activemerchant 1.45.0 → 1.126.0

data/lib/active_merchant/billing/gateways/kushki.rb

@@ -0,0 +1,277 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class KushkiGateway < Gateway
+      self.display_name = 'Kushki'
+      self.homepage_url = 'https://www.kushkipagos.com'
+
+      self.test_url = 'https://api-uat.kushkipagos.com/'
+      self.live_url = 'https://api.kushkipagos.com/'
+
+      self.supported_countries = %w[CL CO EC MX PE]
+      self.default_currency = 'USD'
+      self.money_format = :dollars
+      self.supported_cardtypes = %i[visa master american_express discover diners_club alia]
+
+      def initialize(options = {})
+        requires!(options, :public_merchant_id, :private_merchant_id)
+        super
+      end
+
+      def purchase(amount, payment_method, options = {})
+        MultiResponse.run() do |r|
+          r.process { tokenize(amount, payment_method, options) }
+          r.process { charge(amount, r.authorization, options) }
+        end
+      end
+
+      def authorize(amount, payment_method, options = {})
+        MultiResponse.run() do |r|
+          r.process { tokenize(amount, payment_method, options) }
+          r.process { preauthorize(amount, r.authorization, options) }
+        end
+      end
+
+      def capture(amount, authorization, options = {})
+        action = 'capture'
+
+        post = {}
+        post[:ticketNumber] = authorization
+        add_invoice(action, post, amount, options)
+        add_full_response(post, options)
+
+        commit(action, post)
+      end
+
+      def refund(amount, authorization, options = {})
+        action = 'refund'
+
+        post = {}
+        post[:ticketNumber] = authorization
+        add_full_response(post, options)
+
+        commit(action, post)
+      end
+
+      def void(authorization, options = {})
+        action = 'void'
+
+        post = {}
+        post[:ticketNumber] = authorization
+        add_full_response(post, options)
+
+        commit(action, post)
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((Private-Merchant-Id: )\d+), '\1[FILTERED]').
+          gsub(%r((\"card\\\":{\\\"number\\\":\\\")\d+), '\1[FILTERED]').
+          gsub(%r((\"cvv\\\":\\\")\d+), '\1[FILTERED]')
+      end
+
+      private
+
+      def tokenize(amount, payment_method, options)
+        action = 'tokenize'
+
+        post = {}
+        add_invoice(action, post, amount, options)
+        add_payment_method(post, payment_method, options)
+        add_full_response(post, options)
+        add_metadata(post, options)
+
+        commit(action, post)
+      end
+
+      def charge(amount, authorization, options)
+        action = 'charge'
+
+        post = {}
+        add_reference(post, authorization, options)
+        add_invoice(action, post, amount, options)
+        add_contact_details(post, options[:contact_details]) if options[:contact_details]
+        add_full_response(post, options)
+        add_metadata(post, options)
+
+        commit(action, post)
+      end
+
+      def preauthorize(amount, authorization, options)
+        action = 'preAuthorization'
+
+        post = {}
+        add_reference(post, authorization, options)
+        add_invoice(action, post, amount, options)
+        add_full_response(post, options)
+        add_metadata(post, options)
+
+        commit(action, post)
+      end
+
+      def add_invoice(action, post, money, options)
+        if action == 'tokenize'
+          post[:totalAmount] = amount(money).to_f
+          post[:currency] = options[:currency] || currency(money)
+          post[:isDeferred] = false
+        else
+          sum = {}
+          sum[:currency] = options[:currency] || currency(money)
+          add_amount_defaults(sum, money, options)
+          add_amount_by_country(sum, options)
+          post[:amount] = sum
+        end
+      end
+
+      def add_amount_defaults(sum, money, options)
+        sum[:subtotalIva] = amount(money).to_f
+        sum[:iva] = 0
+        sum[:subtotalIva0] = 0
+
+        sum[:ice] = 0 if sum[:currency] != 'COP'
+      end
+
+      def add_amount_by_country(sum, options)
+        if amount = options[:amount]
+          sum[:subtotalIva] = amount[:subtotal_iva].to_f if amount[:subtotal_iva]
+          sum[:iva] = amount[:iva].to_f if amount[:iva]
+          sum[:subtotalIva0] = amount[:subtotal_iva_0].to_f if amount[:subtotal_iva_0]
+          sum[:ice] = amount[:ice].to_f if amount[:ice]
+          if (extra_taxes = amount[:extra_taxes]) && sum[:currency] == 'COP'
+            sum[:extraTaxes] ||= Hash.new
+            sum[:extraTaxes][:propina] = extra_taxes[:propina].to_f if extra_taxes[:propina]
+            sum[:extraTaxes][:tasaAeroportuaria] = extra_taxes[:tasa_aeroportuaria].to_f if extra_taxes[:tasa_aeroportuaria]
+            sum[:extraTaxes][:agenciaDeViaje] = extra_taxes[:agencia_de_viaje].to_f if extra_taxes[:agencia_de_viaje]
+            sum[:extraTaxes][:iac] = extra_taxes[:iac].to_f if extra_taxes[:iac]
+          end
+        end
+      end
+
+      def add_payment_method(post, payment_method, options)
+        card = {}
+        card[:number] = payment_method.number
+        card[:cvv] = payment_method.verification_value
+        card[:expiryMonth] = format(payment_method.month, :two_digits)
+        card[:expiryYear] = format(payment_method.year, :two_digits)
+        card[:name] = payment_method.name
+        post[:card] = card
+      end
+
+      def add_reference(post, authorization, options)
+        post[:token] = authorization
+      end
+
+      def add_contact_details(post, contact_details_options)
+        contact_details = {}
+        contact_details[:documentType] = contact_details_options[:document_type] if contact_details_options[:document_type]
+        contact_details[:documentNumber] = contact_details_options[:document_number] if contact_details_options[:document_number]
+        contact_details[:email] = contact_details_options[:email] if contact_details_options[:email]
+        contact_details[:firstName] = contact_details_options[:first_name] if contact_details_options[:first_name]
+        contact_details[:lastName] = contact_details_options[:last_name] if contact_details_options[:last_name]
+        contact_details[:secondLastName] = contact_details_options[:second_last_name] if contact_details_options[:second_last_name]
+        contact_details[:phoneNumber] = contact_details_options[:phone_number] if contact_details_options[:phone_number]
+        post[:contactDetails] = contact_details
+      end
+
+      def add_full_response(post, options)
+        post[:fullResponse] = options[:full_response].to_s.casecmp('true').zero? if options[:full_response]
+      end
+
+      def add_metadata(post, options)
+        post[:metadata] = options[:metadata] if options[:metadata]
+      end
+
+      ENDPOINT = {
+        'tokenize' => 'tokens',
+        'charge' => 'charges',
+        'void' => 'charges',
+        'refund' => 'refund',
+        'preAuthorization' => 'preAuthorization',
+        'capture' => 'capture'
+      }
+
+      def commit(action, params)
+        response =
+          begin
+            parse(ssl_invoke(action, params))
+          rescue ResponseError => e
+            parse(e.response.body)
+          end
+
+        success = success_from(response)
+
+        Response.new(
+          success,
+          message_from(success, response),
+          response,
+          authorization: success ? authorization_from(response) : nil,
+          error_code: success ? nil : error_from(response),
+          test: test?
+        )
+      end
+
+      def ssl_invoke(action, params)
+        if %w[void refund].include?(action)
+          ssl_request(:delete, url(action, params), nil, headers(action))
+        else
+          ssl_post(url(action, params), post_data(params), headers(action))
+        end
+      end
+
+      def headers(action)
+        hfields = {}
+        hfields['Public-Merchant-Id'] = @options[:public_merchant_id] if action == 'tokenize'
+        hfields['Private-Merchant-Id'] = @options[:private_merchant_id] unless action == 'tokenize'
+        hfields['Content-Type'] = 'application/json'
+        hfields
+      end
+
+      def post_data(params)
+        params.to_json
+      end
+
+      def url(action, params)
+        base_url = test? ? test_url : live_url
+
+        if %w[void refund].include?(action)
+          base_url + 'v1/' + ENDPOINT[action] + '/' + params[:ticketNumber].to_s
+        else
+          base_url + 'card/v1/' + ENDPOINT[action]
+        end
+      end
+
+      def parse(body)
+        JSON.parse(body)
+      rescue JSON::ParserError
+        message = 'Invalid JSON response received from KushkiGateway. Please contact KushkiGateway if you continue to receive this message.'
+        message += " (The raw response returned by the API was #{body.inspect})"
+        {
+          'message' => message
+        }
+      end
+
+      def success_from(response)
+        return true if response['token'] || response['ticketNumber'] || response['code'] == 'K000'
+      end
+
+      def message_from(succeeded, response)
+        if succeeded
+          'Succeeded'
+        else
+          response['message']
+        end
+      end
+
+      def authorization_from(response)
+        response['token'] || response['ticketNumber']
+      end
+
+      def error_from(response)
+        response['code']
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/latitude19.rb

@@ -0,0 +1,412 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class Latitude19Gateway < Gateway
+      self.display_name = 'Latitude19 Gateway'
+      self.homepage_url = 'http://www.l19tech.com'
+
+      self.live_url = 'https://gateway.l19tech.com/payments/'
+      self.test_url = 'https://gateway-sb.l19tech.com/payments/'
+
+      self.supported_countries = %w[US CA]
+      self.default_currency = 'USD'
+      self.money_format = :dollars
+      self.supported_cardtypes = %i[visa master american_express discover diners_club jcb]
+
+      RESPONSE_CODE_MAPPING = {
+        '100' => 'Approved',
+        '101' => 'Local duplicate detected',
+        '102' => 'Accepted local capture with no match',
+        '103' => 'Auth succeeded but capture failed',
+        '104' => 'Auth succeeded but failed to save info',
+        '200' => STANDARD_ERROR_CODE[:card_declined],
+        '300' => 'Processor reject',
+        '301' => 'Local reject on user/password',
+        '302' => 'Local reject',
+        '303' => 'Processor unknown response',
+        '304' => 'Error parsing processor response',
+        '305' => 'Processor auth succeeded but settle failed',
+        '306' => 'Processor auth succeeded settle status unknown',
+        '307' => 'Processor settle status unknown',
+        '308' => 'Processor duplicate',
+        '400' => 'Not submitted',
+        '401' => 'Terminated before request submitted',
+        '402' => 'Local server busy',
+        '500' => 'Submitted not returned',
+        '501' => 'Terminated before response returned',
+        '502' => 'Processor returned timeout status',
+        '600' => 'Failed local capture with no match',
+        '601' => 'Failed local capture',
+        '700' => 'Failed local void (not in capture file)',
+        '701' => 'Failed local void',
+        '800' => 'Failed local refund (not authorized)',
+        '801' => 'Failed local refund'
+      }
+
+      BRAND_MAP = {
+        'master' => 'MC',
+        'visa' => 'VI',
+        'american_express' => 'AX',
+        'discover' => 'DS',
+        'diners_club' => 'DC',
+        'jcb' => 'JC'
+      }
+
+      def initialize(options = {})
+        requires!(options, :account_number, :configuration_id, :secret)
+        super
+      end
+
+      def purchase(amount, payment_method, options = {})
+        if payment_method.is_a?(String)
+          auth_or_sale('sale', payment_method, amount, nil, options)
+        else
+          MultiResponse.run() do |r|
+            r.process { get_session(options) }
+            r.process { get_token(r.authorization, payment_method, options) }
+            r.process { auth_or_sale('sale', r.authorization, amount, payment_method, options) }
+          end
+        end
+      end
+
+      def authorize(amount, payment_method, options = {})
+        if payment_method.is_a?(String)
+          auth_or_sale('auth', payment_method, amount, nil, options)
+        else
+          MultiResponse.run() do |r|
+            r.process { get_session(options) }
+            r.process { get_token(r.authorization, payment_method, options) }
+            r.process { auth_or_sale('auth', r.authorization, amount, payment_method, options) }
+          end
+        end
+      end
+
+      def capture(amount, authorization, options = {})
+        post = {}
+        post[:method] = 'deposit'
+        add_request_id(post)
+
+        params = {}
+
+        _, params[:pgwTID] = split_authorization(authorization)
+
+        add_invoice(params, amount, options)
+        add_credentials(params, post[:method])
+
+        post[:params] = [params]
+        commit('v1/', post)
+      end
+
+      def void(authorization, options = {})
+        method, pgwTID = split_authorization(authorization)
+        case method
+        when 'auth'
+          reverse_or_void('reversal', pgwTID, options)
+        when 'deposit', 'sale'
+          reverse_or_void('void', pgwTID, options)
+        else
+          message = 'Unsupported operation: successful Purchase, Authorize and unsettled Capture transactions can only be voided.'
+          return Response.new(false, message)
+        end
+      end
+
+      def credit(amount, payment_method, options = {})
+        if payment_method.is_a?(String)
+          refundWithCard(payment_method, amount, nil, options)
+        else
+          MultiResponse.run() do |r|
+            r.process { get_session(options) }
+            r.process { get_token(r.authorization, payment_method, options) }
+            r.process { refundWithCard(r.authorization, amount, payment_method, options) }
+          end
+        end
+      end
+
+      def verify(payment_method, options = {}, action = nil)
+        if payment_method.is_a?(String)
+          verifyOnly(action, payment_method, nil, options)
+        else
+          MultiResponse.run() do |r|
+            r.process { get_session(options) }
+            r.process { get_token(r.authorization, payment_method, options) }
+            r.process { verifyOnly(action, r.authorization, payment_method, options) }
+          end
+        end
+      end
+
+      def store(payment_method, options = {})
+        verify(payment_method, options, 'store')
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((\"cardNumber\\\":\\\")\d+), '\1[FILTERED]').
+          gsub(%r((\"cvv\\\":\\\")\d+), '\1[FILTERED]')
+      end
+
+      private
+
+      def add_request_id(post)
+        post[:id] = SecureRandom.hex(16)
+      end
+
+      def add_timestamp
+        Time.now.getutc.strftime('%Y%m%d%H%M%S')
+      end
+
+      def add_hmac(params, method)
+        if method == 'getSession'
+          hmac_message = params[:pgwAccountNumber] + '|' + params[:pgwConfigurationId] + '|' + params[:requestTimeStamp] + '|' + method
+        else
+          hmac_message = params[:pgwAccountNumber] + '|' + params[:pgwConfigurationId] + '|' + (params[:orderNumber] || '') + '|' + method + '|' + (params[:amount] || '') + '|' + (params[:sessionToken] || '') + '|' + (params[:accountToken] || '')
+        end
+
+        OpenSSL::HMAC.hexdigest('sha512', @options[:secret], hmac_message)
+      end
+
+      def add_credentials(params, method)
+        params[:pgwAccountNumber] = @options[:account_number]
+        params[:pgwConfigurationId] = @options[:configuration_id]
+
+        params[:requestTimeStamp] = add_timestamp() if method == 'getSession'
+
+        params[:pgwHMAC] = add_hmac(params, method)
+      end
+
+      def add_invoice(params, money, options)
+        params[:amount] = amount(money)
+        params[:orderNumber] = options[:order_id]
+        params[:transactionClass] = options[:transaction_class] || 'eCommerce'
+      end
+
+      def add_payment_method(params, credit_card)
+        params[:cardExp] = format(credit_card.month, :two_digits).to_s + '/' + format(credit_card.year, :two_digits).to_s
+        params[:cardType] = BRAND_MAP[credit_card.brand.to_s]
+        params[:cvv] = credit_card.verification_value
+        params[:firstName] = credit_card.first_name
+        params[:lastName] = credit_card.last_name
+      end
+
+      def add_customer_data(params, options)
+        if (billing_address = options[:billing_address] || options[:address])
+          params[:address1] = billing_address[:address1]
+          params[:address2] = billing_address[:address2]
+          params[:city] = billing_address[:city]
+          params[:stateProvince] = billing_address[:state]
+          params[:zipPostalCode] = billing_address[:zip]
+          params[:countryCode] = billing_address[:country]
+        end
+      end
+
+      def get_session(options = {})
+        post = {}
+        post[:method] = 'getSession'
+        add_request_id(post)
+
+        params = {}
+        add_credentials(params, post[:method])
+
+        post[:params] = [params]
+        commit('session', post)
+      end
+
+      def get_token(authorization, payment_method, options = {})
+        post = {}
+        post[:method] = 'tokenize'
+        add_request_id(post)
+
+        params = {}
+        _, params[:sessionId] = split_authorization(authorization)
+        params[:cardNumber] = payment_method.number
+
+        post[:params] = [params]
+        commit('token', post)
+      end
+
+      def auth_or_sale(method, authorization, amount, credit_card, options = {})
+        post = {}
+        post[:method] = method
+        add_request_id(post)
+
+        params = {}
+        if credit_card
+          _, params[:sessionToken] = split_authorization(authorization)
+          add_payment_method(params, credit_card)
+          add_customer_data(params, options)
+        else
+          _, params[:accountToken] = split_authorization(authorization)
+        end
+        add_invoice(params, amount, options)
+        add_credentials(params, post[:method])
+
+        post[:params] = [params]
+        commit('v1/', post)
+      end
+
+      def verifyOnly(action, authorization, credit_card, options = {})
+        post = {}
+        post[:method] = 'verifyOnly'
+        add_request_id(post)
+
+        params = {}
+        if credit_card
+          _, params[:sessionToken] = split_authorization(authorization)
+          add_payment_method(params, credit_card)
+          add_customer_data(params, options)
+        else
+          _, params[:accountToken] = split_authorization(authorization)
+        end
+        params[:requestAccountToken] = '1' if action == 'store'
+        add_invoice(params, 0, options)
+        add_credentials(params, post[:method])
+
+        post[:params] = [params]
+        commit('v1/', post)
+      end
+
+      def refundWithCard(authorization, amount, credit_card, options = {})
+        post = {}
+        post[:method] = 'refundWithCard'
+        add_request_id(post)
+
+        params = {}
+        if credit_card
+          _, params[:sessionToken] = split_authorization(authorization)
+          add_payment_method(params, credit_card)
+        else
+          _, params[:accountToken] = split_authorization(authorization)
+        end
+        add_invoice(params, amount, options)
+        add_credentials(params, post[:method])
+
+        post[:params] = [params]
+        commit('v1/', post)
+      end
+
+      def reverse_or_void(method, pgwTID, options = {})
+        post = {}
+        post[:method] = method
+        add_request_id(post)
+
+        params = {}
+        params[:orderNumber] = options[:order_id]
+        params[:pgwTID] = pgwTID
+        add_credentials(params, post[:method])
+
+        post[:params] = [params]
+        commit('v1/', post)
+      end
+
+      def commit(endpoint, post)
+        raw_response = ssl_post(url() + endpoint, post_data(post), headers)
+        response = parse(raw_response)
+      rescue ResponseError => e
+        raw_response = e.response.body
+        response_error(raw_response)
+      rescue JSON::ParserError
+        unparsable_response(raw_response)
+      else
+        success = success_from(response)
+        Response.new(
+          success,
+          message_from(response),
+          response,
+          authorization: success ? authorization_from(response, post[:method]) : nil,
+          avs_result: success ? avs_from(response) : nil,
+          cvv_result: success ? cvv_from(response) : nil,
+          error_code: success ? nil : error_from(response),
+          test: test?
+        )
+      end
+
+      def headers
+        {
+          'Content-Type' => 'application/json'
+        }
+      end
+
+      def post_data(params)
+        params.to_json
+      end
+
+      def url
+        test? ? test_url : live_url
+      end
+
+      def parse(body)
+        JSON.parse(body)
+      end
+
+      def success_from(response)
+        return false if response['result'].nil? || response['error']
+
+        if response['result'].key?('pgwResponseCode')
+          response['error'].nil? && response['result']['lastActionSucceeded'] == 1 && response['result']['pgwResponseCode'] == '100'
+        else
+          response['error'].nil? && response['result']['lastActionSucceeded'] == 1
+        end
+      end
+
+      def message_from(response)
+        return response['error'] if response['error']
+        return 'Failed' unless response.key?('result')
+
+        if response['result'].key?('pgwResponseCode')
+          RESPONSE_CODE_MAPPING[response['result']['pgwResponseCode']] || response['result']['responseText']
+        else
+          response['result']['lastActionSucceeded'] == 1 ? 'Succeeded' : 'Failed'
+        end
+      end
+
+      def error_from(response)
+        return response['error'] if response['error']
+        return 'Failed' unless response.key?('result')
+
+        return response['result']['pgwResponseCode'] || response['result']['processor']['responseCode'] || 'Failed'
+      end
+
+      def authorization_from(response, method)
+        method + '|' + (
+          response['result']['sessionId'] ||
+          response['result']['sessionToken'] ||
+          response['result']['pgwTID'] ||
+          response['result']['accountToken']
+        )
+      end
+
+      def split_authorization(authorization)
+        authorization.split('|')
+      end
+
+      def avs_from(response)
+        response['result'].key?('avsResponse') ? AVSResult.new(code: response['result']['avsResponse']) : nil
+      end
+
+      def cvv_from(response)
+        response['result'].key?('cvvResponse') ? CVVResult.new(response['result']['cvvResponse']) : nil
+      end
+
+      def response_error(raw_response)
+        response = parse(raw_response)
+      rescue JSON::ParserError
+        unparsable_response(raw_response)
+      else
+        return Response.new(
+          false,
+          message_from(response),
+          response,
+          test: test?
+        )
+      end
+
+      def unparsable_response(raw_response)
+        message = 'Invalid JSON response received from Latitude19Gateway. Please contact Latitude19Gateway if you continue to receive this message.'
+        message += " (The raw response returned by the API was #{raw_response.inspect})"
+        return Response.new(false, message)
+      end
+    end
+  end
+end