activemerchant 1.45.0 → 1.126.0

data/lib/active_merchant/billing/gateways/mastercard.rb

@@ -0,0 +1,293 @@
+module ActiveMerchant
+  module Billing
+    module MastercardGateway
+      def initialize(options = {})
+        requires!(options, :userid, :password)
+        super
+      end
+
+      def purchase(amount, payment_method, options = {})
+        if options[:pay_mode]
+          post = new_post
+          add_invoice(post, amount, options)
+          add_reference(post, *new_authorization)
+          add_payment_method(post, payment_method)
+          add_customer_data(post, payment_method, options)
+          add_3dsecure_id(post, options)
+
+          commit('pay', post)
+        else
+          MultiResponse.run do |r|
+            r.process { authorize(amount, payment_method, options) }
+            r.process { capture(amount, r.authorization, options) }
+          end
+        end
+      end
+
+      def authorize(amount, payment_method, options = {})
+        post = new_post
+        add_invoice(post, amount, options)
+        add_reference(post, *new_authorization)
+        add_payment_method(post, payment_method)
+        add_customer_data(post, payment_method, options)
+        add_3dsecure_id(post, options)
+
+        commit('authorize', post)
+      end
+
+      def capture(amount, authorization, options = {})
+        post = new_post
+        add_invoice(post, amount, options, :transaction)
+        add_reference(post, *next_authorization(authorization))
+        add_customer_data(post, nil, options)
+        add_3dsecure_id(post, options)
+
+        commit('capture', post)
+      end
+
+      def refund(amount, authorization, options = {})
+        post = new_post
+        add_invoice(post, amount, options, :transaction)
+        add_reference(post, *next_authorization(authorization))
+        add_customer_data(post, nil, options)
+
+        commit('refund', post)
+      end
+
+      def void(authorization, options = {})
+        post = new_post
+        add_reference(post, *next_authorization(authorization), :targetTransactionId)
+
+        commit('void', post)
+      end
+
+      def verify(credit_card, options = {})
+        MultiResponse.run(:use_first_response) do |r|
+          r.process { authorize(100, credit_card, options) }
+          r.process(:ignore_result) { void(r.authorization, options) }
+        end
+      end
+
+      def verify_credentials
+        url = build_url(SecureRandom.uuid, 'nonexistent')
+        begin
+          ssl_get(url, headers)
+        rescue ResponseError => e
+          return false if e.response.code.to_i == 401
+        end
+
+        true
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((Authorization: Basic ).*\\r\\n), '\1[FILTERED]').
+          gsub(%r(("number"?\\?":"?\\?")\d*), '\1[FILTERED]').
+          gsub(%r(("securityCode"?\\?":"?\\?")\d*), '\1[FILTERED]')
+      end
+
+      private
+
+      def new_post
+        {
+          order: {},
+          sourceOfFunds: {
+            provided: {
+              card: {
+              }
+            }
+          },
+          customer: {},
+          billing: {},
+          device: {},
+          shipping: {},
+          transaction: {}
+        }
+      end
+
+      def add_invoice(post, amount, options, node = :order)
+        post[node][:amount] = amount(amount)
+        post[node][:currency] = (options[:currency] || currency(amount))
+      end
+
+      def add_reference(post, orderid, transactionid, transaction_reference, reference_key = :reference)
+        post[:orderid] = orderid
+        post[:transactionid] = transactionid
+        post[:transaction][reference_key] = transaction_reference if transaction_reference
+      end
+
+      def add_payment_method(post, payment_method)
+        card = {}
+        card[:expiry] = {}
+        card[:number] = payment_method.number
+        card[:securityCode] = payment_method.verification_value
+        card[:expiry][:year] = format(payment_method.year, :two_digits)
+        card[:expiry][:month] = format(payment_method.month, :two_digits)
+
+        post[:sourceOfFunds][:type] = 'CARD'
+        post[:sourceOfFunds][:provided][:card].merge!(card)
+      end
+
+      def add_customer_data(post, payment_method, options)
+        billing = {}
+        shipping = {}
+        customer = {}
+        device = {}
+
+        customer[:firstName] = payment_method.first_name if payment_method
+        customer[:lastName] = payment_method.last_name if payment_method
+        customer[:email] = options[:email] if options[:email]
+        device[:ipAddress] = options[:ip] if options[:ip]
+
+        if (billing_address = options[:billing_address])
+          billing[:address] = {}
+          billing[:address][:street]        = billing_address[:address1]
+          billing[:address][:street2]       = billing_address[:address2]
+          billing[:address][:city]          = billing_address[:city]
+          billing[:address][:stateProvince] = billing_address[:state]
+          billing[:address][:postcodeZip]   = billing_address[:zip]
+          billing[:address][:country]       = country_code(billing_address[:country])
+          customer[:phone]                  = billing_address[:phone]
+        end
+
+        if (shipping_address = options[:shipping_address])
+          shipping[:address] = {}
+          shipping[:address][:street]        = shipping_address[:address1]
+          shipping[:address][:street2]       = shipping_address[:address2]
+          shipping[:address][:city]          = shipping_address[:city]
+          shipping[:address][:stateProvince] = shipping_address[:state]
+          shipping[:address][:postcodeZip]   = shipping_address[:zip]
+          shipping[:address][:shipcountry]   = country_code(shipping_address[:country])
+
+          first_name, last_name = split_names(shipping_address[:name])
+          shipping[:firstName]  = first_name if first_name
+          shipping[:lastName]   = last_name if last_name
+        end
+        post[:billing].merge!(billing)
+        post[:shipping].merge!(shipping)
+        post[:device].merge!(device)
+        post[:customer].merge!(customer)
+      end
+
+      def add_3dsecure_id(post, options)
+        return unless options[:threed_secure_id]
+
+        post.merge!({ '3DSecureId' => options[:threed_secure_id] })
+      end
+
+      def country_code(country)
+        if country
+          country = ActiveMerchant::Country.find(country)
+          country.code(:alpha3).value
+        end
+      rescue InvalidCountryCodeError
+      end
+
+      def headers
+        {
+          'Authorization' => 'Basic ' + Base64.encode64("merchant.#{@options[:userid]}:#{@options[:password]}").strip.delete("\r\n"),
+          'Content-Type' => 'application/json'
+        }
+      end
+
+      def commit(action, post)
+        url = build_url(post.delete(:orderid), post.delete(:transactionid))
+        post[:apiOperation] = action.upcase
+        begin
+          raw = parse(ssl_request(:put, url, build_request(post), headers))
+        rescue ResponseError => e
+          raw = parse(e.response.body)
+        end
+        succeeded = success_from(raw)
+        Response.new(
+          succeeded,
+          message_from(succeeded, raw),
+          raw,
+          authorization: authorization_from(post, raw),
+          test: test?
+        )
+      end
+
+      def build_url(orderid, transactionid)
+        "#{base_url}merchant/#{@options[:userid]}/order/#{orderid}/transaction/#{transactionid}"
+      end
+
+      def base_url
+        if test?
+          case @options[:region]
+          when 'asia_pacific'
+            test_ap_url
+          when 'europe'
+            test_eu_url
+          when 'north_america', nil
+            test_na_url
+          end
+        else
+          case @options[:region]
+          when 'asia_pacific'
+            live_ap_url
+          when 'europe'
+            live_eu_url
+          when 'north_america', nil
+            live_na_url
+          end
+        end
+      end
+
+      def build_request(post = {})
+        post.to_json
+      end
+
+      def parse(body)
+        JSON.parse(body)
+      end
+
+      def success_from(response)
+        response['result'] == 'SUCCESS'
+      end
+
+      def message_from(succeeded, response)
+        if succeeded
+          'Succeeded'
+        else
+          [
+            response['result'],
+            response['response'] && response['response']['gatewayCode'],
+            response['error'] && response['error']['cause'],
+            response['error'] && response['error']['explanation']
+          ].compact.join(' - ')
+        end
+      end
+
+      def authorization_from(request, response)
+        [response['order']['id'], response['transaction']['id']].join('|') if response['order']
+      end
+
+      def split_authorization(authorization)
+        authorization.split('|')
+      end
+
+      def new_authorization
+        # Must be unique within a merchant id.
+        orderid = SecureRandom.uuid
+
+        # Must be unique within an order id.
+        transactionid = '1'
+
+        # New transactions have no previous reference.
+        transaction_reference = nil
+        [orderid, transactionid, transaction_reference]
+      end
+
+      def next_authorization(authorization)
+        orderid, prev_transactionid = split_authorization(authorization)
+        next_transactionid = SecureRandom.uuid
+        [orderid, next_transactionid, prev_transactionid]
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/maxipago.rb

@@ -11,7 +11,7 @@ module ActiveMerchant #:nodoc:
       self.supported_countries = ['BR']
       self.default_currency = 'BRL'
       self.money_format = :dollars
-      self.supported_cardtypes = [:visa, :master, :discover, :american_express, :diners_club]
+      self.supported_cardtypes = %i[visa master discover american_express diners_club]
       self.homepage_url = 'http://www.maxipago.com/'
       self.display_name = 'maxiPago!'
 
@@ -21,177 +21,200 @@ module ActiveMerchant #:nodoc:
       end
 
       def purchase(money, creditcard, options = {})
-        post = {}
-        add_aux_data(post, options)
-        add_amount(post, money)
-        add_creditcard(post, creditcard)
-        add_name(post, creditcard)
-        add_address(post, options)
-
-        commit(build_sale_request(post))
+        commit(:sale) do |xml|
+          add_auth_purchase(xml, money, creditcard, options)
+        end
       end
 
       def authorize(money, creditcard, options = {})
-        post = {}
-        add_aux_data(post, options)
-        add_amount(post, money)
-        add_creditcard(post, creditcard)
-        add_name(post, creditcard)
-        add_address(post, options)
-
-        commit(build_sale_request(post, "auth"))
+        commit(:auth) do |xml|
+          add_auth_purchase(xml, money, creditcard, options)
+        end
       end
 
       def capture(money, authorization, options = {})
-        post = {}
-        add_amount(post, money)
-        add_aux_data(post, options)
-        commit(build_capture_request(authorization, post))
+        commit(:capture) do |xml|
+          add_order_id(xml, authorization)
+          add_reference_num(xml, options)
+          xml.payment do
+            add_amount(xml, money, options)
+          end
+        end
+      end
+
+      def void(authorization, options = {})
+        _, transaction_id = split_authorization(authorization)
+        commit(:void) do |xml|
+          xml.transactionID transaction_id
+        end
+      end
+
+      def refund(money, authorization, options = {})
+        commit(:return) do |xml|
+          add_order_id(xml, authorization)
+          add_reference_num(xml, options)
+          xml.payment do
+            add_amount(xml, money, options)
+          end
+        end
+      end
+
+      def verify(creditcard, options = {})
+        MultiResponse.run(:use_first_response) do |r|
+          r.process { authorize(100, creditcard, options) }
+          r.process(:ignore_result) { void(r.authorization, options) }
+        end
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((<merchantKey>)[^<]*(</merchantKey>))i, '\1[FILTERED]\2').
+          gsub(%r((<number>)[^<]*(</number>))i, '\1[FILTERED]\2').
+          gsub(%r((<cvvNumber>)[^<]*(</cvvNumber>))i, '\1[FILTERED]\2')
       end
 
       private
 
-      def commit(request)
-        url = (test? ? self.test_url : self.live_url)
+      def commit(action)
+        request = build_xml_request(action) { |doc| yield(doc) }
         response = parse(ssl_post(url, request, 'Content-Type' => 'text/xml'))
+
         Response.new(
           success?(response),
           message_from(response),
           response,
           test: test?,
-          authorization: response[:order_id]
+          authorization: authorization_from(response)
         )
       end
 
+      def url
+        test? ? self.test_url : self.live_url
+      end
+
+      def build_xml_request(action)
+        builder = Nokogiri::XML::Builder.new(encoding: 'UTF-8')
+        builder.send('transaction-request') do |xml|
+          xml.version '3.1.1.15'
+          xml.verification do
+            xml.merchantId @options[:login]
+            xml.merchantKey @options[:password]
+          end
+          xml.order do
+            xml.send("#{action}!") do
+              yield(xml)
+            end
+          end
+        end
+
+        builder.to_xml(indent: 2)
+      end
+
       def success?(response)
-        (response[:response_code] == '0')
+        response[:response_code] == '0'
       end
 
       def message_from(response)
-        return response[:error_message] if response[:error_message].present?
-        return response[:processor_message] if response[:processor_message].present?
-        return response[:response_message] if response[:response_message].present?
-        return (success?(response) ? 'success' : 'error')
+        response[:error_message] || response[:response_message] || response[:processor_message] || response[:error_msg]
       end
 
-      def add_aux_data(post, options)
-        post[:processorID] = (test? ? 1 : 4) # test: 1, redecard: 2, cielo: 4
-        post[:referenceNum] = options[:order_id]
-        post[:installments] = options[:installments] if options.has_key?(:installments) && options[:installments] > 1 # only send installments if it is a deferred payment
+      def authorization_from(response)
+        "#{response[:order_id]}|#{response[:transaction_id]}"
       end
 
-      def add_amount(post, money)
-        post[:amount] = amount(money)
+      def split_authorization(authorization)
+        authorization.split('|')
       end
 
-      def add_creditcard(post, creditcard)
-        post[:card_number] = creditcard.number
-        post[:card_exp_month] = creditcard.month
-        post[:card_exp_year] = creditcard.year
-        post[:card_cvv] = creditcard.verification_value
-      end
+      def parse(body)
+        xml = REXML::Document.new(body)
 
-      def add_name(post, creditcard)
-        post[:billing_name] = creditcard.name
+        response = {}
+        xml.root.elements.to_a.each do |node|
+          parse_element(response, node)
+        end
+        response
       end
 
-      def add_address(post, options)
-        if(address = (options[:address] || options[:billing_address]))
-          post[:billing_address] = address[:address1]
-          post[:billing_address2] = address[:address2]
-          post[:billing_city] = address[:city]
-          post[:billing_state] = address[:state]
-          post[:billing_postalcode] = address[:zip]
-          post[:billing_country] = address[:country]
-          post[:billing_phone] = address[:phone]
+      def parse_element(response, node)
+        if node.has_elements?
+          node.elements.each { |element| parse_element(response, element) }
+        else
+          response[node.name.underscore.to_sym] = node.text
         end
       end
 
-      def build_capture_request(authorization, params)
-        build_request(params) do |xml|
-          xml.capture! {
-            xml.orderID authorization
-            xml.referenceNum params[:referenceNum]
-            xml.payment {
-              xml.chargeTotal params[:amount]
-            }
-          }
+      def add_auth_purchase(xml, money, creditcard, options)
+        add_processor_id(xml)
+        xml.fraudCheck('N')
+        add_reference_num(xml, options)
+        xml.transactionDetail do
+          xml.payType do
+            xml.creditCard do
+              xml.number(creditcard.number)
+              xml.expMonth(creditcard.month)
+              xml.expYear(creditcard.year)
+              xml.cvvNumber(creditcard.verification_value)
+            end
+          end
+        end
+        xml.payment do
+          add_amount(xml, money, options)
+          add_installments(xml, options)
         end
+        add_billing_address(xml, creditcard, options)
+      end
+
+      def add_reference_num(xml, options)
+        xml.referenceNum(options[:order_id] || generate_unique_id)
       end
 
-      def build_sale_request(params, action="sale")
-        build_request(params) do |xml|
-          xml.send(action) {
-            xml.processorID params[:processorID]
-            xml.fraudCheck 'N'
-            xml.referenceNum params[:referenceNum] # spree_order
-            xml.transactionDetail {
-              xml.payType {
-                xml.creditCard {
-                  xml.number params[:card_number]
-                  xml.expMonth params[:card_exp_month]
-                  xml.expYear params[:card_exp_year]
-                  xml.cvvNumber params[:card_cvv]
-                }
-              }
-            }
-            xml.payment {
-              xml.chargeTotal params[:amount]
-              if params[:installments].present?
-                xml.creditInstallment {
-                  xml.numberOfInstallments params[:installments]
-                  xml.chargeInterest 'N'
-                }
-              end
-            }
-            xml.billing {
-              xml.name params[:billing_name]
-              xml.address params[:billing_address] if params[:billing_address].present?
-              xml.address2 params[:billing_address2] if params[:billing_address2].present?
-              xml.city params[:billing_city] if params[:billing_city].present?
-              xml.state params[:billing_state] if params[:billing_state].present?
-              xml.postalcode params[:billing_postalcode] if params[:billing_postalcode].present?
-              xml.country params[:billing_country] if params[:billing_country].present?
-              xml.phone params[:billing_phone] if params[:billing_phone].present?
-            }
-          }
+      def add_amount(xml, money, options)
+        xml.chargeTotal(amount(money))
+        xml.currencyCode(options[:currency] || currency(money) || default_currency)
+      end
+
+      def add_processor_id(xml)
+        if test?
+          xml.processorID(1)
+        else
+          xml.processorID(@options[:processor_id] || 4)
         end
       end
 
-      def build_request(params)
-        builder = Nokogiri::XML::Builder.new(encoding: 'UTF-8') do |xml|
-          xml.send("transaction-request") {
-            xml.version API_VERSION
-            xml.verification {
-              xml.merchantId @options[:login]
-              xml.merchantKey @options[:password]
-            }
-            xml.order {
-              yield(xml)
-            }
-          }
+      def add_installments(xml, options)
+        if options.has_key?(:installments) && options[:installments] > 1
+          xml.creditInstallment do
+            xml.numberOfInstallments options[:installments]
+            xml.chargeInterest 'N'
+          end
         end
-        builder.to_xml(indent: 2)
       end
 
-      def parse(body)
-        xml = REXML::Document.new(body)
+      def add_billing_address(xml, creditcard, options)
+        address = options[:billing_address]
+        return unless address
 
-        response = {}
-        xml.root.elements.to_a.each do |node|
-          parse_element(response, node)
+        xml.billing do
+          xml.name creditcard.name
+          xml.address address[:address1] if address[:address1]
+          xml.address2 address[:address2] if address[:address2]
+          xml.city address[:city] if address[:city]
+          xml.state address[:state] if address[:state]
+          xml.postalcode address[:zip] if address[:zip]
+          xml.country address[:country] if address[:country]
+          xml.phone address[:phone] if address[:phone]
         end
-        response
       end
 
-      def parse_element(response, node)
-        if node.has_elements?
-          node.elements.each{|element| parse_element(response, element) }
-        else
-          response[node.name.underscore.to_sym] = node.text
-        end
+      def add_order_id(xml, authorization)
+        order_id, = split_authorization(authorization)
+        xml.orderID order_id
       end
     end
   end
 end
-