activemerchant 1.50.0 → 1.51.0

data/lib/active_merchant/billing/gateways/banwire.rb

@@ -35,11 +35,11 @@ module ActiveMerchant #:nodoc:
       def add_customer_data(post, options)
         post[:user] = @options[:login]
         post[:phone] = options[:billing_address][:phone]
-        post[:mail] = options[:email]
+        post[:mail] = options[:email] || "unspecified@email.com"
       end
 
       def add_order_data(post, options)
-        post[:reference] = options[:order_id]
+        post[:reference] = options[:order_id] || generate_unique_id
         post[:concept] = options[:description]
       end
 

data/lib/active_merchant/billing/gateways/braintree_blue.rb

@@ -169,6 +169,10 @@ module ActiveMerchant #:nodoc:
       end
       alias_method :delete, :unstore
 
+      def supports_network_tokenization?
+        true
+      end
+
       private
 
       def check_customer_exists(customer_vault_id)

data/lib/active_merchant/billing/gateways/card_stream.rb

@@ -109,6 +109,24 @@ module ActiveMerchant #:nodoc:
         commit('REFUND', post)
       end
 
+      def verify(creditcard, options={})
+        MultiResponse.run(:use_first_response) do |r|
+          r.process { authorize(100, creditcard, options) }
+          r.process(:ignore_result) { void(r.authorization, options) }
+        end
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((Authorization: Basic )\w+), '\1[FILTERED]').
+          gsub(%r((cardNumber=)\d+), '\1[FILTERED]').
+          gsub(%r((CVV=)\d+), '\1[FILTERED]')
+      end
+
       private
 
       def add_amount(post, money, options)

data/lib/active_merchant/billing/gateways/cenpos.rb

@@ -49,6 +49,7 @@ module ActiveMerchant #:nodoc:
         post = {}
         add_void_required_elements(post)
         add_reference(post, authorization)
+        add_remembered_amount(post, authorization)
         add_tax(post, options)
 
         commit("Void", post)
@@ -130,10 +131,13 @@ module ActiveMerchant #:nodoc:
       end
 
       def add_reference(post, authorization)
-        reference_number, last_four_digits, original_amount = split_authorization(authorization)
+        reference_number, last_four_digits = split_authorization(authorization)
         post[:ReferenceNumber] = reference_number
         post[:CardLastFourDigits] = last_four_digits
-        post[:Amount] = original_amount
+      end
+
+      def add_remembered_amount(post, authorization)
+        post[:Amount] = split_authorization(authorization).last
       end
 
       def commit(action, post)

data/lib/active_merchant/billing/gateways/checkout.rb

@@ -31,12 +31,10 @@ module ActiveMerchant #:nodoc:
       end
 
       def purchase(amount, payment_method, options)
-        requires!(options, :order_id)
-
         commit('purchase', amount, options) do |xml|
           add_credentials(xml, options)
           add_invoice(xml, amount, options)
-          add_track_id(xml, options[:order_id])
+          add_track_id(xml, options[:order_id] || generate_unique_id)
           add_payment_method(xml, payment_method)
           add_billing_info(xml, options)
           add_shipping_info(xml, options)
@@ -46,12 +44,10 @@ module ActiveMerchant #:nodoc:
       end
 
       def authorize(amount, payment_method, options)
-        requires!(options, :order_id)
-
         commit('authorize', amount, options) do |xml|
           add_credentials(xml, options)
           add_invoice(xml, amount, options)
-          add_track_id(xml, options[:order_id])
+          add_track_id(xml, options[:order_id] || generate_unique_id)
           add_payment_method(xml, payment_method)
           add_billing_info(xml, options)
           add_shipping_info(xml, options)
@@ -151,6 +147,8 @@ module ActiveMerchant #:nodoc:
         xml.bill_email_   options[:email]
         xml.bill_customerip_ options[:ip]
         xml.merchantcustomerid_ options[:customer]
+        xml.descriptor_name options[:descriptor_name]
+        xml.descriptor_city options[:descriptor_city]
       end
 
       def add_reference(xml, authorization)

data/lib/active_merchant/billing/gateways/checkout_v2.rb

@@ -0,0 +1,200 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class CheckoutV2Gateway < Gateway
+      self.display_name = "Checkout.com V2 Gateway"
+      self.homepage_url = "https://www.checkout.com/"
+      self.test_url = "https://api2.checkout.com/v2"
+      self.live_url = "http://sandbox.checkout.com/api2/v2"
+
+      self.supported_countries = ['AT', 'BE', 'BG', 'CY', 'CZ', 'DE', 'DK', 'EE', 'ES', 'FI', 'FR', 'GR', 'HR', 'HU', 'IE', 'IS', 'IT', 'LI', 'LT', 'LU', 'LV', 'MT', 'MU', 'NL', 'NO', 'PL', 'PT', 'RO', 'SE', 'SI', 'SK', 'US']
+      self.default_currency = "USD"
+      self.money_format = :cents
+      self.supported_cardtypes = [:visa, :master, :american_express, :diners_club]
+
+      def initialize(options={})
+        requires!(options, :secret_key)
+        super
+      end
+
+      def purchase(amount, payment_method, options={})
+        MultiResponse.run do |r|
+          r.process { authorize(amount, payment_method, options) }
+          r.process { capture(amount, r.authorization, options) }
+        end
+      end
+
+      def authorize(amount, payment_method, options={})
+        post = {}
+        post[:autoCapture] = "n"
+        add_invoice(post, amount, options)
+        add_payment_method(post, payment_method)
+        add_customer_data(post, options)
+
+        commit(:authorize, post)
+      end
+
+      def capture(amount, authorization, options={})
+        post = {}
+        add_invoice(post, amount, options)
+        add_customer_data(post, options)
+
+        commit(:capture, post, authorization)
+      end
+
+      def void(authorization, options={})
+        post = {}
+        commit(:void, post, authorization)
+      end
+
+      def refund(amount, authorization, options={})
+        post = {}
+        add_invoice(post, amount, options)
+        add_customer_data(post, options)
+
+        commit(:refund, post, authorization)
+      end
+
+      def verify(credit_card, options={})
+        MultiResponse.run(:use_first_response) do |r|
+          r.process { authorize(100, credit_card, options) }
+          r.process(:ignore_result) { void(r.authorization, options) }
+        end
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((Authorization: )[^\\]*)i, '\1[FILTERED]').
+          gsub(%r(("number\\":\\")\d+), '\1[FILTERED]').
+          gsub(%r(("cvv\\":\\")\d+), '\1[FILTERED]')
+      end
+
+      private
+
+      def add_invoice(post, money, options)
+        post[:value] = amount(money)
+        post[:trackId] = options[:order_id]
+        post[:currency] = options[:currency] || currency(money)
+      end
+
+      def add_payment_method(post, payment_method)
+        post[:card] = {}
+        post[:card][:name] = payment_method.name
+        post[:card][:number] = payment_method.number
+        post[:card][:cvv] = payment_method.verification_value
+        post[:card][:expiryYear] = format(payment_method.year, :four_digits)
+        post[:card][:expiryMonth] = format(payment_method.month, :two_digits)
+      end
+
+      def add_customer_data(post, options)
+        post[:email] = options[:email] || "unspecified@example.com"
+        address = options[:billing_address]
+        if(address && post[:card])
+          post[:card][:billingDetails] = {}
+          post[:card][:billingDetails][:address1] = address[:address1]
+          post[:card][:billingDetails][:address2] = address[:address2]
+          post[:card][:billingDetails][:city] = address[:city]
+          post[:card][:billingDetails][:state] = address[:state]
+          post[:card][:billingDetails][:country] = address[:country]
+          post[:card][:billingDetails][:postcode] = address[:zip]
+          post[:card][:billingDetails][:phone] = { number: address[:phone] }
+        end
+      end
+
+      def commit(action, post, authorization = nil)
+        begin
+          raw_response = ssl_post(url(post, action, authorization), post.to_json, headers)
+          response = parse(raw_response)
+        rescue ResponseError => e
+          raise unless(e.response.code.to_s =~ /4\d\d/)
+          response = parse(e.response.body)
+        end
+
+        succeeded = success_from(response)
+        Response.new(
+          succeeded,
+          message_from(succeeded, response),
+          response,
+          authorization: authorization_from(response),
+          error_code: error_code_from(succeeded, response),
+          test: test?,
+          avs_result: avs_result(action, response),
+          cvv_result: cvv_result(action, response))
+      end
+
+      def headers
+        {
+          "Authorization" => @options[:secret_key],
+          "Content-Type"  => "application/json;charset=UTF-8"
+        }
+      end
+
+      def url(post, action, authorization)
+        if action == :authorize
+          "#{base_url}/charges/card"
+        else
+          "#{base_url}/charges/#{authorization}/#{action}"
+        end
+      end
+
+      def base_url
+        test? ? test_url : live_url
+      end
+
+      def avs_result(action, response)
+        action == :purchase ? AVSResult.new(code: response["card"]["avsCheck"]) : nil
+      end
+
+      def cvv_result(action, response)
+        action == :purchase ? CVVResult.new(response["card"]["cvvCheck"]) : nil
+      end
+
+      def parse(body)
+        JSON.parse(body)
+        rescue JSON::ParserError
+          {
+            "message" => "Invalid JSON response received from CheckoutV2Gateway. Please contact CheckoutV2Gateway if you continue to receive this message.",
+            "raw_response" => scrub(body)
+          }
+      end
+
+      def success_from(response)
+        response["responseCode"] == ("10000" || "10100")
+      end
+
+      def message_from(succeeded, response)
+        if succeeded
+          "Succeeded"
+        elsif response["errors"]
+          response["message"] + ": " + response["errors"].first
+        else
+          response["responseMessage"] || response["message"] || "Unable to read error message"
+        end
+      end
+
+      STANDARD_ERROR_CODE_MAPPING = {
+        "20014" => STANDARD_ERROR_CODE[:invalid_number],
+        "20100" => STANDARD_ERROR_CODE[:invalid_expiry_date],
+        "20054" => STANDARD_ERROR_CODE[:expired_card],
+        "40104" => STANDARD_ERROR_CODE[:incorrect_cvc],
+        "40108" => STANDARD_ERROR_CODE[:incorrect_zip],
+        "40111" => STANDARD_ERROR_CODE[:incorrect_address],
+        "20005" => STANDARD_ERROR_CODE[:card_declined],
+        "20088" => STANDARD_ERROR_CODE[:processing_error],
+        "20001" => STANDARD_ERROR_CODE[:call_issuer],
+        "30004" => STANDARD_ERROR_CODE[:pickup_card]
+      }
+
+      def authorization_from(raw)
+        raw["id"]
+      end
+
+      def error_code_from(succeeded, response)
+        succeeded ? nil : STANDARD_ERROR_CODE_MAPPING[response["responseCode"]]
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/cyber_source.rb

@@ -27,7 +27,7 @@ module ActiveMerchant #:nodoc:
     # * To process pinless debit cards through the pinless debit card
     #   network, your Cybersource merchant account must accept pinless
     #   debit card payments.
-    # * The order of the XML elements does matter, make sure to follow the order in 
+    # * The order of the XML elements does matter, make sure to follow the order in
     #   the documentation exactly.
     class CyberSourceGateway < Gateway
       self.test_url = 'https://ics2wstest.ic3.com/commerce/1.x/transactionProcessor'
@@ -231,6 +231,24 @@ module ActiveMerchant #:nodoc:
         commit(build_validate_pinless_debit_request(creditcard,options), options)
       end
 
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((<wsse:Password [^>]*>)[^<]*(</wsse:Password>))i, '\1[FILTERED]\2').
+          gsub(%r((<accountNumber>)[^<]*(</accountNumber>))i, '\1[FILTERED]\2').
+          gsub(%r((<cvNumber>)[^<]*(</cvNumber>))i, '\1[FILTERED]\2').
+          gsub(%r((<cavv>)[^<]*(</cavv>))i, '\1[FILTERED]\2').
+          gsub(%r((<xid>)[^<]*(</xid>))i, '\1[FILTERED]\2').
+          gsub(%r((<authenticationData>)[^<]*(</authenticationData>))i, '\1[FILTERED]\2')
+      end
+
+      def supports_network_tokenization?
+        true
+      end
+
       private
 
       # Create all address hash key value pairs so that we still function if we

data/lib/active_merchant/billing/gateways/dibs.rb

@@ -108,7 +108,7 @@ module ActiveMerchant #:nodoc:
 
       def add_payment_method(post, payment_method, options)
         post[:cardNumber] = payment_method.number
-        post[:cvc] = payment_method.verification_value
+        post[:cvc] = payment_method.verification_value if payment_method.verification_value
         post[:expYear] = format(payment_method.year, :two_digits)
         post[:expMonth] = payment_method.month
 

data/lib/active_merchant/billing/gateways/epay.rb

@@ -186,7 +186,7 @@ module ActiveMerchant #:nodoc:
         # Authorize gives the response back by redirecting with the values in
         # the URL query
         if location = response['Location']
-          query = CGI::parse(URI.parse(location.gsub(' ', '%20')).query)
+          query = CGI::parse(URI.parse(location.gsub(' ', '%20').gsub('<', '%3C').gsub('>', '%3E')).query)
         else
           return {
             'accept' => '0',

data/lib/active_merchant/billing/gateways/eway_rapid.rb

@@ -7,7 +7,7 @@ module ActiveMerchant #:nodoc:
       self.live_url = "https://api.ewaypayments.com/"
 
       self.money_format = :cents
-      self.supported_countries = ['AU', 'NZ', 'GB', 'SG']
+      self.supported_countries = ['AU', 'NZ', 'GB', 'SG', 'MY', 'HK']
       self.supported_cardtypes = [:visa, :master, :american_express, :diners_club, :jcb]
       self.homepage_url = "http://www.eway.com.au/"
       self.display_name = "eWAY Rapid 3.1"
@@ -42,7 +42,7 @@ module ActiveMerchant #:nodoc:
       #                                      transaction (optional).
       #                  :application_id   - A string identifying the application
       #                                      submitting the transaction
-      #                                      (default: "https://github.com/Shopify/active_merchant")
+      #                                      (default: "https://github.com/activemerchant/active_merchant")
       #
       # Returns an ActiveMerchant::Billing::Response object where authorization is the Transaction ID on success
       def purchase(amount, payment_method, options={})
@@ -99,7 +99,7 @@ module ActiveMerchant #:nodoc:
       #                                      transaction (optional).
       #                  :application_id   - A string identifying the application
       #                                      submitting the transaction
-      #                                      (default: "https://github.com/Shopify/active_merchant")
+      #                                      (default: "https://github.com/activemerchant/active_merchant")
       #
       # Returns an ActiveMerchant::Billing::Response object
       def refund(amount, identification, options = {})
@@ -125,7 +125,7 @@ module ActiveMerchant #:nodoc:
       #                                      transaction (optional).
       #                  :application_id   - A string identifying the application
       #                                      submitting the transaction
-      #                                      (default: "https://github.com/Shopify/active_merchant")
+      #                                      (default: "https://github.com/activemerchant/active_merchant")
       #
       # Returns an ActiveMerchant::Billing::Response object where the authorization is the customer_token on success
       def store(payment_method, options = {})
@@ -155,7 +155,7 @@ module ActiveMerchant #:nodoc:
       #                                      transaction (optional).
       #                  :application_id   - A string identifying the application
       #                                      submitting the transaction
-      #                                      (default: "https://github.com/Shopify/active_merchant")
+      #                                      (default: "https://github.com/activemerchant/active_merchant")
       #
       # Returns an ActiveMerchant::Billing::Response object where the authorization is the customer_token on success
       def update(customer_token, payment_method, options = {})

data/lib/active_merchant/billing/gateways/firstdata_e4.rb

@@ -139,6 +139,10 @@ module ActiveMerchant #:nodoc:
           gsub(%r((<VerificationStr2>).+(</VerificationStr2>)), '\1[FILTERED]\2')
       end
 
+      def supports_network_tokenization?
+        true
+      end
+
       private
 
       def build_request(action, body)
@@ -410,4 +414,3 @@ module ActiveMerchant #:nodoc:
     end
   end
 end
-

data/lib/active_merchant/billing/gateways/garanti.rb

@@ -230,7 +230,7 @@ module ActiveMerchant #:nodoc:
       end
 
       def parse(body)
-        xml = REXML::Document.new(body)
+        xml = REXML::Document.new(strip_invalid_xml_chars(body))
 
         response = {}
         xml.root.elements.to_a.each do |node|
@@ -251,6 +251,10 @@ module ActiveMerchant #:nodoc:
         response[:message] == "Approved"
       end
 
+      def strip_invalid_xml_chars(xml)
+        xml.gsub(/&(?!(?:[a-z]+|#[0-9]+|x[a-zA-Z0-9]+);)/, '&')
+      end
+
     end
   end
 end

data/lib/active_merchant/billing/gateways/iats_payments.rb

@@ -15,7 +15,9 @@ module ActiveMerchant #:nodoc:
 
       ACTIONS = {
         purchase: "ProcessCreditCardV1",
+        purchase_check: "ProcessACHEFTV1",
         refund: "ProcessCreditCardRefundWithTransactionIdV1",
+        refund_check: "ProcessACHEFTRefundWithTransactionIdV1",
         store: "CreateCreditCardCustomerCodeV1",
         unstore: "DeleteCustomerCodeV1"
       }
@@ -40,17 +42,18 @@ module ActiveMerchant #:nodoc:
         add_ip(post, options)
         add_description(post, options)
 
-        commit(:purchase, post)
+        commit((payment.is_a?(Check) ? :purchase_check : :purchase), post)
       end
 
       def refund(money, authorization, options={})
         post = {}
-        post[:transaction_id] = authorization
+        transaction_id, payment_type = split_authorization(authorization)
+        post[:transaction_id] = transaction_id
         add_invoice(post, -money, options)
         add_ip(post, options)
         add_description(post, options)
 
-        commit(:refund, post)
+        commit((payment_type == 'check' ? :refund_check : :refund), post)
       end
 
       def store(credit_card, options = {})
@@ -98,6 +101,14 @@ module ActiveMerchant #:nodoc:
       end
 
       def add_payment(post, payment)
+        if payment.is_a?(Check)
+          add_check(post, payment)
+        else
+          add_credit_card(post, payment)
+        end
+      end
+
+      def add_credit_card(post, payment)
         post[:first_name] = payment.first_name
         post[:last_name] = payment.last_name
         post[:credit_card_num] = payment.number
@@ -106,6 +117,13 @@ module ActiveMerchant #:nodoc:
         post[:mop] = creditcard_brand(payment.brand)
       end
 
+      def add_check(post, payment)
+        post[:first_name] = payment.first_name
+        post[:last_name] = payment.last_name
+        post[:account_num] = "#{payment.routing_number}#{payment.account_number}"
+        post[:account_type] = payment.account_type.upcase
+      end
+
       def add_store_defaults(post)
         post[:recurring] = false
         post[:begin_date] = Time.now.xmlschema
@@ -148,7 +166,9 @@ module ActiveMerchant #:nodoc:
       def endpoints
         {
           purchase: "ProcessLink.asmx",
+          purchase_check: "ProcessLink.asmx",
           refund: "ProcessLink.asmx",
+          refund_check: "ProcessLink.asmx",
           store: "CustomerLink.asmx",
           unstore: "CustomerLink.asmx"
         }
@@ -212,11 +232,17 @@ module ActiveMerchant #:nodoc:
       def authorization_from(action, response)
         if [:store, :unstore].include?(action)
           response[:customercode]
+        elsif [:purchase_check].include?(action)
+          response[:transaction_id] ? "#{response[:transaction_id]}|check" : nil
         else
           response[:transaction_id]
         end
       end
 
+      def split_authorization(authorization)
+        authorization.split("|")
+      end
+
       def envelope_namespaces
         {
           "xmlns:xsi" => "http://www.w3.org/2001/XMLSchema-instance",