activemerchant 1.38.0 → 1.79.2

data/lib/active_merchant/billing/gateways/wirecard.rb

@@ -3,10 +3,7 @@ require 'base64'
 module ActiveMerchant #:nodoc:
   module Billing #:nodoc:
     class WirecardGateway < Gateway
-      # Test server location
       self.test_url = 'https://c3-test.wirecard.com/secure/ssl-gateway'
-
-      # Live server location
       self.live_url = 'https://c3.wirecard.com/secure/ssl-gateway'
 
       # The Namespaces are not really needed, because it just tells the System, that there's actually no namespace used.
@@ -29,56 +26,121 @@ module ActiveMerchant #:nodoc:
       # number 5551234 within area code 202 (country code 1).
       VALID_PHONE_FORMAT = /\+\d{1,3}(\(?\d{3}\)?)?\d{3}-\d{4}-\d{3}/
 
-      # The countries the gateway supports merchants from as 2 digit ISO country codes
-      self.supported_countries = ['DE']
-
-      # Wirecard supports all major credit and debit cards:
-      # Visa, Mastercard, American Express, Diners Club,
-      # JCB, Switch, VISA Carte Bancaire, Visa Electron and UATP cards.
-      # They also support the latest anti-fraud systems such as Verified by Visa or Master Secure Code.
-      self.supported_cardtypes = [
-        :visa, :master, :american_express, :diners_club, :jcb, :switch
-      ]
-
-      # The homepage URL of the gateway
+      self.supported_cardtypes = [ :visa, :master, :american_express, :diners_club, :jcb, :switch ]
+      self.supported_countries = %w(AD CY GI IM MT RO CH AT DK GR IT MC SM TR BE EE HU LV NL SK GB BG FI IS LI NO SI VA FR IL LT PL ES CZ DE IE LU PT SE)
       self.homepage_url = 'http://www.wirecard.com'
-
-      # The name of the gateway
       self.display_name = 'Wirecard'
-
-      # The currency should normally be EUROs
       self.default_currency = 'EUR'
-
-      # 100 is 1.00 Euro
       self.money_format = :cents
 
+      # Public: Create a new Wirecard gateway.
+      #
+      # options - A hash of options:
+      #           :login         - The username
+      #           :password      - The password
+      #           :signature     - The BusinessCaseSignature
       def initialize(options = {})
-        # verify that username and password are supplied
-        requires!(options, :login, :password)
-        # unfortunately Wirecard also requires a BusinessCaseSignature in the XML request
-        requires!(options, :signature)
+        requires!(options, :login, :password, :signature)
         super
       end
 
-      # Authorization
-      def authorize(money, creditcard, options = {})
-        options[:credit_card] = creditcard
+      # Authorization - the second parameter may be a CreditCard or
+      # a String which represents a GuWID reference to an earlier
+      # transaction.  If a GuWID is given, rather than a CreditCard,
+      # then then the :recurring option will be forced to "Repeated"
+      def authorize(money, payment_method, options = {})
+        if payment_method.respond_to?(:number)
+          options[:credit_card] = payment_method
+        else
+          options[:preauthorization] = payment_method
+        end
         commit(:preauthorization, money, options)
       end
 
-      # Capture Authorization
       def capture(money, authorization, options = {})
         options[:preauthorization] = authorization
         commit(:capture, money, options)
       end
 
-      # Purchase
-      def purchase(money, creditcard, options = {})
-        options[:credit_card] = creditcard
+      # Purchase - the second parameter may be a CreditCard or
+      # a String which represents a GuWID reference to an earlier
+      # transaction.  If a GuWID is given, rather than a CreditCard,
+      # then then the :recurring option will be forced to "Repeated"
+      def purchase(money, payment_method, options = {})
+        if payment_method.respond_to?(:number)
+          options[:credit_card] = payment_method
+        else
+          options[:preauthorization] = payment_method
+        end
         commit(:purchase, money, options)
       end
 
+      def void(identification, options = {})
+        options[:preauthorization] = identification
+        commit(:reversal, nil, options)
+      end
+
+      def refund(money, identification, options = {})
+        options[:preauthorization] = identification
+        commit(:bookback, money, options)
+      end
+
+      # Store card - Wirecard supports the notion of "Recurring
+      # Transactions" by allowing the merchant to provide a reference
+      # to an earlier transaction (the GuWID) rather than a credit
+      # card.  A reusable reference (GuWID) can be obtained by sending
+      # a purchase or authorization transaction with the element
+      # "RECURRING_TRANSACTION/Type" set to "Initial".  Subsequent
+      # transactions can then use the GuWID in place of a credit
+      # card by setting "RECURRING_TRANSACTION/Type" to "Repeated".
+      #
+      # This implementation of card store utilizes a Wirecard
+      # "Authorization Check" (a Preauthorization that is automatically
+      # reversed).  It defaults to a check amount of "100" (i.e.
+      # $1.00) but this can be overriden (see below).
+      #
+      # IMPORTANT: In order to reuse the stored reference, the
+      # +authorization+ from the response should be saved by
+      # your application code.
+      #
+      # ==== Options specific to +store+
+      #
+      # * <tt>:amount</tt> -- The amount, in cents, that should be
+      #   "validated" by the Authorization Check.  This amount will
+      #   be reserved and then reversed.  Default is 100.
+      #
+      # Note: This is not the only way to achieve a card store
+      # operation at Wirecard.  Any +purchase+ or +authorize+
+      # can be sent with +options[:recurring] = 'Initial'+ to make
+      # the returned authorization/GuWID usable in later transactions
+      # with +options[:recurring] = 'Repeated'+.
+      def store(creditcard, options = {})
+        options[:credit_card] = creditcard
+        options[:recurring] = 'Initial'
+        money = options.delete(:amount) || 100
+        # Amex does not support authorization_check
+        if creditcard.brand == 'american_express'
+          commit(:preauthorization, money, options)
+        else
+          commit(:authorization_check, money, options)
+        end
+      end
+
+      def supports_scrubbing
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((Authorization: Basic )\w+), '\1[FILTERED]').
+          gsub(%r((<CreditCardNumber>)\d+(</CreditCardNumber>)), '\1[FILTERED]\2').
+          gsub(%r((<CVC2>)[^<]+(</CVC2>)), '\1[FILTERED]\2')
+      end
+
       private
+      def clean_description(description)
+        description.to_s.slice(0,32).encode("US-ASCII", invalid: :replace, undef: :replace, replace: '?')
+      end
 
       def prepare_options_hash(options)
         result = @options.merge(options)
@@ -95,6 +157,13 @@ module ActiveMerchant #:nodoc:
         options[:billing_address][:email] = options[:email] if options[:email]
       end
 
+      # If a GuWID (string-based reference) is passed rather than a
+      # credit card, then the :recurring type needs to be forced to
+      # "Repeated"
+      def setup_recurring_flag(options)
+        options[:recurring] = 'Repeated' if options[:preauthorization].present?
+      end
+
       # Contact WireCard, make the XML request, and parse the
       # reply into a Response object
       def commit(action, money, options)
@@ -112,8 +181,8 @@ module ActiveMerchant #:nodoc:
         Response.new(success, message, response,
           :test => test?,
           :authorization => authorization,
-          :avs_result => { :code => response[:avsCode] },
-          :cvv_result => response[:cvCode]
+          :avs_result => { :code => avs_code(response, options) },
+          :cvv_result => response[:CVCResponseCode]
         )
       rescue ResponseError => e
         if e.response.code == "401"
@@ -148,25 +217,36 @@ module ActiveMerchant #:nodoc:
         options[:order_id] ||= generate_unique_id
 
         xml.tag! "FNC_CC_#{options[:action].to_s.upcase}" do
-          xml.tag! 'FunctionID', options[:description].to_s.slice(0,32)
+          xml.tag! 'FunctionID', clean_description(options[:description])
           xml.tag! 'CC_TRANSACTION' do
             xml.tag! 'TransactionID', options[:order_id]
+            xml.tag! 'CommerceType', options[:commerce_type] if options[:commerce_type]
             case options[:action]
-            when :preauthorization, :purchase
+            when :preauthorization, :purchase, :authorization_check
+              setup_recurring_flag(options)
               add_invoice(xml, money, options)
-              add_creditcard(xml, options[:credit_card])
+
+              if options[:credit_card]
+                add_creditcard(xml, options[:credit_card])
+              else
+                xml.tag! 'GuWID', options[:preauthorization]
+              end
+
               add_address(xml, options[:billing_address])
-            when :capture
+            when :capture, :bookback
+              xml.tag! 'GuWID', options[:preauthorization]
+              add_amount(xml, money, options)
+            when :reversal
               xml.tag! 'GuWID', options[:preauthorization]
-              add_amount(xml, money)
             end
+            add_customer_data(xml, options)
           end
         end
       end
 
       # Includes the payment (amount, currency, country) to the transaction-xml
       def add_invoice(xml, money, options)
-        add_amount(xml, money)
+        add_amount(xml, money, options)
         xml.tag! 'Currency', options[:currency] || currency(money)
         xml.tag! 'CountryCode', options[:billing_address][:country]
         xml.tag! 'RECURRING_TRANSACTION' do
@@ -175,8 +255,8 @@ module ActiveMerchant #:nodoc:
       end
 
       # Include the amount in the transaction-xml
-      def add_amount(xml, money)
-        xml.tag! 'Amount', amount(money)
+      def add_amount(xml, money, options)
+        xml.tag! 'Amount', localized_amount(money, options[:currency] || currency(money))
       end
 
       # Includes the credit-card data to the transaction-xml
@@ -230,7 +310,7 @@ module ActiveMerchant #:nodoc:
         if root = REXML::XPath.first(xml, "#{basepath}/W_JOB")
           parse_response(response, root)
         elsif root = REXML::XPath.first(xml, "//ERROR")
-          parse_error(response, root)
+          parse_error_only_response(response, root)
         else
           response[:Message] = "No valid XML response message received. \
                                 Propably wrong credentials supplied with HTTP header."
@@ -239,25 +319,43 @@ module ActiveMerchant #:nodoc:
         response
       end
 
-      # Parse the <ProcessingStatus> Element which containts all important information
+      def parse_error_only_response(response, root)
+        error_code = REXML::XPath.first(root, "Number")
+        response[:ErrorCode] = error_code.text if error_code
+        response[:Message] = parse_error(root)
+      end
+
+      # Parse the <ProcessingStatus> Element which contains all important information
       def parse_response(response, root)
         status = nil
-        # get the root element for this Transaction
+
         root.elements.to_a.each do |node|
           if node.name =~ /FNC_CC_/
             status = REXML::XPath.first(node, "CC_TRANSACTION/PROCESSING_STATUS")
           end
         end
+
         message = ""
         if status
           if info = status.elements['Info']
             message << info.text
           end
-          # Get basic response information
+
           status.elements.to_a.each do |node|
-            response[node.name.to_sym] = (node.text || '').strip
+            if (node.elements.size == 0)
+              response[node.name.to_sym] = (node.text || '').strip
+            else
+              node.elements.each do |childnode|
+                name = "#{node.name}_#{childnode.name}"
+                response[name.to_sym] = (childnode.text || '').strip
+              end
+            end
           end
+
+          error_code = REXML::XPath.first(status, "ERROR/Number")
+          response['ErrorCode'] = error_code.text if error_code
         end
+
         parse_error(root, message)
         response[:Message] = message
       end
@@ -290,7 +388,7 @@ module ActiveMerchant #:nodoc:
         # Convert all messages to a single string
         string = ''
         errors.each do |error|
-          string << error[:Message]
+          string << error[:Message] if error[:Message]
           error[:Advice].each_with_index do |advice, index|
             string << ' (' if index == 0
             string << "#{index+1}. #{advice}"
@@ -301,6 +399,27 @@ module ActiveMerchant #:nodoc:
         string
       end
 
+      # Amex have different AVS response codes
+      AMEX_TRANSLATED_AVS_CODES = {
+        "A" => "B", # CSC and Address Matched
+        "F" => "D", # All Data Matched
+        "N" => "I", # CSC Match
+        "U" => "U", # Data Not Checked
+        "Y" => "D", # All Data Matched
+        "Z" => "P", # CSC and Postcode Matched
+      }
+
+      # Amex have different AVS response codes to visa etc
+      def avs_code(response, options)
+        if response.has_key?(:AVS_ProviderResultCode)
+          if options[:credit_card].present? && ActiveMerchant::Billing::CreditCard.brand?(options[:credit_card].number) == "american_express"
+            AMEX_TRANSLATED_AVS_CODES[response[:AVS_ProviderResultCode]]
+          else
+            response[:AVS_ProviderResultCode]
+          end
+        end
+      end
+
       # Encode login and password in Base64 to supply as HTTP header
       # (for http basic authentication)
       def encoded_credentials
@@ -310,4 +429,3 @@ module ActiveMerchant #:nodoc:
     end
   end
 end
-

data/lib/active_merchant/billing/gateways/world_net.rb

@@ -0,0 +1,344 @@
+require 'nokogiri'
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    # See https://helpdesk.worldnettps.com/support/solutions/articles/1000167298-integrator-guide
+    class WorldNetGateway < Gateway
+      self.test_url = 'https://testpayments.worldnettps.com/merchant/xmlpayment'
+      self.live_url = 'https://payments.worldnettps.com/merchant/xmlpayment'
+
+      self.homepage_url = 'http://worldnettps.com/'
+      self.display_name = 'WorldNet'
+
+      self.supported_countries = %w(IE GB US)
+      self.default_currency = 'EUR'
+
+      CARD_TYPES = {
+        visa:             'VISA',
+        master:           'MASTERCARD',
+        discover:         'DISCOVER',
+        american_express: 'AMEX',
+        maestro:          'MAESTRO',
+        diners_club:      'DINERS',
+        jcb:              'JCB',
+        secure_card:      'SECURECARD'
+      }.freeze
+      self.supported_cardtypes = CARD_TYPES.keys
+
+      def initialize(options = {})
+        requires!(options, :terminal_id, :secret)
+        options[:terminal_type] ||= 2 # eCommerce
+        super
+      end
+
+      def purchase(money, payment, options = {})
+        requires!(options, :order_id)
+
+        post = {}
+        add_invoice(post, money, options)
+        add_payment(post, payment)
+        add_address(post, payment, options)
+        add_customer_data(post, options)
+
+        commit('PAYMENT', post)
+      end
+
+      def authorize(money, payment, options = {})
+        requires!(options, :order_id)
+
+        post = {}
+        add_invoice(post, money, options)
+        add_payment(post, payment)
+        add_address(post, payment, options)
+        add_customer_data(post, options)
+
+        commit('PREAUTH', post)
+      end
+
+      def capture(money, authorization, options = {})
+        post = {}
+        add_invoice(post, money, options)
+        post[:uniqueref] = authorization
+
+        commit('PREAUTHCOMPLETION', post)
+      end
+
+      def refund(money, authorization, options = {})
+        requires!(options, :operator, :reason)
+
+        post = {}
+        post[:uniqueref] = authorization
+        add_invoice(post, money, options)
+        post[:operator] = options[:operator]
+        post[:reason] = options[:reason]
+
+        commit('REFUND', post)
+      end
+
+      def void(authorization, _options = {})
+        post = {}
+        post[:uniqueref] = authorization
+        commit('VOID', post)
+      end
+
+      def verify(credit_card, options = {})
+        MultiResponse.run(:use_first_response) do |r|
+          r.process { authorize(100, credit_card, options) }
+          r.process(:ignore_result) { void(r.authorization, options) }
+        end
+      end
+
+      def store(payment, options = {})
+        requires!(options, :order_id)
+
+        post = {}
+        post[:merchantref] = options[:order_id]
+        add_payment(post, payment)
+
+        commit('SECURECARDREGISTRATION', post)
+      end
+
+      def unstore(payment, options = {})
+        requires!(options, :order_id)
+
+        post = {}
+        post[:merchantref] = options[:order_id]
+        add_card_reference(post, payment)
+
+        commit('SECURECARDREMOVAL', post)
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript
+          .gsub(%r{(<CARDNUMBER>\d{6})\d+(\d{4}</CARDNUMBER>)}, '\1...\2')
+          .gsub(%r{(<CVV>)\d+(</CVV)}, '\1...\2')
+      end
+
+      private
+
+      def add_customer_data(post, options)
+        post[:email] = options[:email]
+        post[:ipaddress] = options[:ip]
+      end
+
+      def add_address(post, _creditcard, options)
+        address = options[:billing_address] || options[:address]
+        return unless address
+        post[:address1] = address[:address1]
+        post[:address2] = address[:address2]
+        post[:city]     = address[:city]
+        post[:country]  = address[:country] # ISO 3166-1-alpha-2 code.
+        post[:postcode] = address[:zip]
+      end
+
+      def add_invoice(post, money, options)
+        post[:orderid] = options[:order_id]
+        post[:amount] = amount(money)
+        post[:currency] = (options[:currency] || currency(money))
+        post[:description] = options[:description]
+      end
+
+      def add_payment(post, payment)
+        # a payment triggered with a secure_card (tokenised card) will not
+        # respond to `:number`
+        if payment.respond_to?(:number)
+          post[:cardholdername] = cardholdername(payment)
+          post[:cardtype]       = CARD_TYPES[payment.brand.to_sym]
+          post[:cardnumber]     = payment.number
+          post[:cvv]            = payment.verification_value if payment.verification_value
+          post[:cardexpiry]     = expdate(payment)
+        else
+          post[:cardtype]       = CARD_TYPES[:secure_card]
+          post[:cardnumber]     = payment
+        end
+      end
+
+      def add_card_reference(post, payment)
+        post[:cardreference] = payment
+      end
+
+      def cardholdername(payment)
+        [payment.first_name, payment.last_name].join(' ').slice(0, 60)
+      end
+
+      def parse(action, body)
+        results = {}
+        xml = Nokogiri::XML(body)
+        resp = xml.xpath("//#{action}RESPONSE | //ERROR")
+        resp.children.each do |element|
+          results[element.name.downcase.to_sym] = element.text
+        end
+        results
+      end
+
+      def commit(action, parameters)
+        url = (test? ? test_url : live_url)
+        response = parse(action, ssl_post(url, post_data(action, parameters)))
+
+        Response.new(
+          success_from(action, response),
+          message_from(response),
+          response,
+          authorization: authorization_from(action, response),
+          avs_result: AVSResult.new(code: response[:avs_response]),
+          cvv_result: CVVResult.new(response[:cvv_response]),
+          test: test?,
+          error_code: success_from(action, response) ? nil : message_to_standard_error_code_from(response)
+        )
+      end
+
+      def success_from(action, response)
+        case action
+        when 'SECURECARDREGISTRATION'
+          response[:cardreference].present?
+        when 'SECURECARDREMOVAL'
+          response[:datetime].present? && response[:hash].present?
+        else
+          response[:responsecode] == 'A'
+        end
+      end
+
+      def message_to_standard_error_code_from(response)
+        case message_from(response)
+        when /DECLINED/
+          STANDARD_ERROR_CODE[:card_declined]
+        when /CVV FAILURE/
+          STANDARD_ERROR_CODE[:incorrect_cvc]
+        when /Invalid CARDEXPIRY field/
+          STANDARD_ERROR_CODE[:invalid_expiry_date]
+        else
+          STANDARD_ERROR_CODE[:processing_error]
+        end
+      end
+
+      def message_from(response)
+        response[:responsetext] || response[:errorstring]
+      end
+
+      def authorization_from(action, response)
+        case action
+        when 'SECURECARDREGISTRATION'
+          response[:cardreference]
+        else
+          response[:uniqueref]
+        end
+      end
+
+      def post_data(action, parameters = {})
+        parameters[:terminalid]       = @options[:terminal_id]
+        parameters[:terminaltype]     = @options[:terminal_type]
+        parameters[:transactiontype]  = 7 # eCommerce
+        parameters[:datetime]         = create_time_stamp
+        parameters[:hash]             = case action
+                                        when 'SECURECARDREGISTRATION'
+                                          build_store_signature(parameters)
+                                        when 'SECURECARDREMOVAL'
+                                          build_unstore_signature(parameters)
+                                        else
+                                          build_signature(parameters)
+                                        end
+        build_xml_request(action, fields(action), parameters)
+      end
+
+      def create_time_stamp
+        Time.now.gmtime.strftime('%d-%m-%Y:%H:%M:%S:%L')
+      end
+
+      def build_signature(parameters)
+        str = parameters[:terminalid]
+        str += (parameters[:uniqueref] || parameters[:orderid])
+        str += (parameters[:amount].to_s + parameters[:datetime])
+        Digest::MD5.hexdigest(str + @options[:secret])
+      end
+
+      def build_store_signature(parameters)
+        str = parameters[:terminalid]
+        str += parameters[:merchantref]
+        str += parameters[:datetime]
+        str += parameters[:cardnumber]
+        str += parameters[:cardexpiry]
+        str += parameters[:cardtype]
+        str += parameters[:cardholdername]
+        Digest::MD5.hexdigest(str + @options[:secret])
+      end
+
+      def build_unstore_signature(parameters)
+        str = parameters[:terminalid]
+        str += parameters[:merchantref]
+        str += parameters[:datetime]
+        str += parameters[:cardreference]
+        Digest::MD5.hexdigest(str + @options[:secret])
+      end
+
+      def fields(action)
+        # Gateway expects fields in fixed order below.
+        case action
+        when 'PAYMENT', 'PREAUTH'
+          [
+            :orderid,
+            :terminalid,
+            :amount,
+            :datetime,
+            :cardnumber, :cardtype, :cardexpiry, :cardholdername,
+            :hash,
+            :currency,
+            :terminaltype,
+            :transactiontype,
+            :email,
+            :cvv,
+            :address1, :address2,
+            :postcode,
+            :description,
+            :city, :country,
+            :ipaddress
+          ]
+        when 'PREAUTHCOMPLETION'
+          [:uniqueref, :terminalid, :amount, :datetime, :hash]
+        when 'REFUND'
+          [:uniqueref, :terminalid, :amount, :datetime, :hash,
+           :operator, :reason]
+        when 'VOID'
+          [:uniqueref]
+        when 'SECURECARDREGISTRATION'
+          [
+            :merchantref,
+            :terminalid,
+            :datetime,
+            :cardnumber, :cardexpiry, :cardtype, :cardholdername,
+            :hash,
+            :dontchecksecurity,
+            :cvv,
+            :issueno
+          ]
+        when 'SECURECARDREMOVAL'
+          [
+            :merchantref,
+            :cardreference,
+            :terminalid,
+            :datetime,
+            :hash
+          ]
+        end
+      end
+
+      def build_xml_request(action, fields, data)
+        xml = Builder::XmlMarkup.new indent: 2
+        xml.instruct!(:xml, version: '1.0', encoding: 'utf-8')
+        xml.tag!(action) do
+          fields.each do |field|
+            xml.tag!(field.to_s.upcase, data[field]) if data[field]
+          end
+        end
+        xml.target!
+      end
+
+      def expdate(credit_card)
+        sprintf('%02d%02d', credit_card.month, credit_card.year % 100)
+      end
+    end
+  end
+end