
  12. data/lib/stripe/api_operations/list.rb +4 -13
  13. data/lib/stripe/api_operations/nested_resource.rb +73 -0
  14. data/lib/stripe/api_operations/request.rb +84 -17
  15. data/lib/stripe/api_operations/save.rb +25 -13
  16. data/lib/stripe/api_resource.rb +70 -11
  17. data/lib/stripe/connection_manager.rb +179 -0
  18. data/lib/stripe/error_object.rb +93 -0
  19. data/lib/stripe/errors.rb +47 -19
  20. data/lib/stripe/instrumentation.rb +84 -0
  21. data/lib/stripe/list_object.rb +54 -22
  22. data/lib/stripe/multipart_encoder.rb +131 -0
  23. data/lib/stripe/oauth.rb +29 -20
  24. data/lib/stripe/object_types.rb +107 -0
  25. data/lib/stripe/{account.rb → resources/account.rb} +70 -36
  26. data/lib/stripe/resources/account_link.rb +10 -0
  27. data/lib/stripe/resources/alipay_account.rb +34 -0
  28. data/lib/stripe/{apple_pay_domain.rb → resources/apple_pay_domain.rb} +5 -2
  29. data/lib/stripe/resources/application_fee.rb +14 -0
  30. data/lib/stripe/resources/application_fee_refund.rb +31 -0
  31. data/lib/stripe/resources/balance.rb +8 -0
  32. data/lib/stripe/resources/balance_transaction.rb +10 -0
  33. data/lib/stripe/resources/bank_account.rb +43 -0
  34. data/lib/stripe/resources/billing_portal/configuration.rb +14 -0
  35. data/lib/stripe/resources/billing_portal/session.rb +12 -0
  36. data/lib/stripe/{bitcoin_receiver.rb → resources/bitcoin_receiver.rb} +7 -5
  37. data/lib/stripe/resources/bitcoin_transaction.rb +16 -0
  38. data/lib/stripe/resources/capability.rb +34 -0
  39. data/lib/stripe/resources/card.rb +38 -0
  40. data/lib/stripe/resources/charge.rb +23 -0
  41. data/lib/stripe/resources/checkout/session.rb +16 -0
  42. data/lib/stripe/resources/country_spec.rb +10 -0
  43. data/lib/stripe/{coupon.rb → resources/coupon.rb} +5 -2
  44. data/lib/stripe/resources/credit_note.rb +33 -0
  45. data/lib/stripe/resources/credit_note_line_item.rb +8 -0
  46. data/lib/stripe/resources/customer.rb +41 -0
  47. data/lib/stripe/resources/customer_balance_transaction.rb +31 -0
  48. data/lib/stripe/resources/discount.rb +7 -0
  49. data/lib/stripe/resources/dispute.rb +22 -0
  50. data/lib/stripe/resources/ephemeral_key.rb +20 -0
  51. data/lib/stripe/resources/event.rb +10 -0
  52. data/lib/stripe/resources/exchange_rate.rb +10 -0
  53. data/lib/stripe/resources/file.rb +36 -0
  54. data/lib/stripe/resources/file_link.rb +12 -0
  55. data/lib/stripe/resources/identity/verification_report.rb +12 -0
  56. data/lib/stripe/resources/identity/verification_session.rb +35 -0
  57. data/lib/stripe/resources/invoice.rb +74 -0
  58. data/lib/stripe/{invoice_item.rb → resources/invoice_item.rb} +5 -2
  59. data/lib/stripe/resources/invoice_line_item.rb +8 -0
  60. data/lib/stripe/resources/issuing/authorization.rb +34 -0
  61. data/lib/stripe/resources/issuing/card.rb +25 -0
  62. data/lib/stripe/resources/issuing/card_details.rb +9 -0
  63. data/lib/stripe/resources/issuing/cardholder.rb +14 -0
  64. data/lib/stripe/resources/issuing/dispute.rb +25 -0
  65. data/lib/stripe/resources/issuing/transaction.rb +13 -0
  66. data/lib/stripe/resources/line_item.rb +8 -0
  67. data/lib/stripe/resources/login_link.rb +15 -0
  68. data/lib/stripe/resources/mandate.rb +8 -0
  69. data/lib/stripe/resources/order.rb +33 -0
  70. data/lib/stripe/resources/order_return.rb +10 -0
  71. data/lib/stripe/resources/payment_intent.rb +43 -0
  72. data/lib/stripe/resources/payment_method.rb +33 -0
  73. data/lib/stripe/resources/payout.rb +33 -0
  74. data/lib/stripe/resources/person.rb +32 -0
  75. data/lib/stripe/{plan.rb → resources/plan.rb} +4 -1
  76. data/lib/stripe/resources/price.rb +12 -0
  77. data/lib/stripe/{product.rb → resources/product.rb} +6 -3
  78. data/lib/stripe/resources/promotion_code.rb +12 -0
  79. data/lib/stripe/resources/quote.rb +105 -0
  80. data/lib/stripe/resources/radar/early_fraud_warning.rb +12 -0
  81. data/lib/stripe/resources/radar/value_list.rb +15 -0
  82. data/lib/stripe/resources/radar/value_list_item.rb +14 -0
  83. data/lib/stripe/resources/recipient.rb +14 -0
  84. data/lib/stripe/resources/recipient_transfer.rb +7 -0
  85. data/lib/stripe/{refund.rb → resources/refund.rb} +4 -1
  86. data/lib/stripe/resources/reporting/report_run.rb +13 -0
  87. data/lib/stripe/resources/reporting/report_type.rb +13 -0
  88. data/lib/stripe/resources/reversal.rb +30 -0
  89. data/lib/stripe/resources/review.rb +21 -0
  90. data/lib/stripe/resources/setup_attempt.rb +10 -0
  91. data/lib/stripe/resources/setup_intent.rb +33 -0
  92. data/lib/stripe/resources/sigma/scheduled_query_run.rb +16 -0
  93. data/lib/stripe/{sku.rb → resources/sku.rb} +6 -3
  94. data/lib/stripe/resources/source.rb +47 -0
  95. data/lib/stripe/resources/source_transaction.rb +7 -0
  96. data/lib/stripe/resources/subscription.rb +26 -0
  97. data/lib/stripe/resources/subscription_item.rb +26 -0
  98. data/lib/stripe/resources/subscription_schedule.rb +33 -0
  99. data/lib/stripe/resources/tax_code.rb +10 -0
  100. data/lib/stripe/resources/tax_id.rb +27 -0
  101. data/lib/stripe/resources/tax_rate.rb +12 -0
  102. data/lib/stripe/resources/terminal/connection_token.rb +12 -0
  103. data/lib/stripe/resources/terminal/location.rb +15 -0
  104. data/lib/stripe/resources/terminal/reader.rb +15 -0
  105. data/lib/stripe/{three_d_secure.rb → resources/three_d_secure.rb} +4 -1
  106. data/lib/stripe/resources/token.rb +10 -0
  107. data/lib/stripe/resources/topup.rb +23 -0
  108. data/lib/stripe/resources/transfer.rb +27 -0
  109. data/lib/stripe/resources/usage_record.rb +8 -0
  110. data/lib/stripe/resources/usage_record_summary.rb +8 -0
  111. data/lib/stripe/{recipient.rb → resources/webhook_endpoint.rb} +6 -7
  112. data/lib/stripe/resources.rb +90 -0
  113. data/lib/stripe/singleton_api_resource.rb +10 -4
  114. data/lib/stripe/stripe_client.rb +798 -346
  115. data/lib/stripe/stripe_configuration.rb +194 -0
  116. data/lib/stripe/stripe_object.rb +271 -126
  117. data/lib/stripe/stripe_response.rb +89 -27
  118. data/lib/stripe/util.rb +134 -194
  119. data/lib/stripe/version.rb +3 -1
  120. data/lib/stripe/webhook.rb +57 -18
  121. data/lib/stripe.rb +74 -186
  122. data/stripe.gemspec +35 -16
  123. metadata +110 -165
  124. data/.gitattributes +0 -4
  125. data/.github/ISSUE_TEMPLATE.md +0 -5
  126. data/.gitignore +0 -5
  127. data/.travis.yml +0 -38
  128. data/lib/stripe/alipay_account.rb +0 -22
  129. data/lib/stripe/application_fee.rb +0 -22
  130. data/lib/stripe/application_fee_refund.rb +0 -20
  131. data/lib/stripe/balance.rb +0 -5
  132. data/lib/stripe/balance_transaction.rb +0 -11
  133. data/lib/stripe/bank_account.rb +0 -30
  134. data/lib/stripe/bitcoin_transaction.rb +0 -11
  135. data/lib/stripe/card.rb +0 -27
  136. data/lib/stripe/charge.rb +0 -82
  137. data/lib/stripe/country_spec.rb +0 -11
  138. data/lib/stripe/customer.rb +0 -79
  139. data/lib/stripe/dispute.rb +0 -17
  140. data/lib/stripe/ephemeral_key.rb +0 -18
  141. data/lib/stripe/event.rb +0 -7
  142. data/lib/stripe/file_upload.rb +0 -33
  143. data/lib/stripe/invoice.rb +0 -29
  144. data/lib/stripe/invoice_line_item.rb +0 -5
  145. data/lib/stripe/login_link.rb +0 -9
  146. data/lib/stripe/order.rb +0 -29
  147. data/lib/stripe/order_return.rb +0 -11
  148. data/lib/stripe/payout.rb +0 -18
  149. data/lib/stripe/recipient_transfer.rb +0 -6
  150. data/lib/stripe/reversal.rb +0 -20
  151. data/lib/stripe/source.rb +0 -23
  152. data/lib/stripe/subscription.rb +0 -33
  153. data/lib/stripe/subscription_item.rb +0 -14
  154. data/lib/stripe/token.rb +0 -7
  155. data/lib/stripe/transfer.rb +0 -18
  156. data/test/api_stub_helpers.rb +0 -0
  157. data/test/stripe/account_test.rb +0 -202
  158. data/test/stripe/alipay_account_test.rb +0 -17
  159. data/test/stripe/api_operations_test.rb +0 -31
  160. data/test/stripe/api_resource_test.rb +0 -558
  161. data/test/stripe/apple_pay_domain_test.rb +0 -31
  162. data/test/stripe/application_fee_refund_test.rb +0 -35
  163. data/test/stripe/application_fee_test.rb +0 -12
  164. data/test/stripe/balance_test.rb +0 -11
  165. data/test/stripe/bank_account_test.rb +0 -36
  166. data/test/stripe/bitcoin_receiver_test.rb +0 -67
  167. data/test/stripe/bitcoin_transaction_test.rb +0 -19
  168. data/test/stripe/charge_test.rb +0 -57
  169. data/test/stripe/country_spec_test.rb +0 -18
  170. data/test/stripe/coupon_test.rb +0 -42
  171. data/test/stripe/customer_card_test.rb +0 -46
  172. data/test/stripe/customer_test.rb +0 -114
  173. data/test/stripe/dispute_test.rb +0 -40
  174. data/test/stripe/ephemeral_key_test.rb +0 -84
  175. data/test/stripe/errors_test.rb +0 -18
  176. data/test/stripe/file_upload_test.rb +0 -66
  177. data/test/stripe/invoice_item_test.rb +0 -53
  178. data/test/stripe/invoice_line_item_test.rb +0 -6
  179. data/test/stripe/invoice_test.rb +0 -110
  180. data/test/stripe/list_object_test.rb +0 -170
  181. data/test/stripe/login_link_test.rb +0 -35
  182. data/test/stripe/oauth_test.rb +0 -85
  183. data/test/stripe/order_return_test.rb +0 -19
  184. data/test/stripe/order_test.rb +0 -57
  185. data/test/stripe/payout_test.rb +0 -48
  186. data/test/stripe/plan_test.rb +0 -50
  187. data/test/stripe/product_test.rb +0 -45
  188. data/test/stripe/recipient_card_test.rb +0 -44
  189. data/test/stripe/recipient_test.rb +0 -48
  190. data/test/stripe/refund_test.rb +0 -37
  191. data/test/stripe/reversal_test.rb +0 -41
  192. data/test/stripe/sku_test.rb +0 -48
  193. data/test/stripe/source_test.rb +0 -68
  194. data/test/stripe/stripe_client_test.rb +0 -750
  195. data/test/stripe/stripe_object_test.rb +0 -398
  196. data/test/stripe/stripe_response_test.rb +0 -46
  197. data/test/stripe/subscription_item_test.rb +0 -52
  198. data/test/stripe/subscription_test.rb +0 -58
  199. data/test/stripe/three_d_secure_test.rb +0 -21
  200. data/test/stripe/transfer_test.rb +0 -41
  201. data/test/stripe/util_test.rb +0 -414
  202. data/test/stripe/webhook_test.rb +0 -92
  203. data/test/stripe_test.rb +0 -59
  204. data/test/test_data.rb +0 -59
  205. data/test/test_helper.rb +0 -56
@@ -1,232 +1,635 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "stripe/instrumentation"
4
+
1
5
  module Stripe
2
6
  # StripeClient executes requests against the Stripe API and allows a user to
3
7
  # recover both a resource a call returns as well as a response object that
4
8
  # contains information on the HTTP call.
5
9
  class StripeClient
6
- attr_accessor :conn
7
-
8
- # Initializes a new StripeClient. Expects a Faraday connection object, and
9
- # uses a default connection unless one is passed.
10
- def initialize(conn = nil)
11
- self.conn = conn || self.class.default_conn
10
+ # A set of all known thread contexts across all threads and a mutex to
11
+ # synchronize global access to them.
12
+ @thread_contexts_with_connection_managers = Set.new
13
+ @thread_contexts_with_connection_managers_mutex = Mutex.new
14
+ @last_connection_manager_gc = Util.monotonic_time
15
+
16
+ # Initializes a new StripeClient
17
+ def initialize(config_arg = {})
12
18
  @system_profiler = SystemProfiler.new
19
+ @last_request_metrics = nil
20
+
21
+ @config = case config_arg
22
+ when Hash
23
+ Stripe.config.reverse_duplicate_merge(config_arg)
24
+ when Stripe::ConnectionManager
25
+ # Supports accepting a connection manager object for backwards
26
+ # compatibility only, and that use is DEPRECATED.
27
+ Stripe.config.dup
28
+ when Stripe::StripeConfiguration
29
+ config_arg
30
+ when String
31
+ Stripe.config.reverse_duplicate_merge(
32
+ { api_key: config_arg }
33
+ )
34
+ else
35
+ raise ArgumentError, "Can't handle argument: #{config_arg}"
36
+ end
13
37
  end
14
38
 
39
+ attr_reader :config
40
+ attr_reader :options
41
+
42
+ # Gets a currently active `StripeClient`. Set for the current thread when
43
+ # `StripeClient#request` is being run so that API operations being executed
44
+ # inside of that block can find the currently active client. It's reset to
45
+ # the original value (hopefully `nil`) after the block ends.
46
+ #
47
+ # For internal use only. Does not provide a stable API and may be broken
48
+ # with future non-major changes.
15
49
  def self.active_client
16
- Thread.current[:stripe_client] || default_client
50
+ current_thread_context.active_client || default_client
17
51
  end
18
52
 
19
- def self.default_client
20
- @default_client ||= StripeClient.new(default_conn)
21
- end
22
-
23
- # A default Faraday connection to be used when one isn't configured. This
24
- # object should never be mutated, and instead instantiating your own
25
- # connection and wrapping it in a StripeClient object should be preferred.
26
- def self.default_conn
27
- # We're going to keep connections around so that we can take advantage
28
- # of connection re-use, so make sure that we have a separate connection
29
- # object per thread.
30
- Thread.current[:stripe_client_default_conn] ||= begin
31
- conn = Faraday.new do |c|
32
- c.use Faraday::Request::Multipart
33
- c.use Faraday::Request::UrlEncoded
34
- c.use Faraday::Response::RaiseError
35
- c.adapter Faraday.default_adapter
36
- end
37
-
38
- if Stripe.verify_ssl_certs
39
- conn.ssl.verify = true
40
- conn.ssl.cert_store = Stripe.ca_store
41
- else
42
- conn.ssl.verify = false
53
+ # Finishes any active connections by closing their TCP connection and
54
+ # clears them from internal tracking in all connection managers across all
55
+ # threads.
56
+ #
57
+ # If passed a `config` object, only clear connection managers for that
58
+ # particular configuration.
59
+ #
60
+ # For internal use only. Does not provide a stable API and may be broken
61
+ # with future non-major changes.
62
+ def self.clear_all_connection_managers(config: nil)
63
+ # Just a quick path for when configuration is being set for the first
64
+ # time before any connections have been opened. There is technically some
65
+ # potential for thread raciness here, but not in a practical sense.
66
+ return if @thread_contexts_with_connection_managers.empty?
67
+
68
+ @thread_contexts_with_connection_managers_mutex.synchronize do
69
+ pruned_contexts = Set.new
70
+
71
+ @thread_contexts_with_connection_managers.each do |thread_context|
72
+ # Note that the thread context itself is not destroyed, but we clear
73
+ # its connection manager and remove our reference to it. If it ever
74
+ # makes a new request we'll give it a new connection manager and
75
+ # it'll go back into `@thread_contexts_with_connection_managers`.
76
+ thread_context.default_connection_managers.reject! do |cm_config, cm|
77
+ if config.nil? || config.key == cm_config
78
+ cm.clear
79
+ true
80
+ end
81
+ end
43
82
 
44
- unless @verify_ssl_warned
45
- @verify_ssl_warned = true
46
- $stderr.puts("WARNING: Running without SSL cert verification. " \
47
- "You should never do this in production. " \
48
- "Execute 'Stripe.verify_ssl_certs = true' to enable verification.")
83
+ if thread_context.default_connection_managers.empty?
84
+ pruned_contexts << thread_context
49
85
  end
50
86
  end
51
87
 
52
- conn
88
+ @thread_contexts_with_connection_managers.subtract(pruned_contexts)
53
89
  end
54
90
  end
55
91
 
56
- # Checks if an error is a problem that we should retry on. This includes both
57
- # socket errors that may represent an intermittent problem and some special
58
- # HTTP statuses.
59
- def self.should_retry?(e, num_retries)
60
- return false if num_retries >= Stripe.max_network_retries
92
+ # A default client for the current thread.
93
+ def self.default_client
94
+ current_thread_context.default_client ||= StripeClient.new(Stripe.config)
95
+ end
61
96
 
62
- # Retry on timeout-related problems (either on open or read).
63
- return true if e.is_a?(Faraday::TimeoutError)
97
+ # A default connection manager for the current thread scoped to the
98
+ # configuration object that may be provided.
99
+ def self.default_connection_manager(config = Stripe.config)
100
+ current_thread_context.default_connection_managers[config.key] ||= begin
101
+ connection_manager = ConnectionManager.new(config)
64
102
 
65
- # Destination refused the connection, the connection was reset, or a
66
- # variety of other connection failures. This could occur from a single
67
- # saturated server, so retry in case it's intermittent.
68
- return true if e.is_a?(Faraday::ConnectionFailed)
103
+ @thread_contexts_with_connection_managers_mutex.synchronize do
104
+ maybe_gc_connection_managers
105
+ @thread_contexts_with_connection_managers << current_thread_context
106
+ end
69
107
 
70
- if e.is_a?(Faraday::ClientError) && e.response
71
- # 409 conflict
72
- return true if e.response[:status] == 409
108
+ connection_manager
73
109
  end
110
+ end
74
111
 
75
- false
112
+ # Checks if an error is a problem that we should retry on. This includes
113
+ # both socket errors that may represent an intermittent problem and some
114
+ # special HTTP statuses.
115
+ def self.should_retry?(error,
116
+ method:, num_retries:, config: Stripe.config)
117
+ return false if num_retries >= config.max_network_retries
118
+
119
+ case error
120
+ when Net::OpenTimeout, Net::ReadTimeout
121
+ # Retry on timeout-related problems (either on open or read).
122
+ true
123
+ when EOFError, Errno::ECONNREFUSED, Errno::ECONNRESET,
124
+ Errno::EHOSTUNREACH, Errno::ETIMEDOUT, SocketError
125
+ # Destination refused the connection, the connection was reset, or a
126
+ # variety of other connection failures. This could occur from a single
127
+ # saturated server, so retry in case it's intermittent.
128
+ true
129
+ when Stripe::StripeError
130
+ # The API may ask us not to retry (e.g. if doing so would be a no-op),
131
+ # or advise us to retry (e.g. in cases of lock timeouts). Defer to
132
+ # those instructions if given.
133
+ return false if error.http_headers["stripe-should-retry"] == "false"
134
+ return true if error.http_headers["stripe-should-retry"] == "true"
135
+
136
+ # 409 Conflict
137
+ return true if error.http_status == 409
138
+
139
+ # 429 Too Many Requests
140
+ #
141
+ # There are a few different problems that can lead to a 429. The most
142
+ # common is rate limiting, on which we *don't* want to retry because
143
+ # that'd likely contribute to more contention problems. However, some
144
+ # 429s are lock timeouts, which is when a request conflicted with
145
+ # another request or an internal process on some particular object.
146
+ # These 429s are safe to retry.
147
+ return true if error.http_status == 429 && error.code == "lock_timeout"
148
+
149
+ # 500 Internal Server Error
150
+ #
151
+ # We only bother retrying these for non-POST requests. POSTs end up
152
+ # being cached by the idempotency layer so there's no purpose in
153
+ # retrying them.
154
+ return true if error.http_status == 500 && method != :post
155
+
156
+ # 503 Service Unavailable
157
+ error.http_status == 503
158
+ else
159
+ false
160
+ end
76
161
  end
77
162
 
78
- def self.sleep_time(num_retries)
163
+ def self.sleep_time(num_retries, config: Stripe.config)
79
164
  # Apply exponential backoff with initial_network_retry_delay on the
80
- # number of num_retries so far as inputs. Do not allow the number to exceed
81
- # max_network_retry_delay.
82
- sleep_seconds = [Stripe.initial_network_retry_delay * (2 ** (num_retries - 1)), Stripe.max_network_retry_delay].min
165
+ # number of num_retries so far as inputs. Do not allow the number to
166
+ # exceed max_network_retry_delay.
167
+ sleep_seconds = [
168
+ config.initial_network_retry_delay * (2**(num_retries - 1)),
169
+ config.max_network_retry_delay,
170
+ ].min
83
171
 
84
- # Apply some jitter by randomizing the value in the range of (sleep_seconds
85
- # / 2) to (sleep_seconds).
86
- sleep_seconds = sleep_seconds * (0.5 * (1 + rand()))
172
+ # Apply some jitter by randomizing the value in the range of
173
+ # (sleep_seconds / 2) to (sleep_seconds).
174
+ sleep_seconds *= (0.5 * (1 + rand))
87
175
 
88
176
  # But never sleep less than the base sleep seconds.
89
- sleep_seconds = [Stripe.initial_network_retry_delay, sleep_seconds].max
177
+ [config.initial_network_retry_delay, sleep_seconds].max
178
+ end
90
179
 
91
- sleep_seconds
180
+ # Gets the connection manager in use for the current `StripeClient`.
181
+ #
182
+ # This method is DEPRECATED and for backwards compatibility only.
183
+ def connection_manager
184
+ self.class.default_connection_manager
92
185
  end
186
+ extend Gem::Deprecate
187
+ deprecate :connection_manager, :none, 2020, 9
93
188
 
94
189
  # Executes the API call within the given block. Usage looks like:
95
190
  #
96
191
  # client = StripeClient.new
97
192
  # charge, resp = client.request { Charge.create }
98
193
  #
99
- def request(&block)
100
- @last_response = nil
101
- old_stripe_client = Thread.current[:stripe_client]
102
- Thread.current[:stripe_client] = self
194
+ def request
195
+ old_stripe_client = self.class.current_thread_context.active_client
196
+ self.class.current_thread_context.active_client = self
197
+
198
+ if self.class.current_thread_context.last_responses&.key?(object_id)
199
+ raise "calls to StripeClient#request cannot be nested within a thread"
200
+ end
201
+
202
+ self.class.current_thread_context.last_responses ||= {}
203
+ self.class.current_thread_context.last_responses[object_id] = nil
103
204
 
104
205
  begin
105
- res = block.call
106
- [res, @last_response]
206
+ res = yield
207
+ [res, self.class.current_thread_context.last_responses[object_id]]
107
208
  ensure
108
- Thread.current[:stripe_client] = old_stripe_client
209
+ self.class.current_thread_context.active_client = old_stripe_client
210
+ self.class.current_thread_context.last_responses.delete(object_id)
109
211
  end
110
212
  end
111
213
 
112
214
  def execute_request(method, path,
113
- api_base: nil, api_key: nil, headers: {}, params: {})
215
+ api_base: nil, api_key: nil, headers: {}, params: {})
216
+ http_resp, api_key = execute_request_internal(
217
+ method, path, api_base, api_key, headers, params
218
+ )
114
219
 
115
- api_base ||= Stripe.api_base
116
- api_key ||= Stripe.api_key
220
+ begin
221
+ resp = StripeResponse.from_net_http(http_resp)
222
+ rescue JSON::ParserError
223
+ raise general_api_error(http_resp.code.to_i, http_resp.body)
224
+ end
117
225
 
118
- check_api_key!(api_key)
226
+ # If being called from `StripeClient#request`, put the last response in
227
+ # thread-local memory so that it can be returned to the user. Don't store
228
+ # anything otherwise so that we don't leak memory.
229
+ store_last_response(object_id, resp)
230
+
231
+ [resp, api_key]
232
+ end
233
+
234
+ # Executes a request and returns the body as a stream instead of converting
235
+ # it to a StripeObject. This should be used for any request where we expect
236
+ # an arbitrary binary response.
237
+ #
238
+ # A `read_body_chunk` block can be passed, which will be called repeatedly
239
+ # with the body chunks read from the socket.
240
+ #
241
+ # If a block is passed, a StripeHeadersOnlyResponse is returned as the
242
+ # block is expected to do all the necessary body processing. If no block is
243
+ # passed, then a StripeStreamResponse is returned containing an IO stream
244
+ # with the response body.
245
+ def execute_request_stream(method, path,
246
+ api_base: nil, api_key: nil,
247
+ headers: {}, params: {},
248
+ &read_body_chunk_block)
249
+ unless block_given?
250
+ raise ArgumentError,
251
+ "execute_request_stream requires a read_body_chunk_block"
252
+ end
253
+
254
+ http_resp, api_key = execute_request_internal(
255
+ method, path, api_base, api_key, headers, params, &read_body_chunk_block
256
+ )
257
+
258
+ # When the read_body_chunk_block is given, we no longer have access to the
259
+ # response body at this point and so return a response object containing
260
+ # only the headers. This is because the body was consumed by the block.
261
+ resp = StripeHeadersOnlyResponse.from_net_http(http_resp)
262
+
263
+ [resp, api_key]
264
+ end
265
+
266
+ def store_last_response(object_id, resp)
267
+ return unless last_response_has_key?(object_id)
268
+
269
+ self.class.current_thread_context.last_responses[object_id] = resp
270
+ end
271
+
272
+ def last_response_has_key?(object_id)
273
+ self.class.current_thread_context.last_responses&.key?(object_id)
274
+ end
275
+
276
+ #
277
+ # private
278
+ #
279
+
280
+ # Time (in seconds) that a connection manager has not been used before it's
281
+ # eligible for garbage collection.
282
+ CONNECTION_MANAGER_GC_LAST_USED_EXPIRY = 120
283
+
284
+ # How often to check (in seconds) for connection managers that haven't been
285
+ # used in a long time and which should be garbage collected.
286
+ CONNECTION_MANAGER_GC_PERIOD = 60
287
+
288
+ ERROR_MESSAGE_CONNECTION =
289
+ "Unexpected error communicating when trying to connect to " \
290
+ "Stripe (%s). You may be seeing this message because your DNS is not " \
291
+ "working or you don't have an internet connection. To check, try " \
292
+ "running `host stripe.com` from the command line."
293
+ ERROR_MESSAGE_SSL =
294
+ "Could not establish a secure connection to Stripe (%s), you " \
295
+ "may need to upgrade your OpenSSL version. To check, try running " \
296
+ "`openssl s_client -connect api.stripe.com:443` from the command " \
297
+ "line."
298
+
299
+ # Common error suffix sared by both connect and read timeout messages.
300
+ ERROR_MESSAGE_TIMEOUT_SUFFIX =
301
+ "Please check your internet connection and try again. " \
302
+ "If this problem persists, you should check Stripe's service " \
303
+ "status at https://status.stripe.com, or let us know at " \
304
+ "support@stripe.com."
305
+
306
+ ERROR_MESSAGE_TIMEOUT_CONNECT = (
307
+ "Timed out connecting to Stripe (%s). " +
308
+ ERROR_MESSAGE_TIMEOUT_SUFFIX
309
+ ).freeze
310
+
311
+ ERROR_MESSAGE_TIMEOUT_READ = (
312
+ "Timed out communicating with Stripe (%s). " +
313
+ ERROR_MESSAGE_TIMEOUT_SUFFIX
314
+ ).freeze
315
+
316
+ # Maps types of exceptions that we're likely to see during a network
317
+ # request to more user-friendly messages that we put in front of people.
318
+ # The original error message is also appended onto the final exception for
319
+ # full transparency.
320
+ NETWORK_ERROR_MESSAGES_MAP = {
321
+ EOFError => ERROR_MESSAGE_CONNECTION,
322
+ Errno::ECONNREFUSED => ERROR_MESSAGE_CONNECTION,
323
+ Errno::ECONNRESET => ERROR_MESSAGE_CONNECTION,
324
+ Errno::EHOSTUNREACH => ERROR_MESSAGE_CONNECTION,
325
+ Errno::ETIMEDOUT => ERROR_MESSAGE_TIMEOUT_CONNECT,
326
+ SocketError => ERROR_MESSAGE_CONNECTION,
327
+
328
+ Net::OpenTimeout => ERROR_MESSAGE_TIMEOUT_CONNECT,
329
+ Net::ReadTimeout => ERROR_MESSAGE_TIMEOUT_READ,
330
+
331
+ OpenSSL::SSL::SSLError => ERROR_MESSAGE_SSL,
332
+ }.freeze
333
+ private_constant :NETWORK_ERROR_MESSAGES_MAP
334
+
335
+ # A record representing any data that `StripeClient` puts into
336
+ # `Thread.current`. Making it a class likes this gives us a little extra
337
+ # type safety and lets us document what each field does.
338
+ #
339
+ # For internal use only. Does not provide a stable API and may be broken
340
+ # with future non-major changes.
341
+ class ThreadContext
342
+ # A `StripeClient` that's been flagged as currently active within a
343
+ # thread by `StripeClient#request`. A client stays active until the
344
+ # completion of the request block.
345
+ attr_accessor :active_client
346
+
347
+ # A default `StripeClient` object for the thread. Used in all cases where
348
+ # the user hasn't specified their own.
349
+ attr_accessor :default_client
350
+
351
+ # A temporary map of object IDs to responses from last executed API
352
+ # calls. Used to return a responses from calls to `StripeClient#request`.
353
+ #
354
+ # Stored in the thread data to make the use of a single `StripeClient`
355
+ # object safe across multiple threads. Stored as a map so that multiple
356
+ # `StripeClient` objects can run concurrently on the same thread.
357
+ #
358
+ # Responses are only left in as long as they're needed, which means
359
+ # they're removed as soon as a call leaves `StripeClient#request`, and
360
+ # because that's wrapped in an `ensure` block, they should never leave
361
+ # garbage in `Thread.current`.
362
+ attr_accessor :last_responses
363
+
364
+ # A map of connection mangers for the thread. Normally shared between
365
+ # all `StripeClient` objects on a particular thread, and created so as to
366
+ # minimize the number of open connections that an application needs.
367
+ def default_connection_managers
368
+ @default_connection_managers ||= {}
369
+ end
370
+
371
+ def reset_connection_managers
372
+ @default_connection_managers = {}
373
+ end
374
+ end
375
+
376
+ # Access data stored for `StripeClient` within the thread's current
377
+ # context. Returns `ThreadContext`.
378
+ #
379
+ # For internal use only. Does not provide a stable API and may be broken
380
+ # with future non-major changes.
381
+ def self.current_thread_context
382
+ Thread.current[:stripe_client__internal_use_only] ||= ThreadContext.new
383
+ end
384
+
385
+ # Garbage collects connection managers that haven't been used in some time,
386
+ # with the idea being that we want to remove old connection managers that
387
+ # belong to dead threads and the like.
388
+ #
389
+ # Prefixed with `maybe_` because garbage collection will only run
390
+ # periodically so that we're not constantly engaged in busy work. If
391
+ # connection managers live a little passed their useful age it's not
392
+ # harmful, so it's not necessary to get them right away.
393
+ #
394
+ # For testability, returns `nil` if it didn't run and the number of
395
+ # connection managers that were garbage collected otherwise.
396
+ #
397
+ # IMPORTANT: This method is not thread-safe and expects to be called inside
398
+ # a lock on `@thread_contexts_with_connection_managers_mutex`.
399
+ #
400
+ # For internal use only. Does not provide a stable API and may be broken
401
+ # with future non-major changes.
402
+ def self.maybe_gc_connection_managers
403
+ next_gc_time = @last_connection_manager_gc + CONNECTION_MANAGER_GC_PERIOD
404
+ return nil if next_gc_time > Util.monotonic_time
405
+
406
+ last_used_threshold =
407
+ Util.monotonic_time - CONNECTION_MANAGER_GC_LAST_USED_EXPIRY
408
+
409
+ pruned_contexts = []
410
+ @thread_contexts_with_connection_managers.each do |thread_context|
411
+ thread_context
412
+ .default_connection_managers
413
+ .each do |config_key, connection_manager|
414
+ next if connection_manager.last_used > last_used_threshold
415
+
416
+ connection_manager.clear
417
+ thread_context.default_connection_managers.delete(config_key)
418
+ end
419
+ end
420
+
421
+ @thread_contexts_with_connection_managers.each do |thread_context|
422
+ next unless thread_context.default_connection_managers.empty?
423
+
424
+ pruned_contexts << thread_context
425
+ end
426
+
427
+ @thread_contexts_with_connection_managers -= pruned_contexts
428
+ @last_connection_manager_gc = Util.monotonic_time
429
+
430
+ pruned_contexts.count
431
+ end
432
+
433
+ private def execute_request_internal(method, path,
434
+ api_base, api_key, headers, params,
435
+ &read_body_chunk_block)
436
+ raise ArgumentError, "method should be a symbol" \
437
+ unless method.is_a?(Symbol)
438
+ raise ArgumentError, "path should be a string" \
439
+ unless path.is_a?(String)
119
440
 
441
+ api_base ||= config.api_base
442
+ api_key ||= config.api_key
120
443
  params = Util.objects_to_ids(params)
121
- url = api_url(path, api_base)
122
444
 
123
- case method.to_s.downcase.to_sym
445
+ check_api_key!(api_key)
446
+
447
+ body_params = nil
448
+ query_params = nil
449
+ case method
124
450
  when :get, :head, :delete
125
- # Make params into GET parameters
126
- url += "#{URI.parse(url).query ? '&' : '?'}#{Util.encode_parameters(params)}" if params && params.any?
127
- payload = nil
451
+ query_params = params
128
452
  else
129
- if headers[:content_type] && headers[:content_type] == "multipart/form-data"
130
- payload = params
131
- else
132
- payload = Util.encode_parameters(params)
133
- end
453
+ body_params = params
134
454
  end
135
455
 
136
- headers = request_headers(api_key, method).
137
- update(Util.normalize_headers(headers))
456
+ query_params, path = merge_query_params(query_params, path)
457
+
458
+ headers = request_headers(api_key, method)
459
+ .update(Util.normalize_headers(headers))
460
+ url = api_url(path, api_base)
461
+
462
+ # Merge given query parameters with any already encoded in the path.
463
+ query = query_params ? Util.encode_parameters(query_params) : nil
464
+
465
+ # Encoding body parameters is a little more complex because we may have
466
+ # to send a multipart-encoded body. `body_log` is produced separately as
467
+ # a log-friendly variant of the encoded form. File objects are displayed
468
+ # as such instead of as their file contents.
469
+ body, body_log =
470
+ body_params ? encode_body(body_params, headers) : [nil, nil]
138
471
 
139
472
  # stores information on the request we're about to make so that we don't
140
473
  # have to pass as many parameters around for logging.
141
- context = RequestLogContext.new(
142
- account: headers["Stripe-Account"],
143
- api_key: api_key,
144
- api_version: headers["Stripe-Version"],
145
- idempotency_key: headers["Idempotency-Key"],
146
- method: method,
147
- path: path,
148
- payload: payload,
149
- )
150
-
151
- http_resp = execute_request_with_rescues(api_base, context) do
152
- conn.run_request(method, url, payload, headers) do |req|
153
- req.options.open_timeout = Stripe.open_timeout
154
- req.options.timeout = Stripe.read_timeout
474
+ context = RequestLogContext.new
475
+ context.account = headers["Stripe-Account"]
476
+ context.api_key = api_key
477
+ context.api_version = headers["Stripe-Version"]
478
+ context.body = body_log
479
+ context.idempotency_key = headers["Idempotency-Key"]
480
+ context.method = method
481
+ context.path = path
482
+ context.query = query
483
+
484
+ # A block can be passed in to read the content directly from the response.
485
+ # We want to execute this block only when the response was actually
486
+ # successful. When it wasn't, we defer to the standard error handling as
487
+ # we have to read the body and parse the error JSON.
488
+ response_block =
489
+ if block_given?
490
+ lambda do |response|
491
+ unless should_handle_as_error(response.code.to_i)
492
+ response.read_body(&read_body_chunk_block)
493
+ end
494
+ end
155
495
  end
156
- end
157
496
 
158
- begin
159
- resp = StripeResponse.from_faraday_response(http_resp)
160
- rescue JSON::ParserError
161
- raise general_api_error(http_resp.status, http_resp.body)
497
+ http_resp = execute_request_with_rescues(method, api_base, context) do
498
+ self.class
499
+ .default_connection_manager(config)
500
+ .execute_request(method, url,
501
+ body: body,
502
+ headers: headers,
503
+ query: query,
504
+ &response_block)
162
505
  end
163
506
 
164
- # Allows StripeClient#request to return a response object to a caller.
165
- @last_response = resp
166
- [resp, api_key]
507
+ [http_resp, api_key]
167
508
  end
168
509
 
169
- private
170
-
171
- def api_url(url='', api_base=nil)
172
- (api_base || Stripe.api_base) + url
510
+ private def api_url(url = "", api_base = nil)
511
+ (api_base || config.api_base) + url
173
512
  end
174
513
 
175
- def check_api_key!(api_key)
514
+ private def check_api_key!(api_key)
176
515
  unless api_key
177
- raise AuthenticationError.new('No API key provided. ' \
516
+ raise AuthenticationError, "No API key provided. " \
178
517
  'Set your API key using "Stripe.api_key = <API-KEY>". ' \
179
- 'You can generate API keys from the Stripe web interface. ' \
180
- 'See https://stripe.com/api for details, or email support@stripe.com ' \
181
- 'if you have any questions.')
518
+ "You can generate API keys from the Stripe web interface. " \
519
+ "See https://stripe.com/api for details, or email " \
520
+ "support@stripe.com if you have any questions."
182
521
  end
183
522
 
184
- if api_key =~ /\s/
185
- raise AuthenticationError.new('Your API key is invalid, as it contains ' \
186
- 'whitespace. (HINT: You can double-check your API key from the ' \
187
- 'Stripe web interface. See https://stripe.com/api for details, or ' \
188
- 'email support@stripe.com if you have any questions.)')
523
+ return unless api_key =~ /\s/
524
+
525
+ raise AuthenticationError, "Your API key is invalid, as it contains " \
526
+ "whitespace. (HINT: You can double-check your API key from the " \
527
+ "Stripe web interface. See https://stripe.com/api for details, or " \
528
+ "email support@stripe.com if you have any questions.)"
529
+ end
530
+
531
+ # Encodes a set of body parameters using multipart if `Content-Type` is set
532
+ # for that, or standard form-encoding otherwise. Returns the encoded body
533
+ # and a version of the encoded body that's safe to be logged.
534
+ private def encode_body(body_params, headers)
535
+ body = nil
536
+ flattened_params = Util.flatten_params(body_params)
537
+
538
+ if headers["Content-Type"] == MultipartEncoder::MULTIPART_FORM_DATA
539
+ body, content_type = MultipartEncoder.encode(flattened_params)
540
+
541
+ # Set a new content type that also includes the multipart boundary.
542
+ # See `MultipartEncoder` for details.
543
+ headers["Content-Type"] = content_type
544
+
545
+ # `#to_s` any complex objects like files and the like to build output
546
+ # that's more condusive to logging.
547
+ flattened_params =
548
+ flattened_params.map { |k, v| [k, v.is_a?(String) ? v : v.to_s] }.to_h
549
+
550
+ else
551
+ body = Util.encode_parameters(body_params)
189
552
  end
553
+
554
+ # We don't use `Util.encode_parameters` partly as an optimization (to not
555
+ # redo work we've already done), and partly because the encoded forms of
556
+ # certain characters introduce a lot of visual noise and it's nice to
557
+ # have a clearer format for logs.
558
+ body_log = flattened_params.map { |k, v| "#{k}=#{v}" }.join("&")
559
+
560
+ [body, body_log]
190
561
  end
191
562
 
192
- def execute_request_with_rescues(api_base, context, &block)
563
+ private def should_handle_as_error(http_status)
564
+ http_status >= 400
565
+ end
566
+
567
+ private def execute_request_with_rescues(method, api_base, context)
193
568
  num_retries = 0
569
+
194
570
  begin
195
- request_start = Time.now
571
+ request_start = nil
572
+ user_data = nil
573
+
196
574
  log_request(context, num_retries)
197
- resp = block.call
198
- context = context.dup_from_response(resp)
199
- log_response(context, request_start, resp.status, resp.body)
575
+ user_data = notify_request_begin(context)
576
+
577
+ request_start = Util.monotonic_time
578
+ resp = yield
579
+ request_duration = Util.monotonic_time - request_start
580
+
581
+ http_status = resp.code.to_i
582
+ context = context.dup_from_response_headers(resp)
583
+
584
+ if should_handle_as_error(http_status)
585
+ handle_error_response(resp, context)
586
+ end
587
+
588
+ log_response(context, request_start, http_status, resp.body)
589
+ notify_request_end(context, request_duration, http_status,
590
+ num_retries, user_data)
591
+
592
+ if config.enable_telemetry? && context.request_id
593
+ request_duration_ms = (request_duration * 1000).to_i
594
+ @last_request_metrics =
595
+ StripeRequestMetrics.new(context.request_id, request_duration_ms)
596
+ end
200
597
 
201
598
  # We rescue all exceptions from a request so that we have an easy spot to
202
- # implement our retry logic across the board. We'll re-raise if it's a type
203
- # of exception that we didn't expect to handle.
204
- rescue => e
599
+ # implement our retry logic across the board. We'll re-raise if it's a
600
+ # type of exception that we didn't expect to handle.
601
+ rescue StandardError => e
205
602
  # If we modify context we copy it into a new variable so as not to
206
603
  # taint the original on a retry.
207
604
  error_context = context
605
+ http_status = nil
606
+ request_duration = Util.monotonic_time - request_start if request_start
208
607
 
209
- if e.respond_to?(:response) && e.response
210
- error_context = context.dup_from_response(e.response)
608
+ if e.is_a?(Stripe::StripeError)
609
+ error_context = context.dup_from_response_headers(e.http_headers)
610
+ http_status = resp.code.to_i
211
611
  log_response(error_context, request_start,
212
- e.response[:status], e.response[:body])
612
+ e.http_status, e.http_body)
213
613
  else
214
614
  log_response_error(error_context, request_start, e)
215
615
  end
616
+ notify_request_end(context, request_duration, http_status, num_retries,
617
+ user_data)
216
618
 
217
- if self.class.should_retry?(e, num_retries)
619
+ if self.class.should_retry?(e,
620
+ method: method,
621
+ num_retries: num_retries,
622
+ config: config)
218
623
  num_retries += 1
219
- sleep self.class.sleep_time(num_retries)
624
+ sleep self.class.sleep_time(num_retries, config: config)
220
625
  retry
221
626
  end
222
627
 
223
628
  case e
224
- when Faraday::ClientError
225
- if e.response
226
- handle_error_response(e.response, error_context)
227
- else
228
- handle_network_error(e, error_context, num_retries, api_base)
229
- end
629
+ when Stripe::StripeError
630
+ raise
631
+ when *NETWORK_ERROR_MESSAGES_MAP.keys
632
+ handle_network_error(e, error_context, num_retries, api_base)
230
633
 
231
634
  # Only handle errors when we know we can do so, and re-raise otherwise.
232
635
  # This should be pretty infrequent.
@@ -238,199 +641,248 @@ module Stripe
238
641
  resp
239
642
  end
240
643
 
241
- def general_api_error(status, body)
242
- APIError.new("Invalid response object from API: #{body.inspect} " +
644
+ private def notify_request_begin(context)
645
+ return unless Instrumentation.any_subscribers?(:request_begin)
646
+
647
+ event = Instrumentation::RequestBeginEvent.new(
648
+ method: context.method,
649
+ path: context.path,
650
+ user_data: {}
651
+ )
652
+ Stripe::Instrumentation.notify(:request_begin, event)
653
+
654
+ # This field may be set in the `request_begin` callback. If so, we'll
655
+ # forward it onto `request_end`.
656
+ event.user_data
657
+ end
658
+
659
+ private def notify_request_end(context, duration, http_status, num_retries,
660
+ user_data)
661
+ return if !Instrumentation.any_subscribers?(:request_end) &&
662
+ !Instrumentation.any_subscribers?(:request)
663
+
664
+ event = Instrumentation::RequestEndEvent.new(
665
+ duration: duration,
666
+ http_status: http_status,
667
+ method: context.method,
668
+ num_retries: num_retries,
669
+ path: context.path,
670
+ request_id: context.request_id,
671
+ user_data: user_data || {}
672
+ )
673
+ Stripe::Instrumentation.notify(:request_end, event)
674
+
675
+ # The name before `request_begin` was also added. Provided for backwards
676
+ # compatibility.
677
+ Stripe::Instrumentation.notify(:request, event)
678
+ end
679
+
680
+ private def general_api_error(status, body)
681
+ APIError.new("Invalid response object from API: #{body.inspect} " \
243
682
  "(HTTP response code was #{status})",
244
683
  http_status: status, http_body: body)
245
684
  end
246
685
 
247
686
  # Formats a plugin "app info" hash into a string that we can tack onto the
248
- # end of a User-Agent string where it'll be fairly prominant in places like
687
+ # end of a User-Agent string where it'll be fairly prominent in places like
249
688
  # the Dashboard. Note that this formatting has been implemented to match
250
689
  # other libraries, and shouldn't be changed without universal consensus.
251
- def format_app_info(info)
690
+ private def format_app_info(info)
252
691
  str = info[:name]
253
692
  str = "#{str}/#{info[:version]}" unless info[:version].nil?
254
693
  str = "#{str} (#{info[:url]})" unless info[:url].nil?
255
694
  str
256
695
  end
257
696
 
258
- def handle_error_response(http_resp, context)
697
+ private def handle_error_response(http_resp, context)
259
698
  begin
260
- resp = StripeResponse.from_faraday_hash(http_resp)
699
+ resp = StripeResponse.from_net_http(http_resp)
261
700
  error_data = resp.data[:error]
262
701
 
263
- unless error_data
264
- raise StripeError.new("Indeterminate error")
265
- end
266
-
702
+ raise StripeError, "Indeterminate error" unless error_data
267
703
  rescue JSON::ParserError, StripeError
268
- raise general_api_error(http_resp[:status], http_resp[:body])
704
+ raise general_api_error(http_resp.code.to_i, http_resp.body)
269
705
  end
270
706
 
271
- if error_data.is_a?(String)
272
- error = specific_oauth_error(resp, error_data, context)
273
- else
274
- error = specific_api_error(resp, error_data, context)
275
- end
707
+ error = if error_data.is_a?(String)
708
+ specific_oauth_error(resp, error_data, context)
709
+ else
710
+ specific_api_error(resp, error_data, context)
711
+ end
276
712
 
277
713
  error.response = resp
278
714
  raise(error)
279
715
  end
280
716
 
281
- def specific_api_error(resp, error_data, context)
282
- Util.log_error('Stripe API error',
283
- status: resp.http_status,
284
- error_code: error_data['code'],
285
- error_message: error_data['message'],
286
- error_param: error_data['param'],
287
- error_type: error_data['type'],
288
- idempotency_key: context.idempotency_key,
289
- request_id: context.request_id
290
- )
717
+ # Works around an edge case where we end up with both query parameters from
718
+ # parameteers and query parameters that were appended onto the end of the
719
+ # given path.
720
+ #
721
+ # Decode any parameters that were added onto the end of a path and add them
722
+ # to a unified query parameter hash so that all parameters end up in one
723
+ # place and all of them are correctly included in the final request.
724
+ private def merge_query_params(query_params, path)
725
+ u = URI.parse(path)
726
+
727
+ # Return original results if there was nothing to be found.
728
+ return query_params, path if u.query.nil?
729
+
730
+ query_params ||= {}
731
+ query_params = Hash[URI.decode_www_form(u.query)].merge(query_params)
732
+
733
+ # Reset the path minus any query parameters that were specified.
734
+ path = u.path
735
+
736
+ [query_params, path]
737
+ end
738
+
739
+ private def specific_api_error(resp, error_data, context)
740
+ Util.log_error("Stripe API error",
741
+ status: resp.http_status,
742
+ error_code: error_data[:code],
743
+ error_message: error_data[:message],
744
+ error_param: error_data[:param],
745
+ error_type: error_data[:type],
746
+ idempotency_key: context.idempotency_key,
747
+ request_id: context.request_id,
748
+ config: config)
749
+
750
+ # The standard set of arguments that can be used to initialize most of
751
+ # the exceptions.
752
+ opts = {
753
+ http_body: resp.http_body,
754
+ http_headers: resp.http_headers,
755
+ http_status: resp.http_status,
756
+ json_body: resp.data,
757
+ code: error_data[:code],
758
+ }
291
759
 
292
760
  case resp.http_status
293
761
  when 400, 404
294
- error = InvalidRequestError.new(
295
- error_data[:message], error_data[:param],
296
- http_status: resp.http_status, http_body: resp.http_body,
297
- json_body: resp.data, http_headers: resp.http_headers
298
- )
762
+ case error_data[:type]
763
+ when "idempotency_error"
764
+ IdempotencyError.new(error_data[:message], **opts)
765
+ else
766
+ InvalidRequestError.new(
767
+ error_data[:message], error_data[:param],
768
+ **opts
769
+ )
770
+ end
299
771
  when 401
300
- error = AuthenticationError.new(
301
- error_data[:message],
302
- http_status: resp.http_status, http_body: resp.http_body,
303
- json_body: resp.data, http_headers: resp.http_headers
304
- )
772
+ AuthenticationError.new(error_data[:message], **opts)
305
773
  when 402
306
- error = CardError.new(
307
- error_data[:message], error_data[:param], error_data[:code],
308
- http_status: resp.http_status, http_body: resp.http_body,
309
- json_body: resp.data, http_headers: resp.http_headers
774
+ CardError.new(
775
+ error_data[:message], error_data[:param],
776
+ **opts
310
777
  )
311
778
  when 403
312
- error = PermissionError.new(
313
- error_data[:message],
314
- http_status: resp.http_status, http_body: resp.http_body,
315
- json_body: resp.data, http_headers: resp.http_headers
316
- )
779
+ PermissionError.new(error_data[:message], **opts)
317
780
  when 429
318
- error = RateLimitError.new(
319
- error_data[:message],
320
- http_status: resp.http_status, http_body: resp.http_body,
321
- json_body: resp.data, http_headers: resp.http_headers
322
- )
781
+ RateLimitError.new(error_data[:message], **opts)
323
782
  else
324
- error = APIError.new(
325
- error_data[:message],
326
- http_status: resp.http_status, http_body: resp.http_body,
327
- json_body: resp.data, http_headers: resp.http_headers
328
- )
783
+ APIError.new(error_data[:message], **opts)
329
784
  end
330
-
331
- error
332
785
  end
333
786
 
334
787
  # Attempts to look at a response's error code and return an OAuth error if
335
788
  # one matches. Will return `nil` if the code isn't recognized.
336
- def specific_oauth_error(resp, error_code, context)
789
+ private def specific_oauth_error(resp, error_code, context)
337
790
  description = resp.data[:error_description] || error_code
338
791
 
339
- Util.log_error('Stripe OAuth error',
340
- status: resp.http_status,
341
- error_code: error_code,
342
- error_description: description,
343
- idempotency_key: context.idempotency_key,
344
- request_id: context.request_id
345
- )
792
+ Util.log_error("Stripe OAuth error",
793
+ status: resp.http_status,
794
+ error_code: error_code,
795
+ error_description: description,
796
+ idempotency_key: context.idempotency_key,
797
+ request_id: context.request_id,
798
+ config: config)
346
799
 
347
- args = [error_code, description, {
800
+ args = {
348
801
  http_status: resp.http_status, http_body: resp.http_body,
349
- json_body: resp.data, http_headers: resp.http_headers
350
- }]
802
+ json_body: resp.data, http_headers: resp.http_headers,
803
+ }
351
804
 
352
805
  case error_code
353
- when 'invalid_client' then OAuth::InvalidClientError.new(*args)
354
- when 'invalid_grant' then OAuth::InvalidGrantError.new(*args)
355
- when 'invalid_request' then OAuth::InvalidRequestError.new(*args)
356
- when 'invalid_scope' then OAuth::InvalidScopeError.new(*args)
357
- when 'unsupported_grant_type' then OAuth::UnsupportedGrantTypeError.new(*args)
358
- when 'unsupported_response_type' then OAuth::UnsupportedResponseTypeError.new(*args)
806
+ when "invalid_client"
807
+ OAuth::InvalidClientError.new(error_code, description, **args)
808
+ when "invalid_grant"
809
+ OAuth::InvalidGrantError.new(error_code, description, **args)
810
+ when "invalid_request"
811
+ OAuth::InvalidRequestError.new(error_code, description, **args)
812
+ when "invalid_scope"
813
+ OAuth::InvalidScopeError.new(error_code, description, **args)
814
+ when "unsupported_grant_type"
815
+ OAuth::UnsupportedGrantTypeError.new(error_code, description, **args)
816
+ when "unsupported_response_type"
817
+ OAuth::UnsupportedResponseTypeError.new(error_code, description, **args)
359
818
  else
360
819
  # We'd prefer that all errors are typed, but we create a generic
361
820
  # OAuthError in case we run into a code that we don't recognize.
362
- OAuth::OAuthError.new(*args)
821
+ OAuth::OAuthError.new(error_code, description, **args)
363
822
  end
364
823
  end
365
824
 
366
- def handle_network_error(e, context, num_retries, api_base=nil)
367
- Util.log_error('Stripe network error',
368
- error_message: e.message,
369
- idempotency_key: context.idempotency_key,
370
- request_id: context.request_id
371
- )
372
-
373
- case e
374
- when Faraday::ConnectionFailed
375
- message = "Unexpected error communicating when trying to connect to Stripe. " \
376
- "You may be seeing this message because your DNS is not working. " \
377
- "To check, try running 'host stripe.com' from the command line."
378
-
379
- when Faraday::SSLError
380
- message = "Could not establish a secure connection to Stripe, you may " \
381
- "need to upgrade your OpenSSL version. To check, try running " \
382
- "'openssl s_client -connect api.stripe.com:443' from the " \
383
- "command line."
384
-
385
- when Faraday::TimeoutError
386
- api_base = Stripe.api_base unless api_base
387
- message = "Could not connect to Stripe (#{api_base}). " \
388
- "Please check your internet connection and try again. " \
389
- "If this problem persists, you should check Stripe's service status at " \
390
- "https://twitter.com/stripestatus, or let us know at support@stripe.com."
391
-
392
- else
393
- message = "Unexpected error communicating with Stripe. " \
394
- "If this problem persists, let us know at support@stripe.com."
825
+ private def handle_network_error(error, context, num_retries,
826
+ api_base = nil)
827
+ Util.log_error("Stripe network error",
828
+ error_message: error.message,
829
+ idempotency_key: context.idempotency_key,
830
+ request_id: context.request_id,
831
+ config: config)
395
832
 
833
+ errors, message = NETWORK_ERROR_MESSAGES_MAP.detect do |(e, _)|
834
+ error.is_a?(e)
396
835
  end
397
836
 
398
- if num_retries > 0
399
- message += " Request was retried #{num_retries} times."
837
+ if errors.nil?
838
+ message = "Unexpected error #{error.class.name} communicating " \
839
+ "with Stripe. Please let us know at support@stripe.com."
400
840
  end
401
841
 
402
- raise APIConnectionError.new(message + "\n\n(Network error: #{e.message})")
842
+ api_base ||= config.api_base
843
+ message = message % api_base
844
+
845
+ message += " Request was retried #{num_retries} times." if num_retries > 0
846
+
847
+ raise APIConnectionError,
848
+ message + "\n\n(Network error: #{error.message})"
403
849
  end
404
850
 
405
- def request_headers(api_key, method)
851
+ private def request_headers(api_key, method)
406
852
  user_agent = "Stripe/v1 RubyBindings/#{Stripe::VERSION}"
407
853
  unless Stripe.app_info.nil?
408
854
  user_agent += " " + format_app_info(Stripe.app_info)
409
855
  end
410
856
 
411
857
  headers = {
412
- 'User-Agent' => user_agent,
413
- 'Authorization' => "Bearer #{api_key}",
414
- 'Content-Type' => 'application/x-www-form-urlencoded'
858
+ "User-Agent" => user_agent,
859
+ "Authorization" => "Bearer #{api_key}",
860
+ "Content-Type" => "application/x-www-form-urlencoded",
415
861
  }
416
862
 
863
+ if config.enable_telemetry? && !@last_request_metrics.nil?
864
+ headers["X-Stripe-Client-Telemetry"] = JSON.generate(
865
+ last_request_metrics: @last_request_metrics.payload
866
+ )
867
+ end
868
+
417
869
  # It is only safe to retry network failures on post and delete
418
870
  # requests if we add an Idempotency-Key header
419
- if [:post, :delete].include?(method) && Stripe.max_network_retries > 0
420
- headers['Idempotency-Key'] ||= SecureRandom.uuid
871
+ if %i[post delete].include?(method) && config.max_network_retries > 0
872
+ headers["Idempotency-Key"] ||= SecureRandom.uuid
421
873
  end
422
874
 
423
- headers['Stripe-Version'] = Stripe.api_version if Stripe.api_version
424
- headers['Stripe-Account'] = Stripe.stripe_account if Stripe.stripe_account
875
+ headers["Stripe-Version"] = config.api_version if config.api_version
876
+ headers["Stripe-Account"] = config.stripe_account if config.stripe_account
425
877
 
426
878
  user_agent = @system_profiler.user_agent
427
879
  begin
428
880
  headers.update(
429
- 'X-Stripe-Client-User-Agent' => JSON.generate(user_agent)
881
+ "X-Stripe-Client-User-Agent" => JSON.generate(user_agent)
430
882
  )
431
- rescue => e
883
+ rescue StandardError => e
432
884
  headers.update(
433
- 'X-Stripe-Client-Raw-User-Agent' => user_agent.inspect,
885
+ "X-Stripe-Client-Raw-User-Agent" => user_agent.inspect,
434
886
  :error => "#{e} (#{e.class})"
435
887
  )
436
888
  end
@@ -438,102 +890,82 @@ module Stripe
438
890
  headers
439
891
  end
440
892
 
441
- def log_request(context, num_retries)
893
+ private def log_request(context, num_retries)
442
894
  Util.log_info("Request to Stripe API",
443
- account: context.account,
444
- api_version: context.api_version,
445
- idempotency_key: context.idempotency_key,
446
- method: context.method,
447
- num_retries: num_retries,
448
- path: context.path
449
- )
895
+ account: context.account,
896
+ api_version: context.api_version,
897
+ idempotency_key: context.idempotency_key,
898
+ method: context.method,
899
+ num_retries: num_retries,
900
+ path: context.path,
901
+ config: config)
450
902
  Util.log_debug("Request details",
451
- body: context.payload,
452
- idempotency_key: context.idempotency_key
453
- )
903
+ body: context.body,
904
+ idempotency_key: context.idempotency_key,
905
+ query: context.query,
906
+ config: config)
454
907
  end
455
- private :log_request
456
908
 
457
- def log_response(context, request_start, status, body)
909
+ private def log_response(context, request_start, status, body)
458
910
  Util.log_info("Response from Stripe API",
459
- account: context.account,
460
- api_version: context.api_version,
461
- elapsed: Time.now - request_start,
462
- idempotency_key: context.idempotency_key,
463
- method: context.method,
464
- path: context.path,
465
- request_id: context.request_id,
466
- status: status
467
- )
911
+ account: context.account,
912
+ api_version: context.api_version,
913
+ elapsed: Util.monotonic_time - request_start,
914
+ idempotency_key: context.idempotency_key,
915
+ method: context.method,
916
+ path: context.path,
917
+ request_id: context.request_id,
918
+ status: status,
919
+ config: config)
468
920
  Util.log_debug("Response details",
469
- body: body,
470
- idempotency_key: context.idempotency_key,
471
- request_id: context.request_id,
472
- )
473
- if context.request_id
474
- Util.log_debug("Dashboard link for request",
475
- idempotency_key: context.idempotency_key,
476
- request_id: context.request_id,
477
- url: Util.request_id_dashboard_url(context.request_id, context.api_key)
478
- )
479
- end
921
+ body: body,
922
+ idempotency_key: context.idempotency_key,
923
+ request_id: context.request_id,
924
+ config: config)
925
+
926
+ return unless context.request_id
927
+
928
+ Util.log_debug("Dashboard link for request",
929
+ idempotency_key: context.idempotency_key,
930
+ request_id: context.request_id,
931
+ url: Util.request_id_dashboard_url(context.request_id,
932
+ context.api_key),
933
+ config: config)
480
934
  end
481
- private :log_response
482
935
 
483
- def log_response_error(context, request_start, e)
936
+ private def log_response_error(context, request_start, error)
937
+ elapsed = request_start ? Util.monotonic_time - request_start : nil
484
938
  Util.log_error("Request error",
485
- elapsed: Time.now - request_start,
486
- error_message: e.message,
487
- idempotency_key: context.idempotency_key,
488
- method: context.method,
489
- path: context.path,
490
- )
939
+ elapsed: elapsed,
940
+ error_message: error.message,
941
+ idempotency_key: context.idempotency_key,
942
+ method: context.method,
943
+ path: context.path,
944
+ config: config)
491
945
  end
492
- private :log_response_error
493
946
 
494
947
  # RequestLogContext stores information about a request that's begin made so
495
948
  # that we can log certain information. It's useful because it means that we
496
949
  # don't have to pass around as many parameters.
497
950
  class RequestLogContext
951
+ attr_accessor :body
498
952
  attr_accessor :account
499
953
  attr_accessor :api_key
500
954
  attr_accessor :api_version
501
955
  attr_accessor :idempotency_key
502
956
  attr_accessor :method
503
957
  attr_accessor :path
504
- attr_accessor :payload
958
+ attr_accessor :query
505
959
  attr_accessor :request_id
506
960
 
507
- def initialize(account: nil, api_key: nil, api_version: nil,
508
- idempotency_key: nil, method: nil, path: nil, payload: nil)
509
- self.account = account
510
- self.api_key = api_key
511
- self.api_version = api_version
512
- self.idempotency_key = idempotency_key
513
- self.method = method
514
- self.path = path
515
- self.payload = payload
516
- end
517
-
518
961
  # The idea with this method is that we might want to update some of
519
962
  # context information because a response that we've received from the API
520
963
  # contains information that's more authoritative than what we started
521
964
  # with for a request. For example, we should trust whatever came back in
522
965
  # a `Stripe-Version` header beyond what configuration information that we
523
966
  # might have had available.
524
- def dup_from_response(resp)
525
- return self if resp.nil?
526
-
527
- # Faraday's API is a little unusual. Normally it'll produce a response
528
- # object with a `headers` method, but on error what it puts into
529
- # `e.response` is an untyped `Hash`.
530
- headers = if resp.is_a?(Faraday::Response)
531
- resp.headers
532
- else
533
- resp[:headers]
534
- end
535
-
536
- context = self.dup
967
+ def dup_from_response_headers(headers)
968
+ context = dup
537
969
  context.account = headers["Stripe-Account"]
538
970
  context.api_version = headers["Stripe-Version"]
539
971
  context.idempotency_key = headers["Idempotency-Key"]
@@ -546,31 +978,31 @@ module Stripe
546
978
  # in so that we can generate a rich user agent header to help debug
547
979
  # integrations.
548
980
  class SystemProfiler
549
- def self.get_uname
550
- if File.exist?('/proc/version')
551
- File.read('/proc/version').strip
981
+ def self.uname
982
+ if ::File.exist?("/proc/version")
983
+ ::File.read("/proc/version").strip
552
984
  else
553
- case RbConfig::CONFIG['host_os']
985
+ case RbConfig::CONFIG["host_os"]
554
986
  when /linux|darwin|bsd|sunos|solaris|cygwin/i
555
- get_uname_from_system
987
+ uname_from_system
556
988
  when /mswin|mingw/i
557
- get_uname_from_system_ver
989
+ uname_from_system_ver
558
990
  else
559
991
  "unknown platform"
560
992
  end
561
993
  end
562
994
  end
563
995
 
564
- def self.get_uname_from_system
565
- (`uname -a 2>/dev/null` || '').strip
996
+ def self.uname_from_system
997
+ (`uname -a 2>/dev/null` || "").strip
566
998
  rescue Errno::ENOENT
567
999
  "uname executable not found"
568
1000
  rescue Errno::ENOMEM # couldn't create subprocess
569
1001
  "uname lookup failed"
570
1002
  end
571
1003
 
572
- def self.get_uname_from_system_ver
573
- (`ver` || '').strip
1004
+ def self.uname_from_system_ver
1005
+ (`ver` || "").strip
574
1006
  rescue Errno::ENOENT
575
1007
  "ver executable not found"
576
1008
  rescue Errno::ENOMEM # couldn't create subprocess
@@ -578,23 +1010,43 @@ module Stripe
578
1010
  end
579
1011
 
580
1012
  def initialize
581
- @uname = self.class.get_uname
1013
+ @uname = self.class.uname
582
1014
  end
583
1015
 
584
1016
  def user_agent
585
- lang_version = "#{RUBY_VERSION} p#{RUBY_PATCHLEVEL} (#{RUBY_RELEASE_DATE})"
1017
+ lang_version = "#{RUBY_VERSION} p#{RUBY_PATCHLEVEL} " \
1018
+ "(#{RUBY_RELEASE_DATE})"
586
1019
 
587
1020
  {
588
- :application => Stripe.app_info,
589
- :bindings_version => Stripe::VERSION,
590
- :lang => 'ruby',
591
- :lang_version => lang_version,
592
- :platform => RUBY_PLATFORM,
593
- :engine => defined?(RUBY_ENGINE) ? RUBY_ENGINE : '',
594
- :publisher => 'stripe',
595
- :uname => @uname,
596
- :hostname => Socket.gethostname,
597
- }.delete_if { |k, v| v.nil? }
1021
+ application: Stripe.app_info,
1022
+ bindings_version: Stripe::VERSION,
1023
+ lang: "ruby",
1024
+ lang_version: lang_version,
1025
+ platform: RUBY_PLATFORM,
1026
+ engine: defined?(RUBY_ENGINE) ? RUBY_ENGINE : "",
1027
+ publisher: "stripe",
1028
+ uname: @uname,
1029
+ hostname: Socket.gethostname,
1030
+ }.delete_if { |_k, v| v.nil? }
1031
+ end
1032
+ end
1033
+
1034
+ # StripeRequestMetrics tracks metadata to be reported to stripe for metrics
1035
+ # collection
1036
+ class StripeRequestMetrics
1037
+ # The Stripe request ID of the response.
1038
+ attr_accessor :request_id
1039
+
1040
+ # Request duration in milliseconds
1041
+ attr_accessor :request_duration_ms
1042
+
1043
+ def initialize(request_id, request_duration_ms)
1044
+ self.request_id = request_id
1045
+ self.request_duration_ms = request_duration_ms
1046
+ end
1047
+
1048
+ def payload
1049
+ { request_id: request_id, request_duration_ms: request_duration_ms }
598
1050
  end
599
1051
  end
600
1052
  end