active_accountability_merchant 1.97.1

data/lib/active_merchant/billing/gateways/garanti.rb

@@ -0,0 +1,259 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class GarantiGateway < Gateway
+      self.live_url = 'https://sanalposprov.garanti.com.tr/VPServlet'
+      self.test_url = 'https://sanalposprovtest.garanti.com.tr/VPServlet'
+
+      # The countries the gateway supports merchants from as 2 digit ISO country codes
+      self.supported_countries = ['US', 'TR']
+
+      # The card types supported by the payment gateway
+      self.supported_cardtypes = [:visa, :master, :american_express, :discover]
+
+      # The homepage URL of the gateway
+      self.homepage_url = 'https://sanalposweb.garanti.com.tr'
+
+      # The name of the gateway
+      self.display_name = 'Garanti Sanal POS'
+
+      self.default_currency = 'TRL'
+
+      self.money_format = :cents
+
+      CURRENCY_CODES = {
+        'YTL' => 949,
+        'TRL' => 949,
+        'TL'  => 949,
+        'USD' => 840,
+        'EUR' => 978,
+        'GBP' => 826,
+        'JPY' => 392
+      }
+
+      def initialize(options = {})
+        requires!(options, :login, :password, :terminal_id, :merchant_id)
+        super
+      end
+
+      def purchase(money, credit_card, options = {})
+        options = options.merge(:gvp_order_type => 'sales')
+        commit(money, build_sale_request(money, credit_card, options))
+      end
+
+      def authorize(money, credit_card, options = {})
+        options = options.merge(:gvp_order_type => 'preauth')
+        commit(money, build_authorize_request(money, credit_card, options))
+      end
+
+      def capture(money, ref_id, options = {})
+        options = options.merge(:gvp_order_type => 'postauth')
+        commit(money, build_capture_request(money, ref_id, options))
+      end
+
+      private
+
+      def security_data
+        rjusted_terminal_id = @options[:terminal_id].to_s.rjust(9, '0')
+        Digest::SHA1.hexdigest(@options[:password].to_s + rjusted_terminal_id).upcase
+      end
+
+      def generate_hash_data(order_id, terminal_id, credit_card_number, amount, security_data)
+        data = [order_id, terminal_id, credit_card_number, amount, security_data].join
+        Digest::SHA1.hexdigest(data).upcase
+      end
+
+      def build_xml_request(money, credit_card, options, &block)
+        card_number = credit_card.respond_to?(:number) ? credit_card.number : ''
+        hash_data   = generate_hash_data(format_order_id(options[:order_id]), @options[:terminal_id], card_number, amount(money), security_data)
+
+        xml = Builder::XmlMarkup.new(:indent => 2)
+        xml.instruct! :xml, :version => '1.0', :encoding => 'UTF-8'
+
+        xml.tag! 'GVPSRequest' do
+          xml.tag! 'Mode', test? ? 'TEST' : 'PROD'
+          xml.tag! 'Version', 'V0.01'
+          xml.tag! 'Terminal' do
+            xml.tag! 'ProvUserID', 'PROVAUT'
+            xml.tag! 'HashData', hash_data
+            xml.tag! 'UserID', @options[:login]
+            xml.tag! 'ID', @options[:terminal_id]
+            xml.tag! 'MerchantID', @options[:merchant_id]
+          end
+
+          if block_given?
+            yield xml
+          else
+            xml.target!
+          end
+        end
+      end
+
+      def build_sale_request(money, credit_card, options)
+        build_xml_request(money, credit_card, options) do |xml|
+          add_customer_data(xml, options)
+          add_order_data(xml, options) do
+            add_addresses(xml, options)
+          end
+          add_credit_card(xml, credit_card)
+          add_transaction_data(xml, money, options)
+
+          xml.target!
+        end
+      end
+
+      def build_authorize_request(money, credit_card, options)
+        build_xml_request(money, credit_card, options) do |xml|
+          add_customer_data(xml, options)
+          add_order_data(xml, options)  do
+            add_addresses(xml, options)
+          end
+          add_credit_card(xml, credit_card)
+          add_transaction_data(xml, money, options)
+
+          xml.target!
+        end
+      end
+
+      def build_capture_request(money, ref_id, options)
+        options = options.merge(:order_id => ref_id)
+        build_xml_request(money, ref_id, options) do |xml|
+          add_customer_data(xml, options)
+          add_order_data(xml, options)
+          add_transaction_data(xml, money, options)
+
+          xml.target!
+        end
+      end
+
+      def add_customer_data(xml, options)
+        xml.tag! 'Customer' do
+          xml.tag! 'IPAddress', options[:ip] || '1.1.1.1'
+          xml.tag! 'EmailAddress', options[:email]
+        end
+      end
+
+      def add_order_data(xml, options, &block)
+        xml.tag! 'Order' do
+          xml.tag! 'OrderID', format_order_id(options[:order_id])
+          xml.tag! 'GroupID'
+
+          if block_given?
+            yield xml
+          end
+        end
+      end
+
+      def add_credit_card(xml, credit_card)
+        xml.tag! 'Card' do
+          xml.tag! 'Number', credit_card.number
+          xml.tag! 'ExpireDate', [format_exp(credit_card.month), format_exp(credit_card.year)].join
+          xml.tag! 'CVV2', credit_card.verification_value
+        end
+      end
+
+      def format_exp(value)
+        format(value, :two_digits)
+      end
+
+      # OrderId field must be A-Za-z0-9_ format and max 36 char
+      def format_order_id(order_id)
+        order_id.to_s.gsub(/[^A-Za-z0-9_]/, '')[0...36]
+      end
+
+      def add_addresses(xml, options)
+        xml.tag! 'AddressList' do
+          if billing_address = options[:billing_address] || options[:address]
+            xml.tag! 'Address' do
+              xml.tag! 'Type', 'B'
+              add_address(xml, billing_address)
+            end
+          end
+
+          if options[:shipping_address]
+            xml.tag! 'Address' do
+              xml.tag! 'Type', 'S'
+              add_address(xml, options[:shipping_address])
+            end
+          end
+        end
+      end
+
+      def add_address(xml, address)
+        xml.tag! 'Name', normalize(address[:name])
+        address_text = address[:address1]
+        address_text << " #{address[:address2]}" if address[:address2]
+        xml.tag! 'Text', normalize(address_text)
+        xml.tag! 'City', normalize(address[:city])
+        xml.tag! 'District', normalize(address[:state])
+        xml.tag! 'PostalCode', address[:zip]
+        xml.tag! 'Country', normalize(address[:country])
+        xml.tag! 'Company', normalize(address[:company])
+        xml.tag! 'PhoneNumber', address[:phone].to_s.gsub(/[^0-9]/, '') if address[:phone]
+      end
+
+      def normalize(text)
+        return unless text
+
+        if ActiveSupport::Inflector.method(:transliterate).arity == -2
+          ActiveSupport::Inflector.transliterate(text, '')
+        else
+          text.gsub(/[^\x00-\x7F]+/, '')
+        end
+      end
+
+      def add_transaction_data(xml, money, options)
+        xml.tag! 'Transaction' do
+          xml.tag! 'Type', options[:gvp_order_type]
+          xml.tag! 'Amount', amount(money)
+          xml.tag! 'CurrencyCode', currency_code(options[:currency] || currency(money))
+          xml.tag! 'CardholderPresentCode', 0
+        end
+      end
+
+      def currency_code(currency)
+        CURRENCY_CODES[currency] || CURRENCY_CODES[default_currency]
+      end
+
+      def commit(money, request)
+        url = test? ? self.test_url : self.live_url
+        raw_response = ssl_post(url, 'data=' + request)
+        response = parse(raw_response)
+
+        success = success?(response)
+
+        Response.new(success,
+          success ? 'Approved' : "Declined (Reason: #{response[:reason_code]} - #{response[:error_msg]} - #{response[:sys_err_msg]})",
+          response,
+          :test => test?,
+          :authorization => response[:order_id])
+      end
+
+      def parse(body)
+        xml = REXML::Document.new(strip_invalid_xml_chars(body))
+
+        response = {}
+        xml.root.elements.to_a.each do |node|
+          parse_element(response, node)
+        end
+        response
+      end
+
+      def parse_element(response, node)
+        if node.has_elements?
+          node.elements.each { |element| parse_element(response, element) }
+        else
+          response[node.name.underscore.to_sym] = node.text
+        end
+      end
+
+      def success?(response)
+        response[:message] == 'Approved'
+      end
+
+      def strip_invalid_xml_chars(xml)
+        xml.gsub(/&(?!(?:[a-z]+|#[0-9]+|x[a-zA-Z0-9]+);)/, '&amp;')
+      end
+
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/global_collect.rb

@@ -0,0 +1,336 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class GlobalCollectGateway < Gateway
+      self.display_name = 'GlobalCollect'
+      self.homepage_url = 'http://www.globalcollect.com/'
+
+      self.test_url = 'https://eu.sandbox.api-ingenico.com'
+      self.live_url = 'https://api.globalcollect.com'
+
+      self.supported_countries = ['AD', 'AE', 'AG', 'AI', 'AL', 'AM', 'AO', 'AR', 'AS', 'AT', 'AU', 'AW', 'AX', 'AZ', 'BA', 'BB', 'BD', 'BE', 'BF', 'BG', 'BH', 'BI', 'BJ', 'BL', 'BM', 'BN', 'BO', 'BQ', 'BR', 'BS', 'BT', 'BW', 'BY', 'BZ', 'CA', 'CC', 'CD', 'CF', 'CH', 'CI', 'CK', 'CL', 'CM', 'CN', 'CO', 'CR', 'CU', 'CV', 'CW', 'CX', 'CY', 'CZ', 'DE', 'DJ', 'DK', 'DM', 'DO', 'DZ', 'EC', 'EE', 'EG', 'ER', 'ES', 'ET', 'FI', 'FJ', 'FK', 'FM', 'FO', 'FR', 'GA', 'GB', 'GD', 'GE', 'GF', 'GH', 'GI', 'GL', 'GM', 'GN', 'GP', 'GQ', 'GR', 'GS', 'GT', 'GU', 'GW', 'GY', 'HK', 'HN', 'HR', 'HT', 'HU', 'ID', 'IE', 'IL', 'IM', 'IN', 'IS', 'IT', 'JM', 'JO', 'JP', 'KE', 'KG', 'KH', 'KI', 'KM', 'KN', 'KR', 'KW', 'KY', 'KZ', 'LA', 'LB', 'LC', 'LI', 'LK', 'LR', 'LS', 'LT', 'LU', 'LV', 'MA', 'MC', 'MD', 'ME', 'MF', 'MG', 'MH', 'MK', 'MM', 'MN', 'MO', 'MP', 'MQ', 'MR', 'MS', 'MT', 'MU', 'MV', 'MW', 'MX', 'MY', 'MZ', 'NA', 'NC', 'NE', 'NG', 'NI', 'NL', 'NO', 'NP', 'NR', 'NU', 'NZ', 'OM', 'PA', 'PE', 'PF', 'PG', 'PH', 'PL', 'PN', 'PS', 'PT', 'PW', 'QA', 'RE', 'RO', 'RS', 'RU', 'RW', 'SA', 'SB', 'SC', 'SE', 'SG', 'SH', 'SI', 'SJ', 'SK', 'SL', 'SM', 'SN', 'SR', 'ST', 'SV', 'SZ', 'TC', 'TD', 'TG', 'TH', 'TJ', 'TL', 'TM', 'TN', 'TO', 'TR', 'TT', 'TV', 'TW', 'TZ', 'UA', 'UG', 'US', 'UY', 'UZ', 'VC', 'VE', 'VG', 'VI', 'VN', 'WF', 'WS', 'ZA', 'ZM', 'ZW']
+      self.default_currency = 'USD'
+      self.money_format = :cents
+      self.supported_cardtypes = [:visa, :master, :american_express, :discover, :naranja, :cabal]
+
+      def initialize(options={})
+        requires!(options, :merchant_id, :api_key_id, :secret_api_key)
+        super
+      end
+
+      def purchase(money, payment, options={})
+        MultiResponse.run do |r|
+          r.process { authorize(money, payment, options) }
+          r.process { capture(money, r.authorization, options) } unless capture_requested?(r)
+        end
+      end
+
+      def authorize(money, payment, options={})
+        post = nestable_hash
+        add_order(post, money, options)
+        add_payment(post, payment, options)
+        add_customer_data(post, options, payment)
+        add_address(post, payment, options)
+        add_creator_info(post, options)
+        add_fraud_fields(post, options)
+
+        commit(:authorize, post)
+      end
+
+      def capture(money, authorization, options={})
+        post = nestable_hash
+        add_order(post, money, options, capture: true)
+        add_customer_data(post, options)
+        add_creator_info(post, options)
+        commit(:capture, post, authorization)
+      end
+
+      def refund(money, authorization, options={})
+        post = nestable_hash
+        add_amount(post, money, options)
+        add_refund_customer_data(post, options)
+        add_creator_info(post, options)
+        commit(:refund, post, authorization)
+      end
+
+      def void(authorization, options={})
+        post = nestable_hash
+        add_creator_info(post, options)
+        commit(:void, post, authorization)
+      end
+
+      def verify(payment, options={})
+        MultiResponse.run(:use_first_response) do |r|
+          r.process { authorize(100, payment, options) }
+          r.process { void(r.authorization, options) }
+        end
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((Authorization: )[^\\]*)i, '\1[FILTERED]').
+          gsub(%r(("cardNumber\\+":\\+")\d+), '\1[FILTERED]').
+          gsub(%r(("cvv\\+":\\+")\d+), '\1[FILTERED]')
+      end
+
+      private
+
+      BRAND_MAP = {
+        'visa' => '1',
+        'american_express' => '2',
+        'master' => '3',
+        'discover' => '128',
+        'jcb' => '125',
+        'diners_club' => '132'
+      }
+
+      def add_order(post, money, options, capture: false)
+        if capture
+          post['amount'] = amount(money)
+        else
+          add_amount(post['order'], money, options)
+        end
+        post['order']['references'] = {
+          'merchantReference' => options[:order_id],
+          'descriptor' => options[:description] # Max 256 chars
+        }
+        post['order']['references']['invoiceData'] = {
+          'invoiceNumber' => options[:invoice]
+        }
+      end
+
+      def add_creator_info(post, options)
+        post['sdkIdentifier'] = options[:sdk_identifier] if options[:sdk_identifier]
+        post['sdkCreator'] = options[:sdk_creator] if options[:sdk_creator]
+        post['integrator'] = options[:integrator] if options[:integrator]
+        post['shoppingCartExtension'] = {}
+        post['shoppingCartExtension']['creator'] = options[:creator] if options[:creator]
+        post['shoppingCartExtension']['name'] = options[:name] if options[:name]
+        post['shoppingCartExtension']['version'] = options[:version] if options[:version]
+        post['shoppingCartExtension']['extensionID'] = options[:extension_ID] if options[:extension_ID]
+      end
+
+      def add_amount(post, money, options={})
+        post['amountOfMoney'] = {
+          'amount' => amount(money),
+          'currencyCode' => options[:currency] || currency(money)
+        }
+      end
+
+      def add_payment(post, payment, options)
+        year  = format(payment.year, :two_digits)
+        month = format(payment.month, :two_digits)
+        expirydate =   "#{month}#{year}"
+        pre_authorization = options[:pre_authorization] ? 'PRE_AUTHORIZATION' : 'FINAL_AUTHORIZATION'
+
+        post['cardPaymentMethodSpecificInput'] = {
+            'paymentProductId' => BRAND_MAP[payment.brand],
+            'skipAuthentication' => 'true', # refers to 3DSecure
+            'skipFraudService' => 'true',
+            'authorizationMode' => pre_authorization
+        }
+        post['cardPaymentMethodSpecificInput']['card'] = {
+            'cvv' => payment.verification_value,
+            'cardNumber' => payment.number,
+            'expiryDate' => expirydate,
+            'cardholderName' => payment.name
+        }
+      end
+
+      def add_customer_data(post, options, payment = nil)
+        if payment
+          post['order']['customer']['personalInformation']['name']['firstName'] = payment.first_name[0..14] if payment.first_name
+          post['order']['customer']['personalInformation']['name']['surname'] = payment.last_name[0..69] if payment.last_name
+        end
+        post['order']['customer']['merchantCustomerId'] = options[:customer] if options[:customer]
+        post['order']['customer']['companyInformation']['name'] = options[:company] if options[:company]
+        post['order']['customer']['contactDetails']['emailAddress'] = options[:email] if options[:email]
+        if address = options[:billing_address] || options[:address]
+          post['order']['customer']['contactDetails']['phoneNumber'] = address[:phone] if address[:phone]
+        end
+      end
+
+      def add_refund_customer_data(post, options)
+        if address = options[:billing_address] || options[:address]
+          post['customer']['address'] = {
+            'countryCode' => address[:country]
+          }
+          post['customer']['contactDetails']['emailAddress'] = options[:email] if options[:email]
+          if address = options[:billing_address] || options[:address]
+            post['customer']['contactDetails']['phoneNumber'] = address[:phone] if address[:phone]
+          end
+        end
+      end
+
+      def add_address(post, creditcard, options)
+        shipping_address = options[:shipping_address]
+        if billing_address = options[:billing_address] || options[:address]
+          post['order']['customer']['billingAddress'] = {
+            'street' => billing_address[:address1],
+            'additionalInfo' => billing_address[:address2],
+            'zip' => billing_address[:zip],
+            'city' => billing_address[:city],
+            'state' => billing_address[:state],
+            'countryCode' => billing_address[:country]
+          }
+        end
+        if shipping_address
+          post['order']['customer']['shippingAddress'] = {
+            'street' => shipping_address[:address1],
+            'additionalInfo' => shipping_address[:address2],
+            'zip' => shipping_address[:zip],
+            'city' => shipping_address[:city],
+            'state' => shipping_address[:state],
+            'countryCode' => shipping_address[:country]
+          }
+          post['order']['customer']['shippingAddress']['name'] = {
+            'firstName' => shipping_address[:firstname],
+            'surname' => shipping_address[:lastname]
+          }
+        end
+      end
+
+      def add_fraud_fields(post, options)
+        fraud_fields = {}
+        fraud_fields.merge!(options[:fraud_fields]) if options[:fraud_fields]
+        fraud_fields[:customerIpAddress] = options[:ip] if options[:ip]
+
+        post['fraudFields'] = fraud_fields unless fraud_fields.empty?
+      end
+
+      def parse(body)
+        JSON.parse(body)
+      end
+
+      def url(action, authorization)
+        (test? ? test_url : live_url) + uri(action, authorization)
+      end
+
+      def uri(action, authorization)
+        uri = "/v1/#{@options[:merchant_id]}/"
+        case action
+        when :authorize
+          uri + 'payments'
+        when :capture
+          uri + "payments/#{authorization}/approve"
+        when :refund
+          uri + "payments/#{authorization}/refund"
+        when :void
+          uri + "payments/#{authorization}/cancel"
+        end
+      end
+
+      def commit(action, post, authorization = nil)
+        begin
+          raw_response = ssl_post(url(action, authorization), post.to_json, headers(action, post, authorization))
+          response = parse(raw_response)
+        rescue ResponseError => e
+          if e.response.code.to_i >= 400
+            response = parse(e.response.body)
+          end
+        rescue JSON::ParserError
+          response = json_error(raw_response)
+        end
+
+        succeeded = success_from(response)
+        Response.new(
+          succeeded,
+          message_from(succeeded, response),
+          response,
+          authorization: authorization_from(succeeded, response),
+          error_code: error_code_from(succeeded, response),
+          test: test?
+        )
+      end
+
+      def json_error(raw_response)
+        {
+          'error_message' => 'Invalid response received from the Ingenico ePayments (formerly GlobalCollect) API.  Please contact Ingenico ePayments if you continue to receive this message.' \
+            "  (The raw response returned by the API was #{raw_response.inspect})",
+          'status' => 'REJECTED'
+        }
+      end
+
+      def headers(action, post, authorization = nil)
+        {
+          'Content-Type'  => content_type,
+          'Authorization' => auth_digest(action, post, authorization),
+          'Date' => date
+        }
+      end
+
+      def auth_digest(action, post, authorization = nil)
+        data = <<-EOS
+POST
+#{content_type}
+#{date}
+#{uri(action, authorization)}
+EOS
+        digest = OpenSSL::Digest.new('sha256')
+        key = @options[:secret_api_key]
+        "GCS v1HMAC:#{@options[:api_key_id]}:#{Base64.strict_encode64(OpenSSL::HMAC.digest(digest, key, data))}"
+      end
+
+      def date
+        @date ||= Time.now.strftime('%a, %d %b %Y %H:%M:%S %Z') # Must be same in digest and HTTP header
+      end
+
+      def content_type
+        'application/json'
+      end
+
+      def success_from(response)
+        !response['errorId'] && response['status'] != 'REJECTED'
+      end
+
+      def message_from(succeeded, response)
+        if succeeded
+          'Succeeded'
+        else
+          if errors = response['errors']
+            errors.first.try(:[], 'message')
+          elsif response['error_message']
+            response['error_message']
+          elsif response['status']
+            'Status: ' + response['status']
+          else
+            'No message available'
+          end
+        end
+      end
+
+      def authorization_from(succeeded, response)
+        if succeeded
+          response['id'] || response['payment']['id'] || response['paymentResult']['payment']['id']
+        elsif response['errorId']
+          response['errorId']
+        else
+          'GATEWAY ERROR'
+        end
+      end
+
+      def error_code_from(succeeded, response)
+        unless succeeded
+          if errors = response['errors']
+            errors.first.try(:[], 'code')
+          elsif status = response.try(:[], 'statusOutput').try(:[], 'statusCode')
+            status.to_s
+          else
+            'No error code available'
+          end
+        end
+      end
+
+      def nestable_hash
+        Hash.new { |h, k| h[k] = Hash.new(&h.default_proc) }
+      end
+
+      def capture_requested?(response)
+        response.params.try(:[], 'payment').try(:[], 'status') == 'CAPTURE_REQUESTED'
+      end
+    end
+  end
+end