activemerchant 1.47.0 → 1.48.0

data/lib/active_merchant/billing/gateways/paymill.rb

@@ -10,6 +10,7 @@ module ActiveMerchant #:nodoc:
       self.display_name = 'PAYMILL'
       self.money_format = :cents
       self.default_currency = 'EUR'
+      self.live_url = "https://api.paymill.com/v2/"
 
       def initialize(options = {})
         requires!(options, :public_key, :private_key)
@@ -63,9 +64,9 @@ module ActiveMerchant #:nodoc:
         { 'Authorization' => ('Basic ' + Base64.strict_encode64("#{@options[:private_key]}:X").chomp) }
       end
 
-      def commit(method, url, parameters=nil)
+      def commit(method, action, parameters=nil)
         begin
-          raw_response = ssl_request(method, "https://api.paymill.com/v2/#{url}", post_data(parameters), headers)
+          raw_response = ssl_request(method, live_url + action, post_data(parameters), headers)
         rescue ResponseError => e
           begin
             parsed = JSON.parse(e.response.body)

data/lib/active_merchant/billing/gateways/pin.rb

@@ -59,10 +59,10 @@ module ActiveMerchant #:nodoc:
         purchase(money, creditcard, options)
       end
 
-      # Captures a previously authorized charge. Capturing a certin amount of the original
+      # Captures a previously authorized charge. Capturing only part of the original
       # authorization is currently not supported.
       def capture(money, token, options = {})
-        commit(:put, "charges/#{CGI.escape(token)}/capture", {}, options)
+        commit(:put, "charges/#{CGI.escape(token)}/capture", { :amount => amount(money) }, options)
       end
 
       # Updates the credit card for the customer.

data/lib/active_merchant/billing/gateways/quickbooks.rb

@@ -104,8 +104,8 @@ module ActiveMerchant #:nodoc:
           gsub(%r((oauth_nonce=\")\w+), '\1[FILTERED]').
           gsub(%r((oauth_signature=\")[a-zA-Z%0-9]+), '\1[FILTERED]').
           gsub(%r((oauth_token=\")\w+), '\1[FILTERED]').
-          gsub(%r((\"card\":{\"number\":\")\d+), '\1[FILTERED]').
-          gsub(%r((\"cvc\":\")\d+), '\1[FILTERED]')
+          gsub(%r((number\D+)\d{16}), '\1[FILTERED]').
+          gsub(%r((cvc\D+)\d{3}), '\1[FILTERED]')
       end
 
       private
@@ -242,11 +242,13 @@ module ActiveMerchant #:nodoc:
       end
 
       def success?(response)
-        response['errors'].present? ? FRAUD_WARNING_CODES.concat(['0']).include?(response['errors'].first['code']) : true
+      return FRAUD_WARNING_CODES.concat(['0']).include?(response['errors'].first['code']) if response['errors']
+        
+      !['DECLINED', 'CANCELLED'].include?(response['status'])
       end
 
       def message_from(response)
-        response['errors'].present? ? response["errors"].map {|error_hash| error_hash["message"] }.join(" ") : "Transaction Approved"
+        response['errors'].present? ? response["errors"].map {|error_hash| error_hash["message"] }.join(" ") : response['status']
       end
 
       def errors_from(response)

data/lib/active_merchant/billing/gateways/qvalent.rb

@@ -0,0 +1,179 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class QvalentGateway < Gateway
+      self.display_name = "Qvalent"
+      self.homepage_url = "https://www.qvalent.com/"
+
+      self.test_url = "https://ccapi.client.support.qvalent.com/post/CreditCardAPIReceiver"
+      self.live_url = "https://ccapi.client.qvalent.com/post/CreditCardAPIReceiver"
+
+      self.supported_countries = ["AU"]
+      self.default_currency = "AUD"
+      self.money_format = :cents
+      self.supported_cardtypes = [:visa, :master, :american_express, :discover, :jcb, :diners]
+
+      def initialize(options={})
+        requires!(options, :username, :password, :merchant)
+        super
+      end
+
+      def purchase(amount, payment_method, options={})
+        post = {}
+        add_invoice(post, amount, options)
+        add_order_number(post, options)
+        add_payment_method(post, payment_method)
+        add_verification_value(post, payment_method)
+        add_customer_data(post, options)
+
+        commit("capture", post)
+      end
+
+      def refund(amount, authorization, options={})
+        post = {}
+        add_invoice(post, amount, options)
+        add_reference(post, authorization, options)
+        add_customer_data(post, options)
+
+        commit("refund", post)
+      end
+
+      def store(payment_method, options = {})
+        post = {}
+        add_payment_method(post, payment_method)
+        add_card_reference(post)
+
+        commit("registerAccount", post)
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((&?customer.password=)[^&]*), '\1[FILTERED]').
+          gsub(%r((&?card.PAN=)[^&]*), '\1[FILTERED]').
+          gsub(%r((&?card.CVN=)[^&]*), '\1[FILTERED]')
+      end
+
+      private
+
+      CURRENCY_CODES = Hash.new{|h,k| raise ArgumentError.new("Unsupported currency: #{k}")}
+      CURRENCY_CODES["AUD"] = "AUD"
+      CURRENCY_CODES["INR"] = "INR"
+
+      def add_invoice(post, money, options)
+        post["order.amount"] = amount(money)
+        post["card.currency"] = CURRENCY_CODES[options[:currency] || currency(money)]
+        post["order.ECI"] = "SSL"
+      end
+
+      def add_payment_method(post, payment_method)
+        post["card.cardHolderName"] = payment_method.name
+        post["card.PAN"] = payment_method.number
+        post["card.expiryYear"] = format(payment_method.year, :two_digits)
+        post["card.expiryMonth"] = format(payment_method.month, :two_digits)
+      end
+
+      def add_verification_value(post, payment_method)
+        post["card.CVN"] = payment_method.verification_value
+      end
+
+      def add_card_reference(post)
+        post["customer.customerReferenceNumber"] = options[:order_id]
+      end
+
+      def add_reference(post, authorization, options)
+        post["customer.originalOrderNumber"] = authorization
+        add_order_number(post, options)
+      end
+
+      def add_order_number(post, options)
+        post["customer.orderNumber"] = options[:order_id] || SecureRandom.uuid
+      end
+
+      def add_customer_data(post, options)
+        post["order.ipAddress"] = options[:ip]
+      end
+
+      def commit(action, post)
+        post["customer.username"] = @options[:username]
+        post["customer.password"] = @options[:password]
+        post["customer.merchant"] = @options[:merchant]
+        post["order.type"] = action
+
+        data = build_request(post)
+        raw = parse(ssl_post(url(action), data, headers))
+
+        succeeded = success_from(raw["response.responseCode"])
+        Response.new(
+          succeeded,
+          message_from(succeeded, raw),
+          raw,
+          authorization: raw["response.orderNumber"] || raw["response.customerReferenceNumber"],
+          error_code: error_code_from(succeeded, raw),
+          test: test?
+        )
+      end
+
+      def headers
+        {
+          "Content-Type"  => "application/x-www-form-urlencoded"
+        }
+      end
+
+      def build_request(post)
+        post.to_query + "&message.end"
+      end
+
+      def url(action)
+        (test? ? test_url : live_url)
+      end
+
+      def parse(body)
+        result = {}
+        body.to_s.each_line do |pair|
+          result[$1] = $2 if pair.strip =~ /\A([^=]+)=(.+)\Z/im
+        end
+        result
+      end
+
+      def parse_element(response, node)
+        if node.has_elements?
+          node.elements.each{|element| parse_element(response, element) }
+        else
+          response[node.name.underscore.to_sym] = node.text
+        end
+      end
+
+      SUCCESS_CODES = %w(00 08 10 11 16 QS QZ)
+
+      def success_from(response)
+        SUCCESS_CODES.include?(response)
+      end
+
+      def message_from(succeeded, response)
+        if succeeded
+          "Succeeded"
+        else
+          response["response.text"] || "Unable to read error message"
+        end
+      end
+
+      STANDARD_ERROR_CODE_MAPPING = {
+        "14" => STANDARD_ERROR_CODE[:invalid_number],
+        "QQ" => STANDARD_ERROR_CODE[:invalid_cvc],
+        "33" => STANDARD_ERROR_CODE[:expired_card],
+        "NT" => STANDARD_ERROR_CODE[:incorrect_address],
+        "12" => STANDARD_ERROR_CODE[:card_declined],
+        "06" => STANDARD_ERROR_CODE[:processing_error],
+        "01" => STANDARD_ERROR_CODE[:call_issuer],
+        "04" => STANDARD_ERROR_CODE[:pickup_card],
+      }
+
+      def error_code_from(succeeded, response)
+        succeeded ? nil : STANDARD_ERROR_CODE_MAPPING[response["response.responseCode"]]
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/redsys.rb

@@ -26,7 +26,7 @@ module ActiveMerchant #:nodoc:
     # test access details please get in touch: sam@cabify.com.
     class RedsysGateway < Gateway
       self.live_url = "https://sis.sermepa.es/sis/operaciones"
-      self.test_url = "https://sis-t.sermepa.es:25443/sis/operaciones"
+      self.test_url = "https://sis-t.redsys.es:25443/sis/operaciones"
 
       self.supported_countries = ['ES']
       self.default_currency    = 'EUR'
@@ -159,28 +159,30 @@ module ActiveMerchant #:nodoc:
         super
       end
 
-      def purchase(money, creditcard, options = {})
+      def purchase(money, payment, options = {})
         requires!(options, :order_id)
 
         data = {}
         add_action(data, :purchase)
         add_amount(data, money, options)
         add_order(data, options[:order_id])
-        add_creditcard(data, creditcard)
+        add_payment(data, payment)
         data[:description] = options[:description]
+        data[:store_in_vault] = options[:store]
 
         commit data
       end
 
-      def authorize(money, creditcard, options = {})
+      def authorize(money, payment, options = {})
         requires!(options, :order_id)
 
         data = {}
         add_action(data, :authorize)
         add_amount(data, money, options)
         add_order(data, options[:order_id])
-        add_creditcard(data, creditcard)
+        add_payment(data, payment)
         data[:description] = options[:description]
+        data[:store_in_vault] = options[:store]
 
         commit data
       end
@@ -244,16 +246,20 @@ module ActiveMerchant #:nodoc:
         test? ? test_url : live_url
       end
 
-      def add_creditcard(data, card)
-        name  = [card.first_name, card.last_name].join(' ').slice(0, 60)
-        year  = sprintf("%.4i", card.year)
-        month = sprintf("%.2i", card.month)
-        data[:card] = {
-          :name => name,
-          :pan  => card.number,
-          :date => "#{year[2..3]}#{month}",
-          :cvv  => card.verification_value
-        }
+      def add_payment(data, card)
+        if card.is_a?(String)
+          data[:credit_card_token] = card
+        else
+          name  = [card.first_name, card.last_name].join(' ').slice(0, 60)
+          year  = sprintf("%.4i", card.year)
+          month = sprintf("%.2i", card.month)
+          data[:card] = {
+            :name => name,
+            :pan  => card.number,
+            :date => "#{year[2..3]}#{month}",
+            :cvv  => card.verification_value
+          }
+        end
       end
 
       def commit(data)
@@ -276,6 +282,11 @@ module ActiveMerchant #:nodoc:
         end
 
         str << data[:action]
+        if data[:store_in_vault]
+          str << 'REQUIRED'
+        elsif data[:credit_card_token]
+          str << data[:credit_card_token]
+        end
         str << @options[:secret_key]
 
         Digest::SHA1.hexdigest(str)
@@ -301,6 +312,9 @@ module ActiveMerchant #:nodoc:
             xml.DS_MERCHANT_PAN        data[:card][:pan]
             xml.DS_MERCHANT_EXPIRYDATE data[:card][:date]
             xml.DS_MERCHANT_CVV2       data[:card][:cvv]
+            xml.DS_MERCHANT_IDENTIFIER 'REQUIRED' if data[:store_in_vault]
+          elsif data[:credit_card_token]
+            xml.DS_MERCHANT_IDENTIFIER data[:credit_card_token]
           end
         end
         xml.target!

data/lib/active_merchant/billing/gateways/sage_pay.rb

@@ -354,7 +354,7 @@ module ActiveMerchant #:nodoc:
         parameters.update(
           :Vendor => @options[:login],
           :TxType => TRANSACTIONS[action],
-          :VPSProtocol => "3.00"
+          :VPSProtocol => @options.fetch(:protocol_version, '3.00')
         )
 
         if(application_id && (application_id != Gateway.application_id))

data/lib/active_merchant/billing/gateways/stripe.rb

@@ -24,7 +24,7 @@ module ActiveMerchant #:nodoc:
       # Source: https://support.stripe.com/questions/which-zero-decimal-currencies-does-stripe-support
       CURRENCIES_WITHOUT_FRACTIONS = ['BIF', 'CLP', 'DJF', 'GNF', 'JPY', 'KMF', 'KRW', 'MGA', 'PYG', 'RWF', 'VUV', 'XAF', 'XOF', 'XPF']
 
-      self.supported_countries = %w(AU BE CA CH DE ES FI FR GB IE IT LU NL US)
+      self.supported_countries = %w(AT AU BE CA CH DE DK ES FI FR GB IE IT LU NL NO SE US)
       self.default_currency = 'USD'
       self.money_format = :cents
       self.supported_cardtypes = [:visa, :master, :american_express, :discover, :jcb, :diners_club]
@@ -212,7 +212,8 @@ module ActiveMerchant #:nodoc:
         transcript.
           gsub(%r((Authorization: Basic )\w+), '\1[FILTERED]').
           gsub(%r((card\[number\]=)\d+), '\1[FILTERED]').
-          gsub(%r((card\[cvc\]=)\d+), '\1[FILTERED]')
+          gsub(%r((card\[cvc\]=)\d+), '\1[FILTERED]').
+          gsub(%r((&?three_d_secure\[cryptogram\]=)[\w=]*(&?)), '\1[FILTERED]\2')
       end
 
       private
@@ -236,7 +237,7 @@ module ActiveMerchant #:nodoc:
         post[:description] = options[:description]
         post[:statement_description] = options[:statement_description]
 
-        post[:metadata] = {}
+        post[:metadata] = options[:metadata] || {}
         post[:metadata][:email] = options[:email] if options[:email]
         post[:metadata][:order_id] = options[:order_id] if options[:order_id]
         post.delete(:metadata) if post[:metadata].empty?
@@ -294,6 +295,14 @@ module ActiveMerchant #:nodoc:
           end
 
           post[:card] = card
+
+          if creditcard.is_a?(NetworkTokenizationCreditCard)
+            post[:three_d_secure] = {
+              apple_pay:  true,
+              cryptogram: creditcard.payment_cryptogram
+            }
+          end
+
           add_address(post, options)
         elsif creditcard.kind_of?(String)
           if options[:track_data]

data/lib/active_merchant/billing/gateways/usa_epay_transaction.rb

@@ -15,7 +15,8 @@ module ActiveMerchant #:nodoc:
         :purchase       => 'cc:sale',
         :capture        => 'cc:capture',
         :refund         => 'cc:refund',
-        :void           => 'cc:void'
+        :void           => 'cc:void',
+        :void_release   => 'cc:void:release'
       }
 
       STANDARD_ERROR_CODE_MAPPING = {
@@ -93,9 +94,10 @@ module ActiveMerchant #:nodoc:
         end
       end
 
+      # Pass `no_release: true` to keep the void from immediately settling
       def void(authorization, options = {})
-        post = { :refNum => authorization }
-        commit(:void, post)
+        command = (options[:no_release] ? :void : :void_release)
+        commit(command, refNum: authorization)
       end
 
     private
@@ -245,6 +247,9 @@ module ActiveMerchant #:nodoc:
         parameters[:key]      = @options[:login]
         parameters[:software] = 'Active Merchant'
         parameters[:testmode] = (@options[:test] ? 1 : 0)
+        seed = SecureRandom.hex(32).upcase
+        hash = Digest::SHA1.hexdigest("#{parameters[:command]}:#{@options[:password]}:#{parameters[:amount]}:#{parameters[:invoice]}:#{seed}")
+        parameters[:hash] = "s/#{seed}/#{hash}/n"
 
         parameters.collect { |key, value| "UM#{key}=#{CGI.escape(value.to_s)}" }.join("&")
       end

data/lib/active_merchant/billing/gateways/worldpay.rb

@@ -6,10 +6,10 @@ module ActiveMerchant #:nodoc:
 
       self.default_currency = 'GBP'
       self.money_format = :cents
-      self.supported_countries = %w(HK US GB AU AD BE CH CY CZ DE DK ES FI FR GI GR HU IE IL IT LI LU MC MT NL NO NZ PL PT SE SG SI SM TR UM VA)
+      self.supported_countries = %w(HK GB AU AD BE CH CY CZ DE DK ES FI FR GI GR HU IE IL IT LI LU MC MT NL NO NZ PL PT SE SG SI SM TR UM VA)
       self.supported_cardtypes = [:visa, :master, :american_express, :discover, :jcb, :maestro, :laser, :switch]
       self.homepage_url = 'http://www.worldpay.com/'
-      self.display_name = 'Worldpay'
+      self.display_name = 'Worldpay Global'
 
       CARD_CODES = {
         'visa'             => 'VISA-SSL',

data/lib/active_merchant/billing/gateways/worldpay_online_payments.rb

@@ -0,0 +1,205 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class WorldpayOnlinePaymentsGateway < Gateway
+      self.live_url =  'https://api.worldpay.com/v1/'
+
+      self.default_currency = 'GBP'
+
+      self.money_format = :cents
+
+      self.supported_countries = %w(HK US GB AU AD BE CH CY CZ DE DK ES FI FR GI GR HU IE IL IT LI LU MC MT NL NO NZ PL PT SE SG SI SM TR UM VA)
+      self.supported_cardtypes = [:visa, :master, :american_express, :discover, :jcb, :maestro, :laser, :switch]
+
+      self.homepage_url = 'http://online.worldpay.com'
+      self.display_name = 'Worldpay Online Payments'
+
+      def initialize(options={})
+        requires!(options, :client_key, :service_key)
+        @client_key = options[:client_key]
+        @service_key = options[:service_key]
+        super
+      end
+
+      def authorize(money, credit_card, options={})
+        response = create_token(true, credit_card.first_name+' '+credit_card.last_name, credit_card.month, credit_card.year, credit_card.number, credit_card.verification_value)
+
+        if response.success?
+          options[:authorizeOnly] = true
+          post = create_post_for_auth_or_purchase(response.authorization, money, options)
+          response = commit(:post, 'orders', post)
+        end
+        response
+      end
+
+      def capture(money, authorization, options={})
+        if authorization
+          commit(:post, "orders/#{CGI.escape(authorization)}/capture", {"captureAmount"=>money}, options)
+        else
+          Response.new(false,
+            'FAILED',
+            'FAILED',
+            :test => test?,
+            :authorization => false,
+            :avs_result => {},
+            :cvv_result => {},
+            :error_code => false
+          )
+        end
+      end
+
+      def purchase(money, credit_card, options={})
+        response = create_token(true, credit_card.first_name+' '+credit_card.last_name, credit_card.month, credit_card.year, credit_card.number, credit_card.verification_value)
+        if response.success?
+          post = create_post_for_auth_or_purchase(response.authorization, money, options)
+          response = commit(:post, 'orders', post, options)
+        end
+        response
+      end
+
+      def refund(money, orderCode, options={})
+        obj = money ? {"refundAmount" => money} : {}
+        commit(:post, "orders/#{CGI.escape(orderCode)}/refund", obj, options)
+      end
+
+      def void(orderCode, options={})
+        response = commit(:delete, "orders/#{CGI.escape(orderCode)}", nil, options)
+        if !response.success? && (response.params && response.params['customCode'] != 'ORDER_NOT_FOUND')
+          response = refund(nil, orderCode)
+        end
+        response
+      end
+
+      def verify(credit_card, options={})
+        authorize(0, credit_card, options)
+      end
+
+      private
+
+      def create_token(reusable, name, exp_month, exp_year, number, cvc)
+        obj = {
+          "reusable"=> reusable,
+          "paymentMethod"=> {
+            "type"=> "Card",
+            "name"=> name,
+            "expiryMonth"=> exp_month,
+            "expiryYear"=> exp_year,
+            "cardNumber"=> number,
+            "cvc"=> cvc
+          },
+          "clientKey"=> @client_key
+        }
+        token_response = commit(:post, 'tokens', obj, {'Authorization' => @service_key})
+        token_response
+      end
+
+      def create_post_for_auth_or_purchase(token, money, options)
+      {
+        "token" => token,
+        "orderDescription" => options[:description],
+        "amount" => money,
+        "currencyCode" => options[:currency] || default_currency,
+        "name" => options[:billing_address]&&options[:billing_address][:name] ? options[:billing_address][:name] : '',
+        "billingAddress" => {
+          "address1"=>options[:billing_address]&&options[:billing_address][:address1] ? options[:billing_address][:address1] : '',
+          "address2"=>options[:billing_address]&&options[:billing_address][:address2] ? options[:billing_address][:address2] : '',
+          "address3"=>"",
+          "postalCode"=>options[:billing_address]&&options[:billing_address][:zip] ? options[:billing_address][:zip] : '',
+          "city"=>options[:billing_address]&&options[:billing_address][:city] ? options[:billing_address][:city] : '',
+          "state"=>options[:billing_address]&&options[:billing_address][:state] ? options[:billing_address][:state] : '',
+          "countryCode"=>options[:billing_address]&&options[:billing_address][:country] ? options[:billing_address][:country] : ''
+          },
+          "customerOrderCode" => options[:order_id],
+          "orderType" => "ECOM",
+          "authorizeOnly" => options[:authorizeOnly] ? true : false
+        }
+      end
+
+      def parse(body)
+        body ? JSON.parse(body) : {}
+      end
+
+      def headers(options = {})
+        headers = {
+          "Authorization" => @service_key,
+          "Content-Type" => 'application/json',
+          "User-Agent" => "Worldpay/v1 ActiveMerchantBindings/#{ActiveMerchant::VERSION}",
+          "X-Worldpay-Client-User-Agent" => user_agent,
+          "X-Worldpay-Client-User-Metadata" => {:ip => options[:ip]}.to_json
+        }
+        if options['Authorization']
+          headers['Authorization'] = options['Authorization']
+        end
+        headers
+      end
+
+      def commit(method, url, parameters=nil, options = {})
+        raw_response = response = nil
+        success = false
+        begin
+          json = parameters ? parameters.to_json : nil
+
+          raw_response = ssl_request(method, self.live_url + url, json, headers(options))
+
+          if (raw_response != '')
+            response = parse(raw_response)
+            success = !response.key?("httpStatusCode")
+          else
+            success = true
+            response = {}
+          end
+
+        rescue ResponseError => e
+          raw_response = e.response.body
+          response = response_error(raw_response)
+        rescue JSON::ParserError => e
+          response = json_error(raw_response)
+        end
+
+        if response["orderCode"]
+          authorization = response["orderCode"]
+        elsif response["token"]
+          authorization = response["token"]
+        else
+          authorization = response["message"]
+        end
+
+        Response.new(success,
+          success ? "SUCCESS" : response["message"],
+          response,
+          :test => test?,
+          :authorization => authorization,
+          :avs_result => {},
+          :cvv_result => {},
+          :error_code => success ? nil : response["customCode"]
+        )
+      end
+
+      def test?
+        @service_key[0]=="T" ? true : false
+      end
+
+      def response_error(raw_response)
+        begin
+          parse(raw_response)
+        rescue JSON::ParserError
+          json_error(raw_response)
+        end
+      end
+
+      def json_error(raw_response)
+        msg = 'Invalid response received from the Worldpay Online Payments API.  Please contact techsupport.online@worldpay.com if you continue to receive this message.'
+        msg += "  (The raw response returned by the API was #{raw_response.inspect})"
+        {
+          "error" => {
+            "message" => msg
+          }
+        }
+      end
+
+      def handle_response(response)
+        response.body
+      end
+
+    end
+  end
+end