activemerchant 1.100.0 → 1.101.0

data/lib/active_merchant/billing/gateways/ncr_secure_pay.rb

@@ -156,9 +156,7 @@ module ActiveMerchant #:nodoc:
       end
 
       def error_code_from(response)
-        unless success_from(response)
-          response[:msoft_code] || response[:phard_code]
-        end
+        response[:msoft_code] || response[:phard_code] unless success_from(response)
       end
     end
   end

data/lib/active_merchant/billing/gateways/netbanx.rb

@@ -129,9 +129,9 @@ module ActiveMerchant #:nodoc:
         post[:card][:holderName] = credit_card.name
         post[:card][:cvv]        = credit_card.verification_value
         post[:card][:cardExpiry] = expdate(credit_card)
-        if options[:billing_address]
-          post[:card][:billingAddress]  = map_address(options[:billing_address])
-        end
+
+        post[:authentication]  = map_3ds(options[:three_d_secure]) if options[:three_d_secure]
+        post[:card][:billingAddress]  = map_address(options[:billing_address]) if options[:billing_address]
       end
 
       def add_invoice(post, money, options)
@@ -151,6 +151,7 @@ module ActiveMerchant #:nodoc:
 
         post[:currencyCode] = options[:currency] if options[:currency]
         post[:billingDetails]  = map_address(options[:billing_address]) if options[:billing_address]
+        post[:authentication]  = map_3ds(options[:three_d_secure]) if options[:three_d_secure]
       end
 
       def expdate(credit_card)
@@ -179,18 +180,32 @@ module ActiveMerchant #:nodoc:
         mapped
       end
 
+      def map_3ds(three_d_secure_options)
+        mapped = {
+          :eci => three_d_secure_options[:eci],
+          :cavv => three_d_secure_options[:cavv],
+          :xid => three_d_secure_options[:xid],
+          :threeDResult => three_d_secure_options[:directory_response_status],
+          :threeDSecureVersion => three_d_secure_options[:version],
+          :directoryServerTransactionId => three_d_secure_options[:ds_transaction_id]
+        }
+
+        mapped
+      end
+
       def parse(body)
         body.blank? ? {} : JSON.parse(body)
       end
 
       def commit(method, uri, parameters)
         params = parameters.to_json unless parameters.nil?
-        response = begin
-          parse(ssl_request(method, get_url(uri), params, headers))
-        rescue ResponseError => e
-          return Response.new(false, 'Invalid Login') if(e.response.code == '401')
-          parse(e.response.body)
-        end
+        response =
+          begin
+            parse(ssl_request(method, get_url(uri), params, headers))
+          rescue ResponseError => e
+            return Response.new(false, 'Invalid Login') if(e.response.code == '401')
+            parse(e.response.body)
+          end
 
         success = success_from(response)
         Response.new(

data/lib/active_merchant/billing/gateways/netbilling.rb

@@ -166,9 +166,7 @@ module ActiveMerchant #:nodoc:
       end
 
       def add_user_data(post, options)
-        if options[:order_id]
-          post[:user_data] = "order_id:#{options[:order_id]}"
-        end
+        post[:user_data] = "order_id:#{options[:order_id]}" if options[:order_id]
       end
 
       def add_transaction_id(post, transaction_id)

data/lib/active_merchant/billing/gateways/network_merchants.rb

@@ -218,9 +218,7 @@ module ActiveMerchant #:nodoc:
         return nil unless success
 
         authorization = response['transactionid']
-        if(parameters[:customer_vault] && (authorization.nil? || authorization.empty?))
-          authorization = response['customer_vault_id']
-        end
+        authorization = response['customer_vault_id'] if parameters[:customer_vault] && (authorization.nil? || authorization.empty?)
 
         authorization
       end

data/lib/active_merchant/billing/gateways/opp.rb

@@ -125,9 +125,7 @@ module ActiveMerchant #:nodoc:
 
       def purchase(money, payment, options={})
         # debit
-        if payment.is_a?(String)
-          options[:registrationId] = payment
-        end
+        options[:registrationId] = payment if payment.is_a?(String)
         execute_dbpa(options[:risk_workflow] ? 'PA.CP': 'DB',
           money, payment, options)
       end
@@ -311,17 +309,18 @@ module ActiveMerchant #:nodoc:
         add_authentication(post)
         post = flatten_hash(post)
 
-        response = begin
-          parse(
-            ssl_post(
-              url,
-              post.collect { |key, value| "#{key}=#{CGI.escape(value.to_s)}" }.join('&'),
-              'Content-Type' => 'application/x-www-form-urlencoded;charset=UTF-8'
+        response =
+          begin
+            parse(
+              ssl_post(
+                url,
+                post.collect { |key, value| "#{key}=#{CGI.escape(value.to_s)}" }.join('&'),
+                'Content-Type' => 'application/x-www-form-urlencoded;charset=UTF-8'
+              )
             )
-          )
-        rescue ResponseError => e
-          parse(e.response.body)
-        end
+          rescue ResponseError => e
+            parse(e.response.body)
+          end
 
         success = success_from(response)
 

data/lib/active_merchant/billing/gateways/optimal_payment.rb

@@ -135,9 +135,7 @@ module ActiveMerchant #:nodoc:
 
       def message_from(response)
         REXML::XPath.each(response, '//detail') do |detail|
-          if detail.is_a?(REXML::Element) && detail.elements['tag'].text == 'InternalResponseDescription'
-            return detail.elements['value'].text
-          end
+          return detail.elements['value'].text if detail.is_a?(REXML::Element) && detail.elements['tag'].text == 'InternalResponseDescription'
         end
         nil
       end

data/lib/active_merchant/billing/gateways/orbital.rb

@@ -327,9 +327,7 @@ module ActiveMerchant #:nodoc:
           xml.tag! :CustomerRefNum, options[:customer_ref_num]
         else
           if options[:customer_ref_num]
-            if creditcard
-              xml.tag! :CustomerProfileFromOrderInd, USE_CUSTOMER_REF_NUM
-            end
+            xml.tag! :CustomerProfileFromOrderInd, USE_CUSTOMER_REF_NUM if creditcard
             xml.tag! :CustomerRefNum, options[:customer_ref_num]
           else
             xml.tag! :CustomerProfileFromOrderInd, AUTO_GENERATE
@@ -457,9 +455,7 @@ module ActiveMerchant #:nodoc:
         # - http://download.chasepaymentech.com/docs/orbital/orbital_gateway_xml_specification.pdf
         unless creditcard.nil?
           if creditcard.verification_value?
-            if %w( visa discover ).include?(creditcard.brand)
-              xml.tag! :CardSecValInd, '1'
-            end
+            xml.tag! :CardSecValInd, '1' if %w( visa discover ).include?(creditcard.brand)
             xml.tag! :CardSecVal,  creditcard.verification_value
           end
         end
@@ -613,11 +609,12 @@ module ActiveMerchant #:nodoc:
         request = ->(url) { parse(ssl_post(url, order, headers)) }
 
         # Failover URL will be attempted in the event of a connection error
-        response = begin
-          request.call(remote_url)
-        rescue ConnectionError
-          request.call(remote_url(:secondary))
-        end
+        response =
+          begin
+            request.call(remote_url)
+          rescue ConnectionError
+            request.call(remote_url(:secondary))
+          end
 
         Response.new(success?(response, message_type), message_from(response), response,
           {

data/lib/active_merchant/billing/gateways/orbital/orbital_soft_descriptors.rb

@@ -30,9 +30,7 @@ module ActiveMerchant #:nodoc:
         errors << [:merchant_name, 'is required'] if self.merchant_name.blank?
         errors << [:merchant_name, 'is required to be 25 bytes or less'] if self.merchant_name.bytesize > 25
 
-        if(!empty?(self.merchant_phone) && !self.merchant_phone.match(PHONE_FORMAT_1) && !self.merchant_phone.match(PHONE_FORMAT_2))
-          errors << [:merchant_phone, 'is required to follow "NNN-NNN-NNNN" or "NNN-AAAAAAA" format']
-        end
+        errors << [:merchant_phone, 'is required to follow "NNN-NNN-NNNN" or "NNN-AAAAAAA" format'] if !empty?(self.merchant_phone) && !self.merchant_phone.match(PHONE_FORMAT_1) && !self.merchant_phone.match(PHONE_FORMAT_2)
 
         [:merchant_email, :merchant_url].each do |attr|
           unless self.send(attr).blank?

data/lib/active_merchant/billing/gateways/pagarme.rb

@@ -44,26 +44,20 @@ module ActiveMerchant #:nodoc:
       end
 
       def capture(money, authorization, options={})
-        if authorization.nil?
-          return Response.new(false, 'Não é possível capturar uma transação sem uma prévia autorização.')
-        end
+        return Response.new(false, 'Não é possível capturar uma transação sem uma prévia autorização.') if authorization.nil?
 
         post = {}
         commit(:post, "transactions/#{authorization}/capture", post)
       end
 
       def refund(money, authorization, options={})
-        if authorization.nil?
-          return Response.new(false, 'Não é possível estornar uma transação sem uma prévia captura.')
-        end
+        return Response.new(false, 'Não é possível estornar uma transação sem uma prévia captura.') if authorization.nil?
 
         void(authorization, options)
       end
 
       def void(authorization, options={})
-        if authorization.nil?
-          return Response.new(false, 'Não é possível estornar uma transação autorizada sem uma prévia autorização.')
-        end
+        return Response.new(false, 'Não é possível estornar uma transação autorizada sem uma prévia autorização.') if authorization.nil?
 
         post = {}
         commit(:post, "transactions/#{authorization}/refund", post)
@@ -225,9 +219,7 @@ module ActiveMerchant #:nodoc:
       end
 
       def authorization_from(response)
-        if success_from(response)
-          response['id']
-        end
+        response['id'] if success_from(response)
       end
 
       def test?

data/lib/active_merchant/billing/gateways/pago_facil.rb

@@ -53,9 +53,7 @@ module ActiveMerchant #:nodoc:
 
       def add_currency(post, money, options)
         currency = options.fetch(:currency, currency(money))
-        unless currency == self.class.default_currency
-          post[:divisa] = currency
-        end
+        post[:divisa] = currency unless currency == self.class.default_currency
       end
 
       def add_payment(post, credit_card)

data/lib/active_merchant/billing/gateways/pay_conex.rb

@@ -51,9 +51,7 @@ module ActiveMerchant #:nodoc:
       end
 
       def credit(money, payment_method, options={})
-        if payment_method.is_a?(String)
-          raise ArgumentError, 'Reference credits are not supported. Please supply the original credit card or use the #refund method.'
-        end
+        raise ArgumentError, 'Reference credits are not supported. Please supply the original credit card or use the #refund method.' if payment_method.is_a?(String)
 
         post = {}
         add_auth_purchase_params(post, money, payment_method, options)

data/lib/active_merchant/billing/gateways/pay_gate_xml.rb

@@ -255,9 +255,7 @@ module ActiveMerchant #:nodoc:
         response_action = action.gsub(/tx/, 'rx')
         root  = REXML::XPath.first(xml.root, response_action)
         # we might have gotten an error
-        if root.nil?
-          root  = REXML::XPath.first(xml.root, 'errorrx')
-        end
+        root  = REXML::XPath.first(xml.root, 'errorrx') if root.nil?
         root.attributes.each do |name, value|
           hash[name.to_sym] = value
         end

data/lib/active_merchant/billing/gateways/pay_junction_v2.rb

@@ -111,11 +111,12 @@ module ActiveMerchant #:nodoc:
       end
 
       def commit(action, params)
-        response = begin
-          parse(ssl_invoke(action, params))
-        rescue ResponseError => e
-          parse(e.response.body)
-        end
+        response =
+          begin
+            parse(ssl_invoke(action, params))
+          rescue ResponseError => e
+            parse(e.response.body)
+          end
 
         success = success_from(response)
         Response.new(

data/lib/active_merchant/billing/gateways/payflow.rb

@@ -312,9 +312,7 @@ module ActiveMerchant #:nodoc:
       end
 
       def build_recurring_request(action, money, options)
-        unless RECURRING_ACTIONS.include?(action)
-          raise StandardError, "Invalid Recurring Profile Action: #{action}"
-        end
+        raise StandardError, "Invalid Recurring Profile Action: #{action}" unless RECURRING_ACTIONS.include?(action)
 
         xml = Builder::XmlMarkup.new
         xml.tag! 'RecurringProfiles' do
@@ -354,9 +352,7 @@ module ActiveMerchant #:nodoc:
                   yield xml
                 end
               end
-              if action != :add
-                xml.tag! 'ProfileID', options[:profile_id]
-              end
+              xml.tag! 'ProfileID', options[:profile_id] if action != :add
               if action == :inquiry
                 xml.tag! 'PaymentHistory', (options[:history] ? 'Y' : 'N')
               end

data/lib/active_merchant/billing/gateways/payflow/payflow_common_api.rb

@@ -159,9 +159,7 @@ module ActiveMerchant #:nodoc:
         # REXML::XPath in Ruby 1.8.6 is now unable to match nodes based on their attributes
         tx_result = root.xpath('.//TransactionResult').first
 
-        if tx_result && tx_result.attributes['Duplicate'].to_s == 'true'
-          response[:duplicate] = true
-        end
+        response[:duplicate] = true if tx_result && tx_result.attributes['Duplicate'].to_s == 'true'
 
         root.xpath('.//*').each do |node|
           parse_element(response, node)

data/lib/active_merchant/billing/gateways/paymentez.rb

@@ -276,9 +276,7 @@ module ActiveMerchant #:nodoc:
         return if success_from(response)
         if response['transaction']
           detail = response['transaction']['status_detail']
-          if STANDARD_ERROR_CODE_MAPPING.include?(detail)
-            return STANDARD_ERROR_CODE[STANDARD_ERROR_CODE_MAPPING[detail]]
-          end
+          return STANDARD_ERROR_CODE[STANDARD_ERROR_CODE_MAPPING[detail]] if STANDARD_ERROR_CODE_MAPPING.include?(detail)
         elsif response['error']
           return STANDARD_ERROR_CODE[:config_error]
         end

data/lib/active_merchant/billing/gateways/paymill.rb

@@ -357,9 +357,7 @@ module ActiveMerchant #:nodoc:
 
         def handle_response_correct_parsing
           @message = parsed['transaction']['processing']['return']['message']
-          if @succeeded = is_ack?
-            @options[:authorization] = parsed['transaction']['identification']['uniqueId']
-          end
+          @options[:authorization] = parsed['transaction']['identification']['uniqueId'] if @succeeded = is_ack?
         end
 
         def is_ack?

data/lib/active_merchant/billing/gateways/pro_pay.rb

@@ -295,9 +295,7 @@ module ActiveMerchant #:nodoc:
       end
 
       def error_code_from(response)
-        unless success_from(response)
-          response[:status]
-        end
+        response[:status] unless success_from(response)
       end
 
       def build_xml_request

data/lib/active_merchant/billing/gateways/quickbooks.rb

@@ -10,13 +10,10 @@ module ActiveMerchant #:nodoc:
 
       self.homepage_url = 'http://payments.intuit.com'
       self.display_name = 'QuickBooks Payments'
-      ENDPOINT =  '/quickbooks/v4/payments/charges'
-      OAUTH_ENDPOINTS = {
-        site: 'https://oauth.intuit.com',
-        request_token_path: '/oauth/v1/get_request_token',
-        authorize_url: 'https://appcenter.intuit.com/Connect/Begin',
-        access_token_path: '/oauth/v1/get_access_token'
-      }
+      BASE = '/quickbooks/v4/payments'
+      ENDPOINT =  "#{BASE}/charges"
+      VOID_ENDPOINT = "#{BASE}/txn-requests"
+      REFRESH_URI = 'https://oauth.platform.intuit.com/oauth2/v1/tokens/bearer'
 
       # https://developer.intuit.com/docs/0150_payments/0300_developer_guides/error_handling
 
@@ -51,7 +48,15 @@ module ActiveMerchant #:nodoc:
       FRAUD_WARNING_CODES = ['PMT-1000', 'PMT-1001', 'PMT-1002', 'PMT-1003']
 
       def initialize(options = {})
-        requires!(options, :consumer_key, :consumer_secret, :access_token, :token_secret, :realm)
+        # Quickbooks is deprecating OAuth 1.0 on December 17, 2019.
+        # OAuth 2.0 requires a client_id, client_secret, access_token, and refresh_token
+        # To maintain backwards compatibility, check for the presence of a refresh_token (only specified for OAuth 2.0)
+        # When present, validate that all OAuth 2.0 options are present
+        if options[:refresh_token]
+          requires!(options, :client_id, :client_secret, :access_token, :refresh_token)
+        else
+          requires!(options, :consumer_key, :consumer_secret, :access_token, :token_secret, :realm)
+        end
         @options = options
         super
       end
@@ -62,7 +67,8 @@ module ActiveMerchant #:nodoc:
         add_charge_data(post, payment, options)
         post[:capture] = 'true'
 
-        commit(ENDPOINT, post)
+        response = commit(ENDPOINT, post)
+        check_token_response(response, ENDPOINT, post)
       end
 
       def authorize(money, payment, options = {})
@@ -71,24 +77,35 @@ module ActiveMerchant #:nodoc:
         add_charge_data(post, payment, options)
         post[:capture] = 'false'
 
-        commit(ENDPOINT, post)
+        response = commit(ENDPOINT, post)
+        check_token_response(response, ENDPOINT, post)
       end
 
       def capture(money, authorization, options = {})
         post = {}
-        capture_uri = "#{ENDPOINT}/#{CGI.escape(authorization)}/capture"
+        authorization, _ = split_authorization(authorization)
         post[:amount] = localized_amount(money, currency(money))
         add_context(post, options)
 
-        commit(capture_uri, post)
+        response = commit(capture_uri(authorization), post)
+        check_token_response(response, capture_uri(authorization), post)
       end
 
       def refund(money, authorization, options = {})
         post = {}
         post[:amount] = localized_amount(money, currency(money))
         add_context(post, options)
+        authorization, _ = split_authorization(authorization)
 
-        commit(refund_uri(authorization), post)
+        response = commit(refund_uri(authorization), post)
+        check_token_response(response, refund_uri(authorization), post)
+      end
+
+      def void(authorization, options = {})
+        _, request_id = split_authorization(authorization)
+
+        response = commit(void_uri(request_id))
+        check_token_response(response, void_uri(request_id))
       end
 
       def verify(credit_card, options = {})
@@ -107,7 +124,12 @@ module ActiveMerchant #:nodoc:
           gsub(%r((oauth_signature=\")[a-zA-Z%0-9]+), '\1[FILTERED]').
           gsub(%r((oauth_token=\")\w+), '\1[FILTERED]').
           gsub(%r((number\D+)\d{16}), '\1[FILTERED]').
-          gsub(%r((cvc\D+)\d{3}), '\1[FILTERED]')
+          gsub(%r((cvc\D+)\d{3}), '\1[FILTERED]').
+          gsub(%r((Authorization: Basic )\w+), '\1[FILTERED]').
+          gsub(%r((access_token\\?":\\?")[\w\-\.]+)i, '\1[FILTERED]').
+          gsub(%r((refresh_token\\?":\\?")\w+), '\1[FILTERED]').
+          gsub(%r((refresh_token=)\w+), '\1[FILTERED]').
+          gsub(%r((Authorization: Bearer )[\w\-\.]+)i, '\1[FILTERED]\2')
       end
 
       private
@@ -170,30 +192,30 @@ module ActiveMerchant #:nodoc:
         # The QuickBooks API returns HTTP 4xx on failed transactions, which causes a
         # ResponseError raise, so we have to inspect the response and discern between
         # a legitimate HTTP error and an actual gateway transactional error.
-        response = begin
-          case method
-          when :post
-            ssl_post(endpoint, post_data(body), headers(:post, endpoint))
-          when :get
-            ssl_request(:get, endpoint, nil, headers(:get, endpoint))
-          else
-            raise ArgumentError, "Invalid HTTP method: #{method}. Valid methods are :post and :get"
+        headers = {}
+        response =
+          begin
+            headers = headers(method, endpoint)
+            method == :post ? ssl_post(endpoint, post_data(body), headers) : ssl_request(:get, endpoint, nil, headers)
+          rescue ResponseError => e
+            extract_response_body_or_raise(e)
           end
-        rescue ResponseError => e
-          extract_response_body_or_raise(e)
-        end
 
-        response_object(response)
+        response_object(response, headers)
       end
 
-      def response_object(raw_response)
+      def response_object(raw_response, headers = {})
         parsed_response = parse(raw_response)
 
+        # Include access_token and refresh_token in params for OAuth 2.0
+        parsed_response['access_token'] = @options[:access_token] if @options[:refresh_token]
+        parsed_response['refresh_token'] = @options[:refresh_token] if @options[:refresh_token]
+
         Response.new(
           success?(parsed_response),
           message_from(parsed_response),
           parsed_response,
-          authorization: authorization_from(parsed_response),
+          authorization: authorization_from(parsed_response, headers),
           test: test?,
           cvv_result: cvv_code_from(parsed_response),
           error_code: errors_from(parsed_response),
@@ -210,6 +232,8 @@ module ActiveMerchant #:nodoc:
       end
 
       def headers(method, uri)
+        return oauth_v2_headers if @options[:refresh_token]
+
         raise ArgumentError, "Invalid HTTP method: #{method}. Valid methods are :post and :get" unless [:post, :get].include?(method)
         request_uri = URI.parse(uri)
 
@@ -243,6 +267,42 @@ module ActiveMerchant #:nodoc:
         }
       end
 
+      def oauth_v2_headers
+        {
+          'Content-Type'      => 'application/json',
+          'Request-Id'        => generate_unique_id,
+          'Accept'            => 'application/json',
+          'Authorization'     => "Bearer #{@options[:access_token]}"
+        }
+      end
+
+      def check_token_response(response, endpoint, body = {})
+        return response unless @options[:refresh_token]
+        return response unless response.params['code'] == 'AuthenticationFailed'
+        refresh_access_token
+        commit(endpoint, body)
+      end
+
+      def refresh_access_token
+        post = {}
+        post[:grant_type] = 'refresh_token'
+        post[:refresh_token] = @options[:refresh_token]
+        data = post.collect { |key, value| "#{key}=#{CGI.escape(value.to_s)}" }.join('&')
+
+        basic_auth = Base64.strict_encode64("#{@options[:client_id]}:#{@options[:client_secret]}")
+        headers = {
+          'Content-Type'      => 'application/x-www-form-urlencoded',
+          'Accept'            => 'application/json',
+          'Authorization'     => "Basic #{basic_auth}"
+        }
+
+        response = ssl_post(REFRESH_URI, data, headers)
+        response = JSON.parse(response)
+
+        @options[:access_token] = response['access_token'] if response['access_token']
+        @options[:refresh_token] = response['refresh_token'] if response['refresh_token']
+      end
+
       def cvv_code_from(response)
         if response['errors'].present?
           FRAUD_WARNING_CODES.include?(response['errors'].first['code']) ? 'I' : ''
@@ -265,8 +325,13 @@ module ActiveMerchant #:nodoc:
         response['errors'].present? ? STANDARD_ERROR_CODE_MAPPING[response['errors'].first['code']] : ''
       end
 
-      def authorization_from(response)
-        response['id']
+      def authorization_from(response, headers = {})
+        [response['id'], headers['Request-Id']].join('|')
+      end
+
+      def split_authorization(authorization)
+        authorization, request_id = authorization.split('|')
+        [authorization, request_id]
       end
 
       def fraud_review_status_from(response)
@@ -283,7 +348,15 @@ module ActiveMerchant #:nodoc:
       end
 
       def refund_uri(authorization)
-        "#{ENDPOINT}/#{CGI.escape(authorization)}/refunds"
+        "#{ENDPOINT}/#{CGI.escape(authorization.to_s)}/refunds"
+      end
+
+      def capture_uri(authorization)
+        "#{ENDPOINT}/#{CGI.escape(authorization.to_s)}/capture"
+      end
+
+      def void_uri(request_id)
+        "#{VOID_ENDPOINT}/#{CGI.escape(request_id.to_s)}/void"
       end
     end
   end