forked from stripe/stripe-ruby
-
Notifications
You must be signed in to change notification settings - Fork 0
/
util.rb
363 lines (319 loc) · 12 KB
/
util.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
# frozen_string_literal: true
require "cgi"
module Stripe
module Util
# Options that a user is allowed to specify.
OPTS_USER_SPECIFIED = Set[
:api_key,
:idempotency_key,
:stripe_account,
:stripe_version
].freeze
# Options that should be copyable from one StripeObject to another
# including options that may be internal.
OPTS_COPYABLE = (
OPTS_USER_SPECIFIED + Set[:api_base]
).freeze
# Options that should be persisted between API requests. This includes
# client, which is an object containing an HTTP client to reuse.
OPTS_PERSISTABLE = (
OPTS_USER_SPECIFIED + Set[:client] - Set[:idempotency_key]
).freeze
def self.objects_to_ids(obj)
case obj
when APIResource
obj.id
when Hash
res = {}
obj.each { |k, v| res[k] = objects_to_ids(v) unless v.nil? }
res
when Array
obj.map { |v| objects_to_ids(v) }
else
obj
end
end
# Returns a hash of all Stripe object classes.
def self.object_classes
@object_classes ||= Stripe::ObjectTypes.object_names_to_classes
end
# Returns a hash containling only Stripe API object classes.
def self.api_object_classes
@api_object_classes ||= ::Stripe::ObjectTypes.api_object_names_to_classes
end
def self.object_name_matches_class?(object_name, klass)
Util.object_classes[object_name] == klass
end
# Converts a hash of fields or an array of hashes into a +StripeObject+ or
# array of +StripeObject+s. These new objects will be created as a concrete
# type as dictated by their `object` field (e.g. an `object` value of
# `charge` would create an instance of +Charge+), but if `object` is not
# present or of an unknown type, the newly created instance will fall back
# to being a +StripeObject+.
#
# ==== Attributes
#
# * +data+ - Hash of fields and values to be converted into a StripeObject.
# * +opts+ - Options for +StripeObject+ like an API key that will be reused
# on subsequent API calls.
def self.convert_to_stripe_object(data, opts = {})
opts = normalize_opts(opts)
case data
when Array
data.map { |i| convert_to_stripe_object(i, opts) }
when Hash
# Try converting to a known object class. If none available, fall back
# to generic StripeObject
object_classes.fetch(data[:object], StripeObject)
.construct_from(data, opts)
else
data
end
end
def self.log_error(message, data = {})
config = data.delete(:config) || Stripe.config
logger = config.logger || Stripe.logger
if !logger.nil? ||
!config.log_level.nil? && config.log_level <= Stripe::LEVEL_ERROR
log_internal(message, data, color: :cyan, level: Stripe::LEVEL_ERROR,
logger: Stripe.logger, out: $stderr)
end
end
def self.log_info(message, data = {})
config = data.delete(:config) || Stripe.config
logger = config.logger || Stripe.logger
if !logger.nil? ||
!config.log_level.nil? && config.log_level <= Stripe::LEVEL_INFO
log_internal(message, data, color: :cyan, level: Stripe::LEVEL_INFO,
logger: Stripe.logger, out: $stdout)
end
end
def self.log_debug(message, data = {})
config = data.delete(:config) || Stripe.config
logger = config.logger || Stripe.logger
if !logger.nil? ||
!config.log_level.nil? && config.log_level <= Stripe::LEVEL_DEBUG
log_internal(message, data, color: :blue, level: Stripe::LEVEL_DEBUG,
logger: Stripe.logger, out: $stdout)
end
end
def self.symbolize_names(object)
case object
when Hash
new_hash = {}
object.each do |key, value|
key = (begin
key.to_sym
rescue StandardError
key
end) || key
new_hash[key] = symbolize_names(value)
end
new_hash
when Array
object.map { |value| symbolize_names(value) }
else
object
end
end
# Encodes a hash of parameters in a way that's suitable for use as query
# parameters in a URI or as form parameters in a request body. This mainly
# involves escaping special characters from parameter keys and values (e.g.
# `&`).
def self.encode_parameters(params)
Util.flatten_params(params)
.map { |k, v| "#{url_encode(k)}=#{url_encode(v)}" }.join("&")
end
# Encodes a string in a way that makes it suitable for use in a set of
# query parameters in a URI or in a set of form parameters in a request
# body.
def self.url_encode(key)
CGI.escape(key.to_s).
# Don't use strict form encoding by changing the square bracket control
# characters back to their literals. This is fine by the server, and
# makes these parameter strings easier to read.
gsub("%5B", "[").gsub("%5D", "]")
end
def self.flatten_params(params, parent_key = nil)
result = []
# do not sort the final output because arrays (and arrays of hashes
# especially) can be order sensitive, but do sort incoming parameters
params.each do |key, value|
calculated_key = parent_key ? "#{parent_key}[#{key}]" : key.to_s
if value.is_a?(Hash)
result += flatten_params(value, calculated_key)
elsif value.is_a?(Array)
result += flatten_params_array(value, calculated_key)
else
result << [calculated_key, value]
end
end
result
end
def self.flatten_params_array(value, calculated_key)
result = []
value.each_with_index do |elem, i|
if elem.is_a?(Hash)
result += flatten_params(elem, "#{calculated_key}[#{i}]")
elsif elem.is_a?(Array)
result += flatten_params_array(elem, calculated_key)
else
result << ["#{calculated_key}[#{i}]", elem]
end
end
result
end
# `Time.now` can be unstable in cases like an administrator manually
# updating its value or a reconcilation via NTP. For this reason, prefer
# the use of the system's monotonic clock especially where comparing times
# to calculate an elapsed duration.
#
# Shortcut for getting monotonic time, mostly for purposes of line length
# and test stubbing. Returns time in seconds since the event used for
# monotonic reference purposes by the platform (e.g. system boot time).
def self.monotonic_time
Process.clock_gettime(Process::CLOCK_MONOTONIC)
end
def self.normalize_id(id)
if id.is_a?(Hash) # overloaded id
params_hash = id.dup
id = params_hash.delete(:id)
else
params_hash = {}
end
[id, params_hash]
end
# The secondary opts argument can either be a string or hash
# Turn this value into an api_key and a set of headers
def self.normalize_opts(opts)
case opts
when String
{ api_key: opts }
when Hash
check_api_key!(opts.fetch(:api_key)) if opts.key?(:api_key)
opts.clone
else
raise TypeError, "normalize_opts expects a string or a hash"
end
end
def self.check_string_argument!(key)
raise TypeError, "argument must be a string" unless key.is_a?(String)
key
end
def self.check_api_key!(key)
raise TypeError, "api_key must be a string" unless key.is_a?(String)
key
end
# Normalizes header keys so that they're all lower case and each
# hyphen-delimited section starts with a single capitalized letter. For
# example, `request-id` becomes `Request-Id`. This is useful for extracting
# certain key values when the user could have set them with a variety of
# diffent naming schemes.
def self.normalize_headers(headers)
headers.each_with_object({}) do |(k, v), new_headers|
k = k.to_s.tr("_", "-") if k.is_a?(Symbol)
k = k.split("-").reject(&:empty?).map(&:capitalize).join("-")
new_headers[k] = v
end
end
# Generates a Dashboard link to inspect a request ID based off of a request
# ID value and an API key, which is used to attempt to extract whether the
# environment is livemode or testmode.
def self.request_id_dashboard_url(request_id, api_key)
env = !api_key.nil? && api_key.start_with?("sk_live") ? "live" : "test"
"https://dashboard.stripe.com/#{env}/logs/#{request_id}"
end
# Constant time string comparison to prevent timing attacks
# Code borrowed from ActiveSupport
def self.secure_compare(str_a, str_b)
return false unless str_a.bytesize == str_b.bytesize
l = str_a.unpack "C#{str_a.bytesize}"
res = 0
str_b.each_byte { |byte| res |= byte ^ l.shift }
res.zero?
end
#
# private
#
COLOR_CODES = {
black: 0, light_black: 60,
red: 1, light_red: 61,
green: 2, light_green: 62,
yellow: 3, light_yellow: 63,
blue: 4, light_blue: 64,
magenta: 5, light_magenta: 65,
cyan: 6, light_cyan: 66,
white: 7, light_white: 67,
default: 9,
}.freeze
private_constant :COLOR_CODES
# Uses an ANSI escape code to colorize text if it's going to be sent to a
# TTY.
def self.colorize(val, color, isatty)
return val unless isatty
mode = 0 # default
foreground = 30 + COLOR_CODES.fetch(color)
background = 40 + COLOR_CODES.fetch(:default)
"\033[#{mode};#{foreground};#{background}m#{val}\033[0m"
end
private_class_method :colorize
# Turns an integer log level into a printable name.
def self.level_name(level)
case level
when LEVEL_DEBUG then "debug"
when LEVEL_ERROR then "error"
when LEVEL_INFO then "info"
else level
end
end
private_class_method :level_name
def self.log_internal(message, data = {}, color:, level:, logger:, out:)
data_str = data.reject { |_k, v| v.nil? }
.map do |(k, v)|
format("%<key>s=%<value>s",
key: colorize(k, color, logger.nil? && !out.nil? && out.isatty),
value: wrap_logfmt_value(v))
end.join(" ")
if !logger.nil?
# the library's log levels are mapped to the same values as the
# standard library's logger
logger.log(level,
format("message=%<message>s %<data_str>s",
message: wrap_logfmt_value(message),
data_str: data_str))
elsif out.isatty
out.puts format("%<level>s %<message>s %<data_str>s",
level: colorize(level_name(level)[0, 4].upcase,
color, out.isatty),
message: message,
data_str: data_str)
else
out.puts format("message=%<message>s level=%<level>s %<data_str>s",
message: wrap_logfmt_value(message),
level: level_name(level),
data_str: data_str)
end
end
private_class_method :log_internal
# Wraps a value in double quotes if it looks sufficiently complex so that
# it can be read by logfmt parsers.
def self.wrap_logfmt_value(val)
# If value is any kind of number, just allow it to be formatted directly
# to a string (this will handle integers or floats).
return val if val.is_a?(Numeric)
# Hopefully val is a string, but protect in case it's not.
val = val.to_s
if %r{[^\w\-/]} =~ val
# If the string contains any special characters, escape any double
# quotes it has, remove newlines, and wrap the whole thing in quotes.
format(%("%<value>s"), value: val.gsub('"', '\"').delete("\n"))
else
# Otherwise use the basic value if it looks like a standard set of
# characters (and allow a few special characters like hyphens, and
# slashes)
val
end
end
private_class_method :wrap_logfmt_value
end
end