activemerchant 1.45.0 → 1.126.0

data/lib/active_merchant/billing/gateways/ct_payment.rb

@@ -0,0 +1,269 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class CtPaymentGateway < Gateway
+      self.test_url = 'https://test.ctpaiement.ca/v1/'
+      self.live_url = 'https://www.ctpaiement.com/v1/'
+
+      self.supported_countries = %w[US CA]
+      self.default_currency = 'CAD'
+      self.supported_cardtypes = %i[visa master american_express discover diners_club]
+
+      self.homepage_url = 'http://www.ct-payment.com/'
+      self.display_name = 'CT Payment'
+
+      STANDARD_ERROR_CODE_MAPPING = {
+        '14' => STANDARD_ERROR_CODE[:invalid_number],
+        '05' => STANDARD_ERROR_CODE[:card_declined],
+        'M6' => STANDARD_ERROR_CODE[:card_declined],
+        '9068' => STANDARD_ERROR_CODE[:incorrect_number],
+        '9067' => STANDARD_ERROR_CODE[:incorrect_number]
+      }
+      CARD_BRAND = {
+        'american_express' => 'A',
+        'master' => 'M',
+        'diners_club' => 'I',
+        'visa' => 'V',
+        'discover' => 'O'
+      }
+
+      def initialize(options = {})
+        requires!(options, :api_key, :company_number, :merchant_number)
+        super
+      end
+
+      def purchase(money, payment, options = {})
+        requires!(options, :order_id)
+        post = {}
+        add_terminal_number(post, options)
+        add_money(post, money)
+        add_operator_id(post, options)
+        add_invoice(post, money, options)
+        add_payment(post, payment)
+        add_address(post, payment, options)
+        add_customer_data(post, options)
+
+        payment.is_a?(String) ? commit('purchaseWithToken', post) : commit('purchase', post)
+      end
+
+      def authorize(money, payment, options = {})
+        requires!(options, :order_id)
+        post = {}
+        add_money(post, money)
+        add_terminal_number(post, options)
+        add_operator_id(post, options)
+        add_invoice(post, money, options)
+        add_payment(post, payment)
+        add_address(post, payment, options)
+        add_customer_data(post, options)
+
+        payment.is_a?(String) ? commit('preAuthorizationWithToken', post) : commit('preAuthorization', post)
+      end
+
+      def capture(money, authorization, options = {})
+        requires!(options, :order_id)
+        post = {}
+        add_invoice(post, money, options)
+        add_money(post, money)
+        add_customer_data(post, options)
+        transaction_number, authorization_number, invoice_number = split_authorization(authorization)
+        post[:OriginalTransactionNumber] = transaction_number
+        post[:OriginalAuthorizationNumber] = authorization_number
+        post[:OriginalInvoiceNumber] = invoice_number
+
+        commit('completion', post)
+      end
+
+      def refund(money, authorization, options = {})
+        requires!(options, :order_id)
+        post = {}
+        add_invoice(post, money, options)
+        add_money(post, money)
+        add_customer_data(post, options)
+        transaction_number, _, invoice_number = split_authorization(authorization)
+        post[:OriginalTransactionNumber] = transaction_number
+        post[:OriginalInvoiceNumber] = invoice_number
+
+        commit('refundWithoutCard', post)
+      end
+
+      def credit(money, payment, options = {})
+        requires!(options, :order_id)
+        post = {}
+        add_terminal_number(post, options)
+        add_money(post, money)
+        add_operator_id(post, options)
+        add_invoice(post, money, options)
+        add_payment(post, payment)
+        add_address(post, payment, options)
+        add_customer_data(post, options)
+
+        payment.is_a?(String) ? commit('refundWithToken', post) : commit('refund', post)
+      end
+
+      def void(authorization, options = {})
+        post = {}
+        post[:InputType] = 'I'
+        post[:LanguageCode] = 'E'
+        transaction_number, _, invoice_number = split_authorization(authorization)
+        post[:OriginalTransactionNumber] = transaction_number
+        post[:OriginalInvoiceNumber] = invoice_number
+        add_operator_id(post, options)
+        add_customer_data(post, options)
+
+        commit('void', post)
+      end
+
+      def verify(credit_card, options = {})
+        requires!(options, :order_id)
+        post = {}
+        add_terminal_number(post, options)
+        add_operator_id(post, options)
+        add_invoice(post, 0, options)
+        add_payment(post, credit_card)
+        add_address(post, credit_card, options)
+        add_customer_data(post, options)
+
+        commit('verifyAccount', post)
+      end
+
+      def store(credit_card, options = {})
+        requires!(options, :email)
+        post = {
+          LanguageCode: 'E',
+          Name: credit_card.name.rjust(50, ' '),
+          Email: options[:email].rjust(240, ' ')
+        }
+        add_operator_id(post, options)
+        add_payment(post, credit_card)
+        add_customer_data(post, options)
+
+        commit('recur/AddUser', post)
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((&?auth-api-key=)[^&]*)i, '\1[FILTERED]').
+          gsub(%r((&?payload=)[a-zA-Z%0-9=]+)i, '\1[FILTERED]').
+          gsub(%r((&?token:)[^&]*)i, '\1[FILTERED]').
+          gsub(%r((&?cardNumber:)[^&]*)i, '\1[FILTERED]')
+      end
+
+      private
+
+      def add_terminal_number(post, options)
+        post[:MerchantTerminalNumber] = options[:merchant_terminal_number] || ' ' * 5
+      end
+
+      def add_money(post, money)
+        post[:Amount] = money.to_s.rjust(11, '0')
+      end
+
+      def add_operator_id(post, options)
+        post[:OperatorID] = options[:operator_id] || '0' * 8
+      end
+
+      def add_customer_data(post, options)
+        post[:CustomerNumber] = options[:customer_number] || '0' * 8
+      end
+
+      def add_address(post, creditcard, options)
+        if address = options[:billing_address] || options[:address]
+          post[:CardHolderAddress] = "#{address[:address1]} #{address[:address2]} #{address[:city]} #{address[:state]}".rjust(20, ' ')
+          post[:CardHolderPostalCode] = address[:zip].gsub(/\s+/, '').rjust(9, ' ')
+        end
+      end
+
+      def add_invoice(post, money, options)
+        post[:CurrencyCode] = options[:currency] || (currency(money) if money)
+        post[:InvoiceNumber] = options[:order_id].rjust(12, '0')
+        post[:InputType] = 'I'
+        post[:LanguageCode] = 'E'
+      end
+
+      def add_payment(post, payment)
+        if payment.is_a?(String)
+          post[:Token] = split_authorization(payment)[3].strip
+        else
+          post[:CardType] = CARD_BRAND[payment.brand] || ' '
+          post[:CardNumber] = payment.number.rjust(40, ' ')
+          post[:ExpirationDate] = expdate(payment)
+          post[:Cvv2Cvc2Number] = payment.verification_value
+        end
+      end
+
+      def parse(body)
+        JSON.parse(body)
+      end
+
+      def split_authorization(authorization)
+        authorization.split(';')
+      end
+
+      def commit_raw(action, parameters)
+        url = (test? ? test_url : live_url) + action
+        response = parse(ssl_post(url, post_data(action, parameters)))
+
+        Response.new(
+          success_from(response),
+          message_from(response),
+          response,
+          authorization: authorization_from(response),
+          avs_result: AVSResult.new(code: response['avsStatus']),
+          cvv_result: CVVResult.new(response['cvv2Cvc2Status']),
+          test: test?,
+          error_code: error_code_from(response)
+        )
+      end
+
+      def commit(action, parameters)
+        if action == 'void'
+          commit_raw(action, parameters)
+        else
+          MultiResponse.run(true) do |r|
+            r.process { commit_raw(action, parameters) }
+            r.process {
+              split_auth = split_authorization(r.authorization)
+              auth = (action.include?('recur') ? split_auth[4] : split_auth[0])
+              action.include?('recur') ? commit_raw('recur/ack', { ID: auth }) : commit_raw('ack', { TransactionNumber: auth })
+            }
+          end
+        end
+      end
+
+      def success_from(response)
+        return true if response['returnCode'] == '  00'
+        return true if response['returnCode'] == 'true'
+        return true if response['recurReturnCode'] == '  00'
+
+        return false
+      end
+
+      def message_from(response)
+        response['errorDescription'] || response['terminalDisp']&.strip
+      end
+
+      def authorization_from(response)
+        "#{response['transactionNumber']};#{response['authorizationNumber']};"\
+        "#{response['invoiceNumber']};#{response['token']};#{response['id']}"
+      end
+
+      def post_data(action, parameters = {})
+        parameters[:CompanyNumber] = @options[:company_number]
+        parameters[:MerchantNumber] = @options[:merchant_number]
+        parameters = parameters.collect do |key, value|
+          "#{key}=#{value}" unless value.nil? || value.empty?
+        end.join('&')
+        payload = Base64.strict_encode64(parameters)
+        "auth-api-key=#{@options[:api_key]}&payload=#{payload}".strip
+      end
+
+      def error_code_from(response)
+        STANDARD_ERROR_CODE_MAPPING[response['returnCode'].strip || response['recurReturnCode'.strip]] unless success_from(response)
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/culqi.rb

@@ -0,0 +1,279 @@
+require 'digest/md5'
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    # Important note:
+    # ===
+    # Culqi merchant accounts are configured for either purchase or auth/capture
+    # modes. This is configured by Culqi when setting up a merchant account and
+    # largely depends on the transaction acquiring bank. Be sure to understand how
+    # your account was configured prior to using this gateway.
+    class CulqiGateway < Gateway
+      self.display_name = 'Culqi'
+      self.homepage_url = 'https://www.culqi.com'
+
+      self.test_url = 'https://staging.paymentz.com/transaction/'
+      self.live_url = 'https://secure.culqi.com/transaction/'
+
+      self.supported_countries = ['PE']
+      self.default_currency = 'PEN'
+      self.money_format = :dollars
+      self.supported_cardtypes = %i[visa master diners_club american_express]
+
+      def initialize(options = {})
+        requires!(options, :merchant_id, :terminal_id, :secret_key)
+        super
+      end
+
+      def purchase(amount, payment_method, options = {})
+        authorize(amount, payment_method, options)
+      end
+
+      def authorize(amount, payment_method, options = {})
+        if payment_method.is_a?(String)
+          action = :tokenpay
+        else
+          action = :authorize
+        end
+        post = {}
+        add_credentials(post)
+        add_invoice(action, post, amount, options)
+        add_payment_method(post, payment_method, action, options)
+        add_customer_data(post, options)
+        add_checksum(action, post)
+
+        commit(action, post)
+      end
+
+      def capture(amount, authorization, options = {})
+        action = :capture
+        post = {}
+        add_credentials(post)
+        add_invoice(action, post, amount, options)
+        add_reference(post, authorization)
+        add_checksum(action, post)
+
+        commit(action, post)
+      end
+
+      def void(authorization, options = {})
+        action = :void
+        post = {}
+        add_credentials(post)
+        add_invoice(action, post, nil, options)
+        add_reference(post, authorization)
+        add_checksum(action, post)
+
+        commit(action, post)
+      end
+
+      def refund(amount, authorization, options = {})
+        action = :refund
+        post = {}
+        add_credentials(post)
+        add_invoice(action, post, amount, options)
+        add_reference(post, authorization)
+        add_checksum(action, post)
+
+        commit(action, post)
+      end
+
+      def verify(credit_card, options = {})
+        MultiResponse.run(:use_first_response) do |r|
+          r.process { authorize(1000, credit_card, options) }
+          r.process(:ignore_result) { void(r.authorization, options) }
+        end
+      end
+
+      def verify_credentials
+        response = void('0', order_id: '0')
+        response.message.include? 'Transaction not found'
+      end
+
+      def store(credit_card, options = {})
+        action = :tokenize
+        post = {}
+        post[:partnerid] = options[:partner_id] if options[:partner_id]
+        post[:cardholderid] = options[:cardholder_id] if options[:cardholder_id]
+        add_credentials(post)
+        add_payment_method(post, credit_card, action, options)
+        add_customer_data(post, options)
+        add_checksum(action, post)
+
+        commit(action, post)
+      end
+
+      def invalidate(authorization, options = {})
+        action = :invalidate
+        post = {}
+        post[:partnerid] = options[:partner_id] if options[:partner_id]
+        add_credentials(post)
+        post[:token] = authorization
+        add_checksum(action, post)
+
+        commit(action, post)
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((cardnumber=)\d+), '\1[FILTERED]').
+          gsub(%r((cvv=)\d+), '\1[FILTERED]')
+      end
+
+      private
+
+      def add_credentials(post)
+        post[:toid] = @options[:merchant_id]
+        post[:totype] = 'Culqi'
+        post[:terminalid] = @options[:terminal_id]
+        post[:language] = 'ENG'
+      end
+
+      def add_invoice(action, post, money, options)
+        case action
+        when :capture
+          post[:captureamount] = amount(money)
+        when :refund
+          post[:refundamount] = amount(money)
+          post[:reason] = 'none'
+        else
+          post[:amount] = amount(money)
+        end
+
+        post[:description] = options[:order_id]
+        post[:redirecturl] = options[:redirect_url] || 'http://www.example.com'
+      end
+
+      def add_payment_method(post, payment_method, action, options)
+        if payment_method.is_a?(String)
+          post[:token] = payment_method
+          post[:cvv] = options[:cvv] if options[:cvv]
+        else
+          post[:cardnumber] = payment_method.number
+          post[:cvv] = payment_method.verification_value
+          post[:firstname], post[:lastname] = payment_method.name.split(' ')
+          if action == :tokenize
+            post[:expirymonth] = format(payment_method.month, :two_digits)
+            post[:expiryyear] = format(payment_method.year, :four_digits)
+          else
+            post[:expiry_month] = format(payment_method.month, :two_digits)
+            post[:expiry_year] = format(payment_method.year, :four_digits)
+          end
+        end
+      end
+
+      def add_customer_data(post, options)
+        post[:emailaddr] = options[:email] || 'unspecified@example.com'
+        if (billing_address = options[:billing_address] || options[:address])
+          post[:street] = [billing_address[:address1], billing_address[:address2]].join(' ')
+          post[:city] = billing_address[:city]
+          post[:state] = billing_address[:state]
+          post[:countrycode] = billing_address[:country]
+          post[:zip] = billing_address[:zip]
+          post[:telno] = billing_address[:phone]
+          post[:telnocc] = options[:telephone_country_code] || '051'
+        end
+      end
+
+      def add_checksum(action, post)
+        checksum_elements =
+          case action
+          when :capture    then  [post[:toid], post[:trackingid], post[:captureamount], @options[:secret_key]]
+          when :void       then  [post[:toid], post[:description], post[:trackingid], @options[:secret_key]]
+          when :refund     then  [post[:toid], post[:trackingid], post[:refundamount], @options[:secret_key]]
+          when :tokenize   then [post[:partnerid], post[:cardnumber], post[:cvv], @options[:secret_key]]
+          when :invalidate then [post[:partnerid], post[:token], @options[:secret_key]]
+          else [post[:toid], post[:totype], post[:amount], post[:description], post[:redirecturl],
+                post[:cardnumber] || post[:token], @options[:secret_key]]
+          end
+
+        post[:checksum] = Digest::MD5.hexdigest(checksum_elements.compact.join('|'))
+      end
+
+      def add_reference(post, authorization)
+        post[:trackingid] = authorization
+      end
+
+      ACTIONS = {
+        authorize: 'SingleCallGenericServlet',
+        capture: 'SingleCallGenericCaptureServlet',
+        void: 'SingleCallGenericVoid',
+        refund: 'SingleCallGenericReverse',
+        tokenize: 'SingleCallTokenServlet',
+        invalidate: 'SingleCallInvalidateToken',
+        tokenpay: 'SingleCallTokenTransaction'
+      }
+
+      def commit(action, params)
+        response =
+          begin
+            parse(ssl_post(url + ACTIONS[action], post_data(action, params), headers))
+          rescue ResponseError => e
+            parse(e.response.body)
+          end
+
+        success = success_from(response)
+
+        Response.new(
+          success,
+          message_from(response),
+          response,
+          authorization: success ? authorization_from(response) : nil,
+          cvv_result: success ? cvvresult_from(response) : nil,
+          error_code: success ? nil : error_from(response),
+          test: test?
+        )
+      end
+
+      def headers
+        {
+          'Accept' => 'application/json',
+          'Content-Type' => 'application/x-www-form-urlencoded;charset=UTF-8'
+        }
+      end
+
+      def post_data(action, params)
+        params.map { |k, v| "#{k}=#{CGI.escape(v.to_s)}" }.join('&')
+      end
+
+      def url
+        test? ? test_url : live_url
+      end
+
+      def parse(body)
+        JSON.parse(body)
+      rescue JSON::ParserError
+        message = 'Invalid JSON response received from CulqiGateway. Please contact CulqiGateway if you continue to receive this message.'
+        message += "(The raw response returned by the API was #{body.inspect})"
+        {
+          'status' => 'N',
+          'statusdescription' => message
+        }
+      end
+
+      def success_from(response)
+        response['status'] == 'Y'
+      end
+
+      def message_from(response)
+        response['statusdescription'] || response['statusDescription']
+      end
+
+      def authorization_from(response)
+        response['trackingid'] || response['token']
+      end
+
+      def cvvresult_from(response)
+        CVVResult.new(response['cvvresult'])
+      end
+
+      def error_from(response)
+        response['resultcode']
+      end
+    end
+  end
+end