activemerchant 1.121.0 → 1.125.0

data/lib/active_merchant/billing/gateways/stripe.rb

@@ -23,9 +23,9 @@ module ActiveMerchant #:nodoc:
         'unchecked' => 'P'
       }
 
-      DEFAULT_API_VERSION = '2015-04-07'
+      DEFAULT_API_VERSION = '2020-08-27'
 
-      self.supported_countries = %w(AT AU BE BG BR CA CH CY CZ DE DK EE ES FI FR GB GR HK IE IT JP LT LU LV MT MX NL NO NZ PL PT RO SE SG SI SK US)
+      self.supported_countries = %w(AE AT AU BE BG BR CA CH CY CZ DE DK EE ES FI FR GB GR HK HU IE IN IT JP LT LU LV MT MX MY NL NO NZ PL PT RO SE SG SI SK US)
       self.default_currency = 'USD'
       self.money_format = :cents
       self.supported_cardtypes = %i[visa master american_express discover jcb diners_club maestro unionpay]
@@ -223,9 +223,10 @@ module ActiveMerchant #:nodoc:
 
             post[:default_card] = r.params['id'] if options[:set_default] && r.success? && !r.params['id'].blank?
 
-            r.process { update_customer(options[:customer], post) } if post.count > 0
+            r.process { update_customer(options[:customer], post.merge(expand: [:sources])) } if post.count > 0
           end
         else
+          post[:expand] = [:sources]
           commit(:post, 'customers', post.merge(params), options)
         end
       end
@@ -286,13 +287,25 @@ module ActiveMerchant #:nodoc:
           gsub(%r(((\[card\]|card)\[encrypted_pin\]=)[^&]+(&?)), '\1[FILTERED]\3').
           gsub(%r(((\[card\]|card)\[encrypted_pin_key_id\]=)[\w=]+(&?)), '\1[FILTERED]\3').
           gsub(%r(((\[card\]|card)\[number\]=)\d+), '\1[FILTERED]').
-          gsub(%r(((\[card\]|card)\[swipe_data\]=)[^&]+(&?)), '\1[FILTERED]\3')
+          gsub(%r(((\[card\]|card)\[swipe_data\]=)[^&]+(&?)), '\1[FILTERED]\3').
+          gsub(%r(((\[bank_account\]|bank_account)\[account_number\]=)\d+), '\1[FILTERED]')
       end
 
       def supports_network_tokenization?
         true
       end
 
+      # Helper method to prevent hitting the external_account limit from remote test runs
+      def delete_latest_test_external_account(account)
+        return unless test?
+
+        auth_header = { 'Authorization': "Bearer #{options[:login]}" }
+        url = "#{live_url}accounts/#{CGI.escape(account)}/external_accounts"
+        accounts_response = JSON.parse(ssl_get("#{url}?limit=100", auth_header))
+        to_delete = accounts_response['data'].reject { |ac| ac['default_for_currency'] }
+        ssl_request(:delete, "#{url}/#{to_delete.first['id']}", nil, auth_header)
+      end
+
       private
 
       class StripePaymentToken < PaymentToken
@@ -379,6 +392,7 @@ module ActiveMerchant #:nodoc:
         add_destination(post, options)
         add_level_three(post, options)
         add_connected_account(post, options)
+        add_radar_data(post, options)
         post
       end
 
@@ -532,7 +546,6 @@ module ActiveMerchant #:nodoc:
         post[:metadata].merge!(options[:metadata]) if options[:metadata]
         post[:metadata][:email] = options[:email] if options[:email]
         post[:metadata][:order_id] = options[:order_id] if options[:order_id]
-        post.delete(:metadata) if post[:metadata].empty?
       end
 
       def add_emv_metadata(post, creditcard)
@@ -570,6 +583,14 @@ module ActiveMerchant #:nodoc:
         post[:application_fee_amount] = options[:application_fee_amount] if options[:application_fee_amount]
       end
 
+      def add_radar_data(post, options = {})
+        radar_options = {}
+        radar_options[:session] = options[:radar_session_id] if options[:radar_session_id]
+        radar_options[:skip_rules] = ['all'] if options[:skip_radar_rules]
+
+        post[:radar_options] = radar_options unless radar_options.empty?
+      end
+
       def parse(body)
         JSON.parse(body)
       end
@@ -658,7 +679,6 @@ module ActiveMerchant #:nodoc:
         card = card_from_response(response)
         avs_code = AVS_CODE_TRANSLATOR["line1: #{card['address_line1_check']}, zip: #{card['address_zip_check']}"]
         cvc_code = CVC_CODE_TRANSLATOR[card['cvc_check']]
-
         Response.new(success,
           message_from(success, response),
           response,
@@ -754,7 +774,7 @@ module ActiveMerchant #:nodoc:
             country: 'US',
             currency: 'usd',
             routing_number: bank_account.routing_number,
-            name: bank_account.name,
+            account_holder_name: bank_account.name,
             account_holder_type: account_holder_type
           }
         }

data/lib/active_merchant/billing/gateways/stripe_payment_intents.rb

@@ -5,33 +5,42 @@ module ActiveMerchant #:nodoc:
     # This gateway uses the current Stripe {Payment Intents API}[https://stripe.com/docs/api/payment_intents].
     # For the legacy API, see the Stripe gateway
     class StripePaymentIntentsGateway < StripeGateway
-      self.supported_countries = %w(AT AU BE BG BR CA CH CY CZ DE DK EE ES FI FR GB GR HK IE IT JP LT LU LV MT MX NL NO NZ PL PT RO SE SG SI SK US)
-
       ALLOWED_METHOD_STATES = %w[automatic manual].freeze
       ALLOWED_CANCELLATION_REASONS = %w[duplicate fraudulent requested_by_customer abandoned].freeze
       CREATE_INTENT_ATTRIBUTES = %i[description statement_descriptor_suffix statement_descriptor receipt_email save_payment_method]
       CONFIRM_INTENT_ATTRIBUTES = %i[receipt_email return_url save_payment_method setup_future_usage off_session]
       UPDATE_INTENT_ATTRIBUTES = %i[description statement_descriptor_suffix statement_descriptor receipt_email setup_future_usage]
-      DEFAULT_API_VERSION = '2019-05-16'
+      DEFAULT_API_VERSION = '2020-08-27'
+      NO_WALLET_SUPPORT = %w(apple_pay google_pay android_pay)
 
       def create_intent(money, payment_method, options = {})
+        card_source_pay = payment_method.source.to_s if defined?(payment_method.source)
+        card_brand_pay = card_brand(payment_method) unless payment_method.is_a?(String) || payment_method.nil?
+        if NO_WALLET_SUPPORT.include?(card_source_pay) || NO_WALLET_SUPPORT.include?(card_brand_pay)
+          store_apple_or_google_pay_token = 'Direct Apple Pay and Google Pay transactions are not supported. Those payment methods must be stored before use.'
+          return Response.new(false, store_apple_or_google_pay_token)
+        end
         post = {}
         add_amount(post, money, options, true)
         add_capture_method(post, options)
         add_confirmation_method(post, options)
         add_customer(post, options)
-        payment_method = add_payment_method_token(post, payment_method, options)
-        return payment_method if payment_method.is_a?(ActiveMerchant::Billing::Response)
+        result = add_payment_method_token(post, payment_method, options)
+        return result if result.is_a?(ActiveMerchant::Billing::Response)
 
         add_external_three_d_secure_auth_data(post, options)
         add_metadata(post, options)
         add_return_url(post, options)
         add_connected_account(post, options)
+        add_radar_data(post, options)
         add_shipping_address(post, options)
         setup_future_usage(post, options)
         add_exemption(post, options)
         add_stored_credentials(post, options)
+        add_ntid(post, options)
+        add_claim_without_transaction_id(post, options)
         add_error_on_requires_action(post, options)
+        add_fulfillment_date(post, options)
         request_three_d_secure(post, options)
 
         CREATE_INTENT_ATTRIBUTES.each do |attribute|
@@ -47,23 +56,24 @@ module ActiveMerchant #:nodoc:
 
       def confirm_intent(intent_id, payment_method, options = {})
         post = {}
-        payment_method = add_payment_method_token(post, payment_method, options)
-        return payment_method if payment_method.is_a?(ActiveMerchant::Billing::Response)
+        result = add_payment_method_token(post, payment_method, options)
+        return result if result.is_a?(ActiveMerchant::Billing::Response)
 
         CONFIRM_INTENT_ATTRIBUTES.each do |attribute|
           add_whitelisted_attribute(post, options, attribute)
         end
+
         commit(:post, "payment_intents/#{intent_id}/confirm", post, options)
       end
 
       def create_payment_method(payment_method, options = {})
-        post_data = create_payment_method_data(payment_method, options)
+        post_data = add_payment_method_data(payment_method, options)
 
         options = format_idempotency_key(options, 'pm')
         commit(:post, 'payment_methods', post_data, options)
       end
 
-      def create_payment_method_data(payment_method, options = {})
+      def add_payment_method_data(payment_method, options = {})
         post_data = {}
         post_data[:type] = 'card'
         post_data[:card] = {}
@@ -72,6 +82,7 @@ module ActiveMerchant #:nodoc:
         post_data[:card][:exp_year] = payment_method.year
         post_data[:card][:cvc] = payment_method.verification_value if payment_method.verification_value
         add_billing_address(post_data, options)
+        add_name_only(post_data, payment_method) if post_data[:billing_details].nil?
         post_data
       end
 
@@ -79,14 +90,15 @@ module ActiveMerchant #:nodoc:
         post = {}
         add_amount(post, money, options)
 
-        payment_method = add_payment_method_token(post, payment_method, options)
-        return payment_method if payment_method.is_a?(ActiveMerchant::Billing::Response)
+        result = add_payment_method_token(post, payment_method, options)
+        return result if result.is_a?(ActiveMerchant::Billing::Response)
 
         add_payment_method_types(post, options)
         add_customer(post, options)
         add_metadata(post, options)
         add_shipping_address(post, options)
         add_connected_account(post, options)
+        add_fulfillment_date(post, options)
 
         UPDATE_INTENT_ATTRIBUTES.each do |attribute|
           add_whitelisted_attribute(post, options, attribute)
@@ -97,11 +109,12 @@ module ActiveMerchant #:nodoc:
       def create_setup_intent(payment_method, options = {})
         post = {}
         add_customer(post, options)
-        payment_method = add_payment_method_token(post, payment_method, options)
-        return payment_method if payment_method.is_a?(ActiveMerchant::Billing::Response)
+        result = add_payment_method_token(post, payment_method, options)
+        return result if result.is_a?(ActiveMerchant::Billing::Response)
 
         add_metadata(post, options)
         add_return_url(post, options)
+        add_fulfillment_date(post, options)
         post[:on_behalf_of] = options[:on_behalf_of] if options[:on_behalf_of]
         post[:usage] = options[:usage] if %w(on_session off_session).include?(options[:usage])
         post[:description] = options[:description] if options[:description]
@@ -177,8 +190,8 @@ module ActiveMerchant #:nodoc:
         # If customer option is provided, create a payment method and attach to customer id
         # Otherwise, create a customer, then attach
         if payment_method.is_a?(StripePaymentToken) || payment_method.is_a?(ActiveMerchant::Billing::CreditCard)
-          payment_method = add_payment_method_token(params, payment_method, options)
-          return payment_method if payment_method.is_a?(ActiveMerchant::Billing::Response)
+          result = add_payment_method_token(params, payment_method, options)
+          return result if result.is_a?(ActiveMerchant::Billing::Response)
 
           if options[:customer]
             customer_id = options[:customer]
@@ -186,6 +199,7 @@ module ActiveMerchant #:nodoc:
             post[:description] = options[:description] if options[:description]
             post[:email] = options[:email] if options[:email]
             options = format_idempotency_key(options, 'customer')
+            post[:expand] = [:sources]
             customer = commit(:post, 'customers', post, options)
             customer_id = customer.params['id']
           end
@@ -211,6 +225,16 @@ module ActiveMerchant #:nodoc:
         create_setup_intent(payment_method, options.merge!(confirm: true))
       end
 
+      def setup_purchase(money, options = {})
+        requires!(options, :payment_method_types)
+        post = {}
+        add_currency(post, options, money)
+        add_amount(post, money, options)
+        add_payment_method_types(post, options)
+        add_metadata(post, options)
+        commit(:post, 'payment_intents', post, options)
+      end
+
       private
 
       def off_session_request?(options = {})
@@ -241,6 +265,16 @@ module ActiveMerchant #:nodoc:
         post[:customer] = customer if customer.start_with?('cus_')
       end
 
+      def add_fulfillment_date(post, options)
+        post[:fulfillment_date] = options[:fulfillment_date].to_i if options[:fulfillment_date]
+      end
+
+      def add_metadata(post, options = {})
+        super
+
+        post[:metadata][:event_type] = options[:event_type] if options[:event_type]
+      end
+
       def add_return_url(post, options)
         return unless options[:confirm]
 
@@ -249,35 +283,36 @@ module ActiveMerchant #:nodoc:
       end
 
       def add_payment_method_token(post, payment_method, options)
-        return if payment_method.nil?
-
-        if payment_method.is_a?(ActiveMerchant::Billing::CreditCard)
-          if off_session_request?(options)
-            post[:payment_method_data] = create_payment_method_data(payment_method, options)
-            return
-          else
-            p = create_payment_method(payment_method, options)
-            return p unless p.success?
-
-            payment_method = p.params['id']
-          end
-        end
-
         case payment_method
         when StripePaymentToken
           post[:payment_method] = payment_method.payment_data['id']
         when String
-          if payment_method.include?('|')
-            customer_id, payment_method_id = payment_method.split('|')
-            token = payment_method_id
-            post[:customer] = customer_id
-          else
-            token = payment_method
-          end
-          post[:payment_method] = token
+          extract_token_from_string_and_maybe_add_customer_id(post, payment_method)
+        when ActiveMerchant::Billing::CreditCard
+          get_payment_method_data_from_card(post, payment_method, options)
         end
+      end
 
-        post
+      def extract_token_from_string_and_maybe_add_customer_id(post, payment_method)
+        if payment_method.include?('|')
+          customer_id, payment_method = payment_method.split('|')
+          post[:customer] = customer_id
+        end
+
+        post[:payment_method] = payment_method
+      end
+
+      def get_payment_method_data_from_card(post, payment_method, options)
+        return create_payment_method_and_extract_token(post, payment_method, options) unless off_session_request?(options)
+
+        post[:payment_method_data] = add_payment_method_data(payment_method, options)
+      end
+
+      def create_payment_method_and_extract_token(post, payment_method, options)
+        payment_method_response = create_payment_method(payment_method, options)
+        return payment_method_response if payment_method_response.failure?
+
+        add_payment_method_token(post, payment_method_response.params['id'], options)
       end
 
       def add_payment_method_types(post, options)
@@ -295,6 +330,11 @@ module ActiveMerchant #:nodoc:
         post[:payment_method_options][:card][:moto] = true if options[:moto]
       end
 
+      # Stripe Payment Intents does not pass any parameters for cardholder/merchant initiated
+      # it also does not support installments for any country other than Mexico (reason for this is unknown)
+      # The only thing that Stripe PI requires for stored credentials to work currently is the network_transaction_id
+      # network_transaction_id is created when the card is authenticated using the field `setup_for_future_usage` with the value `off_session` see def setup_future_usage below
+
       def add_stored_credentials(post, options = {})
         return unless options[:stored_credential] && !options[:stored_credential].values.all?(&:nil?)
 
@@ -304,8 +344,33 @@ module ActiveMerchant #:nodoc:
         post[:payment_method_options][:card][:mit_exemption] = {}
 
         # Stripe PI accepts network_transaction_id and ds_transaction_id via mit field under card.
-        post[:payment_method_options][:card][:mit_exemption][:network_transaction_id] = stored_credential[:network_transaction_id] if stored_credential[:network_transaction_id]
+        # The network_transaction_id can be sent in nested under stored credentials OR as its own field (add_ntid handles when it is sent in on its own)
+        # If it is sent is as its own field AND under stored credentials, the value sent under its own field is what will send.
         post[:payment_method_options][:card][:mit_exemption][:ds_transaction_id] = stored_credential[:ds_transaction_id] if stored_credential[:ds_transaction_id]
+        post[:payment_method_options][:card][:mit_exemption][:network_transaction_id] = stored_credential[:network_transaction_id] if stored_credential[:network_transaction_id]
+      end
+
+      def add_ntid(post, options = {})
+        return unless options[:network_transaction_id]
+
+        post[:payment_method_options] ||= {}
+        post[:payment_method_options][:card] ||= {}
+        post[:payment_method_options][:card][:mit_exemption] = {}
+
+        post[:payment_method_options][:card][:mit_exemption][:network_transaction_id] = options[:network_transaction_id] if options[:network_transaction_id]
+      end
+
+      def add_claim_without_transaction_id(post, options = {})
+        return if options[:stored_credential] || options[:network_transaction_id] || options[:ds_transaction_id]
+        return unless options[:claim_without_transaction_id]
+
+        post[:payment_method_options] ||= {}
+        post[:payment_method_options][:card] ||= {}
+        post[:payment_method_options][:card][:mit_exemption] = {}
+
+        # Stripe PI accepts claim_without_transaction_id for transactions without transaction ids.
+        # Gateway validation for this field occurs through a different service, before the transaction request is sent to the gateway.
+        post[:payment_method_options][:card][:mit_exemption][:claim_without_transaction_id] = options[:claim_without_transaction_id]
       end
 
       def add_error_on_requires_action(post, options = {})
@@ -357,6 +422,13 @@ module ActiveMerchant #:nodoc:
         post[:billing_details][:phone] = billing[:phone] if billing[:phone]
       end
 
+      def add_name_only(post, payment_method)
+        post[:billing_details] = {} unless post[:billing_details]
+
+        name = [payment_method.first_name, payment_method.last_name].compact.join(' ')
+        post[:billing_details][:name] = name
+      end
+
       def add_shipping_address(post, options = {})
         return unless shipping = options[:shipping]
 
@@ -390,6 +462,10 @@ module ActiveMerchant #:nodoc:
 
         super(response, options)
       end
+
+      def add_currency(post, options, money)
+        post[:currency] = options[:currency] || currency(money)
+      end
     end
   end
 end

data/lib/active_merchant/billing/gateways/trans_first_transaction_express.rb

@@ -317,7 +317,8 @@ module ActiveMerchant #:nodoc:
           gsub(%r((<[^>]+pan>)[^<]+(<))i, '\1[FILTERED]\2').
           gsub(%r((<[^>]+sec>)[^<]+(<))i, '\1[FILTERED]\2').
           gsub(%r((<[^>]+id>)[^<]+(<))i, '\1[FILTERED]\2').
-          gsub(%r((<[^>]+regKey>)[^<]+(<))i, '\1[FILTERED]\2')
+          gsub(%r((<[^>]+regKey>)[^<]+(<))i, '\1[FILTERED]\2').
+          gsub(%r((<[^>]+acctNr>)[^<]+(<))i, '\1[FILTERED]\2')
       end
 
       private

data/lib/active_merchant/billing/gateways/trust_commerce.rb

@@ -331,7 +331,8 @@ module ActiveMerchant #:nodoc:
           gsub(%r((Authorization: Basic )\w+), '\1[FILTERED]').
           gsub(%r((&?cc=)\d*(&?)), '\1[FILTERED]\2').
           gsub(%r((&?password=)[^&]+(&?)), '\1[FILTERED]\2').
-          gsub(%r((&?cvv=)\d*(&?)), '\1[FILTERED]\2')
+          gsub(%r((&?cvv=)\d*(&?)), '\1[FILTERED]\2').
+          gsub(%r((&?account=)\d*(&?)), '\1[FILTERED]\2')
       end
 
       private

data/lib/active_merchant/billing/gateways/usa_epay_transaction.rb

@@ -16,7 +16,8 @@ module ActiveMerchant #:nodoc:
         refund: 'cc:refund',
         void: 'cc:void',
         void_release: 'cc:void:release',
-        check_purchase: 'check:sale'
+        check_purchase: 'check:sale',
+        store: 'cc:save'
       }
 
       STANDARD_ERROR_CODE_MAPPING = {
@@ -43,14 +44,14 @@ module ActiveMerchant #:nodoc:
         super
       end
 
-      def authorize(money, credit_card, options = {})
+      def authorize(money, payment, options = {})
         post = {}
 
         add_amount(post, money)
         add_invoice(post, options)
-        add_payment(post, credit_card)
-        unless credit_card.track_data.present?
-          add_address(post, credit_card, options)
+        add_payment(post, payment)
+        unless payment.is_a?(CreditCard) && payment.track_data.present?
+          add_address(post, payment, options)
           add_customer_data(post, options)
         end
         add_split_payments(post, options)
@@ -97,6 +98,12 @@ module ActiveMerchant #:nodoc:
         commit(:refund, post)
       end
 
+      def store(payment, options = {})
+        post = {}
+        add_payment(post, payment, options)
+        commit(:store, post)
+      end
+
       def verify(creditcard, options = {})
         MultiResponse.run(:use_first_response) do |r|
           r.process { authorize(1, creditcard, options) }
@@ -213,6 +220,8 @@ module ActiveMerchant #:nodoc:
         elsif payment.respond_to?(:track_data) && payment.track_data.present?
           post[:magstripe] = payment.track_data
           post[:cardpresent] = true
+        elsif payment.is_a?(String)
+          post[:card]   = payment
         else
           post[:card]   = payment.number
           post[:cvv2]   = payment.verification_value if payment.verification_value?
@@ -299,6 +308,7 @@ module ActiveMerchant #:nodoc:
           status: fields['UMstatus'],
           auth_code: fields['UMauthCode'],
           ref_num: fields['UMrefNum'],
+          card_ref: fields['UMcardRef'],
           batch: fields['UMbatch'],
           avs_result: fields['UMavsResult'],
           avs_result_code: fields['UMavsResultCode'],
@@ -321,7 +331,7 @@ module ActiveMerchant #:nodoc:
         error_code = (STANDARD_ERROR_CODE_MAPPING[response[:error_code]] || STANDARD_ERROR_CODE[:processing_error]) unless approved
         Response.new(approved, message_from(response), response,
           test: test?,
-          authorization: response[:ref_num],
+          authorization: authorization_from(action, response),
           cvv_result: response[:cvv2_result_code],
           avs_result: { code: response[:avs_result_code] },
           error_code: error_code)
@@ -337,13 +347,17 @@ module ActiveMerchant #:nodoc:
         end
       end
 
+      def authorization_from(action, response)
+        return (action == :store ? response[:card_ref] : response[:ref_num])
+      end
+
       def post_data(action, parameters = {})
         parameters[:command]  = TRANSACTIONS[action]
         parameters[:key]      = @options[:login]
         parameters[:software] = 'Active Merchant'
         parameters[:testmode] = (@options[:test] ? 1 : 0) unless parameters.has_key?(:testmode)
         seed = SecureRandom.hex(32).upcase
-        hash = Digest::SHA1.hexdigest("#{parameters[:command]}:#{@options[:password]}:#{parameters[:amount]}:#{parameters[:invoice]}:#{seed}")
+        hash = Digest::SHA1.hexdigest("#{parameters[:command]}:#{@options[:pin] || @options[:password]}:#{parameters[:amount]}:#{parameters[:invoice]}:#{seed}")
         parameters[:hash] = "s/#{seed}/#{hash}/n"
 
         parameters.collect { |key, value| "UM#{key}=#{CGI.escape(value.to_s)}" }.join('&')

data/lib/active_merchant/billing/gateways/vpos.rb

@@ -63,6 +63,42 @@ module ActiveMerchant #:nodoc:
         commit(:pci_buy_rollback, post)
       end
 
+      def credit(money, payment, options = {})
+        # Not permitted for foreign cards.
+        commerce = options[:commerce] || @options[:commerce]
+        commerce_branch = options[:commerce_branch] || @options[:commerce_branch]
+
+        token = generate_token(@shop_process_id, 'refund', commerce, commerce_branch, amount(money), currency(money))
+        post = {}
+        post[:token] = token
+        post[:commerce] = commerce.to_i
+        post[:commerce_branch] = commerce_branch.to_i
+        post[:shop_process_id] = @shop_process_id
+        add_invoice(post, money, options)
+        add_card_data(post, payment)
+        add_customer_data(post, options)
+        post[:origin_shop_process_id] = options[:original_shop_process_id] if options[:original_shop_process_id]
+        commit(:refund, post)
+      end
+
+      def refund(money, authorization, options = {})
+        commerce = options[:commerce] || @options[:commerce]
+        commerce_branch = options[:commerce_branch] || @options[:commerce_branch]
+        shop_process_id = options[:shop_process_id] || @shop_process_id
+        _, original_shop_process_id = authorization.to_s.split('#')
+
+        token = generate_token(shop_process_id, 'refund', commerce, commerce_branch, amount(money), currency(money))
+        post = {}
+        post[:token] = token
+        post[:commerce] = commerce.to_i
+        post[:commerce_branch] = commerce_branch.to_i
+        post[:shop_process_id] = shop_process_id
+        add_invoice(post, money, options)
+        add_customer_data(post, options)
+        post[:origin_shop_process_id] = original_shop_process_id || options[:original_shop_process_id]
+        commit(:refund, post)
+      end
+
       def supports_scrubbing?
         true
       end
@@ -146,15 +182,22 @@ module ActiveMerchant #:nodoc:
       end
 
       def message_from(response)
-        response.dig('confirmation', 'extended_response_description') ||
-          response.dig('confirmation', 'response_description') ||
-          response.dig('confirmation', 'response_details') ||
-          response.dig('messages', 0, 'key')
+        %w(confirmation refund).each do |m|
+          message =
+            response.dig(m, 'extended_response_description') ||
+            response.dig(m, 'response_description') ||
+            response.dig(m, 'response_details')
+          return message if message
+        end
+        [response.dig('messages', 0, 'key'), response.dig('messages', 0, 'dsc')].join(':')
       end
 
       def authorization_from(response)
-        authorization_number = response.dig('confirmation', 'authorization_number')
-        shop_process_id = response.dig('confirmation', 'shop_process_id')
+        response_body = response.dig('confirmation') || response.dig('refund')
+        return unless response_body
+
+        authorization_number = response_body.dig('authorization_number') || response_body.dig('authorization_code')
+        shop_process_id = response_body.dig('shop_process_id')
 
         "#{authorization_number}##{shop_process_id}"
       end