activemerchant 1.28.0 → 1.29.1

data/lib/active_merchant/billing/gateways/quantum.rb

@@ -37,15 +37,9 @@ module ActiveMerchant #:nodoc:
       #
       def initialize(options = {})
         requires!(options, :login, :password)
-        @options = options
         super
       end
 
-      # Should run against the test servers or not?
-      def test?
-        @options[:test] || Base.gateway_mode == :test
-      end
-
       # Request an authorization for an amount from CyberSource
       #
       def authorize(money, creditcard, options = {})
@@ -268,11 +262,11 @@ module ActiveMerchant #:nodoc:
         end
         return reply
       end
-      
+
       def authorization_for(reply)
         "#{reply[:TransactionID]};#{reply[:CreditCardNumber]}"
       end
-      
+
       def authorization_parts_from(authorization)
         authorization.split(/;/)
       end

data/lib/active_merchant/billing/gateways/quickpay.rb

@@ -93,7 +93,6 @@ module ActiveMerchant #:nodoc:
       def initialize(options = {})
         requires!(options, :login, :password)
         @protocol = options.delete(:version) || 3 # default to protocol version 3
-        @options = options
         super
       end
 
@@ -215,10 +214,10 @@ module ActiveMerchant #:nodoc:
       end
 
       def add_testmode(post)
-        return if post[:transaction].present? 
+        return if post[:transaction].present?
         post[:testmode] = test? ? '1' : '0'
       end
-      
+
       def add_fraud_parameters(post, options)
         if @protocol == 4
           post[:fraud_remote_addr] = options[:fraud_remote_addr] if options[:fraud_remote_addr]

data/lib/active_merchant/billing/gateways/realex.rb

@@ -20,7 +20,7 @@ module ActiveMerchant
     # same order id
     class RealexGateway < Gateway
       self.live_url = self.test_url = 'https://epage.payandshop.com/epage-remote.cgi'
-                  
+
       CARD_MAPPING = {
         'master'            => 'MC',
         'visa'              => 'VISA',
@@ -45,7 +45,6 @@ module ActiveMerchant
       def initialize(options = {})
         requires!(options, :login, :password)
         options[:refund_hash] = Digest::SHA1.hexdigest(options[:rebate_secret]) if options.has_key?(:rebate_secret)
-        @options = options
         super
       end
 
@@ -81,10 +80,10 @@ module ActiveMerchant
       def void(authorization, options = {})
         request = build_void_request(authorization, options)
         commit(request)
-      end     
-      
-      private           
-      def commit(request)        
+      end
+
+      private
+      def commit(request)
         response = parse(ssl_post(self.live_url, request))
 
         Response.new(response[:result] == "00", message_from(response), response,
@@ -188,7 +187,7 @@ module ActiveMerchant
 
           if billing_address
             xml.tag! 'address', 'type' => 'billing' do
-              xml.tag! 'code', avs_input_code( billing_address )
+              xml.tag! 'code', format_shipping_zip_code(billing_address[:zip])
               xml.tag! 'country', billing_address[:country]
             end
           end
@@ -241,19 +240,10 @@ module ActiveMerchant
         end
       end
 
-      def avs_input_code(address)
-        address.values_at(:zip, :address1).map{ |v| extract_digits(v) }.join('|')
-      end
-
       def format_shipping_zip_code(zip)
         zip.to_s.gsub(/\W/, '')
       end
 
-      def extract_digits(string)
-        return "" if string.nil?
-        string.gsub(/[\D]/,'')
-      end
-
       def new_timestamp
         Time.now.strftime('%Y%m%d%H%M%S')
       end

data/lib/active_merchant/billing/gateways/redsys.rb

@@ -0,0 +1,394 @@
+# coding: utf-8
+require 'nokogiri'
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    # = Redsys Merchant Gateway
+    #
+    # Gateway support for the Spanish "Redsys" payment gateway system. This is
+    # used by many banks in Spain and is particularly well supported by
+    # Catalunya Caixa's ecommerce department.
+    #
+    # Standard ActiveMerchant methods are supported, with one notable exception:
+    # :order_id must be provided and must conform to a very specific format.
+    #
+    # == Example use:
+    #
+    #   gateway = ActiveMerchant::Billing::RedsysGateway.new(
+    #               :login      => "091358382",
+    #               :secret_key => "qwertyasdf0123456789"
+    #            )
+    #
+    #   # Run a purchase for 10 euros
+    #   response = gateway.purchase(1000, creditcard, :order_id => "123456")
+    #   puts reponse.success?       # => true
+    #
+    #   # Partially refund the purchase
+    #   response = gateway.refund(500, response.authorization)
+    #
+    # Redsys requires an order_id be provided with each transaction of a
+    # specific format. The rules are as follows:
+    #
+    #  * Minimum length: 4
+    #  * Maximum length: 12
+    #  * First 4 digits must be numerical
+    #  * Remaining 8 digits may be alphanumeric
+    #
+    # Much of the code for this library is based on the active_merchant_sermepa
+    # integration gateway which uses essentially the same API but with the
+    # banks own payment screen.
+    #
+    # Written by Samuel Lown for Cabify. For implementation questions, or
+    # test access details please get in touch: sam@cabify.com.
+    class RedsysGateway < Gateway
+      self.live_url = "https://sis.sermepa.es/sis/operaciones"
+      self.test_url = "https://sis-t.sermepa.es:25443/sis/operaciones"
+
+      # Sensible region specific defaults.
+      self.supported_countries = ['ES']
+      self.default_currency    = 'EUR'
+      self.money_format        = :cents
+
+      # Not all card types may be actived by the bank!
+      self.supported_cardtypes = [:visa, :master, :american_express, :jcb, :diners_club]
+
+      # Homepage URL of the gateway for reference
+      self.homepage_url        = "http://www.redsys.es/"
+
+      # What to call this gateway
+      self.display_name        = "Redsys"
+
+      CURRENCY_CODES = {
+        "ARS" => '032',
+        "AUD" => '036',
+        "BRL" => '986',
+        "BOB" => '068',
+        "CAD" => '124',
+        "CHF" => '756',
+        "CLP" => '152',
+        "COP" => '170',
+        "EUR" => '978',
+        "GBP" => '826',
+        "GTQ" => '320',
+        "JPY" => '392',
+        "MXN" => '484',
+        "NZD" => '554',
+        "PEN" => '604',
+        "RUB" => '643',
+        "USD" => '840',
+        "UYU" => '858'
+      }
+
+      # The set of supported transactions for this gateway.
+      # More operations are supported by the gateway itself, but
+      # are not supported in this library.
+      SUPPORTED_TRANSACTIONS = {
+        :purchase   => 'A',
+        :authorize  => '1',
+        :capture    => '2',
+        :refund     => '3',
+        :cancel     => '9'
+      }
+
+      # These are the text meanings sent back by the acquirer when
+      # a card has been rejected. Syntax or general request errors
+      # are not covered here.
+      RESPONSE_TEXTS = {
+        # Accepted Codes
+        0 => "Transaction Approved",
+        400 => "Cancellation Accepted",
+        481 => "Cancellation Accepted",
+        500 => "Reconciliation Accepted",
+        900 => "Refund / Confirmation approved",
+
+        # Declined error codes
+        101 => "Card expired",
+        102 => "Card blocked temporarily or under susciption of fraud",
+        104 => "Transaction not permitted",
+        107 => "Contact the card issuer",
+        109 => "Invalid identification by merchant or POS terminal",
+        110 => "Invalid amount",
+        114 => "Card cannot be used to the requested transaction",
+        116 => "Insufficient credit",
+        118 => "Non-registered card",
+        125 => "Card not effective",
+        129 => "CVV2/CVC2 Error",
+        167 => "Contact the card issuer: suspected fraud",
+        180 => "Card out of service",
+        181 => "Card with credit or debit restrictions",
+        182 => "Card with credit or debit restrictions",
+        184 => "Authentication error",
+        190 => "Refusal with no specific reason",
+        191 => "Expiry date incorrect",
+
+        # Declined, and suspected of fraud
+        201 => "Card expired",
+        202 => "Card blocked temporarily or under suscipition of fraud",
+        204 => "Transaction not permitted",
+        207 => "Contact the card issuer",
+        208 => "Lost or stolen card",
+        209 => "Lost or stolen card",
+        280 => "CVV2/CVC2 Error",
+        290 => "Declined with no specific reason",
+
+        # More general codes for specific types of transaction
+        480 => "Original transaction not located, or time-out exceeded",
+        501 => "Original transaction not located, or time-out exceeded",
+        502 => "Original transaction not located, or time-out exceeded",
+        503 => "Original transaction not located, or time-out exceeded",
+
+        # Declined transactions by the bank
+        904 => "Merchant not registered at FUC",
+        909 => "System error",
+        912 => "Issuer not available",
+        913 => "Duplicate transmission",
+        916 => "Amount too low",
+        928 => "Time-out exceeded",
+        940 => "Transaction cancelled previously",
+        941 => "Authorization operation already cancelled",
+        942 => "Original authorization declined",
+        943 => "Different details from origin transaction",
+        944 => "Session error",
+        945 => "Duplicate transmission",
+        946 => "Cancellation of transaction while in progress",
+        947 => "Duplicate tranmission while in progress",
+        949 => "POS Inoperative",
+        950 => "Refund not possible",
+        9064 => "Card number incorrect",
+        9078 => "No payment method available",
+        9093 => "Non-existent card",
+        9218 => "Recursive transaction in bad gateway",
+        9253 => "Check-digit incorrect",
+        9256 => "Preauth not allowed for merchant",
+        9257 => "Preauth not allowed for card",
+        9261 => "Operating limit exceeded",
+        9912 => "Issuer not available",
+        9913 => "Confirmation error",
+        9914 => "KO Confirmation"
+      }
+
+      # Creates a new instance
+      #
+      # Redsys requires a login and secret_key, and optionally also accepts a
+      # non-default terminal.
+      #
+      # ==== Options
+      #
+      # * <tt>:login</tt> -- The Redsys Merchant ID (REQUIRED)
+      # * <tt>:secret_key</tt> -- The Redsys Secret Key. (REQUIRED)
+      # * <tt>:terminal</tt> -- The Redsys Terminal. Defaults to 1. (OPTIONAL)
+      # * <tt>:test</tt> -- +true+ or +false+. Defaults to +false+. (OPTIONAL)
+      def initialize(options = {})
+        requires!(options, :login, :secret_key)
+        options[:terminal] ||= 1
+        super
+      end
+
+      def purchase(money, creditcard, options = {})
+        requires!(options, :order_id)
+
+        data = {}
+        add_action(data, :purchase)
+        add_amount(data, money, options)
+        add_order(data, options[:order_id])
+        add_creditcard(data, creditcard)
+
+        commit data
+      end
+
+      def authorize(money, creditcard, options = {})
+        requires!(options, :order_id)
+
+        data = {}
+        add_action(data, :authorize)
+        add_amount(data, money, options)
+        add_order(data, options[:order_id])
+        add_creditcard(data, creditcard)
+
+        commit data
+      end
+
+      def capture(money, authorization, options = {})
+        data = {}
+        add_action(data, :capture)
+        add_amount(data, money, options)
+        order_id, _, _ = split_authorization(authorization)
+        add_order(data, order_id)
+
+        commit data
+      end
+
+      def void(authorization, options = {})
+        data = {}
+        add_action(data, :cancel)
+        order_id, amount, currency = split_authorization(authorization)
+        add_amount(data, amount, :currency => currency)
+        add_order(data, order_id)
+
+        commit data
+      end
+
+      def refund(money, authorization, options = {})
+        data = {}
+        add_action(data, :refund)
+        add_amount(data, money, options)
+        order_id, _, _ = split_authorization(authorization)
+        add_order(data, order_id)
+
+        commit data
+      end
+
+      private
+
+      def add_action(data, action)
+        data[:action] = transaction_code(action)
+      end
+
+      def add_amount(data, money, options)
+        data[:amount] = amount(money).to_s
+        data[:currency] = currency_code(options[:currency] || currency(money))
+      end
+
+      def add_order(data, order_id)
+        raise ArgumentError.new("Invalid order_id format") unless(/^\d{4}[\da-zA-Z]{0,8}$/ =~ order_id)
+        data[:order_id] = order_id
+      end
+
+      def url
+        test? ? test_url : live_url
+      end
+
+      def add_creditcard(data, card)
+        name  = [card.first_name, card.last_name].join(' ').slice(0, 60)
+        year  = sprintf("%.4i", card.year)
+        month = sprintf("%.2i", card.month)
+        data[:card] = {
+          :name => name,
+          :pan  => card.number,
+          :date => "#{year[2..3]}#{month}",
+          :cvv  => card.verification_value
+        }
+      end
+
+      def commit(data)
+        headers = {
+          'Content-Type' => 'application/x-www-form-urlencoded'
+        }
+        xml = build_xml_request(data)
+        parse(ssl_post(url, "entrada=#{CGI.escape(xml)}", headers))
+      end
+
+      def build_signature(data)
+        str = data[:amount] +
+              data[:order_id].to_s +
+              @options[:login].to_s +
+              data[:currency]
+
+        if card = data[:card]
+          str << card[:pan]
+          str << card[:cvv] if card[:cvv]
+        end
+
+        str << data[:action]
+        str << @options[:secret_key]
+
+        Digest::SHA1.hexdigest(str)
+      end
+
+      def build_xml_request(data)
+        xml = Builder::XmlMarkup.new :indent => 2
+        xml.DATOSENTRADA do
+          # Basic elements
+          xml.DS_Version 0.1
+          xml.DS_MERCHANT_CURRENCY          data[:currency]
+          xml.DS_MERCHANT_AMOUNT            data[:amount]
+          xml.DS_MERCHANT_ORDER             data[:order_id]
+          xml.DS_MERCHANT_TRANSACTIONTYPE   data[:action]
+          xml.DS_MERCHANT_TERMINAL          @options[:terminal]
+          xml.DS_MERCHANT_MERCHANTCODE      @options[:login]
+          xml.DS_MERCHANT_MERCHANTSIGNATURE build_signature(data)
+
+          # Only when card is present
+          if data[:card]
+            xml.DS_MERCHANT_TITULAR    data[:card][:name]
+            xml.DS_MERCHANT_PAN        data[:card][:pan]
+            xml.DS_MERCHANT_EXPIRYDATE data[:card][:date]
+            xml.DS_MERCHANT_CVV2       data[:card][:cvv]
+          end
+        end
+        xml.target!
+      end
+
+      def parse(data)
+        params  = {}
+        success = false
+        message = ""
+        options = @options.merge(:test => test?)
+        xml     = Nokogiri::XML(data)
+        code    = xml.xpath("//RETORNOXML/CODIGO").text
+        if code == "0"
+          op = xml.xpath("//RETORNOXML/OPERACION")
+          op.children.each do |element|
+            params[element.name.downcase.to_sym] = element.text
+          end
+
+          if validate_signature(params)
+            message = response_text(params[:ds_response])
+            options[:authorization] = build_authorization(params)
+            success = is_success_response?(params[:ds_response])
+          else
+            message = "Response failed validation check"
+          end
+        else
+          # Some kind of programmer error with the request!
+          message = "#{code} ERROR"
+        end
+
+        Response.new(success, message, params, options)
+      end
+
+      def validate_signature(data)
+        str = data[:ds_amount] +
+              data[:ds_order].to_s +
+              data[:ds_merchantcode] +
+              data[:ds_currency] +
+              data[:ds_response] +
+              data[:ds_cardnumber].to_s +
+              data[:ds_transactiontype].to_s +
+              data[:ds_securepayment].to_s +
+              @options[:secret_key]
+
+        sig = Digest::SHA1.hexdigest(str)
+        data[:ds_signature].to_s.downcase == sig
+      end
+
+      def build_authorization(params)
+        [params[:ds_order], params[:ds_amount], params[:ds_currency]].join("|")
+      end
+
+      def split_authorization(authorization)
+        order_id, amount, currency = authorization.split("|")
+        [order_id, amount.to_i, currency]
+      end
+
+      def currency_code(currency)
+        return currency if currency =~ /^\d+$/
+        CURRENCY_CODES[currency]
+      end
+
+      def transaction_code(type)
+        SUPPORTED_TRANSACTIONS[type]
+      end
+
+      def response_text(code)
+        code = code.to_i
+        code = 0 if code < 100
+        RESPONSE_TEXTS[code] || "Unkown code, please check in manual"
+      end
+
+      def is_success_response?(code)
+        (code.to_i < 100) || [400, 481, 500, 900].include?(code.to_i)
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/sage/sage_core.rb

@@ -7,13 +7,13 @@ module ActiveMerchant #:nodoc:
         base.homepage_url = 'http://www.sagepayments.com'
         base.display_name = 'Sage Payment Solutions'
       end
-      
+
       # Transactions types:
       # <tt>01</tt> - Sale
-      # <tt>02</tt> - AuthOnly 
-      # <tt>03</tt> - Force/PriorAuthSale 
-      # <tt>04</tt> - Void 
-      # <tt>06</tt> - Credit 
+      # <tt>02</tt> - AuthOnly
+      # <tt>03</tt> - Force/PriorAuthSale
+      # <tt>04</tt> - Void
+      # <tt>06</tt> - Credit
       # <tt>11</tt> - PriorAuthSale by Reference*
       TRANSACTIONS = {
         :purchase           => '01',
@@ -22,83 +22,82 @@ module ActiveMerchant #:nodoc:
         :void               => '04',
         :credit             => '06'
       }
-      
+
       def initialize(options = {})
         requires!(options, :login, :password)
-        @options = options
         super
       end
-      
+
       private
       def add_invoice(post, options)
         post[:T_ordernum] = options[:order_id].slice(0, 20)
         post[:T_tax] = amount(options[:tax]) unless options[:tax].blank?
         post[:T_shipping] = amount(options[:shipping]) unless options[:shipping].blank?
       end
-      
+
       def add_reference(post, reference)
         ref, source = reference.to_s.split(";")
         post[:T_reference] = ref
       end
-      
+
       def add_amount(post, money)
         post[:T_amt] = amount(money)
       end
-      
+
       def add_customer_data(post, options)
         post[:T_customer_number] = options[:customer]
       end
 
       def add_addresses(post, options)
         billing_address   = options[:billing_address] || options[:address] || {}
-        
+
         post[:C_address]    = billing_address[:address1]
         post[:C_city]       = billing_address[:city]
-        
+
         if ['US', 'CA'].include?(billing_address[:country])
           post[:C_state]    = billing_address[:state]
         else
           post[:C_state]    = "Outside of United States"
         end
-        
+
         post[:C_zip]        = billing_address[:zip]
-        post[:C_country]    = billing_address[:country] 
+        post[:C_country]    = billing_address[:country]
         post[:C_telephone]  = billing_address[:phone]
         post[:C_fax]        = billing_address[:fax]
         post[:C_email]      = options[:email]
-        
+
         if shipping_address = options[:shipping_address]
           post[:C_ship_name]    = shipping_address[:name]
           post[:C_ship_address] = shipping_address[:address1]
           post[:C_ship_city]    = shipping_address[:city]
           post[:C_ship_state]   = shipping_address[:state]
-          post[:C_ship_zip]     = shipping_address[:zip] 
+          post[:C_ship_zip]     = shipping_address[:zip]
           post[:C_ship_country] = shipping_address[:country]
         end
       end
-      
+
       def add_transaction_data(post, money, options)
         add_amount(post, money)
         add_invoice(post, options)
-        add_addresses(post, options)        
+        add_addresses(post, options)
         add_customer_data(post, options)
       end
-      
+
       def commit(action, params)
         response = parse(ssl_post(self.live_url, post_data(action, params)))
-        
-        Response.new(success?(response), response[:message], response, 
-          :test => test?, 
+
+        Response.new(success?(response), response[:message], response,
+          :test => test?,
           :authorization => authorization_from(response),
           :avs_result => { :code => response[:avs_result] },
           :cvv_result => response[:cvv_result]
         )
       end
-      
+
       def authorization_from(response)
         "#{response[:reference]};#{source}"
       end
-            
+
       def success?(response)
         response[:success] == 'A'
       end
@@ -107,7 +106,7 @@ module ActiveMerchant #:nodoc:
         params[:M_id]  = @options[:login]
         params[:M_key] = @options[:password]
         params[:T_code] = TRANSACTIONS[action]
-        
+
         params.collect { |key, value| "#{key}=#{CGI.escape(value.to_s)}" }.join("&")
       end
     end