activemerchant 1.44.1 → 1.45.0

data/lib/active_merchant/billing/gateways/openpay.rb

@@ -91,6 +91,7 @@ module ActiveMerchant #:nodoc:
         post[:method] = 'card'
         post[:description] = options[:description]
         post[:order_id] = options[:order_id]
+        post[:device_session_id] = options[:device_session_id]
         add_creditcard(post, creditcard, options)
         post
       end

data/lib/active_merchant/billing/gateways/optimal_payment.rb

@@ -96,7 +96,7 @@ module ActiveMerchant #:nodoc:
         else
           raise 'Unknown Action'
         end
-        txnRequest = URI.encode(xml)
+        txnRequest = escape_uri(xml)
         response = parse(ssl_post(test? ? self.test_url : self.live_url, "txnMode=#{action}&txnRequest=#{txnRequest}"))
 
         Response.new(successful?(response), message_from(response), hash_from_xml(response),
@@ -107,6 +107,11 @@ module ActiveMerchant #:nodoc:
         )
       end
 
+      # The upstream is picky and so we can't use CGI.escape like we want to
+      def escape_uri(uri)
+        URI::DEFAULT_PARSER.escape(uri)
+      end
+
       def successful?(response)
         REXML::XPath.first(response, '//decision').text == 'ACCEPTED' rescue false
       end

data/lib/active_merchant/billing/gateways/orbital.rb

@@ -189,7 +189,7 @@ module ActiveMerchant #:nodoc:
           add_creditcard(xml, creditcard, options[:currency])
           add_address(xml, creditcard, options)
           if @options[:customer_profiles]
-            add_customer_data(xml, options)
+            add_customer_data(xml, creditcard, options)
             add_managed_billing(xml, options)
           end
         end
@@ -202,7 +202,7 @@ module ActiveMerchant #:nodoc:
           add_creditcard(xml, creditcard, options[:currency])
           add_address(xml, creditcard, options)
           if @options[:customer_profiles]
-            add_customer_data(xml, options)
+            add_customer_data(xml, creditcard, options)
             add_managed_billing(xml, options)
           end
         end
@@ -294,12 +294,14 @@ module ActiveMerchant #:nodoc:
         authorization.split(';')
       end
 
-      def add_customer_data(xml, options)
+      def add_customer_data(xml, creditcard, options)
         if options[:profile_txn]
           xml.tag! :CustomerRefNum, options[:customer_ref_num]
         else
           if options[:customer_ref_num]
-            xml.tag! :CustomerProfileFromOrderInd, USE_CUSTOMER_REF_NUM
+            if creditcard
+              xml.tag! :CustomerProfileFromOrderInd, USE_CUSTOMER_REF_NUM
+            end
             xml.tag! :CustomerRefNum, options[:customer_ref_num]
           else
             xml.tag! :CustomerProfileFromOrderInd, AUTO_GENERATE

data/lib/active_merchant/billing/gateways/pay_junction.rb

@@ -297,11 +297,15 @@ module ActiveMerchant #:nodoc:
 
       # add fields for credit card
       def add_creditcard(params, creditcard)
-        params[:name]                 = creditcard.name
-        params[:number]               = creditcard.number
-        params[:expiration_month]     = creditcard.month
-        params[:expiration_year]      = creditcard.year
-        params[:verification_number]  = creditcard.verification_value if creditcard.verification_value?
+        if creditcard.respond_to?(:track_data) && creditcard.track_data.present?
+          params[:track] = creditcard.track_data
+        else
+          params[:name]                 = creditcard.name
+          params[:number]               = creditcard.number
+          params[:expiration_month]     = creditcard.month
+          params[:expiration_year]      = creditcard.year
+          params[:verification_number]  = creditcard.verification_value if creditcard.verification_value?
+        end
       end
 
       # add field for "instant" transaction, using previous transaction id

data/lib/active_merchant/billing/gateways/payex.rb

@@ -1,9 +1,15 @@
 require "nokogiri"
+
 module ActiveMerchant #:nodoc:
   module Billing #:nodoc:
     class PayexGateway < Gateway
-      self.live_url = 'https://external.payex.com/'
-      self.test_url = 'https://test-external.payex.com/'
+      class_attribute :live_external_url, :test_external_url, :live_confined_url, :test_confined_url
+
+      self.live_external_url = 'https://external.payex.com/'
+      self.test_external_url = 'https://test-external.payex.com/'
+
+      self.live_confined_url = 'https://confined.payex.com/'
+      self.test_confined_url = 'https://test-confined.payex.com/'
 
       self.money_format = :cents
       self.supported_countries = ['DK', 'FI', 'NO', 'SE']
@@ -12,9 +18,6 @@ module ActiveMerchant #:nodoc:
       self.display_name = 'Payex'
       self.default_currency = "EUR"
 
-      # NOTE: the PurchaseCC uses a different url for test transactions
-      TEST_CONFINED_URL = 'https://test-confined.payex.com/'
-
       TRANSACTION_STATUS = {
         sale:       '0',
         initialize: '1',
@@ -206,8 +209,8 @@ module ActiveMerchant #:nodoc:
           orderRef: order_ref,
           transactionType: 1, # online payment
           cardNumber: payment_method.number,
-          cardNumberExpireMonth: "%02d" % payment_method.month,
-          cardNumberExpireYear: "%02d" % payment_method.year,
+          cardNumberExpireMonth: format(payment_method.month, :two_digits),
+          cardNumberExpireYear: format(payment_method.year, :two_digits),
           cardHolderName: payment_method.name,
           cardNumberCVC: payment_method.verification_value
         }
@@ -319,8 +322,15 @@ module ActiveMerchant #:nodoc:
       end
 
       def url_for(soap_action)
-        base_url = test? ? (soap_action[:confined] ? TEST_CONFINED_URL : test_url) : live_url
-        File.join(base_url, soap_action[:url])
+        File.join(base_url(soap_action), soap_action[:url])
+      end
+
+      def base_url(soap_action)
+        if soap_action[:confined]
+          test? ? test_confined_url : live_confined_url
+        else
+          test? ? test_external_url : live_external_url
+        end
       end
 
       # this will add a hash to the passed in properties as required by Payex requests

data/lib/active_merchant/billing/gateways/paypal/paypal_common_api.rb

@@ -7,7 +7,7 @@ module ActiveMerchant #:nodoc:
       URLS = {
         :test => { :certificate => 'https://api.sandbox.paypal.com/2.0/',
                    :signature   => 'https://api-3t.sandbox.paypal.com/2.0/' },
-        :live => { :certificate => 'https://api-aa.paypal.com/2.0/',
+        :live => { :certificate => 'https://api.paypal.com/2.0/',
                    :signature   => 'https://api-3t.paypal.com/2.0/' }
       }
 
@@ -659,7 +659,7 @@ module ActiveMerchant #:nodoc:
       end
 
       def item_amount(amount, currency_code)
-        if amount.to_i < 0 && non_fractional_currency?(currency_code)
+        if amount.to_i < 0 && Gateway.non_fractional_currency?(currency_code)
           amount(amount).to_f.floor
         else
           localized_amount(amount, currency_code)

data/lib/active_merchant/billing/gateways/paypal/paypal_express_response.rb

@@ -56,6 +56,10 @@ module ActiveMerchant #:nodoc:
            'name'     => shipping['ShippingOptionName']
         }
       end
+
+      def note
+        @params['note_text']
+      end
     end
   end
 end

data/lib/active_merchant/billing/gateways/payscout.rb

@@ -9,8 +9,6 @@ module ActiveMerchant #:nodoc:
       self.homepage_url = 'http://www.payscout.com/'
       self.display_name = 'Payscout'
 
-      self.ssl_version = 'SSLv3'
-
       def initialize(options = {})
         requires!(options, :username, :password)
         super

data/lib/active_merchant/billing/gateways/pin.rb

@@ -9,7 +9,7 @@ module ActiveMerchant #:nodoc:
       self.supported_countries = ['AU']
       self.supported_cardtypes = [:visa, :master, :american_express]
       self.homepage_url = 'http://www.pin.net.au/'
-      self.display_name = 'Pin'
+      self.display_name = 'Pin Payments'
 
       def initialize(options = {})
         requires!(options, :api_key)

data/lib/active_merchant/billing/gateways/psigate.rb

@@ -36,13 +36,12 @@ module ActiveMerchant #:nodoc:
     # )
     class PsigateGateway < Gateway
       self.test_url  = 'https://dev.psigate.com:7989/Messenger/XMLMessenger'
-      self.live_url  = 'https://secure.psigate.com:7934/Messenger/XMLMessenger'
+      self.live_url  = 'https://secure.psigate.com:17934/Messenger/XMLMessenger'
 
       self.supported_cardtypes = [:visa, :master, :american_express]
       self.supported_countries = ['CA']
       self.homepage_url = 'http://www.psigate.com/'
       self.display_name = 'Psigate'
-      self.ssl_version = :SSLv3
 
       SUCCESS_MESSAGE = 'Success'
       FAILURE_MESSAGE = 'The transaction was declined'

data/lib/active_merchant/billing/gateways/redsys.rb

@@ -9,30 +9,14 @@ module ActiveMerchant #:nodoc:
     # used by many banks in Spain and is particularly well supported by
     # Catalunya Caixa's ecommerce department.
     #
-    # Standard ActiveMerchant methods are supported, with one notable exception:
-    # :order_id must be provided and must conform to a very specific format.
+    # Redsys requires an order_id be provided with each transaction and it must
+    # follow a specific format. The rules are as follows:
     #
-    # == Example use:
-    #
-    #   gateway = ActiveMerchant::Billing::RedsysGateway.new(
-    #               :login      => "091358382",
-    #               :secret_key => "qwertyasdf0123456789"
-    #            )
-    #
-    #   # Run a purchase for 10 euros
-    #   response = gateway.purchase(1000, creditcard, :order_id => "123456")
-    #   puts reponse.success?       # => true
-    #
-    #   # Partially refund the purchase
-    #   response = gateway.refund(500, response.authorization)
-    #
-    # Redsys requires an order_id be provided with each transaction of a
-    # specific format. The rules are as follows:
-    #
-    #  * Minimum length: 4
-    #  * Maximum length: 12
     #  * First 4 digits must be numerical
     #  * Remaining 8 digits may be alphanumeric
+    #  * Max length: 12
+    #
+    #  If an invalid order_id is provided, we do our best to clean it up.
     #
     # Much of the code for this library is based on the active_merchant_sermepa
     # integration gateway which uses essentially the same API but with the
@@ -44,18 +28,13 @@ module ActiveMerchant #:nodoc:
       self.live_url = "https://sis.sermepa.es/sis/operaciones"
       self.test_url = "https://sis-t.sermepa.es:25443/sis/operaciones"
 
-      # Sensible region specific defaults.
       self.supported_countries = ['ES']
       self.default_currency    = 'EUR'
       self.money_format        = :cents
 
       # Not all card types may be activated by the bank!
       self.supported_cardtypes = [:visa, :master, :american_express, :jcb, :diners_club]
-
-      # Homepage URL of the gateway for reference
       self.homepage_url        = "http://www.redsys.es/"
-
-      # What to call this gateway
       self.display_name        = "Redsys"
 
       CURRENCY_CODES = {
@@ -75,6 +54,7 @@ module ActiveMerchant #:nodoc:
         "NZD" => '554',
         "PEN" => '604',
         "RUB" => '643',
+        "SGD" => '702',
         "USD" => '840',
         "UYU" => '858'
       }
@@ -94,14 +74,12 @@ module ActiveMerchant #:nodoc:
       # a card has been rejected. Syntax or general request errors
       # are not covered here.
       RESPONSE_TEXTS = {
-        # Accepted Codes
         0 => "Transaction Approved",
         400 => "Cancellation Accepted",
         481 => "Cancellation Accepted",
         500 => "Reconciliation Accepted",
         900 => "Refund / Confirmation approved",
 
-        # Declined error codes
         101 => "Card expired",
         102 => "Card blocked temporarily or under susciption of fraud",
         104 => "Transaction not permitted",
@@ -121,7 +99,6 @@ module ActiveMerchant #:nodoc:
         190 => "Refusal with no specific reason",
         191 => "Expiry date incorrect",
 
-        # Declined, and suspected of fraud
         201 => "Card expired",
         202 => "Card blocked temporarily or under suscipition of fraud",
         204 => "Transaction not permitted",
@@ -131,13 +108,11 @@ module ActiveMerchant #:nodoc:
         280 => "CVV2/CVC2 Error",
         290 => "Declined with no specific reason",
 
-        # More general codes for specific types of transaction
         480 => "Original transaction not located, or time-out exceeded",
         501 => "Original transaction not located, or time-out exceeded",
         502 => "Original transaction not located, or time-out exceeded",
         503 => "Original transaction not located, or time-out exceeded",
 
-        # Declined transactions by the bank
         904 => "Merchant not registered at FUC",
         909 => "System error",
         912 => "Issuer not available",
@@ -192,6 +167,7 @@ module ActiveMerchant #:nodoc:
         add_amount(data, money, options)
         add_order(data, options[:order_id])
         add_creditcard(data, creditcard)
+        data[:description] = options[:description]
 
         commit data
       end
@@ -204,6 +180,7 @@ module ActiveMerchant #:nodoc:
         add_amount(data, money, options)
         add_order(data, options[:order_id])
         add_creditcard(data, creditcard)
+        data[:description] = options[:description]
 
         commit data
       end
@@ -214,6 +191,7 @@ module ActiveMerchant #:nodoc:
         add_amount(data, money, options)
         order_id, _, _ = split_authorization(authorization)
         add_order(data, order_id)
+        data[:description] = options[:description]
 
         commit data
       end
@@ -224,6 +202,7 @@ module ActiveMerchant #:nodoc:
         order_id, amount, currency = split_authorization(authorization)
         add_amount(data, amount, :currency => currency)
         add_order(data, order_id)
+        data[:description] = options[:description]
 
         commit data
       end
@@ -234,10 +213,18 @@ module ActiveMerchant #:nodoc:
         add_amount(data, money, options)
         order_id, _, _ = split_authorization(authorization)
         add_order(data, order_id)
+        data[:description] = options[:description]
 
         commit data
       end
 
+      def verify(creditcard, options = {})
+        MultiResponse.run(:use_first_response) do |r|
+          r.process { authorize(100, creditcard, options) }
+          r.process(:ignore_result) { void(r.authorization, options) }
+        end
+      end
+
       private
 
       def add_action(data, action)
@@ -250,8 +237,7 @@ module ActiveMerchant #:nodoc:
       end
 
       def add_order(data, order_id)
-        raise ArgumentError.new("Invalid order_id format") unless(/^\d{4}[\da-zA-Z]{0,8}$/ =~ order_id)
-        data[:order_id] = order_id
+        data[:order_id] = clean_order_id(order_id)
       end
 
       def url
@@ -300,13 +286,14 @@ module ActiveMerchant #:nodoc:
         xml.DATOSENTRADA do
           # Basic elements
           xml.DS_Version 0.1
-          xml.DS_MERCHANT_CURRENCY          data[:currency]
-          xml.DS_MERCHANT_AMOUNT            data[:amount]
-          xml.DS_MERCHANT_ORDER             data[:order_id]
-          xml.DS_MERCHANT_TRANSACTIONTYPE   data[:action]
-          xml.DS_MERCHANT_TERMINAL          @options[:terminal]
-          xml.DS_MERCHANT_MERCHANTCODE      @options[:login]
-          xml.DS_MERCHANT_MERCHANTSIGNATURE build_signature(data)
+          xml.DS_MERCHANT_CURRENCY           data[:currency]
+          xml.DS_MERCHANT_AMOUNT             data[:amount]
+          xml.DS_MERCHANT_ORDER              data[:order_id]
+          xml.DS_MERCHANT_TRANSACTIONTYPE    data[:action]
+          xml.DS_MERCHANT_PRODUCTDESCRIPTION data[:description]
+          xml.DS_MERCHANT_TERMINAL           @options[:terminal]
+          xml.DS_MERCHANT_MERCHANTCODE       @options[:login]
+          xml.DS_MERCHANT_MERCHANTSIGNATURE  build_signature(data)
 
           # Only when card is present
           if data[:card]
@@ -373,6 +360,7 @@ module ActiveMerchant #:nodoc:
 
       def currency_code(currency)
         return currency if currency =~ /^\d+$/
+        raise ArgumentError, "Unknown currency #{currency}" unless CURRENCY_CODES[currency]
         CURRENCY_CODES[currency]
       end
 
@@ -389,6 +377,15 @@ module ActiveMerchant #:nodoc:
       def is_success_response?(code)
         (code.to_i < 100) || [400, 481, 500, 900].include?(code.to_i)
       end
+
+      def clean_order_id(order_id)
+        cleansed = order_id.gsub(/[^\da-zA-Z]/, '')
+        if cleansed =~ /^\d{4}/
+          cleansed[0..12]
+        else
+          "%04d%s" % [rand(0..9999), cleansed[0...8]]
+        end
+      end
     end
   end
 end

data/lib/active_merchant/billing/gateways/secure_pay.rb

@@ -2,24 +2,196 @@ require File.dirname(__FILE__) + '/authorize_net'
 
 module ActiveMerchant #:nodoc:
   module Billing #:nodoc:
-    class SecurePayGateway < AuthorizeNetGateway
+    class SecurePayGateway < Gateway
+      API_VERSION = '3.1'
+
       self.live_url = self.test_url = 'https://www.securepay.com/AuthSpayAdapter/process.aspx'
 
+      class_attribute :duplicate_window
+
+      APPROVED, DECLINED, ERROR, FRAUD_REVIEW = 1, 2, 3, 4
+
+      RESPONSE_CODE, RESPONSE_REASON_CODE, RESPONSE_REASON_TEXT, AUTHORIZATION_CODE = 0, 2, 3, 4
+      AVS_RESULT_CODE, TRANSACTION_ID, CARD_CODE_RESPONSE_CODE, CARDHOLDER_AUTH_CODE = 5, 6, 38, 39
+
+      self.default_currency = 'USD'
+
+      self.supported_countries = %w(US CA GB AU)
+      self.supported_cardtypes = [:visa, :master, :american_express, :discover, :diners_club, :jcb]
       self.homepage_url = 'http://www.securepay.com/'
       self.display_name = 'SecurePay'
-      self.supported_countries = %w(US CA GB AU)
 
-      # Limit support to purchase() for the time being
-      # JRuby chokes here
-      # undef_method :authorize, :capture, :void, :credit
+      CARD_CODE_ERRORS = %w( N S )
+      AVS_ERRORS = %w( A E N R W Z )
+      AVS_REASON_CODES = %w(27 45)
+      TRANSACTION_ALREADY_ACTIONED = %w(310 311)
 
-      undef_method :authorize
-      undef_method :capture
-      undef_method :void
-      undef_method :credit
+      def initialize(options = {})
+        requires!(options, :login, :password)
+        super
+      end
+
+      def purchase(money, paysource, options = {})
+        post = {}
+        add_currency_code(post, money, options)
+        add_invoice(post, options)
+        add_payment_source(post, paysource, options)
+        add_address(post, options)
+        add_customer_data(post, options)
+        add_duplicate_window(post)
+
+        commit('AUTH_CAPTURE', money, post)
+      end
 
       private
 
+      def commit(action, money, parameters)
+        parameters[:amount] = amount(money) unless action == 'VOID'
+
+        url = (test? ? self.test_url : self.live_url)
+        data = ssl_post(url, post_data(action, parameters))
+
+        response          = parse(data)
+        response[:action] = action
+
+        message = message_from(response)
+
+        Response.new(success?(response), message, response,
+          :test => test?,
+          :authorization => response[:transaction_id],
+          :fraud_review => fraud_review?(response),
+          :avs_result => { :code => response[:avs_result_code] },
+          :cvv_result => response[:card_code]
+        )
+      end
+
+      def success?(response)
+        response[:response_code] == APPROVED && TRANSACTION_ALREADY_ACTIONED.exclude?(response[:response_reason_code])
+      end
+
+      def fraud_review?(response)
+        response[:response_code] == FRAUD_REVIEW
+      end
+
+      def parse(body)
+        fields = split(body)
+
+        results = {
+          :response_code => fields[RESPONSE_CODE].to_i,
+          :response_reason_code => fields[RESPONSE_REASON_CODE],
+          :response_reason_text => fields[RESPONSE_REASON_TEXT],
+          :avs_result_code => fields[AVS_RESULT_CODE],
+          :transaction_id => fields[TRANSACTION_ID],
+          :card_code => fields[CARD_CODE_RESPONSE_CODE],
+          :authorization_code => fields[AUTHORIZATION_CODE],
+          :cardholder_authentication_code => fields[CARDHOLDER_AUTH_CODE]
+        }
+        results
+      end
+
+      def post_data(action, parameters = {})
+        post = {}
+
+        post[:version]        = API_VERSION
+        post[:login]          = @options[:login]
+        post[:tran_key]       = @options[:password]
+        post[:relay_response] = "FALSE"
+        post[:type]           = action
+        post[:delim_data]     = "TRUE"
+        post[:delim_char]     = ","
+        post[:encap_char]     = "$"
+        post[:solution_ID]    = application_id if application_id.present? && application_id != "ActiveMerchant"
+
+        request = post.merge(parameters).collect { |key, value| "x_#{key}=#{CGI.escape(value.to_s)}" }.join("&")
+        request
+      end
+
+      def add_currency_code(post, money, options)
+        post[:currency_code] = options[:currency] || currency(money)
+      end
+
+      def add_invoice(post, options)
+        post[:invoice_num] = options[:order_id]
+        post[:description] = options[:description]
+      end
+
+      def add_creditcard(post, creditcard, options={})
+        post[:card_num]   = creditcard.number
+        post[:card_code]  = creditcard.verification_value if creditcard.verification_value?
+        post[:exp_date]   = expdate(creditcard)
+        post[:first_name] = creditcard.first_name
+        post[:last_name]  = creditcard.last_name
+      end
+
+      def add_payment_source(params, source, options={})
+        add_creditcard(params, source, options)
+      end
+
+      def add_customer_data(post, options)
+        if options.has_key? :email
+          post[:email] = options[:email]
+          post[:email_customer] = false
+        end
+
+        if options.has_key? :customer
+          post[:cust_id] = options[:customer] if Float(options[:customer]) rescue nil
+        end
+
+        if options.has_key? :ip
+          post[:customer_ip] = options[:ip]
+        end
+
+        if options.has_key? :cardholder_authentication_value
+          post[:cardholder_authentication_value] = options[:cardholder_authentication_value]
+        end
+
+        if options.has_key? :authentication_indicator
+          post[:authentication_indicator] = options[:authentication_indicator]
+        end
+      end
+
+      # x_duplicate_window won't be sent by default, because sending it changes the response.
+      # "If this field is present in the request with or without a value, an enhanced duplicate transaction response will be sent."
+      # (as of 2008-12-30) http://www.authorize.net/support/AIM_guide_SCC.pdf
+      def add_duplicate_window(post)
+        post[:duplicate_window] = duplicate_window if duplicate_window
+      end
+
+      def add_address(post, options)
+        if address = options[:billing_address] || options[:address]
+          post[:address] = address[:address1].to_s
+          post[:company] = address[:company].to_s
+          post[:phone]   = address[:phone].to_s
+          post[:zip]     = address[:zip].to_s
+          post[:city]    = address[:city].to_s
+          post[:country] = address[:country].to_s
+          post[:state]   = address[:state].blank?  ? 'n/a' : address[:state]
+        end
+
+        if address = options[:shipping_address]
+          post[:ship_to_first_name] = address[:first_name].to_s
+          post[:ship_to_last_name] = address[:last_name].to_s
+          post[:ship_to_address] = address[:address1].to_s
+          post[:ship_to_company] = address[:company].to_s
+          post[:ship_to_phone]   = address[:phone].to_s
+          post[:ship_to_zip]     = address[:zip].to_s
+          post[:ship_to_city]    = address[:city].to_s
+          post[:ship_to_country] = address[:country].to_s
+          post[:ship_to_state]   = address[:state].blank?  ? 'n/a' : address[:state]
+        end
+      end
+
+      def message_from(results)
+        if results[:response_code] == DECLINED
+          return CVVResult.messages[ results[:card_code] ] if CARD_CODE_ERRORS.include?(results[:card_code])
+          if AVS_REASON_CODES.include?(results[:response_reason_code]) && AVS_ERRORS.include?(results[:avs_result_code])
+            return AVSResult.messages[ results[:avs_result_code] ]
+          end
+        end
+
+        (results[:response_reason_text] ? results[:response_reason_text].chomp('.') : '')
+      end
+
       def split(response)
         response.split(',')
       end