activemerchant 1.119.0 → 1.120.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG +75 -1
- data/README.md +3 -1
- data/lib/active_merchant/billing/check.rb +10 -0
- data/lib/active_merchant/billing/credit_card_methods.rb +9 -3
- data/lib/active_merchant/billing/gateways/adyen.rb +20 -6
- data/lib/active_merchant/billing/gateways/authorize_net.rb +9 -3
- data/lib/active_merchant/billing/gateways/authorize_net_cim.rb +3 -0
- data/lib/active_merchant/billing/gateways/braintree_blue.rb +47 -7
- data/lib/active_merchant/billing/gateways/cashnet.rb +7 -2
- data/lib/active_merchant/billing/gateways/checkout_v2.rb +21 -0
- data/lib/active_merchant/billing/gateways/credorax.rb +13 -8
- data/lib/active_merchant/billing/gateways/cyber_source.rb +23 -3
- data/lib/active_merchant/billing/gateways/d_local.rb +1 -1
- data/lib/active_merchant/billing/gateways/elavon.rb +11 -1
- data/lib/active_merchant/billing/gateways/forte.rb +12 -0
- data/lib/active_merchant/billing/gateways/hps.rb +55 -1
- data/lib/active_merchant/billing/gateways/litle.rb +1 -1
- data/lib/active_merchant/billing/gateways/mercado_pago.rb +2 -2
- data/lib/active_merchant/billing/gateways/netbanx.rb +26 -2
- data/lib/active_merchant/billing/gateways/orbital.rb +62 -53
- data/lib/active_merchant/billing/gateways/payeezy.rb +30 -6
- data/lib/active_merchant/billing/gateways/payment_express.rb +5 -5
- data/lib/active_merchant/billing/gateways/payway_dot_com.rb +253 -0
- data/lib/active_merchant/billing/gateways/qvalent.rb +23 -9
- data/lib/active_merchant/billing/gateways/redsys.rb +19 -4
- data/lib/active_merchant/billing/gateways/safe_charge.rb +18 -11
- data/lib/active_merchant/billing/gateways/stripe.rb +8 -8
- data/lib/active_merchant/billing/gateways/stripe_payment_intents.rb +61 -25
- data/lib/active_merchant/billing/gateways/vpos.rb +172 -0
- data/lib/active_merchant/billing/gateways/worldpay.rb +24 -11
- data/lib/active_merchant/version.rb +1 -1
- data/lib/certs/cacert.pem +1582 -2431
- metadata +5 -3
@@ -208,6 +208,7 @@ module ActiveMerchant #:nodoc:
|
|
208
208
|
data[:description] = options[:description]
|
209
209
|
data[:store_in_vault] = options[:store]
|
210
210
|
data[:sca_exemption] = options[:sca_exemption]
|
211
|
+
data[:sca_exemption_direct_payment_enabled] = options[:sca_exemption_direct_payment_enabled]
|
211
212
|
|
212
213
|
commit data, options
|
213
214
|
end
|
@@ -226,6 +227,7 @@ module ActiveMerchant #:nodoc:
|
|
226
227
|
data[:description] = options[:description]
|
227
228
|
data[:store_in_vault] = options[:store]
|
228
229
|
data[:sca_exemption] = options[:sca_exemption]
|
230
|
+
data[:sca_exemption_direct_payment_enabled] = options[:sca_exemption_direct_payment_enabled]
|
229
231
|
|
230
232
|
commit data, options
|
231
233
|
end
|
@@ -397,7 +399,8 @@ module ActiveMerchant #:nodoc:
|
|
397
399
|
REQUEST
|
398
400
|
parse(ssl_post(threeds_url, request, headers(action)), action)
|
399
401
|
else
|
400
|
-
|
402
|
+
xmlreq = xml_request_from(data, options)
|
403
|
+
parse(ssl_post(url, "entrada=#{CGI.escape(xmlreq)}", headers), action)
|
401
404
|
end
|
402
405
|
end
|
403
406
|
|
@@ -467,6 +470,11 @@ module ActiveMerchant #:nodoc:
|
|
467
470
|
xml.target!
|
468
471
|
end
|
469
472
|
|
473
|
+
# Template Method to allow AM API clients to override decision to escape, based on their own criteria.
|
474
|
+
def escape_special_chars?(data, options = {})
|
475
|
+
data[:threeds]
|
476
|
+
end
|
477
|
+
|
470
478
|
def build_merchant_data(xml, data, options = {})
|
471
479
|
# See https://sis-t.redsys.es:25443/sis/services/SerClsWSEntradaV2/wsdl/SerClsWSEntradaV2.wsdl
|
472
480
|
# (which results from calling #threeds_url + '?WSDL', https://sis-t.redsys.es:25443/sis/services/SerClsWSEntradaV2?WSDL)
|
@@ -477,7 +485,7 @@ module ActiveMerchant #:nodoc:
|
|
477
485
|
xml.DS_MERCHANT_AMOUNT data[:amount]
|
478
486
|
xml.DS_MERCHANT_ORDER data[:order_id]
|
479
487
|
xml.DS_MERCHANT_TRANSACTIONTYPE data[:action]
|
480
|
-
if data[:description] && data
|
488
|
+
if data[:description] && escape_special_chars?(data, options)
|
481
489
|
xml.DS_MERCHANT_PRODUCTDESCRIPTION CGI.escape(data[:description])
|
482
490
|
else
|
483
491
|
xml.DS_MERCHANT_PRODUCTDESCRIPTION data[:description]
|
@@ -485,11 +493,18 @@ module ActiveMerchant #:nodoc:
|
|
485
493
|
xml.DS_MERCHANT_TERMINAL options[:terminal] || @options[:terminal]
|
486
494
|
xml.DS_MERCHANT_MERCHANTCODE @options[:login]
|
487
495
|
xml.DS_MERCHANT_MERCHANTSIGNATURE build_signature(data) unless sha256_authentication?
|
488
|
-
|
496
|
+
|
497
|
+
action = determine_3ds_action(data[:threeds]) if data[:threeds]
|
498
|
+
if action == 'iniciaPeticion' && data[:sca_exemption]
|
499
|
+
xml.DS_MERCHANT_EXCEP_SCA 'Y'
|
500
|
+
else
|
501
|
+
xml.DS_MERCHANT_EXCEP_SCA data[:sca_exemption] if data[:sca_exemption]
|
502
|
+
xml.DS_MERCHANT_DIRECTPAYMENT data[:sca_exemption_direct_payment_enabled] if data[:sca_exemption_direct_payment_enabled]
|
503
|
+
end
|
489
504
|
|
490
505
|
# Only when card is present
|
491
506
|
if data[:card]
|
492
|
-
if data[:card][:name] && data
|
507
|
+
if data[:card][:name] && escape_special_chars?(data, options)
|
493
508
|
xml.DS_MERCHANT_TITULAR CGI.escape(data[:card][:name])
|
494
509
|
else
|
495
510
|
xml.DS_MERCHANT_TITULAR data[:card][:name]
|
@@ -146,12 +146,20 @@ module ActiveMerchant #:nodoc:
|
|
146
146
|
end
|
147
147
|
|
148
148
|
def add_payment(post, payment, options = {})
|
149
|
-
post[:sg_NameOnCard] = payment.name
|
150
|
-
post[:sg_CardNumber] = payment.number
|
151
149
|
post[:sg_ExpMonth] = format(payment.month, :two_digits)
|
152
150
|
post[:sg_ExpYear] = format(payment.year, :two_digits)
|
153
|
-
post[:
|
154
|
-
|
151
|
+
post[:sg_CardNumber] = payment.number
|
152
|
+
|
153
|
+
if payment.is_a?(NetworkTokenizationCreditCard) && payment.source == :network_token
|
154
|
+
post[:sg_CAVV] = payment.payment_cryptogram
|
155
|
+
post[:sg_ECI] = options[:three_d_secure] && options[:three_d_secure][:eci] || '05'
|
156
|
+
post[:sg_IsExternalMPI] = 1
|
157
|
+
post[:sg_ExternalTokenProvider] = 5
|
158
|
+
else
|
159
|
+
post[:sg_CVV2] = payment.verification_value
|
160
|
+
post[:sg_NameOnCard] = payment.name
|
161
|
+
post[:sg_StoredCredentialMode] = (options[:stored_credential_mode] == true ? 1 : 0)
|
162
|
+
end
|
155
163
|
end
|
156
164
|
|
157
165
|
def add_customer_details(post, payment, options)
|
@@ -170,14 +178,13 @@ module ActiveMerchant #:nodoc:
|
|
170
178
|
end
|
171
179
|
|
172
180
|
def add_external_mpi_data(post, options)
|
173
|
-
|
174
|
-
|
175
|
-
post[:
|
176
|
-
post[:
|
177
|
-
post[:
|
178
|
-
post[:sg_threeDSProtocolVersion] = version
|
179
|
-
post[:sg_xid] = options[:three_d_secure][:xid] if version == '1'
|
181
|
+
post[:sg_ECI] = options[:three_d_secure][:eci] if options[:three_d_secure][:eci]
|
182
|
+
post[:sg_CAVV] = options[:three_d_secure][:cavv] if options[:three_d_secure][:cavv]
|
183
|
+
post[:sg_dsTransID] = options[:three_d_secure][:ds_transaction_id] if options[:three_d_secure][:ds_transaction_id]
|
184
|
+
post[:sg_threeDSProtocolVersion] = options[:three_d_secure][:ds_transaction_id] ? '2' : '1'
|
185
|
+
post[:sg_Xid] = options[:three_d_secure][:xid]
|
180
186
|
post[:sg_IsExternalMPI] = 1
|
187
|
+
post[:sg_EnablePartialApproval] = options[:is_partial_approval]
|
181
188
|
end
|
182
189
|
|
183
190
|
def parse(xml)
|
@@ -279,14 +279,14 @@ module ActiveMerchant #:nodoc:
|
|
279
279
|
transcript.
|
280
280
|
gsub(%r((Authorization: Basic )\w+), '\1[FILTERED]').
|
281
281
|
gsub(%r((&?three_d_secure\[cryptogram\]=)[\w=]*(&?)), '\1[FILTERED]\2').
|
282
|
-
gsub(%r((card\[cryptogram\]=)[^&]+(&?)), '\1[FILTERED]\
|
283
|
-
gsub(%r((card\[cvc\]=)\d+), '\1[FILTERED]').
|
284
|
-
gsub(%r((card\[emv_approval_data\]=)[^&]+(&?)), '\1[FILTERED]\
|
285
|
-
gsub(%r((card\[emv_auth_data\]=)[^&]+(&?)), '\1[FILTERED]\
|
286
|
-
gsub(%r((card\[encrypted_pin\]=)[^&]+(&?)), '\1[FILTERED]\
|
287
|
-
gsub(%r((card\[encrypted_pin_key_id\]=)[\w=]+(&?)), '\1[FILTERED]\
|
288
|
-
gsub(%r((card\[number\]=)\d+), '\1[FILTERED]').
|
289
|
-
gsub(%r((card\[swipe_data\]=)[^&]+(&?)), '\1[FILTERED]\
|
282
|
+
gsub(%r(((\[card\]|card)\[cryptogram\]=)[^&]+(&?)), '\1[FILTERED]\3').
|
283
|
+
gsub(%r(((\[card\]|card)\[cvc\]=)\d+), '\1[FILTERED]').
|
284
|
+
gsub(%r(((\[card\]|card)\[emv_approval_data\]=)[^&]+(&?)), '\1[FILTERED]\3').
|
285
|
+
gsub(%r(((\[card\]|card)\[emv_auth_data\]=)[^&]+(&?)), '\1[FILTERED]\3').
|
286
|
+
gsub(%r(((\[card\]|card)\[encrypted_pin\]=)[^&]+(&?)), '\1[FILTERED]\3').
|
287
|
+
gsub(%r(((\[card\]|card)\[encrypted_pin_key_id\]=)[\w=]+(&?)), '\1[FILTERED]\3').
|
288
|
+
gsub(%r(((\[card\]|card)\[number\]=)\d+), '\1[FILTERED]').
|
289
|
+
gsub(%r(((\[card\]|card)\[swipe_data\]=)[^&]+(&?)), '\1[FILTERED]\3')
|
290
290
|
end
|
291
291
|
|
292
292
|
def supports_network_tokenization?
|
@@ -30,6 +30,7 @@ module ActiveMerchant #:nodoc:
|
|
30
30
|
add_shipping_address(post, options)
|
31
31
|
setup_future_usage(post, options)
|
32
32
|
add_exemption(post, options)
|
33
|
+
add_stored_credentials(post, options)
|
33
34
|
add_error_on_requires_action(post, options)
|
34
35
|
request_three_d_secure(post, options)
|
35
36
|
|
@@ -56,16 +57,22 @@ module ActiveMerchant #:nodoc:
|
|
56
57
|
end
|
57
58
|
|
58
59
|
def create_payment_method(payment_method, options = {})
|
59
|
-
|
60
|
-
|
61
|
-
post[:card] = {}
|
62
|
-
post[:card][:number] = payment_method.number
|
63
|
-
post[:card][:exp_month] = payment_method.month
|
64
|
-
post[:card][:exp_year] = payment_method.year
|
65
|
-
post[:card][:cvc] = payment_method.verification_value if payment_method.verification_value
|
66
|
-
add_billing_address(post, options)
|
60
|
+
post_data = create_payment_method_data(payment_method, options)
|
61
|
+
|
67
62
|
options = format_idempotency_key(options, 'pm')
|
68
|
-
commit(:post, 'payment_methods',
|
63
|
+
commit(:post, 'payment_methods', post_data, options)
|
64
|
+
end
|
65
|
+
|
66
|
+
def create_payment_method_data(payment_method, options = {})
|
67
|
+
post_data = {}
|
68
|
+
post_data[:type] = 'card'
|
69
|
+
post_data[:card] = {}
|
70
|
+
post_data[:card][:number] = payment_method.number
|
71
|
+
post_data[:card][:exp_month] = payment_method.month
|
72
|
+
post_data[:card][:exp_year] = payment_method.year
|
73
|
+
post_data[:card][:cvc] = payment_method.verification_value if payment_method.verification_value
|
74
|
+
add_billing_address(post_data, options)
|
75
|
+
post_data
|
69
76
|
end
|
70
77
|
|
71
78
|
def update_intent(money, intent_id, payment_method, options = {})
|
@@ -102,6 +109,17 @@ module ActiveMerchant #:nodoc:
|
|
102
109
|
commit(:post, 'setup_intents', post, options)
|
103
110
|
end
|
104
111
|
|
112
|
+
def retrieve_setup_intent(setup_intent_id)
|
113
|
+
# Retrieving a setup_intent passing 'expand[]=latest_attempt' allows the caller to
|
114
|
+
# check for a network_transaction_id and ds_transaction_id
|
115
|
+
# eg (latest_attempt -> payment_method_details -> card -> network_transaction_id)
|
116
|
+
#
|
117
|
+
# Being able to retrieve these fields enables payment flows that rely on MIT exemptions, e.g: off_session
|
118
|
+
commit(:post, "setup_intents/#{setup_intent_id}", {
|
119
|
+
'expand[]': 'latest_attempt'
|
120
|
+
}, {})
|
121
|
+
end
|
122
|
+
|
105
123
|
def authorize(money, payment_method, options = {})
|
106
124
|
create_intent(money, payment_method, options.merge!(confirm: true, capture_method: 'manual'))
|
107
125
|
end
|
@@ -165,7 +183,6 @@ module ActiveMerchant #:nodoc:
|
|
165
183
|
if options[:customer]
|
166
184
|
customer_id = options[:customer]
|
167
185
|
else
|
168
|
-
post[:validate] = options[:validate] unless options[:validate].nil?
|
169
186
|
post[:description] = options[:description] if options[:description]
|
170
187
|
post[:email] = options[:email] if options[:email]
|
171
188
|
options = format_idempotency_key(options, 'customer')
|
@@ -173,7 +190,9 @@ module ActiveMerchant #:nodoc:
|
|
173
190
|
customer_id = customer.params['id']
|
174
191
|
end
|
175
192
|
options = format_idempotency_key(options, 'attach')
|
176
|
-
|
193
|
+
attach_parameters = { customer: customer_id }
|
194
|
+
attach_parameters[:validate] = options[:validate] unless options[:validate].nil?
|
195
|
+
commit(:post, "payment_methods/#{params[:payment_method]}/attach", attach_parameters, options)
|
177
196
|
else
|
178
197
|
super(payment_method, options)
|
179
198
|
end
|
@@ -194,6 +213,10 @@ module ActiveMerchant #:nodoc:
|
|
194
213
|
|
195
214
|
private
|
196
215
|
|
216
|
+
def off_session_request?(options = {})
|
217
|
+
(options[:off_session] || options[:setup_future_usage]) && options[:confirm] == true
|
218
|
+
end
|
219
|
+
|
197
220
|
def add_connected_account(post, options = {})
|
198
221
|
super(post, options)
|
199
222
|
post[:application_fee_amount] = options[:application_fee] if options[:application_fee]
|
@@ -201,25 +224,21 @@ module ActiveMerchant #:nodoc:
|
|
201
224
|
|
202
225
|
def add_whitelisted_attribute(post, options, attribute)
|
203
226
|
post[attribute] = options[attribute] if options[attribute]
|
204
|
-
post
|
205
227
|
end
|
206
228
|
|
207
229
|
def add_capture_method(post, options)
|
208
230
|
capture_method = options[:capture_method].to_s
|
209
231
|
post[:capture_method] = capture_method if ALLOWED_METHOD_STATES.include?(capture_method)
|
210
|
-
post
|
211
232
|
end
|
212
233
|
|
213
234
|
def add_confirmation_method(post, options)
|
214
235
|
confirmation_method = options[:confirmation_method].to_s
|
215
236
|
post[:confirmation_method] = confirmation_method if ALLOWED_METHOD_STATES.include?(confirmation_method)
|
216
|
-
post
|
217
237
|
end
|
218
238
|
|
219
239
|
def add_customer(post, options)
|
220
240
|
customer = options[:customer].to_s
|
221
241
|
post[:customer] = customer if customer.start_with?('cus_')
|
222
|
-
post
|
223
242
|
end
|
224
243
|
|
225
244
|
def add_return_url(post, options)
|
@@ -227,22 +246,27 @@ module ActiveMerchant #:nodoc:
|
|
227
246
|
|
228
247
|
post[:confirm] = options[:confirm]
|
229
248
|
post[:return_url] = options[:return_url] if options[:return_url]
|
230
|
-
post
|
231
249
|
end
|
232
250
|
|
233
251
|
def add_payment_method_token(post, payment_method, options)
|
234
252
|
return if payment_method.nil?
|
235
253
|
|
236
254
|
if payment_method.is_a?(ActiveMerchant::Billing::CreditCard)
|
237
|
-
|
238
|
-
|
255
|
+
if off_session_request?(options)
|
256
|
+
post[:payment_method_data] = create_payment_method_data(payment_method, options)
|
257
|
+
return
|
258
|
+
else
|
259
|
+
p = create_payment_method(payment_method, options)
|
260
|
+
return p unless p.success?
|
239
261
|
|
240
|
-
|
262
|
+
payment_method = p.params['id']
|
263
|
+
end
|
241
264
|
end
|
242
265
|
|
243
|
-
|
266
|
+
case payment_method
|
267
|
+
when StripePaymentToken
|
244
268
|
post[:payment_method] = payment_method.payment_data['id']
|
245
|
-
|
269
|
+
when String
|
246
270
|
if payment_method.include?('|')
|
247
271
|
customer_id, payment_method_id = payment_method.split('|')
|
248
272
|
token = payment_method_id
|
@@ -252,6 +276,8 @@ module ActiveMerchant #:nodoc:
|
|
252
276
|
end
|
253
277
|
post[:payment_method] = token
|
254
278
|
end
|
279
|
+
|
280
|
+
post
|
255
281
|
end
|
256
282
|
|
257
283
|
def add_payment_method_types(post, options)
|
@@ -259,7 +285,6 @@ module ActiveMerchant #:nodoc:
|
|
259
285
|
return if payment_method_types.nil?
|
260
286
|
|
261
287
|
post[:payment_method_types] = Array(payment_method_types)
|
262
|
-
post
|
263
288
|
end
|
264
289
|
|
265
290
|
def add_exemption(post, options = {})
|
@@ -270,6 +295,19 @@ module ActiveMerchant #:nodoc:
|
|
270
295
|
post[:payment_method_options][:card][:moto] = true if options[:moto]
|
271
296
|
end
|
272
297
|
|
298
|
+
def add_stored_credentials(post, options = {})
|
299
|
+
return unless options[:stored_credential] && !options[:stored_credential].values.all?(&:nil?)
|
300
|
+
|
301
|
+
stored_credential = options[:stored_credential]
|
302
|
+
post[:payment_method_options] ||= {}
|
303
|
+
post[:payment_method_options][:card] ||= {}
|
304
|
+
post[:payment_method_options][:card][:mit_exemption] = {}
|
305
|
+
|
306
|
+
# Stripe PI accepts network_transaction_id and ds_transaction_id via mit field under card.
|
307
|
+
post[:payment_method_options][:card][:mit_exemption][:network_transaction_id] = stored_credential[:network_transaction_id] if stored_credential[:network_transaction_id]
|
308
|
+
post[:payment_method_options][:card][:mit_exemption][:ds_transaction_id] = stored_credential[:ds_transaction_id] if stored_credential[:ds_transaction_id]
|
309
|
+
end
|
310
|
+
|
273
311
|
def add_error_on_requires_action(post, options = {})
|
274
312
|
return unless options[:confirm]
|
275
313
|
|
@@ -299,7 +337,7 @@ module ActiveMerchant #:nodoc:
|
|
299
337
|
|
300
338
|
def setup_future_usage(post, options = {})
|
301
339
|
post[:setup_future_usage] = options[:setup_future_usage] if %w(on_session off_session).include?(options[:setup_future_usage])
|
302
|
-
post[:off_session] = options[:off_session] if options
|
340
|
+
post[:off_session] = options[:off_session] if off_session_request?(options)
|
303
341
|
post
|
304
342
|
end
|
305
343
|
|
@@ -317,7 +355,6 @@ module ActiveMerchant #:nodoc:
|
|
317
355
|
post[:billing_details][:email] = billing[:email] if billing[:email]
|
318
356
|
post[:billing_details][:name] = billing[:name] if billing[:name]
|
319
357
|
post[:billing_details][:phone] = billing[:phone] if billing[:phone]
|
320
|
-
post
|
321
358
|
end
|
322
359
|
|
323
360
|
def add_shipping_address(post, options = {})
|
@@ -336,7 +373,6 @@ module ActiveMerchant #:nodoc:
|
|
336
373
|
post[:shipping][:carrier] = shipping[:carrier] if shipping[:carrier]
|
337
374
|
post[:shipping][:phone] = shipping[:phone] if shipping[:phone]
|
338
375
|
post[:shipping][:tracking_number] = shipping[:tracking_number] if shipping[:tracking_number]
|
339
|
-
post
|
340
376
|
end
|
341
377
|
|
342
378
|
def format_idempotency_key(options, suffix)
|
@@ -0,0 +1,172 @@
|
|
1
|
+
require 'digest'
|
2
|
+
require 'jwe'
|
3
|
+
|
4
|
+
module ActiveMerchant #:nodoc:
|
5
|
+
module Billing #:nodoc:
|
6
|
+
class VposGateway < Gateway
|
7
|
+
self.test_url = 'https://vpos.infonet.com.py:8888'
|
8
|
+
self.live_url = 'https://vpos.infonet.com.py'
|
9
|
+
|
10
|
+
self.supported_countries = ['PY']
|
11
|
+
self.default_currency = 'PYG'
|
12
|
+
self.supported_cardtypes = %i[visa master]
|
13
|
+
|
14
|
+
self.homepage_url = 'https://comercios.bancard.com.py'
|
15
|
+
self.display_name = 'vPOS'
|
16
|
+
|
17
|
+
self.money_format = :dollars
|
18
|
+
|
19
|
+
ENDPOINTS = {
|
20
|
+
pci_encryption_key: '/vpos/api/0.3/application/encryption-key',
|
21
|
+
pay_pci_buy_encrypted: '/vpos/api/0.3/pci/encrypted',
|
22
|
+
pci_buy_rollback: '/vpos/api/0.3/pci_buy/rollback',
|
23
|
+
refund: '/vpos/api/0.3/refunds'
|
24
|
+
}
|
25
|
+
|
26
|
+
def initialize(options = {})
|
27
|
+
requires!(options, :private_key, :public_key)
|
28
|
+
@private_key = options[:private_key]
|
29
|
+
@public_key = options[:public_key]
|
30
|
+
@shop_process_id = options[:shop_process_id] || SecureRandom.random_number(10**15)
|
31
|
+
super
|
32
|
+
end
|
33
|
+
|
34
|
+
def purchase(money, payment, options = {})
|
35
|
+
commerce = options[:commerce] || @options[:commerce]
|
36
|
+
commerce_branch = options[:commerce_branch] || @options[:commerce_branch]
|
37
|
+
|
38
|
+
token = generate_token(@shop_process_id, 'pay_pci', commerce, commerce_branch, amount(money), currency(money))
|
39
|
+
|
40
|
+
post = {}
|
41
|
+
post[:token] = token
|
42
|
+
post[:commerce] = commerce.to_s
|
43
|
+
post[:commerce_branch] = commerce_branch.to_s
|
44
|
+
post[:shop_process_id] = @shop_process_id
|
45
|
+
post[:number_of_payments] = options[:number_of_payments] || 1
|
46
|
+
post[:recursive] = options[:recursive] || false
|
47
|
+
|
48
|
+
add_invoice(post, money, options)
|
49
|
+
add_card_data(post, payment)
|
50
|
+
add_customer_data(post, options)
|
51
|
+
|
52
|
+
commit(:pay_pci_buy_encrypted, post)
|
53
|
+
end
|
54
|
+
|
55
|
+
def void(_authorization, options = {})
|
56
|
+
token = generate_token(@shop_process_id, 'rollback', '0.00')
|
57
|
+
post = {
|
58
|
+
token: token,
|
59
|
+
shop_process_id: @shop_process_id
|
60
|
+
}
|
61
|
+
commit(:pci_buy_rollback, post)
|
62
|
+
end
|
63
|
+
|
64
|
+
def supports_scrubbing?
|
65
|
+
true
|
66
|
+
end
|
67
|
+
|
68
|
+
def scrub(transcript)
|
69
|
+
clean_transcript = remove_invalid_utf_8_byte_sequences(transcript)
|
70
|
+
clean_transcript.
|
71
|
+
gsub(/(token\\":\\")[.\-\w]+/, '\1[FILTERED]').
|
72
|
+
gsub(/(card_encrypted_data\\":\\")[.\-\w]+/, '\1[FILTERED]')
|
73
|
+
end
|
74
|
+
|
75
|
+
def remove_invalid_utf_8_byte_sequences(transcript)
|
76
|
+
transcript.encode('UTF-8', 'binary', undef: :replace, replace: '')
|
77
|
+
end
|
78
|
+
|
79
|
+
private
|
80
|
+
|
81
|
+
# Required to encrypt PAN data.
|
82
|
+
def one_time_public_key
|
83
|
+
token = generate_token('get_encription_public_key', @public_key)
|
84
|
+
response = commit(:pci_encryption_key, token: token)
|
85
|
+
OpenSSL::PKey::RSA.new(response.params['encryption_key'])
|
86
|
+
end
|
87
|
+
|
88
|
+
def generate_token(*elements)
|
89
|
+
Digest::MD5.hexdigest(@private_key + elements.join)
|
90
|
+
end
|
91
|
+
|
92
|
+
def add_invoice(post, money, options)
|
93
|
+
post[:amount] = amount(money)
|
94
|
+
post[:currency] = options[:currency] || currency(money)
|
95
|
+
end
|
96
|
+
|
97
|
+
def add_card_data(post, payment)
|
98
|
+
card_number = payment.number
|
99
|
+
cvv = payment.verification_value
|
100
|
+
|
101
|
+
payload = { card_number: card_number, 'cvv': cvv }.to_json
|
102
|
+
|
103
|
+
post[:card_encrypted_data] = JWE.encrypt(payload, one_time_public_key)
|
104
|
+
post[:card_month_expiration] = format(payment.month, :two_digits)
|
105
|
+
post[:card_year_expiration] = format(payment.year, :two_digits)
|
106
|
+
end
|
107
|
+
|
108
|
+
def add_customer_data(post, options)
|
109
|
+
post[:additional_data] = options[:additional_data] || '' # must be passed even if empty
|
110
|
+
end
|
111
|
+
|
112
|
+
def parse(body)
|
113
|
+
JSON.parse(body)
|
114
|
+
end
|
115
|
+
|
116
|
+
def commit(action, parameters)
|
117
|
+
url = build_request_url(action)
|
118
|
+
begin
|
119
|
+
response = parse(ssl_post(url, post_data(parameters)))
|
120
|
+
rescue ResponseError => response
|
121
|
+
# Errors are returned with helpful data,
|
122
|
+
# but get filtered out by `ssl_post` because of their HTTP status.
|
123
|
+
response = parse(response.response.body)
|
124
|
+
end
|
125
|
+
|
126
|
+
Response.new(
|
127
|
+
success_from(response),
|
128
|
+
message_from(response),
|
129
|
+
response,
|
130
|
+
authorization: authorization_from(response),
|
131
|
+
avs_result: nil,
|
132
|
+
cvv_result: nil,
|
133
|
+
test: test?,
|
134
|
+
error_code: error_code_from(response)
|
135
|
+
)
|
136
|
+
end
|
137
|
+
|
138
|
+
def success_from(response)
|
139
|
+
if code = response.dig('confirmation', 'response_code')
|
140
|
+
code == '00'
|
141
|
+
else
|
142
|
+
response['status'] == 'success'
|
143
|
+
end
|
144
|
+
end
|
145
|
+
|
146
|
+
def message_from(response)
|
147
|
+
response.dig('confirmation', 'extended_response_description') ||
|
148
|
+
response.dig('confirmation', 'response_description') ||
|
149
|
+
response.dig('confirmation', 'response_details') ||
|
150
|
+
response.dig('messages', 0, 'key')
|
151
|
+
end
|
152
|
+
|
153
|
+
def authorization_from(response)
|
154
|
+
response.dig('confirmation', 'authorization_number')
|
155
|
+
end
|
156
|
+
|
157
|
+
def error_code_from(response)
|
158
|
+
response.dig('confirmation', 'response_code') unless success_from(response)
|
159
|
+
end
|
160
|
+
|
161
|
+
def build_request_url(action)
|
162
|
+
base_url = (test? ? test_url : live_url)
|
163
|
+
base_url + ENDPOINTS[action]
|
164
|
+
end
|
165
|
+
|
166
|
+
def post_data(data)
|
167
|
+
{ public_key: @public_key,
|
168
|
+
operation: data }.compact.to_json
|
169
|
+
end
|
170
|
+
end
|
171
|
+
end
|
172
|
+
end
|