activemerchant 1.2.1 → 1.3.0

data/lib/active_merchant/billing/gateways/payflow.rb

@@ -62,8 +62,8 @@ module ActiveMerchant #:nodoc:
         commit(request, :recurring)
       end
       
-      def recurring_inquiry(profile_id)
-        request = build_recurring_request(:inquiry, nil, :profile_id => profile_id)
+      def recurring_inquiry(profile_id, options = {})
+        request = build_recurring_request(:inquiry, nil, options.update( :profile_id => profile_id ))
         commit(request, :recurring)
       end   
       
@@ -81,7 +81,7 @@ module ActiveMerchant #:nodoc:
       end
       
       def build_reference_sale_or_authorization_request(action, money, reference, options)
-        xml = Builder::XmlMarkup.new :indent => 2
+        xml = Builder::XmlMarkup.new 
         xml.tag! TRANSACTIONS[action] do
           xml.tag! 'PayData' do
             xml.tag! 'Invoice' do
@@ -98,19 +98,17 @@ module ActiveMerchant #:nodoc:
       end
       
       def build_credit_card_request(action, money, credit_card, options)
-        xml = Builder::XmlMarkup.new :indent => 2
+        xml = Builder::XmlMarkup.new 
         xml.tag! TRANSACTIONS[action] do
           xml.tag! 'PayData' do
             xml.tag! 'Invoice' do
               xml.tag! 'CustIP', options[:ip] unless options[:ip].blank?
-              xml.tag! 'InvNum', options[:order_id] unless options[:order_id].blank?
+              xml.tag! 'InvNum', options[:order_id].to_s.gsub(/[^\w.]/, '') unless options[:order_id].blank?
               xml.tag! 'Description', options[:description] unless options[:description].blank?
 
               billing_address = options[:billing_address] || options[:address]
-              shipping_address = options[:shipping_address] || billing_address
-
-              add_address(xml, 'BillTo', billing_address, options)
-              add_address(xml, 'ShipTo', shipping_address, options)
+              add_address(xml, 'BillTo', billing_address, options) if billing_address
+              add_address(xml, 'ShipTo', options[:shipping_address], options) if options[:shipping_address]
               
               xml.tag! 'TotalAmt', amount(money), 'Currency' => options[:currency] || currency(money)
             end
@@ -163,7 +161,7 @@ module ActiveMerchant #:nodoc:
           raise StandardError, "Invalid Recurring Profile Action: #{action}"
         end
 
-        xml = Builder::XmlMarkup.new :indent => 2
+        xml = Builder::XmlMarkup.new 
         xml.tag! 'RecurringProfiles' do
           xml.tag! 'RecurringProfile' do
             xml.tag! action.to_s.capitalize do
@@ -188,10 +186,8 @@ module ActiveMerchant #:nodoc:
                   xml.tag! 'EMail', options[:email] unless options[:email].nil?
                   
                   billing_address = options[:billing_address] || options[:address]
-                  shipping_address = options[:shipping_address] || billing_address
-                  
-                  add_address(xml, 'BillTo', billing_address, options)
-                  add_address(xml, 'ShipTo', shipping_address, options)
+                  add_address(xml, 'BillTo', billing_address, options) if billing_address
+                  add_address(xml, 'ShipTo', options[:shipping_address], options) if options[:shipping_address]
                 end
                 xml.tag! 'Tender' do
                   yield xml
@@ -200,6 +196,9 @@ module ActiveMerchant #:nodoc:
               if action != :add
                 xml.tag! "ProfileID", options[:profile_id]
               end
+              if action == :inquiry
+                xml.tag! "PaymentHistory", ( options[:history] ? 'Y' : 'N' )
+              end
             end
           end
         end

data/lib/active_merchant/billing/gateways/payflow/payflow_common_api.rb

@@ -4,23 +4,32 @@ module ActiveMerchant #:nodoc:
       def self.included(base)
         base.default_currency = 'USD'
           
-        # The certification_id is required by PayPal to make direct HTTPS posts to their servers.
-        # The certification_id has been deprecated by PayPal.  It will soon be removed and you can simply
-        # use the certification_id that has been configured here, or generate your own
+        # The certification id requirement has been removed by Payflow
+        # This is no longer being sent in the requests to the gateway
         base.class_inheritable_accessor :certification_id
-        base.certification_id = '55d64dfec398cbbe66c1bf843cbad9'
-        
+
         base.class_inheritable_accessor :partner
         
         # Set the default partner to PayPal
         base.partner = 'PayPal'
         
         base.supported_countries = ['US', 'CA', 'SG', 'AU']
+        
+        base.class_inheritable_accessor :timeout
+        base.timeout = 60
+        
+        # Enable safe retry of failed connections
+        # Payflow is safe to retry because retried transactions use the same
+        # X-VPS-Request-ID header. If a transaction is detected as a duplicate
+        # only the original transaction data will be used by Payflow, and the
+        # subsequent Responses will have a :duplicate parameter set in the params
+        # hash.
+        base.retry_safe = true
       end
       
       XMLNS = 'http://www.paypal.com/XMLPay'
-      TEST_URL = 'https://pilot-payflowpro.verisign.com/transaction'
-      LIVE_URL = 'https://payflowpro.verisign.com/transaction'
+      TEST_URL = 'https://pilot-payflowpro.verisign.com'
+      LIVE_URL = 'https://payflowpro.verisign.com'
       
       CARD_MAPPING = {
         :visa => 'Visa',
@@ -40,6 +49,13 @@ module ActiveMerchant #:nodoc:
         :void           => "Void",
         :credit         => "Credit" 
       }
+      
+      CVV_CODE = {
+        'Match' => 'M',
+        'No Match' => 'N',
+        'Service Not Available' => 'U', 
+        'Service not Requested' => 'P'
+      }
           
       def initialize(options = {})
         requires!(options, :login, :password)
@@ -52,7 +68,7 @@ module ActiveMerchant #:nodoc:
       end  
       
       def test?
-        @options[:test] || Base.gateway_mode == :test
+        @options[:test] || super
       end
       
       def capture(money, authorization, options = {})
@@ -67,7 +83,7 @@ module ActiveMerchant #:nodoc:
   
       private      
       def build_request(body, request_type = nil)
-        xml = Builder::XmlMarkup.new :indent => 2
+        xml = Builder::XmlMarkup.new
         xml.instruct!
         xml.tag! 'XMLPayRequest', 'Timeout' => 30, 'version' => "2.1", "xmlns" => XMLNS do
           xml.tag! 'RequestData' do
@@ -95,7 +111,7 @@ module ActiveMerchant #:nodoc:
       end
       
       def build_reference_request(action, money, authorization, options)
-        xml = Builder::XmlMarkup.new :indent => 2
+        xml = Builder::XmlMarkup.new
         xml.tag! TRANSACTIONS[action] do
           xml.tag! 'PNRef', authorization
         
@@ -113,8 +129,10 @@ module ActiveMerchant #:nodoc:
         return if address.nil?
         xml.tag! tag do
           xml.tag! 'Name', address[:name] unless options[:name].blank?
-          xml.tag! 'Email', options[:email] unless options[:email].blank?
+          xml.tag! 'EMail', options[:email] unless options[:email].blank?
           xml.tag! 'Phone', address[:phone] unless address[:phone].blank?
+          xml.tag! 'CustCode', options[:customer] if !options[:customer].blank? && tag == 'BillTo'
+          
           xml.tag! 'Address' do
             xml.tag! 'Street', address[:address1] unless address[:address1].blank?
             xml.tag! 'City', address[:city] unless address[:city].blank?
@@ -130,7 +148,10 @@ module ActiveMerchant #:nodoc:
         xml = REXML::Document.new(data)
         root = REXML::XPath.first(xml, "//ResponseData")
         
-        if REXML::XPath.first(root, "//TransactionResult/attribute::Duplicate")
+        # REXML::XPath in Ruby 1.8.6 is now unable to match nodes based on their attributes
+        tx_result = REXML::XPath.first(root, "//TransactionResult")
+        
+        if tx_result && tx_result.attributes['Duplicate'] == "true"
           response[:duplicate] = true 
         end
         
@@ -142,12 +163,24 @@ module ActiveMerchant #:nodoc:
       end
       
       def parse_element(response, node)
-        if node.has_elements?
+        node_name = node.name.underscore.to_sym
+        case
+        when node_name == :rp_payment_result
+          # Since we'll have multiple history items, we can't just flatten everything
+          # down as we do everywhere else. RPPaymentResult elements are not contained
+          # in an RPPaymentResults element so we'll come here multiple times
+          response[node_name] ||= []
+          response[node_name] << ( payment_result_response = {} )
+          node.elements.each{ |e| parse_element(payment_result_response, e) }
+        when node.has_elements?
           node.elements.each{|e| parse_element(response, e) }
-        elsif node.name == 'ExtData'
+        when node_name.to_s =~ /amt$/
+          # *Amt elements don't put the value in the #text - instead they use a Currency attribute
+          response[node_name] = node.attributes['Currency']
+        when node_name == :ext_data
           response[node.attributes['Name'].underscore.to_sym] = node.attributes['Value']
         else
-          response[node.name.underscore.to_sym] = node.text
+          response[node_name] = node.text
         end
       end
       
@@ -155,11 +188,10 @@ module ActiveMerchant #:nodoc:
         {
           "Content-Type" => "text/xml",
           "Content-Length" => content_length.to_s,
-      	  "X-VPS-Timeout" => "30",
-      	  "X-VPS-VIT-Client-Certification-Id" => @options[:certification_id].to_s,
+      	  "X-VPS-Timeout" => timeout.to_s,
       	  "X-VPS-VIT-Integration-Product" => "ActiveMerchant",
       	  "X-VPS-VIT-Runtime-Version" => RUBY_VERSION,
-      	  "X-VPS-Request-ID" => generate_unique_id
+      	  "X-VPS-Request-ID" => Utils.generate_unique_id
     	  }
     	end
     	
@@ -167,29 +199,15 @@ module ActiveMerchant #:nodoc:
         request = build_request(request_body, request_type)
         headers = build_headers(request.size)
         
-        if result = test_result_from_cc_number(parse_credit_card_number(request))
-          return result
-        end
-      
-    	  url = test? ? TEST_URL : LIVE_URL
-    	  data = ssl_post(url, request, headers)
-    	  
-    	  @response = parse(data)
+    	  response = parse(ssl_post(test? ? TEST_URL : LIVE_URL, request, headers))
     	  
-    	  success = @response[:result] == "0"
-    	  message = @response[:message]
-    	  
-    	  build_response(success, message, @response,
+    	  build_response(response[:result] == "0", response[:message], response,
     	    :test => test?,
-    	    :authorization => @response[:pn_ref] || @response[:rp_ref]
+    	    :authorization => response[:pn_ref] || response[:rp_ref],
+    	    :cvv_result => CVV_CODE[response[:cv_result]],
+    	    :avs_result => { :code => response[:avs_result] }
         )
       end
-      
-      def parse_credit_card_number(request)
-        xml = REXML::Document.new(request)
-        card_number = REXML::XPath.first(xml, '//Tender/Card/CardNum')
-        card_number && card_number.text
-      end
     end
   end
 end

data/lib/active_merchant/billing/gateways/payflow/payflow_response.rb

@@ -4,6 +4,10 @@ module ActiveMerchant #:nodoc:
       def profile_id
         @params['profile_id']
       end
+      
+      def payment_history
+        @payment_history ||= @params['rp_payment_result'].collect{ |result| result.stringify_keys } rescue []
+      end
     end
   end
 end

data/lib/active_merchant/billing/gateways/payflow_express.rb

@@ -84,10 +84,8 @@ module ActiveMerchant #:nodoc:
                 xml.tag! 'Description', options[:description] unless options[:description].blank?
             
                 billing_address = options[:billing_address] || options[:address]
-                shipping_address = options[:shipping_address] || billing_address
-            
-                add_address(xml, 'BillTo', billing_address, options)
-                add_address(xml, 'ShipTo', shipping_address, options)
+                add_address(xml, 'BillTo', billing_address, options) if billing_address
+                add_address(xml, 'ShipTo', options[:shipping_address], options) if options[:shipping_address]
                 
                 xml.tag! 'TotalAmt', amount(money), 'Currency' => options[:currency] || currency(money)
               end

data/lib/active_merchant/billing/gateways/payment_express.rb

@@ -1,16 +1,12 @@
 require 'rexml/document'
 
-module ActiveMerchant
-  module Billing
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
     
     # In NZ DPS supports ANZ, Westpac, National Bank, ASB and BNZ. 
     # In Australia DPS supports ANZ, NAB, Westpac, CBA, St George and Bank of South Australia. 
     # The Maybank in Malaysia is supported and the Citibank for Singapore.
     class PaymentExpressGateway < Gateway
-      attr_reader :url 
-      attr_reader :response
-      attr_reader :options
-      
       self.default_currency = 'NZD'
       # PS supports all major credit cards; Visa, Mastercard, Amex, Diners, BankCard & JCB. 
       # Various white label cards can be accepted as well; Farmers, AirNZCard and Elders etc. 
@@ -37,8 +33,6 @@ module ActiveMerchant
         :validate       => 'Validate'
       }
       
-      POST_HEADERS = { "Content-Type" => "application/x-www-form-urlencoded" }
-
       # We require the DPS gateway username and password when the object is created.
       def initialize(options = {})
         # A DPS username and password must exist 
@@ -49,17 +43,14 @@ module ActiveMerchant
       end
       
       # Funds are transferred immediately.
-      def purchase(money, credit_card_or_billing_token, options = {})
+      def purchase(money, payment_source, options = {})
         
-        credit_card = credit_card_or_billing_token if credit_card_or_billing_token.respond_to?(:number)
+        credit_card = payment_source if payment_source.respond_to?(:number)
         
         if credit_card        
-          if result = test_result_from_cc_number(credit_card.number)
-            return result
-          end
           options[:credit_card] = credit_card
         else
-          options[:token]       = credit_card_or_billing_token
+          options[:token]       = payment_source
         end
         
         request = build_purchase_or_authorization_request(money, options)
@@ -70,10 +61,6 @@ module ActiveMerchant
       # Verifies that funds are available for the requested card and amount and reserves the specified amount.
       # See: http://www.paymentexpress.com/technical_resources/ecommerce_nonhosted/pxpost.html#Authcomplete
       def authorize(money, credit_card, options = {})
-        if result = test_result_from_cc_number(credit_card.number)
-          return result
-        end
-        
         options[:credit_card] = credit_card
 
         request = build_purchase_or_authorization_request(money, options)
@@ -184,7 +171,7 @@ module ActiveMerchant
       end
       
       def add_invoice(xml, options)
-        xml.add_element("TxnId").text = options[:order_id] unless options[:order_id].blank?
+        xml.add_element("TxnId").text = options[:order_id].to_s.slice(0, 16) unless options[:order_id].blank?
         xml.add_element("MerchantReference").text = options[:description] unless options[:description].blank?
       end
       
@@ -208,24 +195,18 @@ module ActiveMerchant
         add_credentials(request)
         add_transaction_type(request, action)
         
-        # Next, post it to the server
-        response = ssl_post(PAYMENT_URL, request.to_s, POST_HEADERS)
-        
         # Parse the XML response
-        @response = parse_response(response)
-        
-        success = @response[:success] == APPROVED
-        test = @response[:test_mode] == '1'
+        response = parse( ssl_post(PAYMENT_URL, request.to_s) )
         
         # Return a response
-        PaymentExpressResponse.new(success, @response[:response_text], @response,
-          :test => test,
-          :authorization => @response[:dps_txn_ref]
+        PaymentExpressResponse.new(response[:success] == APPROVED, response[:response_text], response,
+          :test => response[:test_mode] == '1',
+          :authorization => response[:dps_txn_ref]
         )
       end
 
       # Response XML documentation: http://www.paymentexpress.com/technical_resources/ecommerce_nonhosted/pxpost.html#XMLTxnOutput
-      def parse_response(xml_string)
+      def parse(xml_string)
         response = {}
 
         xml = REXML::Document.new(xml_string)          

data/lib/active_merchant/billing/gateways/paypal.rb

@@ -8,27 +8,16 @@ module ActiveMerchant #:nodoc:
       
       self.supported_cardtypes = [:visa, :master, :american_express, :discover]
       self.supported_countries = ['US']
-      
       self.homepage_url = 'https://www.paypal.com/cgi-bin/webscr?cmd=_wp-pro-overview-outside'
       self.display_name = 'PayPal Website Payments Pro (US)'
       
       def authorize(money, credit_card, options = {})
         requires!(options, :ip)
-        
-        if result = test_result_from_cc_number(credit_card.number)
-          return result
-        end
-
         commit 'DoDirectPayment', build_sale_or_authorization_request('Authorization', money, credit_card, options)
       end
 
       def purchase(money, credit_card, options = {})
         requires!(options, :ip)
-        
-        if result = test_result_from_cc_number(credit_card.number)
-          return result
-        end
-        
         commit 'DoDirectPayment', build_sale_or_authorization_request('Sale', money, credit_card, options)
       end
       
@@ -38,7 +27,7 @@ module ActiveMerchant #:nodoc:
       
       private
       def build_sale_or_authorization_request(action, money, credit_card, options)
-        shipping_address = options[:shipping_address] || options[:address]
+        billing_address = options[:billing_address] || options[:address]
         currency_code = options[:currency] || currency(money)
        
         xml = Builder::XmlMarkup.new :indent => 2
@@ -63,9 +52,9 @@ module ActiveMerchant #:nodoc:
                 xml.tag! 'n2:InvoiceID', options[:order_id]
                 xml.tag! 'n2:ButtonSource', application_id.to_s.slice(0,32) unless application_id.blank? 
                 
-                add_address(xml, 'n2:ShipToAddress', shipping_address)
+                add_address(xml, 'n2:ShipToAddress', options[:shipping_address]) if options[:shipping_address]
               end
-              add_credit_card(xml, credit_card, options[:billing_address] || shipping_address, options)
+              add_credit_card(xml, credit_card, billing_address, options)
               xml.tag! 'n2:IPAddress', options[:ip]
             end
           end

data/lib/active_merchant/billing/gateways/paypal/paypal_common_api.rb

@@ -1,17 +1,21 @@
 module ActiveMerchant #:nodoc:
   module Billing #:nodoc:
-    # This class is included in both PaypalGateway and PaypalExpressGateway
+    # This module is included in both PaypalGateway and PaypalExpressGateway
     module PaypalCommonAPI
       def self.included(base)
-        
         base.default_currency = 'USD'
         base.cattr_accessor :pem_file
         base.cattr_accessor :signature
       end
       
       API_VERSION = '2.0'
-      TEST_URL = 'https://api.sandbox.paypal.com/2.0/'
-      LIVE_URL = 'https://api-aa.paypal.com/2.0/'
+      
+      URLS = {
+        :test => { :certificate => 'https://api.sandbox.paypal.com/2.0/',
+                   :signature   => 'https://api-3t.sandbox.paypal.com/2.0/' },
+        :live => { :certificate => 'https://api-aa.paypal.com/2.0/',
+                   :signature   => 'https://api-3t.paypal.com/2.0/' }
+      }
       
       PAYPAL_NAMESPACE = 'urn:ebay:api:PayPalAPI'
       EBAY_NAMESPACE = 'urn:ebay:apis:eBLBaseComponents'
@@ -36,6 +40,8 @@ module ActiveMerchant #:nodoc:
         'WA'  => 'Western Australia'
       }
       
+      SUCCESS_CODES = [ 'Success', 'SuccessWithWarning' ]
+      
       # The gateway must be configured with either your PayPal PEM file
       # or your PayPal API Signature.  Only one is required.
       #
@@ -60,6 +66,10 @@ module ActiveMerchant #:nodoc:
           :signature => signature
         }.update(options)
         
+        if @options[:pem].blank? && @options[:signature].blank?
+          raise ArgumentError, "An API Certificate or API Signature is required to make requests to PayPal" 
+        end
+        
         super
       end
       
@@ -273,27 +283,37 @@ module ActiveMerchant #:nodoc:
         case country.code(:alpha2).to_s
         when 'AU'
           AUSTRALIAN_STATES[address[:state]] || address[:state] 
-        when 'GB'
-          address[:state].blank? ? 'N/A' : address[:state] 
         else
-          address[:state]
+          address[:state].blank? ? 'N/A' : address[:state]
         end
       end
+      
+      def endpoint_url
+        URLS[test? ? :test : :live][@options[:signature].blank? ? :certificate : :signature]
+      end
 
       def commit(action, request)
-        url = test? ? TEST_URL : LIVE_URL
-
-        data = ssl_post(url, build_request(request))
-        @response = parse(action, data)
+        response = parse(action, ssl_post(endpoint_url, build_request(request)))
        
-        success = @response[:ack] == "Success"
-        message = @response[:message] || @response[:ack]
-
-        build_response(success, message, @response,
+        build_response(successful?(response), message_from(response), response,
     	    :test => test?,
-    	    :authorization => @response[:transaction_id] || @response[:authorization_id] # latter one is from reauthorization
+    	    :authorization => authorization_from(response),
+    	    :avs_result => { :code => response[:avs_code] },
+    	    :cvv_result => response[:cvv2_code]
         )
       end
+      
+      def authorization_from(response)
+        response[:transaction_id] || response[:authorization_id] # latter one is from reauthorization
+      end
+      
+      def successful?(response)
+        SUCCESS_CODES.include?(response[:ack])
+      end
+      
+      def message_from(response)
+        response[:message] || response[:ack]
+      end
     end
   end
 end