activemerchant 1.45.0 → 1.126.0

data/lib/active_merchant/billing/gateways/rapyd.rb

@@ -0,0 +1,258 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class RapydGateway < Gateway
+      self.test_url = 'https://sandboxapi.rapyd.net/v1/'
+      self.live_url = 'https://api.rapyd.net/v1/'
+
+      self.supported_countries = %w(US BR CA CL CO DO SV MX PE PT VI AU HK IN ID JP MY NZ PH SG KR TW TH VN AD AT BE BA BG HR CY CZ DK EE FI FR GE DE GI GR GL HU IS IE IL IT LV LI LT LU MK MT MD MC ME NL GB NO PL RO RU SM SK SI ZA ES SE CH TR VA)
+      self.default_currency = 'USD'
+      self.supported_cardtypes = %i[visa master american_express discover]
+
+      self.homepage_url = 'https://www.rapyd.net/'
+      self.display_name = 'Rapyd Gateway'
+
+      STANDARD_ERROR_CODE_MAPPING = {}
+
+      def initialize(options = {})
+        requires!(options, :secret_key, :access_key)
+        super
+      end
+
+      def purchase(money, payment, options = {})
+        post = {}
+        add_invoice(post, money, options)
+        add_payment(post, payment, options)
+        add_address(post, payment, options)
+        add_metadata(post, options)
+        add_ewallet(post, options)
+        post[:capture] = true if payment_is_card?(options)
+
+        if payment_is_ach?(options)
+          MultiResponse.run do |r|
+            r.process { commit(:post, 'payments', post) }
+            post = {}
+            post[:token] = r.authorization
+            post[:param2] = r.params.dig('data', 'original_amount').to_s
+            r.process { commit(:post, 'payments/completePayment', post) }
+          end
+        else
+          commit(:post, 'payments', post)
+        end
+      end
+
+      def authorize(money, payment, options = {})
+        post = {}
+        add_invoice(post, money, options)
+        add_payment(post, payment, options)
+        add_address(post, payment, options)
+        add_metadata(post, options)
+        add_ewallet(post, options)
+        post[:capture] = false
+        commit(:post, 'payments', post)
+      end
+
+      def capture(money, authorization, options = {})
+        post = {}
+        commit(:post, "payments/#{authorization}/capture", post)
+      end
+
+      def refund(money, authorization, options = {})
+        post = {}
+        post[:payment] = authorization
+        add_invoice(post, money, options)
+        add_metadata(post, options)
+        commit(:post, 'refunds', post)
+      end
+
+      def void(authorization, options = {})
+        post = {}
+        commit(:delete, "payments/#{authorization}", post)
+      end
+
+      # Gateway returns an error if trying to run a $0 auth as invalid payment amount
+      # Gateway does not support void on a card transaction and refunds can only be done on completed transactions
+      # (such as a purchase). Authorize transactions are considered 'active' and not 'complete' until they are captured.
+      def verify(credit_card, options = {})
+        MultiResponse.run do |r|
+          r.process { purchase(100, credit_card, options) }
+          r.process { refund(100, r.authorization, options) }
+        end
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((Access_key: )\w+), '\1[FILTERED]').
+          gsub(%r(("number\\?":\\?")\d+), '\1[FILTERED]').
+          gsub(%r(("cvv\\?":\\?")\d+), '\1[FILTERED]')
+      end
+
+      private
+
+      def payment_is_ach?(options)
+        return unless options[:pm_type]
+
+        return true if options[:pm_type].include?('_bank')
+      end
+
+      def payment_is_card?(options)
+        return unless options[:pm_type]
+
+        return true if options[:pm_type].include?('_card')
+      end
+
+      def add_address(post, creditcard, options)
+        return unless address = options[:address]
+
+        post[:address] = {}
+        # name and line_1 are required at the gateway
+        post[:address][:name] = address[:name] if address[:name]
+        post[:address][:line_1] = address[:address1] if address[:address1]
+        post[:address][:line_2] = address[:address2] if address[:address2]
+        post[:address][:city] = address[:city] if address[:city]
+        post[:address][:state] = address[:state] if address[:state]
+        post[:address][:country] = address[:country] if address[:country]
+        post[:address][:zip] = address[:zip] if address[:zip]
+        post[:address][:phone_number] = address[:phone] if address[:phone]
+      end
+
+      def add_invoice(post, money, options)
+        post[:amount] = amount(money).to_f.to_s
+        post[:currency] = (options[:currency] || currency(money))
+      end
+
+      def add_payment(post, payment, options)
+        if payment_is_card?(options)
+          add_creditcard(post, payment, options)
+        elsif payment_is_ach?(options)
+          add_ach(post, payment, options)
+        end
+      end
+
+      def add_creditcard(post, payment, options)
+        post[:payment_method] = {}
+        post[:payment_method][:fields] = {}
+        pm_fields = post[:payment_method][:fields]
+
+        post[:payment_method][:type] = options[:pm_type]
+        pm_fields[:number] = payment.number
+        pm_fields[:expiration_month] = payment.month.to_s
+        pm_fields[:expiration_year] = payment.year.to_s
+        pm_fields[:cvv] = payment.verification_value.to_s
+        pm_fields[:name] = "#{payment.first_name} #{payment.last_name}"
+      end
+
+      def add_ach(post, payment, options)
+        post[:payment_method] = {}
+        post[:payment_method][:fields] = {}
+
+        post[:payment_method][:type] = options[:pm_type]
+        post[:payment_method][:fields][:proof_of_authorization] = options[:proof_of_authorization]
+        post[:payment_method][:fields][:first_name] = payment.first_name if payment.first_name
+        post[:payment_method][:fields][:last_name] = payment.last_name if payment.last_name
+        post[:payment_method][:fields][:routing_number] = payment.routing_number
+        post[:payment_method][:fields][:account_number] = payment.account_number
+        post[:payment_method][:fields][:payment_purpose] = options[:payment_purpose] if options[:payment_purpose]
+      end
+
+      def add_metadata(post, options)
+        post[:metadata] = options[:metadata] if options[:metadata]
+      end
+
+      def add_ewallet(post, options)
+        post[:ewallet_id] = options[:ewallet_id] if options[:ewallet_id]
+      end
+
+      def parse(body)
+        return {} if body.empty? || body.nil?
+
+        JSON.parse(body)
+      end
+
+      def commit(method, action, parameters)
+        url = (test? ? test_url : live_url) + action.to_s
+        rel_path = "#{method}/v1/#{action}"
+        response = api_request(method, url, rel_path, parameters)
+
+        Response.new(
+          success_from(response),
+          message_from(response),
+          response,
+          authorization: authorization_from(response),
+          avs_result: avs_result(response),
+          cvv_result: cvv_result(response),
+          test: test?,
+          error_code: error_code_from(response)
+        )
+      end
+
+      def api_request(method, url, rel_path, params)
+        params == {} ? body = '' : body = params.to_json
+        parse(ssl_request(method, url, body, headers(rel_path, body)))
+      end
+
+      def headers(rel_path, payload)
+        salt = SecureRandom.base64(12)
+        timestamp = Time.new.to_i.to_s
+        {
+          'Content-Type' => 'application/json',
+          'access_key' => @options[:access_key],
+          'salt' => salt,
+          'timestamp' => timestamp,
+          'signature' => generate_hmac(rel_path, salt, timestamp, payload)
+        }
+      end
+
+      def generate_hmac(rel_path, salt, timestamp, payload)
+        signature = "#{rel_path}#{salt}#{timestamp}#{@options[:access_key]}#{@options[:secret_key]}#{payload}"
+        hash = Base64.urlsafe_encode64(OpenSSL::HMAC.hexdigest('sha256', @options[:secret_key], signature))
+        hash
+      end
+
+      def avs_result(response)
+        return nil unless (code = response.dig('data', 'payment_method_data', 'acs_check'))
+
+        AVSResult.new(code: code)
+      end
+
+      def cvv_result(response)
+        return nil unless (code = response.dig('data', 'payment_method_data', 'cvv_check'))
+
+        CVVResult.new(code)
+      end
+
+      def success_from(response)
+        response.dig('status', 'status') == 'SUCCESS' && response.dig('status', 'error') != 'ERR'
+      end
+
+      def message_from(response)
+        case response.dig('status', 'status')
+        when 'ERROR'
+          response.dig('status', 'message') == '' ? response.dig('status', 'error_code') : response.dig('status', 'message')
+        else
+          response.dig('status', 'status')
+        end
+      end
+
+      def authorization_from(response)
+        response.dig('data') ? response.dig('data', 'id') : response.dig('status', 'operation_id')
+      end
+
+      def error_code_from(response)
+        response.dig('status', 'error_code') unless success_from(response)
+      end
+
+      def handle_response(response)
+        case response.code.to_i
+        when 200...300, 400, 401, 404
+          response.body
+        else
+          raise ResponseError.new(response)
+        end
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/realex.rb

@@ -26,26 +26,24 @@ module ActiveMerchant
         'visa'              => 'VISA',
         'american_express'  => 'AMEX',
         'diners_club'       => 'DINERS',
-        'switch'            => 'SWITCH',
-        'solo'              => 'SWITCH',
-        'laser'             => 'LASER',
         'maestro'           => 'MC'
       }
 
       self.money_format = :cents
       self.default_currency = 'EUR'
-      self.supported_cardtypes = [ :visa, :master, :american_express, :diners_club, :switch, :solo, :laser ]
-      self.supported_countries = %w(IE GB FR BE NL LU IT)
+      self.supported_cardtypes = %i[visa master american_express diners_club]
+      self.supported_countries = %w(IE GB FR BE NL LU IT US CA ES)
       self.homepage_url = 'http://www.realexpayments.com/'
       self.display_name = 'Realex'
 
-      SUCCESS, DECLINED          = "Successful", "Declined"
-      BANK_ERROR = REALEX_ERROR  = "Gateway is in maintenance. Please try again later."
-      ERROR = CLIENT_DEACTIVATED = "Gateway Error"
+      SUCCESS, DECLINED          = 'Successful', 'Declined'
+      BANK_ERROR = REALEX_ERROR  = 'Gateway is in maintenance. Please try again later.'
+      ERROR = CLIENT_DEACTIVATED = 'Gateway Error'
 
       def initialize(options = {})
         requires!(options, :login, :password)
-        options[:refund_hash] = Digest::SHA1.hexdigest(options[:rebate_secret]) if options.has_key?(:rebate_secret)
+        options[:refund_hash] = Digest::SHA1.hexdigest(options[:rebate_secret]) if options[:rebate_secret].present?
+        options[:credit_hash] = Digest::SHA1.hexdigest(options[:refund_secret]) if options[:refund_secret].present?
         super
       end
 
@@ -64,7 +62,7 @@ module ActiveMerchant
       end
 
       def capture(money, authorization, options = {})
-        request = build_capture_request(authorization, options)
+        request = build_capture_request(money, authorization, options)
         commit(request)
       end
 
@@ -73,9 +71,9 @@ module ActiveMerchant
         commit(request)
       end
 
-      def credit(money, authorization, options = {})
-        ActiveMerchant.deprecated CREDIT_DEPRECATION_MESSAGE
-        refund(money, authorization, options)
+      def credit(money, creditcard, options = {})
+        request = build_credit_request(money, creditcard, options)
+        commit(request)
       end
 
       def void(authorization, options = {})
@@ -83,21 +81,36 @@ module ActiveMerchant
         commit(request)
       end
 
+      def verify(credit_card, options = {})
+        requires!(options, :order_id)
+
+        request = build_verify_request(credit_card, options)
+        commit(request)
+      end
+
+      def supports_scrubbing
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((Authorization: Basic )\w+), '\1[FILTERED]').
+          gsub(%r((<number>)\d+(</number>))i, '\1[FILTERED]\2')
+      end
+
       private
+
       def commit(request)
         response = parse(ssl_post(self.live_url, request))
 
         Response.new(
-          (response[:result] == "00"),
+          (response[:result] == '00'),
           message_from(response),
           response,
-          :test => (response[:message] =~ %r{\[ test system \]}),
-          :authorization => authorization_from(response),
-          :cvv_result => response[:cvnresult],
-          :avs_result => {
-            :street_match => response[:avspostcoderesponse],
-            :postal_match => response[:avspostcoderesponse]
-          }
+          test: (response[:message] =~ %r{\[ test system \]}),
+          authorization: authorization_from(response),
+          avs_result: AVSResult.new(code: response[:avspostcoderesponse]),
+          cvv_result: CVVResult.new(response[:cvnresult])
         )
       end
 
@@ -106,7 +119,7 @@ module ActiveMerchant
 
         doc = Nokogiri::XML(xml)
         doc.xpath('//response/*').each do |node|
-          if (node.elements.size == 0)
+          if node.elements.size == 0
             response[node.name.downcase.to_sym] = normalize(node.text)
           else
             node.elements.each do |childnode|
@@ -125,7 +138,7 @@ module ActiveMerchant
 
       def build_purchase_or_authorization_request(action, money, credit_card, options)
         timestamp = new_timestamp
-        xml = Builder::XmlMarkup.new :indent => 2
+        xml = Builder::XmlMarkup.new indent: 2
         xml.tag! 'request', 'timestamp' => timestamp, 'type' => 'auth' do
           add_merchant_details(xml, options)
           xml.tag! 'orderid', sanitize_order_id(options[:order_id])
@@ -133,27 +146,34 @@ module ActiveMerchant
           add_card(xml, credit_card)
           xml.tag! 'autosettle', 'flag' => auto_settle_flag(action)
           add_signed_digest(xml, timestamp, @options[:login], sanitize_order_id(options[:order_id]), amount(money), (options[:currency] || currency(money)), credit_card.number)
+          if credit_card.is_a?(NetworkTokenizationCreditCard)
+            add_network_tokenization_card(xml, credit_card)
+          else
+            add_three_d_secure(xml, options)
+          end
+          add_stored_credential(xml, options)
           add_comments(xml, options)
           add_address_and_customer_info(xml, options)
         end
         xml.target!
       end
 
-      def build_capture_request(authorization, options)
+      def build_capture_request(money, authorization, options)
         timestamp = new_timestamp
-        xml = Builder::XmlMarkup.new :indent => 2
+        xml = Builder::XmlMarkup.new indent: 2
         xml.tag! 'request', 'timestamp' => timestamp, 'type' => 'settle' do
           add_merchant_details(xml, options)
+          add_amount(xml, money, options)
           add_transaction_identifiers(xml, authorization, options)
           add_comments(xml, options)
-          add_signed_digest(xml, timestamp, @options[:login], sanitize_order_id(options[:order_id]), nil, nil, nil)
+          add_signed_digest(xml, timestamp, @options[:login], sanitize_order_id(options[:order_id]), amount(money), (options[:currency] || currency(money)), nil)
         end
         xml.target!
       end
 
       def build_refund_request(money, authorization, options)
         timestamp = new_timestamp
-        xml = Builder::XmlMarkup.new :indent => 2
+        xml = Builder::XmlMarkup.new indent: 2
         xml.tag! 'request', 'timestamp' => timestamp, 'type' => 'rebate' do
           add_merchant_details(xml, options)
           add_transaction_identifiers(xml, authorization, options)
@@ -166,9 +186,25 @@ module ActiveMerchant
         xml.target!
       end
 
+      def build_credit_request(money, credit_card, options)
+        timestamp = new_timestamp
+        xml = Builder::XmlMarkup.new indent: 2
+        xml.tag! 'request', 'timestamp' => timestamp, 'type' => 'credit' do
+          add_merchant_details(xml, options)
+          xml.tag! 'orderid', sanitize_order_id(options[:order_id])
+          add_amount(xml, money, options)
+          add_card(xml, credit_card)
+          xml.tag! 'refundhash', @options[:credit_hash] if @options[:credit_hash]
+          xml.tag! 'autosettle', 'flag' => 1
+          add_comments(xml, options)
+          add_signed_digest(xml, timestamp, @options[:login], sanitize_order_id(options[:order_id]), amount(money), (options[:currency] || currency(money)), credit_card.number)
+        end
+        xml.target!
+      end
+
       def build_void_request(authorization, options)
         timestamp = new_timestamp
-        xml = Builder::XmlMarkup.new :indent => 2
+        xml = Builder::XmlMarkup.new indent: 2
         xml.tag! 'request', 'timestamp' => timestamp, 'type' => 'void' do
           add_merchant_details(xml, options)
           add_transaction_identifiers(xml, authorization, options)
@@ -178,16 +214,31 @@ module ActiveMerchant
         xml.target!
       end
 
+      # Verify initiates an OTB (Open To Buy) request
+      def build_verify_request(credit_card, options)
+        timestamp = new_timestamp
+        xml = Builder::XmlMarkup.new indent: 2
+        xml.tag! 'request', 'timestamp' => timestamp, 'type' => 'otb' do
+          add_merchant_details(xml, options)
+          xml.tag! 'orderid', sanitize_order_id(options[:order_id])
+          add_card(xml, credit_card)
+          add_comments(xml, options)
+          add_signed_digest(xml, timestamp, @options[:login], sanitize_order_id(options[:order_id]), credit_card.number)
+        end
+        xml.target!
+      end
+
       def add_address_and_customer_info(xml, options)
         billing_address = options[:billing_address] || options[:address]
         shipping_address = options[:shipping_address]
+        ipv4_address = ipv4?(options[:ip]) ? options[:ip] : nil
 
-        return unless billing_address || shipping_address || options[:customer] || options[:invoice] || options[:ip]
+        return unless billing_address || shipping_address || options[:customer] || options[:invoice] || ipv4_address
 
         xml.tag! 'tssinfo' do
           xml.tag! 'custnum', options[:customer] if options[:customer]
           xml.tag! 'prodid', options[:invoice] if options[:invoice]
-          xml.tag! 'custipaddress', options[:ip] if options[:ip]
+          xml.tag! 'custipaddress', options[:ip] if ipv4_address
 
           if billing_address
             xml.tag! 'address', 'type' => 'billing' do
@@ -207,9 +258,7 @@ module ActiveMerchant
 
       def add_merchant_details(xml, options)
         xml.tag! 'merchantid', @options[:login]
-        if options[:account] || @options[:account]
-          xml.tag! 'account', (options[:account] || @options[:account])
-        end
+        xml.tag! 'account', (options[:account] || @options[:account]) if options[:account] || @options[:account]
       end
 
       def add_transaction_identifiers(xml, authorization, options)
@@ -221,6 +270,7 @@ module ActiveMerchant
 
       def add_comments(xml, options)
         return unless options[:description]
+
         xml.tag! 'comments' do
           xml.tag! 'comment', options[:description], 'id' => 1
         end
@@ -236,7 +286,7 @@ module ActiveMerchant
           xml.tag! 'expdate', expiry_date(credit_card)
           xml.tag! 'chname', credit_card.name
           xml.tag! 'type', CARD_MAPPING[card_brand(credit_card).to_s]
-          xml.tag! 'issueno', credit_card.issue_number
+          xml.tag! 'issueno', ''
           xml.tag! 'cvn' do
             xml.tag! 'number', credit_card.verification_value
             xml.tag! 'presind', (options['presind'] || (credit_card.verification_value? ? 1 : nil))
@@ -244,9 +294,56 @@ module ActiveMerchant
         end
       end
 
+      def add_network_tokenization_card(xml, payment)
+        xml.tag! 'mpi' do
+          xml.tag! 'cavv', payment.payment_cryptogram
+          xml.tag! 'eci', payment.eci
+        end
+        xml.tag! 'supplementarydata' do
+          xml.tag! 'item', 'type' => 'mobile' do
+            xml.tag! 'field01', payment.source.to_s.tr('_', '-')
+          end
+        end
+      end
+
+      def add_three_d_secure(xml, options)
+        return unless three_d_secure = options[:three_d_secure]
+
+        version = three_d_secure.fetch(:version, '')
+        xml.tag! 'mpi' do
+          if /^2/.match?(version)
+            xml.tag! 'authentication_value', three_d_secure[:cavv]
+            xml.tag! 'ds_trans_id', three_d_secure[:ds_transaction_id]
+          else
+            xml.tag! 'cavv', three_d_secure[:cavv]
+            xml.tag! 'xid', three_d_secure[:xid]
+            version = '1'
+          end
+          xml.tag! 'eci', three_d_secure[:eci]
+          xml.tag! 'message_version', version
+        end
+      end
+
+      def add_stored_credential(xml, options)
+        return unless stored_credential = options[:stored_credential]
+
+        xml.tag! 'storedcredential' do
+          xml.tag! 'type', stored_credential_type(stored_credential[:reason_type])
+          xml.tag! 'initiator', stored_credential[:initiator]
+          xml.tag! 'sequence', stored_credential[:initial_transaction] ? 'first' : 'subsequent'
+          xml.tag! 'srd', stored_credential[:network_transaction_id]
+        end
+      end
+
+      def stored_credential_type(reason)
+        return 'oneoff' if reason == 'unscheduled'
+
+        reason
+      end
+
       def format_address_code(address)
         code = [address[:zip].to_s, address[:address1].to_s + address[:address2].to_s]
-        code.collect{|e| e.gsub(/\D/, "")}.reject{|e| e.empty?}.join("|")
+        code.collect { |e| e.gsub(/\D/, '') }.reject(&:empty?).join('|')
       end
 
       def new_timestamp
@@ -254,8 +351,8 @@ module ActiveMerchant
       end
 
       def add_signed_digest(xml, *values)
-        string = Digest::SHA1.hexdigest(values.join("."))
-        xml.tag! 'sha1hash', Digest::SHA1.hexdigest([string, @options[:password]].join("."))
+        string = Digest::SHA1.hexdigest(values.join('.'))
+        xml.tag! 'sha1hash', Digest::SHA1.hexdigest([string, @options[:password]].join('.'))
       end
 
       def auto_settle_flag(action)
@@ -267,32 +364,37 @@ module ActiveMerchant
       end
 
       def message_from(response)
-        message = nil
         case response[:result]
-        when "00"
-          message = SUCCESS
-        when "101"
-          message = response[:message]
-        when "102", "103"
-          message = DECLINED
+        when '00'
+          SUCCESS
+        when '101'
+          response[:message]
+        when '102', '103'
+          DECLINED
         when /^2[0-9][0-9]/
-          message = BANK_ERROR
+          BANK_ERROR
         when /^3[0-9][0-9]/
-          message = REALEX_ERROR
+          REALEX_ERROR
         when /^5[0-9][0-9]/
-          message = response[:message]
-        when "600", "601", "603"
-          message = ERROR
-        when "666"
-          message = CLIENT_DEACTIVATED
+          response[:message]
+        when '600', '601', '603'
+          ERROR
+        when '666'
+          CLIENT_DEACTIVATED
         else
-          message = DECLINED
+          DECLINED
         end
       end
 
       def sanitize_order_id(order_id)
         order_id.to_s.gsub(/[^a-zA-Z0-9\-_]/, '')
       end
+
+      def ipv4?(ip_address)
+        return false if ip_address.nil?
+
+        !ip_address.match(/\A\d+\.\d+\.\d+\.\d+\z/).nil?
+      end
     end
   end
 end