activemerchant 1.125.0 → 1.129.0

data/lib/active_merchant/billing/gateways/mastercard.rb

@@ -218,14 +218,7 @@ module ActiveMerchant
 
       def base_url
         if test?
-          case @options[:region]
-          when 'asia_pacific'
-            test_ap_url
-          when 'europe'
-            test_eu_url
-          when 'north_america', nil
-            test_na_url
-          end
+          test_url
         else
           case @options[:region]
           when 'asia_pacific'

data/lib/active_merchant/billing/gateways/mercado_pago.rb

@@ -61,6 +61,10 @@ module ActiveMerchant #:nodoc:
         end
       end
 
+      def inquire(authorization, options = {})
+        commit('inquire', inquire_path(authorization, options), {})
+      end
+
       def supports_scrubbing?
         true
       end
@@ -261,6 +265,10 @@ module ActiveMerchant #:nodoc:
       def commit(action, path, parameters)
         if %w[capture void].include?(action)
           response = parse(ssl_request(:put, url(path), post_data(parameters), headers))
+        elsif action == 'inquire'
+          response = parse(ssl_get(url(path), headers))
+
+          response = response[0]['results'][0] if response.is_a?(Array)
         else
           response = parse(ssl_post(url(path), post_data(parameters), headers(parameters)))
         end
@@ -295,6 +303,15 @@ module ActiveMerchant #:nodoc:
         parameters.clone.tap { |p| p.delete(:device_id) }.to_json
       end
 
+      def inquire_path(authorization, options)
+        if authorization
+          authorization, = authorization.split('|')
+          "payments/#{authorization}"
+        else
+          "payments/search?external_reference=#{options[:order_id] || options[:external_reference]}"
+        end
+      end
+
       def error_code_from(action, response)
         unless success_from(action, response)
           if cause = response['cause']

data/lib/active_merchant/billing/gateways/merchant_e_solutions.rb

@@ -18,6 +18,8 @@ module ActiveMerchant #:nodoc:
       # The name of the gateway
       self.display_name = 'Merchant e-Solutions'
 
+      SUCCESS_RESPONSE_CODES = %w(000 085)
+
       def initialize(options = {})
         requires!(options, :login, :password)
         super
@@ -25,23 +27,21 @@ module ActiveMerchant #:nodoc:
 
       def authorize(money, creditcard_or_card_id, options = {})
         post = {}
-        post[:client_reference_number] = options[:customer] if options.has_key?(:customer)
-        post[:moto_ecommerce_ind] = options[:moto_ecommerce_ind] if options.has_key?(:moto_ecommerce_ind)
         add_invoice(post, options)
         add_payment_source(post, creditcard_or_card_id, options)
         add_address(post, options)
         add_3dsecure_params(post, options)
+        add_stored_credentials(post, options)
         commit('P', money, post)
       end
 
       def purchase(money, creditcard_or_card_id, options = {})
         post = {}
-        post[:client_reference_number] = options[:customer] if options.has_key?(:customer)
-        post[:moto_ecommerce_ind] = options[:moto_ecommerce_ind] if options.has_key?(:moto_ecommerce_ind)
         add_invoice(post, options)
         add_payment_source(post, creditcard_or_card_id, options)
         add_address(post, options)
         add_3dsecure_params(post, options)
+        add_stored_credentials(post, options)
         commit('D', money, post)
       end
 
@@ -55,10 +55,10 @@ module ActiveMerchant #:nodoc:
       end
 
       def store(creditcard, options = {})
-        post = {}
-        post[:client_reference_number] = options[:customer] if options.has_key?(:customer)
-        add_creditcard(post, creditcard, options)
-        commit('T', nil, post)
+        MultiResponse.run do |r|
+          r.process { temporary_store(creditcard, options) }
+          r.process { verify(r.authorization, { store_card: 'y' }) }
+        end
       end
 
       def unstore(card_id, options = {})
@@ -94,6 +94,13 @@ module ActiveMerchant #:nodoc:
         commit('V', nil, options.merge(post))
       end
 
+      def verify(credit_card, options = {})
+        post = {}
+        post[:store_card] = options[:store_card] if options[:store_card]
+        add_payment_source(post, credit_card, options)
+        commit('A', 0, post)
+      end
+
       def supports_scrubbing?
         true
       end
@@ -107,6 +114,13 @@ module ActiveMerchant #:nodoc:
 
       private
 
+      def temporary_store(creditcard, options = {})
+        post = {}
+        post[:client_reference_number] = options[:customer] if options.has_key?(:customer)
+        add_creditcard(post, creditcard, options)
+        commit('T', nil, post)
+      end
+
       def add_address(post, options)
         if address = options[:billing_address] || options[:address]
           post[:cardholder_street_address] = address[:address1].to_s.gsub(/[^\w.]/, '+')
@@ -145,6 +159,16 @@ module ActiveMerchant #:nodoc:
         post[:ucaf_auth_data] = options[:ucaf_auth_data] unless empty?(options[:ucaf_auth_data])
       end
 
+      def add_stored_credentials(post, options)
+        post[:client_reference_number] = options[:client_reference_number] if options[:client_reference_number]
+        post[:moto_ecommerce_ind] = options[:moto_ecommerce_ind] if options[:moto_ecommerce_ind]
+        post[:recurring_pmt_num] = options[:recurring_pmt_num] if options[:recurring_pmt_num]
+        post[:recurring_pmt_count] = options[:recurring_pmt_count] if options[:recurring_pmt_count]
+        post[:card_on_file] = options[:card_on_file] if options[:card_on_file]
+        post[:cit_mit_indicator] = options[:cit_mit_indicator] if options[:cit_mit_indicator]
+        post[:account_data_source] = options[:account_data_source] if options[:account_data_source]
+      end
+
       def parse(body)
         results = {}
         body.split(/&/).each do |pair|
@@ -165,13 +189,23 @@ module ActiveMerchant #:nodoc:
             { 'error_code' => '404', 'auth_response_text' => e.to_s }
           end
 
-        Response.new(response['error_code'] == '000', message_from(response), response,
-          authorization: response['transaction_id'],
+        Response.new(success_from(response), message_from(response), response,
+          authorization: authorization_from(response),
           test: test?,
           cvv_result: response['cvv2_result'],
           avs_result: { code: response['avs_result'] })
       end
 
+      def authorization_from(response)
+        return response['card_id'] if response['card_id']
+
+        response['transaction_id']
+      end
+
+      def success_from(response)
+        SUCCESS_RESPONSE_CODES.include?(response['error_code'])
+      end
+
       def message_from(response)
         if response['error_code'] == '000'
           'This transaction has been approved'

data/lib/active_merchant/billing/gateways/monei.rb

@@ -201,6 +201,7 @@ module ActiveMerchant #:nodoc:
           request[:paymentMethod][:card][:expMonth] = format(payment_method.month, :two_digits)
           request[:paymentMethod][:card][:expYear] = format(payment_method.year, :two_digits)
           request[:paymentMethod][:card][:cvc] = payment_method.verification_value.to_s
+          request[:paymentMethod][:card][:cardholderName] = payment_method.name
         end
       end
 
@@ -293,6 +294,7 @@ module ActiveMerchant #:nodoc:
       def add_browser_info(request, options)
         request[:sessionDetails][:ip] = options[:ip] if options[:ip]
         request[:sessionDetails][:userAgent] = options[:user_agent] if options[:user_agent]
+        request[:sessionDetails][:lang] = options[:lang] if options[:lang]
       end
 
       # Private: Parse JSON response from Monei servers

data/lib/active_merchant/billing/gateways/moneris.rb

@@ -9,6 +9,8 @@ module ActiveMerchant #:nodoc:
     # Response Values", available at Moneris' {eSelect Plus Documentation
     # Centre}[https://www3.moneris.com/connect/en/documents/index.html].
     class MonerisGateway < Gateway
+      WALLETS = %w(APP GPP)
+
       self.test_url = 'https://esqa.moneris.com/gateway2/servlet/MpgRequest'
       self.live_url = 'https://www3.moneris.com/gateway2/servlet/MpgRequest'
 
@@ -47,18 +49,19 @@ module ActiveMerchant #:nodoc:
         post = {}
         add_payment_source(post, creditcard_or_datakey, options)
         post[:amount] = amount(money)
-        post[:order_id] = options[:order_id]
+        post[:order_id] = format_order_id(post[:wallet_indicator], options[:order_id])
         post[:address] = options[:billing_address] || options[:address]
         post[:crypt_type] = options[:crypt_type] || @options[:crypt_type]
+        add_external_mpi_fields(post, options)
         add_stored_credential(post, options)
-        action = if post[:cavv]
+        action = if post[:cavv] || options[:three_d_secure]
                    'cavv_preauth'
                  elsif post[:data_key].blank?
                    'preauth'
                  else
                    'res_preauth_cc'
                  end
-        commit(action, post)
+        commit(action, post, options)
       end
 
       # This action verifies funding on a customer's card and readies them for
@@ -70,18 +73,19 @@ module ActiveMerchant #:nodoc:
         post = {}
         add_payment_source(post, creditcard_or_datakey, options)
         post[:amount] = amount(money)
-        post[:order_id] = options[:order_id]
+        post[:order_id] = format_order_id(post[:wallet_indicator], options[:order_id])
         post[:address] = options[:billing_address] || options[:address]
         post[:crypt_type] = options[:crypt_type] || @options[:crypt_type]
+        add_external_mpi_fields(post, options)
         add_stored_credential(post, options)
-        action = if post[:cavv]
+        action = if post[:cavv] || options[:three_d_secure]
                    'cavv_purchase'
                  elsif post[:data_key].blank?
                    'purchase'
                  else
                    'res_purchase_cc'
                  end
-        commit(action, post)
+        commit(action, post, options)
       end
 
       # This method retrieves locked funds from a customer's account (from a
@@ -203,6 +207,21 @@ module ActiveMerchant #:nodoc:
         sprintf('%.4i', creditcard.year)[-2..-1] + sprintf('%.2i', creditcard.month)
       end
 
+      def add_external_mpi_fields(post, options)
+        # See these pages:
+        # https://developer.moneris.com/livedemo/3ds2/cavv_purchase/tool/php
+        # https://developer.moneris.com/livedemo/3ds2/cavv_preauth/guide/php
+        return unless options[:three_d_secure]
+
+        three_d_secure_options = options[:three_d_secure]
+
+        post[:threeds_version] = three_d_secure_options[:version]
+        post[:crypt_type] = three_d_secure_options[:eci]
+        post[:cavv] = three_d_secure_options[:cavv]
+        post[:threeds_server_trans_id] = three_d_secure_options[:three_ds_server_trans_id]
+        post[:ds_trans_id] = three_d_secure_options[:ds_transaction_id]
+      end
+
       def add_payment_source(post, payment_method, options)
         if payment_method.is_a?(String)
           post[:data_key] = payment_method
@@ -291,14 +310,16 @@ module ActiveMerchant #:nodoc:
         end
       end
 
-      def commit(action, parameters = {})
+      def commit(action, parameters = {}, options = {})
+        threed_ds_transaction = options[:three_d_secure].present?
+
         data = post_data(action, parameters)
         url = test? ? self.test_url : self.live_url
         raw = ssl_post(url, data)
         response = parse(raw)
 
         Response.new(
-          successful?(response),
+          successful?(action, response, threed_ds_transaction),
           message_from(response[:message]),
           response,
           test: test?,
@@ -314,8 +335,16 @@ module ActiveMerchant #:nodoc:
       end
 
       # Tests for a successful response from Moneris' servers
-      def successful?(response)
-        response[:response_code] &&
+      def successful?(action, response, threed_ds_transaction = false)
+        # See 9.4 CAVV Result Codes in https://developer.moneris.com/livedemo/3ds2/reference/guide/php
+        cavv_accepted = if threed_ds_transaction
+                          response[:cavv_result_code] && response[:cavv_result_code] == '2'
+                        else
+                          true
+                        end
+
+        cavv_accepted &&
+          response[:response_code] &&
           response[:complete] &&
           (0..49).cover?(response[:response_code].to_i)
       end
@@ -404,10 +433,23 @@ module ActiveMerchant #:nodoc:
       end
 
       def wallet_indicator(token_source)
-        return 'APP' if token_source == 'apple_pay'
-        return 'ANP' if token_source == 'android_pay'
+        return {
+          'apple_pay' => 'APP',
+          'google_pay' => 'GPP',
+          'android_pay' => 'ANP'
+        }[token_source]
+      end
+
+      def format_order_id(wallet_indicator_code, order_id = nil)
+        # Truncate (max 100 characters) order id for
+        # google pay and apple pay (specific wallets / token sources)
+        return truncate_order_id(order_id) if WALLETS.include?(wallet_indicator_code)
+
+        order_id
+      end
 
-        nil
+      def truncate_order_id(order_id = nil)
+        order_id.present? ? order_id[0, 100] : SecureRandom.alphanumeric(100)
       end
 
       def message_from(message)

data/lib/active_merchant/billing/gateways/mundipagg.rb

@@ -60,11 +60,13 @@ module ActiveMerchant #:nodoc:
         post = {}
         post[:code] = authorization
         add_invoice(post, money, options)
+        add_auth_key(post, options)
         commit('capture', post, authorization)
       end
 
       def refund(money, authorization, options = {})
         add_invoice(post = {}, money, options)
+        add_auth_key(post, options)
         commit('refund', post, authorization)
       end
 
@@ -77,6 +79,7 @@ module ActiveMerchant #:nodoc:
         options.update(name: payment.name)
         options = add_customer(options) unless options[:customer_id]
         add_payment(post, payment, options)
+        add_auth_key(post, options)
         commit('store', post, options[:customer_id])
       end
 

data/lib/active_merchant/billing/gateways/nmi.rb

@@ -5,7 +5,7 @@ module ActiveMerchant #:nodoc:
 
       DUP_WINDOW_DEPRECATION_MESSAGE = 'The class-level duplicate_window variable is deprecated. Please use the :dup_seconds transaction option instead.'
 
-      self.test_url = self.live_url = 'https://secure.nmi.com/api/transact.php'
+      self.test_url = self.live_url = 'https://secure.networkmerchants.com/api/transact.php'
       self.default_currency = 'USD'
       self.money_format = :dollars
       self.supported_countries = ['US']
@@ -23,7 +23,11 @@ module ActiveMerchant #:nodoc:
       end
 
       def initialize(options = {})
-        requires!(options, :login, :password)
+        if options.has_key?(:security_key)
+          requires!(options, :security_key)
+        else
+          requires!(options, :login, :password)
+        end
         super
       end
 
@@ -51,7 +55,6 @@ module ActiveMerchant #:nodoc:
         add_merchant_defined_fields(post, options)
         add_level3_fields(post, options)
         add_three_d_secure(post, options)
-
         commit('auth', post)
       end
 
@@ -126,6 +129,7 @@ module ActiveMerchant #:nodoc:
       def scrub(transcript)
         transcript.
           gsub(%r((password=)[^&\n]*), '\1[FILTERED]').
+          gsub(%r((security_key=)[^&\n]*), '\1[FILTERED]').
           gsub(%r((ccnumber=)\d+), '\1[FILTERED]').
           gsub(%r((cvv=)\d+), '\1[FILTERED]').
           gsub(%r((checkaba=)\d+), '\1[FILTERED]').
@@ -297,9 +301,9 @@ module ActiveMerchant #:nodoc:
 
       def commit(action, params)
         params[action == 'add_customer' ? :customer_vault : :type] = action
-        params[:username] = @options[:login]
-        params[:password] = @options[:password]
-
+        params[:username] = @options[:login] unless @options[:login].nil?
+        params[:password] = @options[:password] unless @options[:password].nil?
+        params[:security_key] = @options[:security_key] unless @options[:security_key].nil?
         raw_response = ssl_post(url, post_data(action, params), headers)
         response = parse(raw_response)
         succeeded = success_from(response)
@@ -325,7 +329,8 @@ module ActiveMerchant #:nodoc:
       end
 
       def headers
-        { 'Content-Type' => 'application/x-www-form-urlencoded;charset=UTF-8' }
+        headers = { 'Content-Type' => 'application/x-www-form-urlencoded;charset=UTF-8' }
+        headers
       end
 
       def post_data(action, params)

data/lib/active_merchant/billing/gateways/ogone.rb

@@ -136,7 +136,7 @@ module ActiveMerchant #:nodoc:
       self.supported_countries = %w[BE DE FR NL AT CH]
       # also supports Airplus and UATP
       self.supported_cardtypes = %i[visa master american_express diners_club discover jcb maestro]
-      self.homepage_url = 'http://www.ogone.com/'
+      self.homepage_url = 'https://www.ingenico.com/login/ogone/'
       self.display_name = 'Ogone'
       self.default_currency = 'EUR'
       self.money_format = :cents
@@ -264,7 +264,6 @@ module ActiveMerchant #:nodoc:
 
       def add_payment_source(post, payment_source, options)
         add_d3d(post, options) if options[:d3d]
-
         if payment_source.is_a?(String)
           add_alias(post, payment_source, options[:alias_operation])
           add_eci(post, options[:eci] || '9')
@@ -285,8 +284,6 @@ module ActiveMerchant #:nodoc:
           THREE_D_SECURE_DISPLAY_WAYS[options[:win_3ds]] :
           THREE_D_SECURE_DISPLAY_WAYS[:main_window]
         add_pair post, 'WIN3DS', win_3ds
-
-        add_pair post, 'HTTP_ACCEPT',     options[:http_accept] || '*/*'
         add_pair post, 'HTTP_USER_AGENT', options[:http_user_agent] if options[:http_user_agent]
         add_pair post, 'ACCEPTURL',       options[:accept_url]      if options[:accept_url]
         add_pair post, 'DECLINEURL',      options[:decline_url]     if options[:decline_url]
@@ -296,6 +293,37 @@ module ActiveMerchant #:nodoc:
         add_pair post, 'PARAMPLUS',       options[:paramplus]       if options[:paramplus]
         add_pair post, 'COMPLUS',         options[:complus]         if options[:complus]
         add_pair post, 'LANGUAGE',        options[:language]        if options[:language]
+        if  options[:three_ds_2]
+          browser_info = options[:three_ds_2][:browser_info]
+          ecom_postal = options[:billing_address]
+          if browser_info
+            add_pair post, 'BROWSERACCEPTHEADER', browser_info[:accept_header]
+            add_pair post, 'BROWSERCOLORDEPTH', browser_info[:depth]
+
+            # for 3ds v2.1 to v2.2 add BROWSERJAVASCRIPTENABLED: This boolean indicates whether your customers have enabled JavaScript in their browsers when making a purchase.
+            # the following BROWSER<tag> parameters will remain mandatory unless browser_info[:javascript] = false
+            # her documentation https://epayments-support.ingenico.com/en/integration-solutions/integrations/directlink#directlink_integration_guides_secure_payment_with_3_d_secure
+            add_pair post, 'BROWSERJAVASCRIPTENABLED', browser_info[:javascript]
+            add_pair post, 'BROWSERJAVAENABLED', browser_info[:java]
+            add_pair post, 'BROWSERLANGUAGE', browser_info[:language]
+            add_pair post, 'BROWSERSCREENHEIGHT', browser_info[:height]
+            add_pair post, 'BROWSERSCREENWIDTH', browser_info[:width]
+            add_pair post, 'BROWSERTIMEZONE', browser_info[:timezone]
+            add_pair post, 'BROWSERUSERAGENT', browser_info[:user_agent]
+          end
+          # recommended
+          if ecom_postal
+            add_pair post, 'ECOM_BILLTO_POSTAL_CITY', ecom_postal[:city]
+            add_pair post, 'ECOM_BILLTO_POSTAL_COUNTRYCODE', ecom_postal[:country]
+            add_pair post, 'ECOM_BILLTO_POSTAL_STREET_LINE1', ecom_postal[:address1]
+            add_pair post, 'ECOM_BILLTO_POSTAL_STREET_LINE2', ecom_postal[:address2]
+            add_pair post, 'ECOM_BILLTO_POSTAL_POSTALCODE', ecom_postal[:zip]
+          end
+          # optional
+          add_pair post, 'Mpi.threeDSRequestorChallengeIndicator', options[:three_ds_reqchallengeind]
+        else
+          add_pair post, 'HTTP_ACCEPT', options[:http_accept] || '*/*'
+        end
       end
 
       def add_eci(post, eci)
@@ -414,7 +442,7 @@ module ActiveMerchant #:nodoc:
           return
         end
 
-        add_pair parameters, 'SHASign', calculate_signature(parameters, @options[:signature_encryptor], @options[:signature])
+        add_pair parameters, 'SHASIGN', calculate_signature(parameters, @options[:signature_encryptor], @options[:signature])
       end
 
       def calculate_signature(signed_parameters, algorithm, secret)
@@ -432,7 +460,7 @@ module ActiveMerchant #:nodoc:
             raise "Unknown signature algorithm #{algorithm}"
           end
 
-        filtered_params = signed_parameters.select { |_k, v| !v.blank? }
+        filtered_params = signed_parameters.compact
         sha_encryptor.hexdigest(
           filtered_params.sort_by { |k, _v| k.upcase }.map { |k, v| "#{k.upcase}=#{v}#{secret}" }.join('')
         ).upcase
@@ -456,7 +484,7 @@ module ActiveMerchant #:nodoc:
       end
 
       def add_pair(post, key, value)
-        post[key] = value if !value.blank?
+        post[key] = value unless value.nil?
       end
 
       def convert_attributes_to_hash(rexml_attributes)

data/lib/active_merchant/billing/gateways/openpay.rb

@@ -1,8 +1,15 @@
 module ActiveMerchant #:nodoc:
   module Billing #:nodoc:
     class OpenpayGateway < Gateway
-      self.live_url = 'https://api.openpay.mx/v1/'
-      self.test_url = 'https://sandbox-api.openpay.mx/v1/'
+      class_attribute :mx_live_url, :mx_test_url
+      class_attribute :co_live_url, :co_test_url
+
+      self.co_live_url = 'https://api.openpay.co/v1/'
+      self.co_test_url = 'https://sandbox-api.openpay.co/v1/'
+      self.mx_live_url = 'https://api.openpay.mx/v1/'
+      self.mx_test_url = 'https://sandbox-api.openpay.mx/v1/'
+      self.live_url = self.co_live_url
+      self.test_url = self.co_test_url
 
       self.supported_countries = %w(CO MX)
       self.supported_cardtypes = %i[visa master american_express carnet]
@@ -24,6 +31,16 @@ module ActiveMerchant #:nodoc:
         super
       end
 
+      def gateway_url(options = {})
+        country = options[:merchant_country] || @options[:merchant_country]
+
+        if country == 'MX'
+          test? ? mx_test_url : mx_live_url
+        else
+          test? ? co_test_url : co_live_url
+        end
+      end
+
       def purchase(money, creditcard, options = {})
         post = create_post_for_auth_or_purchase(money, creditcard, options)
         commit(:post, 'charges', post, options)
@@ -192,7 +209,7 @@ module ActiveMerchant #:nodoc:
       end
 
       def http_request(method, resource, parameters = {}, options = {})
-        url = (test? ? self.test_url : self.live_url) + @merchant_id + '/' + resource
+        url = gateway_url(options) + @merchant_id + '/' + resource
         raw_response = nil
         begin
           raw_response = ssl_request(method, url, (parameters ? parameters.to_json : nil), headers(options))