activemerchant 1.45.0 → 1.126.0

data/lib/active_merchant/billing/gateways/worldpay_online_payments.rb

@@ -0,0 +1,208 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class WorldpayOnlinePaymentsGateway < Gateway
+      self.live_url = 'https://api.worldpay.com/v1/'
+
+      self.default_currency = 'GBP'
+
+      self.money_format = :cents
+
+      self.supported_countries = %w(HK US GB BE CH CZ DE DK ES FI FR GR HU IE IT LU MT NL NO PL PT SE SG TR)
+      self.supported_cardtypes = %i[visa master american_express discover jcb maestro]
+
+      self.homepage_url = 'http://online.worldpay.com'
+      self.display_name = 'Worldpay Online Payments'
+
+      def initialize(options = {})
+        requires!(options, :client_key, :service_key)
+        @client_key = options[:client_key]
+        @service_key = options[:service_key]
+        super
+      end
+
+      def authorize(money, credit_card, options = {})
+        response = create_token(true, credit_card.first_name + ' ' + credit_card.last_name, credit_card.month, credit_card.year, credit_card.number, credit_card.verification_value)
+        if response.success?
+          options[:authorizeOnly] = true
+          post = create_post_for_auth_or_purchase(response.authorization, money, options)
+          response = commit(:post, 'orders', post, {}, 'authorize')
+        end
+        response
+      end
+
+      def capture(money, authorization, options = {})
+        if authorization
+          commit(:post, "orders/#{CGI.escape(authorization)}/capture", { 'captureAmount' => money }, options, 'capture')
+        else
+          Response.new(false,
+            'FAILED',
+            'FAILED',
+            test: test?,
+            authorization: false,
+            avs_result: {},
+            cvv_result: {},
+            error_code: false)
+        end
+      end
+
+      def purchase(money, credit_card, options = {})
+        response = create_token(true, credit_card.first_name + ' ' + credit_card.last_name, credit_card.month, credit_card.year, credit_card.number, credit_card.verification_value)
+        if response.success?
+          post = create_post_for_auth_or_purchase(response.authorization, money, options)
+          response = commit(:post, 'orders', post, options, 'purchase')
+        end
+        response
+      end
+
+      def refund(money, orderCode, options = {})
+        obj = money ? { 'refundAmount' => money } : {}
+        commit(:post, "orders/#{CGI.escape(orderCode)}/refund", obj, options, 'refund')
+      end
+
+      def void(orderCode, options = {})
+        response = commit(:delete, "orders/#{CGI.escape(orderCode)}", nil, options, 'void')
+        response = refund(nil, orderCode) if !response.success? && (response.params && response.params['customCode'] != 'ORDER_NOT_FOUND')
+        response
+      end
+
+      def verify(credit_card, options = {})
+        authorize(0, credit_card, options)
+      end
+
+      private
+
+      def create_token(reusable, name, exp_month, exp_year, number, cvc)
+        obj = {
+          'reusable' => reusable,
+          'paymentMethod' => {
+            'type' => 'Card',
+            'name' => name,
+            'expiryMonth' => exp_month,
+            'expiryYear' => exp_year,
+            'cardNumber' => number,
+            'cvc' => cvc
+          },
+          'clientKey' => @client_key
+        }
+        token_response = commit(:post, 'tokens', obj, { 'Authorization' => @service_key }, 'token')
+        token_response
+      end
+
+      def create_post_for_auth_or_purchase(token, money, options)
+        {
+          'token' => token,
+          'orderDescription' => options[:description] || 'Worldpay Order',
+          'amount' => money,
+          'currencyCode' => options[:currency] || default_currency,
+          'name' => options[:billing_address] && options[:billing_address][:name] ? options[:billing_address][:name] : '',
+          'billingAddress' => {
+            'address1' => options[:billing_address] && options[:billing_address][:address1] ? options[:billing_address][:address1] : '',
+            'address2' => options[:billing_address] && options[:billing_address][:address2] ? options[:billing_address][:address2] : '',
+            'address3' => '',
+            'postalCode' => options[:billing_address] && options[:billing_address][:zip] ? options[:billing_address][:zip] : '',
+            'city' => options[:billing_address] && options[:billing_address][:city] ? options[:billing_address][:city] : '',
+            'state' => options[:billing_address] && options[:billing_address][:state] ? options[:billing_address][:state] : '',
+            'countryCode' => options[:billing_address] && options[:billing_address][:country] ? options[:billing_address][:country] : ''
+          },
+          'customerOrderCode' => options[:order_id],
+          'orderType' => 'ECOM',
+          'authorizeOnly' => options[:authorizeOnly] ? true : false
+        }
+      end
+
+      def parse(body)
+        body ? JSON.parse(body) : {}
+      end
+
+      def headers(options = {})
+        headers = {
+          'Authorization' => @service_key,
+          'Content-Type' => 'application/json',
+          'User-Agent' => "Worldpay/v1 ActiveMerchantBindings/#{ActiveMerchant::VERSION}",
+          'X-Worldpay-Client-User-Agent' => user_agent,
+          'X-Worldpay-Client-User-Metadata' => { ip: options[:ip] }.to_json
+        }
+        headers['Authorization'] = options['Authorization'] if options['Authorization']
+        headers
+      end
+
+      def commit(method, url, parameters = nil, options = {}, type = false)
+        raw_response = response = nil
+        success = false
+        begin
+          json = parameters ? parameters.to_json : nil
+
+          raw_response = ssl_request(method, self.live_url + url, json, headers(options))
+
+          if raw_response != ''
+            response = parse(raw_response)
+            if type == 'token'
+              success = response.key?('token')
+            else
+              if response.key?('httpStatusCode')
+                success = false
+              else
+                if type == 'authorize' && response['paymentStatus'] == 'AUTHORIZED'
+                  success = true
+                elsif type == 'purchase' && response['paymentStatus'] == 'SUCCESS'
+                  success = true
+                elsif type == 'capture' || type == 'refund' || type == 'void'
+                  success = true
+                end
+              end
+            end
+          else
+            success = true
+            response = {}
+          end
+        rescue ResponseError => e
+          raw_response = e.response.body
+          response = response_error(raw_response)
+        rescue JSON::ParserError
+          response = json_error(raw_response)
+        end
+
+        if response['orderCode']
+          authorization = response['orderCode']
+        elsif response['token']
+          authorization = response['token']
+        else
+          authorization = response['message']
+        end
+
+        Response.new(success,
+          success ? 'SUCCESS' : response['message'],
+          response,
+          test: test?,
+          authorization: authorization,
+          avs_result: {},
+          cvv_result: {},
+          error_code: success ? nil : response['customCode'])
+      end
+
+      def test?
+        @service_key[0] == 'T'
+      end
+
+      def response_error(raw_response)
+        parse(raw_response)
+      rescue JSON::ParserError
+        json_error(raw_response)
+      end
+
+      def json_error(raw_response)
+        msg = 'Invalid response received from the Worldpay Online Payments API.  Please contact techsupport.online@worldpay.com if you continue to receive this message.'
+        msg += "  (The raw response returned by the API was #{raw_response.inspect})"
+        {
+          'error' => {
+            'message' => msg
+          }
+        }
+      end
+
+      def handle_response(response)
+        response.body
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/worldpay_us.rb

@@ -1,78 +1,97 @@
-require "nokogiri"
+require 'nokogiri'
 
 module ActiveMerchant #:nodoc:
   module Billing #:nodoc:
     class WorldpayUsGateway < Gateway
-      self.display_name = "Worldpay US"
-      self.homepage_url = "http://www.worldpay.com/us"
+      class_attribute :backup_url
+
+      self.display_name = 'Worldpay US'
+      self.homepage_url = 'http://www.worldpay.com/us'
 
       # No sandbox, just use test cards.
-      self.live_url = 'https://trans.worldpay.us/cgi-bin/process.cgi'
+      self.live_url   = 'https://trans.worldpay.us/cgi-bin/process.cgi'
+      self.backup_url = 'https://trans.gwtx01.com/cgi-bin/process.cgi'
 
       self.supported_countries = ['US']
       self.default_currency = 'USD'
       self.money_format = :dollars
-      self.supported_cardtypes = [:visa, :master, :american_express, :discover, :jcb]
+      self.supported_cardtypes = %i[visa master american_express discover jcb]
 
-      def initialize(options={})
+      def initialize(options = {})
         requires!(options, :acctid, :subid, :merchantpin)
         super
       end
 
-      def purchase(money, payment_method, options={})
+      def purchase(money, payment_method, options = {})
         post = {}
         add_invoice(post, money, options)
         add_payment_method(post, payment_method)
         add_customer_data(post, options)
 
-        commit('purchase', post)
+        commit('purchase', options, post)
       end
 
-      def authorize(money, payment, options={})
+      def authorize(money, payment, options = {})
         post = {}
         add_invoice(post, money, options)
-        add_payment_method(post, payment)
+        add_credit_card(post, payment)
         add_customer_data(post, options)
 
-        commit('authorize', post)
+        commit('authorize', options, post)
       end
 
-      def capture(amount, authorization, options={})
+      def capture(amount, authorization, options = {})
         post = {}
         add_invoice(post, amount, options)
         add_reference(post, authorization)
         add_customer_data(post, options)
 
-        commit('capture', post)
+        commit('capture', options, post)
       end
 
-      def refund(amount, authorization, options={})
+      def refund(amount, authorization, options = {})
         post = {}
         add_invoice(post, amount, options)
         add_reference(post, authorization)
         add_customer_data(post, options)
 
-        commit("refund", post)
+        commit('refund', options, post)
       end
 
-      def void(authorization, options={})
+      def void(authorization, options = {})
         post = {}
         add_reference(post, authorization)
 
-        commit('void', post)
+        commit('void', options, post)
       end
 
-      def verify(credit_card, options={})
+      def verify(credit_card, options = {})
         MultiResponse.run(:use_first_response) do |r|
           r.process { authorize(100, credit_card, options) }
           r.process(:ignore_result) { void(r.authorization, options) }
         end
       end
 
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((&?merchantpin=)[^&]*)i, '\1[FILTERED]').
+          gsub(%r((&?ccnum=)[^&]*)i, '\1[FILTERED]').
+          gsub(%r((&?ckacct=)[^&]*)i, '\1[FILTERED]').
+          gsub(%r((&?cvv2=)[^&]*)i, '\1[FILTERED]')
+      end
+
       private
 
+      def url(options)
+        options[:use_backup_url].to_s == 'true' ? self.backup_url : self.live_url
+      end
+
       def add_customer_data(post, options)
-        if(billing_address = (options[:billing_address] || options[:address]))
+        if (billing_address = (options[:billing_address] || options[:address]))
           post[:ci_companyname] = billing_address[:company]
           post[:ci_billaddr1]   = billing_address[:address1]
           post[:ci_billaddr2]   = billing_address[:address2]
@@ -86,13 +105,13 @@ module ActiveMerchant #:nodoc:
           post[:ci_ipaddress]   = billing_address[:ip]
         end
 
-        if(shipping_address = options[:shipping_address])
+        if (shipping_address = options[:shipping_address])
           post[:ci_shipaddr1] = shipping_address[:address1]
           post[:ci_shipaddr2] = shipping_address[:address2]
           post[:ci_shipcity] = shipping_address[:city]
           post[:ci_shipstate] = shipping_address[:state]
-          post[:ci_shipzip]    = shipping_address[:zip]
-          post[:ci_shipcountry]    = shipping_address[:country]
+          post[:ci_shipzip] = shipping_address[:zip]
+          post[:ci_shipcountry] = shipping_address[:country]
         end
       end
 
@@ -103,6 +122,14 @@ module ActiveMerchant #:nodoc:
       end
 
       def add_payment_method(post, payment_method)
+        if card_brand(payment_method) == 'check'
+          add_check(post, payment_method)
+        else
+          add_credit_card(post, payment_method)
+        end
+      end
+
+      def add_credit_card(post, payment_method)
         post[:ccname] = payment_method.name
         post[:ccnum] = payment_method.number
         post[:cvv2] = payment_method.verification_value
@@ -110,8 +137,21 @@ module ActiveMerchant #:nodoc:
         post[:expmon] = format(payment_method.month, :two_digits)
       end
 
+      ACCOUNT_TYPES = {
+        'checking' => '1',
+        'savings' => '2'
+      }
+
+      def add_check(post, payment_method)
+        post[:action] = 'ns_quicksale_check'
+        post[:ckacct] = payment_method.account_number
+        post[:ckaba] = payment_method.routing_number
+        post[:ckno] = payment_method.number
+        post[:ckaccttype] = ACCOUNT_TYPES[payment_method.account_type] if ACCOUNT_TYPES[payment_method.account_type]
+      end
+
       def split_authorization(authorization)
-        historyid, orderid = authorization.split("|")
+        historyid, orderid = authorization.split('|')
         [historyid, orderid]
       end
 
@@ -125,7 +165,7 @@ module ActiveMerchant #:nodoc:
       def parse(xml)
         response = {}
         doc = Nokogiri::XML(xml)
-        message = doc.xpath("//plaintext")
+        message = doc.xpath('//plaintext')
         message.text.split(/\r?\n/).each do |line|
           key, value = line.split(%r{=})
           response[key] = value if key
@@ -134,47 +174,47 @@ module ActiveMerchant #:nodoc:
       end
 
       ACTIONS = {
-        "purchase" => "ns_quicksale_cc",
-        "refund" => "ns_credit",
-        "authorize" => "ns_quicksale_cc",
-        "capture" => "ns_quicksale_cc",
-        "void" => "ns_void",
+        'purchase' => 'ns_quicksale_cc',
+        'refund' => 'ns_credit',
+        'authorize' => 'ns_quicksale_cc',
+        'capture' => 'ns_quicksale_cc',
+        'void' => 'ns_void'
       }
 
-      def commit(action, post)
-        post[:action] = ACTIONS[action] if ACTIONS[action]
+      def commit(action, options, post)
+        post[:action] = ACTIONS[action] unless post[:action]
         post[:acctid] = @options[:acctid]
         post[:subid] = @options[:subid]
         post[:merchantpin] = @options[:merchantpin]
 
         post[:authonly] = '1' if action == 'authorize'
 
-        raw = parse(ssl_post(live_url, post.to_query))
+        raw = parse(ssl_post(url(options), post.to_query))
 
-        succeeded = success_from(raw['transresult'])
+        succeeded = success_from(raw['result'])
         Response.new(
           succeeded,
           message_from(succeeded, raw),
           raw,
-          :authorization => authorization_from(raw),
-          :test => test?
+          authorization: authorization_from(raw),
+          test: test?
         )
       end
 
       def success_from(result)
-        result == 'APPROVED'
+        result == '1'
       end
 
       def message_from(succeeded, response)
         if succeeded
-          "Succeeded"
+          'Succeeded'
         else
-          (response['transresult'] || response['Reason'] || "Unable to read error message")
+          (response['transresult'] || response['Reason'] || 'Unable to read error message')
         end
       end
 
       def authorization_from(response)
-        [response['historyid'], response['orderid']].join("|")
+        [response['historyid'], response['orderid']].join('|')
       end
     end
   end

data/lib/active_merchant/billing/gateways.rb

@@ -1,17 +1,14 @@
+require 'pathname'
+
 module ActiveMerchant
   module Billing
-    autoload :Gateway, 'active_merchant/billing/gateway'
-
-    Dir[File.dirname(__FILE__) + '/gateways/**/*.rb'].each do |f|
-      # Get camelized class name
-      filename = File.basename(f, '.rb')
-      # Add _gateway suffix
-      gateway_name = filename + '_gateway'
-      # Camelize the string to get the class name
-      gateway_class = gateway_name.camelize
+    load_path = Pathname.new(__FILE__ + '/../../..')
+    Dir[File.dirname(__FILE__) + '/gateways/**/*.rb'].each do |filename|
+      gateway_name      = File.basename(filename, '.rb')
+      gateway_classname = "#{gateway_name}_gateway".camelize
+      gateway_filename  = Pathname.new(filename).relative_path_from(load_path).sub_ext('')
 
-      # Register for autoloading
-      autoload gateway_class, f
+      autoload(gateway_classname, gateway_filename)
     end
   end
 end

data/lib/active_merchant/billing/model.rb

@@ -1,5 +1,5 @@
-require "active_merchant/billing/compatibility"
-require "active_merchant/empty"
+require 'active_merchant/billing/compatibility'
+require 'active_merchant/empty'
 
 module ActiveMerchant
   module Billing

data/lib/active_merchant/billing/network_tokenization_credit_card.rb

@@ -0,0 +1,39 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class NetworkTokenizationCreditCard < CreditCard
+      # A +NetworkTokenizationCreditCard+ object represents a tokenized credit card
+      # using the EMV Network Tokenization specification, http://www.emvco.com/specifications.aspx?id=263.
+      #
+      # It includes all fields of the +CreditCard+ class with additional fields for
+      # verification data that must be given to gateways through existing fields (3DS / EMV).
+      #
+      # The only tested usage of this at the moment is with an Apple Pay decrypted PKPaymentToken,
+      # https://developer.apple.com/library/ios/documentation/PassKit/Reference/PaymentTokenJSON/PaymentTokenJSON.html
+
+      # These are not relevant (verification) or optional (name) for Apple Pay
+      self.require_verification_value = false
+      self.require_name = false
+
+      attr_accessor :payment_cryptogram, :eci, :transaction_id, :metadata
+      attr_writer :source
+
+      SOURCES = %i(apple_pay android_pay google_pay network_token)
+
+      def source
+        if defined?(@source) && SOURCES.include?(@source)
+          @source
+        else
+          :apple_pay
+        end
+      end
+
+      def credit_card?
+        true
+      end
+
+      def type
+        'network_tokenization'
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/payment_token.rb

@@ -6,7 +6,7 @@ module ActiveMerchant #:nodoc:
     # implementations of your given cryptographer. Like credit cards, you must also return a string representing
     # the token's type, like 'apple_pay' or 'stripe' should your target payment gateway process these tokens.
     class PaymentToken
-      attr_reader :payment_data, :type
+      attr_reader :payment_data
 
       def initialize(payment_data, options = {})
         @payment_data = payment_data

data/lib/active_merchant/billing/rails.rb

@@ -1,3 +1,3 @@
-require "active_merchant/billing/compatibility"
+require 'active_merchant/billing/compatibility'
 
 ActiveMerchant::Billing::Compatibility.rails_required!

data/lib/active_merchant/billing/response.rb

@@ -4,12 +4,16 @@ module ActiveMerchant #:nodoc:
     end
 
     class Response
-      attr_reader :params, :message, :test, :authorization, :avs_result, :cvv_result, :error_code
+      attr_reader :params, :message, :test, :authorization, :avs_result, :cvv_result, :error_code, :emv_authorization, :network_transaction_id
 
       def success?
         @success
       end
 
+      def failure?
+        !success?
+      end
+
       def test?
         @test
       end
@@ -24,18 +28,20 @@ module ActiveMerchant #:nodoc:
         @authorization = options[:authorization]
         @fraud_review = options[:fraud_review]
         @error_code = options[:error_code]
+        @emv_authorization = options[:emv_authorization]
+        @network_transaction_id = options[:network_transaction_id]
 
         @avs_result = if options[:avs_result].kind_of?(AVSResult)
-          options[:avs_result].to_hash
-        else
-          AVSResult.new(options[:avs_result]).to_hash
-        end
+                        options[:avs_result].to_hash
+                      else
+                        AVSResult.new(options[:avs_result]).to_hash
+                      end
 
         @cvv_result = if options[:cvv_result].kind_of?(CVVResult)
-          options[:cvv_result].to_hash
-        else
-          CVVResult.new(options[:cvv_result]).to_hash
-        end
+                        options[:cvv_result].to_hash
+                      else
+                        CVVResult.new(options[:cvv_result]).to_hash
+                      end
       end
     end
 
@@ -52,14 +58,14 @@ module ActiveMerchant #:nodoc:
         @primary_response = nil
       end
 
-      def process(ignore_result=false)
+      def process(ignore_result = false)
         return unless success?
 
         response = yield
         self << response
 
         unless ignore_result
-          if(@use_first_response && response.success?)
+          if @use_first_response && response.success?
             @primary_response ||= response
           else
             @primary_response = response
@@ -69,7 +75,7 @@ module ActiveMerchant #:nodoc:
 
       def <<(response)
         if response.is_a?(MultiResponse)
-          response.responses.each{|r| @responses << r}
+          response.responses.each { |r| @responses << r }
         else
           @responses << response
         end
@@ -79,7 +85,7 @@ module ActiveMerchant #:nodoc:
         (primary_response ? primary_response.success? : true)
       end
 
-      %w(params message test authorization avs_result cvv_result test? fraud_review?).each do |m|
+      %w(params message test authorization avs_result cvv_result error_code emv_authorization test? fraud_review?).each do |m|
         class_eval %(
           def #{m}
             (@responses.empty? ? nil : primary_response.#{m})

data/lib/active_merchant/billing/three_d_secure_eci_mapper.rb

@@ -0,0 +1,27 @@
+module ActiveMerchant
+  module Billing
+    module ThreeDSecureEciMapper
+      NON_THREE_D_SECURE_TRANSACTION = :non_three_d_secure_transaction
+      ATTEMPTED_AUTHENTICATION_TRANSACTION = :attempted_authentication_transaction
+      FULLY_AUTHENTICATED_TRANSACTION = :fully_authenticated_transaction
+
+      ECI_00_01_02_MAP = { '00' => NON_THREE_D_SECURE_TRANSACTION, '01' => ATTEMPTED_AUTHENTICATION_TRANSACTION, '02' => FULLY_AUTHENTICATED_TRANSACTION }.freeze
+      ECI_05_06_07_MAP = { '05' => FULLY_AUTHENTICATED_TRANSACTION, '06' => ATTEMPTED_AUTHENTICATION_TRANSACTION, '07' => NON_THREE_D_SECURE_TRANSACTION }.freeze
+      BRAND_TO_ECI_MAP = {
+        american_express: ECI_05_06_07_MAP,
+        dankort: ECI_05_06_07_MAP,
+        diners_club: ECI_05_06_07_MAP,
+        discover: ECI_05_06_07_MAP,
+        elo: ECI_05_06_07_MAP,
+        jcb: ECI_05_06_07_MAP,
+        maestro: ECI_00_01_02_MAP,
+        master: ECI_00_01_02_MAP,
+        visa: ECI_05_06_07_MAP
+      }.freeze
+
+      def self.map(brand, eci)
+        BRAND_TO_ECI_MAP.dig(brand, eci)
+      end
+    end
+  end
+end

data/lib/active_merchant/billing.rb

@@ -5,9 +5,12 @@ require 'active_merchant/billing/cvv_result'
 require 'active_merchant/billing/credit_card_methods'
 require 'active_merchant/billing/credit_card_formatting'
 require 'active_merchant/billing/credit_card'
+require 'active_merchant/billing/network_tokenization_credit_card'
 require 'active_merchant/billing/base'
 require 'active_merchant/billing/check'
 require 'active_merchant/billing/payment_token'
 require 'active_merchant/billing/apple_pay_payment_token'
 require 'active_merchant/billing/response'
 require 'active_merchant/billing/gateways'
+require 'active_merchant/billing/gateway'
+require 'active_merchant/billing/three_d_secure_eci_mapper'