activemerchant 1.45.0 → 1.126.0

data/lib/active_merchant/billing/gateways/flo2cash.rb

@@ -0,0 +1,215 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class Flo2cashGateway < Gateway
+      self.display_name = 'Flo2Cash'
+      self.homepage_url = 'http://www.flo2cash.co.nz/'
+
+      self.test_url = 'https://demo.flo2cash.co.nz/ws/paymentws.asmx'
+      self.live_url = 'https://secure.flo2cash.co.nz/ws/paymentws.asmx'
+
+      self.supported_countries = ['NZ']
+      self.default_currency = 'NZD'
+      self.money_format = :dollars
+      self.supported_cardtypes = %i[visa master american_express diners_club]
+
+      BRAND_MAP = {
+        'visa' => 'VISA',
+        'master' => 'MC',
+        'american_express' => 'AMEX',
+        'diners_club' => 'DINERS'
+      }
+
+      def initialize(options = {})
+        requires!(options, :username, :password, :account_id)
+        super
+      end
+
+      def purchase(amount, payment_method, options = {})
+        MultiResponse.run do |r|
+          r.process { authorize(amount, payment_method, options) }
+          r.process { capture(amount, r.authorization, options) }
+        end
+      end
+
+      def authorize(amount, payment_method, options = {})
+        post = {}
+        add_invoice(post, amount, options)
+        add_payment_method(post, payment_method)
+        add_customer_data(post, options)
+
+        commit('ProcessAuthorise', post)
+      end
+
+      def capture(amount, authorization, options = {})
+        post = {}
+        add_invoice(post, amount, options)
+        add_reference(post, authorization)
+        add_customer_data(post, options)
+
+        commit('ProcessCapture', post)
+      end
+
+      def refund(amount, authorization, options = {})
+        post = {}
+        add_invoice(post, amount, options)
+        add_reference(post, authorization)
+        add_customer_data(post, options)
+
+        commit('ProcessRefund', post)
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((<Password>)[^<]+(<))i, '\1[FILTERED]\2').
+          gsub(%r((<CardNumber>)[^<]+(<))i, '\1[FILTERED]\2').
+          gsub(%r((<CardCSC>)[^<]+(<))i, '\1[FILTERED]\2')
+      end
+
+      private
+
+      CURRENCY_CODES = Hash.new { |_h, k| raise ArgumentError.new("Unsupported currency: #{k}") }
+      CURRENCY_CODES['NZD'] = '554'
+
+      def add_invoice(post, money, options)
+        post[:Amount] = amount(money)
+        post[:Reference] = options[:order_id]
+        post[:Particular] = options[:description]
+      end
+
+      def add_payment_method(post, payment_method)
+        post[:CardNumber] = payment_method.number
+        post[:CardType] = BRAND_MAP[payment_method.brand.to_s]
+        post[:CardExpiry] = format(payment_method.month, :two_digits) + format(payment_method.year, :two_digits)
+        post[:CardHolderName] = payment_method.name
+        post[:CardCSC] = payment_method.verification_value
+      end
+
+      def add_customer_data(post, options)
+        if (billing_address = (options[:billing_address] || options[:address]))
+          post[:Email] = billing_address[:email]
+        end
+      end
+
+      def add_reference(post, authorization)
+        post[:OriginalTransactionId] = authorization
+      end
+
+      def commit(action, post)
+        post[:Username] = @options[:username]
+        post[:Password] = @options[:password]
+        post[:AccountId] = @options[:account_id]
+
+        data = build_request(action, post)
+        begin
+          raw = parse(ssl_post(url, data, headers(action)), action)
+        rescue ActiveMerchant::ResponseError => e
+          if e.response.code == '500' && e.response.body.start_with?('<?xml')
+            raw = parse(e.response.body, action)
+          else
+            raise
+          end
+        end
+
+        succeeded = success_from(raw[:status])
+        Response.new(
+          succeeded,
+          message_from(succeeded, raw),
+          raw,
+          authorization: authorization_from(action, raw[:transaction_id], post[:OriginalTransactionId]),
+          error_code: error_code_from(succeeded, raw),
+          test: test?
+        )
+      end
+
+      def headers(action)
+        {
+          'Content-Type'  => 'application/soap+xml; charset=utf-8',
+          'SOAPAction'    => %{"http://www.flo2cash.co.nz/webservices/paymentwebservice/#{action}"}
+        }
+      end
+
+      def build_request(action, post)
+        xml = Builder::XmlMarkup.new indent: 2
+        post.each do |field, value|
+          xml.tag!(field, value)
+        end
+        body = xml.target!
+        envelope_wrap(action, body)
+      end
+
+      def envelope_wrap(action, body)
+        <<~XML
+          <?xml version="1.0" encoding="utf-8"?>
+          <soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope">
+            <soap12:Body>
+              <#{action} xmlns="http://www.flo2cash.co.nz/webservices/paymentwebservice">
+                #{body}
+              </#{action}>
+            </soap12:Body>
+          </soap12:Envelope>
+        XML
+      end
+
+      def url
+        (test? ? test_url : live_url)
+      end
+
+      def parse(body, action)
+        response = {}
+        xml = REXML::Document.new(body)
+        root = (REXML::XPath.first(xml, "//#{action}Response") || REXML::XPath.first(xml, '//detail'))
+
+        root.elements.to_a.each do |node|
+          parse_element(response, node)
+        end if root
+
+        response
+      end
+
+      def parse_element(response, node)
+        if node.has_elements?
+          node.elements.each { |element| parse_element(response, element) }
+        else
+          response[node.name.underscore.to_sym] = node.text
+        end
+      end
+
+      def success_from(response)
+        response == 'SUCCESSFUL'
+      end
+
+      def message_from(succeeded, response)
+        if succeeded
+          'Succeeded'
+        else
+          response[:message] || response[:errormessage] || 'Unable to read error message'
+        end
+      end
+
+      def authorization_from(action, current, original)
+        # Refunds require the authorization from the authorize() of the MultiResponse.
+        if action == 'ProcessCapture'
+          original
+        else
+          current
+        end
+      end
+
+      STANDARD_ERROR_CODE_MAPPING = {
+        'Transaction Declined - Expired Card' => STANDARD_ERROR_CODE[:expired_card],
+        'Bank Declined Transaction' => STANDARD_ERROR_CODE[:card_declined],
+        'Insufficient Funds' => STANDARD_ERROR_CODE[:card_declined],
+        'Transaction Declined - Bank Error' => STANDARD_ERROR_CODE[:processing_error],
+        'No Reply from Bank' => STANDARD_ERROR_CODE[:processing_error]
+      }
+
+      def error_code_from(succeeded, response)
+        succeeded ? nil : STANDARD_ERROR_CODE_MAPPING[response[:message]]
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/flo2cash_simple.rb

@@ -0,0 +1,20 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class Flo2cashSimpleGateway < Flo2cashGateway
+      self.display_name = 'Flo2Cash Simple'
+
+      def purchase(amount, payment_method, options = {})
+        post = {}
+        add_invoice(post, amount, options)
+        add_payment_method(post, payment_method)
+        add_customer_data(post, options)
+
+        commit('ProcessPurchase', post)
+      end
+
+      # Flo2Cash's "simple mode" does not support auth/capture
+      undef_method :authorize
+      undef_method :capture
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/forte.rb

@@ -0,0 +1,286 @@
+require 'json'
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class ForteGateway < Gateway
+      include Empty
+
+      self.test_url = 'https://sandbox.forte.net/api/v2'
+      self.live_url = 'https://api.forte.net/v2'
+
+      self.supported_countries = ['US']
+      self.default_currency = 'USD'
+      self.supported_cardtypes = %i[visa master american_express discover]
+
+      self.homepage_url = 'https://www.forte.net'
+      self.display_name = 'Forte'
+
+      def initialize(options = {})
+        requires!(options, :api_key, :secret, :location_id, :account_id)
+        super
+      end
+
+      def purchase(money, payment_method, options = {})
+        post = {}
+        add_amount(post, money, options)
+        add_service_fee(post, options)
+        add_invoice(post, options)
+        add_payment_method(post, payment_method, options)
+        add_billing_address(post, payment_method, options)
+        add_shipping_address(post, options)
+        add_xdata(post, options)
+        post[:action] = 'sale'
+
+        commit(:post, post)
+      end
+
+      def authorize(money, payment_method, options = {})
+        post = {}
+        add_amount(post, money, options)
+        add_service_fee(post, options)
+        add_invoice(post, options)
+        add_payment_method(post, payment_method, options)
+        add_billing_address(post, payment_method, options)
+        add_shipping_address(post, options)
+        add_xdata(post, options)
+        post[:action] = 'authorize'
+
+        commit(:post, post)
+      end
+
+      def capture(money, authorization, options = {})
+        post = {}
+        post[:transaction_id] = transaction_id_from(authorization)
+        post[:authorization_code] = authorization_code_from(authorization) || ''
+        post[:action] = 'capture'
+
+        commit(:put, post)
+      end
+
+      def credit(money, payment_method, options = {})
+        post = {}
+        add_amount(post, money, options)
+        add_invoice(post, options)
+        add_payment_method(post, payment_method, options)
+        add_billing_address(post, payment_method, options)
+        post[:action] = 'disburse'
+
+        commit(:post, post)
+      end
+
+      def refund(money, authorization, options = {})
+        post = {}
+        add_amount(post, money, options)
+        post[:original_transaction_id] = transaction_id_from(authorization)
+        post[:authorization_code] = authorization_code_from(authorization)
+        post[:action] = 'reverse'
+
+        commit(:post, post)
+      end
+
+      def void(authorization, options = {})
+        post = {}
+        post[:transaction_id] = transaction_id_from(authorization)
+        post[:authorization_code] = authorization_code_from(authorization)
+        post[:action] = 'void'
+
+        commit(:put, post)
+      end
+
+      def verify(credit_card, options = {})
+        MultiResponse.run(:use_first_response) do |r|
+          r.process { authorize(100, credit_card, options) }
+          r.process(:ignore_result) { void(r.authorization, options) }
+        end
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((Authorization: Basic )\w+), '\1[FILTERED]').
+          gsub(%r((account_number)\W+\d+), '\1[FILTERED]').
+          gsub(%r((card_verification_value)\W+\d+), '\1[FILTERED]')
+      end
+
+      private
+
+      def add_auth(post)
+        post[:account_id] = "act_#{@options[:account_id]}"
+        post[:location_id] = "loc_#{@options[:location_id]}"
+      end
+
+      def add_invoice(post, options)
+        post[:order_number] = options[:order_id]
+      end
+
+      def add_amount(post, money, options)
+        post[:authorization_amount] = amount(money)
+      end
+
+      def add_service_fee(post, options)
+        post[:service_fee_amount] = options[:service_fee_amount] if options[:service_fee_amount]
+      end
+
+      def add_xdata(post, options)
+        post[:xdata] = {}
+        if xdata = options[:xdata]
+          (1..9).each do |n|
+            field = "xdata_#{n}".to_sym
+            post[:xdata][field] = xdata[field] if xdata[field]
+          end
+        end
+      end
+
+      def add_billing_address(post, payment, options)
+        post[:billing_address] = {}
+        if address = options[:billing_address] || options[:address]
+          first_name, last_name = split_names(address[:name])
+          post[:billing_address][:first_name] = first_name if first_name
+          post[:billing_address][:last_name] = last_name if last_name
+          post[:billing_address][:physical_address] = {}
+          post[:billing_address][:physical_address][:street_line1] = address[:address1] if address[:address1]
+          post[:billing_address][:physical_address][:street_line2] = address[:address2] if address[:address2]
+          post[:billing_address][:physical_address][:postal_code] = address[:zip] if address[:zip]
+          post[:billing_address][:physical_address][:region] = address[:state] if address[:state]
+          post[:billing_address][:physical_address][:locality] = address[:city] if address[:city]
+        end
+
+        post[:billing_address][:first_name] = payment.first_name if empty?(post[:billing_address][:first_name]) && payment.first_name
+
+        post[:billing_address][:last_name] = payment.last_name if empty?(post[:billing_address][:last_name]) && payment.last_name
+      end
+
+      def add_shipping_address(post, options)
+        return unless options[:shipping_address]
+
+        address = options[:shipping_address]
+
+        post[:shipping_address] = {}
+        first_name, last_name = split_names(address[:name])
+        post[:shipping_address][:first_name] = first_name if first_name
+        post[:shipping_address][:last_name] = last_name if last_name
+        post[:shipping_address][:physical_address][:street_line1] = address[:address1] if address[:address1]
+        post[:shipping_address][:physical_address][:street_line2] = address[:address2] if address[:address2]
+        post[:shipping_address][:physical_address][:postal_code] = address[:zip] if address[:zip]
+        post[:shipping_address][:physical_address][:region] = address[:state] if address[:state]
+        post[:shipping_address][:physical_address][:locality] = address[:city] if address[:city]
+      end
+
+      def add_payment_method(post, payment_method, options)
+        if payment_method.respond_to?(:brand)
+          add_credit_card(post, payment_method)
+        else
+          add_echeck(post, payment_method, options)
+        end
+      end
+
+      def add_echeck(post, payment, options)
+        post[:echeck] = {}
+        post[:echeck][:account_holder] = payment.name
+        post[:echeck][:account_number] = payment.account_number
+        post[:echeck][:routing_number] = payment.routing_number
+        post[:echeck][:account_type] = payment.account_type
+        post[:echeck][:check_number] = payment.number
+        post[:echeck][:sec_code] = options[:sec_code] || 'PPD'
+      end
+
+      def add_credit_card(post, payment)
+        post[:card] = {}
+        post[:card][:card_type] = format_card_brand(payment.brand)
+        post[:card][:name_on_card] = payment.name
+        post[:card][:account_number] = payment.number
+        post[:card][:expire_month] = payment.month
+        post[:card][:expire_year] = payment.year
+        post[:card][:card_verification_value] = payment.verification_value
+      end
+
+      def commit(type, parameters)
+        add_auth(parameters)
+
+        url = (test? ? test_url : live_url)
+        response = parse(handle_resp(raw_ssl_request(type, url + endpoint, parameters.to_json, headers)))
+
+        Response.new(
+          success_from(response),
+          message_from(response),
+          response,
+          authorization: authorization_from(response, parameters),
+          avs_result: AVSResult.new(code: response['response']['avs_result']),
+          cvv_result: CVVResult.new(response['response']['cvv_code']),
+          test: test?
+        )
+      end
+
+      def handle_resp(response)
+        case response.code.to_i
+        when 200..499
+          response.body
+        else
+          raise ResponseError.new(response)
+        end
+      end
+
+      def parse(response_body)
+        JSON.parse(response_body)
+      end
+
+      def success_from(response)
+        response['response']['response_code'] == 'A01'
+      end
+
+      def message_from(response)
+        response['response']['response_desc']
+      end
+
+      def authorization_from(response, parameters)
+        if parameters[:action] == 'capture'
+          [response['transaction_id'], response.dig('response', 'authorization_code'), parameters[:transaction_id], parameters[:authorization_code]].join('#')
+        else
+          [response['transaction_id'], response.dig('response', 'authorization_code')].join('#')
+        end
+      end
+
+      def endpoint
+        "/accounts/act_#{@options[:account_id].strip}/locations/loc_#{@options[:location_id].strip}/transactions/"
+      end
+
+      def headers
+        {
+          'Authorization' => ('Basic ' + Base64.strict_encode64("#{@options[:api_key]}:#{@options[:secret]}")),
+          'X-Forte-Auth-Account-Id' => "act_#{@options[:account_id]}",
+          'Content-Type' => 'application/json'
+        }
+      end
+
+      def format_card_brand(card_brand)
+        case card_brand
+        when 'visa'
+          return 'visa'
+        when 'master'
+          return 'mast'
+        when 'american_express'
+          return 'amex'
+        when 'discover'
+          return 'disc'
+        end
+      end
+
+      def split_authorization(authorization)
+        authorization.split('#')
+      end
+
+      def authorization_code_from(authorization)
+        _, authorization_code, _, original_auth_authorization_code = split_authorization(authorization)
+        original_auth_authorization_code.present? ? original_auth_authorization_code : authorization_code
+      end
+
+      def transaction_id_from(authorization)
+        transaction_id, _, original_auth_transaction_id, = split_authorization(authorization)
+        original_auth_transaction_id.present? ? original_auth_transaction_id : transaction_id
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/garanti.rb

@@ -1,13 +1,14 @@
 module ActiveMerchant #:nodoc:
   module Billing #:nodoc:
     class GarantiGateway < Gateway
-      self.live_url = self.test_url = 'https://sanalposprov.garanti.com.tr/VPServlet'
+      self.live_url = 'https://sanalposprov.garanti.com.tr/VPServlet'
+      self.test_url = 'https://sanalposprovtest.garanti.com.tr/VPServlet'
 
       # The countries the gateway supports merchants from as 2 digit ISO country codes
-      self.supported_countries = ['US','TR']
+      self.supported_countries = %w[US TR]
 
       # The card types supported by the payment gateway
-      self.supported_cardtypes = [:visa, :master, :american_express, :discover]
+      self.supported_cardtypes = %i[visa master american_express discover]
 
       # The homepage URL of the gateway
       self.homepage_url = 'https://sanalposweb.garanti.com.tr'
@@ -29,31 +30,30 @@ module ActiveMerchant #:nodoc:
         'JPY' => 392
       }
 
-
       def initialize(options = {})
         requires!(options, :login, :password, :terminal_id, :merchant_id)
         super
       end
 
       def purchase(money, credit_card, options = {})
-        options = options.merge(:gvp_order_type => "sales")
+        options = options.merge(gvp_order_type: 'sales')
         commit(money, build_sale_request(money, credit_card, options))
       end
 
       def authorize(money, credit_card, options = {})
-        options = options.merge(:gvp_order_type => "preauth")
+        options = options.merge(gvp_order_type: 'preauth')
         commit(money, build_authorize_request(money, credit_card, options))
       end
 
       def capture(money, ref_id, options = {})
-        options = options.merge(:gvp_order_type => "postauth")
+        options = options.merge(gvp_order_type: 'postauth')
         commit(money, build_capture_request(money, ref_id, options))
       end
 
       private
 
       def security_data
-        rjusted_terminal_id = @options[:terminal_id].to_s.rjust(9, "0")
+        rjusted_terminal_id = @options[:terminal_id].to_s.rjust(9, '0')
         Digest::SHA1.hexdigest(@options[:password].to_s + rjusted_terminal_id).upcase
       end
 
@@ -66,8 +66,8 @@ module ActiveMerchant #:nodoc:
         card_number = credit_card.respond_to?(:number) ? credit_card.number : ''
         hash_data   = generate_hash_data(format_order_id(options[:order_id]), @options[:terminal_id], card_number, amount(money), security_data)
 
-        xml = Builder::XmlMarkup.new(:indent => 2)
-        xml.instruct! :xml, :version => "1.0", :encoding => "UTF-8"
+        xml = Builder::XmlMarkup.new(indent: 2)
+        xml.instruct! :xml, version: '1.0', encoding: 'UTF-8'
 
         xml.tag! 'GVPSRequest' do
           xml.tag! 'Mode', test? ? 'TEST' : 'PROD'
@@ -102,9 +102,9 @@ module ActiveMerchant #:nodoc:
       end
 
       def build_authorize_request(money, credit_card, options)
-         build_xml_request(money, credit_card, options) do |xml|
+        build_xml_request(money, credit_card, options) do |xml|
           add_customer_data(xml, options)
-          add_order_data(xml, options)  do
+          add_order_data(xml, options) do
             add_addresses(xml, options)
           end
           add_credit_card(xml, credit_card)
@@ -115,8 +115,8 @@ module ActiveMerchant #:nodoc:
       end
 
       def build_capture_request(money, ref_id, options)
-        options = options.merge(:order_id => ref_id)
-         build_xml_request(money, ref_id, options) do |xml|
+        options = options.merge(order_id: ref_id)
+        build_xml_request(money, ref_id, options) do |xml|
           add_customer_data(xml, options)
           add_order_data(xml, options)
           add_transaction_data(xml, money, options)
@@ -137,9 +137,7 @@ module ActiveMerchant #:nodoc:
           xml.tag! 'OrderID', format_order_id(options[:order_id])
           xml.tag! 'GroupID'
 
-          if block_given?
-            yield xml
-          end
+          yield xml if block_given?
         end
       end
 
@@ -181,7 +179,7 @@ module ActiveMerchant #:nodoc:
       def add_address(xml, address)
         xml.tag! 'Name', normalize(address[:name])
         address_text = address[:address1]
-        address_text << " #{ address[:address2]}" if address[:address2]
+        address_text << " #{address[:address2]}" if address[:address2]
         xml.tag! 'Text', normalize(address_text)
         xml.tag! 'City', normalize(address[:city])
         xml.tag! 'District', normalize(address[:state])
@@ -195,11 +193,9 @@ module ActiveMerchant #:nodoc:
         return unless text
 
         if ActiveSupport::Inflector.method(:transliterate).arity == -2
-          ActiveSupport::Inflector.transliterate(text,'')
-        elsif RUBY_VERSION >= '1.9'
-          text.gsub(/[^\x00-\x7F]+/, '')
+          ActiveSupport::Inflector.transliterate(text, '')
         else
-          ActiveSupport::Inflector.transliterate(text).to_s
+          text.gsub(/[^\x00-\x7F]+/, '')
         end
       end
 
@@ -216,21 +212,22 @@ module ActiveMerchant #:nodoc:
         CURRENCY_CODES[currency] || CURRENCY_CODES[default_currency]
       end
 
-      def commit(money,request)
-        raw_response = ssl_post(self.live_url, "data=" + request)
+      def commit(money, request)
+        url = test? ? self.test_url : self.live_url
+        raw_response = ssl_post(url, 'data=' + request)
         response = parse(raw_response)
 
         success = success?(response)
 
         Response.new(success,
-                     success ? 'Approved' : "Declined (Reason: #{response[:reason_code]} - #{response[:error_msg]} - #{response[:sys_err_msg]})",
-                     response,
-                     :test => test?,
-                     :authorization => response[:order_id])
+          success ? 'Approved' : "Declined (Reason: #{response[:reason_code]} - #{response[:error_msg]} - #{response[:sys_err_msg]})",
+          response,
+          test: test?,
+          authorization: response[:order_id])
       end
 
       def parse(body)
-        xml = REXML::Document.new(body)
+        xml = REXML::Document.new(strip_invalid_xml_chars(body))
 
         response = {}
         xml.root.elements.to_a.each do |node|
@@ -241,17 +238,19 @@ module ActiveMerchant #:nodoc:
 
       def parse_element(response, node)
         if node.has_elements?
-          node.elements.each{|element| parse_element(response, element) }
+          node.elements.each { |element| parse_element(response, element) }
         else
           response[node.name.underscore.to_sym] = node.text
         end
       end
 
       def success?(response)
-        response[:message] == "Approved"
+        response[:message] == 'Approved'
       end
 
+      def strip_invalid_xml_chars(xml)
+        xml.gsub(/&(?!(?:[a-z]+|#[0-9]+|x[a-zA-Z0-9]+);)/, '&amp;')
+      end
     end
   end
 end
-