activemerchant 1.131.0 → 1.137.0

data/lib/active_merchant/billing/gateways/mit.rb

@@ -7,6 +7,7 @@ module ActiveMerchant #:nodoc:
   module Billing #:nodoc:
     class MitGateway < Gateway
       self.live_url = 'https://wpy.mitec.com.mx/ModuloUtilWS/activeCDP.htm'
+      self.test_url = 'https://scqa.mitec.com.mx/ModuloUtilWS/activeCDP.htm'
 
       self.supported_countries = ['MX']
       self.default_currency = 'MXN'
@@ -41,7 +42,7 @@ module ActiveMerchant #:nodoc:
         # original message
         full_data = unpacked[0].bytes.slice(16, unpacked[0].bytes.length)
         # Creates the engine
-        engine = OpenSSL::Cipher::AES128.new(:CBC)
+        engine = OpenSSL::Cipher.new('aes-128-cbc')
         # Set engine as decrypt mode
         engine.decrypt
         # Converts the key from hex to bytes
@@ -54,7 +55,7 @@ module ActiveMerchant #:nodoc:
 
       def encrypt(val, keyinhex)
         # Creates the engine motor
-        engine = OpenSSL::Cipher::AES128.new(:CBC)
+        engine = OpenSSL::Cipher.new('aes-128-cbc')
         # Set engine as encrypt mode
         engine.encrypt
         # Converts the key from hex to bytes
@@ -93,8 +94,7 @@ module ActiveMerchant #:nodoc:
         post_to_json_encrypt = encrypt(post_to_json, @options[:key_session])
 
         final_post = '<authorization>' + post_to_json_encrypt + '</authorization><dataID>' + @options[:user] + '</dataID>'
-        json_post = {}
-        json_post[:payload] = final_post
+        json_post = final_post
         commit('sale', json_post)
       end
 
@@ -114,8 +114,7 @@ module ActiveMerchant #:nodoc:
         post_to_json_encrypt = encrypt(post_to_json, @options[:key_session])
 
         final_post = '<capture>' + post_to_json_encrypt + '</capture><dataID>' + @options[:user] + '</dataID>'
-        json_post = {}
-        json_post[:payload] = final_post
+        json_post = final_post
         commit('capture', json_post)
       end
 
@@ -136,8 +135,7 @@ module ActiveMerchant #:nodoc:
         post_to_json_encrypt = encrypt(post_to_json, @options[:key_session])
 
         final_post = '<refund>' + post_to_json_encrypt + '</refund><dataID>' + @options[:user] + '</dataID>'
-        json_post = {}
-        json_post[:payload] = final_post
+        json_post = final_post
         commit('refund', json_post)
       end
 
@@ -145,10 +143,18 @@ module ActiveMerchant #:nodoc:
         true
       end
 
+      def extract_mit_responses_from_transcript(transcript)
+        groups = transcript.scan(/reading \d+ bytes(.*?)read \d+ bytes/m)
+        groups.map do |group|
+          group.first.scan(/-> "(.*?)"/).flatten.map(&:strip).join('')
+        end
+      end
+
       def scrub(transcript)
         ret_transcript = transcript
         auth_origin = ret_transcript[/<authorization>(.*?)<\/authorization>/, 1]
         unless auth_origin.nil?
+          auth_origin = auth_origin.gsub('\n', '')
           auth_decrypted = decrypt(auth_origin, @options[:key_session])
           auth_json = JSON.parse(auth_decrypted)
           auth_json['card'] = '[FILTERED]'
@@ -162,6 +168,7 @@ module ActiveMerchant #:nodoc:
 
         cap_origin = ret_transcript[/<capture>(.*?)<\/capture>/, 1]
         unless cap_origin.nil?
+          cap_origin = cap_origin.gsub('\n', '')
           cap_decrypted = decrypt(cap_origin, @options[:key_session])
           cap_json = JSON.parse(cap_decrypted)
           cap_json['apikey'] = '[FILTERED]'
@@ -173,6 +180,7 @@ module ActiveMerchant #:nodoc:
 
         ref_origin = ret_transcript[/<refund>(.*?)<\/refund>/, 1]
         unless ref_origin.nil?
+          ref_origin = ref_origin.gsub('\n', '')
           ref_decrypted = decrypt(ref_origin, @options[:key_session])
           ref_json = JSON.parse(ref_decrypted)
           ref_json['apikey'] = '[FILTERED]'
@@ -182,15 +190,10 @@ module ActiveMerchant #:nodoc:
           ret_transcript = ret_transcript.gsub(/<refund>(.*?)<\/refund>/, ref_tagged)
         end
 
-        res_origin = ret_transcript[/#{Regexp.escape('reading ')}(.*?)#{Regexp.escape('read')}/m, 1]
-        loop do
-          break if res_origin.nil?
-
-          resp_origin = res_origin[/#{Regexp.escape('"')}(.*?)#{Regexp.escape('"')}/m, 1]
-          resp_decrypted = decrypt(resp_origin, @options[:key_session])
-          ret_transcript[/#{Regexp.escape('reading ')}(.*?)#{Regexp.escape('read')}/m, 1] = resp_decrypted
-          ret_transcript = ret_transcript.sub('reading ', 'response: ')
-          res_origin = ret_transcript[/#{Regexp.escape('reading ')}(.*?)#{Regexp.escape('read')}/m, 1]
+        groups = extract_mit_responses_from_transcript(transcript)
+        groups.each do |group|
+          group_decrypted = decrypt(group, @options[:key_session])
+          ret_transcript = ret_transcript.gsub('Conn close', "\n" + group_decrypted + "\nConn close")
         end
 
         ret_transcript
@@ -218,10 +221,12 @@ module ActiveMerchant #:nodoc:
         post[:name_client] = [payment.first_name, payment.last_name].join(' ')
       end
 
+      def url
+        test? ? test_url : live_url
+      end
+
       def commit(action, parameters)
-        json_str = JSON.generate(parameters)
-        cleaned_str = json_str.gsub('\n', '')
-        raw_response = ssl_post(live_url, cleaned_str, { 'Content-type' => 'application/json' })
+        raw_response = ssl_post(url, parameters, { 'Content-type' => 'text/plain' })
         response = JSON.parse(decrypt(raw_response, @options[:key_session]))
 
         Response.new(

data/lib/active_merchant/billing/gateways/modern_payments_cim.rb

@@ -111,13 +111,12 @@ module ActiveMerchant #:nodoc:
       end
 
       def build_request(action, params)
+        envelope_obj = { 'xmlns:xsd' => 'http://www.w3.org/2001/XMLSchema',
+          'xmlns:env' => 'http://schemas.xmlsoap.org/soap/envelope/',
+          'xmlns:xsi' => 'http://www.w3.org/2001/XMLSchema-instance' }
         xml = Builder::XmlMarkup.new indent: 2
         xml.instruct!
-        xml.tag! 'env:Envelope',
-          { 'xmlns:xsd' => 'http://www.w3.org/2001/XMLSchema',
-            'xmlns:env' => 'http://schemas.xmlsoap.org/soap/envelope/',
-            'xmlns:xsi' => 'http://www.w3.org/2001/XMLSchema-instance' } do
-
+        xml.tag! 'env:Envelope', envelope_obj do
           xml.tag! 'env:Body' do
             xml.tag! action, { 'xmlns' => xmlns(action) } do
               xml.tag! 'clientId', @options[:login]
@@ -146,15 +145,24 @@ module ActiveMerchant #:nodoc:
       end
 
       def commit(action, params)
-        data = ssl_post(url(action), build_request(action, params),
-          { 'Content-Type' => 'text/xml; charset=utf-8',
-            'SOAPAction' => "#{xmlns(action)}#{action}" })
+        data = ssl_post(
+          url(action),
+          build_request(action, params),
+          {
+            'Content-Type' => 'text/xml; charset=utf-8',
+            'SOAPAction' => "#{xmlns(action)}#{action}"
+          }
+        )
 
         response = parse(action, data)
-        Response.new(successful?(action, response), message_from(action, response), response,
+        Response.new(
+          successful?(action, response),
+          message_from(action, response),
+          response,
           test: test?,
           authorization: authorization_from(action, response),
-          avs_result: { code: response[:avs_code] })
+          avs_result: { code: response[:avs_code] }
+        )
       end
 
       def authorization_from(action, response)

data/lib/active_merchant/billing/gateways/monei.rb

@@ -337,7 +337,7 @@ module ActiveMerchant #:nodoc:
         endpoint = translate_action_endpoint(action, options)
         headers = {
           'Content-Type': 'application/json;charset=UTF-8',
-          'Authorization': @options[:api_key],
+          Authorization: @options[:api_key],
           'User-Agent': 'MONEI/Shopify/0.1.0'
         }
 

data/lib/active_merchant/billing/gateways/moneris.rb

@@ -54,6 +54,7 @@ module ActiveMerchant #:nodoc:
         post[:crypt_type] = options[:crypt_type] || @options[:crypt_type]
         add_external_mpi_fields(post, options)
         add_stored_credential(post, options)
+        add_cust_id(post, options)
         action = if post[:cavv] || options[:three_d_secure]
                    'cavv_preauth'
                  elsif post[:data_key].blank?
@@ -78,6 +79,7 @@ module ActiveMerchant #:nodoc:
         post[:crypt_type] = options[:crypt_type] || @options[:crypt_type]
         add_external_mpi_fields(post, options)
         add_stored_credential(post, options)
+        add_cust_id(post, options)
         action = if post[:cavv] || options[:three_d_secure]
                    'cavv_purchase'
                  elsif post[:data_key].blank?
@@ -216,7 +218,7 @@ module ActiveMerchant #:nodoc:
         three_d_secure_options = options[:three_d_secure]
 
         post[:threeds_version] = three_d_secure_options[:version]
-        post[:crypt_type] = three_d_secure_options[:eci]
+        post[:crypt_type] = three_d_secure_options.dig(:eci)&.to_s&.sub!(/^0/, '')
         post[:cavv] = three_d_secure_options[:cavv]
         post[:threeds_server_trans_id] = three_d_secure_options[:three_ds_server_trans_id]
         post[:ds_trans_id] = three_d_secure_options[:ds_transaction_id]
@@ -248,6 +250,10 @@ module ActiveMerchant #:nodoc:
         post[:payment_information] = options[:payment_information] if options[:payment_information]
       end
 
+      def add_cust_id(post, options)
+        post[:cust_id] = options[:cust_id] if options[:cust_id]
+      end
+
       def add_stored_credential(post, options)
         add_cof(post, options)
         # if any of :issuer_id, :payment_information, or :payment_indicator is not passed,
@@ -467,8 +473,8 @@ module ActiveMerchant #:nodoc:
           'indrefund' => %i[order_id cust_id amount pan expdate crypt_type],
           'completion' => %i[order_id comp_amount txn_number crypt_type],
           'purchasecorrection' => %i[order_id txn_number crypt_type],
-          'cavv_preauth' => %i[order_id cust_id amount pan expdate cavv crypt_type wallet_indicator],
-          'cavv_purchase' => %i[order_id cust_id amount pan expdate cavv crypt_type wallet_indicator],
+          'cavv_preauth' => %i[order_id cust_id amount pan expdate cavv crypt_type wallet_indicator threeds_version threeds_server_trans_id ds_trans_id],
+          'cavv_purchase' => %i[order_id cust_id amount pan expdate cavv crypt_type wallet_indicator threeds_version threeds_server_trans_id ds_trans_id],
           'card_verification' => %i[order_id cust_id pan expdate crypt_type avs_info cvd_info cof_info],
           'transact' => %i[order_id cust_id amount pan expdate crypt_type],
           'Batchcloseall' => [],

data/lib/active_merchant/billing/gateways/money_movers.rb

@@ -113,11 +113,15 @@ module ActiveMerchant #:nodoc:
         response = parse(data)
         message = message_from(response)
 
-        Response.new(success?(response), message, response,
+        Response.new(
+          success?(response),
+          message,
+          response,
           test: test?,
           authorization: response['transactionid'],
           avs_result: { code: response['avsresponse'] },
-          cvv_result: response['cvvresponse'])
+          cvv_result: response['cvvresponse']
+        )
       end
 
       def success?(response)

data/lib/active_merchant/billing/gateways/nab_transact.rb

@@ -233,16 +233,24 @@ module ActiveMerchant #:nodoc:
       def commit(action, request)
         response = parse(ssl_post(test? ? self.test_url : self.live_url, build_request(action, request)))
 
-        Response.new(success?(response), message_from(response), response,
+        Response.new(
+          success?(response),
+          message_from(response),
+          response,
           test: test?,
-          authorization: authorization_from(action, response))
+          authorization: authorization_from(action, response)
+        )
       end
 
       def commit_periodic(action, request)
         response = parse(ssl_post(test? ? self.test_periodic_url : self.live_periodic_url, build_periodic_request(action, request)))
-        Response.new(success?(response), message_from(response), response,
+        Response.new(
+          success?(response),
+          message_from(response),
+          response,
           test: test?,
-          authorization: authorization_from(action, response))
+          authorization: authorization_from(action, response)
+        )
       end
 
       def success?(response)

data/lib/active_merchant/billing/gateways/net_registry.rb

@@ -144,8 +144,12 @@ module ActiveMerchant
         # get gateway response
         response = parse(ssl_post(self.live_url, post_data(action, params)))
 
-        Response.new(response['status'] == 'approved', message_from(response), response,
-          authorization: authorization_from(response, action))
+        Response.new(
+          response['status'] == 'approved',
+          message_from(response),
+          response,
+          authorization: authorization_from(response, action)
+        )
       end
 
       def post_data(action, params)

data/lib/active_merchant/billing/gateways/netbanx.rb

@@ -233,7 +233,7 @@ module ActiveMerchant #:nodoc:
       end
 
       def map_3ds(three_d_secure_options)
-        mapped = {
+        {
           eci: three_d_secure_options[:eci],
           cavv: three_d_secure_options[:cavv],
           xid: three_d_secure_options[:xid],
@@ -241,8 +241,6 @@ module ActiveMerchant #:nodoc:
           threeDSecureVersion: three_d_secure_options[:version],
           directoryServerTransactionId: three_d_secure_options[:ds_transaction_id]
         }
-
-        mapped
       end
 
       def parse(body)

data/lib/active_merchant/billing/gateways/netbilling.rb

@@ -193,11 +193,15 @@ module ActiveMerchant #:nodoc:
       def commit(action, parameters)
         response = parse(ssl_post(self.live_url, post_data(action, parameters)))
 
-        Response.new(success?(response), message_from(response), response,
+        Response.new(
+          success?(response),
+          message_from(response),
+          response,
           test: test_response?(response),
           authorization: response[:trans_id],
           avs_result: { code: response[:avs_code] },
-          cvv_result: response[:cvv2_code])
+          cvv_result: response[:cvv2_code]
+        )
       rescue ActiveMerchant::ResponseError => e
         raise unless e.response.code =~ /^[67]\d\d$/
 

data/lib/active_merchant/billing/gateways/network_merchants.rb

@@ -200,11 +200,15 @@ module ActiveMerchant #:nodoc:
 
         authorization = authorization_from(success, parameters, raw)
 
-        Response.new(success, raw['responsetext'], raw,
+        Response.new(
+          success,
+          raw['responsetext'],
+          raw,
           test: test?,
           authorization: authorization,
           avs_result: { code: raw['avsresponse'] },
-          cvv_result: raw['cvvresponse'])
+          cvv_result: raw['cvvresponse']
+        )
       end
 
       def build_request(action, parameters)

data/lib/active_merchant/billing/gateways/nmi.rb

@@ -8,7 +8,7 @@ module ActiveMerchant #:nodoc:
       self.test_url = self.live_url = 'https://secure.networkmerchants.com/api/transact.php'
       self.default_currency = 'USD'
       self.money_format = :dollars
-      self.supported_countries = ['US']
+      self.supported_countries = %w[US CA]
       self.supported_cardtypes = %i[visa master american_express discover]
       self.homepage_url = 'http://nmi.com/'
       self.display_name = 'NMI'
@@ -134,6 +134,7 @@ module ActiveMerchant #:nodoc:
           gsub(%r((cvv=)\d+), '\1[FILTERED]').
           gsub(%r((checkaba=)\d+), '\1[FILTERED]').
           gsub(%r((checkaccount=)\d+), '\1[FILTERED]').
+          gsub(%r((cavv=)[^&\n]*), '\1[FILTERED]').
           gsub(%r((cryptogram=)[^&]+(&?)), '\1[FILTERED]\2')
       end
 
@@ -149,6 +150,7 @@ module ActiveMerchant #:nodoc:
 
       def add_invoice(post, money, options)
         post[:amount] = amount(money)
+        post[:surcharge] = options[:surcharge] if options[:surcharge]
         post[:orderid] = options[:order_id]
         post[:orderdescription] = options[:description]
         post[:currency] = options[:currency] || currency(money)
@@ -165,7 +167,7 @@ module ActiveMerchant #:nodoc:
         elsif payment_method.is_a?(NetworkTokenizationCreditCard)
           post[:ccnumber] = payment_method.number
           post[:ccexp] = exp_date(payment_method)
-          post[:token_cryptogram] = payment_method.payment_cryptogram
+          add_network_token_fields(post, payment_method)
         elsif card_brand(payment_method) == 'check'
           post[:payment] = 'check'
           post[:firstname] = payment_method.first_name
@@ -186,6 +188,17 @@ module ActiveMerchant #:nodoc:
         end
       end
 
+      def add_network_token_fields(post, payment_method)
+        if payment_method.source == :apple_pay || payment_method.source == :google_pay
+          post[:cavv] = payment_method.payment_cryptogram
+          post[:eci] = payment_method.eci
+          post[:decrypted_applepay_data] = 1
+          post[:decrypted_googlepay_data] = 1
+        else
+          post[:token_cryptogram] = payment_method.payment_cryptogram
+        end
+      end
+
       def add_stored_credential(post, options)
         return unless (stored_credential = options[:stored_credential])
 
@@ -211,7 +224,8 @@ module ActiveMerchant #:nodoc:
         else
           post[:stored_credential_indicator] = 'used'
           # should only send :initial_transaction_id if it is a MIT
-          post[:initial_transaction_id] = stored_credential[:network_transaction_id] if post[:initiated_by] == 'merchant'
+          ntid = options[:network_transaction_id] || stored_credential[:network_transaction_id]
+          post[:initial_transaction_id] = ntid if post[:initiated_by] == 'merchant'
         end
       end
 
@@ -232,6 +246,9 @@ module ActiveMerchant #:nodoc:
         end
 
         if (shipping_address = options[:shipping_address])
+          first_name, last_name = split_names(shipping_address[:name])
+          post[:shipping_firstname] = first_name if first_name
+          post[:shipping_lastname] = last_name if last_name
           post[:shipping_company] = shipping_address[:company]
           post[:shipping_address1] = shipping_address[:address1]
           post[:shipping_address2] = shipping_address[:address2]
@@ -240,6 +257,7 @@ module ActiveMerchant #:nodoc:
           post[:shipping_country] = shipping_address[:country]
           post[:shipping_zip] = shipping_address[:zip]
           post[:shipping_phone] = shipping_address[:phone]
+          post[:shipping_email] = options[:shipping_email] if options[:shipping_email]
         end
 
         if (descriptor = options[:descriptors])
@@ -329,8 +347,7 @@ module ActiveMerchant #:nodoc:
       end
 
       def headers
-        headers = { 'Content-Type' => 'application/x-www-form-urlencoded;charset=UTF-8' }
-        headers
+        { 'Content-Type' => 'application/x-www-form-urlencoded;charset=UTF-8' }
       end
 
       def post_data(action, params)
@@ -342,7 +359,7 @@ module ActiveMerchant #:nodoc:
       end
 
       def parse(body)
-        Hash[CGI::parse(body).map { |k, v| [k.intern, v.first] }]
+        CGI::parse(body).map { |k, v| [k.intern, v.first] }.to_h
       end
 
       def success_from(response)

data/lib/active_merchant/billing/gateways/ogone.rb

@@ -263,7 +263,7 @@ module ActiveMerchant #:nodoc:
       end
 
       def add_payment_source(post, payment_source, options)
-        add_d3d(post, options) if options[:d3d]
+        add_d3d(post, options) if options[:d3d] || three_d_secure(options)
         if payment_source.is_a?(String)
           add_alias(post, payment_source, options[:alias_operation])
           add_eci(post, options[:eci] || '9')
@@ -460,7 +460,7 @@ module ActiveMerchant #:nodoc:
             raise "Unknown signature algorithm #{algorithm}"
           end
 
-        filtered_params = signed_parameters.compact
+        filtered_params = signed_parameters.reject { |_k, v| v.nil? || v == '' }
         sha_encryptor.hexdigest(
           filtered_params.sort_by { |k, _v| k.upcase }.map { |k, v| "#{k.upcase}=#{v}#{secret}" }.join('')
         ).upcase
@@ -494,6 +494,10 @@ module ActiveMerchant #:nodoc:
         end
         response_hash
       end
+
+      def three_d_secure(options)
+        options[:three_d_secure] ? options[:three_d_secure][:required] : false
+      end
     end
 
     class OgoneResponse < Response

data/lib/active_merchant/billing/gateways/openpay.rb

@@ -201,11 +201,13 @@ module ActiveMerchant #:nodoc:
         response = http_request(method, resource, parameters, options)
         success = !error?(response)
 
-        Response.new(success,
+        Response.new(
+          success,
           (success ? response['error_code'] : response['description']),
           response,
           test: test?,
-          authorization: response['id'])
+          authorization: response['id']
+        )
       end
 
       def http_request(method, resource, parameters = {}, options = {})

data/lib/active_merchant/billing/gateways/opp.rb

@@ -125,8 +125,7 @@ module ActiveMerchant #:nodoc:
       def purchase(money, payment, options = {})
         # debit
         options[:registrationId] = payment if payment.is_a?(String)
-        execute_dbpa(options[:risk_workflow] ? 'PA.CP' : 'DB',
-          money, payment, options)
+        execute_dbpa(options[:risk_workflow] ? 'PA.CP' : 'DB', money, payment, options)
       end
 
       def authorize(money, payment, options = {})

data/lib/active_merchant/billing/gateways/optimal_payment.rb

@@ -121,11 +121,15 @@ module ActiveMerchant #:nodoc:
         txnRequest = escape_uri(xml)
         response = parse(ssl_post(test? ? self.test_url : self.live_url, "txnMode=#{action}&txnRequest=#{txnRequest}"))
 
-        Response.new(successful?(response), message_from(response), hash_from_xml(response),
+        Response.new(
+          successful?(response),
+          message_from(response),
+          hash_from_xml(response),
           test: test?,
           authorization: authorization_from(response),
           avs_result: { code: avs_result_from(response) },
-          cvv_result: cvv_result_from(response))
+          cvv_result: cvv_result_from(response)
+        )
       end
 
       # The upstream is picky and so we can't use CGI.escape like we want to

data/lib/active_merchant/billing/gateways/orbital/orbital_soft_descriptors.rb

@@ -33,9 +33,7 @@ module ActiveMerchant #:nodoc:
         errors << [:merchant_phone, 'is required to follow "NNN-NNN-NNNN" or "NNN-AAAAAAA" format'] if !empty?(self.merchant_phone) && !self.merchant_phone.match(PHONE_FORMAT_1) && !self.merchant_phone.match(PHONE_FORMAT_2)
 
         %i[merchant_email merchant_url].each do |attr|
-          unless self.send(attr).blank?
-            errors << [attr, 'is required to be 13 bytes or less'] if self.send(attr).bytesize > 13
-          end
+          errors << [attr, 'is required to be 13 bytes or less'] if !self.send(attr).blank? && (self.send(attr).bytesize > 13)
         end
 
         errors_hash(errors)