Last weekend, as part of my new year’s resolution to dedicate some time to good causes, I participated in Hack4good: a global 48 hour hackathon aimed at bringing ideas for the social good into life. In Malta, our team brought forward a crowd funding solution for charitable fundraisers with minimal transaction fees. To this end, we selected BitCoin as the donation currency and Coinbase to host fundraise donations.
One requirement in our project was to have Coinbase automatically issue a BitCoin wallet to each fundraiser. To further complicate matters, we wanted to generate a Coinbase payment page that allows the donor to transfer his BitCoins to the fundraiser’s wallet:
The create() controller action does numerous things so let’s dissect it piece by piece. The action instantiates the Coinbase client with our API key: this key is created in Coinbase’s account settings page. The client object’s create_user(…) method is then invoked to make a wallet in addition to a Coinbase account for the fundraiser. The email address and password parameters are used by the end-user to access his fundraiser wallet on Coinbase. COINBASE_CLIENT_SECRET, linked to our API key, is passed as a parameter so that we can automatically grant ourselves merchant permissions on the created user account. These permissions are needed to dynamically generate the payment page on behalf of the user.
Making the call to Coinbase to generate the payment page requires that we follow the OAuth 2 protocol [2]. Fortunately, an OAuth 2 Ruby library exists. So we go ahead and use the library to instantiate an OAuth client, passing COINBASE_API_KEY and COINBASE_API_SECRET as parameters. Before we ask Coinbase to create a payment page on the user’s behalf, an AccessToken object is constructed with the access token obtained from coinbase.create_user(…) and the OAuth client we have just instantiated. After this, we use the newly constructed oauth_token object to post a request to https://coinbase.com/api/v1/buttons. Note that JSON_CREATE_PAYMENT_PAGE’s value is sent as the HTTP body.
All I need from the JSON response returned from the API call is the payment page code. This code lets Coinbase know which payment page to display. We persist this code along with the fundraiser details so that we can retrieve them later when we show the fundraiser to a potential donor:
Here is view associated with the above action:
The view gets the page code from @fundraiser.coinbase_page_code and sets the necessary HTML attributes with this value. button.js is a script provided by Coinbase that styles the anchor element and opens the fundraising donation page tied to the page code when the anchor is clicked:
The final step is to add the OAuth 2 and Coinbase dependencies to the project Gemfile:
1: We forked Coinbase’s Ruby client because create_user(…) didn’t support client ID.
2: You need to register your application on Coinbase before you can gain rights to manage user accounts through OAuth.