
Research
/Security News
Critical Vulnerability in NestJS Devtools: Localhost RCE via Sandbox Escape
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
PaymentsApi - the Ruby gem for the Payments API
Payments API are currently designed to fetch Transactions only.
This SDK is automatically generated by the OpenAPI Generator project:
To build the Ruby code into a gem:
gem build pnap_payments_api.gemspec
Then either install the gem locally, replacing <VERSION>
with the actual version:
gem install ./pnap_payments_api-<VERSION>.gem
(for development, run gem install --dev ./pnap_payments_api-<VERSION>.gem
to install the development dependencies)
or publish the gem to a gem hosting service, e.g. RubyGems.
Finally add this to the Gemfile:
gem 'pnap_payments_api', '~> <VERSION>'
To install this Gem from this repository, you'll need to get Bundler by doing gem install bundler
. Add the following line in your Gemfile:
gem 'pnap_payments_api', git: 'https://github.com/phoenixnap/ruby-sdk-bmc-poc', glob: 'PaymentsApi/*.gemspec'
If you'd like the development version:
gem 'pnap_payments_api', git: 'https://github.com/phoenixnap/ruby-sdk-bmc-poc', glob: 'PaymentsApi/*.gemspec', branch: 'develop'
Then run bundle install
.
Include the Ruby code directly using -I
as follows:
ruby -Ilib script.rb
Please follow the installation procedure and then run the following code:
# Load the gem
require 'pnap_payments_api'
# Setup authorization
PaymentsApi.configure do |config|
# Configure OAuth2 access token for authorization: OAuth2
config.access_token = 'YOUR ACCESS TOKEN'
# Configure a proc to get access tokens in lieu of the static access_token configuration
config.access_token_getter = -> { 'YOUR TOKEN GETTER PROC' }
end
api_instance = PaymentsApi::TransactionsApi.new
transaction_id = '0a1b2c3d4f5g6h7i8j9k' # String | The transaction identifier.
begin
#Get Transaction.
result = api_instance.transaction_id_get(transaction_id)
p result
rescue PaymentsApi::ApiError => e
puts "Exception when calling TransactionsApi->transaction_id_get: #{e}"
end
Authorization can also be setup by using the oauth
library:
# Load the gem
require 'pnap_payments_api'
require 'oauth2'
# Setup variables for getting a token.
client_id = 'YOUR_CLIENT_ID'
client_secret = 'YOUR_CLIENT_SECRET'
auth_url = 'https://auth.phoenixnap.com/auth/realms/BMC/protocol/openid-connect/token'
# Setup authorization
PaymentsApi.configure do |config|
# Retrieve the token using OAuth2.
client = OAuth2::Client.new(client_id, client_secret, token_url: auth_url)
token = client.client_credentials.get_token
# Configure OAuth2 access token for authorization: OAuth2
config.access_token = token.token
end
All URIs are relative to https://api.phoenixnap.com/payments/v1
Class | Method | HTTP request | Description |
---|---|---|---|
PaymentsApi::TransactionsApi | transaction_id_get | GET /transactions/{transactionId} | Get Transaction. |
PaymentsApi::TransactionsApi | transactions_get | GET /transactions | Get Transactions. |
Authentication schemes defined for the API:
FAQs
Unknown package
We found that pnap_payments_api demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
Product
Customize license detection with Socket’s new license overlays: gain control, reduce noise, and handle edge cases with precision.
Product
Socket now supports Rust and Cargo, offering package search for all users and experimental SBOM generation for enterprise projects.