activemerchant 1.52.0 → 1.53.0

data/lib/active_merchant/billing/gateways/ogone.rb

@@ -151,12 +151,13 @@ module ActiveMerchant #:nodoc:
       # Verify and reserve the specified amount on the account, without actually doing the transaction.
       def authorize(money, payment_source, options = {})
         post = {}
+        action = (payment_source.brand == "mastercard") ? "PAU" : "RES"
         add_invoice(post, options)
         add_payment_source(post, payment_source, options)
         add_address(post, payment_source, options)
         add_customer_data(post, options)
         add_money(post, money, options)
-        commit('RES', post)
+        commit(action, post)
       end
 
       # Verify and transfer the specified amount.
@@ -213,6 +214,18 @@ module ActiveMerchant #:nodoc:
         response
       end
 
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+        gsub(%r((Authorization: Basic )\w+), '\1[FILTERED]').
+        gsub(%r((&?cardno=)[^&]*)i, '\1[FILTERED]').
+        gsub(%r((&?cvc=)[^&]*)i, '\1[FILTERED]').
+        gsub(%r((&?pswd=)[^&]*)i, '\1[FILTERED]')
+      end
+
       private
 
       def reference_from(authorization)
@@ -272,6 +285,8 @@ module ActiveMerchant #:nodoc:
         add_pair post, 'ACCEPTURL',       options[:accept_url]      if options[:accept_url]
         add_pair post, 'DECLINEURL',      options[:decline_url]     if options[:decline_url]
         add_pair post, 'EXCEPTIONURL',    options[:exception_url]   if options[:exception_url]
+        add_pair post, 'CANCELURL',       options[:cancel_url]      if options[:cancel_url]
+        add_pair post, 'PARAMVAR',        options[:paramvar]       if options[:paramvar]
         add_pair post, 'PARAMPLUS',       options[:paramplus]       if options[:paramplus]
         add_pair post, 'COMPLUS',         options[:complus]         if options[:complus]
         add_pair post, 'LANGUAGE',        options[:language]        if options[:language]
@@ -391,23 +406,43 @@ module ActiveMerchant #:nodoc:
            return
         end
 
-        sha_encryptor = case @options[:signature_encryptor]
-                        when 'sha256'
-                          Digest::SHA256
-                        when 'sha512'
-                          Digest::SHA512
-                        else
-                          Digest::SHA1
-                        end
-
-        string_to_digest = if @options[:signature_encryptor]
-          parameters.sort { |a, b| a[0].upcase <=> b[0].upcase }.map { |k, v| "#{k.upcase}=#{v}" }.join(@options[:signature])
+        add_pair parameters, 'SHASign', calculate_signature(parameters, @options[:signature_encryptor], @options[:signature])
+      end
+
+      def calculate_signature(signed_parameters, algorithm, secret)
+        return legacy_calculate_signature(signed_parameters, secret) unless algorithm
+
+        sha_encryptor = case algorithm
+        when 'sha256'
+          Digest::SHA256
+        when 'sha512'
+          Digest::SHA512
+        when 'sha1'
+          Digest::SHA1
         else
-          %w[orderID amount currency CARDNO PSPID Operation ALIAS].map { |key| parameters[key] }.join
+          raise "Unknown signature algorithm #{algorithm}"
         end
-        string_to_digest << @options[:signature]
 
-        add_pair parameters, 'SHASign', sha_encryptor.hexdigest(string_to_digest).upcase
+        sha_encryptor.hexdigest(
+          signed_parameters.sort_by{|k,v| k.upcase}.map{|k, v| "#{k.upcase}=#{v}#{secret}"}.join("")
+        ).upcase
+      end
+
+      def legacy_calculate_signature(parameters, secret)
+        Digest::SHA1.hexdigest(
+          (
+            %w(
+              orderID
+              amount
+              currency
+              CARDNO
+              PSPID
+              Operation
+              ALIAS
+            ).map{|key| parameters[key]} +
+            [secret]
+          ).join("")
+        ).upcase
       end
 
       def add_pair(post, key, value)

data/lib/active_merchant/billing/gateways/openpay.rb

@@ -83,6 +83,16 @@ module ActiveMerchant #:nodoc:
         end
       end
 
+      def supports_scrubbing
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((Authorization: Basic )\w+), '\1[FILTERED]').
+          gsub(%r((card_number\\?":\\?")[^"\\]*)i, '\1[FILTERED]').
+          gsub(%r((cvv2\\?":\\?")[^"\\]*)i, '\1[FILTERED]')
+      end
       private
 
       def create_post_for_auth_or_purchase(money, creditcard, options)
@@ -191,4 +201,3 @@ module ActiveMerchant #:nodoc:
     end
   end
 end
-

data/lib/active_merchant/billing/gateways/pac_net_raven.rb

@@ -25,15 +25,15 @@ module ActiveMerchant #:nodoc:
         'cvv2_not_checked' => 'X'
       }
 
-      self.test_url = 'https://demo.deepcovelabs.com/realtime/'
-      self.live_url = 'https://raven.pacnetservices.com/realtime/'
+      self.test_url = 'https://raven.deepcovelabs.com/realtime/'
+      self.live_url = 'https://raven.deepcovelabs.com/realtime/'
 
       self.supported_countries = ['US']
       self.supported_cardtypes = [:visa, :master]
       self.money_format = :cents
       self.default_currency = 'USD'
-      self.homepage_url = 'http://www.pacnetservices.com/'
-      self.display_name = 'Raven PacNet'
+      self.homepage_url = 'http://www.deepcovelabs.com/raven'
+      self.display_name = 'Raven'
 
       def initialize(options = {})
         requires!(options, :user, :secret, :prn)
@@ -63,7 +63,7 @@ module ActiveMerchant #:nodoc:
       def void(authorization, options = {})
         post = {}
         post['TrackingNumber'] = authorization
-        post['PymtType'] = options[:pymt_type] || 'cc_debit'
+        post['PymtType'] = options[:pymt_type]
 
         commit('void', nil, post)
       end

data/lib/active_merchant/billing/gateways/payment_express.rb

@@ -122,6 +122,17 @@ module ActiveMerchant #:nodoc:
         commit(:validate, request)
       end
 
+      def supports_scrubbing
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((Authorization: Basic )\w+), '\1[FILTERED]').
+          gsub(%r((<CardNumber>)\d+(</CardNumber>)), '\1[FILTERED]\2').
+          gsub(%r((<Cvc2>)\d+(</Cvc2>)), '\1[FILTERED]\2')
+      end
+
       private
 
       def use_custom_payment_token?

data/lib/active_merchant/billing/gateways/paymill.rb

@@ -51,6 +51,17 @@ module ActiveMerchant #:nodoc:
         save_card(credit_card)
       end
 
+      def supports_scrubbing
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((Authorization: Basic )\w+), '\1[FILTERED]').
+          gsub(/(account.number=)(\d*)/, '\1[FILTERED]').
+          gsub(/(account.verification=)(\d*)/, '\1[FILTERED]')
+      end
+
       private
 
       def add_credit_card(post, credit_card)

data/lib/active_merchant/billing/gateways/paypal/paypal_common_api.rb

@@ -4,7 +4,7 @@ module ActiveMerchant #:nodoc:
     module PaypalCommonAPI
       include Empty
 
-      API_VERSION = '72'
+      API_VERSION = '124'
 
       URLS = {
         :test => { :certificate => 'https://api.sandbox.paypal.com/2.0/',

data/lib/active_merchant/billing/gateways/paystation.rb

@@ -102,9 +102,9 @@ module ActiveMerchant #:nodoc:
         end
 
         def add_invoice(post, options)
-          post[:ms] = options[:order_id] || generate_unique_id
-          post[:mo] = options[:invoice]
-          post[:mr] = options[:description]
+          post[:ms] = generate_unique_id
+          post[:mo] = options[:description]
+          post[:mr] = options[:order_id]
         end
 
         def add_credit_card(post, credit_card)
@@ -192,4 +192,3 @@ module ActiveMerchant #:nodoc:
     end
   end
 end
-

data/lib/active_merchant/billing/gateways/pin.rb

@@ -75,6 +75,16 @@ module ActiveMerchant #:nodoc:
         commit(:put, "customers/#{CGI.escape(token)}", post, options)
       end
 
+      def supports_scrubbing
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((Authorization: Basic )\w+), '\1[FILTERED]').
+          gsub(/(number\\?":\\?")(\d*)/, '\1[FILTERED]').
+          gsub(/(cvc\\?":\\?")(\d*)/, '\1[FILTERED]')
+      end
       private
 
       def add_amount(post, money, options)

data/lib/active_merchant/billing/gateways/quickpay/quickpay_v10.rb

@@ -6,25 +6,29 @@ module ActiveMerchant
     class QuickpayV10Gateway < Gateway
       include QuickpayCommon
       API_VERSION = 10
-      
+
       self.live_url = self.test_url = 'https://api.quickpay.net'
-      
+
       def initialize(options = {})
         requires!(options, :api_key)
         super
       end
-      
+
       def purchase(money, credit_card, options = {})
         MultiResponse.run(true) do |r|
           r.process { create_payment(money, options) }
           r.process {
             post = authorization_params(money, credit_card, options)
-            add_autocapture(post, true)
+            add_autocapture(post, false)
             commit(synchronized_path("/payments/#{r.authorization}/authorize"), post)
           }
+          r.process {
+            post = capture_params(money, credit_card, options)
+            commit(synchronized_path("/payments/#{r.authorization}/capture"), post)
+          }
         end
       end
-      
+
       def authorize(money, credit_card, options = {})
         MultiResponse.run(true) do |r|
           r.process { create_payment(money, options) }
@@ -34,8 +38,8 @@ module ActiveMerchant
           }
         end
       end
-      
-      def void(identification)
+
+      def void(identification, _options = {})
         commit(synchronized_path "/payments/#{identification}/cancel")
       end
 
@@ -45,9 +49,7 @@ module ActiveMerchant
       end
 
       def capture(money, identification, options = {})
-        post = {}
-        add_amount(post, money, options)
-        add_additional_params(:capture, post, options)
+        post = capture_params(money, identification, options)
         commit(synchronized_path("/payments/#{identification}/capture"), post)
       end
 
@@ -57,47 +59,78 @@ module ActiveMerchant
         add_additional_params(:refund, post, options)
         commit(synchronized_path("/payments/#{identification}/refund"), post)
       end
-      
+
+      def verify(credit_card, options={})
+        MultiResponse.run(:use_first_response) do |r|
+          r.process { authorize(100, credit_card, options) }
+          r.process(:ignore_result) { void(r.authorization, options) }
+        end
+      end
+
       def store(credit_card, options = {})
-        MultiResponse.run(true) do |r|  
+        MultiResponse.run(true) do |r|
           r.process { create_subscription(options) }
-          r.process { 
-            authorize_subscription(r.authorization, credit_card, options) 
+          r.process {
+            authorize_subscription(r.authorization, credit_card, options)
           }
         end
       end
-      
+
       def unstore(identification)
         commit(synchronized_path "/subscriptions/#{identification}/cancel")
       end
-      
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((Authorization: Basic )\w+), '\1[FILTERED]').
+          gsub(%r(("card\\?":{\\?"number\\?":\\?")\d+), '\1[FILTERED]').
+          gsub(%r(("cvd\\?":\\?")\d+), '\1[FILTERED]')
+      end
+
       private
-        
+
         def authorization_params(money, credit_card, options = {})
           post = {}
-          
+
           add_amount(post, money, options)
           add_credit_card(post, credit_card)
           add_additional_params(:authorize, post, options)
-          
+
+          post
+        end
+
+        def capture_params(money, credit_card, options = {})
+          post = {}
+
+          add_amount(post, money, options)
+          add_additional_params(:capture, post, options)
+
           post
         end
-                
+
         def create_subscription(options = {})
-          post = {}  
-          
+          requires!(options, :currency)
+          post = {}
+
+          add_currency(post, nil, options)
           add_subscription_invoice(post, options)
           commit('/subscriptions', post)
         end
-        
+
         def authorize_subscription(identification, credit_card, options = {})
+          requires!(options, :amount)
           post = {}
-          
+
+          add_amount(post, nil, options)
           add_credit_card(post, credit_card, options)
           add_additional_params(:authorize_subscription, post, options)
           commit(synchronized_path("/subscriptions/#{identification}/authorize"), post)
         end
-        
+
         def create_payment(money, options = {})
           post = {}
           add_currency(post, money, options)
@@ -106,7 +139,7 @@ module ActiveMerchant
         end
 
         def commit(action, params = {})
-          success = false          
+          success = false
           begin
             response = parse(ssl_post(self.live_url + action, params.to_json, headers))
             success = successful?(response)
@@ -115,59 +148,59 @@ module ActiveMerchant
           rescue JSON::ParserError
             response = json_error(response)
           end
-                    
+
           Response.new(success, message_from(success, response), response,
             :test => test?,
             :authorization => response['id']
           )
         end
-        
+
         def add_subscription_invoice(post, options = {})
-          requires!(options, :order_id, :description)  
+          requires!(options, :order_id, :description)
           post[:order_id]    = options[:order_id]
           post[:description] = options[:description]
         end
-        
+
         def add_currency(post, money, options)
           post[:currency] = options[:currency] || currency(money)
         end
-        
+
         def add_amount(post, money, options)
-          post[:amount] = amount(money)
+          post[:amount] = options[:amount] || amount(money)
         end
-        
+
         def add_autocapture(post, value)
-          post[:auto_capture] = value  
+          post[:auto_capture] = value
         end
-        
+
         def add_order_id(post, options)
-          requires!(options, :order_id)  
-          post[:order_id] = options[:order_id]
+          requires!(options, :order_id)
+          post[:order_id] = format_order_id(options[:order_id])
         end
-        
+
         def add_invoice(post, options)
-          add_order_id(post, options)          
-          
+          add_order_id(post, options)
+
           if options[:billing_address]
             post[:invoice_address]  = map_address(options[:billing_address])
           end
-          
+
           if options[:shipping_address]
             post[:shipping_address] = map_address(options[:shipping_address])
           end
-          
+
           [:metadata, :brading_id, :variables].each do |field|
             post[field] = options[field] if options[field]
           end
         end
-        
+
         def add_additional_params(action, post, options = {})
           MD5_CHECK_FIELDS[API_VERSION][action].each do |key|
             key       = key.to_sym
             post[key] = options[key] if options[key]
           end
         end
-        
+
         def add_credit_card(post, credit_card, options = {})
           post[:card]             ||= {}
           post[:card][:number]     = credit_card.number
@@ -175,36 +208,52 @@ module ActiveMerchant
           post[:card][:expiration] = expdate(credit_card)
           post[:card][:issued_to]  = credit_card.name
         end
-          
+
         def parse(body)
           JSON.parse(body)
         end
-        
+
         def successful?(response)
           has_error    = response['errors']
-          invalid_code = (response.key?('qp_status_code') and response['qp_status_code'] != "20000")
-          
+          invalid_code = invalid_operation_code?(response)
+
           !(has_error || invalid_code)
         end
-                         
+
         def message_from(success, response)
-          success ? 'OK' : (response['message'] || response['qp_status_msg'])
+          success ? 'OK' : (response['message'] || invalid_operation_message(response) || "Unknown error - please contact QuickPay")
+        end
+
+        def invalid_operation_code?(response)
+          if response['operations']
+            operation = response['operations'].last
+            operation && operation['qp_status_code'] != "20000"
+          end
+        end
+
+        def invalid_operation_message(response)
+          response['operations'] && response['operations'].last['qp_status_msg']
         end
-        
+
         def map_address(address)
           return {} if address.nil?
           requires!(address, :name, :address1, :city, :zip, :country)
+          country = Country.find(address[:country])
           mapped = {
             :name         => address[:name],
             :street       => address[:address1],
             :city         => address[:city],
             :region       => address[:address2],
             :zip_code     => address[:zip],
-            :country_code => address[:country]
+            :country_code => country.code(:alpha3).value
           }
           mapped
         end
 
+        def format_order_id(order_id)
+          order_id.to_s.gsub(/#/, '')
+        end
+
         def headers
           auth = Base64.strict_encode64(":#{@options[:api_key]}")
           {
@@ -215,7 +264,7 @@ module ActiveMerchant
             "Content-Type"   => "application/json"
           }
         end
-        
+
         def response_error(raw_response)
           begin
             parse(raw_response)
@@ -229,12 +278,12 @@ module ActiveMerchant
           msg += "  (The raw response returned by the API was #{raw_response.inspect})"
           { "message" => msg }
         end
-        
+
         def synchronized_path(path)
           "#{path}?synchronized"
         end
-        
+
     end
-    
+
   end
-end
+end