RubyGems - activemerchant - Versions diffs - 1.133.0 → 1.137.0 - Mend

activemerchant 1.133.0 → 1.137.0

Files changed (183) hide show

data/lib/active_merchant/billing/gateways/cecabank.rb CHANGED Viewed

@@ -1,248 +1,15 @@
+require 'active_merchant/billing/gateways/cecabank/cecabank_xml'
+require 'active_merchant/billing/gateways/cecabank/cecabank_json'
 module ActiveMerchant #:nodoc:
   module Billing #:nodoc:
     class CecabankGateway < Gateway
-      self.test_url = 'https://tpv.ceca.es'
-      self.live_url = 'https://pgw.ceca.es'
-      self.supported_countries = ['ES']
-      self.supported_cardtypes = %i[visa master american_express]
-      self.homepage_url = 'http://www.ceca.es/es/'
-      self.display_name = 'Cecabank'
-      self.default_currency = 'EUR'
-      self.money_format = :cents
-      #### CECA's MAGIC NUMBERS
-      CECA_NOTIFICATIONS_URL = 'NONE'
-      CECA_ENCRIPTION = 'SHA2'
-      CECA_DECIMALS = '2'
-      CECA_MODE = 'SSL'
-      CECA_UI_LESS_LANGUAGE = 'XML'
-      CECA_UI_LESS_LANGUAGE_REFUND = '1'
-      CECA_UI_LESS_REFUND_PAGE = 'anulacion_xml'
-      CECA_ACTION_REFUND   = 'anulaciones/anularParcial' # use partial refund's URL to avoid time frame limitations and decision logic on client side
-      CECA_ACTION_PURCHASE = 'tpv/compra'
-      CECA_CURRENCIES_DICTIONARY = { 'EUR' => 978, 'USD' => 840, 'GBP' => 826 }
-      # Creates a new CecabankGateway
-      #
-      # The gateway requires four values for connection to be passed
-      # in the +options+ hash.
-      #
-      # ==== Options
-      #
-      # * <tt>:merchant_id</tt>  -- Cecabank's merchant_id (REQUIRED)
-      # * <tt>:acquirer_bin</tt> -- Cecabank's acquirer_bin (REQUIRED)
-      # * <tt>:terminal_id</tt>  -- Cecabank's terminal_id (REQUIRED)
-      # * <tt>:key</tt>          -- Cecabank's cypher key (REQUIRED)
-      # * <tt>:test</tt> -- +true+ or +false+. If true, perform transactions against the test server.
-      #   Otherwise, perform transactions against the production server.
-      def initialize(options = {})
-        requires!(options, :merchant_id, :acquirer_bin, :terminal_id, :key)
-        super
-      end
-      # Perform a purchase, which is essentially an authorization and capture in a single operation.
-      #
-      # ==== Parameters
-      #
-      # * <tt>money</tt> -- The amount to be purchased as an Integer value in cents.
-      # * <tt>creditcard</tt> -- The CreditCard details for the transaction.
-      # * <tt>options</tt> -- A hash of optional parameters.
-      #
-      # ==== Options
-      #
-      # * <tt>:order_id</tt>    -- order_id passed used purchase. (REQUIRED)
-      # * <tt>:currency</tt>    -- currency. Supported: EUR, USD, GBP.
-      # * <tt>:description</tt> -- description to be pased to the gateway.
-      def purchase(money, creditcard, options = {})
-        requires!(options, :order_id)
-        post = { 'Descripcion' => options[:description],
-                'Num_operacion' => options[:order_id],
-                'Idioma' => CECA_UI_LESS_LANGUAGE,
-                'Pago_soportado' => CECA_MODE,
-                'URL_OK' => CECA_NOTIFICATIONS_URL,
-                'URL_NOK' => CECA_NOTIFICATIONS_URL,
-                'Importe' => amount(money),
-                'TipoMoneda' => CECA_CURRENCIES_DICTIONARY[options[:currency] || currency(money)] }
-        add_creditcard(post, creditcard)
-        commit(CECA_ACTION_PURCHASE, post)
-      end
-      # Refund a transaction.
-      #
-      # This transaction indicates to the gateway that
-      # money should flow from the merchant to the customer.
-      #
-      # ==== Parameters
-      #
-      # * <tt>money</tt> -- The amount to be credited to the customer as an Integer value in cents.
-      # * <tt>identification</tt> -- The reference given from the gateway on purchase (reference, not operation).
-      # * <tt>options</tt> -- A hash of parameters.
-      def refund(money, identification, options = {})
-        reference, order_id = split_authorization(identification)
-        post = { 'Referencia' => reference,
-                'Num_operacion' => order_id,
-                'Idioma' => CECA_UI_LESS_LANGUAGE_REFUND,
-                'Pagina' => CECA_UI_LESS_REFUND_PAGE,
-                'Importe' => amount(money),
-                'TipoMoneda' => CECA_CURRENCIES_DICTIONARY[options[:currency] || currency(money)] }
-        commit(CECA_ACTION_REFUND, post)
-      end
-      def supports_scrubbing
-        true
-      end
-      def scrub(transcript)
-        transcript.
-          gsub(%r((Authorization: Basic )\w+), '\1[FILTERED]').
-          gsub(%r((&?pan=)[^&]*)i, '\1[FILTERED]').
-          gsub(%r((&?cvv2=)[^&]*)i, '\1[FILTERED]')
-      end
-      private
-      def add_creditcard(post, creditcard)
-        post['PAN'] = creditcard.number
-        post['Caducidad'] = expdate(creditcard)
-        post['CVV2'] = creditcard.verification_value
-        post['Pago_elegido'] = CECA_MODE
-      end
+      self.abstract_class = true
-      def expdate(creditcard)
-        "#{format(creditcard.year, :four_digits)}#{format(creditcard.month, :two_digits)}"
-      end
-      def parse(body)
-        response = {}
-        root = REXML::Document.new(body).root
-        response[:success] = (root.attributes['valor'] == 'OK')
-        response[:date] = root.attributes['fecha']
-        response[:operation_number] = root.attributes['numeroOperacion']
-        response[:message] = root.attributes['valor']
-        if root.elements['OPERACION']
-          response[:operation_type] = root.elements['OPERACION'].attributes['tipo']
-          response[:amount] = root.elements['OPERACION/importe'].text.strip
-        end
-        response[:description] = root.elements['OPERACION/descripcion'].text if root.elements['OPERACION/descripcion']
-        response[:authorization_number] = root.elements['OPERACION/numeroAutorizacion'].text if root.elements['OPERACION/numeroAutorizacion']
-        response[:reference] = root.elements['OPERACION/referencia'].text if root.elements['OPERACION/referencia']
-        response[:pan] = root.elements['OPERACION/pan'].text if root.elements['OPERACION/pan']
-        if root.elements['ERROR']
-          response[:error_code] = root.elements['ERROR/codigo'].text
-          response[:error_message] = root.elements['ERROR/descripcion'].text
-        else
-          if root.elements['OPERACION'].attributes['numeroOperacion'] == '000'
-            response[:authorization] = root.elements['OPERACION/numeroAutorizacion'].text if root.elements['OPERACION/numeroAutorizacion']
-          else
-            response[:authorization] = root.attributes['numeroOperacion']
-          end
-        end
-        return response
-      rescue REXML::ParseException => e
-        response[:success] = false
-        response[:message] = 'Unable to parse the response.'
-        response[:error_message] = e.message
-        response
-      end
-      def commit(action, parameters)
-        parameters.merge!(
-          'Cifrado' => CECA_ENCRIPTION,
-          'Firma' => generate_signature(action, parameters),
-          'Exponente' => CECA_DECIMALS,
-          'MerchantID' => options[:merchant_id],
-          'AcquirerBIN' => options[:acquirer_bin],
-          'TerminalID' => options[:terminal_id]
-        )
-        url = (test? ? self.test_url : self.live_url) + "/tpvweb/#{action}.action"
-        xml = ssl_post("#{url}?", post_data(parameters))
-        response = parse(xml)
-        Response.new(
-          response[:success],
-          message_from(response),
-          response,
-          test: test?,
-          authorization: build_authorization(response),
-          error_code: response[:error_code]
-        )
-      end
-      def message_from(response)
-        if response[:message] == 'ERROR' && response[:error_message]
-          response[:error_message]
-        elsif response[:error_message]
-          "#{response[:message]} #{response[:error_message]}"
-        else
-          response[:message]
-        end
-      end
-      def post_data(params)
-        return nil unless params
-        params.map do |key, value|
-          next if value.blank?
-          if value.is_a?(Hash)
-            h = {}
-            value.each do |k, v|
-              h["#{key}.#{k}"] = v unless v.blank?
-            end
-            post_data(h)
-          else
-            "#{key}=#{CGI.escape(value.to_s)}"
-          end
-        end.compact.join('&')
-      end
-      def build_authorization(response)
-        [response[:reference], response[:authorization]].join('|')
-      end
-      def split_authorization(authorization)
-        authorization.split('|')
-      end
+      def self.new(options = {})
+        return CecabankJsonGateway.new(options) if options[:is_rest_json]
-      def generate_signature(action, parameters)
-        signature_fields =
-          case action
-          when CECA_ACTION_REFUND
-            options[:key].to_s +
-            options[:merchant_id].to_s +
-            options[:acquirer_bin].to_s +
-            options[:terminal_id].to_s +
-            parameters['Num_operacion'].to_s +
-            parameters['Importe'].to_s +
-            parameters['TipoMoneda'].to_s +
-            CECA_DECIMALS +
-            parameters['Referencia'].to_s +
-            CECA_ENCRIPTION
-          else
-            options[:key].to_s +
-            options[:merchant_id].to_s +
-            options[:acquirer_bin].to_s +
-            options[:terminal_id].to_s +
-            parameters['Num_operacion'].to_s +
-            parameters['Importe'].to_s +
-            parameters['TipoMoneda'].to_s +
-            CECA_DECIMALS +
-            CECA_ENCRIPTION +
-            CECA_NOTIFICATIONS_URL +
-            CECA_NOTIFICATIONS_URL
-          end
-        Digest::SHA2.hexdigest(signature_fields)
+        CecabankXmlGateway.new(options)
       end
     end
   end

data/lib/active_merchant/billing/gateways/checkout_v2.rb CHANGED Viewed

@@ -17,15 +17,7 @@ module ActiveMerchant #:nodoc:
       TEST_ACCESS_TOKEN_URL = 'https://access.sandbox.checkout.com/connect/token'
       def initialize(options = {})
-        @options = options
-        @access_token = nil
-        if options.has_key?(:secret_key)
-          requires!(options, :secret_key)
-        else
-          requires!(options, :client_id, :client_secret)
-          @access_token = setup_access_token
-        end
+        options.has_key?(:secret_key) ? requires!(options, :secret_key) : requires!(options, :client_id, :client_secret)
         super
       end
@@ -41,6 +33,7 @@ module ActiveMerchant #:nodoc:
         post = {}
         post[:capture] = false
         build_auth_or_purchase(post, amount, payment_method, options)
         options[:incremental_authorization] ? commit(:incremental_authorize, post, options, options[:incremental_authorization]) : commit(:authorize, post, options)
       end
@@ -57,12 +50,13 @@ module ActiveMerchant #:nodoc:
       def credit(amount, payment, options = {})
         post = {}
-        post[:instruction] = {}
-        post[:instruction][:funds_transfer_type] = options[:funds_transfer_type] || 'FD'
         add_processing_channel(post, options)
         add_invoice(post, amount, options)
         add_payment_method(post, payment, options, :destination)
         add_source(post, options)
+        add_instruction_data(post, options)
+        add_payout_sender_data(post, options)
+        add_payout_destination_data(post, options)
         commit(:credit, post, options)
       end
@@ -87,7 +81,7 @@ module ActiveMerchant #:nodoc:
         authorize(0, credit_card, options)
       end
-      def verify_payment(authorization, option = {})
+      def verify_payment(authorization, options = {})
         commit(:verify_payment, nil, options, authorization, :get)
       end
@@ -102,7 +96,8 @@ module ActiveMerchant #:nodoc:
           gsub(/("cvv\\":\\")\d+/, '\1[FILTERED]').
           gsub(/("cryptogram\\":\\")\w+/, '\1[FILTERED]').
           gsub(/(source\\":\{.*\\"token\\":\\")\d+/, '\1[FILTERED]').
-          gsub(/("token\\":\\")\w+/, '\1[FILTERED]')
+          gsub(/("token\\":\\")\w+/, '\1[FILTERED]').
+          gsub(/("access_token\\?"\s*:\s*\\?")[^"]*\w+/, '\1[FILTERED]')
       end
       def store(payment_method, options = {})
@@ -147,6 +142,11 @@ module ActiveMerchant #:nodoc:
         add_metadata(post, options, payment_method)
         add_processing_channel(post, options)
         add_marketplace_data(post, options)
+        add_recipient_data(post, options)
+        add_processing_data(post, options)
+        add_payment_sender_data(post, options)
+        add_risk_data(post, options)
+        truncate_amex_reference_id(post, options, payment_method)
       end
       def add_invoice(post, money, options)
@@ -162,6 +162,90 @@ module ActiveMerchant #:nodoc:
         post[:metadata][:udf5] = application_id || 'ActiveMerchant'
       end
+      def truncate_amex_reference_id(post, options, payment_method)
+        post[:reference] = truncate(options[:order_id], 30) if payment_method.respond_to?(:brand) && payment_method.brand == 'american_express'
+      end
+      def add_recipient_data(post, options)
+        return unless options[:recipient].is_a?(Hash)
+        recipient = options[:recipient]
+        post[:recipient] = {}
+        post[:recipient][:dob] = recipient[:dob] if recipient[:dob]
+        post[:recipient][:zip] = recipient[:zip] if recipient[:zip]
+        post[:recipient][:account_number] = recipient[:account_number] if recipient[:account_number]
+        post[:recipient][:first_name] = recipient[:first_name] if recipient[:first_name]
+        post[:recipient][:last_name] = recipient[:last_name] if recipient[:last_name]
+        if address = recipient[:address]
+          address1 = address[:address1] || address[:address_line1]
+          address2 = address[:address2] || address[:address_line2]
+          post[:recipient][:address] = {}
+          post[:recipient][:address][:address_line1] = address1 if address1
+          post[:recipient][:address][:address_line2] = address2 if address2
+          post[:recipient][:address][:city] = address[:city] if address[:city]
+          post[:recipient][:address][:state] = address[:state] if address[:state]
+          post[:recipient][:address][:zip] = address[:zip] if address[:zip]
+          post[:recipient][:address][:country] = address[:country] if address[:country]
+        end
+      end
+      def add_processing_data(post, options)
+        return unless options[:processing].is_a?(Hash)
+        post[:processing] = options[:processing]
+      end
+      def add_risk_data(post, options)
+        return unless options[:risk].is_a?(Hash)
+        risk = options[:risk]
+        post[:risk] = {} unless risk.empty?
+        if risk[:enabled].to_s == 'true'
+          post[:risk][:enabled] = true
+          post[:risk][:device_session_id] = risk[:device_session_id] if risk[:device_session_id]
+        elsif risk[:enabled].to_s == 'false'
+          post[:risk][:enabled] = false
+        end
+      end
+      def add_payment_sender_data(post, options)
+        return unless options[:sender].is_a?(Hash)
+        sender = options[:sender]
+        post[:sender] = {}
+        post[:sender][:type] = sender[:type] if sender[:type]
+        post[:sender][:first_name] = sender[:first_name] if sender[:first_name]
+        post[:sender][:last_name] = sender[:last_name] if sender[:last_name]
+        post[:sender][:dob] = sender[:dob] if sender[:dob]
+        post[:sender][:reference] = sender[:reference] if sender[:reference]
+        post[:sender][:company_name] = sender[:company_name] if sender[:company_name]
+        if address = sender[:address]
+          address1 = address[:address1] || address[:address_line1]
+          address2 = address[:address2] || address[:address_line2]
+          post[:sender][:address] = {}
+          post[:sender][:address][:address_line1] = address1 if address1
+          post[:sender][:address][:address_line2] = address2 if address2
+          post[:sender][:address][:city] = address[:city] if address[:city]
+          post[:sender][:address][:state] = address[:state] if address[:state]
+          post[:sender][:address][:zip] = address[:zip] if address[:zip]
+          post[:sender][:address][:country] = address[:country] if address[:country]
+        end
+        if identification = sender[:identification]
+          post[:sender][:identification] = {}
+          post[:sender][:identification][:type] = identification[:type] if identification[:type]
+          post[:sender][:identification][:number] = identification[:number] if identification[:number]
+          post[:sender][:identification][:issuing_country] = identification[:issuing_country] if identification[:issuing_country]
+        end
+      end
       def add_authorization_type(post, options)
         post[:authorization_type] = options[:authorization_type] if options[:authorization_type]
       end
@@ -173,6 +257,7 @@ module ActiveMerchant #:nodoc:
       end
       def add_payment_method(post, payment_method, options, key = :source)
+        # the key = :destination when this method is called in def credit
         post[key] = {}
         case payment_method
         when NetworkTokenizationCreditCard
@@ -190,13 +275,23 @@ module ActiveMerchant #:nodoc:
           post[key][:type] = 'card'
           post[key][:name] = payment_method.name
           post[key][:number] = payment_method.number
-          post[key][:cvv] = payment_method.verification_value
+          post[key][:cvv] = payment_method.verification_value unless options[:funds_transfer_type]
           post[key][:stored] = 'true' if options[:card_on_file] == true
+          # because of the way the key = is implemented in the method signature, some of the destination
+          # data will be added here, some in the destination specific method below.
+          # at first i was going to move this, but since this data is coming from the payment method
+          # i think it makes sense to leave it
           if options[:account_holder_type]
             post[key][:account_holder] = {}
             post[key][:account_holder][:type] = options[:account_holder_type]
-            post[key][:account_holder][:first_name] = payment_method.first_name if payment_method.first_name
-            post[key][:account_holder][:last_name] = payment_method.last_name if payment_method.last_name
+            if options[:account_holder_type] == 'corporate' || options[:account_holder_type] == 'government'
+              post[key][:account_holder][:company_name] = payment_method.name if payment_method.respond_to?(:name)
+            else
+              post[key][:account_holder][:first_name] = payment_method.first_name if payment_method.first_name
+              post[key][:account_holder][:last_name] = payment_method.last_name if payment_method.last_name
+            end
           else
             post[key][:first_name] = payment_method.first_name if payment_method.first_name
             post[key][:last_name] = payment_method.last_name if payment_method.last_name
@@ -276,7 +371,7 @@ module ActiveMerchant #:nodoc:
       end
       def add_stored_credentials_using_normalized_fields(post, options)
-        if options[:stored_credential][:initial_transaction] == true
+        if options[:stored_credential][:initiator] == 'cardholder'
           post[:merchant_initiated] = false
         else
           post[:source][:stored] = true
@@ -321,6 +416,82 @@ module ActiveMerchant #:nodoc:
         post[:processing_channel_id] = options[:processing_channel_id] if options[:processing_channel_id]
       end
+      def add_instruction_data(post, options)
+        post[:instruction] = {}
+        post[:instruction][:funds_transfer_type] = options[:funds_transfer_type] || 'FD'
+        post[:instruction][:purpose] = options[:instruction_purpose] if options[:instruction_purpose]
+      end
+      def add_payout_sender_data(post, options)
+        return unless options[:payout] == true
+        post[:sender] = {
+          # options for type are individual, corporate, or government
+          type: options[:sender][:type],
+          # first and last name required if sent by type: individual
+          first_name: options[:sender][:first_name],
+          middle_name: options[:sender][:middle_name],
+          last_name: options[:sender][:last_name],
+          # company name required if sent by type: corporate or government
+          company_name: options[:sender][:company_name],
+          # these are required fields for payout, may not work if address is blank or different than cardholder(option for sender to be a company or government).
+          # may need to still include in GSF hash.
+          address: {
+            address_line1: options.dig(:sender, :address, :address1),
+            address_line2: options.dig(:sender, :address, :address2),
+            city: options.dig(:sender, :address, :city),
+            state: options.dig(:sender, :address, :state),
+            country: options.dig(:sender, :address, :country),
+            zip: options.dig(:sender, :address, :zip)
+          }.compact,
+          reference: options[:sender][:reference],
+          reference_type: options[:sender][:reference_type],
+          source_of_funds: options[:sender][:source_of_funds],
+          # identification object is conditional. required when card metadata issuer_country = AR, BR, CO, or PR
+          # checkout docs say PR (Peru), but PR is puerto rico and PE is Peru so yikes
+          identification: {
+            type: options.dig(:sender, :identification, :type),
+            number: options.dig(:sender, :identification, :number),
+            issuing_country: options.dig(:sender, :identification, :issuing_country),
+            date_of_expiry: options.dig(:sender, :identification, :date_of_expiry)
+          }.compact,
+          date_of_birth: options[:sender][:date_of_birth],
+          country_of_birth: options[:sender][:country_of_birth],
+          nationality: options[:sender][:nationality]
+        }.compact
+      end
+      def add_payout_destination_data(post, options)
+        return unless options[:payout] == true
+        post[:destination] ||= {}
+        post[:destination][:account_holder] ||= {}
+        post[:destination][:account_holder][:email] = options[:destination][:account_holder][:email] if options[:destination][:account_holder][:email]
+        post[:destination][:account_holder][:date_of_birth] = options[:destination][:account_holder][:date_of_birth] if options[:destination][:account_holder][:date_of_birth]
+        post[:destination][:account_holder][:country_of_birth] = options[:destination][:account_holder][:country_of_birth] if options[:destination][:account_holder][:country_of_birth]
+        # below fields only required during a card to card payout
+        post[:destination][:account_holder][:phone] = {}
+        post[:destination][:account_holder][:phone][:country_code] = options.dig(:destination, :account_holder, :phone, :country_code) if options.dig(:destination, :account_holder, :phone, :country_code)
+        post[:destination][:account_holder][:phone][:number] = options.dig(:destination, :account_holder, :phone, :number) if options.dig(:destination, :account_holder, :phone, :number)
+        post[:destination][:account_holder][:identification] = {}
+        post[:destination][:account_holder][:identification][:type] = options.dig(:destination, :account_holder, :identification, :type) if options.dig(:destination, :account_holder, :identification, :type)
+        post[:destination][:account_holder][:identification][:number] = options.dig(:destination, :account_holder, :identification, :number) if options.dig(:destination, :account_holder, :identification, :number)
+        post[:destination][:account_holder][:identification][:issuing_country] = options.dig(:destination, :account_holder, :identification, :issuing_country) if options.dig(:destination, :account_holder, :identification, :issuing_country)
+        post[:destination][:account_holder][:identification][:date_of_expiry] = options.dig(:destination, :account_holder, :identification, :date_of_expiry) if options.dig(:destination, :account_holder, :identification, :date_of_expiry)
+        if address = options[:billing_address] || options[:address] # destination address will come from the tokenized card billing address
+          post[:destination][:account_holder][:billing_address] = {}
+          post[:destination][:account_holder][:billing_address][:address_line1] = address[:address1] unless address[:address1].blank?
+          post[:destination][:account_holder][:billing_address][:address_line2] = address[:address2] unless address[:address2].blank?
+          post[:destination][:account_holder][:billing_address][:city] = address[:city] unless address[:city].blank?
+          post[:destination][:account_holder][:billing_address][:state] = address[:state] unless address[:state].blank?
+          post[:destination][:account_holder][:billing_address][:country] = address[:country] unless address[:country].blank?
+          post[:destination][:account_holder][:billing_address][:zip] = address[:zip] unless address[:zip].blank?
+        end
+      end
       def add_marketplace_data(post, options)
         if options[:marketplace]
           post[:marketplace] = {}
@@ -339,19 +510,43 @@ module ActiveMerchant #:nodoc:
         test? ? TEST_ACCESS_TOKEN_URL : LIVE_ACCESS_TOKEN_URL
       end
+      def expires_date_with_extra_range(expires_in)
+        # Two minutes are subtracted from the expires_in time to generate the expires date
+        # in order to prevent any transaction from failing due to using an access_token
+        # that is very close to expiring.
+        # e.g. the access_token has one second left to expire and the lag when the transaction
+        # use an already expired access_token
+        (DateTime.now + (expires_in - 120).seconds).strftime('%Q').to_i
+      end
       def setup_access_token
-        request = 'grant_type=client_credentials'
-        response = parse(ssl_post(access_token_url, request, access_token_header))
-        response['access_token']
+        response = parse(ssl_post(access_token_url, 'grant_type=client_credentials', access_token_header))
+        @options[:access_token] = response['access_token']
+        @options[:expires] = expires_date_with_extra_range(response['expires_in']) if response['expires_in'] && response['expires_in'] > 0
+        Response.new(
+          access_token_valid?,
+          message_from(access_token_valid?, response, {}),
+          response.merge({ expires: @options[:expires] }),
+          test: test?,
+          error_code: error_code_from(access_token_valid?, response, {})
+        )
+      rescue ResponseError => e
+        raise OAuthResponseError.new(e)
       end
-      def commit(action, post, options, authorization = nil, method = :post)
+      def access_token_valid?
+        @options[:access_token].present? && @options[:expires].to_i > DateTime.now.strftime('%Q').to_i
+      end
+      def perform_request(action, post, options, authorization = nil, method = :post)
         begin
           raw_response = ssl_request(method, url(action, authorization), post.nil? || post.empty? ? nil : post.to_json, headers(action, options))
           response = parse(raw_response)
           response['id'] = response['_links']['payment']['href'].split('/')[-1] if action == :capture && response.key?('_links')
-          source_id = authorization if action == :unstore
         rescue ResponseError => e
+          @options[:access_token] = '' if e.response.code == '401' && !@options[:secret_key]
           raise unless e.response.code.to_s =~ /4\d\d/
           response = parse(e.response.body, error: e.response)
@@ -359,18 +554,25 @@ module ActiveMerchant #:nodoc:
         succeeded = success_from(action, response)
-        response(action, succeeded, response, source_id)
+        response(action, succeeded, response, options)
+      end
+      def commit(action, post, options, authorization = nil, method = :post)
+        MultiResponse.run do |r|
+          r.process { setup_access_token } unless @options[:secret_key] || access_token_valid?
+          r.process { perform_request(action, post, options, authorization, method) }
+        end
       end
-      def response(action, succeeded, response, source_id = nil)
+      def response(action, succeeded, response, options = {}, source_id = nil)
         authorization = authorization_from(response) unless action == :unstore
         body = action == :unstore ? { response_code: response.to_s } : response
         Response.new(
           succeeded,
-          message_from(succeeded, response),
+          message_from(succeeded, response, options),
           body,
           authorization: authorization,
-          error_code: error_code_from(succeeded, body),
+          error_code: error_code_from(succeeded, body, options),
           test: test?,
           avs_result: avs_result(response),
           cvv_result: cvv_result(response)
@@ -378,7 +580,7 @@ module ActiveMerchant #:nodoc:
       end
       def headers(action, options)
-        auth_token = @access_token ? "Bearer #{@access_token}" : @options[:secret_key]
+        auth_token = @options[:access_token] ? "Bearer #{@options[:access_token]}" : @options[:secret_key]
         auth_token = @options[:public_key] if action == :tokens
         headers = {
           'Authorization' => auth_token,
@@ -448,19 +650,19 @@ module ActiveMerchant #:nodoc:
         return true if action == :unstore && response == 204
         store_response = response['token'] || response['id']
-        if store_response
-          return true if (action == :tokens && store_response.match(/tok/)) || (action == :store && store_response.match(/src_/))
-        end
+        return true if store_response && ((action == :tokens && store_response.match(/tok/)) || (action == :store && store_response.match(/src_/)))
         response['response_summary'] == 'Approved' || response['approved'] == true || !response.key?('response_summary') && response.key?('action_id')
       end
-      def message_from(succeeded, response)
+      def message_from(succeeded, response, options)
         if succeeded
           'Succeeded'
         elsif response['error_type']
           response['error_type'] + ': ' + response['error_codes'].first
         else
-          response['response_summary'] || response['response_code'] || response['status'] || response['message'] || 'Unable to read error message'
+          response_summary = response['response_summary'] || response.dig('actions', 0, 'response_summary')
+          response_summary || response['response_code'] || response['status'] || response['message'] || 'Unable to read error message'
         end
       end
@@ -481,7 +683,7 @@ module ActiveMerchant #:nodoc:
         raw['id']
       end
-      def error_code_from(succeeded, response)
+      def error_code_from(succeeded, response, options)
         return if succeeded
         if response['error_type'] && response['error_codes']
@@ -489,7 +691,9 @@ module ActiveMerchant #:nodoc:
         elsif response['error_type']
           response['error_type']
         else
-          STANDARD_ERROR_CODE_MAPPING[response['response_code']]
+          response_code = response['response_code'] || response.dig('actions', 0, 'response_code')
+          STANDARD_ERROR_CODE_MAPPING[response_code]
         end
       end