stripe 4.9.0 → 5.28.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.editorconfig +10 -0
- data/.rubocop.yml +56 -8
- data/.rubocop_todo.yml +8 -25
- data/.travis.yml +4 -8
- data/.vscode/extensions.json +7 -0
- data/.vscode/settings.json +8 -0
- data/CHANGELOG.md +206 -2
- data/CODE_OF_CONDUCT.md +77 -0
- data/Gemfile +10 -13
- data/README.md +178 -58
- data/Rakefile +8 -7
- data/VERSION +1 -1
- data/lib/stripe.rb +41 -195
- data/lib/stripe/api_operations/create.rb +1 -1
- data/lib/stripe/api_operations/delete.rb +28 -2
- data/lib/stripe/api_operations/list.rb +1 -12
- data/lib/stripe/api_operations/nested_resource.rb +38 -28
- data/lib/stripe/api_operations/request.rb +47 -8
- data/lib/stripe/api_operations/save.rb +8 -7
- data/lib/stripe/api_resource.rb +52 -3
- data/lib/stripe/connection_manager.rb +162 -0
- data/lib/stripe/error_object.rb +94 -0
- data/lib/stripe/errors.rb +31 -10
- data/lib/stripe/instrumentation.rb +82 -0
- data/lib/stripe/list_object.rb +41 -7
- data/lib/stripe/multipart_encoder.rb +131 -0
- data/lib/stripe/oauth.rb +4 -3
- data/lib/stripe/object_types.rb +101 -0
- data/lib/stripe/resources.rb +84 -0
- data/lib/stripe/{account.rb → resources/account.rb} +50 -27
- data/lib/stripe/{account_link.rb → resources/account_link.rb} +2 -1
- data/lib/stripe/resources/alipay_account.rb +34 -0
- data/lib/stripe/{apple_pay_domain.rb → resources/apple_pay_domain.rb} +2 -1
- data/lib/stripe/resources/application_fee.rb +14 -0
- data/lib/stripe/resources/application_fee_refund.rb +30 -0
- data/lib/stripe/{balance.rb → resources/balance.rb} +2 -1
- data/lib/stripe/{balance_transaction.rb → resources/balance_transaction.rb} +2 -5
- data/lib/stripe/resources/bank_account.rb +43 -0
- data/lib/stripe/resources/billing_portal/session.rb +12 -0
- data/lib/stripe/{bitcoin_receiver.rb → resources/bitcoin_receiver.rb} +4 -3
- data/lib/stripe/{bitcoin_transaction.rb → resources/bitcoin_transaction.rb} +1 -1
- data/lib/stripe/resources/capability.rb +33 -0
- data/lib/stripe/{card.rb → resources/card.rb} +13 -4
- data/lib/stripe/resources/charge.rb +23 -0
- data/lib/stripe/resources/checkout/session.rb +16 -0
- data/lib/stripe/{country_spec.rb → resources/country_spec.rb} +2 -1
- data/lib/stripe/{coupon.rb → resources/coupon.rb} +3 -2
- data/lib/stripe/resources/credit_note.rb +33 -0
- data/lib/stripe/resources/credit_note_line_item.rb +7 -0
- data/lib/stripe/resources/customer.rb +36 -0
- data/lib/stripe/resources/customer_balance_transaction.rb +30 -0
- data/lib/stripe/resources/discount.rb +7 -0
- data/lib/stripe/resources/dispute.rb +22 -0
- data/lib/stripe/{ephemeral_key.rb → resources/ephemeral_key.rb} +6 -2
- data/lib/stripe/{event.rb → resources/event.rb} +2 -1
- data/lib/stripe/{exchange_rate.rb → resources/exchange_rate.rb} +2 -1
- data/lib/stripe/{file.rb → resources/file.rb} +9 -11
- data/lib/stripe/{file_link.rb → resources/file_link.rb} +3 -2
- data/lib/stripe/resources/invoice.rb +74 -0
- data/lib/stripe/{invoice_item.rb → resources/invoice_item.rb} +3 -2
- data/lib/stripe/{invoice_line_item.rb → resources/invoice_line_item.rb} +1 -1
- data/lib/stripe/resources/issuing/authorization.rb +34 -0
- data/lib/stripe/resources/issuing/card.rb +25 -0
- data/lib/stripe/{issuing → resources/issuing}/card_details.rb +1 -1
- data/lib/stripe/{issuing → resources/issuing}/cardholder.rb +3 -2
- data/lib/stripe/resources/issuing/dispute.rb +25 -0
- data/lib/stripe/{issuing → resources/issuing}/transaction.rb +3 -2
- data/lib/stripe/resources/line_item.rb +7 -0
- data/lib/stripe/resources/login_link.rb +14 -0
- data/lib/stripe/resources/mandate.rb +8 -0
- data/lib/stripe/resources/order.rb +33 -0
- data/lib/stripe/{order_return.rb → resources/order_return.rb} +2 -1
- data/lib/stripe/resources/payment_intent.rb +43 -0
- data/lib/stripe/resources/payment_method.rb +33 -0
- data/lib/stripe/resources/payout.rb +33 -0
- data/lib/stripe/{person.rb → resources/person.rb} +8 -3
- data/lib/stripe/{plan.rb → resources/plan.rb} +2 -1
- data/lib/stripe/resources/price.rb +12 -0
- data/lib/stripe/{product.rb → resources/product.rb} +4 -3
- data/lib/stripe/resources/promotion_code.rb +12 -0
- data/lib/stripe/resources/radar/early_fraud_warning.rb +12 -0
- data/lib/stripe/{radar → resources/radar}/value_list.rb +3 -2
- data/lib/stripe/{radar → resources/radar}/value_list_item.rb +3 -2
- data/lib/stripe/{recipient.rb → resources/recipient.rb} +3 -6
- data/lib/stripe/{recipient_transfer.rb → resources/recipient_transfer.rb} +1 -1
- data/lib/stripe/{refund.rb → resources/refund.rb} +2 -1
- data/lib/stripe/{reporting → resources/reporting}/report_run.rb +3 -2
- data/lib/stripe/{reporting → resources/reporting}/report_type.rb +3 -2
- data/lib/stripe/resources/reversal.rb +29 -0
- data/lib/stripe/resources/review.rb +21 -0
- data/lib/stripe/resources/setup_attempt.rb +10 -0
- data/lib/stripe/resources/setup_intent.rb +33 -0
- data/lib/stripe/{sigma → resources/sigma}/scheduled_query_run.rb +3 -2
- data/lib/stripe/{sku.rb → resources/sku.rb} +4 -3
- data/lib/stripe/resources/source.rb +47 -0
- data/lib/stripe/{source_transaction.rb → resources/source_transaction.rb} +1 -1
- data/lib/stripe/resources/subscription.rb +26 -0
- data/lib/stripe/resources/subscription_item.rb +26 -0
- data/lib/stripe/resources/subscription_schedule.rb +33 -0
- data/lib/stripe/resources/tax_id.rb +26 -0
- data/lib/stripe/resources/tax_rate.rb +12 -0
- data/lib/stripe/resources/terminal/connection_token.rb +12 -0
- data/lib/stripe/{terminal → resources/terminal}/location.rb +4 -2
- data/lib/stripe/{terminal → resources/terminal}/reader.rb +4 -2
- data/lib/stripe/{three_d_secure.rb → resources/three_d_secure.rb} +2 -1
- data/lib/stripe/{token.rb → resources/token.rb} +2 -1
- data/lib/stripe/resources/topup.rb +23 -0
- data/lib/stripe/resources/transfer.rb +27 -0
- data/lib/stripe/resources/usage_record.rb +7 -0
- data/lib/stripe/{usage_record_summary.rb → resources/usage_record_summary.rb} +1 -1
- data/lib/stripe/{webhook_endpoint.rb → resources/webhook_endpoint.rb} +3 -2
- data/lib/stripe/singleton_api_resource.rb +3 -1
- data/lib/stripe/stripe_client.rb +493 -236
- data/lib/stripe/stripe_configuration.rb +178 -0
- data/lib/stripe/stripe_object.rb +75 -61
- data/lib/stripe/stripe_response.rb +53 -21
- data/lib/stripe/util.rb +66 -109
- data/lib/stripe/version.rb +1 -1
- data/lib/stripe/webhook.rb +43 -10
- data/stripe.gemspec +14 -5
- data/test/stripe/account_link_test.rb +4 -4
- data/test/stripe/account_test.rb +193 -32
- data/test/stripe/alipay_account_test.rb +1 -1
- data/test/stripe/api_operations_test.rb +3 -4
- data/test/stripe/api_resource_test.rb +159 -37
- data/test/stripe/apple_pay_domain_test.rb +18 -5
- data/test/stripe/application_fee_refund_test.rb +1 -1
- data/test/stripe/application_fee_test.rb +45 -1
- data/test/stripe/balance_test.rb +1 -1
- data/test/stripe/balance_transaction_test.rb +20 -0
- data/test/stripe/bank_account_test.rb +1 -1
- data/test/stripe/billing_portal/session_test.rb +18 -0
- data/test/stripe/capability_test.rb +45 -0
- data/test/stripe/charge_test.rb +13 -8
- data/test/stripe/checkout/session_test.rb +19 -1
- data/test/stripe/connection_manager_test.rb +167 -0
- data/test/stripe/country_spec_test.rb +1 -1
- data/test/stripe/coupon_test.rb +16 -6
- data/test/stripe/credit_note_test.rb +90 -0
- data/test/stripe/customer_balance_transaction_test.rb +37 -0
- data/test/stripe/customer_card_test.rb +7 -1
- data/test/stripe/customer_test.rb +151 -40
- data/test/stripe/dispute_test.rb +10 -1
- data/test/stripe/ephemeral_key_test.rb +8 -1
- data/test/stripe/errors_test.rb +42 -9
- data/test/stripe/exchange_rate_test.rb +1 -1
- data/test/stripe/file_link_test.rb +1 -1
- data/test/stripe/file_test.rb +19 -5
- data/test/stripe/instrumentation_test.rb +74 -0
- data/test/stripe/invoice_item_test.rb +18 -7
- data/test/stripe/invoice_line_item_test.rb +1 -1
- data/test/stripe/invoice_test.rb +77 -9
- data/test/stripe/issuing/authorization_test.rb +33 -11
- data/test/stripe/issuing/card_test.rb +27 -6
- data/test/stripe/issuing/cardholder_test.rb +1 -1
- data/test/stripe/issuing/dispute_test.rb +23 -14
- data/test/stripe/issuing/transaction_test.rb +1 -1
- data/test/stripe/list_object_test.rb +70 -24
- data/test/stripe/login_link_test.rb +2 -2
- data/test/stripe/mandate_test.rb +14 -0
- data/test/stripe/multipart_encoder_test.rb +130 -0
- data/test/stripe/oauth_test.rb +17 -1
- data/test/stripe/order_return_test.rb +1 -1
- data/test/stripe/order_test.rb +28 -3
- data/test/stripe/payment_intent_test.rb +31 -4
- data/test/stripe/payment_method_test.rb +84 -0
- data/test/stripe/payout_test.rb +23 -1
- data/test/stripe/person_test.rb +1 -1
- data/test/stripe/plan_test.rb +26 -20
- data/test/stripe/price_test.rb +48 -0
- data/test/stripe/product_test.rb +17 -8
- data/test/stripe/promotion_code_test.rb +42 -0
- data/test/stripe/radar/early_fraud_warning_test.rb +22 -0
- data/test/stripe/radar/value_list_item_test.rb +16 -6
- data/test/stripe/radar/value_list_test.rb +16 -6
- data/test/stripe/recipient_test.rb +18 -5
- data/test/stripe/refund_test.rb +1 -1
- data/test/stripe/reporting/report_run_test.rb +1 -1
- data/test/stripe/reporting/report_type_test.rb +1 -1
- data/test/stripe/reversal_test.rb +1 -1
- data/test/stripe/review_test.rb +1 -1
- data/test/stripe/setup_attempt_test.rb +16 -0
- data/test/stripe/setup_intent_test.rb +84 -0
- data/test/stripe/sigma/scheduled_query_run_test.rb +1 -1
- data/test/stripe/sku_test.rb +16 -6
- data/test/stripe/source_test.rb +52 -19
- data/test/stripe/stripe_client_test.rb +546 -78
- data/test/stripe/stripe_configuration_test.rb +131 -0
- data/test/stripe/stripe_object_test.rb +16 -41
- data/test/stripe/stripe_response_test.rb +71 -25
- data/test/stripe/subscription_item_test.rb +38 -7
- data/test/stripe/subscription_schedule_test.rb +19 -1
- data/test/stripe/subscription_test.rb +29 -9
- data/test/stripe/tax_id_test.rb +31 -0
- data/test/stripe/tax_rate_test.rb +43 -0
- data/test/stripe/terminal/connection_token_test.rb +1 -1
- data/test/stripe/terminal/location_test.rb +18 -1
- data/test/stripe/terminal/reader_test.rb +18 -1
- data/test/stripe/three_d_secure_test.rb +1 -1
- data/test/stripe/topup_test.rb +9 -1
- data/test/stripe/transfer_test.rb +46 -1
- data/test/stripe/usage_record_summary_test.rb +15 -5
- data/test/stripe/util_test.rb +1 -1
- data/test/stripe/webhook_endpoint_test.rb +18 -1
- data/test/stripe/webhook_test.rb +48 -9
- data/test/stripe_mock.rb +4 -3
- data/test/stripe_test.rb +102 -33
- data/test/test_helper.rb +16 -12
- metadata +141 -129
- data/lib/stripe/alipay_account.rb +0 -27
- data/lib/stripe/application_fee.rb +0 -23
- data/lib/stripe/application_fee_refund.rb +0 -22
- data/lib/stripe/bank_account.rb +0 -32
- data/lib/stripe/charge.rb +0 -84
- data/lib/stripe/checkout/session.rb +0 -11
- data/lib/stripe/customer.rb +0 -90
- data/lib/stripe/dispute.rb +0 -19
- data/lib/stripe/invoice.rb +0 -48
- data/lib/stripe/issuer_fraud_record.rb +0 -9
- data/lib/stripe/issuing/authorization.rb +0 -22
- data/lib/stripe/issuing/card.rb +0 -18
- data/lib/stripe/issuing/dispute.rb +0 -13
- data/lib/stripe/login_link.rb +0 -11
- data/lib/stripe/order.rb +0 -31
- data/lib/stripe/payment_intent.rb +0 -26
- data/lib/stripe/payout.rb +0 -20
- data/lib/stripe/reversal.rb +0 -22
- data/lib/stripe/review.rb +0 -14
- data/lib/stripe/source.rb +0 -38
- data/lib/stripe/subscription.rb +0 -25
- data/lib/stripe/subscription_item.rb +0 -17
- data/lib/stripe/subscription_schedule.rb +0 -32
- data/lib/stripe/subscription_schedule_revision.rb +0 -25
- data/lib/stripe/terminal/connection_token.rb +0 -11
- data/lib/stripe/topup.rb +0 -16
- data/lib/stripe/transfer.rb +0 -23
- data/lib/stripe/usage_record.rb +0 -14
- data/test/api_stub_helpers.rb +0 -1
- data/test/stripe/account_external_accounts_operations_test.rb +0 -69
- data/test/stripe/account_login_links_operations_test.rb +0 -21
- data/test/stripe/account_persons_operations_test.rb +0 -70
- data/test/stripe/application_fee_refunds_operations_test.rb +0 -56
- data/test/stripe/customer_sources_operations_test.rb +0 -64
- data/test/stripe/file_upload_test.rb +0 -76
- data/test/stripe/issuer_fraud_record_test.rb +0 -20
- data/test/stripe/source_transaction_test.rb +0 -19
- data/test/stripe/subscription_schedule_revision_test.rb +0 -37
- data/test/stripe/subscription_schedule_revisions_operations_test.rb +0 -35
- data/test/stripe/transfer_reversals_operations_test.rb +0 -57
- data/test/stripe/usage_record_test.rb +0 -28
|
@@ -4,6 +4,53 @@ module Stripe
|
|
|
4
4
|
# StripeResponse encapsulates some vitals of a response that came back from
|
|
5
5
|
# the Stripe API.
|
|
6
6
|
class StripeResponse
|
|
7
|
+
# Headers provides an access wrapper to an API response's header data. It
|
|
8
|
+
# mainly exists so that we don't need to expose the entire
|
|
9
|
+
# `Net::HTTPResponse` object while still getting some of its benefits like
|
|
10
|
+
# case-insensitive access to header names and flattening of header values.
|
|
11
|
+
class Headers
|
|
12
|
+
# Initializes a Headers object from a Net::HTTP::HTTPResponse object.
|
|
13
|
+
def self.from_net_http(resp)
|
|
14
|
+
new(resp.to_hash)
|
|
15
|
+
end
|
|
16
|
+
|
|
17
|
+
# `hash` is expected to be a hash mapping header names to arrays of
|
|
18
|
+
# header values. This is the default format generated by calling
|
|
19
|
+
# `#to_hash` on a `Net::HTTPResponse` object because headers can be
|
|
20
|
+
# repeated multiple times. Using `#[]` will collapse values down to just
|
|
21
|
+
# the first.
|
|
22
|
+
def initialize(hash)
|
|
23
|
+
if !hash.is_a?(Hash) ||
|
|
24
|
+
!hash.keys.all? { |n| n.is_a?(String) } ||
|
|
25
|
+
!hash.values.all? { |a| a.is_a?(Array) } ||
|
|
26
|
+
!hash.values.all? { |a| a.all? { |v| v.is_a?(String) } }
|
|
27
|
+
raise ArgumentError,
|
|
28
|
+
"expect hash to be a map of string header names to arrays of " \
|
|
29
|
+
"header values"
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
@hash = {}
|
|
33
|
+
|
|
34
|
+
# This shouldn't be strictly necessary because `Net::HTTPResponse` will
|
|
35
|
+
# produce a hash with all headers downcased, but do it anyway just in
|
|
36
|
+
# case an object of this class was constructed manually.
|
|
37
|
+
#
|
|
38
|
+
# Also has the effect of duplicating the hash, which is desirable for a
|
|
39
|
+
# little extra object safety.
|
|
40
|
+
hash.each do |k, v|
|
|
41
|
+
@hash[k.downcase] = v
|
|
42
|
+
end
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
def [](name)
|
|
46
|
+
values = @hash[name.downcase]
|
|
47
|
+
if values && values.count > 1
|
|
48
|
+
warn("Duplicate header values for `#{name}`; returning only first")
|
|
49
|
+
end
|
|
50
|
+
values ? values.first : nil
|
|
51
|
+
end
|
|
52
|
+
end
|
|
53
|
+
|
|
7
54
|
# The data contained by the HTTP body of the response deserialized from
|
|
8
55
|
# JSON.
|
|
9
56
|
attr_accessor :data
|
|
@@ -20,30 +67,15 @@ module Stripe
|
|
|
20
67
|
# The Stripe request ID of the response.
|
|
21
68
|
attr_accessor :request_id
|
|
22
69
|
|
|
23
|
-
# Initializes a StripeResponse object from a
|
|
24
|
-
#
|
|
25
|
-
|
|
26
|
-
# This may throw JSON::ParserError if the response body is not valid JSON.
|
|
27
|
-
def self.from_faraday_hash(http_resp)
|
|
28
|
-
resp = StripeResponse.new
|
|
29
|
-
resp.data = JSON.parse(http_resp[:body], symbolize_names: true)
|
|
30
|
-
resp.http_body = http_resp[:body]
|
|
31
|
-
resp.http_headers = http_resp[:headers]
|
|
32
|
-
resp.http_status = http_resp[:status]
|
|
33
|
-
resp.request_id = http_resp[:headers]["Request-Id"]
|
|
34
|
-
resp
|
|
35
|
-
end
|
|
36
|
-
|
|
37
|
-
# Initializes a StripeResponse object from a Faraday HTTP response object.
|
|
38
|
-
#
|
|
39
|
-
# This may throw JSON::ParserError if the response body is not valid JSON.
|
|
40
|
-
def self.from_faraday_response(http_resp)
|
|
70
|
+
# Initializes a StripeResponse object from a Net::HTTP::HTTPResponse
|
|
71
|
+
# object.
|
|
72
|
+
def self.from_net_http(http_resp)
|
|
41
73
|
resp = StripeResponse.new
|
|
42
74
|
resp.data = JSON.parse(http_resp.body, symbolize_names: true)
|
|
43
75
|
resp.http_body = http_resp.body
|
|
44
|
-
resp.http_headers = http_resp
|
|
45
|
-
resp.http_status = http_resp.
|
|
46
|
-
resp.request_id = http_resp
|
|
76
|
+
resp.http_headers = Headers.from_net_http(http_resp)
|
|
77
|
+
resp.http_status = http_resp.code.to_i
|
|
78
|
+
resp.request_id = http_resp["request-id"]
|
|
47
79
|
resp
|
|
48
80
|
end
|
|
49
81
|
end
|
data/lib/stripe/util.rb
CHANGED
|
@@ -24,97 +24,27 @@ module Stripe
|
|
|
24
24
|
OPTS_USER_SPECIFIED + Set[:client] - Set[:idempotency_key]
|
|
25
25
|
).freeze
|
|
26
26
|
|
|
27
|
-
def self.objects_to_ids(
|
|
28
|
-
case
|
|
27
|
+
def self.objects_to_ids(obj)
|
|
28
|
+
case obj
|
|
29
29
|
when APIResource
|
|
30
|
-
|
|
30
|
+
obj.id
|
|
31
31
|
when Hash
|
|
32
32
|
res = {}
|
|
33
|
-
|
|
33
|
+
obj.each { |k, v| res[k] = objects_to_ids(v) unless v.nil? }
|
|
34
34
|
res
|
|
35
35
|
when Array
|
|
36
|
-
|
|
36
|
+
obj.map { |v| objects_to_ids(v) }
|
|
37
37
|
else
|
|
38
|
-
|
|
38
|
+
obj
|
|
39
39
|
end
|
|
40
40
|
end
|
|
41
41
|
|
|
42
|
-
def self.object_classes
|
|
43
|
-
@object_classes ||=
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
Account::OBJECT_NAME => Account,
|
|
49
|
-
AccountLink::OBJECT_NAME => AccountLink,
|
|
50
|
-
AlipayAccount::OBJECT_NAME => AlipayAccount,
|
|
51
|
-
ApplePayDomain::OBJECT_NAME => ApplePayDomain,
|
|
52
|
-
ApplicationFee::OBJECT_NAME => ApplicationFee,
|
|
53
|
-
ApplicationFeeRefund::OBJECT_NAME => ApplicationFeeRefund,
|
|
54
|
-
Balance::OBJECT_NAME => Balance,
|
|
55
|
-
BalanceTransaction::OBJECT_NAME => BalanceTransaction,
|
|
56
|
-
BankAccount::OBJECT_NAME => BankAccount,
|
|
57
|
-
BitcoinReceiver::OBJECT_NAME => BitcoinReceiver,
|
|
58
|
-
BitcoinTransaction::OBJECT_NAME => BitcoinTransaction,
|
|
59
|
-
Card::OBJECT_NAME => Card,
|
|
60
|
-
Charge::OBJECT_NAME => Charge,
|
|
61
|
-
Checkout::Session::OBJECT_NAME => Checkout::Session,
|
|
62
|
-
CountrySpec::OBJECT_NAME => CountrySpec,
|
|
63
|
-
Coupon::OBJECT_NAME => Coupon,
|
|
64
|
-
Customer::OBJECT_NAME => Customer,
|
|
65
|
-
Dispute::OBJECT_NAME => Dispute,
|
|
66
|
-
EphemeralKey::OBJECT_NAME => EphemeralKey,
|
|
67
|
-
Event::OBJECT_NAME => Event,
|
|
68
|
-
ExchangeRate::OBJECT_NAME => ExchangeRate,
|
|
69
|
-
File::OBJECT_NAME => File,
|
|
70
|
-
File::OBJECT_NAME_ALT => File,
|
|
71
|
-
FileLink::OBJECT_NAME => FileLink,
|
|
72
|
-
Invoice::OBJECT_NAME => Invoice,
|
|
73
|
-
InvoiceItem::OBJECT_NAME => InvoiceItem,
|
|
74
|
-
InvoiceLineItem::OBJECT_NAME => InvoiceLineItem,
|
|
75
|
-
IssuerFraudRecord::OBJECT_NAME => IssuerFraudRecord,
|
|
76
|
-
Issuing::Authorization::OBJECT_NAME => Issuing::Authorization,
|
|
77
|
-
Issuing::Card::OBJECT_NAME => Issuing::Card,
|
|
78
|
-
Issuing::CardDetails::OBJECT_NAME => Issuing::CardDetails,
|
|
79
|
-
Issuing::Cardholder::OBJECT_NAME => Issuing::Cardholder,
|
|
80
|
-
Issuing::Dispute::OBJECT_NAME => Issuing::Dispute,
|
|
81
|
-
Issuing::Transaction::OBJECT_NAME => Issuing::Transaction,
|
|
82
|
-
LoginLink::OBJECT_NAME => LoginLink,
|
|
83
|
-
Order::OBJECT_NAME => Order,
|
|
84
|
-
OrderReturn::OBJECT_NAME => OrderReturn,
|
|
85
|
-
PaymentIntent::OBJECT_NAME => PaymentIntent,
|
|
86
|
-
Payout::OBJECT_NAME => Payout,
|
|
87
|
-
Person::OBJECT_NAME => Person,
|
|
88
|
-
Plan::OBJECT_NAME => Plan,
|
|
89
|
-
Product::OBJECT_NAME => Product,
|
|
90
|
-
Radar::ValueList::OBJECT_NAME => Radar::ValueList,
|
|
91
|
-
Radar::ValueListItem::OBJECT_NAME => Radar::ValueListItem,
|
|
92
|
-
Recipient::OBJECT_NAME => Recipient,
|
|
93
|
-
RecipientTransfer::OBJECT_NAME => RecipientTransfer,
|
|
94
|
-
Refund::OBJECT_NAME => Refund,
|
|
95
|
-
Reporting::ReportRun::OBJECT_NAME => Reporting::ReportRun,
|
|
96
|
-
Reporting::ReportType::OBJECT_NAME => Reporting::ReportType,
|
|
97
|
-
Reversal::OBJECT_NAME => Reversal,
|
|
98
|
-
Review::OBJECT_NAME => Review,
|
|
99
|
-
SKU::OBJECT_NAME => SKU,
|
|
100
|
-
Sigma::ScheduledQueryRun::OBJECT_NAME => Sigma::ScheduledQueryRun,
|
|
101
|
-
Source::OBJECT_NAME => Source,
|
|
102
|
-
SourceTransaction::OBJECT_NAME => SourceTransaction,
|
|
103
|
-
Subscription::OBJECT_NAME => Subscription,
|
|
104
|
-
SubscriptionItem::OBJECT_NAME => SubscriptionItem,
|
|
105
|
-
SubscriptionSchedule::OBJECT_NAME => SubscriptionSchedule,
|
|
106
|
-
SubscriptionScheduleRevision::OBJECT_NAME => SubscriptionScheduleRevision,
|
|
107
|
-
Terminal::ConnectionToken::OBJECT_NAME => Terminal::ConnectionToken,
|
|
108
|
-
Terminal::Location::OBJECT_NAME => Terminal::Location,
|
|
109
|
-
Terminal::Reader::OBJECT_NAME => Terminal::Reader,
|
|
110
|
-
ThreeDSecure::OBJECT_NAME => ThreeDSecure,
|
|
111
|
-
Token::OBJECT_NAME => Token,
|
|
112
|
-
Topup::OBJECT_NAME => Topup,
|
|
113
|
-
Transfer::OBJECT_NAME => Transfer,
|
|
114
|
-
UsageRecord::OBJECT_NAME => UsageRecord,
|
|
115
|
-
UsageRecordSummary::OBJECT_NAME => UsageRecordSummary,
|
|
116
|
-
WebhookEndpoint::OBJECT_NAME => WebhookEndpoint,
|
|
117
|
-
}
|
|
42
|
+
def self.object_classes
|
|
43
|
+
@object_classes ||= Stripe::ObjectTypes.object_names_to_classes
|
|
44
|
+
end
|
|
45
|
+
|
|
46
|
+
def self.object_name_matches_class?(object_name, klass)
|
|
47
|
+
Util.object_classes[object_name] == klass
|
|
118
48
|
end
|
|
119
49
|
|
|
120
50
|
# Converts a hash of fields or an array of hashes into a +StripeObject+ or
|
|
@@ -130,12 +60,16 @@ module Stripe
|
|
|
130
60
|
# * +opts+ - Options for +StripeObject+ like an API key that will be reused
|
|
131
61
|
# on subsequent API calls.
|
|
132
62
|
def self.convert_to_stripe_object(data, opts = {})
|
|
63
|
+
opts = normalize_opts(opts)
|
|
64
|
+
|
|
133
65
|
case data
|
|
134
66
|
when Array
|
|
135
67
|
data.map { |i| convert_to_stripe_object(i, opts) }
|
|
136
68
|
when Hash
|
|
137
|
-
# Try converting to a known object class. If none available, fall back
|
|
138
|
-
|
|
69
|
+
# Try converting to a known object class. If none available, fall back
|
|
70
|
+
# to generic StripeObject
|
|
71
|
+
object_classes.fetch(data[:object], StripeObject)
|
|
72
|
+
.construct_from(data, opts)
|
|
139
73
|
else
|
|
140
74
|
data
|
|
141
75
|
end
|
|
@@ -144,24 +78,24 @@ module Stripe
|
|
|
144
78
|
def self.log_error(message, data = {})
|
|
145
79
|
if !Stripe.logger.nil? ||
|
|
146
80
|
!Stripe.log_level.nil? && Stripe.log_level <= Stripe::LEVEL_ERROR
|
|
147
|
-
log_internal(message, data, color: :cyan,
|
|
148
|
-
|
|
81
|
+
log_internal(message, data, color: :cyan, level: Stripe::LEVEL_ERROR,
|
|
82
|
+
logger: Stripe.logger, out: $stderr)
|
|
149
83
|
end
|
|
150
84
|
end
|
|
151
85
|
|
|
152
86
|
def self.log_info(message, data = {})
|
|
153
87
|
if !Stripe.logger.nil? ||
|
|
154
88
|
!Stripe.log_level.nil? && Stripe.log_level <= Stripe::LEVEL_INFO
|
|
155
|
-
log_internal(message, data, color: :cyan,
|
|
156
|
-
|
|
89
|
+
log_internal(message, data, color: :cyan, level: Stripe::LEVEL_INFO,
|
|
90
|
+
logger: Stripe.logger, out: $stdout)
|
|
157
91
|
end
|
|
158
92
|
end
|
|
159
93
|
|
|
160
94
|
def self.log_debug(message, data = {})
|
|
161
95
|
if !Stripe.logger.nil? ||
|
|
162
96
|
!Stripe.log_level.nil? && Stripe.log_level <= Stripe::LEVEL_DEBUG
|
|
163
|
-
log_internal(message, data, color: :blue,
|
|
164
|
-
|
|
97
|
+
log_internal(message, data, color: :blue, level: Stripe::LEVEL_DEBUG,
|
|
98
|
+
logger: Stripe.logger, out: $stdout)
|
|
165
99
|
end
|
|
166
100
|
end
|
|
167
101
|
|
|
@@ -238,6 +172,18 @@ module Stripe
|
|
|
238
172
|
result
|
|
239
173
|
end
|
|
240
174
|
|
|
175
|
+
# `Time.now` can be unstable in cases like an administrator manually
|
|
176
|
+
# updating its value or a reconcilation via NTP. For this reason, prefer
|
|
177
|
+
# the use of the system's monotonic clock especially where comparing times
|
|
178
|
+
# to calculate an elapsed duration.
|
|
179
|
+
#
|
|
180
|
+
# Shortcut for getting monotonic time, mostly for purposes of line length
|
|
181
|
+
# and test stubbing. Returns time in seconds since the event used for
|
|
182
|
+
# monotonic reference purposes by the platform (e.g. system boot time).
|
|
183
|
+
def self.monotonic_time
|
|
184
|
+
Process.clock_gettime(Process::CLOCK_MONOTONIC)
|
|
185
|
+
end
|
|
186
|
+
|
|
241
187
|
def self.normalize_id(id)
|
|
242
188
|
if id.is_a?(Hash) # overloaded id
|
|
243
189
|
params_hash = id.dup
|
|
@@ -264,11 +210,13 @@ module Stripe
|
|
|
264
210
|
|
|
265
211
|
def self.check_string_argument!(key)
|
|
266
212
|
raise TypeError, "argument must be a string" unless key.is_a?(String)
|
|
213
|
+
|
|
267
214
|
key
|
|
268
215
|
end
|
|
269
216
|
|
|
270
217
|
def self.check_api_key!(key)
|
|
271
218
|
raise TypeError, "api_key must be a string" unless key.is_a?(String)
|
|
219
|
+
|
|
272
220
|
key
|
|
273
221
|
end
|
|
274
222
|
|
|
@@ -296,13 +244,13 @@ module Stripe
|
|
|
296
244
|
|
|
297
245
|
# Constant time string comparison to prevent timing attacks
|
|
298
246
|
# Code borrowed from ActiveSupport
|
|
299
|
-
def self.secure_compare(
|
|
300
|
-
return false unless
|
|
247
|
+
def self.secure_compare(str_a, str_b)
|
|
248
|
+
return false unless str_a.bytesize == str_b.bytesize
|
|
301
249
|
|
|
302
|
-
l =
|
|
250
|
+
l = str_a.unpack "C#{str_a.bytesize}"
|
|
303
251
|
|
|
304
252
|
res = 0
|
|
305
|
-
|
|
253
|
+
str_b.each_byte { |byte| res |= byte ^ l.shift }
|
|
306
254
|
res.zero?
|
|
307
255
|
end
|
|
308
256
|
|
|
@@ -311,14 +259,14 @@ module Stripe
|
|
|
311
259
|
#
|
|
312
260
|
|
|
313
261
|
COLOR_CODES = {
|
|
314
|
-
black:
|
|
315
|
-
red:
|
|
316
|
-
green:
|
|
317
|
-
yellow:
|
|
318
|
-
blue:
|
|
262
|
+
black: 0, light_black: 60,
|
|
263
|
+
red: 1, light_red: 61,
|
|
264
|
+
green: 2, light_green: 62,
|
|
265
|
+
yellow: 3, light_yellow: 63,
|
|
266
|
+
blue: 4, light_blue: 64,
|
|
319
267
|
magenta: 5, light_magenta: 65,
|
|
320
|
-
cyan:
|
|
321
|
-
white:
|
|
268
|
+
cyan: 6, light_cyan: 66,
|
|
269
|
+
white: 7, light_white: 67,
|
|
322
270
|
default: 9,
|
|
323
271
|
}.freeze
|
|
324
272
|
private_constant :COLOR_CODES
|
|
@@ -347,23 +295,32 @@ module Stripe
|
|
|
347
295
|
end
|
|
348
296
|
private_class_method :level_name
|
|
349
297
|
|
|
350
|
-
|
|
351
|
-
# 2.0.
|
|
352
|
-
def self.log_internal(message, data = {}, color: nil, level: nil, logger: nil, out: nil)
|
|
298
|
+
def self.log_internal(message, data = {}, color:, level:, logger:, out:)
|
|
353
299
|
data_str = data.reject { |_k, v| v.nil? }
|
|
354
300
|
.map do |(k, v)|
|
|
355
|
-
format("
|
|
301
|
+
format("%<key>s=%<value>s",
|
|
302
|
+
key: colorize(k, color, logger.nil? && !out.nil? && out.isatty),
|
|
303
|
+
value: wrap_logfmt_value(v))
|
|
356
304
|
end.join(" ")
|
|
357
305
|
|
|
358
306
|
if !logger.nil?
|
|
359
307
|
# the library's log levels are mapped to the same values as the
|
|
360
308
|
# standard library's logger
|
|
361
309
|
logger.log(level,
|
|
362
|
-
format("message
|
|
310
|
+
format("message=%<message>s %<data_str>s",
|
|
311
|
+
message: wrap_logfmt_value(message),
|
|
312
|
+
data_str: data_str))
|
|
363
313
|
elsif out.isatty
|
|
364
|
-
out.puts format("
|
|
314
|
+
out.puts format("%<level>s %<message>s %<data_str>s",
|
|
315
|
+
level: colorize(level_name(level)[0, 4].upcase,
|
|
316
|
+
color, out.isatty),
|
|
317
|
+
message: message,
|
|
318
|
+
data_str: data_str)
|
|
365
319
|
else
|
|
366
|
-
out.puts format("message
|
|
320
|
+
out.puts format("message=%<message>s level=%<level>s %<data_str>s",
|
|
321
|
+
message: wrap_logfmt_value(message),
|
|
322
|
+
level: level_name(level),
|
|
323
|
+
data_str: data_str)
|
|
367
324
|
end
|
|
368
325
|
end
|
|
369
326
|
private_class_method :log_internal
|
|
@@ -381,7 +338,7 @@ module Stripe
|
|
|
381
338
|
if %r{[^\w\-/]} =~ val
|
|
382
339
|
# If the string contains any special characters, escape any double
|
|
383
340
|
# quotes it has, remove newlines, and wrap the whole thing in quotes.
|
|
384
|
-
format(%("
|
|
341
|
+
format(%("%<value>s"), value: val.gsub('"', '\"').delete("\n"))
|
|
385
342
|
else
|
|
386
343
|
# Otherwise use the basic value if it looks like a standard set of
|
|
387
344
|
# characters (and allow a few special characters like hyphens, and
|
data/lib/stripe/version.rb
CHANGED
data/lib/stripe/webhook.rb
CHANGED
|
@@ -8,7 +8,8 @@ module Stripe
|
|
|
8
8
|
#
|
|
9
9
|
# This may raise JSON::ParserError if the payload is not valid JSON, or
|
|
10
10
|
# SignatureVerificationError if the signature verification fails.
|
|
11
|
-
def self.construct_event(payload, sig_header, secret,
|
|
11
|
+
def self.construct_event(payload, sig_header, secret,
|
|
12
|
+
tolerance: DEFAULT_TOLERANCE)
|
|
12
13
|
Signature.verify_header(payload, sig_header, secret, tolerance: tolerance)
|
|
13
14
|
|
|
14
15
|
# It's a good idea to parse the payload only after verifying it. We use
|
|
@@ -21,12 +22,39 @@ module Stripe
|
|
|
21
22
|
end
|
|
22
23
|
|
|
23
24
|
module Signature
|
|
24
|
-
EXPECTED_SCHEME = "v1"
|
|
25
|
+
EXPECTED_SCHEME = "v1"
|
|
25
26
|
|
|
26
|
-
|
|
27
|
-
|
|
27
|
+
# Computes a webhook signature given a time (probably the current time),
|
|
28
|
+
# a payload, and a signing secret.
|
|
29
|
+
def self.compute_signature(timestamp, payload, secret)
|
|
30
|
+
raise ArgumentError, "timestamp should be an instance of Time" \
|
|
31
|
+
unless timestamp.is_a?(Time)
|
|
32
|
+
raise ArgumentError, "payload should be a string" \
|
|
33
|
+
unless payload.is_a?(String)
|
|
34
|
+
raise ArgumentError, "secret should be a string" \
|
|
35
|
+
unless secret.is_a?(String)
|
|
36
|
+
|
|
37
|
+
timestamped_payload = "#{timestamp.to_i}.#{payload}"
|
|
38
|
+
OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new("sha256"), secret,
|
|
39
|
+
timestamped_payload)
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
# Generates a value that would be added to a `Stripe-Signature` for a
|
|
43
|
+
# given webhook payload.
|
|
44
|
+
#
|
|
45
|
+
# Note that this isn't needed to verify webhooks in any way, and is
|
|
46
|
+
# mainly here for use in test cases (those that are both within this
|
|
47
|
+
# project and without).
|
|
48
|
+
def self.generate_header(timestamp, signature, scheme: EXPECTED_SCHEME)
|
|
49
|
+
raise ArgumentError, "timestamp should be an instance of Time" \
|
|
50
|
+
unless timestamp.is_a?(Time)
|
|
51
|
+
raise ArgumentError, "signature should be a string" \
|
|
52
|
+
unless signature.is_a?(String)
|
|
53
|
+
raise ArgumentError, "scheme should be a string" \
|
|
54
|
+
unless scheme.is_a?(String)
|
|
55
|
+
|
|
56
|
+
"t=#{timestamp.to_i},#{scheme}=#{signature}"
|
|
28
57
|
end
|
|
29
|
-
private_class_method :compute_signature
|
|
30
58
|
|
|
31
59
|
# Extracts the timestamp and the signature(s) with the desired scheme
|
|
32
60
|
# from the header
|
|
@@ -34,7 +62,7 @@ module Stripe
|
|
|
34
62
|
list_items = header.split(/,\s*/).map { |i| i.split("=", 2) }
|
|
35
63
|
timestamp = Integer(list_items.select { |i| i[0] == "t" }[0][1])
|
|
36
64
|
signatures = list_items.select { |i| i[0] == scheme }.map { |i| i[1] }
|
|
37
|
-
[timestamp, signatures]
|
|
65
|
+
[Time.at(timestamp), signatures]
|
|
38
66
|
end
|
|
39
67
|
private_class_method :get_timestamp_and_signatures
|
|
40
68
|
|
|
@@ -50,7 +78,13 @@ module Stripe
|
|
|
50
78
|
# Returns true otherwise
|
|
51
79
|
def self.verify_header(payload, header, secret, tolerance: nil)
|
|
52
80
|
begin
|
|
53
|
-
timestamp, signatures =
|
|
81
|
+
timestamp, signatures =
|
|
82
|
+
get_timestamp_and_signatures(header, EXPECTED_SCHEME)
|
|
83
|
+
|
|
84
|
+
# TODO: Try to knock over this blanket rescue as it can unintentionally
|
|
85
|
+
# swallow many valid errors. Instead, try to validate an incoming
|
|
86
|
+
# header one piece at a time, and error with a known exception class if
|
|
87
|
+
# any part is found to be invalid. Rescue that class here.
|
|
54
88
|
rescue StandardError
|
|
55
89
|
raise SignatureVerificationError.new(
|
|
56
90
|
"Unable to extract timestamp and signatures from header",
|
|
@@ -65,8 +99,7 @@ module Stripe
|
|
|
65
99
|
)
|
|
66
100
|
end
|
|
67
101
|
|
|
68
|
-
|
|
69
|
-
expected_sig = compute_signature(signed_payload, secret)
|
|
102
|
+
expected_sig = compute_signature(timestamp, payload, secret)
|
|
70
103
|
unless signatures.any? { |s| Util.secure_compare(expected_sig, s) }
|
|
71
104
|
raise SignatureVerificationError.new(
|
|
72
105
|
"No signatures found matching the expected signature for payload",
|
|
@@ -74,7 +107,7 @@ module Stripe
|
|
|
74
107
|
)
|
|
75
108
|
end
|
|
76
109
|
|
|
77
|
-
if tolerance && timestamp < Time.now
|
|
110
|
+
if tolerance && timestamp < Time.now - tolerance
|
|
78
111
|
raise SignatureVerificationError.new(
|
|
79
112
|
"Timestamp outside the tolerance zone (#{Time.at(timestamp)})",
|
|
80
113
|
header, http_body: payload
|