activemerchant 1.45.0 → 1.46.0

data/lib/active_merchant/billing/gateways/redsys.rb

@@ -100,7 +100,7 @@ module ActiveMerchant #:nodoc:
         191 => "Expiry date incorrect",
 
         201 => "Card expired",
-        202 => "Card blocked temporarily or under suscipition of fraud",
+        202 => "Card blocked temporarily or under suspicion of fraud",
         204 => "Transaction not permitted",
         207 => "Contact the card issuer",
         208 => "Lost or stolen card",
@@ -381,7 +381,7 @@ module ActiveMerchant #:nodoc:
       def clean_order_id(order_id)
         cleansed = order_id.gsub(/[^\da-zA-Z]/, '')
         if cleansed =~ /^\d{4}/
-          cleansed[0..12]
+          cleansed[0..11]
         else
           "%04d%s" % [rand(0..9999), cleansed[0...8]]
         end

data/lib/active_merchant/billing/gateways/sage.rb

@@ -1,6 +1,6 @@
-require File.dirname(__FILE__) + '/sage/sage_bankcard'
-require File.dirname(__FILE__) + '/sage/sage_virtual_check'
-require File.dirname(__FILE__) + '/sage/sage_vault'
+require 'active_merchant/billing/gateways/sage/sage_bankcard'
+require 'active_merchant/billing/gateways/sage/sage_virtual_check'
+require 'active_merchant/billing/gateways/sage/sage_vault'
 
 module ActiveMerchant #:nodoc:
   module Billing #:nodoc:

data/lib/active_merchant/billing/gateways/sage/sage_bankcard.rb

@@ -1,4 +1,4 @@
-require File.dirname(__FILE__) + '/sage_core'
+require 'active_merchant/billing/gateways/sage/sage_core'
 
 module ActiveMerchant #:nodoc:
   module Billing #:nodoc:

data/lib/active_merchant/billing/gateways/sage/sage_virtual_check.rb

@@ -1,4 +1,4 @@
-require File.dirname(__FILE__) + '/sage_core'
+require 'active_merchant/billing/gateways/sage/sage_core'
 
 module ActiveMerchant #:nodoc:
   module Billing #:nodoc:

data/lib/active_merchant/billing/gateways/secure_pay.rb

@@ -1,4 +1,4 @@
-require File.dirname(__FILE__) + '/authorize_net'
+require 'active_merchant/billing/gateways/authorize_net'
 
 module ActiveMerchant #:nodoc:
   module Billing #:nodoc:

data/lib/active_merchant/billing/gateways/skip_jack.rb

@@ -46,7 +46,6 @@ module ActiveMerchant #:nodoc:
         "N" => "Neither street address nor zip/postal match billing information",
         "O" => "Non-US issuer does not participate",
         "P" => "Postal codes match for international transaction but street address not verified due to incompatible formats",
-        "P" => "Address verification not applicable for this transaction",
         "R" => "Payment gateway was unavailable or timed out",
         "S" => "Address verification service not supported by issuer",
         "U" => "Address information is unavailable",

data/lib/active_merchant/billing/gateways/stripe.rb

@@ -60,7 +60,7 @@ module ActiveMerchant #:nodoc:
             r.process { tokenize_apple_pay_token(payment) }
             payment = StripePaymentToken.new(r.params["token"]) if r.success?
           end
-          r.process do |r|
+          r.process do
             post = create_post_for_auth_or_purchase(money, payment, options)
             post[:capture] = "false"
             commit(:post, 'charges', post, options)
@@ -81,7 +81,7 @@ module ActiveMerchant #:nodoc:
             r.process { tokenize_apple_pay_token(payment) }
             payment = StripePaymentToken.new(r.params["token"]) if r.success?
           end
-          r.process do |r|
+          r.process do
             post = create_post_for_auth_or_purchase(money, payment, options)
             commit(:post, 'charges', post, options)
           end
@@ -204,6 +204,17 @@ module ActiveMerchant #:nodoc:
         end
       end
 
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((Authorization: Basic )\w+), '\1[FILTERED]').
+          gsub(%r((card\[number\]=)\d+), '\1[FILTERED]').
+          gsub(%r((card\[cvc\]=)\d+), '\1[FILTERED]')
+      end
+
       private
 
       class StripePaymentToken < PaymentToken

data/lib/active_merchant/billing/gateways/wirecard.rb

@@ -395,7 +395,6 @@ module ActiveMerchant #:nodoc:
         "U" => "U", # Data Not Checked
         "Y" => "D", # All Data Matched
         "Z" => "P", # CSC and Postcode Matched
-        "F" => "D"  # Street address and zip code match
       }
 
       # Amex have different AVS response codes to visa etc

data/lib/active_merchant/billing/payment_token.rb

@@ -6,7 +6,7 @@ module ActiveMerchant #:nodoc:
     # implementations of your given cryptographer. Like credit cards, you must also return a string representing
     # the token's type, like 'apple_pay' or 'stripe' should your target payment gateway process these tokens.
     class PaymentToken
-      attr_reader :payment_data, :type
+      attr_reader :payment_data
 
       def initialize(payment_data, options = {})
         @payment_data = payment_data

data/lib/active_merchant/connection.rb

@@ -0,0 +1,169 @@
+require 'uri'
+require 'net/http'
+require 'net/https'
+require 'benchmark'
+
+module ActiveMerchant
+  class Connection
+    include NetworkConnectionRetries
+
+    MAX_RETRIES = 3
+    OPEN_TIMEOUT = 60
+    READ_TIMEOUT = 60
+    VERIFY_PEER = true
+    CA_FILE = File.expand_path('../certs/cacert.pem', File.dirname(__FILE__))
+    CA_PATH = nil
+    RETRY_SAFE = false
+    RUBY_184_POST_HEADERS = { "Content-Type" => "application/x-www-form-urlencoded" }
+
+    attr_accessor :endpoint
+    attr_accessor :open_timeout
+    attr_accessor :read_timeout
+    attr_accessor :verify_peer
+    attr_accessor :ssl_version
+    attr_accessor :ca_file
+    attr_accessor :ca_path
+    attr_accessor :pem
+    attr_accessor :pem_password
+    attr_accessor :wiredump_device
+    attr_accessor :logger
+    attr_accessor :tag
+    attr_accessor :ignore_http_status
+    attr_accessor :max_retries
+    attr_accessor :proxy_address
+    attr_accessor :proxy_port
+
+    def initialize(endpoint)
+      @endpoint     = endpoint.is_a?(URI) ? endpoint : URI.parse(endpoint)
+      @open_timeout = OPEN_TIMEOUT
+      @read_timeout = READ_TIMEOUT
+      @retry_safe   = RETRY_SAFE
+      @verify_peer  = VERIFY_PEER
+      @ca_file      = CA_FILE
+      @ca_path      = CA_PATH
+      @max_retries  = MAX_RETRIES
+      @ignore_http_status = false
+      @ssl_version = nil
+      @proxy_address = nil
+      @proxy_port = nil
+    end
+
+    def request(method, body, headers = {})
+      request_start = Time.now.to_f
+
+      retry_exceptions(:max_retries => max_retries, :logger => logger, :tag => tag) do
+        begin
+          info "connection_http_method=#{method.to_s.upcase} connection_uri=#{endpoint}", tag
+
+          result = nil
+
+          realtime = Benchmark.realtime do
+            result = case method
+            when :get
+              raise ArgumentError, "GET requests do not support a request body" if body
+              http.get(endpoint.request_uri, headers)
+            when :post
+              debug body
+              http.post(endpoint.request_uri, body, RUBY_184_POST_HEADERS.merge(headers))
+            when :put
+              debug body
+              http.put(endpoint.request_uri, body, headers)
+            when :delete
+              # It's kind of ambiguous whether the RFC allows bodies
+              # for DELETE requests. But Net::HTTP's delete method
+              # very unambiguously does not.
+              raise ArgumentError, "DELETE requests do not support a request body" if body
+              http.delete(endpoint.request_uri, headers)
+            else
+              raise ArgumentError, "Unsupported request method #{method.to_s.upcase}"
+            end
+          end
+
+          info "--> %d %s (%d %.4fs)" % [result.code, result.message, result.body ? result.body.length : 0, realtime], tag
+          debug result.body
+          result
+        end
+      end
+
+    ensure
+      info "connection_request_total_time=%.4fs" % [Time.now.to_f - request_start], tag
+    end
+
+    private
+    def http
+      http = Net::HTTP.new(endpoint.host, endpoint.port, proxy_address, proxy_port)
+      configure_debugging(http)
+      configure_timeouts(http)
+      configure_ssl(http)
+      configure_cert(http)
+      http
+    end
+
+    def configure_debugging(http)
+      http.set_debug_output(wiredump_device)
+    end
+
+    def configure_timeouts(http)
+      http.open_timeout = open_timeout
+      http.read_timeout = read_timeout
+    end
+
+    def configure_ssl(http)
+      return unless endpoint.scheme == "https"
+
+      http.use_ssl = true
+      http.ssl_version = ssl_version if ssl_version
+
+      if verify_peer
+        http.verify_mode = OpenSSL::SSL::VERIFY_PEER
+        http.ca_file     = ca_file
+        http.ca_path     = ca_path
+      else
+        http.verify_mode = OpenSSL::SSL::VERIFY_NONE
+      end
+
+    end
+
+    def configure_cert(http)
+      return if pem.blank?
+
+      http.cert = OpenSSL::X509::Certificate.new(pem)
+
+      if pem_password
+        http.key = OpenSSL::PKey::RSA.new(pem, pem_password)
+      else
+        http.key = OpenSSL::PKey::RSA.new(pem)
+      end
+    end
+
+    def handle_response(response)
+      if @ignore_http_status then
+        return response.body
+      else
+        case response.code.to_i
+        when 200...300
+          response.body
+        else
+          raise ResponseError.new(response)
+        end
+      end
+    end
+
+    def debug(message, tag = nil)
+      log(:debug, message, tag)
+    end
+
+    def info(message, tag = nil)
+      log(:info, message, tag)
+    end
+
+    def error(message, tag = nil)
+      log(:error, message, tag)
+    end
+
+    def log(level, message, tag)
+      message = "[#{tag}] #{message}" if tag
+      logger.send(level, message) if logger
+    end
+  end
+end

data/lib/active_merchant/network_connection_retries.rb

@@ -0,0 +1,78 @@
+module ActiveMerchant
+  module NetworkConnectionRetries
+    DEFAULT_RETRIES = 3
+    DEFAULT_CONNECTION_ERRORS = {
+      EOFError               => "The remote server dropped the connection",
+      Errno::ECONNRESET      => "The remote server reset the connection",
+      Timeout::Error         => "The connection to the remote server timed out",
+      Errno::ETIMEDOUT       => "The connection to the remote server timed out",
+      SocketError            => "The connection to the remote server could not be established",
+      OpenSSL::SSL::SSLError => "The SSL connection to the remote server could not be established"
+    }
+
+    def self.included(base)
+      base.send(:attr_accessor, :retry_safe)
+    end
+
+    def retry_exceptions(options={})
+      connection_errors = DEFAULT_CONNECTION_ERRORS.merge(options[:connection_exceptions] || {})
+
+      retry_network_exceptions(options) do
+        begin
+          yield
+        rescue Errno::ECONNREFUSED => e
+          raise ActiveMerchant::RetriableConnectionError, "The remote server refused the connection"
+        rescue OpenSSL::X509::CertificateError => e
+          NetworkConnectionRetries.log(options[:logger], :error, e.message, options[:tag])
+          raise ActiveMerchant::ClientCertificateError, "The remote server did not accept the provided SSL certificate"
+        rescue Zlib::BufError => e
+          raise ActiveMerchant::InvalidResponseError, "The remote server replied with an invalid response"
+        rescue *connection_errors.keys => e
+          raise ActiveMerchant::ConnectionError, derived_error_message(connection_errors, e.class)
+        end
+      end
+    end
+
+    private
+
+    def retry_network_exceptions(options = {})
+      initial_retries = options[:max_retries] || DEFAULT_RETRIES
+      retries = initial_retries
+      request_start = nil
+
+      begin
+        request_start = Time.now.to_f
+        result = yield
+        log_with_retry_details(options[:logger], initial_retries-retries + 1, Time.now.to_f - request_start, "success", options[:tag])
+        result
+      rescue ActiveMerchant::RetriableConnectionError => e
+        retries -= 1
+
+        log_with_retry_details(options[:logger], initial_retries-retries, Time.now.to_f - request_start, e.message, options[:tag])
+        retry unless retries.zero?
+        raise ActiveMerchant::ConnectionError, e.message
+      rescue ActiveMerchant::ConnectionError, ActiveMerchant::InvalidResponseError => e
+        retries -= 1
+        log_with_retry_details(options[:logger], initial_retries-retries, Time.now.to_f - request_start, e.message, options[:tag])
+        retry if (options[:retry_safe] || retry_safe) && !retries.zero?
+        raise
+      end
+    end
+
+    def self.log(logger, level, message, tag=nil)
+      tag ||= self.class.to_s
+      message = "[#{tag}] #{message}"
+      logger.send(level, message) if logger
+    end
+
+    private
+    def log_with_retry_details(logger, attempts, time, message, tag)
+      NetworkConnectionRetries.log(logger, :info, "connection_attempt=%d connection_request_time=%.4fs connection_msg=\"%s\"" % [attempts, time, message], tag)
+    end
+
+    def derived_error_message(errors, klass)
+      key = (errors.keys & klass.ancestors).first
+      key ? errors[key] : nil
+    end
+  end
+end

data/lib/active_merchant/post_data.rb

@@ -0,0 +1,24 @@
+require 'cgi'
+
+module ActiveMerchant
+  class PostData < Hash
+    class_attribute :required_fields, :instance_writer => false
+    self.required_fields = []
+
+    def []=(key, value)
+      return if value.blank? && !required?(key)
+      super
+    end
+
+    def to_post_data
+      collect { |key, value| "#{key}=#{CGI.escape(value.to_s)}" }.join("&")
+    end
+
+    alias_method :to_s, :to_post_data
+
+    private
+    def required?(key)
+      required_fields.include?(key)
+    end
+  end
+end

data/lib/active_merchant/posts_data.rb

@@ -0,0 +1,78 @@
+module ActiveMerchant #:nodoc:
+  module PostsData  #:nodoc:
+
+    def self.included(base)
+      base.class_attribute :ssl_strict
+      base.ssl_strict = true
+
+      base.class_attribute :ssl_version
+      base.ssl_version = nil
+
+      base.class_attribute :retry_safe
+      base.retry_safe = false
+
+      base.class_attribute :open_timeout
+      base.open_timeout = 60
+
+      base.class_attribute :read_timeout
+      base.read_timeout = 60
+
+      base.class_attribute :max_retries
+      base.max_retries = Connection::MAX_RETRIES
+
+      base.class_attribute :logger
+      base.class_attribute :wiredump_device
+    end
+
+    def ssl_get(endpoint, headers={})
+      ssl_request(:get, endpoint, nil, headers)
+    end
+
+    def ssl_post(endpoint, data, headers = {})
+      ssl_request(:post, endpoint, data, headers)
+    end
+
+    def ssl_request(method, endpoint, data, headers)
+      handle_response(raw_ssl_request(method, endpoint, data, headers))
+    end
+
+    def raw_ssl_request(method, endpoint, data, headers = {})
+      logger.warn "#{self.class} using ssl_strict=false, which is insecure" if logger unless ssl_strict
+      logger.warn "#{self.class} posting to plaintext endpoint, which is insecure" if logger unless endpoint =~ /^https:/
+
+      connection = new_connection(endpoint)
+      connection.open_timeout = open_timeout
+      connection.read_timeout = read_timeout
+      connection.retry_safe   = retry_safe
+      connection.verify_peer  = ssl_strict
+      connection.ssl_version  = ssl_version
+      connection.logger       = logger
+      connection.max_retries  = max_retries
+      connection.tag          = self.class.name
+      connection.wiredump_device = wiredump_device
+
+      connection.pem          = @options[:pem] if @options
+      connection.pem_password = @options[:pem_password] if @options
+
+      connection.ignore_http_status = @options[:ignore_http_status] if @options
+
+      connection.request(method, data, headers)
+    end
+
+    private
+
+    def new_connection(endpoint)
+      Connection.new(endpoint)
+    end
+
+    def handle_response(response)
+      case response.code.to_i
+      when 200...300
+        response.body
+      else
+        raise ResponseError.new(response)
+      end
+    end
+
+  end
+end