stripe 8.7.0 → 9.0.0.pre.beta.1

data/lib/stripe/stripe_client.rb

@@ -212,9 +212,10 @@ module Stripe
     end
 
     def execute_request(method, path,
-                        api_base: nil, api_key: nil, headers: {}, params: {})
+                        api_base: nil, api_key: nil,
+                        headers: {}, params: {}, api_mode: nil)
       http_resp, api_key = execute_request_internal(
-        method, path, api_base, api_key, headers, params
+        method, path, api_base, api_key, headers, params, api_mode
       )
 
       begin
@@ -245,6 +246,7 @@ module Stripe
     def execute_request_stream(method, path,
                                api_base: nil, api_key: nil,
                                headers: {}, params: {},
+                               api_mode: nil,
                                &read_body_chunk_block)
       unless block_given?
         raise ArgumentError,
@@ -252,7 +254,8 @@ module Stripe
       end
 
       http_resp, api_key = execute_request_internal(
-        method, path, api_base, api_key, headers, params, &read_body_chunk_block
+        method, path, api_base, api_key,
+        headers, params, api_mode, &read_body_chunk_block
       )
 
       # When the read_body_chunk_block is given, we no longer have access to the
@@ -432,7 +435,7 @@ module Stripe
 
     private def execute_request_internal(method, path,
                                          api_base, api_key, headers, params,
-                                         &read_body_chunk_block)
+                                         api_mode, &read_body_chunk_block)
       raise ArgumentError, "method should be a symbol" \
       unless method.is_a?(Symbol)
       raise ArgumentError, "path should be a string" \
@@ -440,9 +443,10 @@ module Stripe
 
       api_base ||= config.api_base
       api_key ||= config.api_key
+      authenticator ||= config.authenticator
       params = Util.objects_to_ids(params)
 
-      check_api_key!(api_key)
+      check_keys!(api_key, authenticator)
 
       body_params = nil
       query_params = nil
@@ -455,8 +459,9 @@ module Stripe
 
       query_params, path = merge_query_params(query_params, path)
 
-      headers = request_headers(api_key, method)
+      headers = request_headers(api_key, method, api_mode)
                 .update(Util.normalize_headers(headers))
+
       url = api_url(path, api_base)
 
       # Merge given query parameters with any already encoded in the path.
@@ -467,13 +472,16 @@ module Stripe
       # a log-friendly variant of the encoded form. File objects are displayed
       # as such instead of as their file contents.
       body, body_log =
-        body_params ? encode_body(body_params, headers) : [nil, nil]
+        body_params ? encode_body(body_params, headers, api_mode) : [nil, nil]
+
+      authenticator.authenticate(method, headers, body) unless api_key
 
       # stores information on the request we're about to make so that we don't
       # have to pass as many parameters around for logging.
       context = RequestLogContext.new
       context.account         = headers["Stripe-Account"]
       context.api_key         = api_key
+      context.authenticator   = authenticator
       context.api_version     = headers["Stripe-Version"]
       context.body            = body_log
       context.idempotency_key = headers["Idempotency-Key"]
@@ -512,8 +520,16 @@ module Stripe
       (api_base || config.api_base) + url
     end
 
-    private def check_api_key!(api_key)
-      unless api_key
+    private def check_keys!(api_key, authenticator)
+      if api_key && authenticator
+        raise AuthenticationError, "Can't specify both API key " \
+          "and authenticator. Either set your API key" \
+          'using "Stripe.api_key = <API-KEY>", or set your authenticator ' \
+          'using "Stripe.authenticator = <AUTHENTICATOR>"' \
+      end
+
+      unless api_key || authenticator
+        # Default to missing API key error message for general users.
         raise AuthenticationError, "No API key provided. " \
           'Set your API key using "Stripe.api_key = <API-KEY>". ' \
           "You can generate API keys from the Stripe web interface. " \
@@ -532,7 +548,7 @@ module Stripe
     # Encodes a set of body parameters using multipart if `Content-Type` is set
     # for that, or standard form-encoding otherwise. Returns the encoded body
     # and a version of the encoded body that's safe to be logged.
-    private def encode_body(body_params, headers)
+    private def encode_body(body_params, headers, api_mode)
       body = nil
       flattened_params = Util.flatten_params(body_params)
 
@@ -548,15 +564,22 @@ module Stripe
         flattened_params =
           flattened_params.map { |k, v| [k, v.is_a?(String) ? v : v.to_s] }.to_h
 
+      elsif api_mode == :preview
+        body = JSON.generate(body_params)
+        headers["Content-Type"] = "application/json"
       else
         body = Util.encode_parameters(body_params)
       end
 
-      # We don't use `Util.encode_parameters` partly as an optimization (to not
-      # redo work we've already done), and partly because the encoded forms of
-      # certain characters introduce a lot of visual noise and it's nice to
-      # have a clearer format for logs.
-      body_log = flattened_params.map { |k, v| "#{k}=#{v}" }.join("&")
+      if api_mode == :preview
+        body_log = body
+      else
+        # We don't use `Util.encode_parameters` partly as an optimization (to
+        # not redo work we've already done), and partly because the encoded
+        # forms of certain characters introduce a lot of visual noise and it's
+        # nice to have a clearer format for logs.
+        body_log = flattened_params.map { |k, v| "#{k}=#{v}" }.join("&")
+      end
 
       [body, body_log]
     end
@@ -745,10 +768,11 @@ module Stripe
     end
 
     private def specific_api_error(resp, error_data, context)
+      message = error_data[:message]
       Util.log_error("Stripe API error",
                      status: resp.http_status,
                      error_code: error_data[:code],
-                     error_message: error_data[:message],
+                     error_message: message,
                      error_param: error_data[:param],
                      error_type: error_data[:type],
                      idempotency_key: context.idempotency_key,
@@ -769,26 +793,26 @@ module Stripe
       when 400, 404
         case error_data[:type]
         when "idempotency_error"
-          IdempotencyError.new(error_data[:message], **opts)
+          IdempotencyError.new(message, **opts)
         else
           InvalidRequestError.new(
-            error_data[:message], error_data[:param],
+            message, error_data[:param],
             **opts
           )
         end
       when 401
-        AuthenticationError.new(error_data[:message], **opts)
+        AuthenticationError.new(message, **opts)
       when 402
         CardError.new(
-          error_data[:message], error_data[:param],
+          message, error_data[:param],
           **opts
         )
       when 403
-        PermissionError.new(error_data[:message], **opts)
+        PermissionError.new(message, **opts)
       when 429
-        RateLimitError.new(error_data[:message], **opts)
+        RateLimitError.new(message, **opts)
       else
-        APIError.new(error_data[:message], **opts)
+        APIError.new(message, **opts)
       end
     end
 
@@ -856,7 +880,7 @@ module Stripe
             message + "\n\n(Network error: #{error.message})"
     end
 
-    private def request_headers(api_key, method)
+    private def request_headers(api_key, method, api_mode)
       user_agent = "Stripe/v1 RubyBindings/#{Stripe::VERSION}"
       unless Stripe.app_info.nil?
         user_agent += " " + format_app_info(Stripe.app_info)
@@ -865,9 +889,13 @@ module Stripe
       headers = {
         "User-Agent" => user_agent,
         "Authorization" => "Bearer #{api_key}",
-        "Content-Type" => "application/x-www-form-urlencoded",
       }
 
+      if api_mode != :preview
+        # TODO: (major) don't set Content-Type if method is not post
+        headers["Content-Type"] = "application/x-www-form-urlencoded"
+      end
+
       if config.enable_telemetry? && !@last_request_metrics.nil?
         headers["X-Stripe-Client-Telemetry"] = JSON.generate(
           last_request_metrics: @last_request_metrics.payload
@@ -880,7 +908,12 @@ module Stripe
         headers["Idempotency-Key"] ||= SecureRandom.uuid
       end
 
-      headers["Stripe-Version"] = config.api_version if config.api_version
+      if api_mode == :preview
+        headers["Stripe-Version"] = ApiVersion::PREVIEW
+      elsif config.api_version
+        headers["Stripe-Version"] = config.api_version
+      end
+
       headers["Stripe-Account"] = config.stripe_account if config.stripe_account
 
       user_agent = @system_profiler.user_agent
@@ -966,6 +999,7 @@ module Stripe
       attr_accessor :body
       attr_accessor :account
       attr_accessor :api_key
+      attr_accessor :authenticator
       attr_accessor :api_version
       attr_accessor :idempotency_key
       attr_accessor :method

data/lib/stripe/stripe_configuration.rb

@@ -27,6 +27,7 @@ module Stripe
   class StripeConfiguration
     attr_accessor :api_key
     attr_accessor :api_version
+    attr_accessor :authenticator
     attr_accessor :client_id
     attr_accessor :enable_telemetry
     attr_accessor :logger
@@ -63,6 +64,8 @@ module Stripe
     end
 
     def initialize
+      @api_version = ApiVersion::CURRENT
+
       @ca_bundle_path = Stripe::DEFAULT_CA_BUNDLE_PATH
       @enable_telemetry = true
       @verify_ssl_certs = true

data/lib/stripe/util.rb

@@ -7,6 +7,7 @@ module Stripe
     # Options that a user is allowed to specify.
     OPTS_USER_SPECIFIED = Set[
       :api_key,
+      :authenticator,
       :idempotency_key,
       :stripe_account,
       :stripe_version
@@ -281,7 +282,13 @@ module Stripe
       when String
         { api_key: opts }
       when Hash
-        check_api_key!(opts.fetch(:api_key)) if opts.key?(:api_key)
+        # If the user is using request signing for authentication,
+        # no need to check the api_key per request.
+        if !(opts.key?(:client) &&
+           opts.fetch(:client).config.authenticator) &&
+           opts.key?(:api_key)
+          check_api_key!(opts.fetch(:api_key))
+        end
         # Explicitly use dup here instead of clone to avoid preserving freeze
         # state on input params.
         opts.dup

data/lib/stripe/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Stripe
-  VERSION = "8.7.0"
+  VERSION = "9.0.0-beta.1"
 end

data/lib/stripe/webhook.rb

@@ -108,8 +108,9 @@ module Stripe
         end
 
         if tolerance && timestamp < Time.now - tolerance
+          formatted_timestamp = Time.at(timestamp).strftime("%F %T")
           raise SignatureVerificationError.new(
-            "Timestamp outside the tolerance zone (#{Time.at(timestamp)})",
+            "Timestamp outside the tolerance zone (#{formatted_timestamp})",
             header, http_body: payload
           )
         end

data/lib/stripe.rb

@@ -13,8 +13,10 @@ require "set"
 require "socket"
 require "uri"
 require "forwardable"
+require "base64"
 
 # Version
+require "stripe/api_version"
 require "stripe/version"
 
 # API operations
@@ -43,6 +45,7 @@ require "stripe/api_resource_test_helpers"
 require "stripe/singleton_api_resource"
 require "stripe/webhook"
 require "stripe/stripe_configuration"
+require "stripe/request_signing_authenticator"
 
 # Named API resources
 require "stripe/resources"
@@ -69,6 +72,7 @@ module Stripe
 
     # User configurable options
     def_delegators :@config, :api_key, :api_key=
+    def_delegators :@config, :authenticator, :authenticator=
     def_delegators :@config, :api_version, :api_version=
     def_delegators :@config, :stripe_account, :stripe_account=
     def_delegators :@config, :api_base, :api_base=
@@ -115,6 +119,49 @@ module Stripe
       version: version,
     }
   end
+
+  class Preview
+    def self._get_default_opts(opts)
+      { api_mode: :preview }.merge(opts)
+    end
+
+    def self.get(url, opts = {})
+      Stripe.raw_request(:get, url, {}, _get_default_opts(opts))
+    end
+
+    def self.post(url, params = {}, opts = {})
+      Stripe.raw_request(:post, url, params, _get_default_opts(opts))
+    end
+
+    def self.delete(url, opts = {})
+      Stripe.raw_request(:delete, url, {}, _get_default_opts(opts))
+    end
+  end
+
+  class RawRequest
+    include Stripe::APIOperations::Request
+
+    def initialize
+      @opts = {}
+    end
+
+    def execute(method, url, params = {}, opts = {})
+      resp, = execute_resource_request(method, url, params, opts)
+
+      resp
+    end
+  end
+
+  # Sends a request to Stripe REST API
+  def self.raw_request(method, url, params = {}, opts = {})
+    req = RawRequest.new
+    req.execute(method, url, params, opts)
+  end
+
+  def self.deserialize(data)
+    data = JSON.parse(data) if data.is_a?(String)
+    Util.convert_to_stripe_object(data, {})
+  end
 end
 
 Stripe.log_level = ENV["STRIPE_LOG"] unless ENV["STRIPE_LOG"].nil?

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: stripe
 version: !ruby/object:Gem::Version
-  version: 8.7.0
+  version: 9.0.0.pre.beta.1
 platform: ruby
 authors:
 - Stripe
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-08-11 00:00:00.000000000 Z
+date: 2023-08-24 00:00:00.000000000 Z
 dependencies: []
 description: Stripe is the easiest way to accept payments online.  See https://stripe.com
   for details.
@@ -50,9 +50,11 @@ files:
 - lib/stripe/multipart_encoder.rb
 - lib/stripe/oauth.rb
 - lib/stripe/object_types.rb
+- lib/stripe/request_signing_authenticator.rb
 - lib/stripe/resources.rb
 - lib/stripe/resources/account.rb
 - lib/stripe/resources/account_link.rb
+- lib/stripe/resources/account_session.rb
 - lib/stripe/resources/alipay_account.rb
 - lib/stripe/resources/apple_pay_domain.rb
 - lib/stripe/resources/application_fee.rb
@@ -64,6 +66,9 @@ files:
 - lib/stripe/resources/billing_portal/configuration.rb
 - lib/stripe/resources/billing_portal/session.rb
 - lib/stripe/resources/capability.rb
+- lib/stripe/resources/capital/financing_offer.rb
+- lib/stripe/resources/capital/financing_summary.rb
+- lib/stripe/resources/capital/financing_transaction.rb
 - lib/stripe/resources/card.rb
 - lib/stripe/resources/cash_balance.rb
 - lib/stripe/resources/charge.rb
@@ -75,6 +80,7 @@ files:
 - lib/stripe/resources/customer.rb
 - lib/stripe/resources/customer_balance_transaction.rb
 - lib/stripe/resources/customer_cash_balance_transaction.rb
+- lib/stripe/resources/customer_session.rb
 - lib/stripe/resources/discount.rb
 - lib/stripe/resources/dispute.rb
 - lib/stripe/resources/ephemeral_key.rb
@@ -85,8 +91,12 @@ files:
 - lib/stripe/resources/financial_connections/account.rb
 - lib/stripe/resources/financial_connections/account_owner.rb
 - lib/stripe/resources/financial_connections/account_ownership.rb
+- lib/stripe/resources/financial_connections/inferred_balance.rb
 - lib/stripe/resources/financial_connections/session.rb
+- lib/stripe/resources/financial_connections/transaction.rb
 - lib/stripe/resources/funding_instructions.rb
+- lib/stripe/resources/gift_cards/card.rb
+- lib/stripe/resources/gift_cards/transaction.rb
 - lib/stripe/resources/identity/verification_report.rb
 - lib/stripe/resources/identity/verification_session.rb
 - lib/stripe/resources/invoice.rb
@@ -94,15 +104,19 @@ files:
 - lib/stripe/resources/invoice_line_item.rb
 - lib/stripe/resources/issuing/authorization.rb
 - lib/stripe/resources/issuing/card.rb
+- lib/stripe/resources/issuing/card_bundle.rb
+- lib/stripe/resources/issuing/card_design.rb
 - lib/stripe/resources/issuing/cardholder.rb
 - lib/stripe/resources/issuing/dispute.rb
 - lib/stripe/resources/issuing/transaction.rb
 - lib/stripe/resources/line_item.rb
 - lib/stripe/resources/login_link.rb
 - lib/stripe/resources/mandate.rb
+- lib/stripe/resources/order.rb
 - lib/stripe/resources/payment_intent.rb
 - lib/stripe/resources/payment_link.rb
 - lib/stripe/resources/payment_method.rb
+- lib/stripe/resources/payment_method_configuration.rb
 - lib/stripe/resources/payout.rb
 - lib/stripe/resources/person.rb
 - lib/stripe/resources/plan.rb
@@ -110,6 +124,9 @@ files:
 - lib/stripe/resources/product.rb
 - lib/stripe/resources/promotion_code.rb
 - lib/stripe/resources/quote.rb
+- lib/stripe/resources/quote_phase.rb
+- lib/stripe/resources/quote_preview_invoice.rb
+- lib/stripe/resources/quote_preview_schedule.rb
 - lib/stripe/resources/radar/early_fraud_warning.rb
 - lib/stripe/resources/radar/value_list.rb
 - lib/stripe/resources/radar/value_list_item.rb
@@ -130,6 +147,8 @@ files:
 - lib/stripe/resources/subscription_schedule.rb
 - lib/stripe/resources/tax/calculation.rb
 - lib/stripe/resources/tax/calculation_line_item.rb
+- lib/stripe/resources/tax/form.rb
+- lib/stripe/resources/tax/registration.rb
 - lib/stripe/resources/tax/settings.rb
 - lib/stripe/resources/tax/transaction.rb
 - lib/stripe/resources/tax/transaction_line_item.rb
@@ -189,9 +208,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: 2.3.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
 rubygems_version: 3.3.26
 signing_key: