active_accountability_merchant 1.97.1

data/lib/active_merchant/billing/gateways/eway.rb

@@ -0,0 +1,226 @@
+require 'rexml/document'
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    # Public: For more information on the Eway Gateway please visit their
+    # {Developers Area}[http://www.eway.com.au/developers/api/direct-payments]
+    class EwayGateway < Gateway
+      self.live_url = 'https://www.eway.com.au'
+
+      self.money_format = :cents
+      self.supported_countries = ['AU']
+      self.supported_cardtypes = [:visa, :master, :american_express, :diners_club]
+      self.homepage_url = 'http://www.eway.com.au/'
+      self.display_name = 'eWAY'
+
+      # Public: Create a new Eway Gateway.
+      # options - A hash of options:
+      #           :login     - Your Customer ID.
+      #           :password  - Your XML Refund Password that you
+      #                        specified on the Eway site. (optional)
+      def initialize(options = {})
+        requires!(options, :login)
+        super
+      end
+
+      def purchase(money, creditcard, options = {})
+        requires_address!(options)
+
+        post = {}
+        add_creditcard(post, creditcard)
+        add_address(post, options)
+        add_customer_id(post)
+        add_invoice_data(post, options)
+        add_non_optional_data(post)
+        add_amount(post, money)
+        post[:CustomerEmail] = options[:email]
+
+        commit(purchase_url(post[:CVN]), money, post)
+      end
+
+      def refund(money, authorization, options={})
+        post = {}
+
+        add_customer_id(post)
+        add_amount(post, money)
+        add_non_optional_data(post)
+        post[:OriginalTrxnNumber] = authorization
+        post[:RefundPassword] = @options[:password]
+        post[:CardExpiryMonth] = nil
+        post[:CardExpiryYear] = nil
+
+        commit(refund_url, money, post)
+      end
+
+      def supports_scrubbing
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((Authorization: Basic )\w+), '\1[FILTERED]').
+          gsub(%r((<ewayCardNumber>)\d+(</ewayCardNumber>))i, '\1[FILTERED]\2').
+          gsub(%r((<ewayCVN>)\d+(</ewayCVN>))i, '\1[FILTERED]\2')
+      end
+
+      private
+
+      def requires_address!(options)
+        raise ArgumentError.new('Missing eWay required parameters: address or billing_address') unless options.has_key?(:address) or options.has_key?(:billing_address)
+      end
+
+      def add_creditcard(post, creditcard)
+        post[:CardNumber]  = creditcard.number
+        post[:CardExpiryMonth]  = sprintf('%.2i', creditcard.month)
+        post[:CardExpiryYear] = sprintf('%.4i', creditcard.year)[-2..-1]
+        post[:CustomerFirstName] = creditcard.first_name
+        post[:CustomerLastName]  = creditcard.last_name
+        post[:CardHoldersName] = creditcard.name
+
+        post[:CVN] = creditcard.verification_value if creditcard.verification_value?
+      end
+
+      def add_address(post, options)
+        if address = options[:billing_address] || options[:address]
+          post[:CustomerAddress]    = [ address[:address1], address[:address2], address[:city], address[:state], address[:country] ].compact.join(', ')
+          post[:CustomerPostcode]   = address[:zip]
+        end
+      end
+
+      def add_customer_id(post)
+        post[:CustomerID] = @options[:login]
+      end
+
+      def add_invoice_data(post, options)
+        post[:CustomerInvoiceRef] = options[:order_id]
+        post[:CustomerInvoiceDescription] = options[:description]
+      end
+
+      def add_amount(post, money)
+        post[:TotalAmount] = amount(money)
+      end
+
+      def add_non_optional_data(post)
+        post[:Option1] = nil
+        post[:Option2] = nil
+        post[:Option3] = nil
+        post[:TrxnNumber] = nil
+      end
+
+      def commit(url, money, parameters)
+        raw_response = ssl_post(url, post_data(parameters))
+        response = parse(raw_response)
+
+        Response.new(success?(response),
+          message_from(response[:ewaytrxnerror]),
+          response,
+          :authorization => response[:ewaytrxnnumber],
+          :test => test?
+        )
+      end
+
+      def success?(response)
+        response[:ewaytrxnstatus] == 'True'
+      end
+
+      def parse(xml)
+        response = {}
+        xml = REXML::Document.new(xml)
+        xml.elements.each('//ewayResponse/*') do |node|
+          response[node.name.downcase.to_sym] = normalize(node.text)
+        end unless xml.root.nil?
+
+        response
+      end
+
+      def post_data(parameters = {})
+        xml   = REXML::Document.new
+        root  = xml.add_element('ewaygateway')
+
+        parameters.each do |key, value|
+          root.add_element("eway#{key}").text = value
+        end
+        xml.to_s
+      end
+
+      def message_from(message)
+        return '' if message.blank?
+        MESSAGES[message[0, 2]] || message
+      end
+
+      def purchase_url(cvn)
+        suffix = test? ? 'xmltest/testpage.asp' : 'xmlpayment.asp'
+        gateway_part = cvn ? 'gateway_cvn' : 'gateway'
+        "#{live_url}/#{gateway_part}/#{suffix}"
+      end
+
+      def refund_url
+        suffix = test? ? 'xmltest/refund_test.asp' : 'xmlpaymentrefund.asp'
+        "#{live_url}/gateway/#{suffix}"
+      end
+
+      MESSAGES = {
+        '00' => 'Transaction Approved',
+        '01' => 'Refer to Issuer',
+        '02' => 'Refer to Issuer, special',
+        '03' => 'No Merchant',
+        '04' => 'Pick Up Card',
+        '05' => 'Do Not Honour',
+        '06' => 'Error',
+        '07' => 'Pick Up Card, Special',
+        '08' => 'Honour With Identification',
+        '09' => 'Request In Progress',
+        '10' => 'Approved For Partial Amount',
+        '11' => 'Approved, VIP',
+        '12' => 'Invalid Transaction',
+        '13' => 'Invalid Amount',
+        '14' => 'Invalid Card Number',
+        '15' => 'No Issuer',
+        '16' => 'Approved, Update Track 3',
+        '19' => 'Re-enter Last Transaction',
+        '21' => 'No Action Taken',
+        '22' => 'Suspected Malfunction',
+        '23' => 'Unacceptable Transaction Fee',
+        '25' => 'Unable to Locate Record On File',
+        '30' => 'Format Error',
+        '31' => 'Bank Not Supported By Switch',
+        '33' => 'Expired Card, Capture',
+        '34' => 'Suspected Fraud, Retain Card',
+        '35' => 'Card Acceptor, Contact Acquirer, Retain Card',
+        '36' => 'Restricted Card, Retain Card',
+        '37' => 'Contact Acquirer Security Department, Retain Card',
+        '38' => 'PIN Tries Exceeded, Capture',
+        '39' => 'No Credit Account',
+        '40' => 'Function Not Supported',
+        '41' => 'Lost Card',
+        '42' => 'No Universal Account',
+        '43' => 'Stolen Card',
+        '44' => 'No Investment Account',
+        '51' => 'Insufficient Funds',
+        '52' => 'No Cheque Account',
+        '53' => 'No Savings Account',
+        '54' => 'Expired Card',
+        '55' => 'Incorrect PIN',
+        '56' => 'No Card Record',
+        '57' => 'Function Not Permitted to Cardholder',
+        '58' => 'Function Not Permitted to Terminal',
+        '59' => 'Suspected Fraud',
+        '60' => 'Acceptor Contact Acquirer',
+        '61' => 'Exceeds Withdrawal Limit',
+        '62' => 'Restricted Card',
+        '63' => 'Security Violation',
+        '64' => 'Original Amount Incorrect',
+        '66' => 'Acceptor Contact Acquirer, Security',
+        '67' => 'Capture Card',
+        '75' => 'PIN Tries Exceeded',
+        '82' => 'CVV Validation Error',
+        '90' => 'Cutoff In Progress',
+        '91' => 'Card Issuer Unavailable',
+        '92' => 'Unable To Route Transaction',
+        '93' => 'Cannot Complete, Violation Of The Law',
+        '94' => 'Duplicate Transaction',
+        '96' => 'System Error'
+      }
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/eway_managed.rb

@@ -0,0 +1,290 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class EwayManagedGateway < Gateway
+      self.test_url = 'https://www.eway.com.au/gateway/ManagedPaymentService/test/managedCreditCardPayment.asmx'
+      self.live_url = 'https://www.eway.com.au/gateway/ManagedPaymentService/managedCreditCardPayment.asmx'
+
+      # The countries the gateway supports merchants from as 2 digit ISO country codes
+      self.supported_countries = ['AU']
+
+      # The card types supported by the payment gateway
+      self.supported_cardtypes = [:visa, :master]
+
+      self.default_currency = 'AUD'
+
+      # accepted money format
+      self.money_format = :cents
+
+      # The homepage URL of the gateway
+      self.homepage_url = 'http://www.eway.com.au/'
+
+      # The name of the gateway
+      self.display_name = 'eWay Managed Payments'
+
+      def initialize(options = {})
+        requires!(options, :login, :username, :password)
+
+        # eWay returns 500 code for faults, which AM snaffles.
+        # So, we tell it to allow them.
+        options[:ignore_http_status] = true
+        super
+      end
+
+      # add a new customer CC to your eway account and return unique ManagedCustomerID
+      # supports storing details required by eway see "add_creditcard" and "add_address"
+      def store(creditcard, options = {})
+        post = {}
+
+        # Handle our required fields
+        requires!(options, :billing_address)
+
+        # Handle eWay specific required fields.
+        billing_address = options[:billing_address]
+        eway_requires!(billing_address)
+
+        add_creditcard(post, creditcard)
+        add_address(post, billing_address)
+        add_misc_fields(post, options)
+
+        commit('CreateCustomer', post)
+      end
+
+      def update(billing_id, creditcard, options={})
+        post = {}
+
+        # Handle our required fields
+        requires!(options, :billing_address)
+
+        # Handle eWay specific required fields.
+        billing_address = options[:billing_address]
+        eway_requires!(billing_address)
+
+        post[:managedCustomerID]=billing_id
+        add_creditcard(post, creditcard)
+        add_address(post, billing_address)
+        add_misc_fields(post, options)
+
+        commit('UpdateCustomer', post)
+      end
+
+      # Process a payment in the given amount against the stored credit card given by billing_id
+      #
+      # ==== Parameters
+      #
+      # * <tt>money</tt> -- The amount to be purchased as an Integer value in cents.
+      # * <tt>billing_id</tt> -- The eWay provided card/customer token to charge (managedCustomerID)
+      # * <tt>options</tt> -- A hash of optional parameters.
+      #
+      # ==== Options
+      #
+      # * <tt>:order_id</tt> -- The order number, passed to eWay as the "Invoice Reference"
+      # * <tt>:invoice</tt> -- The invoice number, passed to eWay as the "Invoice Reference" unless :order_id is also given
+      # * <tt>:description</tt> -- A description of the payment, passed to eWay as the "Invoice Description"
+      def purchase(money, billing_id, options={})
+        post = {}
+        post[:managedCustomerID] = billing_id.to_s
+        post[:amount]=money
+        add_invoice(post, options)
+
+        commit('ProcessPayment', post)
+      end
+
+      # Get customer's stored credit card details given by billing_id
+      #
+      # ==== Parameters
+      #
+      # * <tt>billing_id</tt> -- The eWay provided card/customer token to charge (managedCustomerID)
+      def retrieve(billing_id)
+        post = {}
+        post[:managedCustomerID] = billing_id.to_s
+
+        commit('QueryCustomer', post)
+      end
+
+      # TODO: eWay API also provides QueryPayment
+
+      private
+
+      def eway_requires!(hash)
+        raise ArgumentError.new('Missing eWay required parameter in `billing_address`: title') unless hash.has_key?(:title)
+        raise ArgumentError.new('Missing eWay required parameter in `billing_address`: country') unless hash.has_key?(:country)
+      end
+
+      def add_address(post, address)
+        post[:Address]  = address[:address1].to_s
+        post[:Phone]    = address[:phone].to_s
+        post[:PostCode] = address[:zip].to_s
+        post[:Suburb]   = address[:city].to_s
+        post[:Country]  = address[:country].to_s.downcase
+        post[:State]    = address[:state].to_s
+        post[:Mobile]   = address[:mobile].to_s
+        post[:Fax]      = address[:fax].to_s
+      end
+
+      def add_misc_fields(post, options)
+        post[:CustomerRef]=options[:billing_address][:customer_ref] || options[:customer]
+        post[:Title]=options[:billing_address][:title]
+        post[:Company]=options[:billing_address][:company]
+        post[:JobDesc]=options[:billing_address][:job_desc]
+        post[:Email]=options[:billing_address][:email] || options[:email]
+        post[:URL]=options[:billing_address][:url]
+        post[:Comments]=options[:description]
+      end
+
+      def add_invoice(post, options)
+        post[:invoiceReference] = options[:order_id] || options[:invoice]
+        post[:invoiceDescription] = options[:description]
+      end
+
+      # add credit card details to be stored by eway. NOTE eway requires "title" field
+      def add_creditcard(post, creditcard)
+        post[:CCNumber]  = creditcard.number
+        post[:CCExpiryMonth]  = sprintf('%.2i', creditcard.month)
+        post[:CCExpiryYear] = sprintf('%.4i', creditcard.year)[-2..-1]
+        post[:CCNameOnCard] = creditcard.name
+        post[:FirstName] = creditcard.first_name
+        post[:LastName]  = creditcard.last_name
+      end
+
+      def parse(body)
+        reply = {}
+        xml = REXML::Document.new(body)
+        if root = REXML::XPath.first(xml, '//soap:Fault') then
+          reply=parse_fault(root)
+        else
+          if root = REXML::XPath.first(xml, '//ProcessPaymentResponse/ewayResponse') then
+            # Successful payment
+            reply=parse_purchase(root)
+          else
+            if root = REXML::XPath.first(xml, '//QueryCustomerResult') then
+              reply=parse_query_customer(root)
+            else
+              if root = REXML::XPath.first(xml, '//CreateCustomerResult') then
+                reply[:message]='OK'
+                reply[:CreateCustomerResult]=root.text
+                reply[:success]=true
+              else
+                if root = REXML::XPath.first(xml, '//UpdateCustomerResult') then
+                  if root.text.casecmp('true').zero? then
+                    reply[:message]='OK'
+                    reply[:success]=true
+                  else
+                    # ERROR: This state should never occur. If there is a problem,
+                    #        a soap:Fault will be returned. The presence of this
+                    #        element always means a success.
+                    raise StandardError, 'Unexpected "false" in UpdateCustomerResult'
+                  end
+                else
+                  # ERROR: This state should never occur currently. We have handled
+                  #        responses for all the methods which we support.
+                  raise StandardError, 'Unexpected response'
+                end
+              end
+            end
+          end
+        end
+        return reply
+      end
+
+      def parse_fault(node)
+        reply={}
+        reply[:message]=REXML::XPath.first(node, '//soap:Reason/soap:Text').text
+        reply[:success]=false
+        reply
+      end
+
+      def parse_purchase(node)
+        reply={}
+        reply[:message]=REXML::XPath.first(node, '//ewayTrxnError').text
+        reply[:success]=(REXML::XPath.first(node, '//ewayTrxnStatus').text == 'True')
+        reply[:auth_code]=REXML::XPath.first(node, '//ewayAuthCode').text
+        reply[:transaction_number]=REXML::XPath.first(node, '//ewayTrxnNumber').text
+        reply
+      end
+
+      def parse_query_customer(node)
+        reply={}
+        reply[:message]='OK'
+        reply[:success]=true
+        reply[:CCNumber]=REXML::XPath.first(node, '//CCNumber').text
+        reply[:CCName]=REXML::XPath.first(node, '//CCName').text
+        reply[:CCExpiryMonth]=REXML::XPath.first(node, '//CCExpiryMonth').text
+        reply[:CCExpiryYear]=REXML::XPath.first(node, '//CCExpiryYear').text
+        reply
+      end
+
+      def commit(action, post)
+        raw = begin
+          ssl_post(test? ? self.test_url : self.live_url, soap_request(post, action), 'Content-Type' => 'application/soap+xml; charset=utf-8')
+        rescue ResponseError => e
+          e.response.body
+        end
+        response = parse(raw)
+
+        EwayResponse.new(response[:success], response[:message], response,
+          :test => test?,
+          :authorization => response[:auth_code]
+        )
+      end
+
+      # Where we build the full SOAP 1.2 request using builder
+      def soap_request(arguments, action)
+        # eWay demands all fields be sent, but contain an empty string if blank
+        post = case action
+               when 'QueryCustomer'
+                 arguments
+               when 'ProcessPayment'
+                 default_payment_fields.merge(arguments)
+               when 'CreateCustomer'
+                 default_customer_fields.merge(arguments)
+               when 'UpdateCustomer'
+                 default_customer_fields.merge(arguments)
+               end
+
+        xml = Builder::XmlMarkup.new :indent => 2
+        xml.instruct!
+        xml.tag! 'soap12:Envelope', {'xmlns:xsi' => 'http://www.w3.org/2001/XMLSchema-instance', 'xmlns:xsd' => 'http://www.w3.org/2001/XMLSchema', 'xmlns:soap12' => 'http://www.w3.org/2003/05/soap-envelope'} do
+          xml.tag! 'soap12:Header' do
+            xml.tag! 'eWAYHeader', {'xmlns' => 'https://www.eway.com.au/gateway/managedpayment'} do
+              xml.tag! 'eWAYCustomerID', @options[:login]
+              xml.tag! 'Username', @options[:username]
+              xml.tag! 'Password', @options[:password]
+            end
+          end
+          xml.tag! 'soap12:Body' do |x|
+            x.tag! action, {'xmlns' => 'https://www.eway.com.au/gateway/managedpayment'} do |y|
+              post.each do |key, value|
+                y.tag! key, value
+              end
+            end
+          end
+        end
+        xml.target!
+      end
+
+      def default_customer_fields
+        hash={}
+        %w( CustomerRef Title FirstName LastName Company JobDesc Email Address Suburb State PostCode Country Phone Mobile Fax URL Comments CCNumber CCNameOnCard CCExpiryMonth CCExpiryYear ).each do |field|
+          hash[field.to_sym]=''
+        end
+        return hash
+      end
+
+      def default_payment_fields
+        hash={}
+        %w( managedCustomerID amount invoiceReference invoiceDescription ).each do |field|
+          hash[field.to_sym]=''
+        end
+        return hash
+      end
+
+      class EwayResponse < Response
+        # add a method to response so we can easily get the eway token "ManagedCustomerID"
+        def token
+          @params['CreateCustomerResult']
+        end
+      end
+
+    end
+  end
+end