vgs_api_client 0.0.1.alpha202204201434

data/spec/configuration_spec.rb

@@ -0,0 +1,42 @@
+=begin
+#Vault HTTP API
+
+#The VGS Vault HTTP API is used for storing, retrieving, and managing sensitive data (aka Tokenization) within a VGS Vault.  The VGS API is organized around REST. Our API is built with a predictable resource-oriented structure, uses JSON-encoded requests and responses, follows standard HTTP verbs/responses, and uses industry standard authentication.  ## What is VGS  Storing sensitive data on your company’s infrastructure often comes with a heavy compliance burden. For instance, storing payments data yourself greatly increases the amount of work needed to become PCI compliant. It also increases your security risk in general. To combat this, companies will minimize the amount of sensitive information they have to handle or store.  VGS provides multiple methods for minimizing the sensitive information that needs to be stored which allows customers to secure any type of data for any use-case.  **Tokenization** is a method that focuses on securing the storage of data. This is the quickest way to get started and is free. [Get started with Tokenization](https://www.verygoodsecurity.com/docs/tokenization/getting-started).  **Zero Data** is a unique method invented by VGS in 2016 that securely stores data like Tokenization, however it also removes the customer’s environment from PCI scope completely providing maximum security, and minimum compliance scope. [Get started with Zero Data](https://www.verygoodsecurity.com/docs/getting-started/before-you-start).  Additionally, for scenarios where neither technology is a complete solution, for instance with legacy systems, VGS provides a compliance product which guarantees customers are able to meet their compliance needs no matter what may happen. [Get started with Control](https://www.verygoodsecurity.com/docs/control).  ## Learn about Tokenization  - [Create an Account for Free Tokenization](https://dashboard.verygoodsecurity.com/tokenization) - [Try a Tokenization Demo](https://www.verygoodsecurity.com/docs/tokenization/getting-started) - [Install a Tokenization SDK](https://www.verygoodsecurity.com/docs/tokenization/client-libraries)  ### Authentication  This API uses `Basic` authentication.  Credentials to access the API can be generated on the [dashboard](https://dashboard.verygoodsecurity.com) by going to the Settings section of the vault of your choosing.  [Docs » Guides » Access credentials](https://www.verygoodsecurity.com/docs/settings/access-credentials)  ## Resource Limits  ### Data Limits  This API allows storing data up to 32MB in size.  ### Rate Limiting  The API allows up to 3,000 requests per minute. Requests are associated with the vault, regardless of the access credentials used to authenticate the request.  Your current rate limit is included as HTTP headers in every API response:  | Header Name             | Description                                              | |-------------------------|----------------------------------------------------------| | `x-ratelimit-remaining` | The number of requests remaining in the 1-minute window. |  If you exceed the rate limit, the API will reject the request with HTTP [429 Too Many Requests](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/429).  ### Errors  The API uses standard HTTP status codes to indicate whether the request succeeded or not.  In case of failure, the response body will be JSON in a predefined format. For example, trying to create too many aliases at once results in the following response:  ```json {     \"errors\": [         {             \"status\": 400,             \"title\": \"Bad request\",             \"detail\": \"Too many values (limit: 20)\",             \"href\": \"https://api.sandbox.verygoodvault.com/aliases\"         }     ] } ``` 
+
+The version of the OpenAPI document: 1.0.0
+Contact: support@verygoodsecurity.com
+Generated by: https://openapi-generator.tech
+OpenAPI Generator version: 5.4.0
+
+=end
+
+require 'spec_helper'
+
+describe VgsApiClient::Configuration do
+  let(:config) { VgsApiClient::Configuration.default }
+
+  before(:each) do
+    # uncomment below to setup host and base_path
+    # require 'URI'
+    # uri = URI.parse("https://api.sandbox.verygoodvault.com")
+    # VgsApiClient.configure do |c|
+    #   c.host = uri.host
+    #   c.base_path = uri.path
+    # end
+  end
+
+  describe '#base_url' do
+    it 'should have the default value' do
+      # uncomment below to test default value of the base path
+      # expect(config.base_url).to eq("https://api.sandbox.verygoodvault.com")
+    end
+
+    it 'should remove trailing slashes' do
+      [nil, '', '/', '//'].each do |base_path|
+        config.base_path = base_path
+        # uncomment below to test trailing slashes
+        # expect(config.base_url).to eq("https://api.sandbox.verygoodvault.com")
+      end
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,111 @@
+=begin
+#Vault HTTP API
+
+#The VGS Vault HTTP API is used for storing, retrieving, and managing sensitive data (aka Tokenization) within a VGS Vault.  The VGS API is organized around REST. Our API is built with a predictable resource-oriented structure, uses JSON-encoded requests and responses, follows standard HTTP verbs/responses, and uses industry standard authentication.  ## What is VGS  Storing sensitive data on your company’s infrastructure often comes with a heavy compliance burden. For instance, storing payments data yourself greatly increases the amount of work needed to become PCI compliant. It also increases your security risk in general. To combat this, companies will minimize the amount of sensitive information they have to handle or store.  VGS provides multiple methods for minimizing the sensitive information that needs to be stored which allows customers to secure any type of data for any use-case.  **Tokenization** is a method that focuses on securing the storage of data. This is the quickest way to get started and is free. [Get started with Tokenization](https://www.verygoodsecurity.com/docs/tokenization/getting-started).  **Zero Data** is a unique method invented by VGS in 2016 that securely stores data like Tokenization, however it also removes the customer’s environment from PCI scope completely providing maximum security, and minimum compliance scope. [Get started with Zero Data](https://www.verygoodsecurity.com/docs/getting-started/before-you-start).  Additionally, for scenarios where neither technology is a complete solution, for instance with legacy systems, VGS provides a compliance product which guarantees customers are able to meet their compliance needs no matter what may happen. [Get started with Control](https://www.verygoodsecurity.com/docs/control).  ## Learn about Tokenization  - [Create an Account for Free Tokenization](https://dashboard.verygoodsecurity.com/tokenization) - [Try a Tokenization Demo](https://www.verygoodsecurity.com/docs/tokenization/getting-started) - [Install a Tokenization SDK](https://www.verygoodsecurity.com/docs/tokenization/client-libraries)  ### Authentication  This API uses `Basic` authentication.  Credentials to access the API can be generated on the [dashboard](https://dashboard.verygoodsecurity.com) by going to the Settings section of the vault of your choosing.  [Docs » Guides » Access credentials](https://www.verygoodsecurity.com/docs/settings/access-credentials)  ## Resource Limits  ### Data Limits  This API allows storing data up to 32MB in size.  ### Rate Limiting  The API allows up to 3,000 requests per minute. Requests are associated with the vault, regardless of the access credentials used to authenticate the request.  Your current rate limit is included as HTTP headers in every API response:  | Header Name             | Description                                              | |-------------------------|----------------------------------------------------------| | `x-ratelimit-remaining` | The number of requests remaining in the 1-minute window. |  If you exceed the rate limit, the API will reject the request with HTTP [429 Too Many Requests](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/429).  ### Errors  The API uses standard HTTP status codes to indicate whether the request succeeded or not.  In case of failure, the response body will be JSON in a predefined format. For example, trying to create too many aliases at once results in the following response:  ```json {     \"errors\": [         {             \"status\": 400,             \"title\": \"Bad request\",             \"detail\": \"Too many values (limit: 20)\",             \"href\": \"https://api.sandbox.verygoodvault.com/aliases\"         }     ] } ``` 
+
+The version of the OpenAPI document: 1.0.0
+Contact: support@verygoodsecurity.com
+Generated by: https://openapi-generator.tech
+OpenAPI Generator version: 5.4.0
+
+=end
+
+# load the gem
+require 'vgs_api_client'
+
+# The following  was generated by the `rspec --init` command. Conventionally, all
+# specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
+# The generated `.rspec` file contains `--require spec_helper` which will cause
+# this file to always be loaded, without a need to explicitly require it in any
+# files.
+#
+# Given that it is always loaded, you are encouraged to keep this file as
+# light-weight as possible. Requiring heavyweight dependencies from this file
+# will add to the boot time of your test suite on EVERY test run, even for an
+# individual file that may not need all of that loaded. Instead, consider making
+# a separate helper file that requires the additional dependencies and performs
+# the additional setup, and require it from the spec files that actually need
+# it.
+#
+# The `.rspec` file also contains a few flags that are not defaults but that
+# users commonly want.
+#
+# See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
+RSpec.configure do |config|
+  # rspec-expectations config goes here. You can use an alternate
+  # assertion/expectation library such as wrong or the stdlib/minitest
+  # assertions if you prefer.
+  config.expect_with :rspec do |expectations|
+    # This option will default to `true` in RSpec 4. It makes the `description`
+    # and `failure_message` of custom matchers include text for helper methods
+    # defined using `chain`, e.g.:
+    #     be_bigger_than(2).and_smaller_than(4).description
+    #     # => "be bigger than 2 and smaller than 4"
+    # ...rather than:
+    #     # => "be bigger than 2"
+    expectations.include_chain_clauses_in_custom_matcher_descriptions = true
+  end
+
+  # rspec-mocks config goes here. You can use an alternate test double
+  # library (such as bogus or mocha) by changing the `mock_with` option here.
+  config.mock_with :rspec do |mocks|
+    # Prevents you from mocking or stubbing a method that does not exist on
+    # a real object. This is generally recommended, and will default to
+    # `true` in RSpec 4.
+    mocks.verify_partial_doubles = true
+  end
+
+# The settings below are suggested to provide a good initial experience
+# with RSpec, but feel free to customize to your heart's content.
+=begin
+  # These two settings work together to allow you to limit a spec run
+  # to individual examples or groups you care about by tagging them with
+  # `:focus` metadata. When nothing is tagged with `:focus`, all examples
+  # get run.
+  config.filter_run :focus
+  config.run_all_when_everything_filtered = true
+
+  # Allows RSpec to persist some state between runs in order to support
+  # the `--only-failures` and `--next-failure` CLI options. We recommend
+  # you configure your source control system to ignore this file.
+  config.example_status_persistence_file_path = "spec/examples.txt"
+
+  # Limits the available syntax to the non-monkey patched syntax that is
+  # recommended. For more details, see:
+  #   - http://rspec.info/blog/2012/06/rspecs-new-expectation-syntax/
+  #   - http://www.teaisaweso.me/blog/2013/05/27/rspecs-new-message-expectation-syntax/
+  #   - http://rspec.info/blog/2014/05/notable-changes-in-rspec-3/#zero-monkey-patching-mode
+  config.disable_monkey_patching!
+
+  # This setting enables warnings. It's recommended, but in some cases may
+  # be too noisy due to issues in dependencies.
+  config.warnings = true
+
+  # Many RSpec users commonly either run the entire suite or an individual
+  # file, and it's useful to allow more verbose output when running an
+  # individual spec file.
+  if config.files_to_run.one?
+    # Use the documentation formatter for detailed output,
+    # unless a formatter has already been configured
+    # (e.g. via a command-line flag).
+    config.default_formatter = 'doc'
+  end
+
+  # Print the 10 slowest examples and example groups at the
+  # end of the spec run, to help surface which specs are running
+  # particularly slow.
+  config.profile_examples = 10
+
+  # Run specs in random order to surface order dependencies. If you find an
+  # order dependency and want to debug it, you can fix the order by providing
+  # the seed, which is printed after each run.
+  #     --seed 1234
+  config.order = :random
+
+  # Seed global randomization in this process using the `--seed` CLI option.
+  # Setting this allows you to use `--seed` to deterministically reproduce
+  # test failures related to randomization by passing the same `--seed` value
+  # as the one that triggered the failure.
+  Kernel.srand config.seed
+=end
+end

data/spec/test_aliases_api_spec.rb

@@ -0,0 +1,97 @@
+require 'spec_helper'
+require 'securerandom'
+require 'vgs'
+
+describe 'AliasesApiSpec' do
+  before(:all) do
+    config = VGS.config(username = ENV["VAULT_API_USERNAME"], password = ENV["VAULT_API_PASSWORD"])
+    @aliases_api = VGS::Aliases.new(config)
+  end
+
+  describe 'redact' do
+    it 'should redact values' do
+      data = [
+        {
+          :format => 'UUID',
+          :value => '5201784564572092',
+          :classifiers => %w[credit-card number],
+          :storage => 'PERSISTENT',
+        },
+        {
+          :format => 'UUID',
+          :value => 'Joe Doe',
+          :storage => 'VOLATILE',
+        }
+      ]
+      aliases = @aliases_api.redact(data)
+      expect(aliases.length).to eq 2
+      data.each_with_index do |item, index|
+        expect(aliases[index].value).to eq item[:value]
+        expect(aliases[index].storage).to eq item[:storage]
+        expect(aliases[index].aliases[0]._alias).to start_with "tok_"
+      end
+      expect(Set.new(aliases[0].classifiers)).to eq Set.new(%w[credit-card number])
+      expect(Set.new(aliases[1].classifiers)).to eq Set.new
+    end
+  end
+
+  describe 'reveal' do
+    it 'should reveal aliases' do
+      data = [
+        {
+          :format => 'UUID',
+          :value => '5201784564572092',
+          :classifiers => %w[credit-card number],
+          :storage => 'PERSISTENT',
+        },
+        {
+          :format => 'UUID',
+          :value => 'Joe Doe',
+          :storage => 'VOLATILE',
+        }
+      ]
+      aliases = @aliases_api.redact(data).map { |item| item.aliases[0]._alias }
+
+      response = @aliases_api.reveal(aliases)
+
+      expect(response.length).to eq 2
+      original_values = data.map { |i| i[:value] }
+      revealed_values = response.values.map { |i| i.value }
+      expect(Set.new(original_values)).to eq Set.new(revealed_values)
+    end
+  end
+
+  describe 'update' do
+    it 'should update alias' do
+      data = [
+        {
+          :format => 'UUID',
+          :value => SecureRandom.alphanumeric(10),
+        }
+      ]
+      _alias = @aliases_api.redact(data).map { |item| item.aliases[0]._alias }[0]
+
+      @aliases_api.update(_alias = _alias, data = { :classifiers => ["secure"] })
+
+      response = @aliases_api.reveal(_alias)
+      expect(response[_alias].classifiers).to eq %w[secure]
+    end
+  end
+
+  describe 'delete' do
+    it 'should delete alias' do
+      data = [
+        {
+          :format => 'UUID',
+          :value => '5201784564572092',
+        }
+      ]
+      _alias = @aliases_api.redact(data).map { |item| item.aliases[0]._alias }[0]
+
+      @aliases_api.delete(_alias = _alias)
+
+      expect { @aliases_api.reveal(_alias) }.to raise_error(VGS::VgsApiException)
+    end
+  end
+
+end

data/vgs_api_client.gemspec

@@ -0,0 +1,38 @@
+# -*- encoding: utf-8 -*-
+
+=begin
+#Vault HTTP API
+
+#The VGS Vault HTTP API is used for storing, retrieving, and managing sensitive data (aka Tokenization) within a VGS Vault.  The VGS API is organized around REST. Our API is built with a predictable resource-oriented structure, uses JSON-encoded requests and responses, follows standard HTTP verbs/responses, and uses industry standard authentication.  ## What is VGS  Storing sensitive data on your company’s infrastructure often comes with a heavy compliance burden. For instance, storing payments data yourself greatly increases the amount of work needed to become PCI compliant. It also increases your security risk in general. To combat this, companies will minimize the amount of sensitive information they have to handle or store.  VGS provides multiple methods for minimizing the sensitive information that needs to be stored which allows customers to secure any type of data for any use-case.  **Tokenization** is a method that focuses on securing the storage of data. This is the quickest way to get started and is free. [Get started with Tokenization](https://www.verygoodsecurity.com/docs/tokenization/getting-started).  **Zero Data** is a unique method invented by VGS in 2016 that securely stores data like Tokenization, however it also removes the customer’s environment from PCI scope completely providing maximum security, and minimum compliance scope. [Get started with Zero Data](https://www.verygoodsecurity.com/docs/getting-started/before-you-start).  Additionally, for scenarios where neither technology is a complete solution, for instance with legacy systems, VGS provides a compliance product which guarantees customers are able to meet their compliance needs no matter what may happen. [Get started with Control](https://www.verygoodsecurity.com/docs/control).  ## Learn about Tokenization  - [Create an Account for Free Tokenization](https://dashboard.verygoodsecurity.com/tokenization) - [Try a Tokenization Demo](https://www.verygoodsecurity.com/docs/tokenization/getting-started) - [Install a Tokenization SDK](https://www.verygoodsecurity.com/docs/tokenization/client-libraries)  ### Authentication  This API uses `Basic` authentication.  Credentials to access the API can be generated on the [dashboard](https://dashboard.verygoodsecurity.com) by going to the Settings section of the vault of your choosing.  [Docs » Guides » Access credentials](https://www.verygoodsecurity.com/docs/settings/access-credentials)  ## Resource Limits  ### Data Limits  This API allows storing data up to 32MB in size.  ### Rate Limiting  The API allows up to 3,000 requests per minute. Requests are associated with the vault, regardless of the access credentials used to authenticate the request.  Your current rate limit is included as HTTP headers in every API response:  | Header Name             | Description                                              | |-------------------------|----------------------------------------------------------| | `x-ratelimit-remaining` | The number of requests remaining in the 1-minute window. |  If you exceed the rate limit, the API will reject the request with HTTP [429 Too Many Requests](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/429).  ### Errors  The API uses standard HTTP status codes to indicate whether the request succeeded or not.  In case of failure, the response body will be JSON in a predefined format. For example, trying to create too many aliases at once results in the following response:  ```json {     \"errors\": [         {             \"status\": 400,             \"title\": \"Bad request\",             \"detail\": \"Too many values (limit: 20)\",             \"href\": \"https://api.sandbox.verygoodvault.com/aliases\"         }     ] } ``` 
+
+The version of the OpenAPI document: 1.0.0
+Contact: support@verygoodsecurity.com
+Generated by: https://openapi-generator.tech
+OpenAPI Generator version: 5.4.0
+
+=end
+
+$:.push File.expand_path("../lib", __FILE__)
+require "vgs_api_client/version"
+
+Gem::Specification.new do |s|
+  s.name        = "vgs_api_client"
+  s.version     = VgsApiClient::VERSION
+  s.platform    = Gem::Platform::RUBY
+  s.authors     = ["Very Good Security"]
+  s.email       = ["dev@verygoodsecurity.com"]
+  s.homepage    = "https://openapi-generator.tech"
+  s.summary     = "A ruby wrapper for the VGS Vault API"
+  s.description = "This gem maps to VGS Vault API"
+  s.license     = "Unlicense"
+  s.required_ruby_version = ">= 2.4"
+
+  s.add_runtime_dependency 'typhoeus', '~> 1.0', '>= 1.0.1'
+
+  s.add_development_dependency 'rspec', '~> 3.6', '>= 3.6.0'
+
+  s.files         = `find *`.split("\n").uniq.sort.select { |f| !f.empty? }
+  s.test_files    = `find spec/*`.split("\n")
+  s.executables   = []
+  s.require_paths = ["lib"]
+end

metadata

@@ -0,0 +1,127 @@
+--- !ruby/object:Gem::Specification
+name: vgs_api_client
+version: !ruby/object:Gem::Version
+  version: 0.0.1.alpha202204201434
+platform: ruby
+authors:
+- Very Good Security
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2022-04-20 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: typhoeus
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.0.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.0.1
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.6'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 3.6.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.6'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 3.6.0
+description: This gem maps to VGS Vault API
+email:
+- dev@verygoodsecurity.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- DEVELOPMENT.md
+- Gemfile
+- LICENSE
+- RELEASE.md
+- Rakefile
+- docker-compose.yaml
+- lib/vgs.rb
+- lib/vgs_api_client.rb
+- lib/vgs_api_client/api/aliases_api.rb
+- lib/vgs_api_client/api_client.rb
+- lib/vgs_api_client/api_error.rb
+- lib/vgs_api_client/configuration.rb
+- lib/vgs_api_client/models/alias_format.rb
+- lib/vgs_api_client/models/api_error.rb
+- lib/vgs_api_client/models/create_aliases_request.rb
+- lib/vgs_api_client/models/create_aliases_request_new.rb
+- lib/vgs_api_client/models/create_aliases_request_reference.rb
+- lib/vgs_api_client/models/inline_response200.rb
+- lib/vgs_api_client/models/inline_response2001.rb
+- lib/vgs_api_client/models/inline_response201.rb
+- lib/vgs_api_client/models/inline_response_default.rb
+- lib/vgs_api_client/models/model_alias.rb
+- lib/vgs_api_client/models/revealed_data.rb
+- lib/vgs_api_client/models/update_alias_request.rb
+- lib/vgs_api_client/models/update_alias_request_data.rb
+- lib/vgs_api_client/version.rb
+- scripts/assemble/Dockerfile
+- scripts/assemble/run.sh
+- scripts/publish.sh
+- scripts/publish/Dockerfile
+- scripts/publish/run.sh
+- scripts/run-tests-e2e.sh
+- scripts/run-tests.sh
+- scripts/test/Dockerfile
+- scripts/test/run.sh
+- spec/api_client_spec.rb
+- spec/configuration_spec.rb
+- spec/spec_helper.rb
+- spec/test_aliases_api_spec.rb
+- vgs_api_client.gemspec
+homepage: https://openapi-generator.tech
+licenses:
+- Unlicense
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '2.4'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">"
+    - !ruby/object:Gem::Version
+      version: 1.3.1
+requirements: []
+rubygems_version: 3.3.7
+signing_key:
+specification_version: 4
+summary: A ruby wrapper for the VGS Vault API
+test_files:
+- spec/api_client_spec.rb
+- spec/configuration_spec.rb
+- spec/spec_helper.rb
+- spec/test_aliases_api_spec.rb