Skip to content

Mondido/gala

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
lib
lib
 
 
test
test
 
 
.gitignore
.gitignore
 
 
Gemfile
Gemfile
 
 
Gemfile.lock
Gemfile.lock
 
 
MIT-LICENSE
MIT-LICENSE
 
 
README.md
README.md
 
 
Rakefile
Rakefile
 
 
gala.gemspec
gala.gemspec
 
 
notes.md
notes.md
 
 

Repository files navigation

Gala

Named after the Gala apple, Gala is a Ruby library for decrypting Apple Pay payment tokens.

Gala is available under the MIT License.

Install

Add both gala and aead to your Gemfile. Specifying aead is necessary to pull in the Shopify version of the library which has been updated to support Ruby versions 2.2 and above.

gem "gala", "~> 0.3.1"
gem 'aead', git: 'https://github.com/Shopify/aead.git', ref: '340e7718d8bd9c1fcf3c443e32f439436ea2b70d'

If you need to track a development branch or reference functionality not yet contained in the RubyGem release you can specify the gala repo directly.

gem "gala", git: "https://github.com/spreedly/gala.git", ref: :master
gem 'aead', git: 'https://github.com/Shopify/aead.git', ref: '340e7718d8bd9c1fcf3c443e32f439436ea2b70d'

Then bundle install to fetch Gala into your local environment.

Usage

Gala works by:

  1. Initializing an instance of Gala::PaymentToken with the hash of values present in the Apple Pay token string (a JSON representation of this data).
  2. Decrypting the token using the PEM formatted merchant certificate and private key (the latter of which, at least, is managed by a third-party such as a gateway or independent processor like Spreedly).
require "gala"

# token_json = raw token string you get from your iOS app
token_attrs = JSON.parse(token_json)
token = Gala::PaymentToken.new(token_attrs)

certificate_pem = File.read("mycert.pem")
private_key_pem = File.read("private_key.pem")

decrypted_json = token.decrypt(certificate_pem, private_key_pem)
JSON.parse(decrypted_json)
# =>
{
  "applicationPrimaryAccountNumber"=>"4109370251004320",
  "applicationExpirationDate"=>"200731",
  "currencyCode"=>"840",
  "transactionAmount"=>100,
  "deviceManufacturerIdentifier"=>"040010030273",
  "paymentDataType"=>"3DSecure",
  "paymentData"=> {
    "onlinePaymentCryptogram"=>"Af9x/QwAA/DjmU65oyc1MAABAAA=",
    "eciIndicator"=>"5"
  }
}

Testing

$ rake test
Started
......

Finished in 0.017918 seconds.

Releasing

To cut a new gem:

Setup RubyGems account

Make sure you have a RubyGems account and have setup your local gem credentials with something like this:

$ curl -u rwdaigle https://rubygems.org/api/v1/api_key.yaml > ~/.gem/credentials; chmod 0600 ~/.gem/credentials
<enter rubygems account password>

If you are not yet listed as a gem owner, you will need to request access from @rwdaigle.

Release

Build and release the gem with (all changes should be committed and pushed to Github):

$ rake release

Changelog

v0.3.1

  • Use Shopify aead library for compatibility w/ Ruby >= v2.2

v0.3.0

  • Verify payment token signature

Contributors

About

Ruby library for decrypting Apple Pay payment tokens

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

2 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages

  • Ruby 100.0%