class Paypal::Permissions::Paypal

Constants

API_VERSION
PERMISSIONS
PRODUCTION_GRANT_PERMISSION_URL
PRODUCTION_SERVER
SANDBOX_GRANT_PERMISSION_URL
SANDBOX_SERVER

Attributes

application_id[RW]
mode[RW]
password[RW]
signature[RW]
userid[RW]

Public Class Methods

new(userid, password, signature, application_id, mode = :production) click to toggle source

Credentials: UserID, Password, Signature, Application ID

# File lib/paypal/permissions/paypal.rb, line 46
def initialize(userid, password, signature, application_id, mode = :production)
  raise "Mode must be :sandbox or :production" unless [:sandbox, :production].include? mode
  @userid = userid
  @password = password
  @signature = signature
  @application_id = application_id
  @mode = mode
end

Public Instance Methods

cancel_permissions(token) click to toggle source

Cancel the permissions granted to the given token

# File lib/paypal/permissions/paypal.rb, line 101
def cancel_permissions(token)
  url = create_url('CancelPermissions')
  data = call(url, { 'token' => token })
  true
end
get_access_token(token, verifier) click to toggle source

After a callback, lookup the access token and token secret using the :token and :verification from the callback URL.

# File lib/paypal/permissions/paypal.rb, line 76
def get_access_token(token, verifier)
  url = create_url('GetAccessToken')
  data = call(url, { 'token' => token, 'verifier' => verifier })

  raise ::Paypal::Permissions::FaultMessage.new(data) unless (data['token'] && data['tokenSecret'])

  {
    token:        data['token'],
    token_secret: data['tokenSecret'],
    scopes:       parse_scopes(data),
  }
end
lookup_permissions(token) click to toggle source

Lookup the permissions granted to a given token.

# File lib/paypal/permissions/paypal.rb, line 90
def lookup_permissions(token)
  url = create_url('GetPermissions')
  data = call(url, { 'token' => token })

  paypal_scopes = parse_scopes(data)
  raise ::Paypal::Permissions::FaultMessage.new(data) if paypal_scopes.empty?

  { scopes: paypal_scopes }
end
request_permissions(permissions_scopes, callback_url, language = 'en') click to toggle source

Create a “Request Permissions” URL. After requesting permissions, send the user to the URL so they can grant permissions. The user will be redirected back to the :callback_url.

# File lib/paypal/permissions/paypal.rb, line 57
def request_permissions(permissions_scopes, callback_url, language = 'en')
  url = create_url('RequestPermissions')

  request_data = {'callback' => callback_url, 'language' => language }
  permissions_scopes.each_with_index { |ps,index| request_data["scope(#{index})"] = PERMISSIONS[ps] }
  data = call(url, request_data)

  raise ::Paypal::Permissions::FaultMessage.new(data) unless data['token']

  # Redirect URL:
  # https://www.paypal.com/cgi-bin/webscr?cmd=_grant-permission&request_token= + token
  {
    permissions_url: (mode == :production ? PRODUCTION_GRANT_PERMISSION_URL : SANDBOX_GRANT_PERMISSION_URL) + data['token'],
    token: data['token'],
  }
end

Protected Instance Methods

call(url, params={}) click to toggle source
# File lib/paypal/permissions/paypal.rb, line 113
def call(url, params={})
  headers = {
    'X-PAYPAL-SECURITY-USERID' => @userid,
    'X-PAYPAL-SECURITY-PASSWORD' => @password,
    'X-PAYPAL-SECURITY-SIGNATURE' => @signature,
    'X-PAYPAL-REQUEST-DATA-FORMAT' => 'NV',
    'X-PAYPAL-RESPONSE-DATA-FORMAT'=> 'NV',
    'X-PAYPAL-APPLICATION-ID' => @application_id,
    'Content-Type' => 'application/x-www-form-urlencoded',
  }
  params['requestEnvelope.errorLanguage'] = 'en_US'
  data = params.map{ |k,v| "#{CGI.escape(k)}=#{CGI.escape(v)}" }.join('&')
  data = URI.encode_www_form(params)

  endpoint = URI(url)
  timeout(30) do
    http = Net::HTTP.new(endpoint.host, endpoint.port)
    http.use_ssl = true
    http.verify_mode = OpenSSL::SSL::VERIFY_NONE if mode == :sandbox
    response = http.post(endpoint.request_uri, data, headers)
    code = response.code

    case code.to_i
    when 200
      data = get_hash(response.body)
      raise ::Paypal::Permissions::FaultMessage.new(data) if data['responseEnvelope.ack'] == 'Failure'
      return data
    when 500
      raise ::Paypal::Permissions::InternalServerError.new(response.body)
    else
      raise ::Paypal::Permissions::UnknownResponse.new(code.to_i, response.body)
    end
  end
end
create_url(endpoint) click to toggle source
# File lib/paypal/permissions/paypal.rb, line 109
def create_url(endpoint)
  (mode == :production ? PRODUCTION_SERVER : SANDBOX_SERVER) + endpoint
end

Private Instance Methods

get_hash(string) click to toggle source

Gets a hash from a string, with a set of name value pairs joined by '=' and concatenated with '&'

# File lib/paypal/permissions/paypal.rb, line 152
def get_hash(string)
  hash = {}
  string.split('&').collect { |pair| pair.split('=') }.each { |a|
    hash[a[0]] = URI.unescape(a[1])
  }
  return hash
end
parse_scopes(data) click to toggle source

Parse out the scopes from the PayPal response

# File lib/paypal/permissions/paypal.rb, line 161
def parse_scopes(data)
  scopes = []
  scopes << data['scope'] if data['scope'] # If there is only one scope

  i = 0
  while (data["scope(#{i})"]) do
    scopes << data["scope(#{i})"]; i = i + 1
  end # For multiple scopes

  # Convert to symbols
  scopes.collect { |paypal_scope| PERMISSIONS.select { |k,val| val == paypal_scope }.keys.first }
end