activemerchant 1.45.0 → 1.126.0

data/lib/active_merchant/billing/gateways/usa_epay_transaction.rb

@@ -1,21 +1,23 @@
 module ActiveMerchant #:nodoc:
   module Billing #:nodoc:
-
     class UsaEpayTransactionGateway < Gateway
       self.live_url = 'https://www.usaepay.com/gate'
       self.test_url = 'https://sandbox.usaepay.com/gate'
 
-      self.supported_cardtypes  = [:visa, :master, :american_express]
+      self.supported_cardtypes  = %i[visa master american_express]
       self.supported_countries  = ['US']
       self.homepage_url         = 'http://www.usaepay.com/'
       self.display_name         = 'USA ePay'
 
       TRANSACTIONS = {
-        :authorization  => 'cc:authonly',
-        :purchase       => 'cc:sale',
-        :capture        => 'cc:capture',
-        :refund         => 'cc:refund',
-        :void           => 'cc:void'
+        authorization: 'cc:authonly',
+        purchase: 'cc:sale',
+        capture: 'cc:capture',
+        refund: 'cc:refund',
+        void: 'cc:void',
+        void_release: 'cc:void:release',
+        check_purchase: 'check:sale',
+        store: 'cc:save'
       }
 
       STANDARD_ERROR_CODE_MAPPING = {
@@ -32,9 +34,9 @@ module ActiveMerchant #:nodoc:
         '10110' => STANDARD_ERROR_CODE[:incorrect_address],
         '10111' => STANDARD_ERROR_CODE[:incorrect_address],
         '10127' => STANDARD_ERROR_CODE[:card_declined],
-        '10128' => STANDARD_ERROR_CODE[:processing_error],
-        '10132' => STANDARD_ERROR_CODE[:processing_error],
-        '00043' => STANDARD_ERROR_CODE[:call_issuer]
+        '00043' => STANDARD_ERROR_CODE[:call_issuer],
+        '10205' => STANDARD_ERROR_CODE[:card_declined],
+        '10204' => STANDARD_ERROR_CODE[:pickup_card]
       }
 
       def initialize(options = {})
@@ -42,50 +44,66 @@ module ActiveMerchant #:nodoc:
         super
       end
 
-      def authorize(money, credit_card, options = {})
+      def authorize(money, payment, options = {})
         post = {}
 
         add_amount(post, money)
         add_invoice(post, options)
-        add_credit_card(post, credit_card)
-        unless credit_card.track_data.present?
-          add_address(post, credit_card, options)
+        add_payment(post, payment)
+        unless payment.is_a?(CreditCard) && payment.track_data.present?
+          add_address(post, payment, options)
           add_customer_data(post, options)
         end
         add_split_payments(post, options)
+        add_recurring_fields(post, options)
+        add_custom_fields(post, options)
+        add_line_items(post, options)
+        add_test_mode(post, options)
 
         commit(:authorization, post)
       end
 
-      def purchase(money, credit_card, options = {})
+      def purchase(money, payment, options = {})
         post = {}
 
         add_amount(post, money)
         add_invoice(post, options)
-        add_credit_card(post, credit_card)
-        unless credit_card.track_data.present?
-          add_address(post, credit_card, options)
+        add_payment(post, payment, options)
+        unless payment.respond_to?(:track_data) && payment.track_data.present?
+          add_address(post, payment, options)
           add_customer_data(post, options)
         end
         add_split_payments(post, options)
+        add_recurring_fields(post, options)
+        add_custom_fields(post, options)
+        add_line_items(post, options)
+        add_test_mode(post, options)
 
-        commit(:purchase, post)
+        payment.respond_to?(:routing_number) ? commit(:check_purchase, post) : commit(:purchase, post)
       end
 
       def capture(money, authorization, options = {})
-        post = { :refNum => authorization }
+        post = { refNum: authorization }
 
         add_amount(post, money)
+        add_test_mode(post, options)
         commit(:capture, post)
       end
 
       def refund(money, authorization, options = {})
-        post = { :refNum => authorization }
+        post = { refNum: authorization }
 
         add_amount(post, money)
+        add_test_mode(post, options)
         commit(:refund, post)
       end
 
+      def store(payment, options = {})
+        post = {}
+        add_payment(post, payment, options)
+        commit(:store, post)
+      end
+
       def verify(creditcard, options = {})
         MultiResponse.run(:use_first_response) do |r|
           r.process { authorize(1, creditcard, options) }
@@ -93,12 +111,28 @@ module ActiveMerchant #:nodoc:
         end
       end
 
+      # Pass `no_release: true` to keep the void from immediately settling
       def void(authorization, options = {})
-        post = { :refNum => authorization }
-        commit(:void, post)
+        command = (options[:no_release] ? :void : :void_release)
+        post = { refNum: authorization }
+        add_test_mode(post, options)
+        commit(command, post)
       end
 
-    private
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((&?UMcard=)\d*(&?))i, '\1[FILTERED]\2').
+          gsub(%r((&?UMcvv2=)\d*(&?))i, '\1[FILTERED]\2').
+          gsub(%r((&?UMmagstripe=)[^&]*)i, '\1[FILTERED]\2').
+          gsub(%r((&?UMaccount=)[^&]*)i, '\1[FILTERED]').
+          gsub(%r((&?UMkey=)[^&]*)i, '\1[FILTERED]')
+      end
+
+      private
 
       def add_amount(post, money)
         post[:amount] = amount(money)
@@ -118,30 +152,32 @@ module ActiveMerchant #:nodoc:
 
         if options.has_key? :email
           post[:custemail] = options[:email]
-          post[:custreceipt] = 'No'
+          if options[:cust_receipt]
+            post[:custreceipt] = options[:cust_receipt]
+            post[:custreceiptname] = options[:cust_receipt_name] if options[:cust_receipt_name]
+          else
+            post[:custreceipt] = 'No'
+          end
         end
 
-        if options.has_key? :customer
-          post[:custid] = options[:customer]
-        end
+        post[:custid] = options[:customer] if options.has_key? :customer
 
-        if options.has_key? :ip
-          post[:ip] = options[:ip]
-        end
+        post[:ip] = options[:ip] if options.has_key? :ip
       end
 
-      def add_address(post, credit_card, options)
+      def add_address(post, payment, options)
         billing_address = options[:billing_address] || options[:address]
 
-        add_address_for_type(:billing, post, credit_card, billing_address) if billing_address
-        add_address_for_type(:shipping, post, credit_card, options[:shipping_address]) if options[:shipping_address]
+        add_address_for_type(:billing, post, payment, billing_address) if billing_address
+        add_address_for_type(:shipping, post, payment, options[:shipping_address]) if options[:shipping_address]
       end
 
-      def add_address_for_type(type, post, credit_card, address)
+      def add_address_for_type(type, post, payment, address)
         prefix = address_key_prefix(type)
+        first_name, last_name = split_names(address[:name])
 
-        post[address_key(prefix, 'fname')]    = credit_card.first_name
-        post[address_key(prefix, 'lname')]    = credit_card.last_name
+        post[address_key(prefix, 'fname')]    = first_name.blank? && last_name.blank? ? payment.first_name : first_name
+        post[address_key(prefix, 'lname')]    = first_name.blank? && last_name.blank? ? payment.last_name : last_name
         post[address_key(prefix, 'company')]  = address[:company]   unless address[:company].blank?
         post[address_key(prefix, 'street')]   = address[:address1]  unless address[:address1].blank?
         post[address_key(prefix, 'street2')]  = address[:address2]  unless address[:address2].blank?
@@ -164,25 +200,45 @@ module ActiveMerchant #:nodoc:
       end
 
       def add_invoice(post, options)
-        post[:invoice]      = options[:order_id]
+        post[:invoice]      = options[:invoice]
+        post[:orderid]      = options[:order_id]
         post[:description]  = options[:description]
       end
 
-      def add_credit_card(post, credit_card)
-        if credit_card.track_data.present?
-          post[:magstripe] = credit_card.track_data
+      def add_payment(post, payment, options = {})
+        if payment.respond_to?(:routing_number)
+          post[:checkformat] = options[:check_format] if options[:check_format]
+          if payment.account_type
+            account_type = payment.account_type.to_s.capitalize
+            raise ArgumentError, 'account_type must be checking or savings' unless %w(Checking Savings).include?(account_type)
+
+            post[:accounttype] = account_type
+          end
+          post[:account] = payment.account_number
+          post[:routing] = payment.routing_number
+          post[:name]    = payment.name unless payment.name.blank?
+        elsif payment.respond_to?(:track_data) && payment.track_data.present?
+          post[:magstripe] = payment.track_data
           post[:cardpresent] = true
+        elsif payment.is_a?(String)
+          post[:card]   = payment
         else
-          post[:card]   = credit_card.number
-          post[:cvv2]   = credit_card.verification_value if credit_card.verification_value?
-          post[:expir]  = expdate(credit_card)
-          post[:name]   = credit_card.name
+          post[:card]   = payment.number
+          post[:cvv2]   = payment.verification_value if payment.verification_value?
+          post[:expir]  = expdate(payment)
+          post[:name]   = payment.name unless payment.name.blank?
+          post[:cardpresent] = true if payment.manual_entry
         end
       end
 
+      def add_test_mode(post, options)
+        post[:testmode] = (options[:test_mode] ? 1 : 0) if options.has_key?(:test_mode)
+      end
+
       # see: http://wiki.usaepay.com/developer/transactionapi#split_payments
       def add_split_payments(post, options)
         return unless options[:split_payments].is_a?(Array)
+
         options[:split_payments].each_with_index do |payment, index|
           prefix = '%02d' % (index + 2)
           post["#{prefix}key"]         = payment[:key]
@@ -194,61 +250,118 @@ module ActiveMerchant #:nodoc:
         post['onError'] = options[:on_error] || 'Void'
       end
 
+      def add_recurring_fields(post, options)
+        return unless options[:recurring_fields].is_a?(Hash)
+
+        options[:recurring_fields].each do |key, value|
+          if value == true
+            value = 'yes'
+          elsif value == false
+            next
+          end
+
+          value = amount(value) if key == :bill_amount
+
+          post[key.to_s.delete('_')] = value
+        end
+      end
+
+      # see: https://wiki.usaepay.com/developer/transactionapi#merchant_defined_custom_fields
+      def add_custom_fields(post, options)
+        return unless options[:custom_fields].is_a?(Hash)
+
+        options[:custom_fields].each do |index, custom|
+          raise ArgumentError.new('Cannot specify custom field with index 0') if index.to_s.to_i.zero?
+
+          post["custom#{index}"] = custom
+        end
+      end
+
+      # see: https://wiki.usaepay.com/developer/transactionapi#line_item_details
+      def add_line_items(post, options)
+        return unless options[:line_items].is_a?(Array)
+
+        options[:line_items].each_with_index do |line_item, index|
+          %w(product_ref_num sku qty name description taxable tax_rate tax_amount commodity_code discount_rate discount_amount).each do |key|
+            post["line#{index}#{key.delete('_')}"] = line_item[key.to_sym] if line_item.has_key?(key.to_sym)
+          end
+
+          {
+            quantity: 'qty',
+            unit: 'um'
+          }.each do |key, umkey|
+            post["line#{index}#{umkey}"] = line_item[key.to_sym] if line_item.has_key?(key.to_sym)
+          end
+
+          post["line#{index}cost"] = amount(line_item[:cost])
+        end
+      end
+
       def parse(body)
         fields = {}
         for line in body.split('&')
-          key, value = *line.scan( %r{^(\w+)\=(.*)$} ).flatten
+          key, value = *line.scan(%r{^(\w+)\=(.*)$}).flatten
           fields[key] = CGI.unescape(value.to_s)
         end
 
         {
-          :status           => fields['UMstatus'],
-          :auth_code        => fields['UMauthCode'],
-          :ref_num          => fields['UMrefNum'],
-          :batch            => fields['UMbatch'],
-          :avs_result       => fields['UMavsResult'],
-          :avs_result_code  => fields['UMavsResultCode'],
-          :cvv2_result      => fields['UMcvv2Result'],
-          :cvv2_result_code => fields['UMcvv2ResultCode'],
-          :vpas_result_code => fields['UMvpasResultCode'],
-          :result           => fields['UMresult'],
-          :error            => fields['UMerror'],
-          :error_code       => fields['UMerrorcode'],
-          :acs_url          => fields['UMacsurl'],
-          :payload          => fields['UMpayload']
-        }.delete_if{|k, v| v.nil?}
+          status: fields['UMstatus'],
+          auth_code: fields['UMauthCode'],
+          ref_num: fields['UMrefNum'],
+          card_ref: fields['UMcardRef'],
+          batch: fields['UMbatch'],
+          avs_result: fields['UMavsResult'],
+          avs_result_code: fields['UMavsResultCode'],
+          cvv2_result: fields['UMcvv2Result'],
+          cvv2_result_code: fields['UMcvv2ResultCode'],
+          vpas_result_code: fields['UMvpasResultCode'],
+          result: fields['UMresult'],
+          error: fields['UMerror'],
+          error_code: fields['UMerrorcode'],
+          acs_url: fields['UMacsurl'],
+          payload: fields['UMpayload']
+        }.delete_if { |_k, v| v.nil? }
       end
 
       def commit(action, parameters)
         url = (test? ? self.test_url : self.live_url)
         response = parse(ssl_post(url, post_data(action, parameters)))
-        Response.new(response[:status] == 'Approved', message_from(response), response,
-          :test           => test?,
-          :authorization  => response[:ref_num],
-          :cvv_result     => response[:cvv2_result_code],
-          :avs_result     => { :code => response[:avs_result_code] },
-          :error_code     => STANDARD_ERROR_CODE_MAPPING[response[:error_code]]
-        )
+        approved = response[:status] == 'Approved'
+        error_code = nil
+        error_code = (STANDARD_ERROR_CODE_MAPPING[response[:error_code]] || STANDARD_ERROR_CODE[:processing_error]) unless approved
+        Response.new(approved, message_from(response), response,
+          test: test?,
+          authorization: authorization_from(action, response),
+          cvv_result: response[:cvv2_result_code],
+          avs_result: { code: response[:avs_result_code] },
+          error_code: error_code)
       end
 
       def message_from(response)
-        if response[:status] == "Approved"
+        if response[:status] == 'Approved'
           return 'Success'
         else
           return 'Unspecified error' if response[:error].blank?
+
           return response[:error]
         end
       end
 
+      def authorization_from(action, response)
+        return (action == :store ? response[:card_ref] : response[:ref_num])
+      end
+
       def post_data(action, parameters = {})
         parameters[:command]  = TRANSACTIONS[action]
         parameters[:key]      = @options[:login]
         parameters[:software] = 'Active Merchant'
-        parameters[:testmode] = (@options[:test] ? 1 : 0)
+        parameters[:testmode] = (@options[:test] ? 1 : 0) unless parameters.has_key?(:testmode)
+        seed = SecureRandom.hex(32).upcase
+        hash = Digest::SHA1.hexdigest("#{parameters[:command]}:#{@options[:pin] || @options[:password]}:#{parameters[:amount]}:#{parameters[:invoice]}:#{seed}")
+        parameters[:hash] = "s/#{seed}/#{hash}/n"
 
-        parameters.collect { |key, value| "UM#{key}=#{CGI.escape(value.to_s)}" }.join("&")
+        parameters.collect { |key, value| "UM#{key}=#{CGI.escape(value.to_s)}" }.join('&')
       end
     end
   end
 end
-

data/lib/active_merchant/billing/gateways/vanco.rb

@@ -0,0 +1,294 @@
+require 'nokogiri'
+
+module ActiveMerchant
+  module Billing
+    class VancoGateway < Gateway
+      include Empty
+
+      self.test_url = 'https://uat.vancopayments.com/cgi-bin/ws2.vps'
+      self.live_url = 'https://myvanco.vancopayments.com/cgi-bin/ws2.vps'
+
+      self.supported_countries = ['US']
+      self.default_currency = 'USD'
+      self.supported_cardtypes = %i[visa master american_express discover]
+
+      self.homepage_url = 'http://vancopayments.com/'
+      self.display_name = 'Vanco Payment Solutions'
+
+      def initialize(options = {})
+        requires!(options, :user_id, :password, :client_id)
+        super
+      end
+
+      def purchase(money, payment_method, options = {})
+        MultiResponse.run do |r|
+          r.process { login }
+          r.process { commit(purchase_request(money, payment_method, r.params['response_sessionid'], options), :response_transactionref) }
+        end
+      end
+
+      def refund(money, authorization, options = {})
+        MultiResponse.run do |r|
+          r.process { login }
+          r.process { commit(refund_request(money, authorization, r.params['response_sessionid']), :response_creditrequestreceived) }
+        end
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((<Password>).+(</Password>))i, '\1[FILTERED]\2').
+          gsub(%r((<CardCVV2>).+(</CardCVV2>))i, '\1[FILTERED]\2').
+          gsub(%r((<AccountNumber>).+(</AccountNumber>))i, '\1[FILTERED]\2')
+      end
+
+      private
+
+      def parse(xml)
+        response = {}
+
+        doc = Nokogiri::XML(xml)
+        doc.root.xpath('*').each do |node|
+          if node.elements.empty?
+            response[node.name.downcase.to_sym] = node.text
+          else
+            node.elements.each do |childnode|
+              childnode_to_response(response, node, childnode)
+            end
+          end
+        end
+
+        response
+      end
+
+      def childnode_to_response(response, node, childnode)
+        name = "#{node.name.downcase}_#{childnode.name.downcase}"
+        if name == 'response_errors' && !childnode.elements.empty?
+          add_errors_to_response(response, childnode.to_s)
+        else
+          response[name.downcase.to_sym] = childnode.text
+        end
+      end
+
+      def add_errors_to_response(response, errors_xml)
+        errors_hash = Hash.from_xml(errors_xml).values.first
+        response[:response_errors] = errors_hash
+
+        error = errors_hash['Error']
+        if error.kind_of?(Hash)
+          response[:error_message] = error['ErrorDescription']
+          response[:error_codes] = error['ErrorCode']
+        elsif error.kind_of?(Array)
+          error_str = error.map { |e| e['ErrorDescription'] }.join('. ')
+          error_codes = error.map { |e| e['ErrorCode'] }.join(', ')
+          response[:error_message] = "#{error_str}."
+          response[:error_codes] = error_codes
+        end
+      end
+
+      def commit(request, success_field_name)
+        response = parse(ssl_post(url, request, headers))
+        succeeded = success_from(response, success_field_name)
+
+        Response.new(
+          succeeded,
+          message_from(succeeded, response),
+          response,
+          authorization: authorization_from(response),
+          test: test?
+        )
+      end
+
+      def success_from(response, success_field_name)
+        !empty?(response[success_field_name])
+      end
+
+      def message_from(succeeded, response)
+        return 'Success' if succeeded
+
+        response[:error_message]
+      end
+
+      def authorization_from(response)
+        [
+          response[:response_customerref],
+          response[:response_paymentmethodref],
+          response[:response_transactionref]
+        ].join('|')
+      end
+
+      def split_authorization(authorization)
+        authorization.to_s.split('|')
+      end
+
+      def purchase_request(money, payment_method, session_id, options)
+        build_xml_request do |doc|
+          add_auth(doc, 'EFTAddCompleteTransaction', session_id)
+
+          doc.Request do
+            doc.RequestVars do
+              add_client_id(doc)
+              add_amount(doc, money, options)
+              add_payment_method(doc, payment_method, options)
+              add_options(doc, options)
+              add_purchase_noise(doc)
+            end
+          end
+        end
+      end
+
+      def refund_request(money, authorization, session_id)
+        build_xml_request do |doc|
+          add_auth(doc, 'EFTAddCredit', session_id)
+
+          doc.Request do
+            doc.RequestVars do
+              add_client_id(doc)
+              add_amount(doc, money, options)
+              add_reference(doc, authorization)
+              add_refund_noise(doc)
+            end
+          end
+        end
+      end
+
+      def add_request(doc, request_type)
+        doc.RequestType(request_type)
+        doc.RequestID(SecureRandom.hex(15))
+        doc.RequestTime(Time.now)
+        doc.Version(2)
+      end
+
+      def add_auth(doc, request_type, session_id)
+        doc.Auth do
+          add_request(doc, request_type)
+          doc.SessionID(session_id)
+        end
+      end
+
+      def add_reference(doc, authorization)
+        customer_ref, payment_method_ref, transaction_ref = split_authorization(authorization)
+        doc.CustomerRef(customer_ref)
+        doc.PaymentMethodRef(payment_method_ref)
+        doc.TransactionRef(transaction_ref)
+      end
+
+      def add_amount(doc, money, options)
+        if empty?(options[:fund_id])
+          doc.Amount(amount(money))
+        else
+          doc.Funds do
+            doc.Fund do
+              doc.FundID(options[:fund_id])
+              doc.FundAmount(amount(money))
+            end
+          end
+        end
+      end
+
+      def add_payment_method(doc, payment_method, options)
+        if card_brand(payment_method) == 'check'
+          add_echeck(doc, payment_method)
+        else
+          add_credit_card(doc, payment_method, options)
+        end
+      end
+
+      def add_credit_card(doc, credit_card, options)
+        doc.AccountNumber(credit_card.number)
+        doc.CustomerName("#{credit_card.last_name}, #{credit_card.first_name}")
+        doc.CardExpMonth(format(credit_card.month, :two_digits))
+        doc.CardExpYear(format(credit_card.year, :two_digits))
+        doc.CardCVV2(credit_card.verification_value)
+        doc.CardBillingName(credit_card.name)
+        doc.AccountType('CC')
+        add_billing_address(doc, options)
+      end
+
+      def add_billing_address(doc, options)
+        address = options[:billing_address]
+        return unless address
+
+        doc.CardBillingAddr1(address[:address1])
+        doc.CardBillingAddr2(address[:address2])
+        doc.CardBillingCity(address[:city])
+        doc.CardBillingState(address[:state])
+        doc.CardBillingZip(address[:zip])
+        doc.CardBillingCountryCode(address[:country])
+      end
+
+      def add_echeck(doc, echeck)
+        if echeck.account_type == 'savings'
+          doc.AccountType('S')
+        else
+          doc.AccountType('C')
+        end
+
+        doc.CustomerName("#{echeck.last_name}, #{echeck.first_name}")
+        doc.AccountNumber(echeck.account_number)
+        doc.RoutingNumber(echeck.routing_number)
+        doc.TransactionTypeCode('WEB')
+      end
+
+      def add_purchase_noise(doc)
+        doc.StartDate('0000-00-00')
+        doc.FrequencyCode('O')
+      end
+
+      def add_refund_noise(doc)
+        doc.ContactName('Bilbo Baggins')
+        doc.ContactPhone('1234567890')
+        doc.ContactExtension('None')
+        doc.ReasonForCredit('Refund requested')
+      end
+
+      def add_options(doc, options)
+        doc.CustomerIPAddress(options[:ip]) if options[:ip]
+      end
+
+      def add_client_id(doc)
+        doc.ClientID(@options[:client_id])
+      end
+
+      def login
+        commit(login_request, :response_sessionid)
+      end
+
+      def login_request
+        build_xml_request do |doc|
+          doc.Auth do
+            add_request(doc, 'Login')
+          end
+
+          doc.Request do
+            doc.RequestVars do
+              doc.UserID(@options[:user_id])
+              doc.Password(@options[:password])
+            end
+          end
+        end
+      end
+
+      def build_xml_request
+        builder = Nokogiri::XML::Builder.new
+        builder.__send__('VancoWS') do |doc|
+          yield(doc)
+        end
+        builder.to_xml
+      end
+
+      def url
+        (test? ? test_url : live_url)
+      end
+
+      def headers
+        {
+          'Content-Type' => 'text/xml'
+        }
+      end
+    end
+  end
+end