activemerchant 1.126.0 → 1.129.0

data/lib/active_merchant/billing/gateways/commerce_hub.rb

@@ -0,0 +1,361 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class CommerceHubGateway < Gateway
+      self.test_url = 'https://cert.api.fiservapps.com/ch'
+      self.live_url = 'https://prod.api.fiservapps.com/ch'
+
+      self.supported_countries = ['US']
+      self.default_currency = 'USD'
+      self.supported_cardtypes = %i[visa master american_express discover]
+
+      self.homepage_url = 'https://developer.fiserv.com/product/CommerceHub'
+      self.display_name = 'CommerceHub'
+
+      STANDARD_ERROR_CODE_MAPPING = {}
+
+      SCHEDULED_REASON_TYPES = %w(recurring installment)
+      ENDPOINTS = {
+        'sale' => '/payments/v1/charges',
+        'void' => '/payments/v1/cancels',
+        'refund' => '/payments/v1/refunds',
+        'vault' => '/payments-vas/v1/tokens',
+        'verify' => '/payments-vas/v1/accounts/verification'
+      }
+
+      def initialize(options = {})
+        requires!(options, :api_key, :api_secret, :merchant_id, :terminal_id)
+        super
+      end
+
+      def purchase(money, payment, options = {})
+        post = {}
+        options[:capture_flag] = true
+        options[:create_token] = false
+
+        add_transaction_details(post, options, 'sale')
+        build_purchase_and_auth_request(post, money, payment, options)
+
+        commit('sale', post, options)
+      end
+
+      def authorize(money, payment, options = {})
+        post = {}
+        options[:capture_flag] = false
+        options[:create_token] = false
+
+        add_transaction_details(post, options, 'sale')
+        build_purchase_and_auth_request(post, money, payment, options)
+
+        commit('sale', post, options)
+      end
+
+      def capture(money, authorization, options = {})
+        post = {}
+        options[:capture_flag] = true
+        add_invoice(post, money, options)
+        add_transaction_details(post, options, 'capture')
+        add_reference_transaction_details(post, authorization, options, :capture)
+
+        commit('sale', post, options)
+      end
+
+      def refund(money, authorization, options = {})
+        post = {}
+        add_invoice(post, money, options) if money
+        add_transaction_details(post, options)
+        add_reference_transaction_details(post, authorization, options, :refund)
+
+        commit('refund', post, options)
+      end
+
+      def void(authorization, options = {})
+        post = {}
+        add_transaction_details(post, options)
+        add_reference_transaction_details(post, authorization, options, :void)
+
+        commit('void', post, options)
+      end
+
+      def store(credit_card, options = {})
+        post = {}
+        add_payment(post, credit_card, options)
+        add_billing_address(post, credit_card, options)
+        add_transaction_details(post, options)
+        add_transaction_interaction(post, options)
+
+        commit('vault', post, options)
+      end
+
+      def verify(credit_card, options = {})
+        post = {}
+        add_payment(post, credit_card, options)
+        add_billing_address(post, credit_card, options)
+
+        commit('verify', post, options)
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((Authorization: )[a-zA-Z0-9+./=]+), '\1[FILTERED]').
+          gsub(%r((Api-Key: )\w+), '\1[FILTERED]').
+          gsub(%r(("cardData\\?":\\?")\d+), '\1[FILTERED]').
+          gsub(%r(("securityCode\\?":\\?")\d+), '\1[FILTERED]').
+          gsub(%r(("cavv\\?":\\?")\w+), '\1[FILTERED]')
+      end
+
+      private
+
+      def add_transaction_interaction(post, options)
+        post[:transactionInteraction] = {}
+        post[:transactionInteraction][:origin] = options[:origin] || 'ECOM'
+        post[:transactionInteraction][:eciIndicator] = options[:eci_indicator] || 'CHANNEL_ENCRYPTED'
+        post[:transactionInteraction][:posConditionCode] = options[:pos_condition_code] || 'CARD_NOT_PRESENT_ECOM'
+        post[:transactionInteraction][:posEntryMode] = options[:pos_entry_mode] || 'MANUAL'
+        post[:transactionInteraction][:additionalPosInformation] = {}
+        post[:transactionInteraction][:additionalPosInformation][:dataEntrySource] = options[:data_entry_source] || 'UNSPECIFIED'
+      end
+
+      def add_transaction_details(post, options, action = nil)
+        details = { captureFlag: options[:capture_flag], createToken: options[:create_token] }
+
+        if options[:order_id].present? && action == 'sale'
+          details[:merchantOrderId] = options[:order_id]
+          details[:merchantTransactionId] = options[:order_id]
+        end
+
+        if action != 'capture'
+          details[:merchantInvoiceNumber] = options[:merchant_invoice_number] || rand.to_s[2..13]
+          details[:primaryTransactionType] = options[:primary_transaction_type]
+          details[:accountVerification] = options[:account_verification]
+        end
+
+        post[:transactionDetails] = details.compact
+      end
+
+      def add_billing_address(post, payment, options)
+        return unless billing = options[:billing_address]
+
+        billing_address = {}
+        if payment.is_a?(CreditCard)
+          billing_address[:firstName] = payment.first_name if payment.first_name
+          billing_address[:lastName] = payment.last_name if payment.last_name
+        end
+        address = {}
+        address[:street] = billing[:address1] if billing[:address1]
+        address[:houseNumberOrName] = billing[:address2] if billing[:address2]
+        address[:recipientNameOrAddress] = billing[:name] if billing[:name]
+        address[:city] = billing[:city] if billing[:city]
+        address[:stateOrProvince] = billing[:state] if billing[:state]
+        address[:postalCode] = billing[:zip] if billing[:zip]
+        address[:country] = billing[:country] if billing[:country]
+
+        billing_address[:address] = address unless address.empty?
+        if billing[:phone_number]
+          billing_address[:phone] = {}
+          billing_address[:phone][:phoneNumber] = billing[:phone_number]
+        end
+        post[:billingAddress] = billing_address
+      end
+
+      def add_shipping_address(post, options)
+        return unless shipping = options[:shipping_address]
+
+        shipping_address = {}
+        address = {}
+        address[:street] = shipping[:address1] if shipping[:address1]
+        address[:houseNumberOrName] = shipping[:address2] if shipping[:address2]
+        address[:recipientNameOrAddress] = shipping[:name] if shipping[:name]
+        address[:city] = shipping[:city] if shipping[:city]
+        address[:stateOrProvince] = shipping[:state] if shipping[:state]
+        address[:postalCode] = shipping[:zip] if shipping[:zip]
+        address[:country] = shipping[:country] if shipping[:country]
+
+        shipping_address[:address] = address unless address.empty?
+        if shipping[:phone_number]
+          shipping_address[:phone] = {}
+          shipping_address[:phone][:phoneNumber] = shipping[:phone_number]
+        end
+        post[:shippingAddress] = shipping_address
+      end
+
+      def build_purchase_and_auth_request(post, money, payment, options)
+        add_invoice(post, money, options)
+        add_payment(post, payment, options)
+        add_stored_credentials(post, options)
+        add_transaction_interaction(post, options)
+        add_billing_address(post, payment, options)
+        add_shipping_address(post, options)
+      end
+
+      def add_reference_transaction_details(post, authorization, options, action = nil)
+        reference_details = {}
+        _merchant_reference, transaction_id = authorization.include?('|') ? authorization.split('|') : [nil, authorization]
+
+        reference_details[:referenceTransactionId] = transaction_id
+        reference_details[:referenceTransactionType] = (options[:reference_transaction_type] || 'CHARGES') unless action == :capture
+        post[:referenceTransactionDetails] = reference_details.compact
+      end
+
+      def add_invoice(post, money, options)
+        post[:amount] = {
+          total: amount(money).to_f,
+          currency: options[:currency] || self.default_currency
+        }
+      end
+
+      def add_stored_credentials(post, options)
+        return unless stored_credential = options[:stored_credential]
+
+        post[:storedCredentials] = {}
+        post[:storedCredentials][:sequence] = stored_credential[:initial_transaction] ? 'FIRST' : 'SUBSEQUENT'
+        post[:storedCredentials][:initiator] = stored_credential[:initiator] == 'merchant' ? 'MERCHANT' : 'CARD_HOLDER'
+        post[:storedCredentials][:scheduled] = SCHEDULED_REASON_TYPES.include?(stored_credential[:reason_type])
+        post[:storedCredentials][:schemeReferenceTransactionId] = stored_credential[:network_transaction_id] if stored_credential[:network_transaction_id]
+      end
+
+      def add_credit_card(source, payment, options)
+        source[:sourceType] = 'PaymentCard'
+        source[:card] = {}
+        source[:card][:cardData] = payment.number
+        source[:card][:expirationMonth] = format(payment.month, :two_digits) if payment.month
+        source[:card][:expirationYear] = format(payment.year, :four_digits) if payment.year
+        if payment.verification_value
+          source[:card][:securityCode] = payment.verification_value
+          source[:card][:securityCodeIndicator] = 'PROVIDED'
+        end
+      end
+
+      def add_payment_token(source, payment, options)
+        source[:sourceType] = 'PaymentToken'
+        source[:tokenData] = payment
+        source[:tokenSource] = options[:token_source] if options[:token_source]
+        if options[:card_expiration_month] || options[:card_expiration_year]
+          source[:card] = {}
+          source[:card][:expirationMonth] = options[:card_expiration_month] if options[:card_expiration_month]
+          source[:card][:expirationYear] = options[:card_expiration_year] if options[:card_expiration_year]
+        end
+      end
+
+      def add_decrypted_wallet(source, payment, options)
+        source[:sourceType] = 'DecryptedWallet'
+        source[:card] = {}
+        source[:card][:cardData] = payment.number
+        source[:card][:expirationMonth] = format(payment.month, :two_digits)
+        source[:card][:expirationYear] = format(payment.year, :four_digits)
+        source[:cavv] = payment.payment_cryptogram
+        source[:walletType] = payment.source.to_s.upcase
+      end
+
+      def add_payment(post, payment, options = {})
+        source = {}
+        case payment
+        when NetworkTokenizationCreditCard
+          add_decrypted_wallet(source, payment, options)
+        when CreditCard
+          add_credit_card(source, payment, options)
+        when String
+          add_payment_token(source, payment, options)
+        end
+        post[:source] = source
+      end
+
+      def parse(body)
+        JSON.parse(body)
+      end
+
+      def headers(request, options)
+        time = DateTime.now.strftime('%Q').to_s
+        client_request_id = options[:client_request_id] || rand.to_s[2..8]
+        raw_signature = @options[:api_key] + client_request_id.to_s + time + request
+        hmac = OpenSSL::HMAC.digest('sha256', @options[:api_secret], raw_signature)
+        signature = Base64.strict_encode64(hmac.to_s).to_s
+
+        {
+          'Client-Request-Id' => client_request_id,
+          'Api-Key' => @options[:api_key],
+          'Timestamp' => time,
+          'Accept-Language' => 'application/json',
+          'Auth-Token-Type' => 'HMAC',
+          'Content-Type' => 'application/json',
+          'Accept' => 'application/json',
+          'Authorization' => signature
+        }
+      end
+
+      def add_merchant_details(post)
+        post[:merchantDetails] = {}
+        post[:merchantDetails][:terminalId] = @options[:terminal_id]
+        post[:merchantDetails][:merchantId] = @options[:merchant_id]
+      end
+
+      def commit(action, parameters, options)
+        url = (test? ? test_url : live_url) + ENDPOINTS[action]
+        add_merchant_details(parameters)
+        response = parse(ssl_post(url, parameters.to_json, headers(parameters.to_json, options)))
+
+        Response.new(
+          success_from(response, action),
+          message_from(response, action),
+          response,
+          authorization: authorization_from(action, response, options),
+          test: test?,
+          error_code: error_code_from(response, action),
+          avs_result: AVSResult.new(code: get_avs_cvv(response, 'avs')),
+          cvv_result: CVVResult.new(get_avs_cvv(response, 'cvv'))
+        )
+      end
+
+      def get_avs_cvv(response, type = 'avs')
+        response.dig(
+          'paymentReceipt',
+          'processorResponseDetails',
+          'bankAssociationDetails',
+          'avsSecurityCodeResponse',
+          'association',
+          type == 'avs' ? 'avsCode' : 'securityCodeResponse'
+        )
+      end
+
+      def handle_response(response)
+        case response.code.to_i
+        when 200...300, 400, 401, 429
+          response.body
+        else
+          raise ResponseError.new(response)
+        end
+      end
+
+      def success_from(response, action = nil)
+        return message_from(response, action) == 'VERIFIED' if action == 'verify'
+
+        (response.dig('paymentReceipt', 'processorResponseDetails', 'responseCode') || response.dig('paymentTokens', 0, 'tokenResponseCode')) == '000'
+      end
+
+      def message_from(response, action = nil)
+        return response.dig('error', 0, 'message') if response['error'].present?
+        return response.dig('gatewayResponse', 'transactionState') if action == 'verify'
+
+        response.dig('paymentReceipt', 'processorResponseDetails', 'responseMessage') || response.dig('gatewayResponse', 'transactionType')
+      end
+
+      def authorization_from(action, response, options)
+        case action
+        when 'vault'
+          response.dig('paymentTokens', 0, 'tokenData')
+        when 'sale'
+          [options[:order_id] || '', response.dig('gatewayResponse', 'transactionProcessingDetails', 'transactionId')].join('|')
+        else
+          response.dig('gatewayResponse', 'transactionProcessingDetails', 'transactionId')
+        end
+      end
+
+      def error_code_from(response, action)
+        response.dig('error', 0, 'code') unless success_from(response, action)
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/credorax.rb

@@ -4,7 +4,7 @@ module ActiveMerchant #:nodoc:
       class_attribute :test_url, :live_na_url, :live_eu_url
 
       self.display_name = 'Credorax Gateway'
-      self.homepage_url = 'https://www.credorax.com/'
+      self.homepage_url = 'https://www.finaro.com/'
 
       # NOTE: the IP address you run the remote tests from will need to be
       # whitelisted by Credorax; contact support@credorax.com as necessary to
@@ -26,7 +26,13 @@ module ActiveMerchant #:nodoc:
       self.currencies_with_three_decimal_places = %w(BHD IQD JOD KWD LYD OMR TND)
 
       self.money_format = :cents
-      self.supported_cardtypes = %i[visa master maestro american_express]
+      self.supported_cardtypes = %i[visa master maestro american_express jcb discover diners_club]
+
+      NETWORK_TOKENIZATION_CARD_SOURCE = {
+        'apple_pay' => 'applepay',
+        'google_pay' => 'googlepay',
+        'network_token' => 'vts_mdes_token'
+      }
 
       RESPONSE_MESSAGES = {
         '00' => 'Approved or completed successfully',
@@ -63,26 +69,27 @@ module ActiveMerchant #:nodoc:
         '31' => 'Issuer signed-off',
         '32' => 'Completed partially',
         '33' => 'Pick-up, expired card',
-        '34' => 'Suspect Fraud',
+        '34' => 'Implausible card data',
         '35' => 'Pick-up, card acceptor contact acquirer',
         '36' => 'Pick up, card restricted',
         '37' => 'Pick up, call acquirer security',
         '38' => 'Pick up, Allowable PIN tries exceeded',
-        '39' => 'Transaction Not Allowed',
+        '39' => 'No credit account',
         '40' => 'Requested function not supported',
         '41' => 'Lost Card, Pickup',
         '42' => 'No universal account',
         '43' => 'Pick up, stolen card',
         '44' => 'No investment account',
+        '46' => 'Closed account',
         '50' => 'Do not renew',
-        '51' => 'Not sufficient funds',
+        '51' => 'Insufficient funds',
         '52' => 'No checking Account',
         '53' => 'No savings account',
         '54' => 'Expired card',
-        '55' => 'Pin incorrect',
+        '55' => 'Incorrect PIN',
         '56' => 'No card record',
         '57' => 'Transaction not allowed for cardholder',
-        '58' => 'Transaction not allowed for merchant',
+        '58' => 'Transaction not permitted to terminal',
         '59' => 'Suspected Fraud',
         '60' => 'Card acceptor contact acquirer',
         '61' => 'Exceeds withdrawal amount limit',
@@ -93,22 +100,22 @@ module ActiveMerchant #:nodoc:
         '66' => 'Call acquirers security department',
         '67' => 'Card to be picked up at ATM',
         '68' => 'Response received too late.',
-        '70' => 'Invalid transaction; contact card issuer',
+        '70' => 'PIN data required',
         '71' => 'Decline PIN not changed',
         '75' => 'Pin tries exceeded',
         '76' => 'Wrong PIN, number of PIN tries exceeded',
         '77' => 'Wrong Reference No.',
-        '78' => 'Record Not Found',
-        '79' => 'Already reversed',
+        '78' => 'Blocked, first used/ Record not found',
+        '79' => 'Declined due to lifecycle event',
         '80' => 'Network error',
-        '81' => 'Foreign network error / PIN cryptographic error',
-        '82' => 'Time out at issuer system',
+        '81' => 'PIN cryptographic error',
+        '82' => 'Bad CVV/ Declined due to policy event',
         '83' => 'Transaction failed',
         '84' => 'Pre-authorization timed out',
         '85' => 'No reason to decline',
         '86' => 'Cannot verify pin',
         '87' => 'Purchase amount only, no cashback allowed',
-        '88' => 'MAC sync Error',
+        '88' => 'Cryptographic failure',
         '89' => 'Authentication failure',
         '91' => 'Issuer not available',
         '92' => 'Unable to route at acquirer Module',
@@ -116,9 +123,13 @@ module ActiveMerchant #:nodoc:
         '94' => 'Duplicate Transmission',
         '95' => 'Reconcile error / Auth Not found',
         '96' => 'System malfunction',
+        '97' => 'Transaction has been declined by the processor',
+        'N3' => 'Cash service not available',
+        'N4' => 'Cash request exceeds issuer or approved limit',
+        'N7' => 'CVV2 failure',
         'R0' => 'Stop Payment Order',
         'R1' => 'Revocation of Authorisation Order',
-        'R3' => 'Revocation of all Authorisations Order',
+        'R3' => 'Revocation of all Authorisation Orders',
         '1A' => 'Strong Customer Authentication required'
       }
 
@@ -130,7 +141,7 @@ module ActiveMerchant #:nodoc:
       def purchase(amount, payment_method, options = {})
         post = {}
         add_invoice(post, amount, options)
-        add_payment_method(post, payment_method)
+        add_payment_method(post, payment_method, options)
         add_customer_data(post, options)
         add_email(post, options)
         add_3d_secure(post, options)
@@ -146,7 +157,7 @@ module ActiveMerchant #:nodoc:
       def authorize(amount, payment_method, options = {})
         post = {}
         add_invoice(post, amount, options)
-        add_payment_method(post, payment_method)
+        add_payment_method(post, payment_method, options)
         add_customer_data(post, options)
         add_email(post, options)
         add_3d_secure(post, options)
@@ -206,13 +217,14 @@ module ActiveMerchant #:nodoc:
       def credit(amount, payment_method, options = {})
         post = {}
         add_invoice(post, amount, options)
-        add_payment_method(post, payment_method)
+        add_payment_method(post, payment_method, options)
         add_customer_data(post, options)
         add_email(post, options)
         add_echo(post, options)
         add_submerchant_id(post, options)
         add_transaction_type(post, options)
         add_processor(post, options)
+        add_customer_name(post, options)
 
         commit(:credit, post)
       end
@@ -271,8 +283,9 @@ module ActiveMerchant #:nodoc:
         'maestro' => '9'
       }
 
-      def add_payment_method(post, payment_method)
-        post[:c1] = payment_method.name
+      def add_payment_method(post, payment_method, options)
+        post[:c1] = payment_method&.name || ''
+        add_network_tokenization_card(post, payment_method, options) if payment_method.is_a? NetworkTokenizationCreditCard
         post[:b2] = CARD_TYPES[payment_method.brand] || ''
         post[:b1] = payment_method.number
         post[:b5] = payment_method.verification_value
@@ -280,6 +293,13 @@ module ActiveMerchant #:nodoc:
         post[:b3] = format(payment_method.month, :two_digits)
       end
 
+      def add_network_tokenization_card(post, payment_method, options)
+        post[:b21] = NETWORK_TOKENIZATION_CARD_SOURCE[payment_method.source.to_s]
+        post[:token_eci] = post[:b21] == 'vts_mdes_token' ? '07' : nil
+        post[:token_eci] = options[:eci] || payment_method&.eci || (payment_method.brand.to_s == 'master' ? '00' : '07')
+        post[:token_crypto] = payment_method&.payment_cryptogram if payment_method.source.to_s == 'network_token'
+      end
+
       def add_stored_credential(post, options)
         add_transaction_type(post, options)
         # if :transaction_type option is not passed, then check for :stored_credential options
@@ -288,10 +308,11 @@ module ActiveMerchant #:nodoc:
         if stored_credential[:initiator] == 'merchant'
           case stored_credential[:reason_type]
           when 'recurring'
-            stored_credential[:initial_transaction] ? post[:a9] = '1' : post[:a9] = '2'
+            post[:a9] = stored_credential[:initial_transaction] ? '1' : '2'
           when 'installment', 'unscheduled'
             post[:a9] = '8'
           end
+          post[:g6] = stored_credential[:network_transaction_id] if stored_credential[:network_transaction_id]
         else
           post[:a9] = '9'
         end
@@ -324,10 +345,11 @@ module ActiveMerchant #:nodoc:
       def add_recipient(post, options)
         return unless options[:recipient_street_address] || options[:recipient_city] || options[:recipient_province_code] || options[:recipient_country_code]
 
+        recipient_country_code = options[:recipient_country_code]&.length == 3 ? options[:recipient_country_code] : Country.find(options[:recipient_country_code]).code(:alpha3).value if options[:recipient_country_code]
         post[:j6] = options[:recipient_street_address] if options[:recipient_street_address]
         post[:j7] = options[:recipient_city] if options[:recipient_city]
         post[:j8] = options[:recipient_province_code] if options[:recipient_province_code]
-        post[:j9] = options[:recipient_country_code] if options[:recipient_country_code]
+        post[:j9] = recipient_country_code
       end
 
       def add_customer_name(post, options)
@@ -434,7 +456,7 @@ module ActiveMerchant #:nodoc:
         capture: '3',
         authorize_void: '4',
         refund: '5',
-        credit: '6',
+        credit: '35',
         purchase_void: '7',
         refund_void: '8',
         capture_void: '9',
@@ -475,11 +497,9 @@ module ActiveMerchant #:nodoc:
       end
 
       def request_action(action, reference_action)
-        if reference_action
-          ACTIONS["#{reference_action}_#{action}".to_sym]
-        else
-          ACTIONS[action]
-        end
+        return ACTIONS["#{reference_action}_#{action}".to_sym] if reference_action
+
+        ACTIONS[action]
       end
 
       def url

data/lib/active_merchant/billing/gateways/cyber_source/cyber_source_common.rb

@@ -0,0 +1,36 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    module CyberSourceCommon
+      def check_billing_field_value(default, submitted)
+        if submitted.nil?
+          nil
+        elsif submitted.blank?
+          default
+        else
+          submitted
+        end
+      end
+
+      def address_names(address_name, payment_method)
+        names = split_names(address_name)
+        return names if names.any?(&:present?)
+
+        [
+          payment_method&.first_name,
+          payment_method&.last_name
+        ]
+      end
+
+      def lookup_country_code(country_field)
+        return unless country_field.present?
+
+        country_code = Country.find(country_field)
+        country_code&.code(:alpha2)
+      end
+
+      def eligible_for_zero_auth?(payment_method, options = {})
+        payment_method.is_a?(CreditCard) && options[:zero_amount_auth]
+      end
+    end
+  end
+end