stripe 5.28.0 → 8.7.0

data/lib/stripe/stripe_configuration.rb

@@ -86,13 +86,16 @@ module Stripe
         val = Stripe::LEVEL_DEBUG
       elsif val == "info"
         val = Stripe::LEVEL_INFO
+      elsif val == "error"
+        val = Stripe::LEVEL_ERROR
       end
 
       levels = [Stripe::LEVEL_INFO, Stripe::LEVEL_DEBUG, Stripe::LEVEL_ERROR]
 
       if !val.nil? && !levels.include?(val)
         raise ArgumentError,
-              "log_level should only be set to `nil`, `debug` or `info`"
+              "log_level should only be set to `nil`, `debug`, `info`," \
+              " or `error`"
       end
       @log_level = val
     end
@@ -101,14 +104,22 @@ module Stripe
       @max_network_retries = val.to_i
     end
 
+    def max_network_retry_delay=(val)
+      @max_network_retry_delay = val.to_i
+    end
+
+    def initial_network_retry_delay=(val)
+      @initial_network_retry_delay = val.to_i
+    end
+
     def open_timeout=(open_timeout)
       @open_timeout = open_timeout
-      StripeClient.clear_all_connection_managers
+      StripeClient.clear_all_connection_managers(config: self)
     end
 
     def read_timeout=(read_timeout)
       @read_timeout = read_timeout
-      StripeClient.clear_all_connection_managers
+      StripeClient.clear_all_connection_managers(config: self)
     end
 
     def write_timeout=(write_timeout)
@@ -117,32 +128,32 @@ module Stripe
       end
 
       @write_timeout = write_timeout
-      StripeClient.clear_all_connection_managers
+      StripeClient.clear_all_connection_managers(config: self)
     end
 
     def proxy=(proxy)
       @proxy = proxy
-      StripeClient.clear_all_connection_managers
+      StripeClient.clear_all_connection_managers(config: self)
     end
 
     def verify_ssl_certs=(verify_ssl_certs)
       @verify_ssl_certs = verify_ssl_certs
-      StripeClient.clear_all_connection_managers
+      StripeClient.clear_all_connection_managers(config: self)
     end
 
     def uploads_base=(uploads_base)
       @uploads_base = uploads_base
-      StripeClient.clear_all_connection_managers
+      StripeClient.clear_all_connection_managers(config: self)
     end
 
     def connect_base=(connect_base)
       @connect_base = connect_base
-      StripeClient.clear_all_connection_managers
+      StripeClient.clear_all_connection_managers(config: self)
     end
 
     def api_base=(api_base)
       @api_base = api_base
-      StripeClient.clear_all_connection_managers
+      StripeClient.clear_all_connection_managers(config: self)
     end
 
     def ca_bundle_path=(path)
@@ -151,7 +162,7 @@ module Stripe
       # empty this field so a new store is initialized
       @ca_store = nil
 
-      StripeClient.clear_all_connection_managers
+      StripeClient.clear_all_connection_managers(config: self)
     end
 
     # A certificate store initialized from the the bundle in #ca_bundle_path and
@@ -174,5 +185,13 @@ module Stripe
     def enable_telemetry?
       enable_telemetry
     end
+
+    # Generates a deterministic key to identify configuration objects with
+    # identical configuration values.
+    def key
+      instance_variables
+        .collect { |variable| instance_variable_get(variable) }
+        .join
+    end
   end
 end

data/lib/stripe/stripe_object.rb

@@ -267,6 +267,27 @@ module Stripe
       []
     end
 
+    # When designing APIs, we now make a conscious effort server-side to avoid
+    # naming fields after important built-ins in various languages (e.g. class,
+    # method, etc.).
+    #
+    # However, a long time ago we made the mistake (either consciously or by
+    # accident) of initializing our `metadata` fields as instances of
+    # `StripeObject`, and metadata can have a wide range of different keys
+    # defined in it. This is somewhat a convenient in that it allows users to
+    # access data like `obj.metadata.my_field`, but is almost certainly not
+    # worth the cost.
+    #
+    # Naming metadata fields bad things like `class` causes `initialize_from`
+    # to produce strange results, so we ban known offenders here.
+    #
+    # In a future major version we should consider leaving `metadata` as a hash
+    # and forcing people to access it with `obj.metadata[:my_field]` because
+    # the potential for trouble is just too high. For now, reserve names.
+    RESERVED_FIELD_NAMES = [
+      :class,
+    ].freeze
+
     protected def metaclass
       class << self; self; end
     end
@@ -277,6 +298,7 @@ module Stripe
 
       metaclass.instance_eval do
         keys.each do |k|
+          next if RESERVED_FIELD_NAMES.include?(k)
           next if protected_fields.include?(k)
           next if @@permanent_attributes.include?(k)
 
@@ -312,6 +334,7 @@ module Stripe
 
       metaclass.instance_eval do
         keys.each do |k|
+          next if RESERVED_FIELD_NAMES.include?(k)
           next if protected_fields.include?(k)
           next if @@permanent_attributes.include?(k)
 
@@ -406,13 +429,13 @@ module Stripe
     # * +:opts:+ Options for StripeObject like an API key.
     # * +:partial:+ Indicates that the re-initialization should not attempt to
     #   remove accessors.
-    protected def initialize_from(values, opts, partial = false)
+    protected def initialize_from(values, opts)
       @opts = Util.normalize_opts(opts)
 
       # the `#send` is here so that we can keep this method private
       @original_values = self.class.send(:deep_copy, values)
 
-      removed = partial ? Set.new : Set.new(@values.keys - values.keys)
+      removed = Set.new(@values.keys - values.keys)
       added = Set.new(values.keys - @values.keys)
 
       # Wipe old state before setting new.  This is useful for e.g. updating a

data/lib/stripe/stripe_response.rb

@@ -1,63 +1,54 @@
 # frozen_string_literal: true
 
 module Stripe
-  # StripeResponse encapsulates some vitals of a response that came back from
-  # the Stripe API.
-  class StripeResponse
-    # Headers provides an access wrapper to an API response's header data. It
-    # mainly exists so that we don't need to expose the entire
-    # `Net::HTTPResponse` object while still getting some of its benefits like
-    # case-insensitive access to header names and flattening of header values.
-    class Headers
-      # Initializes a Headers object from a Net::HTTP::HTTPResponse object.
-      def self.from_net_http(resp)
-        new(resp.to_hash)
-      end
+  # Headers provides an access wrapper to an API response's header data. It
+  # mainly exists so that we don't need to expose the entire
+  # `Net::HTTPResponse` object while still getting some of its benefits like
+  # case-insensitive access to header names and flattening of header values.
+  class StripeResponseHeaders
+    # Initializes a Headers object from a Net::HTTP::HTTPResponse object.
+    def self.from_net_http(resp)
+      new(resp.to_hash)
+    end
 
-      # `hash` is expected to be a hash mapping header names to arrays of
-      # header values. This is the default format generated by calling
-      # `#to_hash` on a `Net::HTTPResponse` object because headers can be
-      # repeated multiple times. Using `#[]` will collapse values down to just
-      # the first.
-      def initialize(hash)
-        if !hash.is_a?(Hash) ||
-           !hash.keys.all? { |n| n.is_a?(String) } ||
-           !hash.values.all? { |a| a.is_a?(Array) } ||
-           !hash.values.all? { |a| a.all? { |v| v.is_a?(String) } }
-          raise ArgumentError,
-                "expect hash to be a map of string header names to arrays of " \
-                "header values"
-        end
+    # `hash` is expected to be a hash mapping header names to arrays of
+    # header values. This is the default format generated by calling
+    # `#to_hash` on a `Net::HTTPResponse` object because headers can be
+    # repeated multiple times. Using `#[]` will collapse values down to just
+    # the first.
+    def initialize(hash)
+      if !hash.is_a?(Hash) ||
+         !hash.keys.all? { |n| n.is_a?(String) } ||
+         !hash.values.all? { |a| a.is_a?(Array) } ||
+         !hash.values.all? { |a| a.all? { |v| v.is_a?(String) } }
+        raise ArgumentError,
+              "expect hash to be a map of string header names to arrays of " \
+              "header values"
+      end
 
-        @hash = {}
+      @hash = {}
 
-        # This shouldn't be strictly necessary because `Net::HTTPResponse` will
-        # produce a hash with all headers downcased, but do it anyway just in
-        # case an object of this class was constructed manually.
-        #
-        # Also has the effect of duplicating the hash, which is desirable for a
-        # little extra object safety.
-        hash.each do |k, v|
-          @hash[k.downcase] = v
-        end
+      # This shouldn't be strictly necessary because `Net::HTTPResponse` will
+      # produce a hash with all headers downcased, but do it anyway just in
+      # case an object of this class was constructed manually.
+      #
+      # Also has the effect of duplicating the hash, which is desirable for a
+      # little extra object safety.
+      hash.each do |k, v|
+        @hash[k.downcase] = v
       end
+    end
 
-      def [](name)
-        values = @hash[name.downcase]
-        if values && values.count > 1
-          warn("Duplicate header values for `#{name}`; returning only first")
-        end
-        values ? values.first : nil
+    def [](name)
+      values = @hash[name.downcase]
+      if values && values.count > 1
+        warn("Duplicate header values for `#{name}`; returning only first")
       end
+      values ? values.first : nil
     end
+  end
 
-    # The data contained by the HTTP body of the response deserialized from
-    # JSON.
-    attr_accessor :data
-
-    # The raw HTTP body of the response.
-    attr_accessor :http_body
-
+  module StripeResponseBase
     # A Hash of the HTTP headers of the response.
     attr_accessor :http_headers
 
@@ -67,15 +58,52 @@ module Stripe
     # The Stripe request ID of the response.
     attr_accessor :request_id
 
+    def self.populate_for_net_http(resp, http_resp)
+      resp.http_headers = StripeResponseHeaders.from_net_http(http_resp)
+      resp.http_status = http_resp.code.to_i
+      resp.request_id = http_resp["request-id"]
+    end
+  end
+
+  # StripeResponse encapsulates some vitals of a response that came back from
+  # the Stripe API.
+  class StripeResponse
+    include StripeResponseBase
+    # The data contained by the HTTP body of the response deserialized from
+    # JSON.
+    attr_accessor :data
+
+    # The raw HTTP body of the response.
+    attr_accessor :http_body
+
     # Initializes a StripeResponse object from a Net::HTTP::HTTPResponse
     # object.
     def self.from_net_http(http_resp)
       resp = StripeResponse.new
       resp.data = JSON.parse(http_resp.body, symbolize_names: true)
       resp.http_body = http_resp.body
-      resp.http_headers = Headers.from_net_http(http_resp)
-      resp.http_status = http_resp.code.to_i
-      resp.request_id = http_resp["request-id"]
+      StripeResponseBase.populate_for_net_http(resp, http_resp)
+      resp
+    end
+  end
+
+  # We have to alias StripeResponseHeaders to StripeResponse::Headers, as this
+  # class used to be embedded within StripeResponse and we want to be backwards
+  # compatible.
+  StripeResponse::Headers = StripeResponseHeaders
+
+  # StripeHeadersOnlyResponse includes only header-related vitals of the
+  # response. This is used for streaming requests where the response was read
+  # directly in a block and we explicitly don't want to store the body of the
+  # response in memory.
+  class StripeHeadersOnlyResponse
+    include StripeResponseBase
+
+    # Initializes a StripeHeadersOnlyResponse object from a
+    # Net::HTTP::HTTPResponse object.
+    def self.from_net_http(http_resp)
+      resp = StripeHeadersOnlyResponse.new
+      StripeResponseBase.populate_for_net_http(resp, http_resp)
       resp
     end
   end

data/lib/stripe/util.rb

@@ -47,6 +47,53 @@ module Stripe
       Util.object_classes[object_name] == klass
     end
 
+    # Adds a custom method to a resource class. This is used to add support for
+    # non-CRUDL API requests, e.g. capturing charges. custom_method takes the
+    # following parameters:
+    # - name: the name of the custom method to create (as a symbol)
+    # - http_verb: the HTTP verb for the API request (:get, :post, or :delete)
+    # - http_path: the path to append to the resource's URL. If not provided,
+    #              the name is used as the path
+    # - resource: the resource implementation class
+    # - target: the class that custom static method will be added to
+    #
+    # For example, this call:
+    #     custom_method :capture, http_verb: post
+    # adds a `capture` class method to the resource class that, when called,
+    # will send a POST request to `/v1/<object_name>/capture`.
+    def self.custom_method(resource, target, name, http_verb, http_path)
+      unless %i[get post delete].include?(http_verb)
+        raise ArgumentError,
+              "Invalid http_verb value: #{http_verb.inspect}. Should be one " \
+              "of :get, :post or :delete."
+      end
+      unless target.respond_to?(:resource_url)
+        raise ArgumentError,
+              "Invalid target value: #{target}. Target class should have a " \
+              "`resource_url` method."
+      end
+      http_path ||= name.to_s
+      target.define_singleton_method(name) do |id, params = {}, opts = {}|
+        unless id.is_a?(String)
+          raise ArgumentError,
+                "id should be a string representing the ID of an API resource"
+        end
+
+        url = "#{target.resource_url}/"\
+              "#{CGI.escape(id)}/"\
+              "#{CGI.escape(http_path)}"
+
+        resp, opts = resource.execute_resource_request(
+          http_verb,
+          url,
+          params,
+          opts
+        )
+
+        Util.convert_to_stripe_object_with_params(resp.data, params, opts)
+      end
+    end
+
     # Converts a hash of fields or an array of hashes into a +StripeObject+ or
     # array of +StripeObject+s. These new objects will be created as a concrete
     # type as dictated by their `object` field (e.g. an `object` value of
@@ -57,9 +104,27 @@ module Stripe
     # ==== Attributes
     #
     # * +data+ - Hash of fields and values to be converted into a StripeObject.
+    # * +params+ - Params for +StripeObject+ like filters used in search that
+    #   will be reused on subsequent API calls.
     # * +opts+ - Options for +StripeObject+ like an API key that will be reused
     #   on subsequent API calls.
     def self.convert_to_stripe_object(data, opts = {})
+      convert_to_stripe_object_with_params(data, {}, opts)
+    end
+
+    # Converts a hash of fields or an array of hashes into a +StripeObject+ or
+    # array of +StripeObject+s. These new objects will be created as a concrete
+    # type as dictated by their `object` field (e.g. an `object` value of
+    # `charge` would create an instance of +Charge+), but if `object` is not
+    # present or of an unknown type, the newly created instance will fall back
+    # to being a +StripeObject+.
+    #
+    # ==== Attributes
+    #
+    # * +data+ - Hash of fields and values to be converted into a StripeObject.
+    # * +opts+ - Options for +StripeObject+ like an API key that will be reused
+    #   on subsequent API calls.
+    def self.convert_to_stripe_object_with_params(data, params, opts = {})
       opts = normalize_opts(opts)
 
       case data
@@ -68,32 +133,47 @@ module Stripe
       when Hash
         # Try converting to a known object class.  If none available, fall back
         # to generic StripeObject
-        object_classes.fetch(data[:object], StripeObject)
-                      .construct_from(data, opts)
+        object_name = data[:object] || data["object"]
+        obj = object_classes.fetch(object_name, StripeObject)
+                            .construct_from(data, opts)
+
+        # set filters so that we can fetch the same limit, expansions, and
+        # predicates when accessing the next and previous pages
+        if obj && (obj.is_a?(SearchResultObject) || obj.is_a?(ListObject))
+          obj.filters = params.dup
+        end
+
+        obj
       else
         data
       end
     end
 
     def self.log_error(message, data = {})
-      if !Stripe.logger.nil? ||
-         !Stripe.log_level.nil? && Stripe.log_level <= Stripe::LEVEL_ERROR
+      config = data.delete(:config) || Stripe.config
+      logger = config.logger || Stripe.logger
+      if !logger.nil? ||
+         !config.log_level.nil? && config.log_level <= Stripe::LEVEL_ERROR
         log_internal(message, data, color: :cyan, level: Stripe::LEVEL_ERROR,
                                     logger: Stripe.logger, out: $stderr)
       end
     end
 
     def self.log_info(message, data = {})
-      if !Stripe.logger.nil? ||
-         !Stripe.log_level.nil? && Stripe.log_level <= Stripe::LEVEL_INFO
+      config = data.delete(:config) || Stripe.config
+      logger = config.logger || Stripe.logger
+      if !logger.nil? ||
+         !config.log_level.nil? && config.log_level <= Stripe::LEVEL_INFO
         log_internal(message, data, color: :cyan, level: Stripe::LEVEL_INFO,
                                     logger: Stripe.logger, out: $stdout)
       end
     end
 
     def self.log_debug(message, data = {})
-      if !Stripe.logger.nil? ||
-         !Stripe.log_level.nil? && Stripe.log_level <= Stripe::LEVEL_DEBUG
+      config = data.delete(:config) || Stripe.config
+      logger = config.logger || Stripe.logger
+      if !logger.nil? ||
+         !config.log_level.nil? && config.log_level <= Stripe::LEVEL_DEBUG
         log_internal(message, data, color: :blue, level: Stripe::LEVEL_DEBUG,
                                     logger: Stripe.logger, out: $stdout)
       end
@@ -202,7 +282,9 @@ module Stripe
         { api_key: opts }
       when Hash
         check_api_key!(opts.fetch(:api_key)) if opts.key?(:api_key)
-        opts.clone
+        # Explicitly use dup here instead of clone to avoid preserving freeze
+        # state on input params.
+        opts.dup
       else
         raise TypeError, "normalize_opts expects a string or a hash"
       end
@@ -335,6 +417,15 @@ module Stripe
       # Hopefully val is a string, but protect in case it's not.
       val = val.to_s
 
+      # Some values returned by the server are encoded in ASCII-8BIT before
+      # being parsed as UTF-8 by Marshal. If we don't transform these here, then
+      # puts will fail as it tries to render UTF-8 characters as ASCII-8BIT
+      # which is not valid.
+      if val && val.encoding == Encoding::ASCII_8BIT
+        # Dup the string as it is a frozen literal.
+        val = val.dup.force_encoding("UTF-8")
+      end
+
       if %r{[^\w\-/]} =~ val
         # If the string contains any special characters, escape any double
         # quotes it has, remove newlines, and wrap the whole thing in quotes.

data/lib/stripe/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Stripe
-  VERSION = "5.28.0"
+  VERSION = "8.7.0"
 end

data/lib/stripe.rb

@@ -24,6 +24,7 @@ require "stripe/api_operations/list"
 require "stripe/api_operations/nested_resource"
 require "stripe/api_operations/request"
 require "stripe/api_operations/save"
+require "stripe/api_operations/search"
 
 # API resource support classes
 require "stripe/errors"
@@ -35,8 +36,10 @@ require "stripe/stripe_client"
 require "stripe/stripe_object"
 require "stripe/stripe_response"
 require "stripe/list_object"
+require "stripe/search_result_object"
 require "stripe/error_object"
 require "stripe/api_resource"
+require "stripe/api_resource_test_helpers"
 require "stripe/singleton_api_resource"
 require "stripe/webhook"
 require "stripe/stripe_configuration"
@@ -57,35 +60,36 @@ module Stripe
 
   @app_info = nil
 
-  @configuration = Stripe::StripeConfiguration.setup
+  @config = Stripe::StripeConfiguration.setup
 
   class << self
     extend Forwardable
 
+    attr_reader :config
+
     # User configurable options
-    def_delegators :@configuration, :api_key, :api_key=
-    def_delegators :@configuration, :api_version, :api_version=
-    def_delegators :@configuration, :stripe_account, :stripe_account=
-    def_delegators :@configuration, :api_base, :api_base=
-    def_delegators :@configuration, :uploads_base, :uploads_base=
-    def_delegators :@configuration, :connect_base, :connect_base=
-    def_delegators :@configuration, :open_timeout, :open_timeout=
-    def_delegators :@configuration, :read_timeout, :read_timeout=
-    def_delegators :@configuration, :write_timeout, :write_timeout=
-    def_delegators :@configuration, :proxy, :proxy=
-    def_delegators :@configuration, :verify_ssl_certs, :verify_ssl_certs=
-    def_delegators :@configuration, :ca_bundle_path, :ca_bundle_path=
-    def_delegators :@configuration, :log_level, :log_level=
-    def_delegators :@configuration, :logger, :logger=
-    def_delegators :@configuration, :max_network_retries, :max_network_retries=
-    def_delegators :@configuration, :enable_telemetry=, :enable_telemetry?
+    def_delegators :@config, :api_key, :api_key=
+    def_delegators :@config, :api_version, :api_version=
+    def_delegators :@config, :stripe_account, :stripe_account=
+    def_delegators :@config, :api_base, :api_base=
+    def_delegators :@config, :uploads_base, :uploads_base=
+    def_delegators :@config, :connect_base, :connect_base=
+    def_delegators :@config, :open_timeout, :open_timeout=
+    def_delegators :@config, :read_timeout, :read_timeout=
+    def_delegators :@config, :write_timeout, :write_timeout=
+    def_delegators :@config, :proxy, :proxy=
+    def_delegators :@config, :verify_ssl_certs, :verify_ssl_certs=
+    def_delegators :@config, :ca_bundle_path, :ca_bundle_path=
+    def_delegators :@config, :log_level, :log_level=
+    def_delegators :@config, :logger, :logger=
+    def_delegators :@config, :max_network_retries, :max_network_retries=
+    def_delegators :@config, :enable_telemetry=, :enable_telemetry?
+    def_delegators :@config, :client_id=, :client_id
 
     # Internal configurations
-    def_delegators :@configuration, :max_network_retry_delay
-    def_delegators :@configuration, :initial_network_retry_delay
-    def_delegators :@configuration, :ca_store
-
-    attr_accessor :client_id
+    def_delegators :@config, :max_network_retry_delay
+    def_delegators :@config, :initial_network_retry_delay
+    def_delegators :@config, :ca_store
   end
 
   # Gets the application for a plugin that's identified some. See
@@ -102,7 +106,7 @@ module Stripe
   # with API requests. Useful for plugin authors to identify their plugin when
   # communicating with Stripe.
   #
-  # Takes a name and optional  partner program ID, plugin URL, and version.
+  # Takes a name and optional partner program ID, plugin URL, and version.
   def self.set_app_info(name, partner_id: nil, url: nil, version: nil)
     @app_info = {
       name: name,

data/stripe.gemspec

@@ -13,21 +13,28 @@ Gem::Specification.new do |s|
                   "See https://stripe.com for details."
   s.author = "Stripe"
   s.email = "support@stripe.com"
-  s.homepage = "https://stripe.com/docs/api/ruby"
+  s.homepage = "https://stripe.com/docs/api?lang=ruby"
   s.license = "MIT"
 
   s.metadata = {
     "bug_tracker_uri" => "https://github.com/stripe/stripe-ruby/issues",
     "changelog_uri" =>
       "https://github.com/stripe/stripe-ruby/blob/master/CHANGELOG.md",
-    "documentation_uri" => "https://stripe.com/docs/api/ruby",
+    "documentation_uri" => "https://stripe.com/docs/api?lang=ruby",
     "github_repo" => "ssh://github.com/stripe/stripe-ruby",
-    "homepage_uri" => "https://stripe.com/docs/api/ruby",
+    "homepage_uri" => "https://stripe.com/docs/api?lang=ruby",
     "source_code_uri" => "https://github.com/stripe/stripe-ruby",
   }
 
-  s.files = `git ls-files`.split("\n")
-  s.test_files    = `git ls-files -- test/*`.split("\n")
+  ignored = Regexp.union(
+    /\A\.editorconfig/,
+    /\A\.git/,
+    /\A\.rubocop/,
+    /\A\.travis.yml/,
+    /\A\.vscode/,
+    /\Atest/
+  )
+  s.files = `git ls-files`.split("\n").reject { |f| ignored.match(f) }
   s.executables   = `git ls-files -- bin/*`.split("\n")
                                            .map { |f| ::File.basename(f) }
   s.require_paths = ["lib"]