stripe 8.6.0.pre.beta.1 → 8.6.0.pre.beta.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0bb18aa99427adfd4362824cf23ec3860ebe83d291e40a6006ac9fc59242fbcc
-  data.tar.gz: 82a2ec4c057b6537d643d0c6e900eb5c2965654ba98dba5affb3c11440c83ed1
+  metadata.gz: b8329baf2324481281bac8a14057e933252bcc1fccbde79f4303fb1e84d113c9
+  data.tar.gz: bce0345d4c34fb1b25278e55a5ca31db6303d7b5b69037d05e55b3aa8f68537e
 SHA512:
-  metadata.gz: acf1af5b7188d27e6f9d064127d13ff22d713a743b81035a210f0881e261a21b49511f1019bf3cfff842979199d372b7d97cd38c7a8e6c201b6c1544d2d07537
-  data.tar.gz: 2791cbf6e65421c6fb891bb4972146b52d289d8257e8a86ebcc073d03aedb66d83e71d8b66d94cec1d8ba06028fc9434aa98be64277d98410a116d16b5e67e88
+  metadata.gz: 7055e66eae45c2a9e3cf0d3dd6f65c1da2e7ef6a0189feb9a7cbf04de25b857a37e7888c7cfe8f391004192c9cbce4f3f30ee25236fa2f94bd4b7d4263ae696a
+  data.tar.gz: 47077ba02bc7c0c73071d92500333e84bce73cae25ea88ec0ff5c47b378bc5b2e0473cb5bc8cdc9d65d9151b6f74f5361df674685af2ce194d452ae0fe6d5df7

data/CHANGELOG.md

@@ -1,12 +1,22 @@
 # Changelog
 
+## 8.6.0-beta.3 - 2023-04-17
+* [#1211](https://github.com/stripe/stripe-ruby/pull/1211) Update generated code for beta
+* [#1210](https://github.com/stripe/stripe-ruby/pull/1210), [#1212](https://github.com/stripe/stripe-ruby/pull/1212), [#1213](https://github.com/stripe/stripe-ruby/pull/1213) Add support for request signing
+
+## 8.6.0-beta.2 - 2023-04-13
+* [#1206](https://github.com/stripe/stripe-ruby/pull/1206) Update generated code for beta
+  * Add support for `collect_payment_method` and `confirm_payment_intent` methods on resource `Terminal.Reader`
+* [#1205](https://github.com/stripe/stripe-ruby/pull/1205) Update generated code for beta
+
+
 ## 8.6.0-beta.1 - 2023-03-30
 * [#1202](https://github.com/stripe/stripe-ruby/pull/1202) Update generated code for beta
 
 
 ## 8.5.0 - 2023-03-30
 * [#1203](https://github.com/stripe/stripe-ruby/pull/1203) Update generated code
-  * Remove support for `create` method on resource `Tax.Transaction`
+  * Remove support for `create` method on resource `Tax.Transaction`
     * This is not a breaking change, as this method was deprecated before the Tax Transactions API was released in favor of the `create_from_calculation` method.
 * [#1201](https://github.com/stripe/stripe-ruby/pull/1201) Update save deprecation message
 

data/Gemfile

@@ -10,8 +10,7 @@ group :development do
   gem "rack", ">= 2.0.6"
   gem "rake"
 
-  # Update to 2.0.0 once it ships.
-  gem "shoulda-context", "2.0.0.rc4"
+  gem "shoulda-context", "2.0.0"
 
   gem "test-unit"
 

data/OPENAPI_VERSION

@@ -1 +1 @@
-v287
+v299

data/VERSION

@@ -1 +1 @@
-8.6.0-beta.1
+8.6.0-beta.3

data/lib/stripe/request_signing_authenticator.rb

@@ -0,0 +1,83 @@
+# frozen_string_literal: true
+
+module Stripe
+  class RequestSigningAuthenticator
+    AUTHORIZATION_HEADER_NAME = "Authorization"
+    CONTENT_TYPE_HEADER_NAME = "Content-Type"
+    STRIPE_CONTEXT_HEADER_NAME = "Stripe-Context"
+    STRIPE_ACCOUNT_HEADER_NAME = "Stripe-Account"
+    CONTENT_DIGEST_HEADER_NAME = "Content-Digest"
+    SIGNATURE_INPUT_HEADER_NAME = "Signature-Input"
+    SIGNATURE_HEADER_NAME = "Signature"
+
+    attr_reader :auth_token, :sign_lambda
+
+    def initialize(auth_token, sign_lambda)
+      unless auth_token.is_a?(String)
+        raise ArgumentError, "auth_token must be a string"
+      end
+      unless sign_lambda.is_a?(Proc)
+        raise ArgumentError, "sign_lambda must be a lambda"
+      end
+
+      @auth_token = auth_token
+      @sign_lambda = sign_lambda
+    end
+
+    def authenticate(method, headers, body)
+      covered_headers = [CONTENT_TYPE_HEADER_NAME,
+                         CONTENT_DIGEST_HEADER_NAME,
+                         STRIPE_CONTEXT_HEADER_NAME,
+                         STRIPE_ACCOUNT_HEADER_NAME,
+                         AUTHORIZATION_HEADER_NAME,]
+
+      headers[AUTHORIZATION_HEADER_NAME] = "STRIPE-V2-SIG #{auth_token}"
+
+      if method == :get
+        covered_headers -= [CONTENT_TYPE_HEADER_NAME,
+                            CONTENT_DIGEST_HEADER_NAME,]
+      else
+        content = body || ""
+        headers[CONTENT_DIGEST_HEADER_NAME] =
+          %(sha-256=:#{content_digest(content)}:)
+      end
+
+      covered_headers_formatted = covered_headers
+                                  .map { |string| %("#{string.downcase}") }
+                                  .join(" ")
+
+      signature_input = "(#{covered_headers_formatted});created=#{created_time}"
+
+      inputs = covered_headers
+               .map { |header| %("#{header.downcase}": #{headers[header]}) }
+               .join("\n")
+
+      signature_base = %(#{inputs}\n"@signature-params": #{signature_input})
+                       .encode(Encoding::UTF_8)
+
+      headers[SIGNATURE_INPUT_HEADER_NAME] = "sig1=#{signature_input}"
+
+      headers[SIGNATURE_HEADER_NAME] =
+        "sig1=:#{encoded_signature(signature_base)}:"
+    end
+
+    private def sign(signature_base)
+      @sign_lambda.call(signature_base)
+    end
+
+    private def encoded_signature(signature_base)
+      Base64.strict_encode64(sign(signature_base))
+    rescue StandardError
+      raise AuthenticationError, "Encountered '#{e.message} (#{e.class})' "\
+       "when calculating request signature."
+    end
+
+    private def content_digest(content)
+      Base64.strict_encode64(OpenSSL::Digest.new("SHA256").digest(content))
+    end
+
+    private def created_time
+      Time.now.to_i
+    end
+  end
+end

data/lib/stripe/resources/account_session.rb

@@ -2,13 +2,13 @@
 # frozen_string_literal: true
 
 module Stripe
-  # An AccountSession allows a Connect platform to grant access to a connected account in Connect embedded UIs.
+  # An AccountSession allows a Connect platform to grant access to a connected account in Connect embedded components.
   #
-  # We recommend that you create an AccountSession each time you need to display an embedded UI
+  # We recommend that you create an AccountSession each time you need to display an embedded component
   # to your user. Do not save AccountSessions to your database as they expire relatively
   # quickly, and cannot be used more than once.
   #
-  # Related guide: [Connect embedded UIs](https://stripe.com/docs/connect/get-started-connect-embedded-uis).
+  # Related guide: [Connect embedded components](https://stripe.com/docs/connect/get-started-connect-embedded-components).
   class AccountSession < APIResource
     extend Stripe::APIOperations::Create
 

data/lib/stripe/resources/tax/calculation.rb

@@ -3,7 +3,9 @@
 
 module Stripe
   module Tax
-    # A Tax `Calculation` allows you to calculate the tax to collect from your customer.
+    # A Tax Calculation allows you to calculate the tax to collect from your customer.
+    #
+    # Related guide: [Calculate tax in your custom payment flow](https://stripe.com/docs/tax/custom).
     class Calculation < APIResource
       extend Stripe::APIOperations::Create
 

data/lib/stripe/resources/tax/transaction.rb

@@ -3,7 +3,9 @@
 
 module Stripe
   module Tax
-    # A Tax transaction records the tax collected from or refunded to your customer.
+    # A Tax Transaction records the tax collected from or refunded to your customer.
+    #
+    # Related guide: [Calculate tax in your custom payment flow](https://stripe.com/docs/tax/custom#tax-transaction).
     class Transaction < APIResource
       OBJECT_NAME = "tax.transaction"
 

data/lib/stripe/resources/terminal/reader.rb

@@ -32,6 +32,24 @@ module Stripe
         )
       end
 
+      def collect_payment_method(params = {}, opts = {})
+        request_stripe_object(
+          method: :post,
+          path: format("/v1/terminal/readers/%<reader>s/collect_payment_method", { reader: CGI.escape(self["id"]) }),
+          params: params,
+          opts: opts
+        )
+      end
+
+      def confirm_payment_intent(params = {}, opts = {})
+        request_stripe_object(
+          method: :post,
+          path: format("/v1/terminal/readers/%<reader>s/confirm_payment_intent", { reader: CGI.escape(self["id"]) }),
+          params: params,
+          opts: opts
+        )
+      end
+
       def process_payment_intent(params = {}, opts = {})
         request_stripe_object(
           method: :post,
@@ -86,6 +104,24 @@ module Stripe
         )
       end
 
+      def self.collect_payment_method(reader, params = {}, opts = {})
+        request_stripe_object(
+          method: :post,
+          path: format("/v1/terminal/readers/%<reader>s/collect_payment_method", { reader: CGI.escape(reader) }),
+          params: params,
+          opts: opts
+        )
+      end
+
+      def self.confirm_payment_intent(reader, params = {}, opts = {})
+        request_stripe_object(
+          method: :post,
+          path: format("/v1/terminal/readers/%<reader>s/confirm_payment_intent", { reader: CGI.escape(reader) }),
+          params: params,
+          opts: opts
+        )
+      end
+
       def self.process_payment_intent(reader, params = {}, opts = {})
         request_stripe_object(
           method: :post,

data/lib/stripe/stripe_client.rb

@@ -440,9 +440,10 @@ module Stripe
 
       api_base ||= config.api_base
       api_key ||= config.api_key
+      authenticator ||= config.authenticator
       params = Util.objects_to_ids(params)
 
-      check_api_key!(api_key)
+      check_keys!(api_key, authenticator)
 
       body_params = nil
       query_params = nil
@@ -469,11 +470,14 @@ module Stripe
       body, body_log =
         body_params ? encode_body(body_params, headers) : [nil, nil]
 
+      authenticator.authenticate(method, headers, body) unless api_key
+
       # stores information on the request we're about to make so that we don't
       # have to pass as many parameters around for logging.
       context = RequestLogContext.new
       context.account         = headers["Stripe-Account"]
       context.api_key         = api_key
+      context.authenticator   = authenticator
       context.api_version     = headers["Stripe-Version"]
       context.body            = body_log
       context.idempotency_key = headers["Idempotency-Key"]
@@ -512,8 +516,16 @@ module Stripe
       (api_base || config.api_base) + url
     end
 
-    private def check_api_key!(api_key)
-      unless api_key
+    private def check_keys!(api_key, authenticator)
+      if api_key && authenticator
+        raise AuthenticationError, "Can't specify both API key " \
+          "and authenticator. Either set your API key" \
+          'using "Stripe.api_key = <API-KEY>", or set your authenticator ' \
+          'using "Stripe.authenticator = <AUTHENTICATOR>"' \
+      end
+
+      unless api_key || authenticator
+        # Default to missing API key error message for general users.
         raise AuthenticationError, "No API key provided. " \
           'Set your API key using "Stripe.api_key = <API-KEY>". ' \
           "You can generate API keys from the Stripe web interface. " \
@@ -966,6 +978,7 @@ module Stripe
       attr_accessor :body
       attr_accessor :account
       attr_accessor :api_key
+      attr_accessor :authenticator
       attr_accessor :api_version
       attr_accessor :idempotency_key
       attr_accessor :method

data/lib/stripe/stripe_configuration.rb

@@ -27,6 +27,7 @@ module Stripe
   class StripeConfiguration
     attr_accessor :api_key
     attr_accessor :api_version
+    attr_accessor :authenticator
     attr_accessor :client_id
     attr_accessor :enable_telemetry
     attr_accessor :logger

data/lib/stripe/util.rb

@@ -7,6 +7,7 @@ module Stripe
     # Options that a user is allowed to specify.
     OPTS_USER_SPECIFIED = Set[
       :api_key,
+      :authenticator,
       :idempotency_key,
       :stripe_account,
       :stripe_version
@@ -281,7 +282,13 @@ module Stripe
       when String
         { api_key: opts }
       when Hash
-        check_api_key!(opts.fetch(:api_key)) if opts.key?(:api_key)
+        # If the user is using request signing for authentication,
+        # no need to check the api_key per request.
+        if !(opts.key?(:client) &&
+           opts.fetch(:client).config.authenticator) &&
+           opts.key?(:api_key)
+          check_api_key!(opts.fetch(:api_key))
+        end
         # Explicitly use dup here instead of clone to avoid preserving freeze
         # state on input params.
         opts.dup

data/lib/stripe/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Stripe
-  VERSION = "8.6.0-beta.1"
+  VERSION = "8.6.0-beta.3"
 end

data/lib/stripe.rb

@@ -13,6 +13,7 @@ require "set"
 require "socket"
 require "uri"
 require "forwardable"
+require "base64"
 
 # Version
 require "stripe/api_version"
@@ -44,6 +45,7 @@ require "stripe/api_resource_test_helpers"
 require "stripe/singleton_api_resource"
 require "stripe/webhook"
 require "stripe/stripe_configuration"
+require "stripe/request_signing_authenticator"
 
 # Named API resources
 require "stripe/resources"
@@ -70,6 +72,7 @@ module Stripe
 
     # User configurable options
     def_delegators :@config, :api_key, :api_key=
+    def_delegators :@config, :authenticator, :authenticator=
     def_delegators :@config, :api_version, :api_version=
     def_delegators :@config, :stripe_account, :stripe_account=
     def_delegators :@config, :api_base, :api_base=

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: stripe
 version: !ruby/object:Gem::Version
-  version: 8.6.0.pre.beta.1
+  version: 8.6.0.pre.beta.3
 platform: ruby
 authors:
 - Stripe
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-03-30 00:00:00.000000000 Z
+date: 2023-04-17 00:00:00.000000000 Z
 dependencies: []
 description: Stripe is the easiest way to accept payments online.  See https://stripe.com
   for details.
@@ -50,6 +50,7 @@ files:
 - lib/stripe/multipart_encoder.rb
 - lib/stripe/oauth.rb
 - lib/stripe/object_types.rb
+- lib/stripe/request_signing_authenticator.rb
 - lib/stripe/resources.rb
 - lib/stripe/resources/account.rb
 - lib/stripe/resources/account_link.rb