activemerchant 1.121.0 → 1.125.0

data/lib/active_merchant/billing/gateways/pay_trace.rb

@@ -0,0 +1,404 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class PayTraceGateway < Gateway
+      self.test_url = 'https://api.paytrace.com'
+      self.live_url = 'https://api.paytrace.com'
+
+      self.supported_countries = ['US']
+      self.default_currency = 'USD'
+      self.supported_cardtypes = %i[visa master american_express discover]
+
+      self.homepage_url = 'https://paytrace.com/'
+      self.display_name = 'PayTrace'
+
+      # Response codes based on API Response Codes found here: https://developers.paytrace.com/support/home#14000041297
+      STANDARD_ERROR_CODE_MAPPING = {
+        '1'   => STANDARD_ERROR_CODE[:error_occurred],
+        '102' => STANDARD_ERROR_CODE[:declined],
+        '103' => STANDARD_ERROR_CODE[:auto_voided],
+        '107' => STANDARD_ERROR_CODE[:unsuccessful_refund],
+        '108' => STANDARD_ERROR_CODE[:test_refund],
+        '110' => STANDARD_ERROR_CODE[:unsuccessful_void],
+        '113' => STANDARD_ERROR_CODE[:unsuccessful_capture]
+      }
+
+      ENDPOINTS = {
+        customer_id_sale: 'transactions/sale/by_customer',
+        keyed_sale: 'transactions/sale/keyed',
+        customer_id_auth: 'transactions/authorization/by_customer',
+        keyed_auth: 'transactions/authorization/keyed',
+        capture: 'transactions/authorization/capture',
+        transaction_refund: 'transactions/refund/for_transaction',
+        transaction_void: 'transactions/void',
+        store: 'customer/create',
+        redact: 'customer/delete',
+        level_3_visa: 'level_three/visa',
+        level_3_mastercard: 'level_three/mastercard'
+      }
+
+      def initialize(options = {})
+        requires!(options, :username, :password, :integrator_id)
+        super
+        acquire_access_token
+      end
+
+      def purchase(money, payment_or_customer_id, options = {})
+        if visa_or_mastercard?(options)
+          MultiResponse.run(:use_first_response) do |r|
+            endpoint = customer_id?(payment_or_customer_id) ? ENDPOINTS[:customer_id_sale] : ENDPOINTS[:keyed_sale]
+
+            r.process { commit(endpoint, build_purchase_request(money, payment_or_customer_id, options)) }
+            r.process { commit(ENDPOINTS[:"level_3_#{options[:visa_or_mastercard]}"], send_level_3_data(r, options)) }
+          end
+        else
+          post = build_purchase_request(money, payment_or_customer_id, options)
+          post[:customer_id] ? endpoint = ENDPOINTS[:customer_id_sale] : endpoint = ENDPOINTS[:keyed_sale]
+          response = commit(endpoint, post)
+          check_token_response(response, endpoint, post, options)
+        end
+      end
+
+      def authorize(money, payment_or_customer_id, options = {})
+        post = {}
+        add_amount(post, money, options)
+        if customer_id?(payment_or_customer_id)
+          post[:customer_id] = payment_or_customer_id
+          endpoint = ENDPOINTS[:customer_id_auth]
+        else
+          add_payment(post, payment_or_customer_id)
+          add_address(post, payment_or_customer_id, options)
+          add_customer_data(post, options)
+          endpoint = ENDPOINTS[:keyed_auth]
+        end
+        response = commit(endpoint, post)
+        check_token_response(response, endpoint, post, options)
+      end
+
+      def capture(money, authorization, options = {})
+        if visa_or_mastercard?(options)
+          MultiResponse.run do |r|
+            r.process { commit(ENDPOINTS[:capture], build_capture_request(money, authorization, options)) }
+            r.process { commit(ENDPOINTS[:"level_3_#{options[:visa_or_mastercard]}"], send_level_3_data(r, options)) }
+          end
+        else
+          post = build_capture_request(money, authorization, options)
+          response = commit(ENDPOINTS[:capture], post)
+          check_token_response(response, ENDPOINTS[:capture], post, options)
+        end
+      end
+
+      def refund(money, authorization, options = {})
+        # currently only support full and partial refunds of settled transactions via a transaction ID
+        post = {}
+        add_amount(post, money, options)
+        post[:transaction_id] = authorization
+        response = commit(ENDPOINTS[:transaction_refund], post)
+        check_token_response(response, ENDPOINTS[:transaction_refund], post, options)
+      end
+
+      def void(authorization, options = {})
+        post = {}
+        post[:transaction_id] = authorization
+
+        response = commit(ENDPOINTS[:transaction_void], post)
+        check_token_response(response, ENDPOINTS[:transaction_void], post, options)
+      end
+
+      def verify(credit_card, options = {})
+        authorize(0, credit_card, options)
+      end
+
+      # The customer_IDs that come from storing cards can be used for auth and purchase transaction types
+      def store(credit_card, options = {})
+        post = {}
+        post[:customer_id] = options[:customer_id] || SecureRandom.hex(12)
+        add_payment(post, credit_card)
+        add_address(post, credit_card, options)
+        response = commit(ENDPOINTS[:store], post)
+        check_token_response(response, ENDPOINTS[:store], post, options)
+      end
+
+      def unstore(customer_id)
+        post = {}
+        post[:customer_id] = customer_id
+        response = commit(ENDPOINTS[:redact], post)
+        check_token_response(response, ENDPOINTS[:redact], post, options)
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((Authorization: Bearer )[a-zA-Z0-9:_]+), '\1[FILTERED]').
+          gsub(%r(("credit_card\\?":{\\?"number\\?":\\?")\d+), '\1[FILTERED]').
+          gsub(%r(("cvv\\?":\\?")\d+), '\1[FILTERED]').
+          gsub(%r(("username\\?":\\?")\w+@+\w+.+\w+), '\1[FILTERED]').
+          gsub(%r(("password\\?":\\?")\w+), '\1[FILTERED]').
+          gsub(%r(("integrator_id\\?":\\?")\w+), '\1[FILTERED]')
+      end
+
+      def acquire_access_token
+        post = {}
+        post[:grant_type] = 'password'
+        post[:username] = @options[:username]
+        post[:password] = @options[:password]
+        data = post.collect { |key, value| "#{key}=#{CGI.escape(value.to_s)}" }.join('&')
+        url = live_url + '/oauth/token'
+        oauth_headers = {
+          'Accept'            => '*/*',
+          'Content-Type'      => 'application/x-www-form-urlencoded'
+        }
+        response = ssl_post(url, data, oauth_headers)
+        json_response = JSON.parse(response)
+
+        @options[:access_token] = json_response['access_token'] if json_response['access_token']
+        response
+      end
+
+      private
+
+      def build_purchase_request(money, payment_or_customer_id, options)
+        post = {}
+        add_amount(post, money, options)
+        if customer_id?(payment_or_customer_id)
+          post[:customer_id] = payment_or_customer_id
+        else
+          add_payment(post, payment_or_customer_id)
+          add_address(post, payment_or_customer_id, options)
+          add_customer_data(post, options)
+        end
+
+        post
+      end
+
+      def build_capture_request(money, authorization, options)
+        post = {}
+        post[:transaction_id] = authorization
+        add_amount(post, money, options)
+
+        post
+      end
+
+      # method can only be used to add level 3 data to any approved and unsettled sale transaction so it is built into the standard purchase workflow above
+      def send_level_3_data(response, options)
+        post = {}
+        post[:transaction_id] = response.authorization
+        add_level_3_data(post, options)
+
+        post
+      end
+
+      def visa_or_mastercard?(options)
+        return false unless options[:visa_or_mastercard]
+
+        options[:visa_or_mastercard] == 'visa' || options[:visa_or_mastercard] == 'mastercard'
+      end
+
+      def customer_id?(payment_or_customer_id)
+        payment_or_customer_id.class == String
+      end
+
+      def string_literal_to_boolean(value)
+        return value unless value.class == String
+
+        if value.casecmp('true').zero?
+          true
+        elsif value.casecmp('false').zero?
+          false
+        else return nil
+        end
+      end
+
+      def add_customer_data(post, options)
+        return unless options[:email]
+
+        post[:email] = options[:email]
+      end
+
+      def add_address(post, creditcard, options)
+        return unless options[:billing_address] || options[:address]
+
+        address = options[:billing_address] || options[:address]
+        post[:billing_address] = {}
+        post[:billing_address][:name] = creditcard.name
+        post[:billing_address][:street_address] = address[:address1]
+        post[:billing_address][:city] = address[:city]
+        post[:billing_address][:state] = address[:state]
+        post[:billing_address][:zip] = address[:zip]
+      end
+
+      def add_amount(post, money, options)
+        post[:amount] = amount(money)
+      end
+
+      def add_payment(post, payment)
+        post[:credit_card] = {}
+        post[:credit_card][:number] = payment.number
+        post[:credit_card][:expiration_month] = payment.month
+        post[:credit_card][:expiration_year] = payment.year
+      end
+
+      def add_level_3_data(post, options)
+        post[:invoice_id] = options[:invoice_id] if options[:invoice_id]
+        post[:customer_reference_id] = options[:customer_reference_id] if options[:customer_reference_id]
+        post[:tax_amount] = options[:tax_amount].to_i if options[:tax_amount]
+        post[:national_tax_amount] = options[:national_tax_amount].to_i if options[:national_tax_amount]
+        post[:merchant_tax_id] = options[:merchant_tax_id] if options[:merchant_tax_id]
+        post[:customer_tax_id] = options[:customer_tax_id] if options[:customer_tax_id]
+        post[:commodity_code] = options[:commodity_code] if options[:commodity_code]
+        post[:discount_amount] = options[:discount_amount].to_i if options[:discount_amount]
+        post[:freight_amount] = options[:freight_amount].to_i if options[:freight_amount]
+        post[:duty_amount] = options[:duty_amount].to_i if options[:duty_amount]
+        post[:additional_tax_amount] = options[:additional_tax_amount].to_i if options[:additional_tax_amount]
+        post[:additional_tax_rate] = options[:additional_tax_rate].to_i if options[:additional_tax_rate]
+
+        add_source_address(post, options)
+        add_shipping_address(post, options)
+        add_line_items(post, options)
+      end
+
+      def add_source_address(post, options)
+        return unless source_address =  options[:source_address] ||
+                                        options[:billing_address] ||
+                                        options[:address]
+
+        post[:source_address] = {}
+        post[:source_address][:zip] = source_address[:zip] if source_address[:zip]
+      end
+
+      def add_shipping_address(post, options)
+        return unless shipping_address = options[:shipping_address]
+
+        post[:shipping_address] = {}
+        post[:shipping_address][:name] = shipping_address[:name] if shipping_address[:name]
+        post[:shipping_address][:street_address] = shipping_address[:address1] if shipping_address[:address1]
+        post[:shipping_address][:street_address2] = shipping_address[:address2] if shipping_address[:address2]
+        post[:shipping_address][:city] = shipping_address[:city] if shipping_address[:city]
+        post[:shipping_address][:state] = shipping_address[:state] if shipping_address[:state]
+        post[:shipping_address][:zip] = shipping_address[:zip] if shipping_address[:zip]
+        post[:shipping_address][:country] = shipping_address[:country] if shipping_address[:country]
+      end
+
+      def add_line_items(post, options)
+        return unless options[:line_items]
+
+        line_items = []
+        options[:line_items].each do |li|
+          obj = {}
+
+          obj[:additional_tax_amount] = li[:additional_tax_amount].to_i if li[:additional_tax_amount]
+          obj[:additional_tax_included] = string_literal_to_boolean(li[:additional_tax_included]) if li[:additional_tax_included]
+          obj[:additional_tax_rate] = li[:additional_tax_rate].to_i if li[:additional_tax_rate]
+          obj[:amount] = li[:amount].to_i if li[:amount]
+          obj[:commodity_code] = li[:commodity_code] if li[:commodity_code]
+          obj[:debit_or_credit] = li[:debit_or_credit] if li[:debit_or_credit]
+          obj[:description] = li[:description] if li[:description]
+          obj[:discount_amount] = li[:discount_amount].to_i if li[:discount_amount]
+          obj[:discount_rate] = li[:discount_rate].to_i if li[:discount_rate]
+          obj[:discount_included] = string_literal_to_boolean(li[:discount_included]) if li[:discount_included]
+          obj[:merchant_tax_id] = li[:merchant_tax_id] if li[:merchant_tax_id]
+          obj[:product_id] = li[:product_id] if li[:product_id]
+          obj[:quantity] = li[:quantity] if li[:quantity]
+          obj[:transaction_id] = li[:transaction_id] if li[:transaction_id]
+          obj[:tax_included] = string_literal_to_boolean(li[:tax_included]) if li[:tax_included]
+          obj[:unit_of_measure] = li[:unit_of_measure] if li[:unit_of_measure]
+          obj[:unit_cost] = li[:unit_cost].to_i if li[:unit_cost]
+
+          line_items << obj
+        end
+        post[:line_items] = line_items
+      end
+
+      def check_token_response(response, endpoint, body = {}, options = {})
+        return response unless response.params['error'] == 'invalid_token'
+
+        acquire_access_token
+        commit(endpoint, body)
+      end
+
+      def parse(body)
+        JSON.parse(body)
+      end
+
+      def commit(action, parameters)
+        base_url = (test? ? test_url : live_url)
+        url = base_url + '/v1/' + action
+        raw_response = ssl_post(url, post_data(parameters), headers)
+        response = parse(raw_response)
+        success = success_from(response)
+
+        Response.new(
+          success,
+          message_from(success, response),
+          response,
+          authorization: authorization_from(action, response),
+          avs_result: AVSResult.new(code: response['avs_response']),
+          cvv_result: response['csc_response'],
+          test: test?,
+          error_code: success ? nil : error_code_from(response)
+        )
+      rescue JSON::ParserError
+        unparsable_response(raw_response)
+      end
+
+      def unparsable_response(raw_response)
+        message = 'Unparsable response received from PayTrace. Please contact PayTrace if you continue to receive this message.'
+        message += " (The raw response returned by the API was #{raw_response.inspect})"
+        return Response.new(false, message)
+      end
+
+      def headers
+        {
+          'Content-type' => 'application/json',
+          'Authorization' => 'Bearer ' + @options[:access_token]
+        }
+      end
+
+      def success_from(response)
+        response['success']
+      end
+
+      def message_from(success, response)
+        return response['status_message'] if success
+
+        if error = response['errors']
+          message = 'Errors-'
+          error.each do |k, v|
+            message.concat(" code:#{k}, message:#{v}")
+          end
+        else
+          message = response['status_message'].to_s + " #{response['approval_message']}"
+        end
+
+        message
+      end
+
+      # store transactions do not return a transaction_id, but they return a customer_id that will then be used as the third_party_token for the stored payment method
+      def authorization_from(action, response)
+        if action == ENDPOINTS[:store]
+          response['customer_id']
+        else
+          response['transaction_id']
+        end
+      end
+
+      def post_data(parameters = {})
+        parameters[:password] = @options[:password]
+        parameters[:username] = @options[:username]
+        parameters[:integrator_id] = @options[:integrator_id]
+
+        parameters.to_json
+      end
+
+      def error_code_from(response)
+        STANDARD_ERROR_CODE_MAPPING[response['response_code']]
+      end
+
+      def handle_response(response)
+        response.body
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/payeezy.rb

@@ -75,6 +75,8 @@ module ActiveMerchant
 
         add_authorization_info(params, authorization)
         add_amount(params, (amount || amount_from_authorization(authorization)), options)
+        add_soft_descriptors(params, options)
+        add_invoice(params, options)
 
         commit(params, options)
       end
@@ -84,6 +86,8 @@ module ActiveMerchant
 
         add_amount(params, amount, options)
         add_payment_method(params, payment_method, options)
+        add_soft_descriptors(params, options)
+        add_invoice(params, options)
         commit(params, options)
       end
 

data/lib/active_merchant/billing/gateways/payflow/payflow_common_api.rb

@@ -118,6 +118,7 @@ module ActiveMerchant #:nodoc:
               xml.tag!('Description', options[:description]) unless options[:description].blank?
               xml.tag!('Comment', options[:comment]) unless options[:comment].blank?
               xml.tag!('ExtData', 'Name' => 'COMMENT2', 'Value' => options[:comment2]) unless options[:comment2].blank?
+              xml.tag!('MerchDescr', options[:merch_descr]) unless options[:merch_descr].blank?
               xml.tag!(
                 'ExtData',
                 'Name' => 'CAPTURECOMPLETE',

data/lib/active_merchant/billing/gateways/payflow.rb

@@ -56,6 +56,10 @@ module ActiveMerchant #:nodoc:
         end
       end
 
+      def store(payment, options = {})
+        raise ArgumentError, 'Store is not supported on Payflow gateways'
+      end
+
       def verify_credentials
         response = void('0')
         response.params['result'] != '26'
@@ -141,6 +145,7 @@ module ActiveMerchant #:nodoc:
               xml.tag! 'FreightAmt', options[:freightamt] unless options[:freightamt].blank?
               xml.tag! 'DutyAmt', options[:dutyamt] unless options[:dutyamt].blank?
               xml.tag! 'DiscountAmt', options[:discountamt] unless options[:discountamt].blank?
+              xml.tag! 'MerchDescr', options[:merch_descr] unless options[:merch_descr].blank?
 
               billing_address = options[:billing_address] || options[:address]
               add_address(xml, 'BillTo', billing_address, options) if billing_address
@@ -176,6 +181,7 @@ module ActiveMerchant #:nodoc:
               xml.tag! 'DutyAmt', options[:dutyamt] unless options[:dutyamt].blank?
               xml.tag! 'DiscountAmt', options[:discountamt] unless options[:discountamt].blank?
               xml.tag! 'EMail', options[:email] unless options[:email].nil?
+              xml.tag! 'MerchDescr', options[:merch_descr] unless options[:merch_descr].blank?
 
               billing_address = options[:billing_address] || options[:address]
               add_address(xml, 'BillTo', billing_address, options) if billing_address
@@ -239,6 +245,7 @@ module ActiveMerchant #:nodoc:
               xml.tag! 'InvNum', options[:order_id].to_s.gsub(/[^\w.]/, '') unless options[:order_id].blank?
               xml.tag! 'Description', options[:description] unless options[:description].blank?
               xml.tag! 'OrderDesc', options[:order_desc] unless options[:order_desc].blank?
+              xml.tag! 'MerchDescr', options[:merch_descr] unless options[:merch_descr].blank?
               xml.tag! 'BillTo' do
                 xml.tag! 'Name', check.name
               end
@@ -282,18 +289,28 @@ module ActiveMerchant #:nodoc:
             xml.tag! 'ECI', three_d_secure[:eci] unless three_d_secure[:eci].blank?
             xml.tag! 'CAVV', three_d_secure[:cavv] unless three_d_secure[:cavv].blank?
             xml.tag! 'XID', three_d_secure[:xid] unless three_d_secure[:xid].blank?
+            xml.tag! 'ThreeDSVersion', three_d_secure[:version] unless three_d_secure[:version].blank?
+            xml.tag! 'DSTransactionID', three_d_secure[:ds_transaction_id] unless three_d_secure[:ds_transaction_id].blank?
           end
         end
       end
 
       def authentication_status(three_d_secure, xml)
-        if three_d_secure[:authentication_response_status].present?
-          xml.tag! 'Status', three_d_secure[:authentication_response_status]
-        elsif three_d_secure[:directory_response_status].present?
-          xml.tag! 'Status', three_d_secure[:directory_response_status]
+        status = if three_d_secure[:authentication_response_status].present?
+                   three_d_secure[:authentication_response_status]
+                 elsif three_d_secure[:directory_response_status].present?
+                   three_d_secure[:directory_response_status]
+                 end
+        if status.present?
+          xml.tag! 'Status', status
+          xml.tag! 'AuthenticationStatus', status if version_2_or_newer?(three_d_secure)
         end
       end
 
+      def version_2_or_newer?(three_d_secure)
+        three_d_secure[:version]&.start_with?('2')
+      end
+
       def credit_card_type(credit_card)
         return '' if card_brand(credit_card).blank?
 

data/lib/active_merchant/billing/gateways/payment_express.rb

@@ -86,8 +86,8 @@ module ActiveMerchant #:nodoc:
         refund(money, identification, options)
       end
 
-      def verify(money, payment_source, options = {})
-        request = build_purchase_or_authorization_request(money, payment_source, options)
+      def verify(payment_source, options = {})
+        request = build_purchase_or_authorization_request(100, payment_source, options)
         commit(:validate, request)
       end
 

data/lib/active_merchant/billing/gateways/paymentez.rb

@@ -9,7 +9,7 @@ module ActiveMerchant #:nodoc:
 
       self.supported_countries = %w[MX EC CO BR CL PE]
       self.default_currency = 'USD'
-      self.supported_cardtypes = %i[visa master american_express diners_club elo alia olimpica]
+      self.supported_cardtypes = %i[visa master american_express diners_club elo alia olimpica discover maestro sodexo carnet unionpay jcb]
 
       self.homepage_url = 'https://secure.paymentez.com/'
       self.display_name = 'Paymentez'
@@ -39,7 +39,14 @@ module ActiveMerchant #:nodoc:
         'master' => 'mc',
         'american_express' => 'ax',
         'diners_club' => 'di',
-        'elo' => 'el'
+        'elo' => 'el',
+        'discover' => 'dc',
+        'maestro' => 'ms',
+        'sodexo' => 'sx',
+        'olimpica' => 'ol',
+        'carnet' => 'ct',
+        'unionpay' => 'up',
+        'jcb' => 'jc'
       }.freeze
 
       def initialize(options = {})
@@ -82,6 +89,7 @@ module ActiveMerchant #:nodoc:
       def refund(money, authorization, options = {})
         post = { transaction: { id: authorization } }
         post[:order] = { amount: amount(money).to_f } if money
+        add_more_info(post, options)
 
         commit_transaction('refund', post)
       end
@@ -198,6 +206,10 @@ module ActiveMerchant #:nodoc:
         extra_params[:auth_data] = auth_data
       end
 
+      def add_more_info(post, options)
+        post[:more_info] = options[:more_info] if options[:more_info]
+      end
+
       def parse(body)
         JSON.parse(body)
       end