vgs_api_client 0.0.35 → 0.0.38

data/lib/vgs_api_client.rb

@@ -1,53 +1,111 @@
-=begin
-#Vault HTTP API
-
-#The VGS Vault HTTP API is used for storing, retrieving, and managing sensitive data (aka Tokenization) within a VGS Vault.  The VGS API is organized around REST. Our API is built with a predictable resource-oriented structure, uses JSON-encoded requests and responses, follows standard HTTP verbs/responses, and uses industry standard authentication.  ## What is VGS  Storing sensitive data on your company’s infrastructure often comes with a heavy compliance burden. For instance, storing payments data yourself greatly increases the amount of work needed to become PCI compliant. It also increases your security risk in general. To combat this, companies will minimize the amount of sensitive information they have to handle or store.  VGS provides multiple methods for minimizing the sensitive information that needs to be stored which allows customers to secure any type of data for any use-case.  **Tokenization** is a method that focuses on securing the storage of data. This is the quickest way to get started and is free. [Get started with Tokenization](https://www.verygoodsecurity.com/docs/tokenization/getting-started).  **Zero Data** is a unique method invented by VGS in 2016 that securely stores data like Tokenization, however it also removes the customer’s environment from PCI scope completely providing maximum security, and minimum compliance scope. [Get started with Zero Data](https://www.verygoodsecurity.com/docs/getting-started/before-you-start).  Additionally, for scenarios where neither technology is a complete solution, for instance with legacy systems, VGS provides a compliance product which guarantees customers are able to meet their compliance needs no matter what may happen. [Get started with Control](https://www.verygoodsecurity.com/docs/control).  ## Learn about Tokenization  - [Create an Account for Free Tokenization](https://dashboard.verygoodsecurity.com/tokenization) - [Try a Tokenization Demo](https://www.verygoodsecurity.com/docs/tokenization/getting-started) - [Install a Tokenization SDK](https://www.verygoodsecurity.com/docs/tokenization/client-libraries)  ### Authentication  This API uses `Basic` authentication.  Credentials to access the API can be generated on the [dashboard](https://dashboard.verygoodsecurity.com) by going to the Settings section of the vault of your choosing.  [Docs » Guides » Access credentials](https://www.verygoodsecurity.com/docs/settings/access-credentials)  ## Resource Limits  ### Data Limits  This API allows storing data up to 32MB in size.  ### Rate Limiting  The API allows up to 3,000 requests per minute. Requests are associated with the vault, regardless of the access credentials used to authenticate the request.  Your current rate limit is included as HTTP headers in every API response:  | Header Name             | Description                                              | |-------------------------|----------------------------------------------------------| | `x-ratelimit-remaining` | The number of requests remaining in the 1-minute window. |  If you exceed the rate limit, the API will reject the request with HTTP [429 Too Many Requests](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/429).  ### Errors  The API uses standard HTTP status codes to indicate whether the request succeeded or not.  In case of failure, the response body will be JSON in a predefined format. For example, trying to create too many aliases at once results in the following response:  ```json {     \"errors\": [         {             \"status\": 400,             \"title\": \"Bad request\",             \"detail\": \"Too many values (limit: 20)\",             \"href\": \"https://api.sandbox.verygoodvault.com/aliases\"         }     ] } ``` 
-
-The version of the OpenAPI document: 1.0.0
-Contact: support@verygoodsecurity.com
-Generated by: https://openapi-generator.tech
-OpenAPI Generator version: 5.4.0
-
-=end
-
-# Common files
-require 'vgs_api_client/api_client'
-require 'vgs_api_client/api_error'
-require 'vgs_api_client/version'
-require 'vgs_api_client/configuration'
-
-# Models
-require 'vgs_api_client/models/alias_format'
-require 'vgs_api_client/models/api_error'
-require 'vgs_api_client/models/create_aliases_request'
-require 'vgs_api_client/models/create_aliases_request_new'
-require 'vgs_api_client/models/create_aliases_request_reference'
-require 'vgs_api_client/models/inline_response200'
-require 'vgs_api_client/models/inline_response2001'
-require 'vgs_api_client/models/inline_response201'
-require 'vgs_api_client/models/inline_response_default'
-require 'vgs_api_client/models/model_alias'
-require 'vgs_api_client/models/revealed_data'
-require 'vgs_api_client/models/update_alias_request'
-require 'vgs_api_client/models/update_alias_request_data'
-
-# APIs
-require 'vgs_api_client/api/aliases_api'
-
-module VgsApiClient
-  class << self
-    # Customize default settings for the SDK using block.
-    #   VgsApiClient.configure do |config|
-    #     config.username = "xxx"
-    #     config.password = "xxx"
-    #   end
-    # If no block given, return the default Configuration object.
-    def configure
-      if block_given?
-        yield(Configuration.default)
+require 'openapi_client'
+
+module VGS
+  class VgsApiError < StandardError
+  end
+
+  class UnauthorizedError < VgsApiError
+  end
+
+  class NotFoundError < VgsApiError
+  end
+
+  class ForbiddenError < VgsApiError
+  end
+
+  class Aliases
+    def initialize(config)
+      raise ArgumentError, 'config is nil' if config.nil?
+      @aliases_api = VgsApiClient::AliasesApi.new(VgsApiClient::ApiClient.new(config))
+    end
+
+    private def map_exception(message, error)
+      error_message = message
+      if error.is_a? VgsApiClient::ApiError
+        error_message += ". Details: #{error.message}"
+        case error.code
+        when 401
+          UnauthorizedError.new error_message
+        when 403
+          ForbiddenError.new error_message
+        when 404
+          NotFoundError.new error_message
+        else
+          VgsApiError.new error_message
+        end
       else
-        Configuration.default
+        VgsApiError.new error_message
       end
     end
+
+    def redact(data)
+      begin
+        requests = data.map do |item|
+          VgsApiClient::CreateAliasesRequestNew.new(attributes = {
+            :format => VgsApiClient::AliasFormat.build_from_hash(item[:format] || "UUID"),
+            :classifiers => item[:classifiers],
+            :value => item[:value],
+            :storage => item[:storage]
+          })
+        end
+
+        create_aliases_request = VgsApiClient::CreateAliasesRequest.new(attributes = {
+          :data => requests
+        })
+        response = @aliases_api.create_aliases(opts = {
+          :create_aliases_request => create_aliases_request.to_hash
+        })
+      rescue Exception => e
+        raise map_exception("Failed to redact data #{ data }", e)
+      else
+        response.data
+      end
+    end
+
+    def reveal(aliases)
+      begin
+        query = aliases.kind_of?(Array) ? aliases.join(",") : aliases
+        response = @aliases_api.reveal_multiple_aliases(q = query)
+      rescue Exception => e
+        raise map_exception("Failed to reveal aliases #{ aliases }", e)
+      else
+        response.data
+      end
+    end
+
+    def delete(_alias)
+      begin
+        @aliases_api.delete_alias(_alias = _alias)
+      rescue Exception => e
+        raise map_exception("Failed to delete alias #{ _alias }", e)
+      end
+    end
+
+    def update(_alias, data)
+      begin
+        update_alias_request = VgsApiClient::UpdateAliasRequest.new(attributes = {
+          :data => VgsApiClient::UpdateAliasRequestData.new(attributes = {
+            :classifiers => data[:classifiers]
+          })
+        })
+        @aliases_api.update_alias(_alias = _alias, opts = {
+          :update_alias_request => update_alias_request.to_hash
+        })
+      rescue Exception => e
+        raise map_exception("Failed to update alias #{ _alias }", e)
+      end
+    end
+  end
+
+  def self.config(username, password, host = 'https://api.sandbox.verygoodvault.com')
+    raise ArgumentError, 'username is nil' if username.nil?
+    raise ArgumentError, 'password is nil' if password.nil?
+
+    config = VgsApiClient::Configuration.default
+    config.username = username
+    config.password = password
+    config.host = host
+    config.server_index = nil
+    config
   end
 end

data/scripts/assemble/run.sh

@@ -1,9 +1,9 @@
 #!/bin/bash
 
-LIB_VERSION=${LIB_VERSION:-0.0.1.dev$(date "+%Y%m%d%H%M")}
+LIB_VERSION=${LIB_VERSION:-0.0.1.alpha$(date "+%Y%m%d%H%M")}
 
 # fix version
-grep -rl 0.0.35 . | xargs sed -i "s/0.0.35/${LIB_VERSION}/g"
+grep -rl 0.0.38 . | xargs sed -i "s/0.0.38/${LIB_VERSION}/g"
 
 # build
 gem build vgs_api_client.gemspec

data/scripts/lint/Dockerfile

@@ -0,0 +1,9 @@
+FROM ruby:3.1.2-alpine3.15
+
+RUN apk update && \
+    apk add bash && \
+    gem install rubocop
+
+WORKDIR /vgs-api-client/
+
+ENTRYPOINT ["bash", "./scripts/lint/run.sh"]

data/scripts/lint/run.sh

@@ -0,0 +1,5 @@
+#!/bin/bash
+
+set -e
+
+rubocop .

data/scripts/lint.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+
+set -e
+
+docker-compose build lint && \
+docker-compose run lint

data/scripts/publish/run.sh

@@ -5,7 +5,8 @@ set -e
 usage() { echo "Required env var '$1' is missing"; exit 1; }
 
 [ -z "${ARTIFACT_REPOSITORY_TOKEN}" ] && usage "ARTIFACT_REPOSITORY_TOKEN" ;
-[ -z "${LIB_VERSION}" ] && usage "LIB_VERSION" ;
+
+LIB_VERSION=${LIB_VERSION:-0.0.1.alpha$(date "+%Y%m%d%H%M")}
 
 mkdir ~/.gem
 echo ":rubygems_api_key: ${ARTIFACT_REPOSITORY_TOKEN}" > ~/.gem/credentials

data/scripts/publish.sh

@@ -5,7 +5,8 @@ set -e
 usage() { echo "Required env var '$1' is missing"; exit 1; }
 
 [ -z "${ARTIFACT_REPOSITORY_TOKEN}" ] && usage "ARTIFACT_REPOSITORY_TOKEN" ;
-[ -z "${LIB_VERSION}" ] && usage "LIB_VERSION" ;
+
+export LIB_VERSION=${LIB_VERSION:-0.0.1.alpha$(date "+%Y%m%d%H%M")}
 
 docker-compose build && \
 docker-compose run assemble && \

data/scripts/run-tests-e2e.sh

@@ -2,9 +2,7 @@
 
 set -e
 
-usage() { echo "Required env var '$1' is missing"; exit 1; }
+export LIB_VERSION=${LIB_VERSION:-0.0.1.alpha$(date "+%Y%m%d%H%M")}
 
-[ -z "${LIB_VERSION}" ] && usage "LIB_VERSION" ;
-
-docker-compose build && \
-docker-compose run test
+docker-compose build test-e2e && \
+docker-compose run test-e2e

data/scripts/run-tests.sh

@@ -2,6 +2,5 @@
 
 set -e
 
-docker-compose build && \
-docker-compose run assemble && \
+docker-compose build test && \
 docker-compose run test

data/scripts/test/Dockerfile

@@ -7,6 +7,8 @@ RUN apk update && \
     gem install bundler && \
     gem install rspec-support
 
+ADD . /vgs-api-client
+
 WORKDIR /vgs-api-client/
 
 ENTRYPOINT ["bash", "./scripts/test/run.sh"]

data/scripts/test/run.sh

@@ -2,32 +2,12 @@
 
 set -e
 
-rm vgs_api_client-*.gem || true
+echo "Installing lib from local sources"
+# fix version
+VERSION=0.0.1.alpha$(date "+%Y%m%d%H%M")
+grep -rl 0.0.38 . | xargs sed -i "s/0.0.38/$VERSION/g"
 
-if [[ -n "${LIB_VERSION}" ]]; then
-  echo "Installing lib from rubygems.org ${LIB_VERSION} ..."
+bundle install
 
-  set +e
-  ATTEMPT=1
-  while [  $ATTEMPT -lt 60 ]; do
-    echo "Attempt ${ATTEMPT} ..."
-
-    bundle install --without production --binstubs
-    gem install vgs_api_client -v ${LIB_VERSION}
-
-    if [[ $? == 0 ]]; then
-      echo "Installed ${LIB_VERSION}"
-      break
-    fi
-
-    ATTEMPT=$((ATTEMPT+1))
-
-    sleep 5
-  done
-  set -e
-else
-  echo "Installing lib from local sources"
-  bundle install
-fi
-
-bundle exec rspec ./spec/test_api_spec.rb
+echo "Running tests"
+bundle exec rspec -f documentation ./spec/*.rb

data/scripts/test-e2e/Dockerfile

@@ -0,0 +1,14 @@
+FROM ruby:3.1.2-alpine3.15
+
+RUN apk update && \
+    apk add bash && \
+    apk add build-base && \
+    apk add libcurl && \
+    gem install rspec
+
+ADD ./scripts/test-e2e /vgs-api-client/scripts
+ADD ./spec /vgs-api-client/spec
+
+WORKDIR /vgs-api-client/
+
+ENTRYPOINT ["bash", "./scripts/run.sh"]

data/scripts/test-e2e/run.sh

@@ -0,0 +1,28 @@
+#!/usr/bin/env bash
+
+set -e
+
+echo "Installing lib from rubygems.org ${LIB_VERSION} ..."
+
+set +e
+ATTEMPT=1
+while [  $ATTEMPT -lt 10 ]; do
+  echo "Attempt ${ATTEMPT} ..."
+
+  gem install vgs_api_client -v ${LIB_VERSION}
+
+  if [[ $? == 0 ]]; then
+    echo "Installed ${LIB_VERSION}"
+    break
+  fi
+
+  ATTEMPT=$((ATTEMPT+1))
+
+  sleep 5
+done
+set -e
+
+echo "Running tests"
+gem install rspec
+rspec -f documentation ./spec/*.rb
+

data/spec/api_client_spec.rb

@@ -1,7 +1,7 @@
 =begin
 #Vault HTTP API
 
-#The VGS Vault HTTP API is used for storing, retrieving, and managing sensitive data (aka Tokenization) within a VGS Vault.  The VGS API is organized around REST. Our API is built with a predictable resource-oriented structure, uses JSON-encoded requests and responses, follows standard HTTP verbs/responses, and uses industry standard authentication.  ## What is VGS  Storing sensitive data on your company’s infrastructure often comes with a heavy compliance burden. For instance, storing payments data yourself greatly increases the amount of work needed to become PCI compliant. It also increases your security risk in general. To combat this, companies will minimize the amount of sensitive information they have to handle or store.  VGS provides multiple methods for minimizing the sensitive information that needs to be stored which allows customers to secure any type of data for any use-case.  **Tokenization** is a method that focuses on securing the storage of data. This is the quickest way to get started and is free. [Get started with Tokenization](https://www.verygoodsecurity.com/docs/tokenization/getting-started).  **Zero Data** is a unique method invented by VGS in 2016 that securely stores data like Tokenization, however it also removes the customer’s environment from PCI scope completely providing maximum security, and minimum compliance scope. [Get started with Zero Data](https://www.verygoodsecurity.com/docs/getting-started/before-you-start).  Additionally, for scenarios where neither technology is a complete solution, for instance with legacy systems, VGS provides a compliance product which guarantees customers are able to meet their compliance needs no matter what may happen. [Get started with Control](https://www.verygoodsecurity.com/docs/control).  ## Learn about Tokenization  - [Create an Account for Free Tokenization](https://dashboard.verygoodsecurity.com/tokenization) - [Try a Tokenization Demo](https://www.verygoodsecurity.com/docs/tokenization/getting-started) - [Install a Tokenization SDK](https://www.verygoodsecurity.com/docs/tokenization/client-libraries)  ### Authentication  This API uses `Basic` authentication.  Credentials to access the API can be generated on the [dashboard](https://dashboard.verygoodsecurity.com) by going to the Settings section of the vault of your choosing.  [Docs » Guides » Access credentials](https://www.verygoodsecurity.com/docs/settings/access-credentials)  ## Resource Limits  ### Data Limits  This API allows storing data up to 32MB in size.  ### Rate Limiting  The API allows up to 3,000 requests per minute. Requests are associated with the vault, regardless of the access credentials used to authenticate the request.  Your current rate limit is included as HTTP headers in every API response:  | Header Name             | Description                                              | |-------------------------|----------------------------------------------------------| | `x-ratelimit-remaining` | The number of requests remaining in the 1-minute window. |  If you exceed the rate limit, the API will reject the request with HTTP [429 Too Many Requests](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/429).  ### Errors  The API uses standard HTTP status codes to indicate whether the request succeeded or not.  In case of failure, the response body will be JSON in a predefined format. For example, trying to create too many aliases at once results in the following response:  ```json {     \"errors\": [         {             \"status\": 400,             \"title\": \"Bad request\",             \"detail\": \"Too many values (limit: 20)\",             \"href\": \"https://api.sandbox.verygoodvault.com/aliases\"         }     ] } ``` 
+#The VGS Vault HTTP API is used for storing, retrieving, and managing sensitive data (aka Tokenization) within a VGS Vault.  The VGS API is organized around REST. Our API is built with a predictable resource-oriented structure, uses JSON-encoded requests and responses, follows standard HTTP verbs/responses, and uses industry standard authentication.  ## What is VGS  Storing sensitive data on your company’s infrastructure often comes with a heavy compliance burden. For instance, storing payments data yourself greatly increases the amount of work needed to become PCI compliant. It also increases your security risk in general. To combat this, companies will minimize the amount of sensitive information they have to handle or store.  VGS provides multiple methods for minimizing the sensitive information that needs to be stored which allows customers to secure any type of data for any use-case.  **Tokenization** is a method that focuses on securing the storage of data. This is the quickest way to get started and is free. [Get started with Tokenization](https://www.verygoodsecurity.com/docs/tokenization/getting-started).  **Zero Data** is a unique method invented by VGS in 2016 that securely stores data like Tokenization, however it also removes the customer’s environment from PCI scope completely providing maximum security, and minimum compliance scope. [Get started with Zero Data](https://www.verygoodsecurity.com/docs/getting-started/before-you-start).  Additionally, for scenarios where neither technology is a complete solution, for instance with legacy systems, VGS provides a compliance product which guarantees customers are able to meet their compliance needs no matter what may happen. [Get started with Control](https://www.verygoodsecurity.com/docs/control).  ## Learn about Tokenization  - [Create an Account for Free Tokenization](https://dashboard.verygoodsecurity.com/tokenization) - [Try a Tokenization Demo](https://www.verygoodsecurity.com/docs/tokenization/getting-started) - [Install a Tokenization SDK](https://www.verygoodsecurity.com/docs/tokenization/client-libraries)  ### Authentication  This API uses `Basic` authentication and is implemented using industry best practices to ensure the security of the connection. Read more about [Identity and Access Management at VGS](https://www.verygoodsecurity.com/docs/vault/the-platform/iam)  Credentials to access the API can be generated on the [dashboard](https://dashboard.verygoodsecurity.com) by going to the Settings section of the vault of your choosing.  [Docs » Guides » Access credentials](https://www.verygoodsecurity.com/docs/settings/access-credentials)  ## Resource Limits  ### Data Limits  This API allows storing data up to 32MB in size.  ### Rate Limiting  The API allows up to 3,000 requests per minute. Requests are associated with the vault, regardless of the access credentials used to authenticate the request.  Your current rate limit is included as HTTP headers in every API response:  | Header Name             | Description                                              | |-------------------------|----------------------------------------------------------| | `x-ratelimit-remaining` | The number of requests remaining in the 1-minute window. |  If you exceed the rate limit, the API will reject the request with HTTP [429 Too Many Requests](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/429).  ### Errors  The API uses standard HTTP status codes to indicate whether the request succeeded or not.  In case of failure, the response body will be JSON in a predefined format. For example, trying to create too many aliases at once results in the following response:  ```json {     \"errors\": [         {             \"status\": 400,             \"title\": \"Bad request\",             \"detail\": \"Too many values (limit: 20)\",             \"href\": \"https://api.sandbox.verygoodvault.com/aliases\"         }     ] } ``` 
 
 The version of the OpenAPI document: 1.0.0
 Contact: support@verygoodsecurity.com

data/spec/configuration_spec.rb

@@ -1,7 +1,7 @@
 =begin
 #Vault HTTP API
 
-#The VGS Vault HTTP API is used for storing, retrieving, and managing sensitive data (aka Tokenization) within a VGS Vault.  The VGS API is organized around REST. Our API is built with a predictable resource-oriented structure, uses JSON-encoded requests and responses, follows standard HTTP verbs/responses, and uses industry standard authentication.  ## What is VGS  Storing sensitive data on your company’s infrastructure often comes with a heavy compliance burden. For instance, storing payments data yourself greatly increases the amount of work needed to become PCI compliant. It also increases your security risk in general. To combat this, companies will minimize the amount of sensitive information they have to handle or store.  VGS provides multiple methods for minimizing the sensitive information that needs to be stored which allows customers to secure any type of data for any use-case.  **Tokenization** is a method that focuses on securing the storage of data. This is the quickest way to get started and is free. [Get started with Tokenization](https://www.verygoodsecurity.com/docs/tokenization/getting-started).  **Zero Data** is a unique method invented by VGS in 2016 that securely stores data like Tokenization, however it also removes the customer’s environment from PCI scope completely providing maximum security, and minimum compliance scope. [Get started with Zero Data](https://www.verygoodsecurity.com/docs/getting-started/before-you-start).  Additionally, for scenarios where neither technology is a complete solution, for instance with legacy systems, VGS provides a compliance product which guarantees customers are able to meet their compliance needs no matter what may happen. [Get started with Control](https://www.verygoodsecurity.com/docs/control).  ## Learn about Tokenization  - [Create an Account for Free Tokenization](https://dashboard.verygoodsecurity.com/tokenization) - [Try a Tokenization Demo](https://www.verygoodsecurity.com/docs/tokenization/getting-started) - [Install a Tokenization SDK](https://www.verygoodsecurity.com/docs/tokenization/client-libraries)  ### Authentication  This API uses `Basic` authentication.  Credentials to access the API can be generated on the [dashboard](https://dashboard.verygoodsecurity.com) by going to the Settings section of the vault of your choosing.  [Docs » Guides » Access credentials](https://www.verygoodsecurity.com/docs/settings/access-credentials)  ## Resource Limits  ### Data Limits  This API allows storing data up to 32MB in size.  ### Rate Limiting  The API allows up to 3,000 requests per minute. Requests are associated with the vault, regardless of the access credentials used to authenticate the request.  Your current rate limit is included as HTTP headers in every API response:  | Header Name             | Description                                              | |-------------------------|----------------------------------------------------------| | `x-ratelimit-remaining` | The number of requests remaining in the 1-minute window. |  If you exceed the rate limit, the API will reject the request with HTTP [429 Too Many Requests](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/429).  ### Errors  The API uses standard HTTP status codes to indicate whether the request succeeded or not.  In case of failure, the response body will be JSON in a predefined format. For example, trying to create too many aliases at once results in the following response:  ```json {     \"errors\": [         {             \"status\": 400,             \"title\": \"Bad request\",             \"detail\": \"Too many values (limit: 20)\",             \"href\": \"https://api.sandbox.verygoodvault.com/aliases\"         }     ] } ``` 
+#The VGS Vault HTTP API is used for storing, retrieving, and managing sensitive data (aka Tokenization) within a VGS Vault.  The VGS API is organized around REST. Our API is built with a predictable resource-oriented structure, uses JSON-encoded requests and responses, follows standard HTTP verbs/responses, and uses industry standard authentication.  ## What is VGS  Storing sensitive data on your company’s infrastructure often comes with a heavy compliance burden. For instance, storing payments data yourself greatly increases the amount of work needed to become PCI compliant. It also increases your security risk in general. To combat this, companies will minimize the amount of sensitive information they have to handle or store.  VGS provides multiple methods for minimizing the sensitive information that needs to be stored which allows customers to secure any type of data for any use-case.  **Tokenization** is a method that focuses on securing the storage of data. This is the quickest way to get started and is free. [Get started with Tokenization](https://www.verygoodsecurity.com/docs/tokenization/getting-started).  **Zero Data** is a unique method invented by VGS in 2016 that securely stores data like Tokenization, however it also removes the customer’s environment from PCI scope completely providing maximum security, and minimum compliance scope. [Get started with Zero Data](https://www.verygoodsecurity.com/docs/getting-started/before-you-start).  Additionally, for scenarios where neither technology is a complete solution, for instance with legacy systems, VGS provides a compliance product which guarantees customers are able to meet their compliance needs no matter what may happen. [Get started with Control](https://www.verygoodsecurity.com/docs/control).  ## Learn about Tokenization  - [Create an Account for Free Tokenization](https://dashboard.verygoodsecurity.com/tokenization) - [Try a Tokenization Demo](https://www.verygoodsecurity.com/docs/tokenization/getting-started) - [Install a Tokenization SDK](https://www.verygoodsecurity.com/docs/tokenization/client-libraries)  ### Authentication  This API uses `Basic` authentication and is implemented using industry best practices to ensure the security of the connection. Read more about [Identity and Access Management at VGS](https://www.verygoodsecurity.com/docs/vault/the-platform/iam)  Credentials to access the API can be generated on the [dashboard](https://dashboard.verygoodsecurity.com) by going to the Settings section of the vault of your choosing.  [Docs » Guides » Access credentials](https://www.verygoodsecurity.com/docs/settings/access-credentials)  ## Resource Limits  ### Data Limits  This API allows storing data up to 32MB in size.  ### Rate Limiting  The API allows up to 3,000 requests per minute. Requests are associated with the vault, regardless of the access credentials used to authenticate the request.  Your current rate limit is included as HTTP headers in every API response:  | Header Name             | Description                                              | |-------------------------|----------------------------------------------------------| | `x-ratelimit-remaining` | The number of requests remaining in the 1-minute window. |  If you exceed the rate limit, the API will reject the request with HTTP [429 Too Many Requests](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/429).  ### Errors  The API uses standard HTTP status codes to indicate whether the request succeeded or not.  In case of failure, the response body will be JSON in a predefined format. For example, trying to create too many aliases at once results in the following response:  ```json {     \"errors\": [         {             \"status\": 400,             \"title\": \"Bad request\",             \"detail\": \"Too many values (limit: 20)\",             \"href\": \"https://api.sandbox.verygoodvault.com/aliases\"         }     ] } ``` 
 
 The version of the OpenAPI document: 1.0.0
 Contact: support@verygoodsecurity.com

data/spec/spec_helper.rb

@@ -1,7 +1,7 @@
 =begin
 #Vault HTTP API
 
-#The VGS Vault HTTP API is used for storing, retrieving, and managing sensitive data (aka Tokenization) within a VGS Vault.  The VGS API is organized around REST. Our API is built with a predictable resource-oriented structure, uses JSON-encoded requests and responses, follows standard HTTP verbs/responses, and uses industry standard authentication.  ## What is VGS  Storing sensitive data on your company’s infrastructure often comes with a heavy compliance burden. For instance, storing payments data yourself greatly increases the amount of work needed to become PCI compliant. It also increases your security risk in general. To combat this, companies will minimize the amount of sensitive information they have to handle or store.  VGS provides multiple methods for minimizing the sensitive information that needs to be stored which allows customers to secure any type of data for any use-case.  **Tokenization** is a method that focuses on securing the storage of data. This is the quickest way to get started and is free. [Get started with Tokenization](https://www.verygoodsecurity.com/docs/tokenization/getting-started).  **Zero Data** is a unique method invented by VGS in 2016 that securely stores data like Tokenization, however it also removes the customer’s environment from PCI scope completely providing maximum security, and minimum compliance scope. [Get started with Zero Data](https://www.verygoodsecurity.com/docs/getting-started/before-you-start).  Additionally, for scenarios where neither technology is a complete solution, for instance with legacy systems, VGS provides a compliance product which guarantees customers are able to meet their compliance needs no matter what may happen. [Get started with Control](https://www.verygoodsecurity.com/docs/control).  ## Learn about Tokenization  - [Create an Account for Free Tokenization](https://dashboard.verygoodsecurity.com/tokenization) - [Try a Tokenization Demo](https://www.verygoodsecurity.com/docs/tokenization/getting-started) - [Install a Tokenization SDK](https://www.verygoodsecurity.com/docs/tokenization/client-libraries)  ### Authentication  This API uses `Basic` authentication.  Credentials to access the API can be generated on the [dashboard](https://dashboard.verygoodsecurity.com) by going to the Settings section of the vault of your choosing.  [Docs » Guides » Access credentials](https://www.verygoodsecurity.com/docs/settings/access-credentials)  ## Resource Limits  ### Data Limits  This API allows storing data up to 32MB in size.  ### Rate Limiting  The API allows up to 3,000 requests per minute. Requests are associated with the vault, regardless of the access credentials used to authenticate the request.  Your current rate limit is included as HTTP headers in every API response:  | Header Name             | Description                                              | |-------------------------|----------------------------------------------------------| | `x-ratelimit-remaining` | The number of requests remaining in the 1-minute window. |  If you exceed the rate limit, the API will reject the request with HTTP [429 Too Many Requests](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/429).  ### Errors  The API uses standard HTTP status codes to indicate whether the request succeeded or not.  In case of failure, the response body will be JSON in a predefined format. For example, trying to create too many aliases at once results in the following response:  ```json {     \"errors\": [         {             \"status\": 400,             \"title\": \"Bad request\",             \"detail\": \"Too many values (limit: 20)\",             \"href\": \"https://api.sandbox.verygoodvault.com/aliases\"         }     ] } ``` 
+#The VGS Vault HTTP API is used for storing, retrieving, and managing sensitive data (aka Tokenization) within a VGS Vault.  The VGS API is organized around REST. Our API is built with a predictable resource-oriented structure, uses JSON-encoded requests and responses, follows standard HTTP verbs/responses, and uses industry standard authentication.  ## What is VGS  Storing sensitive data on your company’s infrastructure often comes with a heavy compliance burden. For instance, storing payments data yourself greatly increases the amount of work needed to become PCI compliant. It also increases your security risk in general. To combat this, companies will minimize the amount of sensitive information they have to handle or store.  VGS provides multiple methods for minimizing the sensitive information that needs to be stored which allows customers to secure any type of data for any use-case.  **Tokenization** is a method that focuses on securing the storage of data. This is the quickest way to get started and is free. [Get started with Tokenization](https://www.verygoodsecurity.com/docs/tokenization/getting-started).  **Zero Data** is a unique method invented by VGS in 2016 that securely stores data like Tokenization, however it also removes the customer’s environment from PCI scope completely providing maximum security, and minimum compliance scope. [Get started with Zero Data](https://www.verygoodsecurity.com/docs/getting-started/before-you-start).  Additionally, for scenarios where neither technology is a complete solution, for instance with legacy systems, VGS provides a compliance product which guarantees customers are able to meet their compliance needs no matter what may happen. [Get started with Control](https://www.verygoodsecurity.com/docs/control).  ## Learn about Tokenization  - [Create an Account for Free Tokenization](https://dashboard.verygoodsecurity.com/tokenization) - [Try a Tokenization Demo](https://www.verygoodsecurity.com/docs/tokenization/getting-started) - [Install a Tokenization SDK](https://www.verygoodsecurity.com/docs/tokenization/client-libraries)  ### Authentication  This API uses `Basic` authentication and is implemented using industry best practices to ensure the security of the connection. Read more about [Identity and Access Management at VGS](https://www.verygoodsecurity.com/docs/vault/the-platform/iam)  Credentials to access the API can be generated on the [dashboard](https://dashboard.verygoodsecurity.com) by going to the Settings section of the vault of your choosing.  [Docs » Guides » Access credentials](https://www.verygoodsecurity.com/docs/settings/access-credentials)  ## Resource Limits  ### Data Limits  This API allows storing data up to 32MB in size.  ### Rate Limiting  The API allows up to 3,000 requests per minute. Requests are associated with the vault, regardless of the access credentials used to authenticate the request.  Your current rate limit is included as HTTP headers in every API response:  | Header Name             | Description                                              | |-------------------------|----------------------------------------------------------| | `x-ratelimit-remaining` | The number of requests remaining in the 1-minute window. |  If you exceed the rate limit, the API will reject the request with HTTP [429 Too Many Requests](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/429).  ### Errors  The API uses standard HTTP status codes to indicate whether the request succeeded or not.  In case of failure, the response body will be JSON in a predefined format. For example, trying to create too many aliases at once results in the following response:  ```json {     \"errors\": [         {             \"status\": 400,             \"title\": \"Bad request\",             \"detail\": \"Too many values (limit: 20)\",             \"href\": \"https://api.sandbox.verygoodvault.com/aliases\"         }     ] } ``` 
 
 The version of the OpenAPI document: 1.0.0
 Contact: support@verygoodsecurity.com
@@ -11,7 +11,7 @@ OpenAPI Generator version: 5.4.0
 =end
 
 # load the gem
-require 'vgs_api_client'
+require 'openapi_client'
 
 # The following  was generated by the `rspec --init` command. Conventionally, all
 # specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.

data/spec/test_aliases_api_spec.rb

@@ -0,0 +1,123 @@
+require 'spec_helper'
+require 'securerandom'
+require 'vgs_api_client'
+
+describe 'AliasesApiSpec' do
+  before(:each) do
+    config = VGS.config(username = ENV['VAULT_API_USERNAME'], password = ENV['VAULT_API_PASSWORD'])
+    @api = VGS::Aliases.new config
+  end
+
+  describe 'invalid auth' do
+    it 'should fail if invalid auth provided' do
+      invalid_config = VGS.config(username = 'Invalid', password = 'Invalid')
+      api = VGS::Aliases.new invalid_config
+      data = [{
+                format: 'UUID',
+                value: 'Joe Doe'
+              }]
+
+      expect { api.redact data }.to raise_error(VGS::UnauthorizedError)
+    end
+  end
+
+  describe 'invalid config' do
+    it 'should fail if invalid config provided' do
+      expect { VGS::Aliases.new nil }.to raise_error(ArgumentError)
+    end
+  end
+
+  describe 'invalid host' do
+    it 'should fail if invalid host provided' do
+      config = VGS.config(
+        username = ENV['VAULT_API_USERNAME'],
+        password = ENV['VAULT_API_PASSWORD'],
+        host = 'https://echo.apps.verygood.systems')
+      api = VGS::Aliases.new config
+      data = [{
+                format: 'UUID',
+                value: 'Joe Doe'
+              }]
+      expect { api.redact data }.to raise_error(VGS::NotFoundError)
+    end
+  end
+
+  describe 'redact' do
+    it 'should redact values' do
+      data = [{
+                format: 'UUID',
+                value: '5201784564572092',
+                classifiers: %w[credit-card number],
+                storage: 'PERSISTENT'
+              },
+              {
+                format: 'UUID',
+                value: 'Joe Doe',
+                storage: 'VOLATILE'
+              }]
+      aliases = @api.redact data
+      expect(aliases.length).to eq 2
+      data.each_with_index do |item, index|
+        expect(aliases[index].value).to eq item[:value]
+        expect(aliases[index].storage).to eq item[:storage]
+        expect(aliases[index].aliases[0]._alias).to start_with "tok_"
+      end
+      expect(Set.new(aliases[0].classifiers)).to eq Set.new(%w[credit-card number])
+      expect(Set.new(aliases[1].classifiers)).to eq Set.new
+    end
+  end
+
+  describe 'reveal' do
+    it 'should reveal aliases' do
+      data = [{
+                format: 'UUID',
+                value: '5201784564572092',
+                classifiers: %w[credit-card number],
+                storage: 'PERSISTENT'
+              },
+              {
+                format: 'UUID',
+                value: 'Joe Doe',
+                storage: 'VOLATILE'
+              }]
+      aliases = @api.redact(data).map { |item| item.aliases[0]._alias }
+
+      response = @api.reveal aliases
+
+      expect(response.length).to eq 2
+      original_values = data.map { |i| i[:value] }
+      revealed_values = response.values.map { |i| i.value }
+      expect(Set.new original_values).to eq Set.new revealed_values
+    end
+  end
+
+  describe 'update' do
+    it 'should update alias' do
+      data = [{
+                format: 'UUID',
+                value: SecureRandom.alphanumeric(10)
+              }]
+      _alias = @api.redact(data).map { |item| item.aliases[0]._alias }[0]
+
+      @api.update _alias, classifiers: %w[secure]
+
+      response = @api.reveal _alias
+      expect(response[_alias].classifiers).to eq %w[secure]
+    end
+  end
+
+  describe 'delete' do
+    it 'should delete alias' do
+      data = [{
+                format: 'UUID',
+                value: '5201784564572092'
+              }]
+      _alias = @api.redact(data).map { |item| item.aliases[0]._alias }[0]
+
+      @api.delete _alias
+
+      expect { @api.reveal _alias }.to raise_error(VGS::VgsApiError)
+    end
+  end
+
+end

data/vgs_api_client.gemspec

@@ -1,31 +1,25 @@
 # -*- encoding: utf-8 -*-
 
-=begin
-#Vault HTTP API
-
-#The VGS Vault HTTP API is used for storing, retrieving, and managing sensitive data (aka Tokenization) within a VGS Vault.  The VGS API is organized around REST. Our API is built with a predictable resource-oriented structure, uses JSON-encoded requests and responses, follows standard HTTP verbs/responses, and uses industry standard authentication.  ## What is VGS  Storing sensitive data on your company’s infrastructure often comes with a heavy compliance burden. For instance, storing payments data yourself greatly increases the amount of work needed to become PCI compliant. It also increases your security risk in general. To combat this, companies will minimize the amount of sensitive information they have to handle or store.  VGS provides multiple methods for minimizing the sensitive information that needs to be stored which allows customers to secure any type of data for any use-case.  **Tokenization** is a method that focuses on securing the storage of data. This is the quickest way to get started and is free. [Get started with Tokenization](https://www.verygoodsecurity.com/docs/tokenization/getting-started).  **Zero Data** is a unique method invented by VGS in 2016 that securely stores data like Tokenization, however it also removes the customer’s environment from PCI scope completely providing maximum security, and minimum compliance scope. [Get started with Zero Data](https://www.verygoodsecurity.com/docs/getting-started/before-you-start).  Additionally, for scenarios where neither technology is a complete solution, for instance with legacy systems, VGS provides a compliance product which guarantees customers are able to meet their compliance needs no matter what may happen. [Get started with Control](https://www.verygoodsecurity.com/docs/control).  ## Learn about Tokenization  - [Create an Account for Free Tokenization](https://dashboard.verygoodsecurity.com/tokenization) - [Try a Tokenization Demo](https://www.verygoodsecurity.com/docs/tokenization/getting-started) - [Install a Tokenization SDK](https://www.verygoodsecurity.com/docs/tokenization/client-libraries)  ### Authentication  This API uses `Basic` authentication.  Credentials to access the API can be generated on the [dashboard](https://dashboard.verygoodsecurity.com) by going to the Settings section of the vault of your choosing.  [Docs » Guides » Access credentials](https://www.verygoodsecurity.com/docs/settings/access-credentials)  ## Resource Limits  ### Data Limits  This API allows storing data up to 32MB in size.  ### Rate Limiting  The API allows up to 3,000 requests per minute. Requests are associated with the vault, regardless of the access credentials used to authenticate the request.  Your current rate limit is included as HTTP headers in every API response:  | Header Name             | Description                                              | |-------------------------|----------------------------------------------------------| | `x-ratelimit-remaining` | The number of requests remaining in the 1-minute window. |  If you exceed the rate limit, the API will reject the request with HTTP [429 Too Many Requests](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/429).  ### Errors  The API uses standard HTTP status codes to indicate whether the request succeeded or not.  In case of failure, the response body will be JSON in a predefined format. For example, trying to create too many aliases at once results in the following response:  ```json {     \"errors\": [         {             \"status\": 400,             \"title\": \"Bad request\",             \"detail\": \"Too many values (limit: 20)\",             \"href\": \"https://api.sandbox.verygoodvault.com/aliases\"         }     ] } ``` 
-
-The version of the OpenAPI document: 1.0.0
-Contact: support@verygoodsecurity.com
-Generated by: https://openapi-generator.tech
-OpenAPI Generator version: 5.4.0
-
-=end
-
-$:.push File.expand_path("../lib", __FILE__)
-require "vgs_api_client/version"
+require_relative "lib/version"
 
 Gem::Specification.new do |s|
   s.name        = "vgs_api_client"
-  s.version     = VgsApiClient::VERSION
+  s.version     = VGS::VERSION
   s.platform    = Gem::Platform::RUBY
   s.authors     = ["Very Good Security"]
-  s.email       = ["dev@verygoodsecurity.com"]
-  s.homepage    = "https://openapi-generator.tech"
-  s.summary     = "A ruby wrapper for the VGS Vault API"
-  s.description = "This gem maps to VGS Vault API"
-  s.license     = "Unlicense"
-  s.required_ruby_version = ">= 2.4"
+  s.email       = ["support@verygoodsecurity.com"]
+  s.homepage    = "https://github.com/verygoodsecurity/vgs-api-client-ruby"
+  s.summary     = "Very Good Security API Client"
+  s.description = "Very Good Security API Client library. More details on https://www.verygoodsecurity.com/"
+  s.license     = "BSD-3-Clause"
+  s.required_ruby_version = ">= 2.6"
+
+  s.metadata = {
+    "homepage_uri"      => "https://www.verygoodsecurity.com",
+    "bug_tracker_uri"   => "https://github.com/verygoodsecurity/vgs-api-client-ruby/issues",
+    "documentation_uri" => "https://www.verygoodsecurity.com/docs",
+    "source_code_uri"   => "https://github.com/verygoodsecurity/vgs-api-client-ruby"
+  }
 
   s.add_runtime_dependency 'typhoeus', '~> 1.0', '>= 1.0.1'