activemerchant 1.45.0 → 1.46.0

data/lib/active_merchant/billing/gateways/mercury.rb

@@ -18,7 +18,7 @@ module ActiveMerchant #:nodoc:
 
       self.homepage_url = 'http://www.mercurypay.com'
       self.display_name = 'Mercury'
-      self.supported_countries = ['US']
+      self.supported_countries = ['US','CA']
       self.supported_cardtypes = [:visa, :master, :american_express, :discover, :diners_club, :jcb]
       self.default_currency = 'USD'
 
@@ -72,13 +72,6 @@ module ActiveMerchant #:nodoc:
       def void(authorization, options={})
         requires!(options, :credit_card) unless @use_tokenization
 
-        if options[:try_reversal]
-          request = build_authorized_request('VoidSale', nil, authorization, options[:credit_card], options.merge(:reversal => true))
-          response = commit('VoidSale', request)
-
-          return response if response.success?
-        end
-
         request = build_authorized_request('VoidSale', nil, authorization, options[:credit_card], options)
         commit('VoidSale', request)
       end
@@ -115,7 +108,7 @@ module ActiveMerchant #:nodoc:
         xml = Builder::XmlMarkup.new
 
         invoice_no, ref_no, auth_code, acq_ref_data, process_data, record_no, amount = split_authorization(authorization)
-        ref_no = "1" if options[:reversal] #filler value for preauth voids -- not used by mercury but will reject if missing or not numeric
+        ref_no = "1" if ref_no.blank?
 
         xml.tag! "TStream" do
           xml.tag! "Transaction" do
@@ -132,8 +125,8 @@ module ActiveMerchant #:nodoc:
             add_address(xml, options)
             xml.tag! 'TranInfo' do
               xml.tag! "AuthCode", auth_code
-              xml.tag! "AcqRefData", acq_ref_data if options[:reversal]
-              xml.tag! "ProcessData", process_data if options[:reversal]
+              xml.tag! "AcqRefData", acq_ref_data
+              xml.tag! "ProcessData", process_data 
             end
           end
         end

data/lib/active_merchant/billing/gateways/migs.rb

@@ -1,4 +1,4 @@
-require File.dirname(__FILE__) + '/migs/migs_codes'
+require 'active_merchant/billing/gateways/migs/migs_codes'
 
 require 'digest/md5' # Used in add_secure_hash
 

data/lib/active_merchant/billing/gateways/modern_payments.rb

@@ -1,4 +1,4 @@
-require File.dirname(__FILE__) + '/modern_payments_cim'
+require 'active_merchant/billing/gateways/modern_payments_cim'
 
 module ActiveMerchant #:nodoc:
   module Billing #:nodoc:

data/lib/active_merchant/billing/gateways/orbital.rb

@@ -1,4 +1,4 @@
-require File.dirname(__FILE__) + '/orbital/orbital_soft_descriptors'
+require 'active_merchant/billing/gateways/orbital/orbital_soft_descriptors'
 require "rexml/document"
 
 module ActiveMerchant #:nodoc:
@@ -240,7 +240,7 @@ module ActiveMerchant #:nodoc:
 
 
       # ==== Customer Profiles
-      # :customer_ref_num should be set unless your happy with Orbital providing one
+      # :customer_ref_num should be set unless you're happy with Orbital providing one
       #
       # :customer_profile_order_override_ind can be set to map
       # the CustomerRefNum to OrderID or Comments. Defaults to 'NO' - no mapping

data/lib/active_merchant/billing/gateways/pay_gate_xml.rb

@@ -177,6 +177,13 @@ module ActiveMerchant #:nodoc:
       def capture(money, authorization, options = {})
         action = 'settletx'
 
+        options.merge!(:money => money, :authorization => authorization)
+        commit_capture(action, authorization, build_request(action, options))
+      end
+
+      def refund(money, authorization, options={})
+        action = 'refundtx'
+
         options.merge!(:money => money, :authorization => authorization)
         commit(action, build_request(action, options))
       end
@@ -201,6 +208,10 @@ module ActiveMerchant #:nodoc:
               money           = options.delete(:money)
               authorization   = options.delete(:authorization)
               build_capture(protocol, money, authorization, options)
+            when 'refundtx'
+              money           = options.delete(:money)
+              authorization   = options.delete(:authorization)
+              build_refund(protocol, money, authorization, options)
           else
             raise "no action specified for build_request"
           end
@@ -228,6 +239,13 @@ module ActiveMerchant #:nodoc:
         }
       end
 
+      def build_refund(xml, money, authorization, options={})
+        xml.tag! 'refundtx', {
+          :tid => authorization,
+          :amt => amount(money)
+        }
+      end
+
       def parse(action, body)
         hash  = {}
         xml   = REXML::Document.new(body)
@@ -252,6 +270,14 @@ module ActiveMerchant #:nodoc:
         )
       end
 
+      def commit_capture(action, authorization, request)
+        response = parse(action, ssl_post(self.live_url, request))
+        Response.new(successful?(response), message_from(response), response,
+          :test           => test?,
+          :authorization  => authorization
+        )
+      end
+
       def message_from(response)
         (response[:rdesc] || response[:edesc])
       end

data/lib/active_merchant/billing/gateways/payflow.rb

@@ -1,6 +1,6 @@
-require File.dirname(__FILE__) + '/payflow/payflow_common_api'
-require File.dirname(__FILE__) + '/payflow/payflow_response'
-require File.dirname(__FILE__) + '/payflow_express'
+require 'active_merchant/billing/gateways/payflow/payflow_common_api'
+require 'active_merchant/billing/gateways/payflow/payflow_response'
+require 'active_merchant/billing/gateways/payflow_express'
 
 module ActiveMerchant #:nodoc:
   module Billing #:nodoc:

data/lib/active_merchant/billing/gateways/payflow/payflow_common_api.rb

@@ -197,13 +197,24 @@ module ActiveMerchant #:nodoc:
 
         response = parse(ssl_post(test? ? self.test_url : self.live_url, request, headers))
 
-        build_response(response[:result] == "0", response[:message], response,
-          :test => test?,
-          :authorization => response[:pn_ref] || response[:rp_ref],
-          :cvv_result => CVV_CODE[response[:cv_result]],
-          :avs_result => { :code => response[:avs_result] }
+        build_response(
+          success_for(response),
+          response[:message], response,
+          test: test?,
+          authorization: response[:pn_ref] || response[:rp_ref],
+          cvv_result: CVV_CODE[response[:cv_result]],
+          avs_result: { code: response[:avs_result] },
+          fraud_review: under_fraud_review?(response)
         )
       end
+
+      def success_for(response)
+        %w(0 126).include?(response[:result])
+      end
+
+      def under_fraud_review?(response)
+        (response[:result] == "126")
+      end
     end
   end
 end

data/lib/active_merchant/billing/gateways/payflow_express.rb

@@ -1,6 +1,6 @@
-require File.dirname(__FILE__) + '/payflow/payflow_common_api'
-require File.dirname(__FILE__) + '/payflow/payflow_express_response'
-require File.dirname(__FILE__) + '/paypal_express_common'
+require 'active_merchant/billing/gateways/payflow/payflow_common_api'
+require 'active_merchant/billing/gateways/payflow/payflow_express_response'
+require 'active_merchant/billing/gateways/paypal_express_common'
 
 module ActiveMerchant #:nodoc:
   module Billing #:nodoc:

data/lib/active_merchant/billing/gateways/payflow_express_uk.rb

@@ -1,11 +1,11 @@
-require File.dirname(__FILE__) + '/payflow_express'
+require 'active_merchant/billing/gateways/payflow_express'
 
 module ActiveMerchant #:nodoc:
   module Billing #:nodoc:
     class PayflowExpressUkGateway < PayflowExpressGateway
       self.default_currency = 'GBP'
       self.partner = 'PayPalUk'
-      
+
       self.supported_countries = ['GB']
       self.homepage_url = 'https://www.paypal.com/uk/cgi-bin/webscr?cmd=_additional-payment-overview-outside'
       self.display_name = 'PayPal Express Checkout (UK)'

data/lib/active_merchant/billing/gateways/payflow_uk.rb

@@ -1,16 +1,16 @@
-require File.dirname(__FILE__) + '/payflow'
-require File.dirname(__FILE__) + '/payflow_express_uk' 
+require 'active_merchant/billing/gateways/payflow'
+require 'active_merchant/billing/gateways/payflow_express_uk'
 
 module ActiveMerchant #:nodoc:
   module Billing #:nodoc:
     class PayflowUkGateway < PayflowGateway
       self.default_currency = 'GBP'
       self.partner = 'PayPalUk'
-      
+
       def express
         @express ||= PayflowExpressUkGateway.new(@options)
       end
-      
+
       self.supported_cardtypes = [:visa, :master, :american_express, :discover, :solo, :switch]
       self.supported_countries = ['GB']
       self.homepage_url = 'https://www.paypal.com/uk/webapps/mpp/pro'

data/lib/active_merchant/billing/gateways/paypal.rb

@@ -1,6 +1,6 @@
-require File.dirname(__FILE__) + '/paypal/paypal_common_api'
-require File.dirname(__FILE__) + '/paypal/paypal_recurring_api'
-require File.dirname(__FILE__) + '/paypal_express'
+require 'active_merchant/billing/gateways/paypal/paypal_common_api'
+require 'active_merchant/billing/gateways/paypal/paypal_recurring_api'
+require 'active_merchant/billing/gateways/paypal_express'
 
 module ActiveMerchant #:nodoc:
   module Billing #:nodoc:
@@ -38,6 +38,18 @@ module ActiveMerchant #:nodoc:
         @express ||= PaypalExpressGateway.new(@options)
       end
 
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((<n1:Password>).+(</n1:Password>)), '\1[FILTERED]\2').
+          gsub(%r((<n1:Username>).+(</n1:Username>)), '\1[FILTERED]\2').
+          gsub(%r((<n2:CreditCardNumber>).+(</n2:CreditCardNumber)), '\1[FILTERED]\2').
+          gsub(%r((<n2:CVV2>).+(</n2:CVV2)), '\1[FILTERED]\2')
+      end
+
       private
 
       def define_transaction_type(transaction_arg)

data/lib/active_merchant/billing/gateways/paypal/paypal_common_api.rb

@@ -2,6 +2,8 @@ module ActiveMerchant #:nodoc:
   module Billing #:nodoc:
     # This module is included in both PaypalGateway and PaypalExpressGateway
     module PaypalCommonAPI
+      include Empty
+
       API_VERSION = '72'
 
       URLS = {
@@ -573,7 +575,7 @@ module ActiveMerchant #:nodoc:
           xml.tag! 'n2:Custom', options[:custom] unless options[:custom].blank?
 
           xml.tag! 'n2:InvoiceID', (options[:order_id] || options[:invoice_id]) unless (options[:order_id] || options[:invoice_id]).blank?
-          xml.tag! 'n2:ButtonSource', application_id.to_s.slice(0,32) unless application_id.blank?
+          add_button_source(xml)
 
           # The notify URL applies only to DoExpressCheckoutPayment.
           # This value is ignored when set in SetExpressCheckout or GetExpressCheckoutDetails
@@ -593,6 +595,13 @@ module ActiveMerchant #:nodoc:
         end
       end
 
+      def add_button_source(xml)
+        button_source = (@options[:button_source] || application_id)
+        if !empty?(button_source)
+          xml.tag! 'n2:ButtonSource', button_source.to_s.slice(0, 32)
+        end
+      end
+
       def add_express_only_payment_details(xml, options = {})
         add_optional_fields(xml,
                             %w{n2:NoteText          n2:SoftDescriptor

data/lib/active_merchant/billing/gateways/paypal/paypal_recurring_api.rb

@@ -1,4 +1,4 @@
-require File.dirname(__FILE__) + '/paypal_common_api'
+require 'active_merchant/billing/gateways/paypal/paypal_common_api'
 
 module ActiveMerchant #:nodoc:
   module Billing #:nodoc:

data/lib/active_merchant/billing/gateways/paypal_ca.rb

@@ -1,4 +1,4 @@
-require File.dirname(__FILE__) + '/paypal'
+require 'active_merchant/billing/gateways/paypal'
 
 module ActiveMerchant #:nodoc:
   module Billing #:nodoc:

data/lib/active_merchant/billing/gateways/paypal_digital_goods.rb

@@ -1,6 +1,6 @@
-require File.dirname(__FILE__) + '/paypal/paypal_common_api'
-require File.dirname(__FILE__) + '/paypal/paypal_express_response'
-require File.dirname(__FILE__) + '/paypal_express_common'
+require 'active_merchant/billing/gateways/paypal/paypal_common_api'
+require 'active_merchant/billing/gateways/paypal/paypal_express_response'
+require 'active_merchant/billing/gateways/paypal_express_common'
 
 module ActiveMerchant #:nodoc:
   module Billing #:nodoc:

data/lib/active_merchant/billing/gateways/paypal_express.rb

@@ -1,7 +1,7 @@
-require File.dirname(__FILE__) + '/paypal/paypal_common_api'
-require File.dirname(__FILE__) + '/paypal/paypal_express_response'
-require File.dirname(__FILE__) + '/paypal/paypal_recurring_api'
-require File.dirname(__FILE__) + '/paypal_express_common'
+require 'active_merchant/billing/gateways/paypal/paypal_common_api'
+require 'active_merchant/billing/gateways/paypal/paypal_express_response'
+require 'active_merchant/billing/gateways/paypal/paypal_recurring_api'
+require 'active_merchant/billing/gateways/paypal_express_common'
 
 module ActiveMerchant #:nodoc:
   module Billing #:nodoc:

data/lib/active_merchant/billing/gateways/pin.rb

@@ -148,9 +148,12 @@ module ActiveMerchant #:nodoc:
         url = "#{test? ? test_url : live_url}/#{action}"
 
         begin
-          body = parse(ssl_request(method, url, post_data(params), headers(options)))
+          raw_response = ssl_request(method, url, post_data(params), headers(options))
+          body = parse(raw_response)
         rescue ResponseError => e
           body = parse(e.response.body)
+        rescue JSON::ParserError
+          return unparsable_response(raw_response)
         end
 
         if body["response"]
@@ -181,6 +184,12 @@ module ActiveMerchant #:nodoc:
         )
       end
 
+      def unparsable_response(raw_response)
+        message = "Invalid JSON response received from Pin Payments. Please contact support@pin.net.au if you continue to receive this message."
+        message += " (The raw response returned by the API was #{raw_response.inspect})"
+        return Response.new(false, message)
+      end
+
       def token(response)
         response['token']
       end

data/lib/active_merchant/billing/gateways/quickbooks.rb

@@ -0,0 +1,278 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class QuickbooksGateway < Gateway
+      self.test_url = 'https://sandbox.api.intuit.com'
+      self.live_url = 'https://api.intuit.com'
+
+      self.supported_countries = ['US']
+      self.default_currency = 'USD'
+      self.supported_cardtypes = [:visa, :master, :american_express, :discover, :diners]
+
+      self.homepage_url = 'http://payments.intuit.com'
+      self.display_name = 'QuickBooks Payments'
+      ENDPOINT =  "/quickbooks/v4/payments/charges"
+      OAUTH_ENDPOINTS = {
+        site: 'https://oauth.intuit.com',
+        request_token_path: '/oauth/v1/get_request_token',
+        authorize_url: 'https://appcenter.intuit.com/Connect/Begin',
+        access_token_path: '/oauth/v1/get_access_token'
+      }
+
+      # https://developer.intuit.com/docs/0150_payments/0300_developer_guides/error_handling
+
+      STANDARD_ERROR_CODE_MAPPING = {
+        # Fraud Warnings
+        'PMT-1000' => STANDARD_ERROR_CODE[:processing_error],   # payment was accepted, but refund was unsuccessful
+        'PMT-1001' => STANDARD_ERROR_CODE[:invalid_cvc],        # payment processed, but cvc was invalid
+        'PMT-1002' => STANDARD_ERROR_CODE[:incorrect_address],  # payment processed, incorrect address info
+        'PMT-1003' => STANDARD_ERROR_CODE[:processing_error],   # payment processed, address info couldn't be validated
+
+        # Fraud Errors
+        'PMT-2000' => STANDARD_ERROR_CODE[:incorrect_cvc],      # Incorrect CVC
+        'PMT-2001' => STANDARD_ERROR_CODE[:invalid_cvc],        # CVC check unavaliable
+        'PMT-2002' => STANDARD_ERROR_CODE[:incorrect_address],  # Incorrect address
+        'PMT-2003' => STANDARD_ERROR_CODE[:incorrect_address],  # Address info unavailable
+
+        'PMT-3000' => STANDARD_ERROR_CODE[:processing_error],   # Merchant account could not be validated
+
+        # Invalid Request
+        'PMT-4000' => STANDARD_ERROR_CODE[:processing_error],   # Object is invalid
+        'PMT-4001' => STANDARD_ERROR_CODE[:processing_error],   # Object not found
+        'PMT-4002' => STANDARD_ERROR_CODE[:processing_error],   # Object is required
+
+        # Transaction Declined
+        'PMT-5000' => STANDARD_ERROR_CODE[:card_declined],      # Request was declined
+        'PMT-5001' => STANDARD_ERROR_CODE[:card_declined],      # Merchant does not support given payment method
+
+        # System Error
+        'PMT-6000' => STANDARD_ERROR_CODE[:processing_error],   # A temporary Issue prevented this request from being processed.
+      }
+
+      FRAUD_WARNING_CODES = ['PMT-1000','PMT-1001','PMT-1002','PMT-1003']
+
+      def initialize(options = {})
+        requires!(options, :consumer_key, :consumer_secret, :access_token, :token_secret, :realm)
+        @options = options
+        super
+      end
+
+      def purchase(money, payment, options = {})
+        post = {}
+        add_amount(post, money, options)
+        add_charge_data(post, payment, options)
+        post[:capture] = "true"
+
+        commit(ENDPOINT, post)
+      end
+
+      def authorize(money, payment, options = {})
+        post = {}
+        add_amount(post, money, options)
+        add_charge_data(post, payment, options)
+        post[:capture] = "false"
+
+        commit(ENDPOINT, post)
+      end
+
+      def capture(money, authorization, options = {})
+        post = {}
+        capture_uri = "#{ENDPOINT}/#{CGI.escape(authorization)}/capture"
+        post[:amount] = localized_amount(money, currency(money))
+
+        commit(capture_uri, post)
+      end
+
+      def refund(money, authorization, options = {})
+        post = {}
+        post[:amount] = localized_amount(money, currency(money))
+
+        commit(refund_uri(authorization), post)
+      end
+
+      def verify(credit_card, options = {})
+        authorize(1.00, credit_card, options)
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((realm=\")\w+), '\1[FILTERED]').
+          gsub(%r((oauth_consumer_key=\")\w+), '\1[FILTERED]').
+          gsub(%r((oauth_nonce=\")\w+), '\1[FILTERED]').
+          gsub(%r((oauth_signature=\")[a-zA-Z%0-9]+), '\1[FILTERED]').
+          gsub(%r((oauth_token=\")\w+), '\1[FILTERED]').
+          gsub(%r((\"card\":{\"number\":\")\d+), '\1[FILTERED]').
+          gsub(%r((\"cvc\":\")\d+), '\1[FILTERED]')
+      end
+
+      private
+
+      def add_charge_data(post, payment, options = {})
+        add_payment(post, payment, options)
+        add_address(post, options)
+      end
+
+      def add_address(post, options)
+        return unless post[:card] && post[:card].kind_of?(Hash)
+
+        card_address = {}
+        if address = options[:billing_address] || options[:address]
+          card_address[:streetAddress] = address[:address1]
+          card_address[:city] = address[:city]
+          card_address[:region] = address[:state] || address[:region]
+          card_address[:country] = address[:country]
+          card_address[:postalCode] = address[:zip] if address[:zip]
+        end
+        post[:card][:address] = card_address
+      end
+
+      def add_amount(post, money, options = {})
+        currency = options[:currency] || currency(money)
+        post[:amount] = localized_amount(money, currency)
+        post[:currency] = currency.upcase
+      end
+
+      def add_payment(post, payment, options = {})
+        add_creditcard(post, payment, options)
+      end
+
+      def add_creditcard(post, creditcard, options = {})
+        card = {}
+        card[:number] = creditcard.number
+        card[:expMonth] = "%02d" % creditcard.month
+        card[:expYear] = creditcard.year
+        card[:cvc] = creditcard.verification_value if creditcard.verification_value?
+        card[:name] = creditcard.name if creditcard.name
+        card[:commercialCardCode] = options[:card_code] if options[:card_code]
+
+        post[:card] = card
+      end
+
+      def parse(body)
+        JSON.parse(body)
+      end
+
+      def commit(uri, body = {}, method = :post)
+        endpoint = gateway_url + uri
+        # The QuickBooks API returns HTTP 4xx on failed transactions, which causes a
+        # ResponseError raise, so we have to inspect the response and discern between
+        # a legitimate HTTP error and an actual gateway transactional error.
+        response = begin
+          case method
+          when :post
+            ssl_post(endpoint, post_data(body), headers(:post, endpoint))
+          when :get
+            ssl_request(:get, endpoint, nil, headers(:get, endpoint))
+          else
+            raise ArgumentError, "Invalid HTTP method: #{method}. Valid methods are :post and :get"
+          end
+        rescue ResponseError => e
+          extract_response_body_or_raise(e)
+        end
+
+        response_object(response)
+      end
+
+      def response_object(raw_response)
+        parsed_response = parse(raw_response)
+
+        Response.new(
+          success?(parsed_response),
+          message_from(parsed_response),
+          parsed_response,
+          authorization: authorization_from(parsed_response),
+          test: test?,
+          cvv_result: cvv_code_from(parsed_response),
+          error_code: errors_from(parsed_response),
+          fraud_review: fraud_review_status_from(parsed_response)
+        )
+      end
+
+      def gateway_url
+        test? ? test_url : live_url
+      end
+
+      def post_data(data = {})
+        data.to_json
+      end
+
+      def headers(method, uri)
+        raise ArgumentError, "Invalid HTTP method: #{method}. Valid methods are :post and :get" unless [:post, :get].include?(method)
+        request_uri = URI.parse(uri)
+
+        # Following the guidelines from http://nouncer.com/oauth/authentication.html
+        oauth_parameters = {
+          oauth_nonce: generate_unique_id,
+          oauth_timestamp: Time.now.to_i.to_s,
+          oauth_signature_method: 'HMAC-SHA1',
+          oauth_version: "1.0",
+          oauth_consumer_key: @options[:consumer_key],
+          oauth_token: @options[:access_token]
+        }
+
+        # prepare components for signature
+        oauth_signature_base_string = [method.to_s.upcase, request_uri.to_s, oauth_parameters.to_param].map{|v| CGI.escape(v) }.join('&')
+        oauth_signing_key = [@options[:consumer_secret], @options[:token_secret]].map{|v| CGI.escape(v)}.join('&')
+        hmac_signature = OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha1'), oauth_signing_key, oauth_signature_base_string)
+
+        # append signature to required OAuth parameters
+        oauth_parameters[:oauth_signature] = CGI.escape(Base64.encode64(hmac_signature).chomp.gsub(/\n/, ''))
+
+        # prepare Authorization header string
+        oauth_parameters = Hash[oauth_parameters.sort_by {|k, _| k}]
+        oauth_headers = ["OAuth realm=\"#{@options[:realm]}\""]
+        oauth_headers += oauth_parameters.map {|k, v| "#{k}=\"#{v}\""}
+
+        {
+          "Content-type" => "application/json",
+          "Request-Id" => generate_unique_id,
+          "Authorization" => oauth_headers.join(', ')
+        }
+      end
+
+      def cvv_code_from(response)
+        if response['errors'].present?
+          FRAUD_WARNING_CODES.include?(response['errors'].first['code']) ? 'I' : ''
+        else
+          success?(response) ? 'M' : ''
+        end
+      end
+
+      def success?(response)
+        response['errors'].present? ? FRAUD_WARNING_CODES.concat(['0']).include?(response['errors'].first['code']) : true
+      end
+
+      def message_from(response)
+        response['errors'].present? ? response["errors"].map {|error_hash| error_hash["message"] }.join(" ") : "Transaction Approved"
+      end
+
+      def errors_from(response)
+        response['errors'].present? ? STANDARD_ERROR_CODE_MAPPING[response["errors"].first["code"]] : ""
+      end
+
+      def authorization_from(response)
+        response['id']
+      end
+
+      def fraud_review_status_from(response)
+        response['errors'] && FRAUD_WARNING_CODES.include?(response['errors'].first['code'])
+      end
+
+      def extract_response_body_or_raise(response_error)
+        begin
+          parse(response_error.response.body)
+        rescue JSON::ParserError
+          raise response_error
+        end
+        response_error.response.body
+      end
+
+      def refund_uri(authorization)
+        "#{ENDPOINT}/#{CGI.escape(authorization)}/refunds"
+      end
+    end
+  end
+end