yandex-money-sdk 0.11.0 → 1.0.5

data/lib/yandex_money/wallet.rb

@@ -0,0 +1,215 @@
+require "httparty"
+require "recursive-open-struct"
+
+module YandexMoney
+  # Payments from the Yandex.Money wallet
+  class Wallet
+    include HTTParty
+
+    base_uri YandexMoney.config.money_url
+    default_timeout 30
+
+    attr_accessor :token
+
+    def initialize(token)
+      @token = token
+    end
+
+    # Getting information about the status of the user account.
+    #
+    # @see http://api.yandex.com/money/doc/dg/reference/account-info.xml
+    # @see https://tech.yandex.ru/money/doc/dg/reference/account-info-docpage
+    #
+    # @return [RecursiveOpenStruct] Account information
+    #
+    # @raise [YandexMoney::InvalidRequestError] HTTP request does not conform to protocol format. Unable to parse HTTP request, or the Authorization header is missing or has an invalid value.
+    # @raise [YandexMoney::UnauthorizedError] Nonexistent, expired, or revoked token specified.
+    # @raise [YandexMoney::InsufficientScopeError] The token does not have permissions for the requested operation.
+    # @raise [YandexMoney::ServerError] A technical error occurs (the server responds with the HTTP code 500 Internal Server Error). The application should repeat the request with the same parameters later.
+    def account_info
+      RecursiveOpenStruct.new send_request("/api/account-info", recurse_over_arrays: true).parsed_response
+    end
+
+    # Returns operation history of a user's wallet
+    #
+    # @see http://api.yandex.com/money/doc/dg/reference/operation-history.xml
+    # @see https://tech.yandex.ru/money/doc/dg/reference/operation-history-docpage/
+    # 
+    # @param options [Hash] A hash with filter parameters according to documetation
+    # @return [Array<RecursiveOpenStruct>] An array containing user's wallet operations.
+    #
+    # @raise [YandexMoney::InvalidRequestError] HTTP request does not conform to protocol format. Unable to parse HTTP request, or the Authorization header is missing or has an invalid value.
+    # @raise [YandexMoney::UnauthorizedError] Nonexistent, expired, or revoked token specified.
+    # @raise [YandexMoney::InsufficientScopeError] The token does not have permissions for the requested operation.
+    # @raise [YandexMoney::ServerError] A technical error occurs (the server responds with the HTTP code 500 Internal Server Error). The application should repeat the request with the same parameters later.
+    def operation_history(options=nil)
+      history = RecursiveOpenStruct.new(
+        send_request("/api/operation-history", options).parsed_response
+      )
+      history.operations = history.operations.map do |operation|
+        RecursiveOpenStruct.new operation
+      end
+      history
+    end
+
+    # Returns details of operation specified by operation_id
+    #
+    # @see http://api.yandex.com/money/doc/dg/reference/operation-details.xml
+    # @see https://tech.yandex.ru/money/doc/dg/reference/operation-details-docpage/
+    #
+    # @param operation_id [String] A operation identifier
+    # @return [RecursiveOpenStruct] All details of requested operation.
+    #
+    # @raise [YandexMoney::InvalidRequestError] HTTP request does not conform to protocol format. Unable to parse HTTP request, or the Authorization header is missing or has an invalid value.
+    # @raise [YandexMoney::UnauthorizedError] Nonexistent, expired, or revoked token specified.
+    # @raise [YandexMoney::InsufficientScopeError] The token does not have permissions for the requested operation.
+    # @raise [YandexMoney::ServerError] A technical error occurs (the server responds with the HTTP code 500 Internal Server Error). The application should repeat the request with the same parameters later.
+    def operation_details(operation_id)
+      request = send_request("/api/operation-details", operation_id: operation_id)
+      RecursiveOpenStruct.new request.parsed_response
+    end
+
+    # Requests a payment
+    #
+    # @see http://api.yandex.com/money/doc/dg/reference/request-payment.xml
+    # @see https://tech.yandex.ru/money/doc/dg/reference/request-payment-docpage/
+    #
+    # @param options [Hash] A method's parameters. Check out docs for more information
+    # @return [RecursiveOpenStruct] `payment_id` and additional information about a recipient and payer.
+    #
+    # @raise [YandexMoney::InvalidRequestError] HTTP request does not conform to protocol format. Unable to parse HTTP request, or the Authorization header is missing or has an invalid value.
+    # @raise [YandexMoney::UnauthorizedError] Nonexistent, expired, or revoked token specified.
+    # @raise [YandexMoney::InsufficientScopeError] The token does not have permissions for the requested operation.
+    # @raise [YandexMoney::ServerError] A technical error occurs (the server responds with the HTTP code 500 Internal Server Error). The application should repeat the request with the same parameters later.
+    def request_payment(options)
+      send_payment_request("/api/request-payment", options)
+    end
+
+    # Confirms a payment that was created using the request-payment method.
+    #
+    # @see http://api.yandex.com/money/doc/dg/reference/process-payment.xml
+    # @see https://tech.yandex.ru/money/doc/dg/reference/process-payment-docpage/
+    #
+    # @param options [Hash] A method's parameters. Check out docs for more information
+    # @return [RecursiveOpenStruct] A status of payment and additional steps for authorization (if needed)
+    #
+    # @raise [YandexMoney::InvalidRequestError] HTTP request does not conform to protocol format. Unable to parse HTTP request, or the Authorization header is missing or has an invalid value.
+    # @raise [YandexMoney::UnauthorizedError] Nonexistent, expired, or revoked token specified.
+    # @raise [YandexMoney::InsufficientScopeError] The token does not have permissions for the requested operation.
+    # @raise [YandexMoney::ServerError] A technical error occurs (the server responds with the HTTP code 500 Internal Server Error). The application should repeat the request with the same parameters later.
+    def process_payment(options)
+      send_payment_request("/api/process-payment", options)
+    end
+
+    # Accepts incoming transfer with a protection code or deferred transfer
+    #
+    # @see http://api.yandex.com/money/doc/dg/reference/incoming-transfer-accept.xml
+    # @see https://tech.yandex.ru/money/doc/dg/reference/incoming-transfer-accept-docpage/
+    #
+    # @param operation_id [String] A operation identifier
+    # @param protection_code [String] Secret code of four decimal digits. Specified for an incoming transfer proteced by a secret code. Omitted for deferred transfers
+    # @return [RecursiveOpenStruct] An information about operation result.
+    #
+    # @raise [YandexMoney::InvalidRequestError] HTTP request does not conform to protocol format. Unable to parse HTTP request, or the Authorization header is missing or has an invalid value.
+    # @raise [YandexMoney::UnauthorizedError] Nonexistent, expired, or revoked token specified.
+    # @raise [YandexMoney::InsufficientScopeError] The token does not have permissions for the requested operation.
+    # @raise [YandexMoney::ServerError] A technical error occurs (the server responds with the HTTP code 500 Internal Server Error). The application should repeat the request with the same parameters later.
+    def incoming_transfer_accept(operation_id, protection_code = nil)
+      uri = "/api/incoming-transfer-accept"
+      if protection_code
+        request_body = {
+          operation_id: operation_id,
+          protection_code: protection_code
+        }
+      else
+        request_body = { operation_id: operation_id }
+      end
+      RecursiveOpenStruct.new send_request("/api/incoming-transfer-accept", request_body)
+    end
+
+    # Rejects incoming transfer with a protection code or deferred transfer
+    #
+    # @see http://api.yandex.com/money/doc/dg/reference/incoming-transfer-reject.xml
+    # @see https://tech.yandex.ru/money/doc/dg/reference/incoming-transfer-reject-docpage/
+    #
+    # @param operation_id [String] A operation identifier
+    # @return [RecursiveOpenStruct] An information about operation result.
+    #
+    # @raise [YandexMoney::InvalidRequestError] HTTP request does not conform to protocol format. Unable to parse HTTP request, or the Authorization header is missing or has an invalid value.
+    # @raise [YandexMoney::UnauthorizedError] Nonexistent, expired, or revoked token specified.
+    # @raise [YandexMoney::InsufficientScopeError] The token does not have permissions for the requested operation.
+    # @raise [YandexMoney::ServerError] A technical error occurs (the server responds with the HTTP code 500 Internal Server Error). The application should repeat the request with the same parameters later.
+    def incoming_transfer_reject(operation_id)
+      RecursiveOpenStruct.new send_request("/api/incoming-transfer-reject", operation_id: operation_id)
+    end
+
+    # Request a authorization URL
+    #
+    # @note For the authorization request, the user is redirected to the Yandex.Money authorization page. The user enters his login and password, reviews the list of requested permissions and payment limits, and either approves or rejects the application's authorization request.
+    # @note The authorization result is returned as an HTTP 302 Redirect. The application must process the HTTP Redirect response.
+    # @note Attention! If a user repeats the application authorization with the same value for the client_id parameter, the previous authorization is canceled.
+    #
+    # @param client_id [String] The client_id that was assigned to the application during registration
+    # @param redirect_uri [String] URI that the OAuth server sends the authorization result to. Must have a string value that exactly matches the redirect_uri parameter specified in the application registration data. Any additional parameters required for the application can be added at the end of the string.
+    # @param scope [String] A list of requested permissions. Items in the list are separated by a space. List items are case-sensitive.
+    #
+    # @return [String] Url to user must be redirected
+    def self.build_obtain_token_url(client_id, redirect_uri, scope)
+      uri = "#{YandexMoney.config.sp_money_url}/oauth/authorize"
+      options = {
+        client_id: client_id,
+        response_type: "code",
+        redirect_uri: redirect_uri,
+        scope: scope
+      }
+      HTTParty.post(uri, body: options).request.path.to_s
+    end
+
+    # Access token request
+    #
+    # @see http://api.yandex.com/money/doc/dg/reference/obtain-access-token.xml
+    # @see https://tech.yandex.ru/money/doc/dg/reference/obtain-access-token-docpage
+    #
+    # @note If authorization was completed successfully, the application should immediately exchange the temporary authorization code for an access token. To do this, a request containing the temporary authorization code must be sent to the Yandex.Money OAuth server.
+    #
+    # @param client_id [String] The client_id that was assigned to the application during registration
+    # @param code [String] Temporary token (authorization code)
+    # @param redirect_uri [String] URI that the OAuth server sends the authorization result to. The value of this parameter must exactly match the redirect_uri value from the previous "authorize" call
+    # @param client_secret [String] A secret word for verifying the application's authenticity. Specified if the service is registered with the option to verify authenticity
+    # @return [String] Access token
+    def self.get_access_token(client_id, code, redirect_uri, client_secret=nil)
+      uri = "#{YandexMoney.config.sp_money_url}/oauth/token"
+      options = {
+        code: code,
+        client_id: client_id,
+        grant_type: "authorization_code",
+        redirect_uri: redirect_uri
+      }
+      options[:client_secret] = client_secret if client_secret
+      response = HTTParty.post(uri, body: options).parsed_response
+      response["access_token"]
+    end
+
+    protected
+
+    def send_request(uri, options = nil)
+      request = self.class.post(uri, headers: {
+        "Authorization" => "Bearer #{@token}",
+        "Content-Type" => "application/x-www-form-urlencoded"
+      }, body: options)
+      case request.response.code
+      when "400" then raise YandexMoney::InvalidRequestError.new request.response
+      when "401" then raise YandexMoney::UnauthorizedError.new request.response
+      when "403" then raise YandexMoney::InsufficientScopeError.new request.response
+      when "500" then raise YandexMoney::ServerError
+      else
+        request
+      end
+    end
+
+    def send_payment_request(uri, options)
+      request = send_request(uri, options)
+      RecursiveOpenStruct.new request.parsed_response
+    end
+  end
+end

data/spec/account_info_spec.rb

@@ -3,13 +3,14 @@ require "spec_helper"
 describe "get account info" do
   before :all do
     VCR.use_cassette "obtain token for get account info" do
-      @api = YandexMoney::Api.new(
-        client_id: CLIENT_ID,
-        redirect_uri: REDIRECT_URI,
-        scope: "account-info operation-history operation-details"
-      )
-      @api.code = "39041180F6631E2B56DD0058F75A34C7504226178A45D624313495ECD417DCC3AA6CBF1B010E65BB09F3F9EB5AE63452129BAE2B732B7457C33BE6B2039B7B60A8058D2A387729A601DC817BBFB27CB0CC2D65E3C70997D981AC0E31F18CF32C0675DFD461E2F5C5639B75AC0E5074CE64FCF4546447BBDC566E3459FB1B3C3B"
-      @api.obtain_token
+      @api = YandexMoney::Wallet.new(ACCESS_TOKEN)
+    end
+  end
+
+  it "should return recursive open struct" do
+    VCR.use_cassette "get account info" do
+      info = @api.account_info
+      expect(info.avatar.url).to start_with "https://avatars.yandex.net/"
     end
   end
 
@@ -17,7 +18,7 @@ describe "get account info" do
   it "should return account info" do
     VCR.use_cassette "get account info" do
       info = @api.account_info
-      expect(info.account).to eq("41001565326286")
+      expect(info.account).to eq WALLET_NUMBER
     end
   end
 
@@ -25,7 +26,7 @@ describe "get account info" do
   it "should return operation history" do
     VCR.use_cassette "get operation history" do
       history = @api.operation_history
-      expect(history.operations.count).to eq 30
+      expect(history.operations.count).to be_between(1, 30).inclusive
     end
   end
 
@@ -40,23 +41,23 @@ describe "get account info" do
   describe "operation details" do
     it "should return valid operation details" do
       VCR.use_cassette "get operation details" do
-        details = @api.operation_details "462449992116028008"
+        history = @api.operation_history
+        operation_id = history.operations.first.operation_id
+        details = @api.operation_details operation_id
         expect(details.status).to eq "success"
       end
     end
 
     it "raise unauthorized exception when wrong token" do
       VCR.use_cassette "unauthorized exception" do
-        @api = YandexMoney::Api.new(
-          token: "wrong"
-        )
+        @api = YandexMoney::Wallet.new("wrong_token")
         expect { @api.operation_details "462449992116028008" }.to raise_error YandexMoney::UnauthorizedError
       end
     end
 
     it "should raise exception if operation_id is wrong" do
       VCR.use_cassette "get wrong operation details" do
-        expect { @api.operation_details "unknown" }.to raise_error YandexMoney::ApiError
+        expect(@api.operation_details("unknown").error).to eq "illegal_param_operation_id"
       end
     end
   end

data/spec/auth_spec.rb

@@ -4,59 +4,32 @@ describe "Application authorization flow" do
   # http://api.yandex.ru/money/doc/dg/reference/request-access-token.xml
   it "should properly initialize without client_secret" do
     VCR.use_cassette "init without client secret" do
-      api = YandexMoney::Api.new(
-        client_id: CLIENT_ID,
-        redirect_uri: REDIRECT_URI,
-        scope: "account-info operation-history"
+      url = YandexMoney::Wallet.build_obtain_token_url(
+        CLIENT_ID,
+        REDIRECT_URI,
+        "account-info operation-history"
       )
-      expect(api.client_url).to start_with("https://money.yandex.ru/select-wallet.xml?requestid=")
+      expect(url).to start_with("https://money.yandex.ru/select-wallet.xml?requestid=")
     end
   end
 
   # http://api.yandex.ru/money/doc/dg/reference/request-access-token.xml
-  it "should get token with usage of client_secret" do
-    VCR.use_cassette "token with client secret" do
-      api = YandexMoney::Api.new(
-        client_id: "2CB2BBF0788E79A1537437CFD37B15A3E21DAAEE5CD0AE8981118C1CFC6F376A",
-        redirect_uri: REDIRECT_URI,
-        scope: "account-info operation-history"
-      )
-      api.code = "94D93C28E1B27B02A36D495B01BB410EB415EF0152FA30837DEAF307773EDB9734B46954292458D3E5B0E8ABD70C1AF1EE71D64648FB65E7DA8ADAC961970709C3BEBA1AF949F73BAEA2134D386D2ED31CA3F001A45EA05A614432A196A6BEA7B042A0ABDA6E62BA108F864FC400286F388A41454DD961A4A782BF32A80F3816"
-      api.obtain_token("6FAFA896BD2C77E21E240081CDFF3B007451876AB9C186DE2AD2EDDCE29CE3E1BCC1A2789B53583F3398ACD8127A61851357C5D3F444D58F8B5F0AA4F78F088D")
-      expect(api.token).to start_with("410011285611534")
-    end
-  end
-
-  # http://api.yandex.ru/money/doc/dg/reference/obtain-access-token.xml
   it "should get token from code" do
     VCR.use_cassette "get token from authorization code" do
-      api = YandexMoney::Api.new(
-        client_id: CLIENT_ID,
-        redirect_uri: REDIRECT_URI,
-        scope: "account-info operation-history"
-      )
-      api.code = "736557BEBF03A1867FFF179F8FADF0F33841471B31BD9ECF2AC59480D0F123475E6261300B1FED6CDB7C067EF4C5E9CC860A31839D52FA5950B5CAFD18C29FE0A31D2F53618D000BAA7C733B2A143C148C4631EFDEAB29151A5EA92B6B099AAEE31A82BF9F7C13EC2E8EAFF44F62D1326EDEBDA4668631ACC367967DDA57F875"
-      api.obtain_token
-      expect(api.token).to start_with("41001565326286.D206A82773387134BB25CF89A85256EA")
+      expect(
+        YandexMoney::Wallet.get_access_token(
+          CLIENT_ID,
+          "SOME CODE",
+          REDIRECT_URI
+        )
+      ).to be nil
     end
   end
 
   it "could be initialized with token" do
     VCR.use_cassette "initialize with token" do
-      token_api = YandexMoney::Api.new(
-        client_id: CLIENT_ID,
-        redirect_uri: REDIRECT_URI,
-        scope: "account-info"
-      )
-      token_api.code = "7E0C87AE3AFAE96E87FDD780A034FD696264A68CEE8CD9BFDD9F247D32AF6AD1FABC6733D1AFAD65FD08C8112C9D1E8BE80D996F6CF026916154A7A59B431D7A2D02E5845192A2956348C46D85799622DCFEDF4F2DEB80EA81BC1EA5D8874065D0E3828C556754CA60D3B281A1F530DED7B74F415EE8C6B703D34F4A53AE5F90"
-      token_api.obtain_token
-      api = YandexMoney::Api.new(token: token_api.token)
-      expect(api.account_info.account).to eq("41001565326286")
+      api = YandexMoney::Wallet.new(ACCESS_TOKEN)
+      expect(api.account_info.account).to eq WALLET_NUMBER
     end
   end
-
-  it "should raise exception while trying to obtain token without code" do
-    api = YandexMoney::Api.new(client_id: CLIENT_ID)
-    expect { api.obtain_token }.to raise_error YandexMoney::FieldNotSetError
-  end
 end

data/spec/cards_spec.rb

@@ -7,28 +7,25 @@ describe "Payments from bank cards without authorization" do
   end
   it "should fail when try to register an instance of application without connected market" do
     VCR.use_cassette "get instance id fail" do
-      @api = YandexMoney::Api.new(
-        client_id: nil
-      )
-      expect { @api.get_instance_id }.to raise_error YandexMoney::ApiError
+      expect(
+        YandexMoney::ExternalPayment.get_instance_id(nil).status
+      ).to eq "refused"
     end
   end
 
   it "should register an instance of application" do
     VCR.use_cassette "get instance id success" do
-      @api = YandexMoney::Api.new(
-        client_id: CLIENT_ID
-      )
-      expect(@api.get_instance_id).to eq(INSTANCE_ID)
+      expect(
+        YandexMoney::ExternalPayment.get_instance_id(CLIENT_ID)
+                                    .instance_id.length
+      ).to eq 64
     end
   end
 
   it "should request external payment" do
     VCR.use_cassette "request external payment" do
-      @api = YandexMoney::Api.new(
-        client_id: CLIENT_ID,
-        instance_id: INSTANCE_ID
-      )
+      instance_id = YandexMoney::ExternalPayment.get_instance_id(CLIENT_ID)
+      @api = YandexMoney::ExternalPayment.new(instance_id)
       expect(@api.request_external_payment({
         pattern_id: "p2p",
         to: "410011285611534",
@@ -40,13 +37,18 @@ describe "Payments from bank cards without authorization" do
 
   it "should process external payment" do
     VCR.use_cassette "process external payment" do
-      @api = YandexMoney::Api.new(
-        instance_id: INSTANCE_ID
-      )
+      instance_id = YandexMoney::ExternalPayment.get_instance_id(CLIENT_ID)
+      @api = YandexMoney::ExternalPayment.new(instance_id)
+      request_id = @api.request_external_payment(
+        pattern_id: "p2p",
+        to: "410011285611534",
+        amount_due: "1.00",
+        message: "test"
+      ).request_id
       expect(@api.process_external_payment({
-        request_id: REQUEST_ID,
-        ext_auth_success_uri: "http://drakmail.ru/success",
-        ext_auth_fail_uri: "http://drakmail.ru/fail"
+        request_id: request_id,
+        ext_auth_success_uri: "http://127.0.0.1:4567/success",
+        ext_auth_fail_uri: "http://127.0.0.1:4567/fail"
       }).status).to eq("ext_auth_required")
     end
   end

data/spec/config_spec.rb

@@ -0,0 +1,50 @@
+require "spec_helper"
+
+describe "YandexMoney config" do
+  after :all do
+    YandexMoney.reset_config
+  end
+
+  let(:default_money_url) { "https://money.yandex.ru" }
+  let(:default_sp_money_url) { "https://sp-money.yandex.ru" }
+
+  it "should have methods: config, configure, reset_config" do
+    yandex = class_double("YandexMoney")
+    expect(yandex).to receive_messages([:config, :configure, :reset_config])
+    yandex.config & yandex.configure & yandex.reset_config
+  end
+
+  it "should yield block in configure" do
+    expect {|b| YandexMoney.configure(&b)}.to yield_control
+  end
+
+  it "should return a YandexMoney::Config instance" do
+    expect(YandexMoney.config).to be_a_kind_of(YandexMoney::Config)
+  end
+
+  it "should reset_config" do
+    YandexMoney.configure { |c| c.money_url = "http://example1.com" }
+    YandexMoney.reset_config
+    expect(YandexMoney.config.money_url).to eq(default_money_url)
+  end
+
+  it "should have correct defaults" do
+    expect(YandexMoney.config.money_url).to eq(default_money_url)
+    expect(YandexMoney.config.sp_money_url).to eq(default_sp_money_url)
+  end
+
+  it "can write config url directly" do
+    YandexMoney.config.money_url = "http://example3.com"
+    expect(YandexMoney.config.money_url).to eq "http://example3.com"
+  end
+
+  it "should correct configure hosts addresses" do
+    YandexMoney.configure do |config|
+      config.money_url = "http://example1.com"
+      config.sp_money_url = "http://example2.com"
+    end
+    expect(YandexMoney.config.money_url).to eq "http://example1.com"
+    expect(YandexMoney.config.sp_money_url).to eq "http://example2.com"
+  end
+
+end