activemerchant-nsp 1.27.0

data/lib/active_merchant/billing/gateways/orbital.rb

@@ -0,0 +1,351 @@
+require File.dirname(__FILE__) + '/orbital/orbital_soft_descriptors.rb'
+require "rexml/document"
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    # For more information on Orbital, visit the {integration center}[http://download.chasepaymentech.com]
+    #     
+    # ==== Authentication Options
+    # 
+    # The Orbital Gateway supports two methods of authenticating incoming requests:
+    # Source IP authentication and Connection Username/Password authentication
+    # 
+    # In addition, these IP addresses/Connection Usernames must be affiliated with the Merchant IDs 
+    # for which the client should be submitting transactions.
+    # 
+    # This does allow Third Party Hosting service organizations presenting on behalf of other 
+    # merchants to submit transactions.  However, each time a new customer is added, the 
+    # merchant or Third-Party hosting organization needs to ensure that the new Merchant IDs 
+    # or Chain IDs are affiliated with the hosting companies IPs or Connection Usernames.
+    # 
+    # If the merchant expects to have more than one merchant account with the Orbital 
+    # Gateway, it should have its IP addresses/Connection Usernames affiliated at the Chain 
+    # level hierarchy within the Orbital Gateway.  Each time a new merchant ID is added, as
+    # long as it is placed within the same Chain, it will simply work.  Otherwise, the additional 
+    # MIDs will need to be affiliated with the merchant IPs or Connection Usernames respectively.
+    # For example, we generally affiliate all Salem accounts [BIN 000001] with 
+    # their Company Number [formerly called MA #] number so all MIDs or Divisions under that 
+    # Company will automatically be affiliated.
+    
+    class OrbitalGateway < Gateway
+      API_VERSION = "4.6"
+      
+      POST_HEADERS = {
+        "MIME-Version" => "1.0",
+        "Content-Type" => "Application/PTI46",
+        "Content-transfer-encoding" => "text",
+        "Request-number" => '1',
+        "Document-type" => "Request",
+        "Interface-Version" => "Ruby|ActiveMerchant|Proprietary Gateway"
+      }
+      
+      SUCCESS, APPROVED = '0', '00'
+      
+      class_attribute :secondary_test_url, :secondary_live_url
+      
+      self.test_url = "https://orbitalvar1.paymentech.net/authorize"
+      self.secondary_test_url = "https://orbitalvar2.paymentech.net/authorize"
+      
+      self.live_url = "https://orbital1.paymentech.net/authorize"
+      self.secondary_live_url = "https://orbital2.paymentech.net/authorize"
+      
+      self.supported_countries = ["US", "CA"]
+      self.default_currency = "CAD"
+      self.supported_cardtypes = [:visa, :master, :american_express, :discover, :diners_club, :jcb]
+      
+      self.display_name = 'Orbital Paymentech'
+      self.homepage_url = 'http://chasepaymentech.com/'
+      
+      self.money_format = :cents
+            
+      CURRENCY_CODES = { 
+        "AUD" => '036',
+        "CAD" => '124',
+        "CZK" => '203',
+        "DKK" => '208',
+        "HKD" => '344',
+        "ICK" => '352',
+        "JPY" => '392',
+        "MXN" => '484',
+        "NZD" => '554',
+        "NOK" => '578',
+        "SGD" => '702',
+        "SEK" => '752',
+        "CHF" => '756',
+        "GBP" => '826',
+        "USD" => '840',
+        "EUR" => '978'
+      }
+
+      AVS_SUPPORTED_COUNTRIES = ['US', 'CA', 'UK', 'GB']
+
+      def initialize(options = {})
+        requires!(options, :merchant_id)
+        requires!(options, :login, :password) unless options[:ip_authentication]
+        @options = options
+        super
+      end
+      
+      # A – Authorization request
+      def authorize(money, creditcard, options = {})
+        order = build_new_order_xml('A', money, options) do |xml|
+          add_creditcard(xml, creditcard, options[:currency])        
+          add_address(xml, creditcard, options)   
+        end
+        commit(order)
+      end
+      
+      # AC – Authorization and Capture
+      def purchase(money, creditcard, options = {})
+        order = build_new_order_xml('AC', money, options) do |xml|
+          add_creditcard(xml, creditcard, options[:currency])
+          add_address(xml, creditcard, options)   
+        end
+        commit(order)
+      end                       
+      
+      # MFC - Mark For Capture
+      def capture(money, authorization, options = {})
+        commit(build_mark_for_capture_xml(money, authorization, options))
+      end
+      
+      # R – Refund request
+      def refund(money, authorization, options = {})
+        order = build_new_order_xml('R', money, options.merge(:authorization => authorization)) do |xml|
+          add_refund(xml, options[:currency])
+        end
+        commit(order)
+      end
+
+      def credit(money, authorization, options= {})
+        deprecated CREDIT_DEPRECATION_MESSAGE
+        refund(money, authorization, options)
+      end
+      
+      # setting money to nil will perform a full void
+      def void(authorization, options = {})
+        order = build_void_request_xml(authorization, options)
+        commit(order)
+      end
+    
+      private                       
+            
+      def add_customer_data(xml, options)
+        if options[:customer_ref_num]
+          xml.tag! :CustomerProfileFromOrderInd, 'S'
+          xml.tag! :CustomerRefNum, options[:customer_ref_num]
+        else
+          xml.tag! :CustomerProfileFromOrderInd, 'A'
+        end
+      end
+      
+      def add_soft_descriptors(xml, soft_desc)
+        xml.tag! :SDMerchantName, soft_desc.merchant_name
+        xml.tag! :SDProductDescription, soft_desc.product_description
+        xml.tag! :SDMerchantCity, soft_desc.merchant_city
+        xml.tag! :SDMerchantPhone, soft_desc.merchant_phone
+        xml.tag! :SDMerchantURL, soft_desc.merchant_url
+        xml.tag! :SDMerchantEmail, soft_desc.merchant_email
+      end
+
+      def add_address(xml, creditcard, options)
+        if address = options[:billing_address] || options[:address]
+          avs_supported = AVS_SUPPORTED_COUNTRIES.include?(address[:country].to_s)
+
+          if avs_supported
+            xml.tag! :AVSzip, address[:zip]
+            xml.tag! :AVSaddress1, address[:address1]
+            xml.tag! :AVSaddress2, address[:address2]
+            xml.tag! :AVScity, address[:city]
+            xml.tag! :AVSstate, address[:state]
+            xml.tag! :AVSphoneNum, address[:phone] ? address[:phone].scan(/\d/).join.to_s : nil
+          end
+          xml.tag! :AVSname, creditcard.name
+          xml.tag! :AVScountryCode, avs_supported ? address[:country] : ''
+        end
+      end
+
+      def add_creditcard(xml, creditcard, currency=nil)
+        xml.tag! :AccountNum, creditcard.number
+        xml.tag! :Exp, expiry_date(creditcard)
+        
+        xml.tag! :CurrencyCode, currency_code(currency)
+        xml.tag! :CurrencyExponent, '2' # Will need updating to support currencies such as the Yen.
+        
+        xml.tag! :CardSecValInd, 1 if creditcard.verification_value? && %w( visa discover ).include?(creditcard.brand)
+        xml.tag! :CardSecVal,  creditcard.verification_value if creditcard.verification_value?
+      end
+      
+      def add_refund(xml, currency=nil)
+        xml.tag! :AccountNum, nil
+        
+        xml.tag! :CurrencyCode, currency_code(currency)
+        xml.tag! :CurrencyExponent, '2' # Will need updating to support currencies such as the Yen.
+      end
+      
+
+      def parse(body)
+        response = {}
+        xml = REXML::Document.new(body)
+        root = REXML::XPath.first(xml, "//Response") ||
+               REXML::XPath.first(xml, "//ErrorResponse")
+        if root
+          root.elements.to_a.each do |node|
+            recurring_parse_element(response, node)
+          end
+        end
+        response
+      end     
+      
+      def recurring_parse_element(response, node)
+        if node.has_elements?
+          node.elements.each{|e| recurring_parse_element(response, e) }
+        else
+          response[node.name.underscore.to_sym] = node.text
+        end
+      end
+      
+      def commit(order)
+        headers = POST_HEADERS.merge("Content-length" => order.size.to_s)
+        request = lambda {return parse(ssl_post(remote_url, order, headers))}
+        
+        # Failover URL will be used in the event of a connection error
+        begin response = request.call; rescue ConnectionError; retry end
+        
+        Response.new(success?(response), message_from(response), response,
+          {:authorization => "#{response[:tx_ref_num]};#{response[:order_id]}",
+           :test => self.test?,
+           :avs_result => {:code => response[:avs_resp_code]},
+           :cvv_result => response[:cvv2_resp_code]
+          }
+        )
+      end
+      
+      def remote_url
+        unless $!.class == ActiveMerchant::ConnectionError
+          self.test? ? self.test_url : self.live_url
+        else
+          self.test? ? self.secondary_test_url : self.secondary_live_url
+        end
+      end
+
+      def success?(response)
+        if response[:message_type].nil? || response[:message_type] == "R"
+          response[:proc_status] == SUCCESS
+        else
+          response[:proc_status] == SUCCESS &&
+            response[:resp_code] == APPROVED
+        end
+      end
+      
+      def message_from(response)
+        success?(response) ? 'APPROVED' : response[:resp_msg] || response[:status_msg]
+      end
+      
+      def ip_authentication?
+        @options[:ip_authentication] == true
+      end
+
+      def build_new_order_xml(action, money, parameters = {})
+        requires!(parameters, :order_id)
+        xml = xml_envelope
+        xml.tag! :Request do
+          xml.tag! :NewOrder do
+            add_xml_credentials(xml)
+            xml.tag! :IndustryType, parameters[:industry_type] || "EC"
+            xml.tag! :MessageType, action
+            add_bin_merchant_and_terminal(xml, parameters)
+            
+            yield xml if block_given?
+            
+            xml.tag! :Comments, parameters[:comments] if parameters[:comments]
+            xml.tag! :OrderID, format_order_id(parameters[:order_id])
+            xml.tag! :Amount, amount(money)
+            
+            # Append Transaction Reference Number at the end for Refund transactions
+            if action == "R"
+              tx_ref_num, _ = parameters[:authorization].split(';')
+              xml.tag! :TxRefNum, tx_ref_num
+            end
+          end
+        end
+        xml.target!
+      end
+      
+      def build_mark_for_capture_xml(money, authorization, parameters = {})
+        tx_ref_num, order_id = authorization.split(';')
+        xml = xml_envelope
+        xml.tag! :Request do
+          xml.tag! :MarkForCapture do
+            add_xml_credentials(xml)
+            xml.tag! :OrderID, order_id
+            xml.tag! :Amount, amount(money)
+            add_bin_merchant_and_terminal(xml, parameters)
+            xml.tag! :TxRefNum, tx_ref_num
+          end
+        end
+        xml.target!
+      end
+      
+      def build_void_request_xml(authorization, parameters = {})
+        tx_ref_num, order_id = authorization.split(';')
+        xml = xml_envelope
+        xml.tag! :Request do
+          xml.tag! :Reversal do
+            add_xml_credentials(xml)
+            xml.tag! :TxRefNum, tx_ref_num
+            xml.tag! :TxRefIdx, parameters[:transaction_index]
+            xml.tag! :OrderID, order_id
+            add_bin_merchant_and_terminal(xml, parameters)
+          end
+        end
+        xml.target!
+      end
+      
+      def currency_code(currency)
+        CURRENCY_CODES[(currency || self.default_currency)].to_s
+      end
+      
+      def expiry_date(credit_card)
+        "#{format(credit_card.month, :two_digits)}#{format(credit_card.year, :two_digits)}"
+      end
+
+      def bin
+        @options[:bin] || (salem_mid? ? '000001' : '000002')
+      end
+
+      def xml_envelope
+        xml = Builder::XmlMarkup.new(:indent => 2)
+        xml.instruct!(:xml, :version => '1.0', :encoding => 'UTF-8')
+        xml
+      end
+
+      def add_xml_credentials(xml)
+        xml.tag! :OrbitalConnectionUsername, @options[:login] unless ip_authentication?
+        xml.tag! :OrbitalConnectionPassword, @options[:password] unless ip_authentication?
+      end
+
+      def add_bin_merchant_and_terminal(xml, parameters)
+        xml.tag! :BIN, bin
+        xml.tag! :MerchantID, @options[:merchant_id]
+        xml.tag! :TerminalID, parameters[:terminal_id] || '001'
+      end
+
+      def salem_mid?
+        @options[:merchant_id].length == 6
+      end
+
+      # The valid characters include:
+      #
+      # 1. all letters and digits
+      # 2. - , $ @ & and a space character, though the space character cannot be the leading character
+      # 3. PINless Debit transactions can only use uppercase and lowercase alpha (A-Z, a-z) and numeric (0-9)
+      def format_order_id(order_id)
+        illegal_characters = /[^,$@\- \w]/
+        order_id = order_id.to_s.gsub(/\./, '-')
+        order_id.gsub!(illegal_characters, '')
+        order_id[0...22]
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/orbital/orbital_soft_descriptors.rb

@@ -0,0 +1,46 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class OrbitalSoftDescriptors
+      include Validateable
+      
+      PHONE_FORMAT_1 = /\A\d{3}-\d{3}-\d{4}\z/
+      PHONE_FORMAT_2 = /\A\d{3}-\w{7}\z/
+      
+      # ==== Tampa PNS Soft Descriptors
+      # The support for Soft Descriptors via the PNS Host is only for customers processing through Chase 
+      # Paymentech Canada. 
+
+      # Unlike Salem, the only value that gets passed on the cardholder statement is the Merchant Name field.  
+      # And for these customers, it is a maximum of 25 bytes of data. 
+      # 
+      # All other Soft Descriptor fields can optionally be sent, but will not be submitted to the settlement host 
+      # and will not display on the cardholder statement.
+      
+      attr_accessor :merchant_name, :product_description, :merchant_city, :merchant_phone, :merchant_url, :merchant_email
+      
+      def initialize(options = {})
+        self.merchant_name = options[:merchant_name]
+        self.merchant_city = options[:merchant_city]
+        self.merchant_phone = options[:merchant_phone]
+        self.merchant_url = options[:merchant_url]
+        self.merchant_email = options[:merchant_email]
+      end
+      
+      def validate
+        errors.add(:merchant_name, "is required") if self.merchant_name.blank?
+        errors.add(:merchant_name, "is required to be 25 bytes or less") if self.merchant_name.bytesize > 25
+        
+        unless self.merchant_phone.blank? || self.merchant_phone.match(PHONE_FORMAT_1) || self.merchant_phone.match(PHONE_FORMAT_2)
+          errors.add(:merchant_phone, "is required to follow \"NNN-NNN-NNNN\" or \"NNN-AAAAAAA\" format")
+        end
+        
+        [:merchant_email, :merchant_url].each do |attr|
+          unless self.send(attr).blank?
+            errors.add(attr, "is required to be 13 bytes or less") if self.send(attr).bytesize > 13
+          end
+        end
+      end
+      
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/pay_gate_xml.rb

@@ -0,0 +1,266 @@
+require 'digest/md5'
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    # This gateway accepts the following arguments:
+    #   :login    => your PayJunction username
+    #   :password => your PayJunction pass
+    # Example use:
+    #
+    #   gateway = ActiveMerchant::Billing::Base.gateway(:pay_gate_xml).new(
+    #               :login => "my_account",
+    #               :password => "my_pass"
+    #            )
+    #
+    #   # set up credit card obj as in main ActiveMerchant example
+    #   creditcard = ActiveMerchant::Billing::CreditCard.new(
+    #     :type       => 'visa',
+    #     :number     => '4242424242424242',
+    #     :month      => 8,
+    #     :year       => 2009,
+    #     :first_name => 'Bob',
+    #     :last_name  => 'Bobsen'
+    #   )
+    #
+    #   # run request
+    #   response = gateway.purchase(1000, creditcard) # charge 10 dollars
+    #
+    # 1) Check whether the transaction was successful
+    #
+    #   response.success?
+    #
+    # 2) Retrieve the message returned by PayJunction
+    #
+    #   response.message
+    #
+    # 3) Retrieve the unique transaction ID returned by PayGateXML
+    #
+    #   response.authorization
+    #
+    # This gateway has many other features which are not implemented here yet
+    # The basic setup here only supports auth/capture transactions.
+    #
+    # Test Transactions
+    #
+    # PayGateXML has a global test user/pass, but you can also sign up for your own.
+    # The class and the test come equipped with the global test creds
+    #
+    # Usage Details
+    #
+    # Below is a map of only SOME of the values accepted by PayGateXML and how you should submit
+    # each to ActiveMerchant
+    #
+    # PayGateXML Field        ActiveMerchant Use
+    #
+    # pgid                    use :login value to gateway instantation
+    # pwd                     use :password value to gateway instantiation
+    #
+    # cname                   credit_card.name
+    # cc                      credit_card.number
+    # exp                     credit_card values formatted to YYYYMMDD
+    # budp                    South Africa only - set to 0 if purchase is not on budget
+    # amt                     include as argument to method for your transaction type
+    # ver                     do nothing, always set to current API version
+    #
+    # cref                    provide as :invoice in options, varchar(80)
+    # cur                     3 char field, currently only ZAR
+    # cvv                     credit_card.verification
+    # bno                     batch processing number, i.e. you supply this
+    #
+    # others -- not used in this implementation
+    # nurl, rurl - must remain blank or absent or they will use an alternative authentication mechanism
+    # email, ip  - must remain blank or absent or they will use a PayGate extra service call PayProtector
+    # threed     - must remain blank unless you are using your own 3D Secure server
+    #
+    class PayGateXmlGateway < Gateway
+      self.live_url = 'https://www.paygate.co.za/payxml/process.trans'
+
+      # The countries the gateway supports merchants from as 2 digit ISO country codes
+      self.supported_countries = ['US', 'ZA']
+
+      # The card types supported by the payment gateway
+      self.supported_cardtypes = [:visa, :master, :american_express, :diners_club]
+
+      # The homepage URL of the gateway
+      self.homepage_url = 'http://paygate.co.za/'
+
+      # The name of the gateway
+      self.display_name = 'PayGate PayXML'
+
+      # PayGate only supports Rands
+      self.default_currency = 'ZAR'
+
+      # PayGate accepts only lowest denomination
+      self.money_format = :cents
+
+      # PayGateXML public test account - you can get a private one too
+      TEST_ID_3DSECURE  = '10011013800'
+      TEST_ID           = '10011021600'
+      TEST_PWD          = 'test'
+
+      API_VERSION = '4.0'
+
+      DECLINE_CODES = {
+        # Credit Card Errors - These RESULT_CODEs are returned if the transaction cannot be authorized due to a problem with the card.  The TRANSACTION_STATUS will be 2
+        900001  => "Call for Approval",
+        900002  => "Card Expired",
+        900003  => "Insufficient Funds",
+        900004  => "Invalid Card Number",
+        900005  => "Bank Interface Timeout",  # indicates a communications failure between the banks systems
+        900006  => "Invalid Card",
+        900007  => "Declined",
+        900009  => "Lost Card",
+        900010  => "Invalid Card Length",
+        900011  => "Suspected Fraud",
+        900012  => "Card Reported As Stolen",
+        900013  => "Restricted Card",
+        900014  => "Excessive Card Usage",
+        900015  => "Card Blacklisted",
+
+        900207  => "Declined; authentication failed",  # indicates the cardholder did not enter their MasterCard SecureCode / Verified by Visa password correctly
+
+        990020  => "Auth Declined",
+
+        991001  => "Invalid expiry date",
+        991002  => "Invalid amount",
+
+        # Communication Errors - These RESULT_CODEs are returned if the transaction cannot be completed due to an unexpected error.  TRANSACTION_STATUS will be 0.
+        900205  => "Unexpected authentication result (phase 1)",
+        900206  => "Unexpected authentication result (phase 1)",
+
+        990001  => "Could not insert into Database",
+
+        990022  => "Bank not available",
+
+        990053  => "Error processing transaction",
+
+        # Miscellaneous - Unless otherwise noted, the TRANSACTION_STATUS will be 0.
+        900209  => "Transaction verification failed (phase 2)",  # Indicates the verification data returned from MasterCard SecureCode / Verified by Visa has been altered
+        900210  => "Authentication complete; transaction must be restarted",  # Indicates that the MasterCard SecuerCode / Verified by Visa transaction has already been completed.  Most likely caused by the customer clicking the refresh button
+
+        990024  => "Duplicate Transaction Detected.  Please check before submitting",
+
+        990028  => "Transaction cancelled"  # Customer clicks the 'Cancel' button on the payment page
+      }
+
+      SUCCESS_CODES = %w( 990004 990005 990017 990012 990018 990031 )
+
+      TRANSACTION_CODES = {
+        0 => 'Not Done',
+        1 => 'Approved',
+        2 => 'Declined',
+        3 => 'Paid',
+        4 => 'Refunded',
+        5 => 'Received by PayGate',
+        6 => 'Replied to Client'
+      }
+
+      def initialize(options = {})
+        requires!(options, :login, :password)
+        @options = options
+        super
+      end
+
+      def purchase(money, creditcard, options = {})
+        MultiResponse.new.tap do |r|
+          r.process{authorize(money, creditcard, options)}
+          r.process{capture(money, r.authorization, options)}
+        end
+      end
+
+      def authorize(money, creditcard, options = {})
+        action = 'authtx'
+
+        options.merge!(:money => money, :creditcard => creditcard)
+        commit(action, build_request(action, options))
+      end
+
+      def capture(money, authorization, options = {})
+        action = 'settletx'
+
+        options.merge!(:money => money, :authorization => authorization)
+        commit(action, build_request(action, options))
+      end
+
+      def test?
+        @options[:test] || (Base.gateway_mode == :test)
+      end
+
+      private
+
+      def successful?(response)
+        SUCCESS_CODES.include?(response[:res])
+      end
+
+      def build_request(action, options={})
+        xml = Builder::XmlMarkup.new
+        xml.instruct!
+
+        xml.tag! 'protocol', :ver => API_VERSION, :pgid => (test? ? TEST_ID : @options[:login]), :pwd => @options[:password] do |protocol|
+          case action
+            when 'authtx'
+              money       = options.delete(:money)
+              creditcard  = options.delete(:creditcard)
+              build_authorization(protocol, money, creditcard, options)
+            when 'settletx'
+              money           = options.delete(:money)
+              authorization   = options.delete(:authorization)
+              build_capture(protocol, money, authorization, options)
+          else
+            raise "no action specified for build_request"
+          end
+        end
+
+        xml.target!
+      end
+
+      def build_authorization(xml, money, creditcard, options={})
+        xml.tag! 'authtx', {
+          :cref  => options[:order_id],
+          :cname => creditcard.name,
+          :cc    => creditcard.number,
+          :exp   => "#{format(creditcard.month, :two_digits)}#{format(creditcard.year, :four_digits)}",
+          :budp  => 0,
+          :amt   => amount(money),
+          :cur   => (options[:currency] || currency(money)),
+          :cvv   => creditcard.verification_value
+        }
+      end
+
+      def build_capture(xml, money, authorization, options={})
+        xml.tag! 'settletx', {
+          :tid => authorization
+        }
+      end
+
+      def parse(action, body)
+        hash  = {}
+        xml   = REXML::Document.new(body)
+
+        response_action = action.gsub(/tx/, 'rx')
+        root  = REXML::XPath.first(xml.root, response_action)
+        # we might have gotten an error
+        if root.nil?
+          root  = REXML::XPath.first(xml.root, 'errorrx')
+        end
+        root.attributes.each do |name, value|
+          hash[name.to_sym] = value
+        end
+        hash
+      end
+
+      def commit(action, request)
+        response = parse(action, ssl_post(self.live_url, request))
+        Response.new(successful?(response), message_from(response), response,
+          :test           => test?,
+          :authorization  => response[:tid]
+        )
+      end
+
+      def message_from(response)
+        (response[:rdesc] || response[:edesc])
+      end
+    end
+  end
+end
+