AtalandaSignature-ruby
AtalandaSignature-ruby provides a simple Ruby class that lets you sign requests to the atalogics API and verify our callbacks.
Installation
The best way to install the library is by using bundler. Add the following to Gemfile
in the root of your project:
gem "atalanda-signature"
Then, on the command line:
bundle install
Usage
Signing API calls
Use this to add an auth_hash containing a valid signature to the parameter hash that you send to our API.
parameters = {
"atalogics" => {}
}
token = Atalanda::Signature::Token.new(KEY, SECRET)
request = Atalanda::Signature::Request.new("POST", "https://atalogics.com/api/order", parameters)
signed_parameters = request.sign(token)
=>
{
"atalogics" => {},
"auth_timestamp" => 1391167211,
"auth_key" => "[Your API key]",
"auth_signature" => "552beac4b99949a556b120b7e5f7e22def46f663992a08f0f132ad4afee68b9f"
}
Example
POST Request to https://atalogics.com/api/orderOffer with the following JSON:
{ "atalogics": { "api_key": "5f70fd232454e5c142566dbacc3dec5", "offer_id": "33/2014-01-22/1/2014-01-22", "expected_fee": 5.59, "external_id": "AZDF-234", "url_state_update": "https://ihr-server.de/atalogics/callbacks", "catch": { "name": "Top Fashion Shop", "street": "Schneiderstraße 20", "postal_code": "5020", "city": "Salzburg", "phone_number": "123456", "email": "[email protected]" }, "drop": { "name": "Marta Musterkundin", "street": "Kaufstr. 76", "postal_code": "5020", "city": "Salzburg", "phone_number": "435236", "email": "[email protected]", "extra_services": ["R18"] } } }
token = Atalanda::Signature::Token.new(KEY, SECRET) request = Atalanda::Signature::Request.new("POST", "https://atalogics.com/api/orderOffer", parameters) # parameters contains a hash representing the json above signed_parameters = request.sign(token) # post to our API, for example with HTTParty HTTParty.post("https://atalogics.com/api/orderOffer", :body => signed_parameters.to_json, :headers => { 'Content-Type' => 'application/json' })
If you do a GET Request, you also have to sign all URL parameters. Simply include them in the parameters hash. Send the produced auth parameters along with the other URL parameters, for example: https://atalogics.com/api/status?tracking_id=42ef32a&api_key=abcde**&auth_signature=ab332d2f&auth_timestamp=123244&auth_key=abcde**
Verifying the signature of our callbacks
Use this to verify the signature of our callbacks.
data = JSON.parse(body) // convert json from post body into ruby hash
token = Atalanda::Signature::Token.new(KEY, SECRET)
request = Atalanda::Signature::Request.new("POST", "api/order", data)
result = request.authenticate(token)
if result["authenticated"] == true
// signature is valid
end