touchpass 0.0.8.18 → 0.1.1

data/Gemfile

@@ -1,22 +1,2 @@
 source 'http://rubygems.org'
-
-gem 'httparty',      '~> 0.8.0'
-gem 'thor',          '~> 0.14.6'
-gem 'geocoder',      '~> 1.1.0'
-gem 'json',            '~> 1.6.5'
-gem 'xml-simple', '~> 1.1.1'
-
-group :development, :test do
-  gem 'guard'
-  gem 'growl'
-  gem 'guard-rspec'
-  gem 'rspec'
-  gem 'rspec-core'
-  gem 'rspec-mocks'
-  gem 'rspec-expectations'
-end
-
-group :test do
-  gem 'cover_me'
-end
-
+gemspec

data/Gemfile.lock

@@ -1,3 +1,13 @@
+PATH
+  remote: .
+  specs:
+    touchpass (0.0.8.18)
+      geocoder (~> 1.1.0)
+      httparty (~> 0.8.0)
+      json (~> 1.6.5)
+      thor (~> 0.14.6)
+      xml-simple (~> 1.1.1)
+
 GEM
   remote: http://rubygems.org/
   specs:
@@ -8,7 +18,7 @@ GEM
       hashie
     diff-lcs (1.1.3)
     ffi (1.0.11)
-    geocoder (1.1.1)
+    geocoder (1.1.2)
     growl (1.0.3)
     guard (1.0.2)
       ffi (>= 0.5.0)
@@ -20,7 +30,7 @@ GEM
       multi_json (~> 1.0)
       multi_xml
     json (1.6.7)
-    multi_json (1.3.5)
+    multi_json (1.3.6)
     multi_xml (0.5.1)
     rspec (2.10.0)
       rspec-core (~> 2.10.0)
@@ -39,15 +49,11 @@ PLATFORMS
 
 DEPENDENCIES
   cover_me
-  geocoder (~> 1.1.0)
   growl
   guard
   guard-rspec
-  httparty (~> 0.8.0)
-  json (~> 1.6.5)
   rspec
   rspec-core
   rspec-expectations
   rspec-mocks
-  thor (~> 0.14.6)
-  xml-simple (~> 1.1.1)
+  touchpass!

data/bin/touchpass

@@ -23,7 +23,7 @@ class TpCLI < Thor
   DFT_OUTPUT = "json"
 
   attr_accessor :touchpass_client 
-  
+
   desc "register_party", "Register new Verifying Party"
   method_option :email,    :aliases => "-e", :required => true
   method_option :username, :aliases => "-u", :required => true
@@ -33,18 +33,20 @@ class TpCLI < Thor
   method_option :debug,    :aliases => "-d", :type => :boolean
   def register_party
     setup(options)
-    output @touchpass_client.register_party(options)
+    output @touchpass_client.register_party(options[:username], options[:password],
+                                            options[:email], options)
   end
 
   desc "authenticate_party", "Authenticate Party"
-  method_option :login,    :aliases => "-l", :required => true
+  method_option :username, :aliases => "-u", :required => true
   method_option :password, :aliases => "-p", :required => true
   method_option :hostname, :aliases => "-h"
   method_option :output,   :aliases => "-o"
   method_option :debug,    :aliases => "-d", :type => :boolean
   def authenticate_party
     setup(options)
-    output @touchpass_client.authenticate_party(options)
+    output @touchpass_client.authenticate_party(options[:username], options[:password],
+                                                options)
   end
 
   desc "show_party", "Show Party details"
@@ -56,7 +58,14 @@ class TpCLI < Thor
   method_option :debug,    :aliases => "-d", :type => :boolean
   def show_party
     setup(options)
-    output @touchpass_client.get_party(options)
+    if !options[:id].nil?
+      output @touchpass_client.get_party_by_id(options[:id], options)
+    elsif !options[:username].nil?
+      output @touchpass_client.get_party(options[:username], options)
+    else
+      puts "id or username required"
+      exit 1
+    end
   end
 
   desc "update_party", "Update Party details"
@@ -71,7 +80,14 @@ class TpCLI < Thor
   method_option :debug,     :aliases => "-d", :type => :boolean
   def update_party
     setup(options)
-    output @touchpass_client.update_party(options)
+    if !options[:id].nil?
+      output @touchpass_client.update_party_by_id(options[:id], options)
+    elsif !options[:username].nil?
+      output @touchpass_client.update_party(options[:username], options)
+    else
+      puts "id or username required"
+      exit 1
+    end
   end
 
   desc "register_device", "Register new Device"
@@ -81,13 +97,14 @@ class TpCLI < Thor
   method_option :app_id,          :aliases => '-a', :required => true
   method_option :messaging_type,  :aliases  => "-mt"
   method_option :messaging_value, :aliases  => "-mv"
-  method_option :api_key,         :required => true
+  method_option :api_key,         :required => true, :default => DFT_API_KEY
   method_option :hostname,        :aliases => "-h"
   method_option :output,          :aliases => "-o"
   method_option :debug,           :aliases => "-d", :type => :boolean
   def register_device
     setup(options)
-    output @touchpass_client.register_device(options)
+    output @touchpass_client.register_device(options[:username], options[:udid],
+                                             options[:name], options[:app_id], options)
   end
 
   desc "show_devices", "Show Party Devices"
@@ -98,7 +115,7 @@ class TpCLI < Thor
   method_option :debug,    :aliases => "-d", :type => :boolean
   def show_devices
     setup(options)
-    output @touchpass_client.get_devices(options)        
+    output @touchpass_client.get_devices(options[:username], options)        
   end
 
   desc "show_device", "Show Device details"
@@ -110,7 +127,7 @@ class TpCLI < Thor
   method_option :debug,    :aliases => "-d", :type => :boolean
   def show_device
     setup(options)
-    output @touchpass_client.get_device(options)        
+    output @touchpass_client.get_device(options[:username], options[:id], options)        
   end
 
   desc "update_device", "Update Device details"
@@ -126,7 +143,7 @@ class TpCLI < Thor
   method_option :debug,    :aliases => "-d", :type => :boolean
   def update_device
     setup(options)
-    output @touchpass_client.update_device(options)
+    output @touchpass_client.update_device(options[:username], options[:id], options)
   end
 
   desc "remove_device", "Remove Device"
@@ -138,7 +155,7 @@ class TpCLI < Thor
   method_option :debug,    :aliases => "-d", :type => :boolean
   def remove_device
     setup(options)
-    output @touchpass_client.remove_device(options)
+    output @touchpass_client.remove_device(options[:username], options[:id], options)
   end
 
   desc "create_verification", "Create new Verification"
@@ -160,7 +177,7 @@ class TpCLI < Thor
     if options[:message_post_verification_location] && !options[:address]
       warn "WARNING: post verification location message (-L) ignored as address (-a) not given" 
     end
-    output @touchpass_client.create_verification(options)
+    output @touchpass_client.create_verification(options[:to_party], options)
   end
 
   desc "show_verifications", "Show Verifications"
@@ -172,19 +189,23 @@ class TpCLI < Thor
   method_option :debug,    :aliases => "-d", :type => :boolean
   def show_verifications
     setup(options)
-    output @touchpass_client.get_verifications(options)        
+    if !options[:username].nil?
+      output @touchpass_client.get_verifications(options[:username], options)
+    else
+      output @touchpass_client.get_verifications_by_party_id(options[:party_id], options)
+    end      
   end
 
   desc "show_verification", "Show Verification details"
   method_option :id, :aliases => "-i", :required => true
-  method_option :device_id # For decrypting message (optional)
+  #method_option :device_id # For decrypting message (optional)
   method_option :api_key, :required => true, :default => DFT_API_KEY
   method_option :hostname, :aliases => "-h"
   method_option :output,   :aliases => "-o"
   method_option :debug,    :aliases => "-d", :type => :boolean
   def show_verification
     setup(options)
-    output @touchpass_client.get_verification(options)        
+    output @touchpass_client.get_verification(options[:id], options)        
   end
 
   desc "update_verification", "Update Verification"
@@ -197,29 +218,32 @@ class TpCLI < Thor
   method_option :debug,     :aliases => "-d", :type => :boolean
   def update_verification
     setup(options)
-    output @touchpass_client.update_verification(options)        
+    output @touchpass_client.update_verification(options[:id], options[:device_id],
+                                                 options)        
   end
 
   desc "cancel_verification", "Cancel Verification"
   method_option :id,       :required => true
+  method_option :device_id, :required => true, :aliases => "-d"
   method_option :api_key,  :required => true, :default => DFT_API_KEY
   method_option :hostname, :aliases => "-h"
   method_option :output,   :aliases => "-o"
   method_option :debug,    :aliases => "-d", :type => :boolean
   def cancel_verification
     setup(options)
-    output @touchpass_client.cancel_verification(options)        
+    output @touchpass_client.cancel_verification(options[:id], options[:device_id],options)
   end
 
   desc "reject_verification", "Reject Verification"
   method_option :id,       :required => true
+  method_option :device_id, :required => true, :aliases => "-d"
   method_option :api_key,  :required => true, :default => DFT_API_KEY
   method_option :hostname, :aliases => "-h"
   method_option :output,   :aliases => "-o"
   method_option :debug,    :aliases => "-d", :type => :boolean
   def reject_verification
     setup(options)
-    output @touchpass_client.reject_verification(options)        
+    output @touchpass_client.reject_verification(options[:id], options[:device_id],options)
   end
 
   private

data/lib/touchpass/client.rb

@@ -21,131 +21,150 @@ module Touchpass
     attr_accessor :hostname, :debug, :api_key
 
     API_KEY_HEADER = "X-TouchPass-ApiKey"
-    ENVIRONMENT = ENV['RAILS_ENV']
+    ENVIRONMENT = (ENV['RAILS_ENV'] || "").to_sym
+    REQUEST_FORMAT = "json"
 
-    ## Host and port to use for service invocations, default to the main Touchpass server
-    DFT_HOSTNAME = ENVIRONMENT == 'production' ? "https://touchpass.geodica.com" : "https://localhost:3000" 
+    # Host and port to use for service invocations, default to the main Touchpass server
+    DFT_HOST_PROD = "https://touchpass.geodica.com"
+    DFT_HOST_DEV = "https://localhost:3000"
+    DFT_HOST = {
+      :production => DFT_HOST_PROD,
+      :development => DFT_HOST_DEV
+    }
 
-    # Default response output to json
-    DFT_OUTPUT = "json"
-    
     # Default debug state (on: dev|test, off: prod)
-    DFT_DEBUG = ENV['TPC_DEBUG'] ? true : false
+    DFT_DEBUG = ENV['TPC_DEBUG'] && ENV['TPC_DEBUG'] != "" ? true : false
+
+    # Create a new Touchpass client instance
+    def initialize(hostname = nil, debug = DFT_DEBUG)
+      @hostname = hostname
+      @hostname ||= DFT_HOST[ENVIRONMENT]
+      @hostname ||= DFT_HOST_DEV
 
-    # Create a new Touchpass client instance and default the hostname and output
-    def initialize(hostname=DFT_HOSTNAME, debug=DFT_DEBUG)
-      @hostname = hostname.nil? ? DFT_HOSTNAME : hostname
-      @debug    = debug
-      @output   = DFT_OUTPUT   # always use json internally
+      @debug = debug
     end
 
     # Register a new relying party with the Touchpass server
-    # needs: :email, :username, :password
-    def register_party(params) 
-      http_options = standard_http_options(params, %W{email username password})
-      response = submit_request("post", "#{@hostname}/parties.#{@output}", http_options)
+    def register_party(username, password, email, options = {}) 
+      require_param(username, "username")
+      require_param(password, "password")
+      require_param(email, "email")
+
+      options = options.merge(:email => email, :username => username, :password => password)
+      http_options = standard_http_options(options, %W{email username password})
+      response = submit_request("post", "#{@hostname}/parties", http_options)
       set_api_key_from_response(response)
       response
     end
-  
+
     # Authenticate a party to obtain the API key
-    # needs: :login, :password
-    def authenticate_party(params) 
-      http_options = standard_http_options(params, %W{login password})
-      
-      response = submit_request(
-        "post",
-        "#{@hostname}/parties/authenticate.#{@output}", 
-        http_options)        
+    def authenticate_party(username, password, options = {})
+      require_param(username, "username")
+      require_param(password, "password")
+
+      options = options.merge(:login => username, :password => password)
+      http_options = standard_http_options(options, %W{login password})
+      response = submit_request("post", "#{@hostname}/parties/authenticate", http_options)
       set_api_key_from_response(response)
       response
     end
 
     # Get details for a party
-    # needs: :api_key; uses: :id OR :username
-    def get_party(params) 
-      http_options = standard_http_options(params)
-
-      if !params[:username].nil?
-        response = submit_request("get", "#{@hostname}/#{params[:username]}.#{@output}", http_options)
-      elsif !params[:id].nil?
-        response = submit_request("get", "#{@hostname}/parties/#{params[:id]}.#{@output}", http_options)
-      else
-        response = format_response({"error" => "Either username or id must be provided."})
-      end
-      response
+    def get_party_by_id(party_id, options = {})
+      require_api_key
+      require_param(party_id, "party id")
+
+      http_options = standard_http_options(options)
+      submit_request("get", party_url_id(party_id), http_options)
+    end
+
+    def get_party(username, options = {})
+      require_api_key
+      require_param(username, "username")
+
+      http_options = standard_http_options(options)
+      submit_request("get", party_url_username(username), http_options)
     end
 
     # Update details for a party
-    # needs: :api_key; uses: :username, :id, :email, :first_name, :last_name
-    def update_party(params) 
-      id           = params[:id]
-      username     = params[:username]
-      http_options = standard_http_options(params, %W{username email first_name last_name})
-      
-      if !username.nil?
-        response = submit_request("put", "#{@hostname}/#{username}.#{@output}", http_options)
-      elsif !id.nil?
-        response = submit_request("put", "#{@hostname}/parties/#{id}.#{@output}", http_options)
-      else
-        response = format_response({"error" => "Either username or id must be provided."})
-      end
-      response
+    # uses options: :email, :first_name, :last_name
+    def update_party_by_id(party_id, options = {}) 
+      require_api_key
+      require_param(party_id, "party id")
+
+      http_options = standard_http_options(options, %W{username email first_name last_name})
+      submit_request("put", party_url_id(party_id), http_options)
+    end
+
+    def update_party(username, options = {})
+      require_api_key
+      require_param(username, "username")
+
+      http_options = standard_http_options(options, %W{username email first_name last_name})
+      submit_request("put", party_url_username(username), http_options)
     end
 
     # Register a new device for a party
-    # needs: :api_key, :username, :udid, :devicename; uses: :messaging_type, :messaging_value
-    def register_device(params)
+    # uses: :messaging_type, :messaging_value
+    def register_device(username, udid, name, app_id, options = {})
+      require_api_key
+      require_param(username, "username")
+      require_param(udid, "udid")
+      require_param(name, "name")
+      require_param(app_id, "app id")
 
       # Generate private & public key for this device
-      crypt = KeyFileCreator.new(params[:udid])
+      crypt = KeyFileCreator.new(udid)
       crypt.generate_keys
 
       # Collect attributes of new device
-      device_attributes = params.merge({
-        :udid            => params[:udid], 
-        :app_id          => params[:app_id],
-        :name            => params[:name], 
+      device_attributes = options.merge({
+        :udid            => udid, 
+        :app_id          => app_id,
+        :name            => name, 
         :pub_key         => crypt.public_key_text,   # PEM format
-        :messaging_type  => params[:messaging_type], 
-        :messaging_value => params[:messaging_value]
+        :messaging_type  => options[:messaging_type], 
+        :messaging_value => options[:messaging_value]
       })
-      http_options = standard_http_options(device_attributes, %W{udid app_id name pub_key messaging_type messaging_value})
+      http_options = standard_http_options(device_attributes, device_attributes.keys)
 
       # Provision the new device with the Touchpass server
-      new_device = submit_request("post", "#{@hostname}/#{params[:username]}/devices.#{@output}", http_options)
+      url = "#{@hostname}/#{username}/devices"
+      new_device = submit_request("post", url, http_options)
+      device_id = new_device["id"].to_s
 
       # We made the key files for the new device earlier (see
       # KeyFileCreator above) but at that stage we didn't know the
       # :deviceid of the newly provisioned device. So now we need to
       # move the cert directory around based on the :deviceid returned
       # from TouchPass.
-      begin
-        devices = submit_request("post", "#{@hostname}/#{params[:username]}/devices.json", http_options)
-        raise devices["error"] if devices["error"]
-        raise "unknown device id" unless devices["id"]
-        device_id = devices["id"].to_s
-
-        orig_file = crypt.keys_path
-        crypt.id = device_id
-        new_file = crypt.keys_path
-        puts "Renaming directory #{orig_file} to #{new_file}" if @debug
-        result = File.rename(orig_file, new_file)
-      rescue Exception => e
-        puts "Exception: #{e.message}"
-        puts "error: updating key file location based on device id: udid:#{params[:udid]}, device_id:#{device_id}"
-      end      
-      
+      if device_id
+        begin
+          orig_file = crypt.keys_path
+          crypt.id = device_id
+          new_file = crypt.keys_path
+          puts "Renaming directory #{orig_file} to #{new_file}" if @debug
+          result = File.rename(orig_file, new_file)
+        rescue Exception => e
+          puts "Exception: #{e.message}"
+          puts "error: updating key file location based on device id: udid:#{udid}, device_id:#{device_id}"
+        end
+      end
+
       # Return details of the newly provisioned device
       new_device
     end
 
     # Get all devices for a party
-    # needs: :username, :api_key
-    def get_devices(params)
+    # needs: :username
+    def get_devices(username, options = {})
+      require_api_key
+      require_param(username, "username")
+
       # Just return the device list for the specified user
-      http_options = standard_http_options(params)
-      devices = submit_request("get", "#{@hostname}/#{params[:username]}/devices.#{@output}", http_options)
+      http_options = standard_http_options(options)
+      url = "#{@hostname}/#{username}/devices"
+      devices = submit_request("get", url, http_options)
 
       # Look for errors, and just build an empty device array hashed from 'devices'
       if !devices['devices'].nil? or !devices['error'].nil?
@@ -155,149 +174,182 @@ module Touchpass
       end
     end
 
-    # Get details for a specific device, returns an 'errors' hash if the device cannot be found
-    # needs: :username, :api_key, :id
-    def get_device(params)
+    # Get details for a specific device, returns an 'errors' hash if
+    # the device cannot be found
+    def get_device(username, device_id, options = {})
+      require_api_key
+      require_param(username, "username")
+      require_param(device_id, "device id")
+
       # Return the device for the specified user and device id
-      http_options = standard_http_options(params)
-      submit_request("get", "#{@hostname}/#{params[:username]}/devices/#{params[:id]}.#{@output}", http_options)
+      http_options = standard_http_options(options)
+      url = "#{@hostname}/#{username}/devices/#{device_id}"
+      submit_request("get", url, http_options)
     end
     
     # Update details of a device, returns an 'errors' hash if the device cannot be found
-    # needs: :username, :id, api_key; uses: :name, :messaging_type, :messaging_value, :update_pub_key
-    def update_device(params)
-      update_pub_key  = params[:update_pub_key] # TODO: Regenerate and update pub_key
-      
-      http_options = standard_http_options(params, %W{name messaging_type messaging_value})
+    # uses options: :name, :messaging_type, :messaging_value, :update_pub_key
+    def update_device(username, device_id, options = {})
+      require_api_key
+      require_param(username, "username")
+      require_param(device_id, "device id")
+
+      update_pub_key  = options[:update_pub_key] # TODO: Regenerate and update pub_key
 
-      submit_request("put", "#{@hostname}/#{params[:username]}/devices/#{params[:id]}.#{@output}", http_options)
+      http_options = standard_http_options(options, %W{name messaging_type messaging_value})
+      url = "#{@hostname}/#{username}/devices/#{device_id}"
+      submit_request("put", url, http_options)
     end
 
     # Remove device, returns an 'errors' hash if the device cannot be found
-    # needs: :username, :id, :api_key
-    def remove_device(params)
-      http_options = standard_http_options(params)
-      submit_request("delete", "#{@hostname}/#{params[:username]}/devices/#{params[:id]}.#{@output}", http_options)
+    def remove_device(username, device_id, options = {})
+      require_api_key
+      require_param(username, "username")
+      require_param(device_id, "device id")
+
+      http_options = standard_http_options(options)
+      url = "#{@hostname}/#{username}/devices/#{device_id}"
+      submit_request("delete", url, http_options)
     end
 
     # Create a new verification
-    # needs: :to_party, :api_key
-    # uses:
+    # to_party: username of the VP
+    # uses options:
     #  :address (for LV), :resolution (for LV)
     #  :message, :message_post_verification
-    def create_verification(params)
-      http_options = standard_http_options(params, %W{to_party to_device_id to_app_id})
-
-      # Get the list of verifying party devices so we can encrypt data for them using each device's public key
-      response = submit_request("get", "#{@hostname}/#{params[:to_party]}/devices.json",
-                                standard_http_options(params))
+    def create_verification(to_party, options = {})
+      require_api_key
+      require_param(to_party, "to party")
+
+      # Get list of verifying party devices so we can encrypt data for
+      # them using each device's public key.
+      http_options = standard_http_options(options)
+      response = submit_request("get", "#{@hostname}/#{to_party}/devices", http_options)
       vp_devices = response["devices"]
 
       # create a verification object
-      verification = Touchpass::Verification.new(vp_devices, params)
+      options = options.merge(:to_party => to_party)
+      verification = Touchpass::Verification.new(vp_devices, options)
+      http_options = standard_http_options(options, %W{to_party to_device_id to_app_id})
       http_options[:body].merge!(verification.http_params)
 
-      submit_request("post", "#{@hostname}/verifications.#{@output}", http_options)
+      submit_request("post", "#{@hostname}/verifications", http_options)
     end
 
-    # Get a page of verifications for a particular party
-    # needs: :api_key; uses: :username, :party_id
-    def get_verifications(params)
-      http_options = standard_http_options(params)
-      response = nil
-      if !params[:username].nil?
-        response = submit_request("get", "#{@hostname}/#{params[:username]}/verifications.#{@output}", http_options)
-      elsif !params[:party_id].nil?
-        http_options[:body][:party_id] = params[:party_id]
-        response = submit_request("get", "#{@hostname}/verifications.#{@output}", http_options)
-      else
-        response = {"error" => "Either username or id must be provided."}
-      end
-      response
+    # Get a page of verifications for a particular party id
+    def get_verifications_by_party_id(party_id, options = {})
+      require_api_key
+      require_param(party_id, "party id")
+
+      http_options = standard_http_options(options)
+      http_options[:body][:party_id] = options[:party_id]
+      url = "#{@hostname}/verifications"
+      submit_request("get", url, http_options)
     end
 
-    # Get details of a specific verification, will include decrypted message if :device_id is provided
-    # needs: :api_key, :id; uses: :device_id
-    def get_verification(params)
-      http_options = standard_http_options(params)
-      response = submit_request("get", "#{@hostname}/verifications/#{params[:id]}.json", http_options)
-
-      # TODO: as this stands, it will not decrypt the message unless a :device_id is provided. However,
-      # there is currently no way to pass in the keys to use - it will just try to use the local keys
-      # stored in #{local_key_path}/:device_id. So, we need to fix this up at some point.
-      decrypted_message = nil
-      if response.has_key?("crypted_messages") and !response["crypted_messages"].empty?
-        if !params[:device_id].nil?
-          decrypted_message = decrypt_salt(response["crypted_messages"], params[:device_id], self.api_key)
-        end
-      end
-      # return verification plus decrypted message (if available)
-      response[:decrypted_message] = decrypted_message
-      response
+    # Get a page of verifications for a particular username
+    def get_verifications(username, options = {})
+      require_api_key
+      require_param(username, "username")
+
+      http_options = standard_http_options(options)
+      url = "#{@hostname}/#{username}/verifications"
+      submit_request("get", url, http_options)
+    end
+
+    # Get details of a specific verification
+    def get_verification(verification_id, options = {})
+      require_api_key
+      require_param(verification_id, "verification id")
+
+      http_options = standard_http_options(options)
+      url = "#{@hostname}/verifications/#{verification_id}"
+      submit_request("get", url, http_options)
     end
 
     # Update Verification
-    # needs: :api_key, :id, :device_id; uses: :address
-    def update_verification(params)
-      # Call show verification to get the crypted salts and resolution for the verification
-      # Note: crypted salts and resolution are also returned in the list verifications response
-      http_options = standard_http_options(params, %W{id})
+    # uses: options[:address]
+    def update_verification(verification_id, device_id, options = {})
+      require_api_key
+      require_param(verification_id, "verification id")
+      require_param(device_id, "device id")
+
+      options = options.merge(:id => verification_id, :device_id => device_id)
+      http_options = standard_http_options(options, %W{id})
 
-      verification = get_verification(params)
+      # Call show verification to get the crypted salts and resolution
+      # for the verification Note: crypted salts and resolution are
+      # also returned in the list verifications response
+      verification = get_verification(verification_id, options)
 
-      token = decrypt_salt(verification["crypted_tokens"], params[:device_id], self.api_key)
+      token = decrypt_salt(verification["crypted_tokens"], device_id)
       http_options[:body][:verified_token] = Crypt.hash(token) unless token.nil?
 
       # Generate verified PRP for location verification
-      if !params[:address].nil?
-        prp = Proximity::PRP.new(:address => params[:address], :resolution => verification["resolution"])
+      if !options[:address].nil?
+        prp = Proximity::PRP.new(:address => options[:address],
+                                 :resolution => verification["resolution"])
         # puts prp.print_bbox # for debugging
 
-        salt = decrypt_salt(verification["crypted_salts"], params[:device_id], self.api_key)
+        salt = decrypt_salt(verification["crypted_salts"], device_id)
         # puts "Using salt: #{salt}"
         verified_prp = prp.encrypt(salt)
 
         http_options[:body][:verified_prp] = verified_prp
         # puts "Verified PRP: #{verified_prp}"
       end
-      submit_request("put", "#{@hostname}/verifications/#{params[:id]}.#{@output}",
-                     http_options)
+      submit_request("put", "#{@hostname}/verifications/#{verification_id}", http_options)
     end
 
     # Cancel an existing verification
-    # needs: :api_key, :id
-    def cancel_verification(params)
-      http_options = standard_http_options(params)
-      verification = get_verification(params)
+    def cancel_verification(verification_id, device_id, options = {})
+      require_api_key
+      require_param(verification_id, "verification id")
+      require_param(device_id, "device id")
 
-      token = decrypt_salt(verification["crypted_tokens"], params[:device_id], self.api_key)
+      verification = get_verification(verification_id)
+      token = decrypt_salt(verification["crypted_tokens"], device_id)
+
+      http_options = standard_http_options(options)
       http_options[:body][:verified_token] = Crypt.hash(token) unless token.nil?
 
-      submit_request("put", "#{@hostname}/verifications/#{params[:id]}/cancel.#{@output}",
-                     http_options)
+      url = "#{@hostname}/verifications/#{verification_id}/cancel"
+      submit_request("put", url, http_options)
     end
 
     # Reject a verification
-    # needs: :api_key, :id
-    def reject_verification(params)
-      http_options = standard_http_options(params)
-      verification = get_verification(params)
+    # needs: :id
+    def reject_verification(verification_id, device_id, options = {})
+      require_api_key
+      require_param(verification_id, "verification id")
+      require_param(device_id, "device id")
+
+      verification = get_verification(verification_id)
+      token = decrypt_salt(verification["crypted_tokens"], device_id)
 
-      token = decrypt_salt(verification["crypted_tokens"], params[:device_id], self.api_key)
+      http_options = standard_http_options(options)
       http_options[:body][:verified_token] = Crypt.hash(token) unless token.nil?
 
-      submit_request("put", "#{@hostname}/verifications/#{params[:id]}/reject.#{@output}",
-                     http_options)
+      url = "#{@hostname}/verifications/#{verification_id}/reject"
+      submit_request("put", url, http_options)
     end  
     
     private
 
-    # Decrypt salt for a specific device and api_key
-    def decrypt_salt(crypted_salts, device_id, api_key)
+    def party_url_id(party_id)
+      "#{@hostname}/parties/#{party_id}"
+    end
+
+    def party_url_username(username)
+      "#{@hostname}/#{username}"
+    end
+
+    # Decrypt salt for a specific device
+    def decrypt_salt(crypted_salts, device_id)
       return nil if crypted_salts.nil?
 
       # Find crypted salt associated with the device
-      crypted_salt = crypted_salts.detect{|cs| cs["device_id"] == device_id.to_i}
+      crypted_salt = crypted_salts.detect { |cs| cs["device_id"] == device_id.to_i }
       return nil if crypted_salt.nil?
       device_id = crypted_salt["device_id"].to_s
       ct = crypted_salt["value"]
@@ -327,13 +379,13 @@ module Touchpass
       msg
     end
 
-    def standard_http_options(params, body_params = [])
-      http_options = { :body => {}, :headers => api_key_header(params) }
+    def standard_http_options(options, body_options = [])
+      http_options = { :body => {}, :headers => api_key_header(options) }
 
-      body_params.each do |param_name|
-        param_name = param_name.to_sym
-        next if param_name == :api_key  # this is now sent as a header field
-        http_options[:body][param_name] = params[param_name] unless params[param_name].nil?
+      body_options.each do |pname|
+        pname = pname.to_sym
+        next if pname == :api_key  # this is now sent as a header field
+        http_options[:body][pname] = options[pname] unless options[pname].nil?
       end
 
       http_options
@@ -343,31 +395,40 @@ module Touchpass
       self.api_key = response["api_key"] if response && response["api_key"]
     end
 
-    def api_key_header(params)
+    def api_key_header(options)
       self.api_key ? { API_KEY_HEADER => self.api_key } : {}
     end
 
+    def require_api_key
+      require_param(self.api_key, "api key")
+    end
+
+    def require_param(value, name)
+      raise "#{name} required" unless value && value.to_s.length > 0
+    end
+
     # Submit the request to the server and process the response (for errors)
-    def submit_request(http_verb, request, params)
+    def submit_request(http_verb, request, options)
+
+      request = request + "." + REQUEST_FORMAT
 
       if @debug
         puts "DEBUG: "
         puts "DEBUG:  hostname: #{@hostname}"
-        puts "DEBUG:    output: #{@output}"
-        puts "DEBUG:   request: #{http_verb.upcase} #{request}"      
-        puts "DEBUG:    params: #{params}"
+        puts "DEBUG:  request: #{http_verb.upcase} #{request}"      
+        puts "DEBUG:  options: #{options}"
       end
 
       case http_verb
       when "put"
-        response = HTTParty.put(request, params)
+        response = HTTParty.put(request, options)
       when "delete"
-        response = HTTParty.delete(request, params)
+        response = HTTParty.delete(request, options)
       when "post"
-        response = HTTParty.post(request, params)
+        response = HTTParty.post(request, options)
       else
-        response = HTTParty.get(request, :query => params[:body],
-                                :headers => params[:headers])
+        response = HTTParty.get(request, :query => options[:body],
+                                :headers => options[:headers])
       end
       
       if @debug