activemerchant 1.45.0 → 1.126.0

data/lib/active_merchant/billing/gateways/plugnpay.rb

@@ -3,97 +3,97 @@ module ActiveMerchant
     class PlugnpayGateway < Gateway
       class PlugnpayPostData < PostData
         # Fields that will be sent even if they are blank
-        self.required_fields = [ :publisher_name, :publisher_password,
-          :card_amount, :card_name, :card_number, :card_exp, :orderID ]
+        self.required_fields = %i[publisher_name publisher_password
+                                  card_amount card_name card_number card_exp orderID]
       end
       self.live_url = self.test_url = 'https://pay1.plugnpay.com/payment/pnpremote.cgi'
 
       CARD_CODE_MESSAGES = {
-        "M" => "Card verification number matched",
-        "N" => "Card verification number didn't match",
-        "P" => "Card verification number was not processed",
-        "S" => "Card verification number should be on card but was not indicated",
-        "U" => "Issuer was not certified for card verification"
+        'M' => 'Card verification number matched',
+        'N' => "Card verification number didn't match",
+        'P' => 'Card verification number was not processed',
+        'S' => 'Card verification number should be on card but was not indicated',
+        'U' => 'Issuer was not certified for card verification'
       }
 
-      CARD_CODE_ERRORS = %w( N S )
+      CARD_CODE_ERRORS = %w(N S)
 
       AVS_MESSAGES = {
-        "A" => "Street address matches billing information, zip/postal code does not",
-        "B" => "Address information not provided for address verification check",
-        "E" => "Address verification service error",
-        "G" => "Non-U.S. card-issuing bank",
-        "N" => "Neither street address nor zip/postal match billing information",
-        "P" => "Address verification not applicable for this transaction",
-        "R" => "Payment gateway was unavailable or timed out",
-        "S" => "Address verification service not supported by issuer",
-        "U" => "Address information is unavailable",
-        "W" => "9-digit zip/postal code matches billing information, street address does not",
-        "X" => "Street address and 9-digit zip/postal code matches billing information",
-        "Y" => "Street address and 5-digit zip/postal code matches billing information",
-        "Z" => "5-digit zip/postal code matches billing information, street address does not",
+        'A' => 'Street address matches billing information, zip/postal code does not',
+        'B' => 'Address information not provided for address verification check',
+        'E' => 'Address verification service error',
+        'G' => 'Non-U.S. card-issuing bank',
+        'N' => 'Neither street address nor zip/postal match billing information',
+        'P' => 'Address verification not applicable for this transaction',
+        'R' => 'Payment gateway was unavailable or timed out',
+        'S' => 'Address verification service not supported by issuer',
+        'U' => 'Address information is unavailable',
+        'W' => '9-digit zip/postal code matches billing information, street address does not',
+        'X' => 'Street address and 9-digit zip/postal code matches billing information',
+        'Y' => 'Street address and 5-digit zip/postal code matches billing information',
+        'Z' => '5-digit zip/postal code matches billing information, street address does not'
       }
 
-      AVS_ERRORS = %w( A E N R W Z )
+      AVS_ERRORS = %w(A E N R W Z)
 
       PAYMENT_GATEWAY_RESPONSES = {
-        "P01" => "AVS Mismatch Failure",
-        "P02" => "CVV2 Mismatch Failure",
-        "P21" => "Transaction may not be marked",
-        "P30" => "Test Tran. Bad Card",
-        "P35" => "Test Tran. Problem",
-        "P40" => "Username already exists",
-        "P41" => "Username is blank",
-        "P50" => "Fraud Screen Failure",
-        "P51" => "Missing PIN Code",
-        "P52" => "Invalid Bank Acct. No.",
-        "P53" => "Invalid Bank Routing No.",
-        "P54" => "Invalid/Missing Check No.",
-        "P55" => "Invalid Credit Card No.",
-        "P56" => "Invalid CVV2/CVC2 No.",
-        "P57" => "Expired. CC Exp. Date",
-        "P58" => "Missing Data",
-        "P59" => "Missing Email Address",
-        "P60" => "Zip Code does not match Billing State.",
-        "P61" => "Invalid Billing Zip Code",
-        "P62" => "Zip Code does not match Shipping State.",
-        "P63" => "Invalid Shipping Zip Code",
-        "P64" => "Invalid Credit Card CVV2/CVC2 Format.",
-        "P65" => "Maximum number of attempts has been exceeded.",
-        "P66" => "Credit Card number has been flagged and can not be used to access this service.",
-        "P67" => "IP Address is on Blocked List.",
-        "P68" => "Billing country does not match ipaddress country.",
-        "P69" => "US based ipaddresses are currently blocked.",
-        "P70" => "Credit Cards issued from this bank are currently not being accepted.",
-        "P71" => "Credit Cards issued from this bank are currently not being accepted.",
-        "P72" => "Daily volume exceeded.",
-        "P73" => "Too many transactions within allotted time.",
-        "P91" => "Missing/incorrect password",
-        "P92" => "Account not configured for mobil administration",
-        "P93" => "IP Not registered to username.",
-        "P94" => "Mode not permitted for this account.",
-        "P95" => "Currently Blank",
-        "P96" => "Currently Blank",
-        "P97" => "Processor not responding",
-        "P98" => "Missing merchant/publisher name",
-        "P99" => "Currently Blank"
+        'P01' => 'AVS Mismatch Failure',
+        'P02' => 'CVV2 Mismatch Failure',
+        'P21' => 'Transaction may not be marked',
+        'P30' => 'Test Tran. Bad Card',
+        'P35' => 'Test Tran. Problem',
+        'P40' => 'Username already exists',
+        'P41' => 'Username is blank',
+        'P50' => 'Fraud Screen Failure',
+        'P51' => 'Missing PIN Code',
+        'P52' => 'Invalid Bank Acct. No.',
+        'P53' => 'Invalid Bank Routing No.',
+        'P54' => 'Invalid/Missing Check No.',
+        'P55' => 'Invalid Credit Card No.',
+        'P56' => 'Invalid CVV2/CVC2 No.',
+        'P57' => 'Expired. CC Exp. Date',
+        'P58' => 'Missing Data',
+        'P59' => 'Missing Email Address',
+        'P60' => 'Zip Code does not match Billing State.',
+        'P61' => 'Invalid Billing Zip Code',
+        'P62' => 'Zip Code does not match Shipping State.',
+        'P63' => 'Invalid Shipping Zip Code',
+        'P64' => 'Invalid Credit Card CVV2/CVC2 Format.',
+        'P65' => 'Maximum number of attempts has been exceeded.',
+        'P66' => 'Credit Card number has been flagged and can not be used to access this service.',
+        'P67' => 'IP Address is on Blocked List.',
+        'P68' => 'Billing country does not match ipaddress country.',
+        'P69' => 'US based ipaddresses are currently blocked.',
+        'P70' => 'Credit Cards issued from this bank are currently not being accepted.',
+        'P71' => 'Credit Cards issued from this bank are currently not being accepted.',
+        'P72' => 'Daily volume exceeded.',
+        'P73' => 'Too many transactions within allotted time.',
+        'P91' => 'Missing/incorrect password',
+        'P92' => 'Account not configured for mobil administration',
+        'P93' => 'IP Not registered to username.',
+        'P94' => 'Mode not permitted for this account.',
+        'P95' => 'Currently Blank',
+        'P96' => 'Currently Blank',
+        'P97' => 'Processor not responding',
+        'P98' => 'Missing merchant/publisher name',
+        'P99' => 'Currently Blank'
       }
 
       TRANSACTIONS = {
-        :authorization => 'auth',
-        :purchase => 'auth',
-        :capture => 'mark',
-        :void => 'void',
-        :refund => 'return',
-        :credit => 'newreturn'
+        authorization: 'auth',
+        purchase: 'auth',
+        capture: 'mark',
+        void: 'void',
+        refund: 'return',
+        credit: 'newreturn'
       }
 
-      SUCCESS_CODES = [ 'pending', 'success' ]
-      FAILURE_CODES = [ 'badcard', 'fraud' ]
+      SUCCESS_CODES = %w[pending success]
+      FAILURE_CODES = %w[badcard fraud]
 
       self.default_currency = 'USD'
       self.supported_countries = ['US']
-      self.supported_cardtypes = [:visa, :master, :american_express, :discover]
+      self.supported_cardtypes = %i[visa master american_express discover]
       self.homepage_url = 'http://www.plugnpay.com/'
       self.display_name = "Plug'n Pay"
 
@@ -172,23 +172,23 @@ module ActiveMerchant
       end
 
       private
+
       def commit(action, post)
-        response = parse( ssl_post(self.live_url, post_data(action, post)) )
+        response = parse(ssl_post(self.live_url, post_data(action, post)))
         success = SUCCESS_CODES.include?(response[:finalstatus])
         message = success ? 'Success' : message_from(response)
 
         Response.new(success, message, response,
-          :test => test?,
-          :authorization => response[:orderid],
-          :avs_result => { :code => response[:avs_code] },
-          :cvv_result => response[:cvvresp]
-        )
+          test: test?,
+          authorization: response[:orderid],
+          avs_result: { code: response[:avs_code] },
+          cvv_result: response[:cvvresp])
       end
 
       def parse(body)
         body = CGI.unescape(body)
         results = {}
-        body.split('&').collect { |e| e.split('=') }.each do |key,value|
+        body.split('&').collect { |e| e.split('=') }.each do |key, value|
           results[key.downcase.to_sym] = normalize(value.to_s.strip)
         end
 
@@ -218,7 +218,7 @@ module ActiveMerchant
 
       def add_customer_data(post, options)
         post[:email] = options[:email]
-        post[:dontsndmail]        = 'yes' unless options[:send_email_confirmation]
+        post[:dontsndmail] = 'yes' unless options[:send_email_confirmation]
         post[:ipaddress] = options[:ip]
       end
 
@@ -255,7 +255,7 @@ module ActiveMerchant
             post[:state] = shipping_address[:state]
           else
             post[:state] = 'ZZ'
-            post[:province]  = shipping_address[:state]
+            post[:province] = shipping_address[:state]
           end
 
           post[:country] = shipping_address[:country]
@@ -273,8 +273,8 @@ module ActiveMerchant
       end
 
       def expdate(creditcard)
-        year  = sprintf("%.4i", creditcard.year)
-        month = sprintf("%.2i", creditcard.month)
+        year  = sprintf('%.4i', creditcard.year)
+        month = sprintf('%.2i', creditcard.month)
 
         "#{month}/#{year[-2..-1]}"
       end

data/lib/active_merchant/billing/gateways/priority.rb

@@ -0,0 +1,369 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class PriorityGateway < Gateway
+      # Sandbox and Production
+      self.test_url = 'https://sandbox.api.mxmerchant.com/checkout/v3/payment'
+      self.live_url = 'https://api.mxmerchant.com/checkout/v3/payment'
+
+      class_attribute :test_url_verify, :live_url_verify, :test_auth, :live_auth, :test_env_verify, :live_env_verify, :test_url_batch, :live_url_batch, :test_url_jwt, :live_url_jwt, :merchant
+
+      # Sandbox and Production - verify card
+      self.test_url_verify = 'https://sandbox-api2.mxmerchant.com/merchant/v1/bin'
+      self.live_url_verify = 'https://api2.mxmerchant.com/merchant/v1/bin'
+
+      # Sandbox and Production - check batch status
+      self.test_url_batch = 'https://sandbox.api.mxmerchant.com/checkout/v3/batch'
+      self.live_url_batch = 'https://api.mxmerchant.com/checkout/v3/batch'
+
+      # Sandbox and Production - generate jwt for verify card url
+      self.test_url_jwt = 'https://sandbox-api2.mxmerchant.com/security/v1/application/merchantId'
+      self.live_url_jwt = 'https://api2.mxmerchant.com/security/v1/application/merchantId'
+
+      self.supported_countries = ['US']
+      self.default_currency = 'USD'
+      self.supported_cardtypes = %i[visa master american_express discover]
+
+      self.homepage_url = 'https://mxmerchant.com/'
+      self.display_name = 'Priority'
+
+      def initialize(options = {})
+        requires!(options, :merchant_id, :key, :secret)
+        super
+      end
+
+      def basic_auth
+        Base64.strict_encode64("#{@options[:key]}:#{@options[:secret]}")
+      end
+
+      def request_headers
+        {
+          'Content-Type' => 'application/json',
+          'Authorization' => "Basic #{basic_auth}"
+        }
+      end
+
+      def request_verify_headers(jwt)
+        {
+          'Authorization' => "Bearer #{jwt}"
+        }
+      end
+
+      def purchase(amount, credit_card, options = {})
+        params = {}
+        params['authOnly'] = false
+        params['isSettleFunds'] = true
+
+        add_merchant_id(params)
+        add_amount(params, amount, options)
+        add_auth_purchase_params(params, credit_card, options)
+
+        commit('purchase', params: params)
+      end
+
+      def authorize(amount, credit_card, options = {})
+        params = {}
+        params['authOnly'] = true
+        params['isSettleFunds'] = false
+
+        add_merchant_id(params)
+        add_amount(params, amount, options)
+        add_auth_purchase_params(params, credit_card, options)
+
+        commit('purchase', params: params)
+      end
+
+      def refund(amount, authorization, options = {})
+        params = {}
+        add_merchant_id(params)
+        params['paymentToken'] = payment_token(authorization) || options[:payment_token]
+
+        # refund amounts must be negative
+        params['amount'] = ('-' + localized_amount(amount.to_f, options[:currency])).to_f
+
+        commit('refund', params: params)
+      end
+
+      def capture(amount, authorization, options = {})
+        params = {}
+        add_merchant_id(params)
+        add_amount(params, amount, options)
+        params['paymentToken'] = payment_token(authorization) || options[:payment_token]
+        params['tenderType'] = options[:tender_type].present? ? options[:tender_type] : 'Card'
+
+        commit('capture', params: params)
+      end
+
+      def void(authorization, options = {})
+        params = {}
+
+        commit('void', params: params, iid: payment_id(authorization))
+      end
+
+      def verify(credit_card, _options = {})
+        jwt = create_jwt.params['jwtToken']
+
+        commit('verify', card_number: credit_card.number, jwt: jwt)
+      end
+
+      def get_payment_status(batch_id)
+        commit('get_payment_status', params: batch_id)
+      end
+
+      def close_batch(batch_id)
+        commit('close_batch', params: batch_id)
+      end
+
+      def create_jwt
+        commit('create_jwt', params: @options[:merchant_id])
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((Authorization: Basic )\w+), '\1[FILTERED]').
+          gsub(%r((number\\?"\s*:\s*\\?")[^"]*)i, '\1[FILTERED]').
+          gsub(%r((cvv\\?"\s*:\s*\\?")[^"]*)i, '\1[FILTERED]')
+      end
+
+      private
+
+      def add_amount(params, amount, options)
+        params['amount'] = localized_amount(amount.to_f, options[:currency])
+      end
+
+      def add_merchant_id(params)
+        params['merchantId'] = @options[:merchant_id]
+      end
+
+      def add_auth_purchase_params(params, credit_card, options)
+        add_replay_id(params, options)
+        add_credit_card(params, credit_card, 'purchase', options)
+        add_purchases_data(params, options)
+        add_shipping_data(params, options)
+        add_pos_data(params, options)
+        add_additional_data(params, options)
+      end
+
+      def add_replay_id(params, options)
+        params['replayId'] = options[:replay_id] if options[:replay_id]
+      end
+
+      def add_credit_card(params, credit_card, action, options)
+        return unless credit_card&.is_a?(CreditCard)
+
+        card_details = {}
+        card_details['expiryMonth'] = format(credit_card.month, :two_digits).to_s
+        card_details['expiryYear'] = format(credit_card.year, :two_digits).to_s
+        card_details['expiryDate'] = exp_date(credit_card)
+        card_details['cardType'] = credit_card.brand
+        card_details['last4'] = credit_card.last_digits
+        card_details['cvv'] = credit_card.verification_value
+        card_details['number'] = credit_card.number
+        card_details['avsStreet'] = options[:billing_address][:address1] if options[:billing_address]
+        card_details['avsZip'] =  options[:billing_address][:zip] if options[:billing_address]
+
+        params['cardAccount'] = card_details
+      end
+
+      def exp_date(credit_card)
+        "#{format(credit_card.month, :two_digits)}/#{format(credit_card.year, :two_digits)}"
+      end
+
+      def add_additional_data(params, options)
+        params['isAuth'] = options[:is_auth].present? ? options[:is_auth] : 'true'
+        params['paymentType'] = options[:payment_type].present? ? options[:payment_type] : 'Sale'
+        params['tenderType'] = options[:tender_type].present? ? options[:tender_type] : 'Card'
+        params['taxExempt'] = options[:tax_exempt].present? ? options[:tax_exempt] : 'false'
+        params['taxAmount'] = options[:tax_amount] if options[:tax_amount]
+        params['shouldGetCreditCardLevel'] = options[:should_get_credit_card_level] if options[:should_get_credit_card_level]
+        params['source'] = options[:source] if options[:source]
+        params['invoice'] = options[:invoice] if options[:invoice]
+      end
+
+      def add_pos_data(params, options)
+        pos_data = {}
+
+        pos_data['cardholderPresence'] = options.dig(:pos_data, :cardholder_presence) || 'Ecom'
+        pos_data['deviceAttendance'] = options.dig(:pos_data, :device_attendance) || 'HomePc'
+        pos_data['deviceInputCapability'] = options.dig(:pos_data, :device_input_capability) || 'Unknown'
+        pos_data['deviceLocation'] = options.dig(:pos_data, :device_location) || 'HomePc'
+        pos_data['panCaptureMethod'] = options.dig(:pos_data, :pan_capture_method) || 'Manual'
+        pos_data['partialApprovalSupport'] = options.dig(:pos_data, :partial_approval_support) || 'NotSupported'
+        pos_data['pinCaptureCapability'] = options.dig(:pos_data, :pin_capture_capability) || 'Incapable'
+
+        params['posData'] = pos_data
+      end
+
+      def add_purchases_data(params, options)
+        return unless options[:purchases]
+
+        params['purchases'] = []
+
+        options[:purchases].each do |purchase|
+          purchase_object = {}
+
+          purchase_object['name'] = purchase[:name] if purchase[:name]
+          purchase_object['description'] = purchase[:description] if purchase[:description]
+          purchase_object['code'] = purchase[:code] if purchase[:code]
+          purchase_object['unitOfMeasure'] = purchase[:unit_of_measure] if purchase[:unit_of_measure]
+          purchase_object['unitPrice'] = purchase[:unit_price] if purchase[:unit_price]
+          purchase_object['quantity'] = purchase[:quantity] if purchase[:quantity]
+          purchase_object['taxRate'] = purchase[:tax_rate] if purchase[:tax_rate]
+          purchase_object['taxAmount'] = purchase[:tax_amount] if purchase[:tax_amount]
+          purchase_object['discountRate'] = purchase[:discount_rate] if purchase[:discount_rate]
+          purchase_object['discountAmount'] = purchase[:discount_amount] if purchase[:discount_amount]
+          purchase_object['extendedAmount'] = purchase[:extended_amount] if purchase[:extended_amount]
+          purchase_object['lineItemId'] = purchase[:line_item_id] if purchase[:line_item_id]
+
+          params['purchases'].append(purchase_object)
+        end
+      end
+
+      def add_shipping_data(params, options)
+        params['shipAmount'] = options[:ship_amount] if options[:ship_amount]
+
+        shipping_country = shipping_country_from(options)
+        params['shipToCountry'] = shipping_country if shipping_country
+
+        shipping_zip = shipping_zip_from(options)
+        params['shipToZip'] = shipping_zip if shipping_zip
+      end
+
+      def shipping_country_from(options)
+        options[:ship_to_country] || options.dig(:shipping_address, :country) || options.dig(:billing_address, :country)
+      end
+
+      def shipping_zip_from(options)
+        options[:ship_to_zip] || options.dig(:shipping_addres, :zip) || options.dig(:billing_address, :zip)
+      end
+
+      def payment_token(authorization)
+        return unless authorization
+        return authorization unless authorization.include?('|')
+
+        authorization.split('|').last
+      end
+
+      def payment_id(authorization)
+        return unless authorization
+        return authorization unless authorization.include?('|')
+
+        authorization.split('|').first
+      end
+
+      def commit(action, params: '', iid: '', card_number: nil, jwt: '')
+        response =
+          begin
+            case action
+            when 'void'
+              parse(ssl_request(:delete, url(action, params, ref_number: iid), nil, request_headers))
+            when 'verify'
+              parse(ssl_get(url(action, params, credit_card_number: card_number), request_verify_headers(jwt)))
+            when 'get_payment_status', 'create_jwt'
+              parse(ssl_get(url(action, params, ref_number: iid), request_headers))
+            when 'close_batch'
+              parse(ssl_request(:put, url(action, params, ref_number: iid), nil, request_headers))
+            else
+              parse(ssl_post(url(action, params), post_data(params), request_headers))
+            end
+          rescue ResponseError => e
+            # currently Priority returns a 404 with no body on certain calls. In those cases we will substitute the response status from response.message
+            gateway_response = e.response.body.presence || e.response.message
+            parse(gateway_response)
+          end
+
+        success = success_from(response, action)
+        Response.new(
+          success,
+          message_from(response),
+          response,
+          authorization: success ? authorization_from(response) : nil,
+          error_code: success || response == '' ? nil : error_from(response),
+          test: test?
+        )
+      end
+
+      def url(action, params, ref_number: '', credit_card_number: nil)
+        case action
+        when 'void'
+          base_url + "/#{ref_number}?force=true"
+        when 'verify'
+          (verify_url + '?search=') + credit_card_number.to_s[0..6]
+        when 'get_payment_status', 'close_batch'
+          batch_url + "/#{params}"
+        when 'create_jwt'
+          jwt_url + "/#{params}/token"
+        else
+          base_url + '?includeCustomerMatches=false&echo=true'
+        end
+      end
+
+      def base_url
+        test? ? test_url : live_url
+      end
+
+      def verify_url
+        test? ? self.test_url_verify : self.live_url_verify
+      end
+
+      def jwt_url
+        test? ? self.test_url_jwt : self.live_url_jwt
+      end
+
+      def batch_url
+        test? ? self.test_url_batch : self.live_url_batch
+      end
+
+      def handle_response(response)
+        case response.code.to_i
+        when 204
+          { status: 'Success' }.to_json
+        when 200...300
+          response.body
+        else
+          raise ResponseError.new(response)
+        end
+      end
+
+      def parse(body)
+        return {} if body.blank?
+
+        parsed_response = JSON.parse(body)
+        parsed_response.is_a?(String) ? { 'message' => parsed_response } : parsed_response
+      rescue JSON::ParserError
+        message = 'Invalid JSON response received from Priority Gateway. Please contact Priority Gateway if you continue to receive this message.'
+        message += " (The raw response returned by the API was #{body.inspect})"
+        {
+          'message' => message
+        }
+      end
+
+      def success_from(response, action)
+        return !response['bank'].empty? if action == 'verify' && response['bank']
+
+        %w[Approved Open Success Settled Voided].include?(response['status'])
+      end
+
+      def message_from(response)
+        return response['details'][0] if response['details'] && response['details'][0]
+
+        response['authMessage'] || response['message'] || response['status']
+      end
+
+      def authorization_from(response)
+        [response['id'], response['paymentToken']].join('|')
+      end
+
+      def error_from(response)
+        response['errorCode'] || response['status']
+      end
+
+      def post_data(params)
+        params.to_json
+      end
+    end
+  end
+end