activemerchant 1.117.0 → 1.123.0

data/lib/active_merchant/billing/gateways/pay_trace.rb

@@ -0,0 +1,404 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class PayTraceGateway < Gateway
+      self.test_url = 'https://api.paytrace.com'
+      self.live_url = 'https://api.paytrace.com'
+
+      self.supported_countries = ['US']
+      self.default_currency = 'USD'
+      self.supported_cardtypes = %i[visa master american_express discover]
+
+      self.homepage_url = 'https://paytrace.com/'
+      self.display_name = 'PayTrace'
+
+      # Response codes based on API Response Codes found here: https://developers.paytrace.com/support/home#14000041297
+      STANDARD_ERROR_CODE_MAPPING = {
+        '1'   => STANDARD_ERROR_CODE[:error_occurred],
+        '102' => STANDARD_ERROR_CODE[:declined],
+        '103' => STANDARD_ERROR_CODE[:auto_voided],
+        '107' => STANDARD_ERROR_CODE[:unsuccessful_refund],
+        '108' => STANDARD_ERROR_CODE[:test_refund],
+        '110' => STANDARD_ERROR_CODE[:unsuccessful_void],
+        '113' => STANDARD_ERROR_CODE[:unsuccessful_capture]
+      }
+
+      ENDPOINTS = {
+        customer_id_sale: 'transactions/sale/by_customer',
+        keyed_sale: 'transactions/sale/keyed',
+        customer_id_auth: 'transactions/authorization/by_customer',
+        keyed_auth: 'transactions/authorization/keyed',
+        capture: 'transactions/authorization/capture',
+        transaction_refund: 'transactions/refund/for_transaction',
+        transaction_void: 'transactions/void',
+        store: 'customer/create',
+        redact: 'customer/delete',
+        level_3_visa: 'level_three/visa',
+        level_3_mastercard: 'level_three/mastercard'
+      }
+
+      def initialize(options = {})
+        requires!(options, :username, :password, :integrator_id)
+        super
+        acquire_access_token
+      end
+
+      def purchase(money, payment_or_customer_id, options = {})
+        if visa_or_mastercard?(options)
+          MultiResponse.run(:use_first_response) do |r|
+            endpoint = customer_id?(payment_or_customer_id) ? ENDPOINTS[:customer_id_sale] : ENDPOINTS[:keyed_sale]
+
+            r.process { commit(endpoint, build_purchase_request(money, payment_or_customer_id, options)) }
+            r.process { commit(ENDPOINTS[:"level_3_#{options[:visa_or_mastercard]}"], send_level_3_data(r, options)) }
+          end
+        else
+          post = build_purchase_request(money, payment_or_customer_id, options)
+          post[:customer_id] ? endpoint = ENDPOINTS[:customer_id_sale] : endpoint = ENDPOINTS[:keyed_sale]
+          response = commit(endpoint, post)
+          check_token_response(response, endpoint, post, options)
+        end
+      end
+
+      def authorize(money, payment_or_customer_id, options = {})
+        post = {}
+        add_amount(post, money, options)
+        if customer_id?(payment_or_customer_id)
+          post[:customer_id] = payment_or_customer_id
+          endpoint = ENDPOINTS[:customer_id_auth]
+        else
+          add_payment(post, payment_or_customer_id)
+          add_address(post, payment_or_customer_id, options)
+          add_customer_data(post, options)
+          endpoint = ENDPOINTS[:keyed_auth]
+        end
+        response = commit(endpoint, post)
+        check_token_response(response, endpoint, post, options)
+      end
+
+      def capture(money, authorization, options = {})
+        if visa_or_mastercard?(options)
+          MultiResponse.run do |r|
+            r.process { commit(ENDPOINTS[:capture], build_capture_request(money, authorization, options)) }
+            r.process { commit(ENDPOINTS[:"level_3_#{options[:visa_or_mastercard]}"], send_level_3_data(r, options)) }
+          end
+        else
+          post = build_capture_request(money, authorization, options)
+          response = commit(ENDPOINTS[:capture], post)
+          check_token_response(response, ENDPOINTS[:capture], post, options)
+        end
+      end
+
+      def refund(money, authorization, options = {})
+        # currently only support full and partial refunds of settled transactions via a transaction ID
+        post = {}
+        add_amount(post, money, options)
+        post[:transaction_id] = authorization
+        response = commit(ENDPOINTS[:transaction_refund], post)
+        check_token_response(response, ENDPOINTS[:transaction_refund], post, options)
+      end
+
+      def void(authorization, options = {})
+        post = {}
+        post[:transaction_id] = authorization
+
+        response = commit(ENDPOINTS[:transaction_void], post)
+        check_token_response(response, ENDPOINTS[:transaction_void], post, options)
+      end
+
+      def verify(credit_card, options = {})
+        authorize(0, credit_card, options)
+      end
+
+      # The customer_IDs that come from storing cards can be used for auth and purchase transaction types
+      def store(credit_card, options = {})
+        post = {}
+        post[:customer_id] = options[:customer_id] || SecureRandom.hex(12)
+        add_payment(post, credit_card)
+        add_address(post, credit_card, options)
+        response = commit(ENDPOINTS[:store], post)
+        check_token_response(response, ENDPOINTS[:store], post, options)
+      end
+
+      def redact(customer_id)
+        post = {}
+        post[:customer_id] = customer_id
+        response = commit(ENDPOINTS[:redact], post)
+        check_token_response(response, ENDPOINTS[:redact], post, options)
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((Authorization: Bearer )[a-zA-Z0-9:_]+), '\1[FILTERED]').
+          gsub(%r(("credit_card\\?":{\\?"number\\?":\\?")\d+), '\1[FILTERED]').
+          gsub(%r(("cvv\\?":\\?")\d+), '\1[FILTERED]').
+          gsub(%r(("username\\?":\\?")\w+@+\w+.+\w+), '\1[FILTERED]').
+          gsub(%r(("password\\?":\\?")\w+), '\1[FILTERED]').
+          gsub(%r(("integrator_id\\?":\\?")\w+), '\1[FILTERED]')
+      end
+
+      def acquire_access_token
+        post = {}
+        post[:grant_type] = 'password'
+        post[:username] = @options[:username]
+        post[:password] = @options[:password]
+        data = post.collect { |key, value| "#{key}=#{CGI.escape(value.to_s)}" }.join('&')
+        url = live_url + '/oauth/token'
+        oauth_headers = {
+          'Accept'            => '*/*',
+          'Content-Type'      => 'application/x-www-form-urlencoded'
+        }
+        response = ssl_post(url, data, oauth_headers)
+        json_response = JSON.parse(response)
+
+        @options[:access_token] = json_response['access_token'] if json_response['access_token']
+        response
+      end
+
+      private
+
+      def build_purchase_request(money, payment_or_customer_id, options)
+        post = {}
+        add_amount(post, money, options)
+        if customer_id?(payment_or_customer_id)
+          post[:customer_id] = payment_or_customer_id
+        else
+          add_payment(post, payment_or_customer_id)
+          add_address(post, payment_or_customer_id, options)
+          add_customer_data(post, options)
+        end
+
+        post
+      end
+
+      def build_capture_request(money, authorization, options)
+        post = {}
+        post[:transaction_id] = authorization
+        add_amount(post, money, options)
+
+        post
+      end
+
+      # method can only be used to add level 3 data to any approved and unsettled sale transaction so it is built into the standard purchase workflow above
+      def send_level_3_data(response, options)
+        post = {}
+        post[:transaction_id] = response.authorization
+        add_level_3_data(post, options)
+
+        post
+      end
+
+      def visa_or_mastercard?(options)
+        return false unless options[:visa_or_mastercard]
+
+        options[:visa_or_mastercard] == 'visa' || options[:visa_or_mastercard] == 'mastercard'
+      end
+
+      def customer_id?(payment_or_customer_id)
+        payment_or_customer_id.class == String
+      end
+
+      def string_literal_to_boolean(value)
+        return value unless value.class == String
+
+        if value.casecmp('true').zero?
+          true
+        elsif value.casecmp('false').zero?
+          false
+        else return nil
+        end
+      end
+
+      def add_customer_data(post, options)
+        return unless options[:email]
+
+        post[:email] = options[:email]
+      end
+
+      def add_address(post, creditcard, options)
+        return unless options[:billing_address] || options[:address]
+
+        address = options[:billing_address] || options[:address]
+        post[:billing_address] = {}
+        post[:billing_address][:name] = creditcard.name
+        post[:billing_address][:street_address] = address[:address1]
+        post[:billing_address][:city] = address[:city]
+        post[:billing_address][:state] = address[:state]
+        post[:billing_address][:zip] = address[:zip]
+      end
+
+      def add_amount(post, money, options)
+        post[:amount] = amount(money)
+      end
+
+      def add_payment(post, payment)
+        post[:credit_card] = {}
+        post[:credit_card][:number] = payment.number
+        post[:credit_card][:expiration_month] = payment.month
+        post[:credit_card][:expiration_year] = payment.year
+      end
+
+      def add_level_3_data(post, options)
+        post[:invoice_id] = options[:invoice_id] if options[:invoice_id]
+        post[:customer_reference_id] = options[:customer_reference_id] if options[:customer_reference_id]
+        post[:tax_amount] = options[:tax_amount].to_i if options[:tax_amount]
+        post[:national_tax_amount] = options[:national_tax_amount].to_i if options[:national_tax_amount]
+        post[:merchant_tax_id] = options[:merchant_tax_id] if options[:merchant_tax_id]
+        post[:customer_tax_id] = options[:customer_tax_id] if options[:customer_tax_id]
+        post[:commodity_code] = options[:commodity_code] if options[:commodity_code]
+        post[:discount_amount] = options[:discount_amount].to_i if options[:discount_amount]
+        post[:freight_amount] = options[:freight_amount].to_i if options[:freight_amount]
+        post[:duty_amount] = options[:duty_amount].to_i if options[:duty_amount]
+        post[:additional_tax_amount] = options[:additional_tax_amount].to_i if options[:additional_tax_amount]
+        post[:additional_tax_rate] = options[:additional_tax_rate].to_i if options[:additional_tax_rate]
+
+        add_source_address(post, options)
+        add_shipping_address(post, options)
+        add_line_items(post, options)
+      end
+
+      def add_source_address(post, options)
+        return unless source_address =  options[:source_address] ||
+                                        options[:billing_address] ||
+                                        options[:address]
+
+        post[:source_address] = {}
+        post[:source_address][:zip] = source_address[:zip] if source_address[:zip]
+      end
+
+      def add_shipping_address(post, options)
+        return unless shipping_address = options[:shipping_address]
+
+        post[:shipping_address] = {}
+        post[:shipping_address][:name] = shipping_address[:name] if shipping_address[:name]
+        post[:shipping_address][:street_address] = shipping_address[:address1] if shipping_address[:address1]
+        post[:shipping_address][:street_address2] = shipping_address[:address2] if shipping_address[:address2]
+        post[:shipping_address][:city] = shipping_address[:city] if shipping_address[:city]
+        post[:shipping_address][:state] = shipping_address[:state] if shipping_address[:state]
+        post[:shipping_address][:zip] = shipping_address[:zip] if shipping_address[:zip]
+        post[:shipping_address][:country] = shipping_address[:country] if shipping_address[:country]
+      end
+
+      def add_line_items(post, options)
+        return unless options[:line_items]
+
+        line_items = []
+        options[:line_items].each do |li|
+          obj = {}
+
+          obj[:additional_tax_amount] = li[:additional_tax_amount].to_i if li[:additional_tax_amount]
+          obj[:additional_tax_included] = string_literal_to_boolean(li[:additional_tax_included]) if li[:additional_tax_included]
+          obj[:additional_tax_rate] = li[:additional_tax_rate].to_i if li[:additional_tax_rate]
+          obj[:amount] = li[:amount].to_i if li[:amount]
+          obj[:commodity_code] = li[:commodity_code] if li[:commodity_code]
+          obj[:debit_or_credit] = li[:debit_or_credit] if li[:debit_or_credit]
+          obj[:description] = li[:description] if li[:description]
+          obj[:discount_amount] = li[:discount_amount].to_i if li[:discount_amount]
+          obj[:discount_rate] = li[:discount_rate].to_i if li[:discount_rate]
+          obj[:discount_included] = string_literal_to_boolean(li[:discount_included]) if li[:discount_included]
+          obj[:merchant_tax_id] = li[:merchant_tax_id] if li[:merchant_tax_id]
+          obj[:product_id] = li[:product_id] if li[:product_id]
+          obj[:quantity] = li[:quantity] if li[:quantity]
+          obj[:transaction_id] = li[:transaction_id] if li[:transaction_id]
+          obj[:tax_included] = string_literal_to_boolean(li[:tax_included]) if li[:tax_included]
+          obj[:unit_of_measure] = li[:unit_of_measure] if li[:unit_of_measure]
+          obj[:unit_cost] = li[:unit_cost].to_i if li[:unit_cost]
+
+          line_items << obj
+        end
+        post[:line_items] = line_items
+      end
+
+      def check_token_response(response, endpoint, body = {}, options = {})
+        return response unless response.params['error'] == 'invalid_token'
+
+        acquire_access_token
+        commit(endpoint, body)
+      end
+
+      def parse(body)
+        JSON.parse(body)
+      end
+
+      def commit(action, parameters)
+        base_url = (test? ? test_url : live_url)
+        url = base_url + '/v1/' + action
+        raw_response = ssl_post(url, post_data(parameters), headers)
+        response = parse(raw_response)
+        success = success_from(response)
+
+        Response.new(
+          success,
+          message_from(success, response),
+          response,
+          authorization: authorization_from(action, response),
+          avs_result: AVSResult.new(code: response['avs_response']),
+          cvv_result: response['csc_response'],
+          test: test?,
+          error_code: success ? nil : error_code_from(response)
+        )
+      rescue JSON::ParserError
+        unparsable_response(raw_response)
+      end
+
+      def unparsable_response(raw_response)
+        message = 'Unparsable response received from PayTrace. Please contact PayTrace if you continue to receive this message.'
+        message += " (The raw response returned by the API was #{raw_response.inspect})"
+        return Response.new(false, message)
+      end
+
+      def headers
+        {
+          'Content-type' => 'application/json',
+          'Authorization' => 'Bearer ' + @options[:access_token]
+        }
+      end
+
+      def success_from(response)
+        response['success']
+      end
+
+      def message_from(success, response)
+        return response['status_message'] if success
+
+        if error = response['errors']
+          message = 'Errors-'
+          error.each do |k, v|
+            message.concat(" code:#{k}, message:#{v}")
+          end
+        else
+          message = response['status_message'].to_s + " #{response['approval_message']}"
+        end
+
+        message
+      end
+
+      # store transactions do not return a transaction_id, but they return a customer_id that will then be used as the third_party_token for the stored payment method
+      def authorization_from(action, response)
+        if action == ENDPOINTS[:store]
+          response['customer_id']
+        else
+          response['transaction_id']
+        end
+      end
+
+      def post_data(parameters = {})
+        parameters[:password] = @options[:password]
+        parameters[:username] = @options[:username]
+        parameters[:integrator_id] = @options[:integrator_id]
+
+        parameters.to_json
+      end
+
+      def error_code_from(response)
+        STANDARD_ERROR_CODE_MAPPING[response['response_code']]
+      end
+
+      def handle_response(response)
+        response.body
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/payeezy.rb

@@ -39,6 +39,7 @@ module ActiveMerchant
         add_address(params, options)
         add_amount(params, amount, options)
         add_soft_descriptors(params, options)
+        add_level2_data(params, options)
         add_stored_credentials(params, options)
 
         commit(params, options)
@@ -53,6 +54,7 @@ module ActiveMerchant
         add_address(params, options)
         add_amount(params, amount, options)
         add_soft_descriptors(params, options)
+        add_level2_data(params, options)
         add_stored_credentials(params, options)
 
         commit(params, options)
@@ -73,7 +75,19 @@ module ActiveMerchant
 
         add_authorization_info(params, authorization)
         add_amount(params, (amount || amount_from_authorization(authorization)), options)
+        add_soft_descriptors(params, options)
+        add_invoice(params, options)
+
+        commit(params, options)
+      end
+
+      def credit(amount, payment_method, options = {})
+        params = { transaction_type: 'refund' }
 
+        add_amount(params, amount, options)
+        add_payment_method(params, payment_method, options)
+        add_soft_descriptors(params, options)
+        add_invoice(params, options)
         commit(params, options)
       end
 
@@ -246,17 +260,42 @@ module ActiveMerchant
         params[:soft_descriptors] = options[:soft_descriptors] if options[:soft_descriptors]
       end
 
+      def add_level2_data(params, options)
+        return unless level2_data = options[:level2]
+
+        params[:level2] = {}
+        params[:level2][:customer_ref] = level2_data[:customer_ref]
+      end
+
       def add_stored_credentials(params, options)
-        if options[:sequence]
+        if options[:sequence] || options[:stored_credential]
           params[:stored_credentials] = {}
-          params[:stored_credentials][:cardbrand_original_transaction_id] = options[:cardbrand_original_transaction_id] if options[:cardbrand_original_transaction_id]
-          params[:stored_credentials][:sequence] = options[:sequence]
-          params[:stored_credentials][:initiator] = options[:initiator] if options[:initiator]
-          params[:stored_credentials][:is_scheduled] = options[:is_scheduled]
+          params[:stored_credentials][:cardbrand_original_transaction_id] = original_transaction_id(options) if original_transaction_id(options)
+          params[:stored_credentials][:initiator] = initiator(options) if initiator(options)
+          params[:stored_credentials][:sequence] = options[:sequence] || sequence(options[:stored_credential][:initial_transaction])
+          params[:stored_credentials][:is_scheduled] = options[:is_scheduled] || is_scheduled(options[:stored_credential][:reason_type])
           params[:stored_credentials][:auth_type_override] = options[:auth_type_override] if options[:auth_type_override]
         end
       end
 
+      def original_transaction_id(options)
+        return options[:cardbrand_original_transaction_id] if options[:cardbrand_original_transaction_id]
+        return options[:stored_credential][:network_transaction_id] if options.dig(:stored_credential, :network_transaction_id)
+      end
+
+      def initiator(options)
+        return options[:initiator] if options[:initiator]
+        return options[:stored_credential][:initiator].upcase if options.dig(:stored_credential, :initiator)
+      end
+
+      def sequence(initial_transaction)
+        initial_transaction ? 'FIRST' : 'SUBSEQUENT'
+      end
+
+      def is_scheduled(reason_type)
+        reason_type == 'recurring' ? 'true' : 'false'
+      end
+
       def commit(params, options)
         url = base_url(options) + endpoint(params)
 
@@ -272,15 +311,16 @@ module ActiveMerchant
           response = json_error(e.response.body)
         end
 
+        success = success_from(response)
         Response.new(
-          success_from(response),
-          handle_message(response, success_from(response)),
+          success,
+          handle_message(response, success),
           response,
           test: test?,
           authorization: authorization_from(params, response),
           avs_result: { code: response['avs'] },
           cvv_result: response['cvv2'],
-          error_code: error_code(response, success_from(response))
+          error_code: success ? nil : error_code_from(response)
         )
       end
 
@@ -334,10 +374,16 @@ module ActiveMerchant
         }
       end
 
-      def error_code(response, success)
-        return if success
+      def error_code_from(response)
+        error_code = nil
+        if response['bank_resp_code'] == '100'
+          return
+        elsif response['bank_resp_code']
+          error_code = response['bank_resp_code']
+        elsif error_code = response['Error'].to_h['messages'].to_a.map { |e| e['code'] }.join(', ')
+        end
 
-        response['Error'].to_h['messages'].to_a.map { |e| e['code'] }.join(', ')
+        error_code
       end
 
       def success_from(response)

data/lib/active_merchant/billing/gateways/payflow/payflow_common_api.rb

@@ -118,6 +118,7 @@ module ActiveMerchant #:nodoc:
               xml.tag!('Description', options[:description]) unless options[:description].blank?
               xml.tag!('Comment', options[:comment]) unless options[:comment].blank?
               xml.tag!('ExtData', 'Name' => 'COMMENT2', 'Value' => options[:comment2]) unless options[:comment2].blank?
+              xml.tag!('MerchDescr', options[:merch_descr]) unless options[:merch_descr].blank?
               xml.tag!(
                 'ExtData',
                 'Name' => 'CAPTURECOMPLETE',

data/lib/active_merchant/billing/gateways/payflow.rb

@@ -56,6 +56,10 @@ module ActiveMerchant #:nodoc:
         end
       end
 
+      def store(payment, options = {})
+        raise ArgumentError, 'Store is not supported on Payflow gateways'
+      end
+
       def verify_credentials
         response = void('0')
         response.params['result'] != '26'
@@ -141,6 +145,7 @@ module ActiveMerchant #:nodoc:
               xml.tag! 'FreightAmt', options[:freightamt] unless options[:freightamt].blank?
               xml.tag! 'DutyAmt', options[:dutyamt] unless options[:dutyamt].blank?
               xml.tag! 'DiscountAmt', options[:discountamt] unless options[:discountamt].blank?
+              xml.tag! 'MerchDescr', options[:merch_descr] unless options[:merch_descr].blank?
 
               billing_address = options[:billing_address] || options[:address]
               add_address(xml, 'BillTo', billing_address, options) if billing_address
@@ -176,6 +181,7 @@ module ActiveMerchant #:nodoc:
               xml.tag! 'DutyAmt', options[:dutyamt] unless options[:dutyamt].blank?
               xml.tag! 'DiscountAmt', options[:discountamt] unless options[:discountamt].blank?
               xml.tag! 'EMail', options[:email] unless options[:email].nil?
+              xml.tag! 'MerchDescr', options[:merch_descr] unless options[:merch_descr].blank?
 
               billing_address = options[:billing_address] || options[:address]
               add_address(xml, 'BillTo', billing_address, options) if billing_address
@@ -239,6 +245,7 @@ module ActiveMerchant #:nodoc:
               xml.tag! 'InvNum', options[:order_id].to_s.gsub(/[^\w.]/, '') unless options[:order_id].blank?
               xml.tag! 'Description', options[:description] unless options[:description].blank?
               xml.tag! 'OrderDesc', options[:order_desc] unless options[:order_desc].blank?
+              xml.tag! 'MerchDescr', options[:merch_descr] unless options[:merch_descr].blank?
               xml.tag! 'BillTo' do
                 xml.tag! 'Name', check.name
               end
@@ -282,6 +289,8 @@ module ActiveMerchant #:nodoc:
             xml.tag! 'ECI', three_d_secure[:eci] unless three_d_secure[:eci].blank?
             xml.tag! 'CAVV', three_d_secure[:cavv] unless three_d_secure[:cavv].blank?
             xml.tag! 'XID', three_d_secure[:xid] unless three_d_secure[:xid].blank?
+            xml.tag! 'THREEDSVERSION', three_d_secure[:version] unless three_d_secure[:version].blank?
+            xml.tag! 'DSTRANSACTIONID', three_d_secure[:ds_transaction_id] unless three_d_secure[:ds_transaction_id].blank?
           end
         end
       end

data/lib/active_merchant/billing/gateways/payment_express.rb

@@ -86,6 +86,11 @@ module ActiveMerchant #:nodoc:
         refund(money, identification, options)
       end
 
+      def verify(payment_source, options = {})
+        request = build_purchase_or_authorization_request(100, payment_source, options)
+        commit(:validate, request)
+      end
+
       # Token Based Billing
       #
       # Instead of storing the credit card details locally, you can store them inside the
@@ -149,7 +154,7 @@ module ActiveMerchant #:nodoc:
           add_credit_card(result, payment_source)
         end
 
-        add_amount(result, money, options)
+        add_amount(result, money, options) if money
         add_invoice(result, options)
         add_address_verification_data(result, options)
         add_optional_elements(result, options)
@@ -229,8 +234,8 @@ module ActiveMerchant #:nodoc:
         address = options[:billing_address] || options[:address]
         return if address.nil?
 
-        xml.add_element('EnableAvsData').text = 1
-        xml.add_element('AvsAction').text = 1
+        xml.add_element('EnableAvsData').text = options[:enable_avs_data] || 1
+        xml.add_element('AvsAction').text = options[:avs_action] || 1
 
         xml.add_element('AvsStreetAddress').text = address[:address1]
         xml.add_element('AvsPostCode').text = address[:zip]
@@ -334,7 +339,7 @@ module ActiveMerchant #:nodoc:
       def authorization_from(action, response)
         case action
         when :validate
-          (response[:billing_id] || response[:dps_billing_id])
+          (response[:billing_id] || response[:dps_billing_id] || response[:dps_txn_ref])
         else
           response[:dps_txn_ref]
         end
@@ -361,7 +366,7 @@ module ActiveMerchant #:nodoc:
       # add a method to response so we can easily get the token
       # for Validate transactions
       def token
-        @params['billing_id'] || @params['dps_billing_id']
+        @params['billing_id'] || @params['dps_billing_id'] || @params['dps_txn_ref']
       end
     end
   end

data/lib/active_merchant/billing/gateways/paymentez.rb

@@ -9,7 +9,7 @@ module ActiveMerchant #:nodoc:
 
       self.supported_countries = %w[MX EC CO BR CL PE]
       self.default_currency = 'USD'
-      self.supported_cardtypes = %i[visa master american_express diners_club elo alia]
+      self.supported_cardtypes = %i[visa master american_express diners_club elo alia olimpica]
 
       self.homepage_url = 'https://secure.paymentez.com/'
       self.display_name = 'Paymentez'
@@ -82,6 +82,7 @@ module ActiveMerchant #:nodoc:
       def refund(money, authorization, options = {})
         post = { transaction: { id: authorization } }
         post[:order] = { amount: amount(money).to_f } if money
+        add_more_info(post, options)
 
         commit_transaction('refund', post)
       end
@@ -175,9 +176,33 @@ module ActiveMerchant #:nodoc:
         extra_params = {}
         extra_params.merge!(options[:extra_params]) if options[:extra_params]
 
+        add_external_mpi_fields(extra_params, options)
+
         post['extra_params'] = extra_params unless extra_params.empty?
       end
 
+      def add_external_mpi_fields(extra_params, options)
+        three_d_secure_options = options[:three_d_secure]
+        return unless three_d_secure_options
+
+        auth_data = {
+          cavv: three_d_secure_options[:cavv],
+          xid: three_d_secure_options[:xid],
+          eci: three_d_secure_options[:eci],
+          version: three_d_secure_options[:version],
+          reference_id: three_d_secure_options[:three_ds_server_trans_id],
+          status: three_d_secure_options[:authentication_response_status] || three_d_secure_options[:directory_response_status]
+        }.compact
+
+        return if auth_data.empty?
+
+        extra_params[:auth_data] = auth_data
+      end
+
+      def add_more_info(post, options)
+        post[:more_info] = options[:more_info] if options[:more_info]
+      end
+
       def parse(body)
         JSON.parse(body)
       end

data/lib/active_merchant/billing/gateways/paypal/paypal_common_api.rb

@@ -5,6 +5,7 @@ module ActiveMerchant #:nodoc:
       include Empty
 
       API_VERSION = '124'
+      API_VERSION_3DS2 = '214.0'
 
       URLS = {
         :test => { :certificate => 'https://api.sandbox.paypal.com/2.0/',