activemerchant 1.133.0 → 1.137.0

data/lib/active_merchant/billing/gateways/hi_pay.rb

@@ -0,0 +1,286 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class HiPayGateway < Gateway
+      # to add more check => payment_product_list: https://developer.hipay.com/api-explorer/api-online-payments#/payments/generateHostedPaymentPage
+      PAYMENT_PRODUCT = {
+        'visa' => 'visa',
+        'master' => 'mastercard'
+      }
+
+      DEVICE_CHANEL = {
+        app: 1,
+        browser:  2,
+        three_ds_requestor_initiaded:  3
+      }
+
+      self.test_url = 'https://stage-secure-gateway.hipay-tpp.com/rest'
+      self.live_url = 'https://secure-gateway.hipay-tpp.com/rest'
+
+      self.supported_countries = %w[FR]
+      self.default_currency = 'EUR'
+      self.money_format = :dollars
+      self.supported_cardtypes = %i[visa master american_express]
+
+      self.homepage_url = 'https://hipay.com/'
+      self.display_name = 'HiPay'
+
+      def initialize(options = {})
+        requires!(options, :username, :password)
+        @username = options[:username]
+        @password = options[:password]
+        super
+      end
+
+      def purchase(money, payment_method, options = {})
+        authorize(money, payment_method, options.merge({ operation: 'Sale' }))
+      end
+
+      def authorize(money, payment_method, options = {})
+        MultiResponse.run do |r|
+          if payment_method.is_a?(CreditCard)
+            response = r.process { tokenize(payment_method, options) }
+            card_token = response.params['token']
+          elsif payment_method.is_a?(String)
+            _transaction_ref, card_token, payment_product = payment_method.split('|') if payment_method.split('|').size == 3
+            card_token, payment_product = payment_method.split('|') if payment_method.split('|').size == 2
+          end
+
+          payment_product = payment_method.is_a?(CreditCard) ? PAYMENT_PRODUCT[payment_method.brand] : PAYMENT_PRODUCT[payment_product&.downcase]
+
+          post = {
+            payment_product: payment_product,
+            operation: options[:operation] || 'Authorization',
+            cardtoken: card_token
+          }
+          add_address(post, options)
+          add_product_data(post, options)
+          add_invoice(post, money, options)
+          add_3ds(post, options)
+          r.process { commit('order', post) }
+        end
+      end
+
+      def capture(money, authorization, options)
+        reference_operation(money, authorization, options.merge({ operation: 'capture' }))
+      end
+
+      def store(payment_method, options = {})
+        tokenize(payment_method, options.merge({ multiuse: '1' }))
+      end
+
+      def unstore(authorization, options = {})
+        _transaction_ref, card_token, _payment_product = authorization.split('|') if authorization.split('|').size == 3
+        card_token, _payment_product = authorization.split('|') if authorization.split('|').size == 2
+        commit('unstore', { card_token: card_token }, options, :delete)
+      end
+
+      def refund(money, authorization, options)
+        reference_operation(money, authorization, options.merge({ operation: 'refund' }))
+      end
+
+      def void(authorization, options)
+        reference_operation(nil, authorization, options.merge({ operation: 'cancel' }))
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((Authorization: Basic )[\w =]+), '\1[FILTERED]').
+          gsub(%r((card_number=)\w+), '\1[FILTERED]\2').
+          gsub(%r((cvc=)\w+), '\1[FILTERED]\2')
+      end
+
+      private
+
+      def reference_operation(money, authorization, options)
+        post = {}
+        post[:operation] = options[:operation]
+        post[:currency] = (options[:currency] || currency(money))
+        post[:amount] = amount(money) if options[:operation] == 'refund' || options[:operation] == 'capture'
+        commit(options[:operation], post, { transaction_reference: authorization.split('|').first })
+      end
+
+      def add_product_data(post, options)
+        post[:orderid] = options[:order_id] if options[:order_id]
+        post[:description] = options[:description]
+      end
+
+      def add_invoice(post, money, options)
+        post[:currency] = (options[:currency] || currency(money))
+        post[:amount] = amount(money)
+      end
+
+      def add_credit_card(post, credit_card)
+        post[:card_number] = credit_card.number
+        post[:card_expiry_month] = credit_card.month
+        post[:card_expiry_year] = credit_card.year
+        post[:card_holder] = credit_card.name
+        post[:cvc] = credit_card.verification_value
+      end
+
+      def add_address(post, options)
+        return unless billing_address = options[:billing_address]
+
+        post[:streetaddress] = billing_address[:address1] if billing_address[:address1]
+        post[:streetaddress2] = billing_address[:address2] if billing_address[:address2]
+        post[:city] = billing_address[:city] if billing_address[:city]
+        post[:recipient_info] = billing_address[:company] if billing_address[:company]
+        post[:state] = billing_address[:state] if billing_address[:state]
+        post[:country] = billing_address[:country] if billing_address[:country]
+        post[:zipcode] = billing_address[:zip] if billing_address[:zip]
+        post[:country] = billing_address[:country] if billing_address[:country]
+        post[:phone] = billing_address[:phone] if billing_address[:phone]
+      end
+
+      def tokenize(payment_method, options = {})
+        post = {}
+        add_credit_card(post, payment_method)
+        post[:multi_use] = options[:multiuse] ? '1' : '0'
+        post[:generate_request_id] = '0'
+        commit('store', post, options)
+      end
+
+      def add_3ds(post, options)
+        return unless options.has_key?(:execute_threed)
+
+        browser_info_3ds = options[:three_ds_2][:browser_info]
+
+        browser_info_hash = {
+          java_enabled: browser_info_3ds[:java],
+            javascript_enabled: (browser_info_3ds[:javascript] || false),
+            ipaddr:  options[:ip],
+            http_accept: '*\\/*',
+            http_user_agent: browser_info_3ds[:user_agent],
+            language: browser_info_3ds[:language],
+            color_depth: browser_info_3ds[:depth],
+            screen_height:   browser_info_3ds[:height],
+            screen_width: browser_info_3ds[:width],
+            timezone: browser_info_3ds[:timezone]
+        }
+
+        browser_info_hash['device_fingerprint'] = options[:device_fingerprint] if options[:device_fingerprint]
+        post[:browser_info] = browser_info_hash.to_json
+        post.to_json
+
+        post[:accept_url] = options[:accept_url] if options[:accept_url]
+        post[:decline_url] = options[:decline_url] if options[:decline_url]
+        post[:pending_url] = options[:pending_url] if options[:pending_url]
+        post[:exception_url] = options[:exception_url] if options[:exception_url]
+        post[:cancel_url] = options[:cancel_url] if options[:cancel_url]
+        post[:notify_url] = browser_info_3ds[:notification_url] if browser_info_3ds[:notification_url]
+        post[:authentication_indicator] = DEVICE_CHANEL[options[:three_ds_2][:channel]] || 0
+      end
+
+      def parse(body)
+        return {} if body.blank?
+
+        JSON.parse(body)
+      end
+
+      def commit(action, post, options = {}, method = :post)
+        raw_response = begin
+          ssl_request(method, url(action, options), post_data(post), request_headers)
+        rescue ResponseError => e
+          e.response.body
+        end
+
+        response = parse(raw_response)
+
+        Response.new(
+          success_from(action, response),
+          message_from(action, response),
+          response,
+          authorization: authorization_from(action, response),
+          test: test?,
+          error_code: error_code_from(action, response)
+        )
+      end
+
+      def error_code_from(action, response)
+        (response['code'] || response.dig('reason', 'code')).to_s unless success_from(action, response)
+      end
+
+      def success_from(action, response)
+        case action
+        when 'order'
+          response['state'] == 'completed' || (response['state'] == 'forwarding' && response['status'] == '140')
+        when 'capture'
+          response['status'] == '118' && response['message'] == 'Captured'
+        when 'refund'
+          response['status'] == '124' && response['message'] == 'Refund Requested'
+        when 'cancel'
+          response['status'] == '175' && response['message'] == 'Authorization Cancellation requested'
+        when 'store'
+          response.include? 'token'
+        when 'unstore'
+          response['code'] == '204'
+        else
+          false
+        end
+      end
+
+      def message_from(action, response)
+        response['message']
+      end
+
+      def authorization_from(action, response)
+        authorization_string(response['transactionReference'], response['token'], response['brand'])
+      end
+
+      def authorization_string(*args)
+        args.flatten.compact.reject(&:empty?).join('|')
+      end
+
+      def post_data(params)
+        params.map { |k, v| "#{k}=#{CGI.escape(v.to_s)}" }.join('&')
+      end
+
+      def url(action, options = {})
+        case action
+        when 'store'
+          "#{token_url}/create"
+        when 'unstore'
+          token_url
+        when 'capture', 'refund', 'cancel'
+          endpoint = "maintenance/transaction/#{options[:transaction_reference]}"
+          base_url(endpoint)
+        else
+          base_url(action)
+        end
+      end
+
+      def base_url(endpoint)
+        "#{test? ? test_url : live_url}/v1/#{endpoint}"
+      end
+
+      def token_url
+        "https://#{'stage-' if test?}secure2-vault.hipay-tpp.com/rest/v2/token"
+      end
+
+      def basic_auth
+        Base64.strict_encode64("#{@username}:#{@password}")
+      end
+
+      def request_headers
+        {
+          'Accept' => 'application/json',
+          'Content-Type' => 'application/x-www-form-urlencoded',
+          'Authorization' => "Basic #{basic_auth}"
+        }
+      end
+
+      def handle_response(response)
+        case response.code.to_i
+        # to get the response code after unstore(delete instrument), because the body is nil
+        when 200...300
+          response.body || { code: response.code }.to_json
+        else
+          raise ResponseError.new(response)
+        end
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/hps.rb

@@ -330,7 +330,7 @@ module ActiveMerchant #:nodoc:
         } do
           xml.SOAP :Body do
             xml.hps :PosRequest do
-              xml.hps 'Ver1.0'.to_sym do
+              xml.hps :"Ver1.0" do
                 xml.hps :Header do
                   xml.hps :SecretAPIKey, @options[:secret_api_key]
                   xml.hps :DeveloperID, @options[:developer_id] if @options[:developer_id]

data/lib/active_merchant/billing/gateways/iats_payments.rb

@@ -185,8 +185,13 @@ module ActiveMerchant #:nodoc:
       end
 
       def commit(action, parameters)
-        response = parse(ssl_post(url(action), post_data(action, parameters),
-          { 'Content-Type' => 'application/soap+xml; charset=utf-8' }))
+        response = parse(
+          ssl_post(
+            url(action),
+            post_data(action, parameters),
+            { 'Content-Type' => 'application/soap+xml; charset=utf-8' }
+          )
+        )
 
         Response.new(
           success_from(response),

data/lib/active_merchant/billing/gateways/inspire.rb

@@ -172,11 +172,14 @@ module ActiveMerchant #:nodoc:
 
         response = parse(ssl_post(self.live_url, post_data(action, parameters)))
 
-        Response.new(response['response'] == '1', message_from(response), response,
+        Response.new(
+          response['response'] == '1',
+          message_from(response), response,
           authorization: response['transactionid'],
           test: test?,
           cvv_result: response['cvvresponse'],
-          avs_result: { code: response['avsresponse'] })
+          avs_result: { code: response['avsresponse'] }
+        )
       end
 
       def message_from(response)
@@ -196,8 +199,7 @@ module ActiveMerchant #:nodoc:
         post[:password]   = @options[:password]
         post[:type]       = action if action
 
-        request = post.merge(parameters).map { |key, value| "#{key}=#{CGI.escape(value.to_s)}" }.join('&')
-        request
+        post.merge(parameters).map { |key, value| "#{key}=#{CGI.escape(value.to_s)}" }.join('&')
       end
 
       def determine_funding_source(source)

data/lib/active_merchant/billing/gateways/instapay.rb

@@ -140,10 +140,14 @@ module ActiveMerchant #:nodoc:
         data = ssl_post self.live_url, post_data(action, parameters)
         response = parse(data)
 
-        Response.new(response[:success], response[:message], response,
+        Response.new(
+          response[:success],
+          response[:message],
+          response,
           authorization: response[:transaction_id],
           avs_result: { code: response[:avs_result] },
-          cvv_result: response[:cvv_result])
+          cvv_result: response[:cvv_result]
+        )
       end
 
       def post_data(action, parameters = {})
@@ -151,8 +155,7 @@ module ActiveMerchant #:nodoc:
         post[:acctid] = @options[:login]
         post[:merchantpin] = @options[:password] if @options[:password]
         post[:action] = action
-        request = post.merge(parameters).collect { |key, value| "#{key}=#{CGI.escape(value.to_s)}" }.join('&')
-        request
+        post.merge(parameters).collect { |key, value| "#{key}=#{CGI.escape(value.to_s)}" }.join('&')
       end
     end
   end

data/lib/active_merchant/billing/gateways/ipg.rb

@@ -18,7 +18,7 @@ module ActiveMerchant #:nodoc:
       ACTION_REQUEST_ITEMS = %w(vault unstore)
 
       def initialize(options = {})
-        requires!(options, :store_id, :user_id, :password, :pem, :pem_password)
+        requires!(options, :user_id, :password, :pem, :pem_password)
         @credentials = options
         @hosted_data_id = nil
         super
@@ -86,8 +86,7 @@ module ActiveMerchant #:nodoc:
         transcript.
           gsub(%r((Authorization: Basic )\w+), '\1[FILTERED]').
           gsub(%r((<v1:CardNumber>).+(</v1:CardNumber>)), '\1[FILTERED]\2').
-          gsub(%r((<v1:CardCodeValue>).+(</v1:CardCodeValue>)), '\1[FILTERED]\2').
-          gsub(%r((<v1:StoreId>).+(</v1:StoreId>)), '\1[FILTERED]\2')
+          gsub(%r((<v1:CardCodeValue>).+(</v1:CardCodeValue>)), '\1[FILTERED]\2')
       end
 
       private
@@ -273,7 +272,7 @@ module ActiveMerchant #:nodoc:
           xml.tag!('v1:SubTotal', options[:sub_total]) if options[:sub_total]
           xml.tag!('v1:ValueAddedTax', options[:value_added_tax]) if options[:value_added_tax]
           xml.tag!('v1:DeliveryAmount', options[:delivery_amount]) if options[:delivery_amount]
-          xml.tag!('v1:ChargeTotal', money)
+          xml.tag!('v1:ChargeTotal', amount(money))
           xml.tag!('v1:Currency', CURRENCY_CODES[options[:currency]])
           xml.tag!('v1:numberOfInstallments', options[:number_of_installments]) if options[:number_of_installments]
         end
@@ -317,7 +316,10 @@ module ActiveMerchant #:nodoc:
       end
 
       def encoded_credentials
-        Base64.encode64("WS#{@credentials[:store_id]}._.#{@credentials[:user_id]}:#{@credentials[:password]}").delete("\n")
+        # We remove 'WS' and add it back on the next line because the ipg docs are a little confusing.
+        # Some merchants will likely add it to their user_id and others won't.
+        user_id = @credentials[:user_id].sub(/^WS/, '')
+        Base64.encode64("WS#{user_id}:#{@credentials[:password]}").delete("\n")
       end
 
       def envelope_namespaces
@@ -344,6 +346,8 @@ module ActiveMerchant #:nodoc:
       end
 
       def override_store_id(options)
+        raise ArgumentError, 'store_id must be provieded' if @credentials[:store_id].blank? && options[:store_id].blank?
+
         @credentials[:store_id] = options[:store_id] if options[:store_id].present?
       end
 

data/lib/active_merchant/billing/gateways/iridium.rb

@@ -376,22 +376,32 @@ module ActiveMerchant #:nodoc:
 
       def commit(request, options)
         requires!(options, :action)
-        response = parse(ssl_post(test? ? self.test_url : self.live_url, request,
-          { 'SOAPAction' => 'https://www.thepaymentgateway.net/' + options[:action],
-           'Content-Type' => 'text/xml; charset=utf-8' }))
+        response = parse(
+          ssl_post(
+            test? ? self.test_url : self.live_url, request,
+            {
+              'SOAPAction' => 'https://www.thepaymentgateway.net/' + options[:action],
+              'Content-Type' => 'text/xml; charset=utf-8'
+            }
+          )
+        )
 
         success = response[:transaction_result][:status_code] == '0'
         message = response[:transaction_result][:message]
         authorization = success ? [options[:order_id], response[:transaction_output_data][:cross_reference], response[:transaction_output_data][:auth_code]].compact.join(';') : nil
 
-        Response.new(success, message, response,
+        Response.new(
+          success,
+          message,
+          response,
           test: test?,
           authorization: authorization,
           avs_result: {
             street_match: AVS_CODE[ response[:transaction_output_data][:address_numeric_check_result] ],
             postal_match: AVS_CODE[ response[:transaction_output_data][:post_code_check_result] ]
           },
-          cvv_result: CVV_CODE[ response[:transaction_output_data][:cv2_check_result] ])
+          cvv_result: CVV_CODE[ response[:transaction_output_data][:cv2_check_result] ]
+        )
       end
 
       def parse(xml)

data/lib/active_merchant/billing/gateways/itransact.rb

@@ -387,11 +387,15 @@ module ActiveMerchant #:nodoc:
         # the Base64 encoded payload signature!
         response = parse(ssl_post(self.live_url, post_data(payload), 'Content-Type' => 'text/xml'))
 
-        Response.new(successful?(response), response[:error_message], response,
+        Response.new(
+          successful?(response),
+          response[:error_message],
+          response,
           test: test?,
           authorization: response[:xid],
           avs_result: { code: response[:avs_response] },
-          cvv_result: response[:cvv_response])
+          cvv_result: response[:cvv_response]
+        )
       end
 
       def post_data(payload)

data/lib/active_merchant/billing/gateways/iveri.rb

@@ -218,10 +218,10 @@ module ActiveMerchant #:nodoc:
           end
         end
 
-        if !node.elements.empty?
-          node.elements.each { |e| parse_element(parsed, e) }
-        else
+        if node.elements.empty?
           parsed[underscore(node.name)] = node.text
+        else
+          node.elements.each { |e| parse_element(parsed, e) }
         end
       end
 

data/lib/active_merchant/billing/gateways/ixopay.rb

@@ -286,8 +286,8 @@ module ActiveMerchant #:nodoc:
         response =
           begin
             parse(ssl_post(url, request, headers(request)))
-          rescue StandardError => error
-            parse(error.response.body)
+          rescue StandardError => e
+            parse(e.response.body)
           end
 
         Response.new(

data/lib/active_merchant/billing/gateways/jetpay.rb

@@ -284,13 +284,15 @@ module ActiveMerchant #:nodoc:
         response = parse(ssl_post(url, request))
 
         success = success?(response)
-        Response.new(success,
+        Response.new(
+          success,
           success ? 'APPROVED' : message_from(response),
           response,
           test: test?,
           authorization: authorization_from(response, money, token),
           avs_result: { code: response[:avs] },
-          cvv_result: response[:cvv2])
+          cvv_result: response[:cvv2]
+        )
       end
 
       def url

data/lib/active_merchant/billing/gateways/jetpay_v2.rb

@@ -295,14 +295,16 @@ module ActiveMerchant #:nodoc:
         response = parse(ssl_post(url, request))
 
         success = success?(response)
-        Response.new(success,
+        Response.new(
+          success,
           success ? 'APPROVED' : message_from(response),
           response,
           test: test?,
           authorization: authorization_from(response, money, token),
           avs_result: AVSResult.new(code: response[:avs]),
           cvv_result: CVVResult.new(response[:cvv2]),
-          error_code: success ? nil : error_code_from(response))
+          error_code: success ? nil : error_code_from(response)
+        )
       end
 
       def url