stripe 5.18.0 → 5.23.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.travis.yml +1 -1
- data/CHANGELOG.md +15 -0
- data/VERSION +1 -1
- data/lib/stripe/object_types.rb +3 -0
- data/lib/stripe/resources.rb +3 -0
- data/lib/stripe/resources/account.rb +1 -0
- data/lib/stripe/resources/account_link.rb +1 -0
- data/lib/stripe/resources/apple_pay_domain.rb +1 -0
- data/lib/stripe/resources/application_fee.rb +1 -0
- data/lib/stripe/resources/balance.rb +1 -0
- data/lib/stripe/resources/balance_transaction.rb +1 -0
- data/lib/stripe/resources/bank_account.rb +1 -0
- data/lib/stripe/resources/billing_portal/session.rb +1 -0
- data/lib/stripe/resources/bitcoin_receiver.rb +1 -0
- data/lib/stripe/resources/card.rb +1 -0
- data/lib/stripe/resources/charge.rb +1 -0
- data/lib/stripe/resources/checkout/session.rb +4 -0
- data/lib/stripe/resources/country_spec.rb +1 -0
- data/lib/stripe/resources/coupon.rb +1 -0
- data/lib/stripe/resources/credit_note.rb +1 -0
- data/lib/stripe/resources/customer.rb +1 -0
- data/lib/stripe/resources/dispute.rb +1 -0
- data/lib/stripe/resources/ephemeral_key.rb +1 -0
- data/lib/stripe/resources/event.rb +1 -0
- data/lib/stripe/resources/exchange_rate.rb +1 -0
- data/lib/stripe/resources/file.rb +1 -0
- data/lib/stripe/resources/file_link.rb +1 -0
- data/lib/stripe/resources/invoice.rb +1 -0
- data/lib/stripe/resources/invoice_item.rb +1 -0
- data/lib/stripe/resources/issuing/authorization.rb +1 -0
- data/lib/stripe/resources/issuing/card.rb +1 -0
- data/lib/stripe/resources/issuing/cardholder.rb +1 -0
- data/lib/stripe/resources/issuing/dispute.rb +1 -0
- data/lib/stripe/resources/issuing/transaction.rb +1 -0
- data/lib/stripe/resources/line_item.rb +7 -0
- data/lib/stripe/resources/mandate.rb +1 -0
- data/lib/stripe/resources/order.rb +1 -0
- data/lib/stripe/resources/order_return.rb +1 -0
- data/lib/stripe/resources/payment_intent.rb +1 -0
- data/lib/stripe/resources/payment_method.rb +1 -0
- data/lib/stripe/resources/payout.rb +1 -0
- data/lib/stripe/resources/plan.rb +1 -0
- data/lib/stripe/resources/price.rb +12 -0
- data/lib/stripe/resources/product.rb +1 -0
- data/lib/stripe/resources/promotion_code.rb +12 -0
- data/lib/stripe/resources/radar/early_fraud_warning.rb +1 -0
- data/lib/stripe/resources/radar/value_list.rb +1 -0
- data/lib/stripe/resources/radar/value_list_item.rb +1 -0
- data/lib/stripe/resources/recipient.rb +1 -0
- data/lib/stripe/resources/refund.rb +1 -0
- data/lib/stripe/resources/reporting/report_run.rb +1 -0
- data/lib/stripe/resources/reporting/report_type.rb +1 -0
- data/lib/stripe/resources/review.rb +1 -0
- data/lib/stripe/resources/setup_intent.rb +1 -0
- data/lib/stripe/resources/sigma/scheduled_query_run.rb +1 -0
- data/lib/stripe/resources/sku.rb +1 -0
- data/lib/stripe/resources/source.rb +1 -0
- data/lib/stripe/resources/subscription.rb +1 -0
- data/lib/stripe/resources/subscription_item.rb +1 -0
- data/lib/stripe/resources/subscription_schedule.rb +1 -0
- data/lib/stripe/resources/tax_rate.rb +1 -0
- data/lib/stripe/resources/terminal/connection_token.rb +1 -0
- data/lib/stripe/resources/terminal/location.rb +1 -0
- data/lib/stripe/resources/terminal/reader.rb +1 -0
- data/lib/stripe/resources/three_d_secure.rb +1 -0
- data/lib/stripe/resources/token.rb +1 -0
- data/lib/stripe/resources/topup.rb +1 -0
- data/lib/stripe/resources/transfer.rb +1 -0
- data/lib/stripe/resources/webhook_endpoint.rb +1 -0
- data/lib/stripe/version.rb +1 -1
- data/lib/stripe/webhook.rb +38 -7
- data/test/stripe/account_link_test.rb +3 -3
- data/test/stripe/checkout/session_test.rb +12 -0
- data/test/stripe/price_test.rb +48 -0
- data/test/stripe/promotion_code_test.rb +42 -0
- data/test/stripe/subscription_item_test.rb +1 -1
- data/test/stripe/webhook_test.rb +44 -5
- data/test/test_helper.rb +1 -1
- metadata +9 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 339246c958404a761dbafcfbd76acfcf7f2223838e41efd928babd1624f1f173
|
|
4
|
+
data.tar.gz: 8d7385cfe0066b9dd4ad53a2f3d3ebcace2b22f77b27cd8fe252bfb7f58118e4
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 3170fd6a145e41cc69b25ddbeb20cc88064fb4011ee89438d07362c745c2990523c1ea25c319c25910e5670bba7f27d97b2453462fc441c31d0db3b0ff761c46
|
|
7
|
+
data.tar.gz: bc2ae7b487bfd0a7957e360862188bcda79f9f851504162ec9c30ecf3c0a824a2050e73a0e5d3ceb3840511b8585b4710e3a97864b3eb7e0ddcb315b79f60a8d
|
data/.travis.yml
CHANGED
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,20 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
+
## 5.23.0 - 2020-08-05
|
|
4
|
+
* [#937](https://github.com/stripe/stripe-ruby/pull/937) Add support for the `PromotionCode` resource and APIs
|
|
5
|
+
|
|
6
|
+
## 5.22.0 - 2020-05-11
|
|
7
|
+
* [#918](https://github.com/stripe/stripe-ruby/pull/918) Add support for the `LineItem` resource and APIs
|
|
8
|
+
|
|
9
|
+
## 5.21.0 - 2020-04-29
|
|
10
|
+
* [#917](https://github.com/stripe/stripe-ruby/pull/917) Add support for the `Price` resource and APIs
|
|
11
|
+
|
|
12
|
+
## 5.20.0 - 2020-04-27
|
|
13
|
+
* [#916](https://github.com/stripe/stripe-ruby/pull/916) Add new `.generate_header` method for webhooks
|
|
14
|
+
|
|
15
|
+
## 5.19.0 - 2020-04-24
|
|
16
|
+
* [#915](https://github.com/stripe/stripe-ruby/pull/915) Expose `Stripe::Webhook.compute_signature` publicly
|
|
17
|
+
|
|
3
18
|
## 5.18.0 - 2020-04-22
|
|
4
19
|
* [#911](https://github.com/stripe/stripe-ruby/pull/911) Add support for `BillingPortal` namespace and `Session` resource and APIs
|
|
5
20
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
5.
|
|
1
|
+
5.23.0
|
data/lib/stripe/object_types.rb
CHANGED
|
@@ -49,6 +49,7 @@ module Stripe
|
|
|
49
49
|
Issuing::Cardholder::OBJECT_NAME => Issuing::Cardholder,
|
|
50
50
|
Issuing::Dispute::OBJECT_NAME => Issuing::Dispute,
|
|
51
51
|
Issuing::Transaction::OBJECT_NAME => Issuing::Transaction,
|
|
52
|
+
LineItem::OBJECT_NAME => LineItem,
|
|
52
53
|
LoginLink::OBJECT_NAME => LoginLink,
|
|
53
54
|
Mandate::OBJECT_NAME => Mandate,
|
|
54
55
|
Order::OBJECT_NAME => Order,
|
|
@@ -58,7 +59,9 @@ module Stripe
|
|
|
58
59
|
Payout::OBJECT_NAME => Payout,
|
|
59
60
|
Person::OBJECT_NAME => Person,
|
|
60
61
|
Plan::OBJECT_NAME => Plan,
|
|
62
|
+
Price::OBJECT_NAME => Price,
|
|
61
63
|
Product::OBJECT_NAME => Product,
|
|
64
|
+
PromotionCode::OBJECT_NAME => PromotionCode,
|
|
62
65
|
Radar::EarlyFraudWarning::OBJECT_NAME => Radar::EarlyFraudWarning,
|
|
63
66
|
Radar::ValueList::OBJECT_NAME => Radar::ValueList,
|
|
64
67
|
Radar::ValueListItem::OBJECT_NAME => Radar::ValueListItem,
|
data/lib/stripe/resources.rb
CHANGED
|
@@ -38,6 +38,7 @@ require "stripe/resources/issuing/card_details"
|
|
|
38
38
|
require "stripe/resources/issuing/cardholder"
|
|
39
39
|
require "stripe/resources/issuing/dispute"
|
|
40
40
|
require "stripe/resources/issuing/transaction"
|
|
41
|
+
require "stripe/resources/line_item"
|
|
41
42
|
require "stripe/resources/login_link"
|
|
42
43
|
require "stripe/resources/mandate"
|
|
43
44
|
require "stripe/resources/order"
|
|
@@ -47,7 +48,9 @@ require "stripe/resources/payment_method"
|
|
|
47
48
|
require "stripe/resources/payout"
|
|
48
49
|
require "stripe/resources/person"
|
|
49
50
|
require "stripe/resources/plan"
|
|
51
|
+
require "stripe/resources/price"
|
|
50
52
|
require "stripe/resources/product"
|
|
53
|
+
require "stripe/resources/promotion_code"
|
|
51
54
|
require "stripe/resources/radar/early_fraud_warning"
|
|
52
55
|
require "stripe/resources/radar/value_list"
|
|
53
56
|
require "stripe/resources/radar/value_list_item"
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# File generated from our OpenAPI spec
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
|
|
3
4
|
module Stripe
|
|
@@ -5,8 +6,11 @@ module Stripe
|
|
|
5
6
|
class Session < APIResource
|
|
6
7
|
extend Stripe::APIOperations::Create
|
|
7
8
|
extend Stripe::APIOperations::List
|
|
9
|
+
extend Stripe::APIOperations::NestedResource
|
|
8
10
|
|
|
9
11
|
OBJECT_NAME = "checkout.session"
|
|
12
|
+
|
|
13
|
+
nested_resource_class_methods :line_item, operations: %i[list]
|
|
10
14
|
end
|
|
11
15
|
end
|
|
12
16
|
end
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
# File generated from our OpenAPI spec
|
|
2
|
+
# frozen_string_literal: true
|
|
3
|
+
|
|
4
|
+
module Stripe
|
|
5
|
+
class Price < APIResource
|
|
6
|
+
extend Stripe::APIOperations::Create
|
|
7
|
+
extend Stripe::APIOperations::List
|
|
8
|
+
include Stripe::APIOperations::Save
|
|
9
|
+
|
|
10
|
+
OBJECT_NAME = "price"
|
|
11
|
+
end
|
|
12
|
+
end
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
# File generated from our OpenAPI spec
|
|
2
|
+
# frozen_string_literal: true
|
|
3
|
+
|
|
4
|
+
module Stripe
|
|
5
|
+
class PromotionCode < APIResource
|
|
6
|
+
extend Stripe::APIOperations::Create
|
|
7
|
+
extend Stripe::APIOperations::List
|
|
8
|
+
include Stripe::APIOperations::Save
|
|
9
|
+
|
|
10
|
+
OBJECT_NAME = "promotion_code"
|
|
11
|
+
end
|
|
12
|
+
end
|
data/lib/stripe/resources/sku.rb
CHANGED
data/lib/stripe/version.rb
CHANGED
data/lib/stripe/webhook.rb
CHANGED
|
@@ -24,10 +24,37 @@ module Stripe
|
|
|
24
24
|
module Signature
|
|
25
25
|
EXPECTED_SCHEME = "v1"
|
|
26
26
|
|
|
27
|
-
|
|
28
|
-
|
|
27
|
+
# Computes a webhook signature given a time (probably the current time),
|
|
28
|
+
# a payload, and a signing secret.
|
|
29
|
+
def self.compute_signature(timestamp, payload, secret)
|
|
30
|
+
raise ArgumentError, "timestamp should be an instance of Time" \
|
|
31
|
+
unless timestamp.is_a?(Time)
|
|
32
|
+
raise ArgumentError, "payload should be a string" \
|
|
33
|
+
unless payload.is_a?(String)
|
|
34
|
+
raise ArgumentError, "secret should be a string" \
|
|
35
|
+
unless secret.is_a?(String)
|
|
36
|
+
|
|
37
|
+
timestamped_payload = "#{timestamp.to_i}.#{payload}"
|
|
38
|
+
OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new("sha256"), secret,
|
|
39
|
+
timestamped_payload)
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
# Generates a value that would be added to a `Stripe-Signature` for a
|
|
43
|
+
# given webhook payload.
|
|
44
|
+
#
|
|
45
|
+
# Note that this isn't needed to verify webhooks in any way, and is
|
|
46
|
+
# mainly here for use in test cases (those that are both within this
|
|
47
|
+
# project and without).
|
|
48
|
+
def self.generate_header(timestamp, signature, scheme: EXPECTED_SCHEME)
|
|
49
|
+
raise ArgumentError, "timestamp should be an instance of Time" \
|
|
50
|
+
unless timestamp.is_a?(Time)
|
|
51
|
+
raise ArgumentError, "signature should be a string" \
|
|
52
|
+
unless signature.is_a?(String)
|
|
53
|
+
raise ArgumentError, "scheme should be a string" \
|
|
54
|
+
unless scheme.is_a?(String)
|
|
55
|
+
|
|
56
|
+
"t=#{timestamp.to_i},#{scheme}=#{signature}"
|
|
29
57
|
end
|
|
30
|
-
private_class_method :compute_signature
|
|
31
58
|
|
|
32
59
|
# Extracts the timestamp and the signature(s) with the desired scheme
|
|
33
60
|
# from the header
|
|
@@ -35,7 +62,7 @@ module Stripe
|
|
|
35
62
|
list_items = header.split(/,\s*/).map { |i| i.split("=", 2) }
|
|
36
63
|
timestamp = Integer(list_items.select { |i| i[0] == "t" }[0][1])
|
|
37
64
|
signatures = list_items.select { |i| i[0] == scheme }.map { |i| i[1] }
|
|
38
|
-
[timestamp, signatures]
|
|
65
|
+
[Time.at(timestamp), signatures]
|
|
39
66
|
end
|
|
40
67
|
private_class_method :get_timestamp_and_signatures
|
|
41
68
|
|
|
@@ -53,6 +80,11 @@ module Stripe
|
|
|
53
80
|
begin
|
|
54
81
|
timestamp, signatures =
|
|
55
82
|
get_timestamp_and_signatures(header, EXPECTED_SCHEME)
|
|
83
|
+
|
|
84
|
+
# TODO: Try to knock over this blanket rescue as it can unintentionally
|
|
85
|
+
# swallow many valid errors. Instead, try to validate an incoming
|
|
86
|
+
# header one piece at a time, and error with a known exception class if
|
|
87
|
+
# any part is found to be invalid. Rescue that class here.
|
|
56
88
|
rescue StandardError
|
|
57
89
|
raise SignatureVerificationError.new(
|
|
58
90
|
"Unable to extract timestamp and signatures from header",
|
|
@@ -67,8 +99,7 @@ module Stripe
|
|
|
67
99
|
)
|
|
68
100
|
end
|
|
69
101
|
|
|
70
|
-
|
|
71
|
-
expected_sig = compute_signature(signed_payload, secret)
|
|
102
|
+
expected_sig = compute_signature(timestamp, payload, secret)
|
|
72
103
|
unless signatures.any? { |s| Util.secure_compare(expected_sig, s) }
|
|
73
104
|
raise SignatureVerificationError.new(
|
|
74
105
|
"No signatures found matching the expected signature for payload",
|
|
@@ -76,7 +107,7 @@ module Stripe
|
|
|
76
107
|
)
|
|
77
108
|
end
|
|
78
109
|
|
|
79
|
-
if tolerance && timestamp < Time.now
|
|
110
|
+
if tolerance && timestamp < Time.now - tolerance
|
|
80
111
|
raise SignatureVerificationError.new(
|
|
81
112
|
"Timestamp outside the tolerance zone (#{Time.at(timestamp)})",
|
|
82
113
|
header, http_body: payload
|
|
@@ -7,9 +7,9 @@ module Stripe
|
|
|
7
7
|
should "be creatable" do
|
|
8
8
|
link = Stripe::AccountLink.create(
|
|
9
9
|
account: "acct_123",
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
type: "
|
|
10
|
+
refresh_url: "https://stripe.com/refresh",
|
|
11
|
+
return_url: "https://stripe.com/return",
|
|
12
|
+
type: "account_onboarding"
|
|
13
13
|
)
|
|
14
14
|
assert_requested :post, "#{Stripe.api_base}/v1/account_links"
|
|
15
15
|
assert link.is_a?(Stripe::AccountLink)
|
|
@@ -36,6 +36,18 @@ module Stripe
|
|
|
36
36
|
assert_requested :get, "#{Stripe.api_base}/v1/checkout/sessions/cs_123"
|
|
37
37
|
assert charge.is_a?(Stripe::Checkout::Session)
|
|
38
38
|
end
|
|
39
|
+
|
|
40
|
+
context "#list_line_items" do
|
|
41
|
+
should "list the session's line items" do
|
|
42
|
+
sources = Stripe::Checkout::Session.list_line_items(
|
|
43
|
+
"cs_123"
|
|
44
|
+
)
|
|
45
|
+
assert_requested :get, "#{Stripe.api_base}/v1/checkout/sessions/cs_123/line_items"
|
|
46
|
+
assert sources.is_a?(Stripe::ListObject)
|
|
47
|
+
assert sources.data.is_a?(Array)
|
|
48
|
+
assert sources.data[0].is_a?(Stripe::LineItem)
|
|
49
|
+
end
|
|
50
|
+
end
|
|
39
51
|
end
|
|
40
52
|
end
|
|
41
53
|
end
|
|
@@ -0,0 +1,48 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require ::File.expand_path("../test_helper", __dir__)
|
|
4
|
+
|
|
5
|
+
module Stripe
|
|
6
|
+
class PriceTest < Test::Unit::TestCase
|
|
7
|
+
should "be listable" do
|
|
8
|
+
prices = Stripe::Price.list
|
|
9
|
+
assert_requested :get, "#{Stripe.api_base}/v1/prices"
|
|
10
|
+
assert prices.data.is_a?(Array)
|
|
11
|
+
assert prices.data[0].is_a?(Stripe::Price)
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
should "be retrievable" do
|
|
15
|
+
price = Stripe::Price.retrieve("price_123")
|
|
16
|
+
assert_requested :get, "#{Stripe.api_base}/v1/prices/price_123"
|
|
17
|
+
assert price.is_a?(Stripe::Price)
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
should "be creatable" do
|
|
21
|
+
price = Stripe::Price.create(
|
|
22
|
+
unit_amount: 5000,
|
|
23
|
+
currency: "usd",
|
|
24
|
+
recurring: {
|
|
25
|
+
interval: "month",
|
|
26
|
+
},
|
|
27
|
+
product_data: {
|
|
28
|
+
name: "Product name",
|
|
29
|
+
}
|
|
30
|
+
)
|
|
31
|
+
assert_requested :post, "#{Stripe.api_base}/v1/prices"
|
|
32
|
+
assert price.is_a?(Stripe::Price)
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
should "be saveable" do
|
|
36
|
+
price = Stripe::Price.retrieve("price_123")
|
|
37
|
+
price.metadata["key"] = "value"
|
|
38
|
+
price.save
|
|
39
|
+
assert_requested :post, "#{Stripe.api_base}/v1/prices/#{price.id}"
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
should "be updateable" do
|
|
43
|
+
price = Stripe::Price.update("price_123", metadata: { foo: "bar" })
|
|
44
|
+
assert_requested :post, "#{Stripe.api_base}/v1/prices/price_123"
|
|
45
|
+
assert price.is_a?(Stripe::Price)
|
|
46
|
+
end
|
|
47
|
+
end
|
|
48
|
+
end
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require ::File.expand_path("../test_helper", __dir__)
|
|
4
|
+
|
|
5
|
+
module Stripe
|
|
6
|
+
class PromotionCodeTest < Test::Unit::TestCase
|
|
7
|
+
should "be listable" do
|
|
8
|
+
promotion_codes = Stripe::PromotionCode.list
|
|
9
|
+
assert_requested :get, "#{Stripe.api_base}/v1/promotion_codes"
|
|
10
|
+
assert promotion_codes.data.is_a?(Array)
|
|
11
|
+
assert promotion_codes.first.is_a?(Stripe::PromotionCode)
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
should "be retrievable" do
|
|
15
|
+
coupon = Stripe::PromotionCode.retrieve("PROMO_123")
|
|
16
|
+
assert_requested :get, "#{Stripe.api_base}/v1/promotion_codes/PROMO_123"
|
|
17
|
+
assert coupon.is_a?(Stripe::PromotionCode)
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
should "be creatable" do
|
|
21
|
+
coupon = Stripe::PromotionCode.create(
|
|
22
|
+
coupon: "co_123",
|
|
23
|
+
code: "MYCODE"
|
|
24
|
+
)
|
|
25
|
+
assert_requested :post, "#{Stripe.api_base}/v1/promotion_codes"
|
|
26
|
+
assert coupon.is_a?(Stripe::PromotionCode)
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
should "be saveable" do
|
|
30
|
+
coupon = Stripe::PromotionCode.retrieve("PROMO_123")
|
|
31
|
+
coupon.metadata["key"] = "value"
|
|
32
|
+
coupon.save
|
|
33
|
+
assert_requested :post, "#{Stripe.api_base}/v1/promotion_codes/#{coupon.id}"
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
should "be updateable" do
|
|
37
|
+
coupon = Stripe::PromotionCode.update("PROMO_123", metadata: { key: "value" })
|
|
38
|
+
assert_requested :post, "#{Stripe.api_base}/v1/promotion_codes/PROMO_123"
|
|
39
|
+
assert coupon.is_a?(Stripe::PromotionCode)
|
|
40
|
+
end
|
|
41
|
+
end
|
|
42
|
+
end
|
data/test/stripe/webhook_test.rb
CHANGED
|
@@ -13,12 +13,51 @@ module Stripe
|
|
|
13
13
|
SECRET = "whsec_test_secret"
|
|
14
14
|
|
|
15
15
|
def generate_header(opts = {})
|
|
16
|
-
opts[:timestamp] ||= Time.now
|
|
16
|
+
opts[:timestamp] ||= Time.now
|
|
17
17
|
opts[:payload] ||= EVENT_PAYLOAD
|
|
18
18
|
opts[:secret] ||= SECRET
|
|
19
19
|
opts[:scheme] ||= Stripe::Webhook::Signature::EXPECTED_SCHEME
|
|
20
|
-
opts[:signature] ||= Stripe::Webhook::Signature.
|
|
21
|
-
|
|
20
|
+
opts[:signature] ||= Stripe::Webhook::Signature.compute_signature(
|
|
21
|
+
opts[:timestamp],
|
|
22
|
+
opts[:payload],
|
|
23
|
+
opts[:secret]
|
|
24
|
+
)
|
|
25
|
+
Stripe::Webhook::Signature.generate_header(
|
|
26
|
+
opts[:timestamp],
|
|
27
|
+
opts[:signature],
|
|
28
|
+
scheme: opts[:scheme]
|
|
29
|
+
)
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
context ".compute_signature" do
|
|
33
|
+
should "compute a signature which can then be verified" do
|
|
34
|
+
timestamp = Time.now
|
|
35
|
+
signature = Stripe::Webhook::Signature.compute_signature(
|
|
36
|
+
timestamp,
|
|
37
|
+
EVENT_PAYLOAD,
|
|
38
|
+
SECRET
|
|
39
|
+
)
|
|
40
|
+
header = generate_header(timestamp: timestamp, signature: signature)
|
|
41
|
+
assert(Stripe::Webhook::Signature.verify_header(EVENT_PAYLOAD, header, SECRET))
|
|
42
|
+
end
|
|
43
|
+
end
|
|
44
|
+
|
|
45
|
+
context ".generate_header" do
|
|
46
|
+
should "generate a header in valid format" do
|
|
47
|
+
timestamp = Time.now
|
|
48
|
+
signature = Stripe::Webhook::Signature.compute_signature(
|
|
49
|
+
timestamp,
|
|
50
|
+
EVENT_PAYLOAD,
|
|
51
|
+
SECRET
|
|
52
|
+
)
|
|
53
|
+
scheme = "v1"
|
|
54
|
+
header = Stripe::Webhook::Signature.generate_header(
|
|
55
|
+
timestamp,
|
|
56
|
+
signature,
|
|
57
|
+
scheme: scheme
|
|
58
|
+
)
|
|
59
|
+
assert_equal("t=#{timestamp.to_i},#{scheme}=#{signature}", header)
|
|
60
|
+
end
|
|
22
61
|
end
|
|
23
62
|
|
|
24
63
|
context ".construct_event" do
|
|
@@ -70,7 +109,7 @@ module Stripe
|
|
|
70
109
|
end
|
|
71
110
|
|
|
72
111
|
should "raise a SignatureVerificationError when the timestamp is not within the tolerance" do
|
|
73
|
-
header = generate_header(timestamp: Time.now
|
|
112
|
+
header = generate_header(timestamp: Time.now - 15)
|
|
74
113
|
e = assert_raises(Stripe::SignatureVerificationError) do
|
|
75
114
|
Stripe::Webhook::Signature.verify_header(EVENT_PAYLOAD, header, SECRET, tolerance: 10)
|
|
76
115
|
end
|
|
@@ -88,7 +127,7 @@ module Stripe
|
|
|
88
127
|
end
|
|
89
128
|
|
|
90
129
|
should "return true when the header contains a valid signature and the timestamp is off but no tolerance is provided" do
|
|
91
|
-
header = generate_header(timestamp: 12_345)
|
|
130
|
+
header = generate_header(timestamp: Time.at(12_345))
|
|
92
131
|
assert(Stripe::Webhook::Signature.verify_header(EVENT_PAYLOAD, header, SECRET))
|
|
93
132
|
end
|
|
94
133
|
end
|
data/test/test_helper.rb
CHANGED
|
@@ -16,7 +16,7 @@ require ::File.expand_path("test_data", __dir__)
|
|
|
16
16
|
require ::File.expand_path("stripe_mock", __dir__)
|
|
17
17
|
|
|
18
18
|
# If changing this number, please also change it in `.travis.yml`.
|
|
19
|
-
MOCK_MINIMUM_VERSION = "0.
|
|
19
|
+
MOCK_MINIMUM_VERSION = "0.95.0"
|
|
20
20
|
MOCK_PORT = Stripe::StripeMock.start
|
|
21
21
|
|
|
22
22
|
# Disable all real network connections except those that are outgoing to
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: stripe
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 5.
|
|
4
|
+
version: 5.23.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Stripe
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-
|
|
11
|
+
date: 2020-08-05 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description: Stripe is the easiest way to accept payments online. See https://stripe.com
|
|
14
14
|
for details.
|
|
@@ -93,6 +93,7 @@ files:
|
|
|
93
93
|
- lib/stripe/resources/issuing/cardholder.rb
|
|
94
94
|
- lib/stripe/resources/issuing/dispute.rb
|
|
95
95
|
- lib/stripe/resources/issuing/transaction.rb
|
|
96
|
+
- lib/stripe/resources/line_item.rb
|
|
96
97
|
- lib/stripe/resources/login_link.rb
|
|
97
98
|
- lib/stripe/resources/mandate.rb
|
|
98
99
|
- lib/stripe/resources/order.rb
|
|
@@ -102,7 +103,9 @@ files:
|
|
|
102
103
|
- lib/stripe/resources/payout.rb
|
|
103
104
|
- lib/stripe/resources/person.rb
|
|
104
105
|
- lib/stripe/resources/plan.rb
|
|
106
|
+
- lib/stripe/resources/price.rb
|
|
105
107
|
- lib/stripe/resources/product.rb
|
|
108
|
+
- lib/stripe/resources/promotion_code.rb
|
|
106
109
|
- lib/stripe/resources/radar/early_fraud_warning.rb
|
|
107
110
|
- lib/stripe/resources/radar/value_list.rb
|
|
108
111
|
- lib/stripe/resources/radar/value_list_item.rb
|
|
@@ -191,7 +194,9 @@ files:
|
|
|
191
194
|
- test/stripe/payout_test.rb
|
|
192
195
|
- test/stripe/person_test.rb
|
|
193
196
|
- test/stripe/plan_test.rb
|
|
197
|
+
- test/stripe/price_test.rb
|
|
194
198
|
- test/stripe/product_test.rb
|
|
199
|
+
- test/stripe/promotion_code_test.rb
|
|
195
200
|
- test/stripe/radar/early_fraud_warning_test.rb
|
|
196
201
|
- test/stripe/radar/value_list_item_test.rb
|
|
197
202
|
- test/stripe/radar/value_list_test.rb
|
|
@@ -307,7 +312,9 @@ test_files:
|
|
|
307
312
|
- test/stripe/payout_test.rb
|
|
308
313
|
- test/stripe/person_test.rb
|
|
309
314
|
- test/stripe/plan_test.rb
|
|
315
|
+
- test/stripe/price_test.rb
|
|
310
316
|
- test/stripe/product_test.rb
|
|
317
|
+
- test/stripe/promotion_code_test.rb
|
|
311
318
|
- test/stripe/radar/early_fraud_warning_test.rb
|
|
312
319
|
- test/stripe/radar/value_list_item_test.rb
|
|
313
320
|
- test/stripe/radar/value_list_test.rb
|