activemerchant 1.49.0 → 1.50.0

data/lib/active_merchant/billing/gateways/optimal_payment.rb

@@ -269,17 +269,19 @@ module ActiveMerchant #:nodoc:
       def build_billing_details(xml, opts)
         xml.tag! 'billingDetails' do
           xml.tag! 'cardPayMethod', 'WEB'
-          build_address(xml, opts[:billing_address], opts[:email])
+          build_address(xml, opts[:billing_address]) if opts[:billing_address]
+          xml.tag! 'email', opts[:email] if opts[:email]
         end
       end
 
       def build_shipping_details(xml, opts)
         xml.tag! 'shippingDetails' do
-          build_address(xml, opts[:shipping_address], opts[:email])
+          build_address(xml, opts[:shipping_address])
+          xml.tag! 'email', opts[:email] if opts[:email]
         end if opts[:shipping_address].present?
       end
 
-      def build_address(xml, addr, email=nil)
+      def build_address(xml, addr)
         if addr[:name]
           xml.tag! 'firstName', addr[:name].split(' ').first
           xml.tag! 'lastName' , addr[:name].split(' ').last
@@ -294,7 +296,6 @@ module ActiveMerchant #:nodoc:
         xml.tag! 'country', addr[:country]  if addr[:country].present?
         xml.tag! 'zip'    , addr[:zip]      if addr[:zip].present?
         xml.tag! 'phone'  , addr[:phone]    if addr[:phone].present?
-        xml.tag! 'email', email if email
       end
 
       def card_type(key)

data/lib/active_merchant/billing/gateways/orbital.rb

@@ -196,6 +196,13 @@ module ActiveMerchant #:nodoc:
         commit(order, :authorize, options[:trace_number])
       end
 
+      def verify(creditcard, options = {})
+        MultiResponse.run(:use_first_response) do |r|
+          r.process { authorize(100, creditcard, options) }
+          r.process(:ignore_result) { void(r.authorization) }
+        end
+      end
+
       # AC – Authorization and Capture
       def purchase(money, creditcard, options = {})
         order = build_new_order_xml(AUTH_AND_CAPTURE, money, options) do |xml|

data/lib/active_merchant/billing/gateways/payu_in.rb

@@ -0,0 +1,243 @@
+# encoding: utf-8
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class PayuInGateway < Gateway
+      self.test_url = "https://test.payu.in/_payment"
+      self.live_url = "https://secure.payu.in/_payment"
+
+      TEST_INFO_URL = "https://test.payu.in/merchant/postservice.php?form=2"
+      LIVE_INFO_URL = "https://info.payu.in/merchant/postservice.php?form=2"
+
+      self.supported_countries = ['IN']
+      self.default_currency = 'INR'
+      self.supported_cardtypes = [:visa, :master, :american_express, :diners_club]
+
+      self.homepage_url = 'https://www.payu.in/'
+      self.display_name = 'PayU India'
+
+      def initialize(options={})
+        requires!(options, :key, :salt)
+        super
+      end
+
+      def purchase(money, payment, options={})
+        requires!(options, :order_id)
+
+        post = {}
+        add_invoice(post, money, options)
+        add_payment(post, payment)
+        add_addresses(post, options)
+        add_customer_data(post, options)
+        add_auth(post)
+
+        MultiResponse.run do |r|
+          r.process{commit(url("purchase"), post)}
+          if(r.params["enrolled"].to_s == "0")
+            r.process{commit(r.params["post_uri"], r.params["form_post_vars"])}
+          else
+            r.process{handle_3dsecure(r)}
+          end
+        end
+      end
+
+      def refund(money, authorization, options={})
+        raise ArgumentError, "Amount is required" unless money
+
+        post = {}
+
+        post[:command] = "cancel_refund_transaction"
+        post[:var1] = authorization
+        post[:var2] = generate_unique_id
+        post[:var3] = amount(money)
+
+        add_auth(post, :command, :var1)
+
+        commit(url("refund"), post)
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(/(ccnum=)[^&\n"]*(&|\n|"|$)/, '\1[FILTERED]\2').
+          gsub(/(ccvv=)[^&\n"]*(&|\n|"|$)/, '\1[FILTERED]\2').
+          gsub(/(card_hash=)[^&\n"]*(&|\n|"|$)/, '\1[FILTERED]\2').
+          gsub(/(ccnum":")[^"]*(")/, '\1[FILTERED]\2').
+          gsub(/(ccvv":")[^"]*(")/, '\1[FILTERED]\2')
+      end
+
+      private
+
+      PAYMENT_DIGEST_KEYS = %w(
+        txnid amount productinfo firstname email
+        udf1 udf2 udf3 udf4 udf5
+        bogus bogus bogus bogus bogus
+      )
+      def add_auth(post, *digest_keys)
+        post[:key] = @options[:key]
+        post[:txn_s2s_flow] = 1
+
+        digest_keys = PAYMENT_DIGEST_KEYS if digest_keys.empty?
+        digest = Digest::SHA2.new(512)
+        digest << @options[:key] << "|"
+        digest_keys.each do |key|
+          digest << (post[key.to_sym] || "") << "|"
+        end
+        digest << @options[:salt]
+        post[:hash] = digest.hexdigest
+      end
+
+      def add_customer_data(post, options)
+        post[:email] = clean(options[:email] || "unknown@example.com", nil, 50)
+        post[:phone] = clean((options[:billing_address] && options[:billing_address][:phone]) || "11111111111", :numeric, 50)
+      end
+
+      def add_addresses(post, options)
+        if options[:billing_address]
+          post[:address1] = clean(options[:billing_address][:address1], :text, 100)
+          post[:address2] = clean(options[:billing_address][:address2], :text, 100)
+          post[:city] = clean(options[:billing_address][:city], :text, 50)
+          post[:state] = clean(options[:billing_address][:state], :text, 50)
+          post[:country] = clean(options[:billing_address][:country], :text, 50)
+          post[:zipcode] = clean(options[:billing_address][:zip], :numeric, 20)
+        end
+
+        if options[:shipping_address]
+          if options[:shipping_address][:name]
+            first, *rest = options[:shipping_address][:name].split(/\s+/)
+            post[:shipping_firstname] = clean(first, :name, 60)
+            post[:shipping_lastname] = clean(rest.join(" "), :name, 20)
+          end
+          post[:shipping_address1] = clean(options[:shipping_address][:address1], :text, 100)
+          post[:shipping_address2] = clean(options[:shipping_address][:address2], :text, 100)
+          post[:shipping_city] = clean(options[:shipping_address][:city], :text, 50)
+          post[:shipping_state] = clean(options[:shipping_address][:state], :text, 50)
+          post[:shipping_country] = clean(options[:shipping_address][:country], :text, 50)
+          post[:shipping_zipcode] = clean(options[:shipping_address][:zip], :numeric, 20)
+          post[:shipping_phone] = clean(options[:shipping_address][:phone], :numeric, 50)
+        end
+      end
+
+      def add_invoice(post, money, options)
+        post[:amount] = amount(money)
+
+        post[:txnid] = clean(options[:order_id], :alphanumeric, 25)
+        post[:productinfo] = clean(options[:description] || "Purchase", nil, 100)
+
+        post[:surl] = "http://example.com"
+        post[:furl] = "http://example.com"
+      end
+
+      BRAND_MAP = {
+        visa: "VISA",
+        master: "MAST",
+        american_express: "AMEX",
+        diners_club: "DINR"
+      }
+
+      def add_payment(post, payment)
+        post[:pg] = "CC"
+        post[:firstname] = clean(payment.first_name, :name, 60)
+        post[:lastname] = clean(payment.last_name, :name, 20)
+
+        post[:bankcode] = BRAND_MAP[payment.brand.to_sym]
+        post[:ccnum] = payment.number
+        post[:ccvv] = payment.verification_value
+        post[:ccname] = payment.name
+        post[:ccexpmon] = format(payment.month, :two_digits)
+        post[:ccexpyr] = format(payment.year, :four_digits)
+      end
+
+      def clean(value, format, maxlength)
+        value ||= ""
+        value = case format
+        when :alphanumeric
+          value.gsub(/[^A-Za-z0-9]/, "")
+        when :name
+          value.gsub(/[^A-Za-z ]/, "")
+        when :numeric
+          value.gsub(/[^0-9]/, "")
+        when :text
+          value.gsub(/[^A-Za-z0-9@\-_\/\. ]/, "")
+        when nil
+          value
+        else
+          raise "Unknown format #{format} for #{value}"
+        end
+        value[0...maxlength]
+      end
+
+      def parse(body)
+        top = JSON.parse(body)
+
+        if result = top.delete("result")
+          result.split("&").inject({}) do |hash, string|
+            key, value = string.split("=")
+            hash[CGI.unescape(key).downcase] = CGI.unescape(value || "")
+            hash
+          end.each do |key, value|
+            if top[key]
+              top["result_#{key}"] = value
+            else
+              top[key] = value
+            end
+          end
+        end
+
+        if response = top.delete("response")
+          top.merge!(response)
+        end
+
+        top
+      end
+
+      def commit(url, parameters)
+        response = parse(ssl_post(url, post_data(parameters), "Accept-Encoding" => "identity"))
+
+        Response.new(
+          success_from(response),
+          message_from(response),
+          response,
+          authorization: authorization_from(response),
+          test: test?
+        )
+      end
+
+      def url(action)
+        case action
+        when "purchase"
+          (test? ? test_url : live_url)
+        else
+          (test? ? TEST_INFO_URL : LIVE_INFO_URL)
+        end
+      end
+
+      def success_from(response)
+        if response["result_status"]
+          (response["status"] == "success" && response["result_status"] == "success")
+        else
+          (response["status"] == "success" || response["status"].to_s == "1")
+        end
+      end
+
+      def message_from(response)
+        (response["error_message"] || response["error"] || response["msg"])
+      end
+
+      def authorization_from(response)
+        response["mihpayid"]
+      end
+
+      def post_data(parameters = {})
+        PostData.new.merge!(parameters).to_post_data
+      end
+
+      def handle_3dsecure(response)
+        Response.new(false, "3D-secure enrolled cards are not supported.")
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/quickpay.rb

@@ -1,371 +1,25 @@
 require 'rexml/document'
 require 'digest/md5'
 
+require 'active_merchant/billing/gateways/quickpay/quickpay_v10'
+require 'active_merchant/billing/gateways/quickpay/quickpay_v4to7'
+
 module ActiveMerchant #:nodoc:
   module Billing #:nodoc:
     class QuickpayGateway < Gateway
-      self.live_url = self.test_url = 'https://secure.quickpay.dk/api'
-
-      self.default_currency = 'DKK'
-      self.money_format = :cents
-      self.supported_cardtypes = [:dankort, :forbrugsforeningen, :visa, :master, :american_express, :diners_club, :jcb, :maestro]
-      self.supported_countries = ['DE', 'DK', 'ES', 'FI', 'FR', 'FO', 'GB', 'IS', 'NO', 'SE']
-      self.homepage_url = 'http://quickpay.net/'
-      self.display_name = 'QuickPay'
-
-      MD5_CHECK_FIELDS = {
-        3 => {
-          :authorize => %w(protocol msgtype merchant ordernumber amount
-                           currency autocapture cardnumber expirationdate
-                           cvd cardtypelock testmode),
-
-          :capture   => %w(protocol msgtype merchant amount finalize transaction),
-
-          :cancel    => %w(protocol msgtype merchant transaction),
-
-          :refund    => %w(protocol msgtype merchant amount transaction),
-
-          :subscribe => %w(protocol msgtype merchant ordernumber cardnumber
-                           expirationdate cvd cardtypelock description testmode),
-
-          :recurring => %w(protocol msgtype merchant ordernumber amount
-                           currency autocapture transaction),
-
-          :status    => %w(protocol msgtype merchant transaction),
-
-          :chstatus  => %w(protocol msgtype merchant)
-        },
-
-        4 => {
-          :authorize => %w(protocol msgtype merchant ordernumber amount
-                           currency autocapture cardnumber expirationdate cvd
-                           cardtypelock testmode fraud_remote_addr
-                           fraud_http_accept fraud_http_accept_language
-                           fraud_http_accept_encoding fraud_http_accept_charset
-                           fraud_http_referer fraud_http_user_agent apikey),
-
-          :capture   => %w(protocol msgtype merchant amount finalize transaction apikey),
-
-          :cancel    => %w(protocol msgtype merchant transaction apikey),
-
-          :refund    => %w(protocol msgtype merchant amount transaction apikey),
-
-          :subscribe => %w(protocol msgtype merchant ordernumber cardnumber
-                           expirationdate cvd cardtypelock description testmode
-                           fraud_remote_addr fraud_http_accept fraud_http_accept_language
-                           fraud_http_accept_encoding fraud_http_accept_charset
-                           fraud_http_referer fraud_http_user_agent apikey),
-
-          :recurring => %w(protocol msgtype merchant ordernumber amount currency
-                           autocapture transaction apikey),
-
-          :status    => %w(protocol msgtype merchant transaction apikey),
-
-          :chstatus  => %w(protocol msgtype merchant apikey)
-        },
-
-        5 => {
-          :authorize => %w(protocol msgtype merchant ordernumber amount
-                           currency autocapture cardnumber expirationdate cvd
-                           cardtypelock testmode fraud_remote_addr
-                           fraud_http_accept fraud_http_accept_language
-                           fraud_http_accept_encoding fraud_http_accept_charset
-                           fraud_http_referer fraud_http_user_agent apikey),
-
-          :capture   => %w(protocol msgtype merchant amount finalize transaction apikey),
-
-          :cancel    => %w(protocol msgtype merchant transaction apikey),
-
-          :refund    => %w(protocol msgtype merchant amount transaction apikey),
-
-          :subscribe => %w(protocol msgtype merchant ordernumber cardnumber
-                           expirationdate cvd cardtypelock description testmode
-                           fraud_remote_addr fraud_http_accept fraud_http_accept_language
-                           fraud_http_accept_encoding fraud_http_accept_charset
-                           fraud_http_referer fraud_http_user_agent apikey),
-
-          :recurring => %w(protocol msgtype merchant ordernumber amount currency
-                           autocapture transaction apikey),
-
-          :status    => %w(protocol msgtype merchant transaction apikey),
-
-          :chstatus  => %w(protocol msgtype merchant apikey)
-        },
-
-        6 => {
-          :authorize => %w(protocol msgtype merchant ordernumber amount
-                           currency autocapture cardnumber expirationdate cvd
-                           cardtypelock testmode fraud_remote_addr
-                           fraud_http_accept fraud_http_accept_language
-                           fraud_http_accept_encoding fraud_http_accept_charset
-                           fraud_http_referer fraud_http_user_agent apikey),
-
-          :capture   => %w(protocol msgtype merchant amount finalize transaction
-                           apikey),
-
-          :cancel    => %w(protocol msgtype merchant transaction apikey),
-
-          :refund    => %w(protocol msgtype merchant amount transaction apikey),
-
-          :subscribe => %w(protocol msgtype merchant ordernumber cardnumber
-                           expirationdate cvd cardtypelock description testmode
-                           fraud_remote_addr fraud_http_accept fraud_http_accept_language
-                           fraud_http_accept_encoding fraud_http_accept_charset
-                           fraud_http_referer fraud_http_user_agent apikey),
-
-          :recurring => %w(protocol msgtype merchant ordernumber amount currency
-                           autocapture transaction apikey),
-
-          :status    => %w(protocol msgtype merchant transaction apikey),
-
-          :chstatus  => %w(protocol msgtype merchant apikey)
-        },
-
-        7 => {
-          :authorize => %w(protocol msgtype merchant ordernumber amount
-                           currency autocapture cardnumber expirationdate cvd
-                           acquirers cardtypelock testmode fraud_remote_addr
-                           fraud_http_accept fraud_http_accept_language
-                           fraud_http_accept_encoding fraud_http_accept_charset
-                           fraud_http_referer fraud_http_user_agent apikey),
-
-          :capture   => %w(protocol msgtype merchant amount finalize transaction
-                           apikey),
-
-          :cancel    => %w(protocol msgtype merchant transaction apikey),
-
-          :refund    => %w(protocol msgtype merchant amount transaction apikey),
-
-          :subscribe => %w(protocol msgtype merchant ordernumber amount currency
-                           cardnumber expirationdate cvd acquirers cardtypelock
-                           description testmode fraud_remote_addr fraud_http_accept
-                           fraud_http_accept_language fraud_http_accept_encoding
-                           fraud_http_accept_charset fraud_http_referer
-                           fraud_http_user_agent apikey),
-
-          :recurring => %w(protocol msgtype merchant ordernumber amount currency
-                           autocapture transaction apikey),
-
-          :status    => %w(protocol msgtype merchant transaction apikey),
-
-          :chstatus  => %w(protocol msgtype merchant apikey)
-        }
-      }
-
-      APPROVED = '000'
-
-      # The login is the QuickpayId
-      # The password is the md5checkword from the Quickpay manager
-      # To use the API-key from the Quickpay manager, specify :api-key
-      # Using the API-key, requires that you use version 4+. Specify :version => 4/5/6/7 in options.
-      def initialize(options = {})
-        requires!(options, :login, :password)
-        @protocol = options.delete(:version) || 7 # default to protocol version 7
-        super
-      end
-
-      def authorize(money, credit_card_or_reference, options = {})
-        post = {}
-
-        action = recurring_or_authorize(credit_card_or_reference)
-
-        add_amount(post, money, options)
-        add_invoice(post, options)
-        add_creditcard_or_reference(post, credit_card_or_reference, options)
-        add_autocapture(post, false)
-        add_fraud_parameters(post, options) if action.eql?(:authorize)
-        add_testmode(post)
-
-        commit(action, post)
-      end
-
-      def purchase(money, credit_card_or_reference, options = {})
-        post = {}
-
-        action = recurring_or_authorize(credit_card_or_reference)
-
-        add_amount(post, money, options)
-        add_creditcard_or_reference(post, credit_card_or_reference, options)
-        add_invoice(post, options)
-        add_fraud_parameters(post, options) if action.eql?(:authorize)
-        add_autocapture(post, true)
-
-        commit(action, post)
-      end
-
-      def capture(money, authorization, options = {})
-        post = {}
-
-        add_finalize(post, options)
-        add_reference(post, authorization)
-        add_amount_without_currency(post, money)
-        commit(:capture, post)
-      end
-
-      def void(identification, options = {})
-        post = {}
-
-        add_reference(post, identification)
+      self.abstract_class = true
 
-        commit(:cancel, post)
-      end
-
-      def refund(money, identification, options = {})
-        post = {}
-
-        add_amount_without_currency(post, money)
-        add_reference(post, identification)
-
-        commit(:refund, post)
-      end
-
-      def credit(money, identification, options = {})
-        ActiveMerchant.deprecated CREDIT_DEPRECATION_MESSAGE
-        refund(money, identification, options)
-      end
-
-      def store(creditcard, options = {})
-        post = {}
-
-        add_creditcard(post, creditcard, options)
-        add_amount(post, 0, options) if @protocol >= 7
-        add_invoice(post, options)
-        add_description(post, options)
-        add_fraud_parameters(post, options)
-        add_testmode(post)
-
-        commit(:subscribe, post)
-      end
-
-      private
-
-      def add_amount(post, money, options = {})
-        post[:amount]   = amount(money)
-        post[:currency] = options[:currency] || currency(money)
-      end
-
-      def add_amount_without_currency(post, money, options = {})
-        post[:amount] = amount(money)
-      end
-
-      def add_invoice(post, options)
-        post[:ordernumber] = format_order_number(options[:order_id])
-      end
-
-      def add_creditcard(post, credit_card, options)
-        post[:cardnumber]     = credit_card.number
-        post[:cvd]            = credit_card.verification_value
-        post[:expirationdate] = expdate(credit_card)
-        post[:cardtypelock]   = options[:cardtypelock] unless options[:cardtypelock].blank?
-        post[:acquirers]      = options[:acquirers] unless options[:acquirers].blank?
-      end
-
-      def add_reference(post, identification)
-        post[:transaction] = identification
-      end
+      def self.new(options = {})
+        options.fetch(:login) rescue raise ArgumentError.new("Missing required parameter: login")
 
-      def add_creditcard_or_reference(post, credit_card_or_reference, options)
-        if credit_card_or_reference.is_a?(String)
-          add_reference(post, credit_card_or_reference)
+        version = options[:login].to_i < 10000000 ? 10 : 7
+        if version <= 7
+          QuickpayV4to7Gateway.new(options)
         else
-          add_creditcard(post, credit_card_or_reference, options)
-        end
-      end
-
-      def add_autocapture(post, autocapture)
-        post[:autocapture] = autocapture ? 1 : 0
-      end
-
-      def recurring_or_authorize(credit_card_or_reference)
-        credit_card_or_reference.is_a?(String) ? :recurring : :authorize
-      end
-
-      def add_description(post, options)
-        post[:description] = options[:description]
-      end
-
-      def add_testmode(post)
-        return if post[:transaction].present?
-        post[:testmode] = test? ? '1' : '0'
-      end
-
-      def add_fraud_parameters(post, options)
-        if @protocol >= 4
-          post[:fraud_remote_addr] = options[:ip] if options[:ip]
-          post[:fraud_http_accept] = options[:fraud_http_accept] if options[:fraud_http_accept]
-          post[:fraud_http_accept_language] = options[:fraud_http_accept_language] if options[:fraud_http_accept_language]
-          post[:fraud_http_accept_encoding] = options[:fraud_http_accept_encoding] if options[:fraud_http_accept_encoding]
-          post[:fraud_http_accept_charset] = options[:fraud_http_accept_charset] if options[:fraud_http_accept_charset]
-          post[:fraud_http_referer] = options[:fraud_http_referer] if options[:fraud_http_referer]
-          post[:fraud_http_user_agent] = options[:fraud_http_user_agent] if options[:fraud_http_user_agent]
-        end
-      end
-
-      def add_finalize(post, options)
-        post[:finalize] = options[:finalize] ? '1' : '0'
-      end
-
-      def commit(action, params)
-        response = parse(ssl_post(self.live_url, post_data(action, params)))
-
-        Response.new(successful?(response), message_from(response), response,
-          :test => test?,
-          :authorization => response[:transaction]
-        )
-      end
-
-      def successful?(response)
-        response[:qpstat] == APPROVED
-      end
-
-      def parse(data)
-        response = {}
-
-        doc = REXML::Document.new(data)
-
-        doc.root.elements.each do |element|
-          response[element.name.to_sym] = element.text
+          QuickpayV10Gateway.new(options)     
         end
-
-        response
-      end
-
-      def message_from(response)
-        response[:qpstatmsg].to_s
-      end
-
-      def post_data(action, params = {})
-        params[:protocol] = @protocol
-        params[:msgtype]  = action.to_s
-        params[:merchant] = @options[:login]
-        params[:apikey] = @options[:apikey] if @options[:apikey]
-        params[:md5check] = generate_check_hash(action, params)
-
-        params.collect { |key, value| "#{key}=#{CGI.escape(value.to_s)}" }.join("&")
-      end
-
-      def generate_check_hash(action, params)
-        string = MD5_CHECK_FIELDS[@protocol][action].collect do |key|
-          params[key.to_sym]
-        end.join('')
-
-        # Add the md5checkword
-        string << @options[:password].to_s
-
-        Digest::MD5.hexdigest(string)
-      end
-
-      def expdate(credit_card)
-        year  = format(credit_card.year, :two_digits)
-        month = format(credit_card.month, :two_digits)
-
-        "#{year}#{month}"
-      end
-
-      # Limited to 20 digits max
-      def format_order_number(number)
-        number.to_s.gsub(/[^\w]/, '').rjust(4, "0")[0...20]
       end
+      
     end
   end
 end