activemerchant 1.118.0 → 1.123.0

data/lib/active_merchant/billing/gateways/payu_latam.rb

@@ -208,7 +208,7 @@ module ActiveMerchant #:nodoc:
           buyer[:merchantBuyerId] = buyer_hash[:merchant_buyer_id]
           buyer[:cnpj] = buyer_hash[:cnpj] if @options[:payment_country] == 'BR'
           buyer[:emailAddress] = buyer_hash[:email]
-          buyer[:contactPhone] = (options[:billing_address][:phone] if options[:billing_address]) || (options[:shipping_address][:phone] if options[:shipping_address]) || ''
+          buyer[:contactPhone] = (options[:billing_address][:phone] if options[:billing_address]) || (options[:shipping_address][:phone_number] if options[:shipping_address]) || ''
           buyer[:shippingAddress] = shipping_address_fields(options) if options[:shipping_address]
         else
           buyer[:fullName] = payment_method.name.strip
@@ -217,7 +217,7 @@ module ActiveMerchant #:nodoc:
           buyer[:merchantBuyerId] = options[:merchant_buyer_id]
           buyer[:cnpj] = options[:cnpj] if @options[:payment_country] == 'BR'
           buyer[:emailAddress] = options[:email]
-          buyer[:contactPhone] = (options[:billing_address][:phone] if options[:billing_address]) || (options[:shipping_address][:phone] if options[:shipping_address]) || ''
+          buyer[:contactPhone] = (options[:billing_address][:phone] if options[:billing_address]) || (options[:shipping_address][:phone_number] if options[:shipping_address]) || ''
           buyer[:shippingAddress] = shipping_address_fields(options) if options[:shipping_address]
         end
         post[:transaction][:order][:buyer] = buyer
@@ -233,7 +233,7 @@ module ActiveMerchant #:nodoc:
         shipping_address[:state] = address[:state]
         shipping_address[:country] = address[:country]
         shipping_address[:postalCode] = address[:zip]
-        shipping_address[:phone] = address[:phone]
+        shipping_address[:phone] = address[:phone_number]
         shipping_address
       end
 

data/lib/active_merchant/billing/gateways/payway_dot_com.rb

@@ -0,0 +1,253 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class PaywayDotComGateway < Gateway
+      self.test_url = 'https://devedgilpayway.net/PaywayWS/Payment/CreditCard'
+      self.live_url = 'https://edgilpayway.com/PaywayWS/Payment/CreditCard'
+
+      self.supported_countries = %w[US CA]
+      self.default_currency = 'USD'
+      self.supported_cardtypes = %i[visa master american_express discover]
+
+      self.money_format = :cents
+
+      self.homepage_url = 'http://www.payway.com'
+      self.display_name = 'Payway Gateway'
+
+      STANDARD_ERROR_CODE_MAPPING = {
+        '5012' => STANDARD_ERROR_CODE[:card_declined],
+        '5035' => STANDARD_ERROR_CODE[:invalid_number],
+        '5037' => STANDARD_ERROR_CODE[:invalid_expiry_date],
+        '5045' => STANDARD_ERROR_CODE[:incorrect_zip]
+      }
+
+      # Payway to standard AVSResult codes.
+      AVS_MAPPING = {
+        'N1'  => 'I', #  No address given with order
+        'N2'  => 'I', #  Bill-to address did not pass
+        '““'  => 'R', #  AVS not performed (Blanks returned)
+        'IU'  => 'G', #  AVS not performed by Issuer
+        'ID'  => 'S', #  Issuer does not participate in AVS
+        'IE'  => 'E', #  Edit Error - AVS data is invalid
+        'IS'  => 'R', #  System unavailable or time-out
+        'IB'  => 'B', #  Street address match. Postal code not verified due to incompatible formats (both were sent).
+        'IC'  => 'C', #  Street address and postal code not verified due to incompatible format (both were sent).
+        'IP'  => 'P', #  Postal code match. Street address not verified due to incompatible formats (both were sent).
+        'A1'  => 'K', #  Accountholder name matches
+        'A3'  => 'V', #  Accountholder name, billing address and postal code.
+        'A4'  => 'L', #  Accountholder name and billing postal code match
+        'A7'  => 'O', #  Accountholder name and billing address match
+        'B3'  => 'H', #  Accountholder name incorrect, billing address and postal code match
+        'B4'  => 'F', #  Accountholder name incorrect, billing postal code matches
+        'B7'  => 'T', #  Accountholder name incorrect, billing address matches
+        'B8'  => 'N', #  Accountholder name, billing address and postal code are all incorrect
+        '??'  => 'R', #  A double question mark symbol indicates an unrecognized response from association
+        'I1'  => 'X', #  Zip code +4 and Address Match
+        'I2'  => 'W', #  Zip code +4 Match
+        'I3'  => 'Y', #  Zip code and Address Match
+        'I4'  => 'Z', #  Zip code Match
+        'I5'  => 'M', #  +4 and Address Match
+        'I6'  => 'W', #  +4 Match
+        'I7'  => 'A', #  Address Match
+        'I8'  => 'C', #  No Match
+      }
+
+      PAYWAY_WS_SUCCESS = '5000'
+
+      SCRUB_PATTERNS = [
+        %r(("password\\?":\\?")[^\\]+),
+        %r(("fsv\\?":\\?")\d+),
+        %r(("fsv\\?": \\?")\d+),
+        %r(("accountNumber\\?":\\?")\d+),
+        %r(("accountNumber\\?": \\?")[^\\]+),
+        %r(("Invalid account number: )\d+)
+      ].freeze
+
+      SCRUB_REPLACEMENT = '\1[FILTERED]'
+
+      def initialize(options = {})
+        requires!(options, :login, :password, :company_id, :source_id)
+        super
+      end
+
+      def purchase(money, payment, options = {})
+        post = {}
+        add_common(post, options)
+        add_card_payment(post, payment, options)
+        add_card_transaction_details(post, money, options)
+        add_address(post, payment, options)
+
+        commit('sale', post)
+      end
+
+      def authorize(money, payment, options = {})
+        post = {}
+        add_common(post, options)
+        add_card_payment(post, payment, options)
+        add_card_transaction_details(post, money, options)
+        add_address(post, payment, options)
+
+        commit('authorize', post)
+      end
+
+      def capture(money, authorization, options = {})
+        post = {}
+        add_common(post, options)
+        add_card_transaction_name(post, authorization, options)
+
+        commit('capture', post)
+      end
+
+      def credit(money, payment, options = {})
+        post = {}
+        add_common(post, options)
+        add_card_payment(post, payment, options)
+        add_card_transaction_details(post, money, options)
+        add_address(post, payment, options)
+
+        commit('credit', post)
+      end
+
+      def void(authorization, options = {})
+        post = {}
+        add_common(post, options)
+        add_card_transaction_name(post, authorization, options)
+
+        commit('void', post)
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        SCRUB_PATTERNS.inject(transcript) do |text, pattern|
+          text.gsub(pattern, SCRUB_REPLACEMENT)
+        end
+      end
+
+      private
+
+      def add_common(post, options)
+        post[:userName] = @options[:login]
+        post[:password] = @options[:password]
+        post[:companyId] = @options[:company_id]
+        post[:cardTransaction] = {}
+        post[:cardTransaction][:sourceId] = @options[:source_id]
+      end
+
+      def add_address(post, payment, options)
+        post[:cardAccount] ||= {}
+        address = options[:billing_address] || options[:address] || {}
+        first_name, last_name = split_names(address[:name])
+        full_address = "#{address[:address1]} #{address[:address2]}".strip
+        phone = address[:phone] || address[:phone_number]
+
+        post[:cardAccount][:firstName] = first_name      if first_name
+        post[:cardAccount][:lastName]  = last_name       if last_name
+        post[:cardAccount][:address]   = full_address    if full_address
+        post[:cardAccount][:city]      = address[:city]  if address[:city]
+        post[:cardAccount][:state]     = address[:state] if address[:state]
+        post[:cardAccount][:zip]       = address[:zip]   if address[:zip]
+        post[:cardAccount][:phone]     = phone           if phone
+      end
+
+      def add_card_transaction_details(post, money, options)
+        post[:cardTransaction][:amount] = amount(money)
+        eci_type = options[:eci_type].nil? ? '1' : options[:eci_type]
+        post[:cardTransaction][:eciType] = eci_type
+        post[:cardTransaction][:processorSoftDescriptor] = options[:processor_soft_descriptor] if options[:processor_soft_descriptor]
+        post[:cardTransaction][:tax] = options[:tax] if options[:tax]
+      end
+
+      def add_card_transaction_name(post, identifier, options)
+        post[:cardTransaction][:name] = identifier
+      end
+
+      def add_card_payment(post, payment, options)
+        # credit_card
+        post[:accountInputMode] = 'primaryAccountNumber'
+
+        post[:cardAccount] ||= {}
+        post[:cardAccount][:accountNumber]  = payment.number
+        post[:cardAccount][:fsv]            = payment.verification_value
+        post[:cardAccount][:expirationDate] = expdate(payment)
+        post[:cardAccount][:email]          = options[:email] if options[:email]
+      end
+
+      def expdate(credit_card)
+        year  = format(credit_card.year, :four_digits)
+        month = format(credit_card.month, :two_digits)
+
+        month + year
+      end
+
+      def parse(body)
+        body.blank? ? {} : JSON.parse(body)
+      end
+
+      def commit(action, parameters)
+        parameters[:request] = action
+
+        url = (test? ? test_url : live_url)
+        payload = parameters.to_json unless parameters.nil?
+
+        response =
+          begin
+            parse(ssl_request(:post, url, payload, headers))
+          rescue ResponseError => e
+            return Response.new(false, 'Invalid Login') if e.response.code == '401'
+
+            parse(e.response.body)
+          end
+
+        success = success_from(response)
+        avs_result_code = response['cardTransaction'].nil? || response['cardTransaction']['addressVerificationResults'].nil? ? '' : response['cardTransaction']['addressVerificationResults']
+        avs_result = AVSResult.new(code: AVS_MAPPING[avs_result_code])
+        cvv_result = CVVResult.new(response['cardTransaction']['fraudSecurityResults']) if response['cardTransaction'] && response['cardTransaction']['fraudSecurityResults']
+
+        Response.new(
+          success,
+          message_from(success, response),
+          response,
+          test: test?,
+          error_code: error_code_from(response),
+          authorization: authorization_from(response),
+          avs_result: avs_result,
+          cvv_result: cvv_result
+        )
+      end
+
+      def success_from(response)
+        response['paywayCode'] == PAYWAY_WS_SUCCESS
+      end
+
+      def error_code_from(response)
+        return '' if success_from(response)
+
+        error = !STANDARD_ERROR_CODE_MAPPING[response['paywayCode']].nil? ? STANDARD_ERROR_CODE_MAPPING[response['paywayCode']] : STANDARD_ERROR_CODE[:processing_error]
+        return error
+      end
+
+      def message_from(success, response)
+        return '' if response['paywayCode'].nil?
+
+        return response['paywayCode'] + '-' + 'success' if success
+
+        response['paywayCode'] + '-' + response['paywayMessage']
+      end
+
+      def authorization_from(response)
+        return '' if !success_from(response) || response['cardTransaction'].nil?
+
+        response['cardTransaction']['name']
+      end
+
+      def headers
+        {
+          'Accept'        => 'application/json',
+          'Content-type'  => 'application/json'
+        }
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/qvalent.rb

@@ -17,7 +17,7 @@ module ActiveMerchant #:nodoc:
       }
 
       def initialize(options = {})
-        requires!(options, :username, :password, :merchant, :pem, :pem_password)
+        requires!(options, :username, :password, :merchant, :pem)
         super
       end
 
@@ -30,6 +30,7 @@ module ActiveMerchant #:nodoc:
         add_stored_credential_data(post, payment_method, options)
         add_customer_data(post, options)
         add_soft_descriptors(post, options)
+        add_customer_reference(post, options)
 
         commit('capture', post)
       end
@@ -43,6 +44,7 @@ module ActiveMerchant #:nodoc:
         add_stored_credential_data(post, payment_method, options)
         add_customer_data(post, options)
         add_soft_descriptors(post, options)
+        add_customer_reference(post, options)
 
         commit('preauth', post)
       end
@@ -53,6 +55,7 @@ module ActiveMerchant #:nodoc:
         add_reference(post, authorization, options)
         add_customer_data(post, options)
         add_soft_descriptors(post, options)
+        add_customer_reference(post, options)
 
         commit('captureWithoutAuth', post)
       end
@@ -64,6 +67,7 @@ module ActiveMerchant #:nodoc:
         add_customer_data(post, options)
         add_soft_descriptors(post, options)
         post['order.ECI'] = options[:eci] || 'SSL'
+        add_customer_reference(post, options)
 
         commit('refund', post)
       end
@@ -76,6 +80,7 @@ module ActiveMerchant #:nodoc:
         add_payment_method(post, payment_method)
         add_customer_data(post, options)
         add_soft_descriptors(post, options)
+        add_customer_reference(post, options)
 
         commit('refund', post)
       end
@@ -85,6 +90,7 @@ module ActiveMerchant #:nodoc:
         add_reference(post, authorization, options)
         add_customer_data(post, options)
         add_soft_descriptors(post, options)
+        add_customer_reference(post, options)
 
         commit('reversal', post)
       end
@@ -92,7 +98,7 @@ module ActiveMerchant #:nodoc:
       def store(payment_method, options = {})
         post = {}
         add_payment_method(post, payment_method)
-        add_card_reference(post)
+        add_card_reference(post, options)
 
         commit('registerAccount', post)
       end
@@ -149,12 +155,16 @@ module ActiveMerchant #:nodoc:
         return unless payment_method.brand == 'visa'
 
         stored_credential = options[:stored_credential]
-        if stored_credential[:initial_transaction]
-          post['card.storedCredentialUsage'] = 'INITIAL_STORAGE'
-        elsif stored_credential[:reason_type] == ('recurring' || 'installment')
+        if stored_credential[:reason_type] == 'unscheduled'
+          if stored_credential[:initiator] == 'merchant'
+            post['card.storedCredentialUsage'] = 'UNSCHEDULED_MIT'
+          elsif stored_credential[:initiator] == 'customer'
+            post['card.storedCredentialUsage'] = 'UNSCHEDULED_CIT'
+          end
+        elsif stored_credential[:reason_type] == 'recurring'
           post['card.storedCredentialUsage'] = 'RECURRING'
-        elsif stored_credential[:reason_type] == 'unscheduled'
-          post['card.storedCredentialUsage'] = 'UNSCHEDULED'
+        elsif stored_credential[:reason_type] == 'installment'
+          post['card.storedCredentialUsage'] = 'INSTALLMENT'
         end
       end
 
@@ -181,8 +191,12 @@ module ActiveMerchant #:nodoc:
         post['card.CVN'] = payment_method.verification_value
       end
 
-      def add_card_reference(post)
-        post['customer.customerReferenceNumber'] = options[:order_id]
+      def add_card_reference(post, options)
+        post['customer.customerReferenceNumber'] = options[:customer_reference_number] || options[:order_id]
+      end
+
+      def add_customer_reference(post, options)
+        post['customer.customerReferenceNumber'] = options[:customer_reference_number] if options[:customer_reference_number]
       end
 
       def add_reference(post, authorization, options)

data/lib/active_merchant/billing/gateways/redsys.rb

@@ -126,6 +126,7 @@ module ActiveMerchant #:nodoc:
         184 => 'Authentication error',
         190 => 'Refusal with no specific reason',
         191 => 'Expiry date incorrect',
+        195 => 'Requires SCA authentication',
 
         201 => 'Card expired',
         202 => 'Card blocked temporarily or under suspicion of fraud',
@@ -202,11 +203,12 @@ module ActiveMerchant #:nodoc:
         add_order(data, options[:order_id])
         add_payment(data, payment)
         add_external_mpi_fields(data, options)
-        add_threeds(data, options) if options[:execute_threed]
+        add_three_ds_data(data, options) if options[:execute_threed]
         add_stored_credential_options(data, options)
         data[:description] = options[:description]
         data[:store_in_vault] = options[:store]
         data[:sca_exemption] = options[:sca_exemption]
+        data[:sca_exemption_direct_payment_enabled] = options[:sca_exemption_direct_payment_enabled]
 
         commit data, options
       end
@@ -220,11 +222,12 @@ module ActiveMerchant #:nodoc:
         add_order(data, options[:order_id])
         add_payment(data, payment)
         add_external_mpi_fields(data, options)
-        add_threeds(data, options) if options[:execute_threed]
+        add_three_ds_data(data, options) if options[:execute_threed]
         add_stored_credential_options(data, options)
         data[:description] = options[:description]
         data[:store_in_vault] = options[:store]
         data[:sca_exemption] = options[:sca_exemption]
+        data[:sca_exemption_direct_payment_enabled] = options[:sca_exemption_direct_payment_enabled]
 
         commit data, options
       end
@@ -309,7 +312,7 @@ module ActiveMerchant #:nodoc:
         test? ? test_url : live_url
       end
 
-      def threeds_url
+      def webservice_url
         test? ? 'https://sis-t.redsys.es:25443/sis/services/SerClsWSEntradaV2' : 'https://sis.redsys.es/sis/services/SerClsWSEntradaV2'
       end
 
@@ -369,42 +372,51 @@ module ActiveMerchant #:nodoc:
         end
       end
 
-      def add_threeds(data, options)
-        data[:threeds] = { threeDSInfo: 'CardData' } if options[:execute_threed] == true
+      def add_three_ds_data(data, options)
+        data[:three_ds_data] = { threeDSInfo: 'CardData' } if options[:execute_threed] == true
       end
 
-      def determine_3ds_action(threeds_hash)
-        return 'iniciaPeticion' if threeds_hash[:threeDSInfo] == 'CardData'
-        return 'trataPeticion' if threeds_hash[:threeDSInfo] == 'AuthenticationData' ||
-                                  threeds_hash[:threeDSInfo] == 'ChallengeResponse'
+      def determine_peticion_type(data)
+        three_ds_info = data.dig(:three_ds_data, :threeDSInfo)
+        return 'iniciaPeticion' if three_ds_info == 'CardData'
+        return 'trataPeticion' if three_ds_info == 'AuthenticationData' ||
+                                  three_ds_info == 'ChallengeResponse' ||
+                                  data[:sca_exemption] == 'MIT'
+      end
+
+      def use_webservice_endpoint?(data, options)
+        options[:use_webservice_endpoint].to_s == 'true' || data[:three_ds_data] || data[:sca_exemption] == 'MIT'
       end
 
       def commit(data, options = {})
-        if data[:threeds]
-          action = determine_3ds_action(data[:threeds])
+        xmlreq = xml_request_from(data, options)
+
+        if use_webservice_endpoint?(data, options)
+          peticion_type = determine_peticion_type(data)
+
           request = <<-REQUEST
             <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:apachesoap="http://xml.apache.org/xml-soap" xmlns:impl="http://webservice.sis.sermepa.es" xmlns:intf="http://webservice.sis.sermepa.es" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:wsdlsoap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" >
             <soapenv:Header/>
             <soapenv:Body>
-              <intf:#{action} xmlns:intf="http://webservice.sis.sermepa.es">
+              <intf:#{peticion_type} xmlns:intf="http://webservice.sis.sermepa.es">
                 <intf:datoEntrada>
-                <![CDATA[#{xml_request_from(data, options)}]]>
+                <![CDATA[#{xmlreq}]]>
                 </intf:datoEntrada>
-              </intf:#{action}>
+              </intf:#{peticion_type}>
             </soapenv:Body>
           </soapenv:Envelope>
           REQUEST
-          parse(ssl_post(threeds_url, request, headers(action)), action)
+          parse(ssl_post(webservice_url, request, headers(peticion_type)), peticion_type)
         else
-          parse(ssl_post(url, "entrada=#{CGI.escape(xml_request_from(data, options))}", headers), action)
+          parse(ssl_post(url, "entrada=#{CGI.escape(xmlreq)}", headers), peticion_type)
         end
       end
 
-      def headers(action = nil)
-        if action
+      def headers(peticion_type = nil)
+        if peticion_type
           {
             'Content-Type' => 'text/xml',
-            'SOAPAction' => action
+            'SOAPAction' => peticion_type
           }
         else
           {
@@ -468,7 +480,7 @@ module ActiveMerchant #:nodoc:
 
       def build_merchant_data(xml, data, options = {})
         # See https://sis-t.redsys.es:25443/sis/services/SerClsWSEntradaV2/wsdl/SerClsWSEntradaV2.wsdl
-        # (which results from calling #threeds_url + '?WSDL', https://sis-t.redsys.es:25443/sis/services/SerClsWSEntradaV2?WSDL)
+        # (which results from calling #webservice_url + '?WSDL', https://sis-t.redsys.es:25443/sis/services/SerClsWSEntradaV2?WSDL)
         xml.DATOSENTRADA do
           # Basic elements
           xml.DS_Version 0.1
@@ -476,7 +488,7 @@ module ActiveMerchant #:nodoc:
           xml.DS_MERCHANT_AMOUNT             data[:amount]
           xml.DS_MERCHANT_ORDER              data[:order_id]
           xml.DS_MERCHANT_TRANSACTIONTYPE    data[:action]
-          if data[:description] && data[:threeds]
+          if data[:description] && use_webservice_endpoint?(data, options)
             xml.DS_MERCHANT_PRODUCTDESCRIPTION CGI.escape(data[:description])
           else
             xml.DS_MERCHANT_PRODUCTDESCRIPTION data[:description]
@@ -484,11 +496,18 @@ module ActiveMerchant #:nodoc:
           xml.DS_MERCHANT_TERMINAL           options[:terminal] || @options[:terminal]
           xml.DS_MERCHANT_MERCHANTCODE       @options[:login]
           xml.DS_MERCHANT_MERCHANTSIGNATURE  build_signature(data) unless sha256_authentication?
-          xml.DS_MERCHANT_EXCEP_SCA          data[:sca_exemption] if data[:sca_exemption]
+
+          peticion_type = determine_peticion_type(data) if data[:three_ds_data]
+          if peticion_type == 'iniciaPeticion' && data[:sca_exemption]
+            xml.DS_MERCHANT_EXCEP_SCA 'Y'
+          else
+            xml.DS_MERCHANT_EXCEP_SCA data[:sca_exemption] if data[:sca_exemption]
+            xml.DS_MERCHANT_DIRECTPAYMENT data[:sca_exemption_direct_payment_enabled] || 'true' if data[:sca_exemption] == 'MIT'
+          end
 
           # Only when card is present
           if data[:card]
-            if data[:card][:name] && data[:threeds]
+            if data[:card][:name] && use_webservice_endpoint?(data, options)
               xml.DS_MERCHANT_TITULAR    CGI.escape(data[:card][:name])
             else
               xml.DS_MERCHANT_TITULAR    data[:card][:name]
@@ -509,7 +528,7 @@ module ActiveMerchant #:nodoc:
           # Requires account configuration to be able to use
           xml.DS_MERCHANT_DIRECTPAYMENT 'moto' if options.dig(:moto) && options.dig(:metadata, :manual_entry)
 
-          xml.DS_MERCHANT_EMV3DS data[:threeds].to_json if data[:threeds]
+          xml.DS_MERCHANT_EMV3DS data[:three_ds_data].to_json if data[:three_ds_data]
 
           if options[:stored_credential]
             xml.DS_MERCHANT_COF_INI data[:DS_MERCHANT_COF_INI]
@@ -622,7 +641,7 @@ module ActiveMerchant #:nodoc:
       def response_text(code)
         code = code.to_i
         code = 0 if code < 100
-        RESPONSE_TEXTS[code] || 'Unkown code, please check in manual'
+        RESPONSE_TEXTS[code] || 'Unknown code, please check in manual'
       end
 
       def response_text_3ds(xml, params)