yhsd_api 0.0.3

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 5b1916d01e246ed4dac2598fd229b84d692c39fa
+  data.tar.gz: 2ba0a91ef0824d7bb72663bd0319d9871bbf4327
+SHA512:
+  metadata.gz: 10d5566ad6402f501fba2a275074fb6cb0ecaccd15d4b89706f09e28511eef9aab0104bcd29ee94e988a59205dc6791f71496c304b2ea60a25f4fbbcceca2165
+  data.tar.gz: 373540abd96aa6e84aeb3a14412b8f99b50012cfee0a0cbdc19410c04104e790a9a95dc9e9b5d8a2f2e9f3b8a8a750fe0024707d00d7e423c12683aad93a36f1

data/.gitignore

@@ -0,0 +1,15 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+/www/
+*.bundle
+*.so
+*.o
+*.a
+mkmf.log

data/.travis.yml

@@ -0,0 +1,5 @@
+language: ruby
+rvm:
+  - 2.3.0
+  - 2.2.0
+script: rspec spec/*_spec.rb

data/ChangeLog.md

@@ -0,0 +1,54 @@
+# Yhsd-api-ruby Changes
+next
+-----------
+-YhsdPublicApi and YhsdPrivateApi get post delete put function change url params to path
+
+-FIX scope /r/n change to URI bug
+
+0.0.2
+-----------
+
+- Add yhsd api resources
+  you can use like:
+```ruby
+  #get the shop customers limit 50 and page 2 find id,name fields
+  params = {:fields => "id,name", :page => 2, :limit => 50}
+  YhsdApi::Customer.all(token, params)
+
+  #create a customer for your shop
+  params = {
+    "customer": {
+      "reg_type":"email",
+      "reg_identity": "for@example.com",
+      "password":"123456",
+      "notify_email":"for@example.com",
+      "notify_phone":"13632269380"
+    }
+  }
+  YhsdApi::Customer.create(token, params)
+
+  #update the 1120 id customer
+  params = {
+    "customer": {   
+      "notify_email":"new@example.com",
+      "notify_phone":"13632269381"
+    }
+  }
+  YhsdApi::Customer.update(token, 1120, params)
+```
+- Add call limit configure
+  you can open call limit configure by use
+```ruby
+  YhsdApi.configure do |config|
+    config.call_limit_protect = true
+  end
+```
+  this call limit is basic on shop token, so i advice open it in private app and close in public app , public app manage mutil shops, so may be some shop request api over call limit , other shop
+  will be affect
+
+0.0.1
+-----------
+
+
+- Basic support yhsd api
+- About how to use you can see [README.md](https://github.com/yeezon/yhsd-api-ruby/blob/master/README.md)

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in yhsd_api.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2015 TODO: Write your name
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,242 @@
+# yhsd-api-ruby
+
+友好速搭应用开发 Ruby SDK
+
+## 安装
+
+在应用的gem file 中添加:
+
+```ruby
+  gem 'yhsd_api'
+```
+
+执行:
+
+```ruby
+  $ bundle
+```
+
+或者直接使用命令行进行安装:
+
+```ruby
+  $ gem install yhsd_api
+```
+
+## 使用方法
+
+###1，私有应用
+
+配置私有应用的app_key, app_secret
+
+```ruby
+  YhsdApi.configure do |config|
+    config.app_key = '配置你的app_key'
+    config.app_secret = '配置你的app_secret'
+    config.token_url = 'https://apps.youhaosuda.com/oauth2/token/'
+    config.api_url = 'https://api.youhaosuda.com/'
+    config.api_version = 'v1/'
+  end
+```
+
+获取友好速搭token
+
+```ruby
+  YhsdApi::PrivateApp.generate_token
+```
+
+调用友好速搭api接口
+
+```ruby
+  #get 接口调用
+  #url 需要访问的api接口的地址
+  #返回结果
+  #code :200
+  #body hash 数据
+  #header hash 数据
+  YhsdApi::PrivateApp.get(url)
+
+  #put 接口调用
+  #url 需要访问的api接口的地址
+  #params 参数
+  #返回结果
+  #code :200
+  #body hash 数据
+  #header hash 数据
+  YhsdApi::PrivateApp.put(url, params)
+
+  #post 接口调用
+  #url 需要访问的api接口的地址
+  #params 参数
+  #返回结果
+  #code :200
+  #body hash 数据
+  #header hash 数据
+  YhsdApi::PrivateApp.post(url, params)
+
+  #delete 接口调用
+  #url 需要访问的api接口的地址
+  #返回结果
+  #code :200
+  #body hash 数据
+  #header hash 数据
+  YhsdApi::PrivateApp.delete(url)
+```
+
+例子
+```ruby
+  YhsdApi::PrivateApp.token = '获取到的token'
+
+  #get 接口调用
+  code, body, header = YhsdApi::PrivateApp.get("shop")
+
+  #put 接口调用
+  params = {
+    "redirect": {
+      "path": "/12345",
+      "target": "/blogs"
+    }
+  }
+  code, body, header = YhsdApi::PrivateApp.put("redirects/1", params)
+
+  #post 接口调用
+  params = {
+    "redirect": {
+      "path": "/12345",
+      "target": "/blogs"
+    }
+  }
+  code, body, header = YhsdApi::PrivateApp.put("redirects", params)
+
+  #delete 接口调用
+  code, body, header = YhsdApi::PrivateApp.delete("redirects/1")
+```
+
+友好速搭的token是不过期的，你也可以通过
+
+```ruby
+  YhsdApi::PrivateApp.token = '你的私有应用token'
+```
+
+来进行指定token值，这样就不需要调用generate_token来获取token值了。
+
+###2，开放应用
+
+配置公有一用的app_key, app_secret
+
+```ruby
+  YhsdApi.configure do |config|
+    config.app_key = '配置你的app_key'
+    config.app_secret = '配置你的app_secret'
+    config.scope = '配置你的应用scope'
+    config.auth_url = "https://apps.youhaosuda.com/oauth2/authorize/"
+    config.token_url = 'https://apps.youhaosuda.com/oauth2/token/'
+    config.api_url = 'https://api.youhaosuda.com/'
+    config.api_version = 'v1/'
+  end
+```
+
+友好速搭hmac验证，获取到参数后调用
+
+```ruby
+  #true 表示验证正确 false 表示错误
+  #params 为获取到的所有参数
+  YhsdApi::PublicApp.verify_hmac(params)
+```
+
+友好速搭授权回调url获取
+
+```ruby
+  #返回结果 友好速搭授权url
+  #redirect_url应用的跳转地址
+  #shop_key 友好速搭安装应用的店铺唯一key
+  #state 自定义的参数
+  YhsdApi::PublicApp.authorize_url(redirect_url, shop_key, state)
+```
+
+友好速搭店铺token获取
+
+```ruby
+  #返回结果 店铺的开放应用token
+  #redirect_url 应用的跳转地址
+  #code友好速搭返回获取授权码的code
+  YhsdApi::PublicApp::generate_token(redirect_url, code)
+```
+
+调用友好速搭api接口
+
+```ruby
+  #get 接口调用
+  #token 访问token
+  #url 需要访问的api接口的地址
+  #返回结果
+  #code :200
+  #body hash 数据
+  #header hash 数据
+  YhsdApi::PublicApp.get(token, url)
+
+  #put 接口调用
+  #token 访问token
+  #url 需要访问的api接口的地址
+  #params 参数
+  #返回结果
+  #code :200
+  #body hash 数据
+  #header hash 数据
+  YhsdApi::PublicApp.put(token, url, params)
+
+  #post 接口调用
+  #token 访问token
+  #url 需要访问的api接口的地址
+  #params 参数
+  #返回结果
+  #code :200
+  #body hash 数据
+  #header hash 数据
+  YhsdApi::PublicApp.post(token, url, params)
+
+  #delete 接口调用
+  #token 访问token
+  #url 需要访问的api接口的地址
+  #返回结果
+  #code :200
+  #body hash 数据
+  #header hash 数据
+  YhsdApi::PublicApp.delete(token, url)
+```
+
+例子
+```ruby
+  token = '店铺的访问token'
+
+  #get 接口调用
+  code, body, header = YhsdApi::PublicApp.get(token, "shop")
+
+  #put 接口调用
+  params = {
+    "redirect": {
+      "path": "/12345",
+      "target": "/blogs"
+    }
+  }
+  code, body, header = YhsdApi::PublicApp.put(token, "redirects/1", params)
+
+  #post 接口调用
+  params = {
+    "redirect": {
+      "path": "/12345",
+      "target": "/blogs"
+    }
+  }
+  code, body, header = YhsdApi::PublicApp.put("token, "redirects", params)
+
+  #delete 接口调用
+  code, body, header = YhsdApi::PublicApp.delete(token, "redirects/1")
+```
+
+## 贡献
+
+1. Fork it ( https://github.com/yeezon/yhsd-api-ruby/fork )
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create a new Pull Request

data/Rakefile

@@ -0,0 +1,2 @@
+require "bundler/gem_tasks"
+

data/lib/yhsd_api/configuration.rb

@@ -0,0 +1,48 @@
+module YhsdApi
+
+  class Configuration
+
+    attr_accessor :app_key
+    attr_accessor :app_secret
+    attr_accessor :scope
+    attr_accessor :auth_url
+    attr_accessor :token_url
+    attr_accessor :api_url
+    attr_accessor :api_version
+    attr_accessor :call_limit_protect
+
+    def initialize
+      @auth_url = 'https://apps.youhaosuda.com/oauth2/authorize/'
+      @token_url = 'https://apps.youhaosuda.com/oauth2/token/'
+      @api_url = 'https://api.youhaosuda.com/'
+      @api_version = 'v1/'
+      @call_limit_protect = false
+    end
+
+    def scope
+      @scope.to_s.gsub(/\s+/, "")
+    end
+
+    def api_version
+      unless @api_version.end_with?("/")
+        @api_version.to_s + "/"
+      else
+        @api_version
+      end
+    end
+    
+  end
+
+  def self.configuration
+    @configuration ||= Configuration.new
+  end
+
+  def self.configuration=(config)
+    @configuration = config
+  end
+
+  def self.configure
+    yield configuration
+  end
+
+end

data/lib/yhsd_api/exception.rb

@@ -0,0 +1,41 @@
+module YhsdApi
+
+  class MissingToken < Exception
+
+    def initialize
+      super('token is empty.')
+    end
+    
+  end
+
+  class MissingAppKey < Exception
+
+    def initialize
+      super('app key is empty.')
+    end
+    
+  end
+
+  class MissingScope < Exception
+
+    def initialize
+      super('scope is empty.')
+    end
+    
+  end
+
+  class MissingAppSecret < Exception
+
+    def initialize
+      super('app secret is empty.')
+    end
+    
+  end
+
+  class MissingURI < Exception
+    def initialize
+      super('url is empty.')
+    end
+  end
+
+end

data/lib/yhsd_api/helper.rb

@@ -0,0 +1,78 @@
+module YhsdApi
+
+  class Helper
+
+    class << self
+
+      ###
+      #私有APP 通过 app key 和 app secret 生成标准的 0auth2 头部内容
+      ###
+      def authorization(key, secret)
+        content = "#{key}:#{secret}"
+        # 使用遵循 RFC 4648 的 Base64 编码函数
+        encode = Base64.urlsafe_encode64(content)
+        "Basic #{encode}"
+      end
+
+      ###
+      #通过app secret和友好速搭回传的参数，验证当前请求是否来自于友好速搭
+      ###
+      def hmac_verify(secret, params = {})
+        raise 'secret can not be empty' if secret.to_s.empty?
+        if params.has_key?(:hmac)
+          hmac = params[:hmac].to_s
+        elsif params.has_key?("hmac")
+          hmac = params["hmac"].to_s
+        else
+          return false
+        end
+        return false if hmac.empty?
+        p = params.delete_if{|key, value| key.to_s == "hmac"}
+        str = p.keys.sort.map do |k|
+          "#{k.to_s}=#{params[k].to_s}"
+        end.join('&')
+        digest = OpenSSL::Digest.new('sha256')
+        hmac == OpenSSL::HMAC.hexdigest(digest, secret, str)
+      end
+
+      ###
+      #第三方App接入参数生成函数
+      ###
+      def thirdapp_aes_encrypt(secret, data = {})
+        raise 'secret can not be empty' if secret.to_s.empty?
+        cipher = OpenSSL::Cipher::Cipher.new("aes-128-cbc")
+        cipher.encrypt
+        cipher.key = secret[0, 16]
+        cipher.iv = secret[16, 16]
+        ciphertext = cipher.update(data) + cipher.final
+        Base64.urlsafe_encode64(ciphertext)
+      end
+
+      ###
+      #友好速搭webhook通知验证
+      ###
+      def webhook_verify(token, data, hmac)
+        digest  = OpenSSL::Digest.new('sha256')
+        calculated_hmac = Base64.encode64(OpenSSL::HMAC.digest(digest, token, data)).strip
+        calculated_hmac == hmac
+      end
+
+      def generate_hmac(secret, params = {})
+        raise 'secret can not be empty' if secret.to_s.empty?
+        str = params.keys.sort.map do |k|
+          "#{k.to_s}=#{params[k].to_s}"
+        end.join('&')
+        digest = OpenSSL::Digest.new('sha256')
+        OpenSSL::HMAC.hexdigest(digest, secret, str)
+      end
+
+      ###
+      #友好速搭开放支付回调验证
+      ###
+      alias_method :openpayment_verify, :webhook_verify
+
+    end
+
+  end
+
+end

data/lib/yhsd_api/http.rb

@@ -0,0 +1,135 @@
+require 'rest-client'
+
+module YhsdApi
+
+  class HTTP
+
+    class << self
+
+      @@last_at = nil
+      @@limit = 0
+      @@total = 0
+
+      def get(url, opts = {})
+        validate_url(url)
+
+        req_headers = {}
+
+        if opts[:headers].is_a?(Hash)
+          req_headers.merge!(opts[:headers])
+        end
+
+        begin
+          begin_request if YhsdApi.configuration.call_limit_protect
+          response = RestClient.get(url.to_s, req_headers)
+          after_request(response.raw_headers) if YhsdApi.configuration.call_limit_protect
+          return response.code.to_i, response.body, response.raw_headers
+        rescue Exception => e
+          if e.class.to_s.split("::").first.to_s == 'RestClient'
+            return e.http_code.to_i, e.response, {}
+          else
+            raise e
+          end
+        end
+
+      end
+
+      def post(url, req_body = nil, opts = {})
+        validate_url(url)
+
+        req_headers = {}
+
+        if opts[:headers].is_a?(Hash)
+          req_headers.merge!(opts[:headers])
+        end
+        
+        begin
+          begin_request if YhsdApi.configuration.call_limit_protect
+          response = RestClient.post(url.to_s, req_body, req_headers)
+          after_request(response.raw_headers) if YhsdApi.configuration.call_limit_protect
+          return response.code.to_i, response.body, response.raw_headers
+        rescue Exception => e
+          if e.class.to_s.split("::").first.to_s == 'RestClient'
+            return e.http_code.to_i, e.response, {}
+          else
+            raise e
+          end
+        end
+
+      end
+
+      def put(url, req_body = nil, opts = {})
+        validate_url(url)
+
+        req_headers = {}
+
+        if opts[:headers].is_a?(Hash)
+          req_headers.merge!(opts[:headers])
+        end
+
+        begin
+          begin_request if YhsdApi.configuration.call_limit_protect
+          response = RestClient.put(url.to_s, req_body, req_headers)
+          after_request(response.raw_headers) if YhsdApi.configuration.call_limit_protect
+          return response.code.to_i, response.body, response.raw_headers
+        rescue Exception => e
+          if e.class.to_s.split("::").first.to_s == 'RestClient'
+            return e.http_code.to_i, e.response, {}
+          else
+            raise e
+          end
+        end
+
+      end
+
+      def delete(url, opts = {})
+        validate_url(url)
+
+        req_headers = {}
+
+        if opts[:headers].is_a?(Hash)
+          req_headers.merge!(opts[:headers])
+        end
+
+        begin
+          begin_request if YhsdApi.configuration.call_limit_protect
+          response = RestClient.delete(url.to_s, req_headers)
+          after_request(response.raw_headers) if YhsdApi.configuration.call_limit_protect
+          return response.code.to_i, response.body, response.raw_headers
+        rescue Exception => e
+          if e.class.to_s.split("::").first.to_s == 'RestClient'
+            return e.http_code.to_i, e.response, {}
+          else
+            raise e
+          end
+        end
+
+      end
+
+      def validate_url(url)
+        raise MissingURI if url.to_s.empty?
+      end
+
+      def after_request(header)
+        begin
+          if header && header.is_a?(Hash) && header.keys.include?("x-yhsd-shop-api-call-limit")
+            call_limit =  header["x-yhsd-shop-api-call-limit"].first.split("/")
+            @@limit, @@total = call_limit[0].to_i, call_limit[1].to_i
+            @@last_at = Time.now.to_i
+          end
+        end
+      end
+
+      def begin_request
+        if @@last_at
+          if Time.now.to_i - @@last_at <= 1000 && @@total - @@limit <= 2
+            sleep(1)
+          end
+        end
+      end
+
+    end
+
+  end
+
+end