activemerchant 1.56.0 → 1.66.0

data/lib/active_merchant/billing/gateways/adyen.rb

@@ -0,0 +1,228 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class AdyenGateway < Gateway
+
+      # we recommend setting up merchant-specific endpoints.
+      # https://docs.adyen.com/developers/api-manual#apiendpoints
+      self.test_url = 'https://pal-test.adyen.com/pal/servlet/Payment/v18'
+      self.live_url = 'https://pal-live.adyen.com/pal/servlet/Payment/v18'
+
+      self.supported_countries = ['AD','AE','AF','AG','AI','AL','AM','AO','AQ','AR','AS','AT','AU','AW','AX','AZ','BA','BB','BD','BE','BF','BG','BH','BI','BJ','BL','BM','BN','BO','BQ','BR','BS','BT','BV','BW','BY','BZ','CA','CC','CD','CF','CG','CH','CI','CK','CL','CM','CN','CO','CR','CU','CV','CW','CX','CY','CZ','DE','DJ','DK','DM','DO','DZ','EC','EE','EG','EH','ER','ES','ET','FI','FJ','FK','FM','FO','FR','GA','GB','GD','GE','GF','GG','GH','GI','GL','GM','GN','GP','GQ','GR','GS','GT','GU','GW','GY','HK','HM','HN','HR','HT','HU','ID','IE','IL','IM','IN','IO','IQ','IR','IS','IT','JE','JM','JO','JP','KE','KG','KH','KI','KM','KN','KP','KR','KW','KY','KZ','LA','LB','LC','LI','LK','LR','LS','LT','LU','LV','LY','MA','MC','MD','ME','MF','MG','MH','MK','ML','MM','MN','MO','MP','MQ','MR','MS','MT','MU','MV','MW','MX','MY','MZ','NA','NC','NE','NF','NG','NI','NL','NO','NP','NR','NU','NZ','OM','PA','PE','PF','PG','PH','PK','PL','PM','PN','PR','PS','PT','PW','PY','QA','RE','RO','RS','RU','RW','SA','SB','SC','SD','SE','SG','SH','SI','SJ','SK','SL','SM','SN','SO','SR','SS','ST','SV','SX','SY','SZ','TC','TD','TF','TG','TH','TJ','TK','TL','TM','TN','TO','TR','TT','TV','TW','TZ','UA','UG','UM','US','UY','UZ','VA','VC','VE','VG','VI','VN','VU','WF','WS','YE','YT','ZA','ZM','ZW']
+      self.default_currency = 'USD'
+      self.supported_cardtypes = [:visa, :master, :american_express, :diners_club, :jcb, :dankort, :maestro,  :discover]
+
+      self.money_format = :cents
+
+      self.homepage_url = 'https://www.adyen.com/'
+      self.display_name = 'Adyen'
+
+      STANDARD_ERROR_CODE_MAPPING = {
+        '101' => STANDARD_ERROR_CODE[:incorrect_number],
+        '103' => STANDARD_ERROR_CODE[:invalid_cvc],
+        '131' => STANDARD_ERROR_CODE[:incorrect_address],
+        '132' => STANDARD_ERROR_CODE[:incorrect_address],
+        '133' => STANDARD_ERROR_CODE[:incorrect_address],
+        '134' => STANDARD_ERROR_CODE[:incorrect_address],
+        '135' => STANDARD_ERROR_CODE[:incorrect_address],
+      }
+
+      def initialize(options={})
+        requires!(options, :username, :password, :merchant_account)
+        @username, @password, @merchant_account = options.values_at(:username, :password, :merchant_account)
+        super
+      end
+
+      def purchase(money, payment, options={})
+        MultiResponse.run do |r|
+          r.process{authorize(money, payment, options)}
+          r.process{capture(money, r.authorization, options)}
+        end
+      end
+
+      def authorize(money, payment, options={})
+        requires!(options, :reference)
+        post = init_post(options)
+        add_invoice(post, money, options)
+        add_payment(post, payment)
+        add_extra_data(post, options)
+        add_address(post, options)
+        commit('authorise', post)
+      end
+
+      def capture(money, authorization, options={})
+        post = init_post(options)
+        add_invoice_for_modification(post, money, authorization, options)
+        add_references(post, authorization, options)
+        commit('capture', post)
+      end
+
+      def refund(money, authorization, options={})
+        post = init_post(options)
+        add_invoice_for_modification(post, money, authorization, options)
+        add_references(post, authorization, options)
+        commit('refund', post)
+      end
+
+      def void(authorization, options={})
+        post = init_post(options)
+        add_references(post, authorization, options)
+        commit('cancel', post)
+      end
+
+      def verify(credit_card, options={})
+        MultiResponse.run(:use_first_response) do |r|
+          r.process { authorize(100, credit_card, options) }
+          r.process(:ignore_result) { void(r.authorization, options) }
+        end
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((Authorization: Basic )\w+), '\1[FILTERED]').
+          gsub(%r(("number\\?":\\?")[^"]*)i, '\1[FILTERED]').
+          gsub(%r(("cvc\\?":\\?")[^"]*)i, '\1[FILTERED]')
+      end
+
+      private
+
+      def add_extra_data(post, options)
+        post[:shopperEmail] = options[:shopper_email] if options[:shopper_email]
+        post[:shopperIP] = options[:shopper_ip] if options[:shopper_ip]
+        post[:shopperReference] = options[:shopper_reference] if options[:shopper_reference]
+        post[:fraudOffset] = options[:fraud_offset] if options[:fraud_offset]
+        post[:selectedBrand] = options[:selected_brand] if options[:selected_brand]
+        post[:deliveryDate] = options[:delivery_date] if options[:delivery_date]
+        post[:merchantOrderReference] = options[:merchant_order_reference] if options[:merchant_order_reference]
+        post[:shopperInteraction] = options[:shopper_interaction] if options[:shopper_interaction]
+      end
+
+      def add_address(post, options)
+        return unless post[:card] && post[:card].kind_of?(Hash)
+        if address = options[:billing_address] || options[:address]
+          post[:card][:billingAddress] = {}
+          post[:card][:billingAddress][:street] = address[:address1] if address[:address1]
+          post[:card][:billingAddress][:houseNumberOrName] = address[:address2] if address[:address2]
+          post[:card][:billingAddress][:postalCode] = address[:zip] if address[:zip]
+          post[:card][:billingAddress][:city] = address[:city] if address[:city]
+          post[:card][:billingAddress][:stateOrProvince] = address[:state] if address[:state]
+          post[:card][:billingAddress][:country] = address[:country] if address[:country]
+        end
+      end
+
+      def add_invoice(post, money, options)
+        amount = {
+          value: amount(money),
+          currency: options[:currency] || currency(money)
+        }
+        post[:reference] = options[:reference]
+        post[:amount] = amount
+      end
+
+      def add_invoice_for_modification(post, money, authorization, options)
+        amount = {
+          value: amount(money),
+          currency: options[:currency] || currency(money)
+        }
+        post[:modificationAmount] = amount
+      end
+
+      def add_payment(post, payment)
+        card = {
+          expiryMonth: payment.month,
+          expiryYear: payment.year,
+          holderName: payment.name,
+          number: payment.number,
+          cvc: payment.verification_value
+        }
+        card.delete_if{|k,v| v.blank? }
+        requires!(card, :expiryMonth, :expiryYear, :holderName, :number, :cvc)
+        post[:card] = card
+      end
+
+      def add_references(post, authorization, options = {})
+        post[:originalReference] = authorization
+        post[:reference] = options[:reference]
+      end
+
+      def parse(body)
+        return {} if body.blank?
+        JSON.parse(body)
+      end
+
+      def commit(action, parameters)
+        url = (test? ? test_url : live_url)
+
+        begin
+          raw_response = ssl_post("#{url}/#{action.to_s}", post_data(action, parameters), request_headers)
+          response = parse(raw_response)
+        rescue ResponseError => e
+          raw_response = e.response.body
+          response = parse(raw_response)
+        end
+
+        success = success_from(action, response)
+        Response.new(
+          success,
+          message_from(action, response),
+          response,
+          authorization: authorization_from(response),
+          test: test?,
+          error_code: success ? nil : error_code_from(response)
+        )
+
+      end
+
+      def basic_auth
+        Base64.strict_encode64("#{@username}:#{@password}")
+      end
+
+      def request_headers
+        {
+          "Content-Type" => "application/json",
+          "Authorization" => "Basic #{basic_auth}"
+        }
+      end
+
+      def success_from(action, response)
+        case action.to_s
+        when 'authorise'
+          ['Authorised', 'Received', 'RedirectShopper'].include?(response['resultCode'])
+        when 'capture', 'refund', 'cancel'
+          response['response'] == "[#{action}-received]"
+        else
+          false
+        end
+      end
+
+      def message_from(action, response)
+        case action.to_s
+        when 'authorise'
+          response['refusalReason'] || response['resultCode'] || response['message']
+        when 'capture', 'refund', 'cancel'
+          response['response'] || response['message']
+        end
+      end
+
+      def authorization_from(response)
+        response['pspReference']
+      end
+
+      def init_post(options = {})
+        {merchantAccount: options[:merchant_account] || @merchant_account}
+      end
+
+      def post_data(action, parameters = {})
+        JSON.generate(parameters)
+      end
+
+      def error_code_from(response)
+        STANDARD_ERROR_CODE_MAPPING[response['errorCode']]
+      end
+
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/authorize_net.rb

@@ -1,14 +1,14 @@
 require 'nokogiri'
 
-module ActiveMerchant #:nodoc:
-  module Billing #:nodoc:
+module ActiveMerchant
+  module Billing
     class AuthorizeNetGateway < Gateway
       include Empty
 
       self.test_url = 'https://apitest.authorize.net/xml/v1/request.api'
       self.live_url = 'https://api2.authorize.net/xml/v1/request.api'
 
-      self.supported_countries = %w(AD AT AU BE BG CA CH CY CZ DE DK ES FI FR GB GB GI GR HU IE IT LI LU MC MT NL NO PL PT RO SE SI SK SM TR US VA)
+      self.supported_countries = %w(AD AT AU BE BG CA CH CY CZ DE DK EE ES FI FR GB GI GR HU IE IL IS IT LI LT LU LV MC MT NL NO PL PT RO SE SI SK SM TR US VA)
       self.default_currency = 'USD'
       self.money_format = :dollars
       self.supported_cardtypes = [:visa, :master, :american_express, :discover, :diners_club, :jcb, :maestro]
@@ -16,25 +16,45 @@ module ActiveMerchant #:nodoc:
       self.homepage_url = 'http://www.authorize.net/'
       self.display_name = 'Authorize.Net'
 
+      # Authorize.net has slightly different definitions for returned AVS codes
+      # that have been mapped to the closest equivalent AM standard AVSResult codes
+      # Authorize.net's descriptions noted below
+      STANDARD_AVS_CODE_MAPPING = {
+        'A' => 'A', # Street Address: Match -- First 5 Digits of ZIP: No Match
+        'B' => 'I', # Address not provided for AVS check or street address match, postal code could not be verified
+        'E' => 'E', # AVS Error
+        'G' => 'G', # Non U.S. Card Issuing Bank
+        'N' => 'N', # Street Address: No Match -- First 5 Digits of ZIP: No Match
+        'P' => 'I', # AVS not applicable for this transaction
+        'R' => 'R', # Retry, System Is Unavailable
+        'S' => 'S', # AVS Not Supported by Card Issuing Bank
+        'U' => 'U', # Address Information For This Cardholder Is Unavailable
+        'W' => 'W', # Street Address: No Match -- All 9 Digits of ZIP: Match
+        'X' => 'X', # Street Address: Match -- All 9 Digits of ZIP: Match
+        'Y' => 'Y', # Street Address: Match - First 5 Digits of ZIP: Match
+        'Z' => 'Z'  # Street Address: No Match - First 5 Digits of ZIP: Match
+      }
+
       STANDARD_ERROR_CODE_MAPPING = {
-        '36' => STANDARD_ERROR_CODE[:incorrect_number],
-        '237' => STANDARD_ERROR_CODE[:invalid_number],
-        '2315' => STANDARD_ERROR_CODE[:invalid_number],
-        '37' => STANDARD_ERROR_CODE[:invalid_expiry_date],
-        '2316' => STANDARD_ERROR_CODE[:invalid_expiry_date],
-        '378' => STANDARD_ERROR_CODE[:invalid_cvc],
-        '38' => STANDARD_ERROR_CODE[:expired_card],
-        '2317' => STANDARD_ERROR_CODE[:expired_card],
-        '244' => STANDARD_ERROR_CODE[:incorrect_cvc],
-        '227' => STANDARD_ERROR_CODE[:incorrect_address],
         '2127' => STANDARD_ERROR_CODE[:incorrect_address],
         '22' => STANDARD_ERROR_CODE[:card_declined],
+        '227' => STANDARD_ERROR_CODE[:incorrect_address],
         '23' => STANDARD_ERROR_CODE[:card_declined],
-        '3153' => STANDARD_ERROR_CODE[:processing_error],
+        '2315' => STANDARD_ERROR_CODE[:invalid_number],
+        '2316' => STANDARD_ERROR_CODE[:invalid_expiry_date],
+        '2317' => STANDARD_ERROR_CODE[:expired_card],
         '235' => STANDARD_ERROR_CODE[:processing_error],
+        '237' => STANDARD_ERROR_CODE[:invalid_number],
         '24' => STANDARD_ERROR_CODE[:pickup_card],
+        '244' => STANDARD_ERROR_CODE[:incorrect_cvc],
         '300' => STANDARD_ERROR_CODE[:config_error],
-        '384' => STANDARD_ERROR_CODE[:config_error]
+        '3153' => STANDARD_ERROR_CODE[:processing_error],
+        '3155' => STANDARD_ERROR_CODE[:unsupported_feature],
+        '36' => STANDARD_ERROR_CODE[:incorrect_number],
+        '37' => STANDARD_ERROR_CODE[:invalid_expiry_date],
+        '378' => STANDARD_ERROR_CODE[:invalid_cvc],
+        '38' => STANDARD_ERROR_CODE[:expired_card],
+        '384' => STANDARD_ERROR_CODE[:config_error],
       }
 
       MARKET_TYPE = {
@@ -61,7 +81,7 @@ module ActiveMerchant #:nodoc:
       TRANSACTION_ALREADY_ACTIONED = %w(310 311)
 
       CARD_CODE_ERRORS = %w(N S)
-      AVS_ERRORS = %w(A E N R W Z)
+      AVS_ERRORS = %w(A E I N R W Z)
       AVS_REASON_CODES = %w(27 45)
 
       TRACKS = {
@@ -72,6 +92,7 @@ module ActiveMerchant #:nodoc:
       APPLE_PAY_DATA_DESCRIPTOR = "COMMON.APPLE.INAPP.PAYMENT"
 
       PAYMENT_METHOD_NOT_SUPPORTED_ERROR = "155"
+      INELIGIBLE_FOR_ISSUING_CREDIT_ERROR = "54"
 
       def initialize(options={})
         requires!(options, :login, :password)
@@ -111,11 +132,18 @@ module ActiveMerchant #:nodoc:
       end
 
       def refund(amount, authorization, options={})
-        if auth_was_for_cim?(authorization)
+        response = if auth_was_for_cim?(authorization)
           cim_refund(amount, authorization, options)
         else
           normal_refund(amount, authorization, options)
         end
+
+        return response if response.success?
+        return response unless options[:force_full_refund_if_unsettled]
+
+        if response.params["response_reason_code"] == INELIGIBLE_FOR_ISSUING_CREDIT_ERROR
+          void(authorization, options)
+        end
       end
 
       def void(authorization, options={})
@@ -154,28 +182,24 @@ module ActiveMerchant #:nodoc:
       end
 
       def store(credit_card, options = {})
-        commit(:cim_store) do |xml|
-          xml.profile do
-            xml.merchantCustomerId(truncate(options[:merchant_customer_id], 20) || SecureRandom.hex(10))
-            xml.description(truncate(options[:description], 255)) unless empty?(options[:description])
-            xml.email(options[:email]) unless empty?(options[:email])
-
-            xml.paymentProfiles do
-              xml.customerType("individual")
-              add_billing_address(xml, credit_card, options)
-              add_shipping_address(xml, options, "shipToList")
-              xml.payment do
-                xml.creditCard do
-                  xml.cardNumber(truncate(credit_card.number, 16))
-                  xml.expirationDate(format(credit_card.year, :four_digits) + '-' + format(credit_card.month, :two_digits))
-                  xml.cardCode(credit_card.verification_value) if credit_card.verification_value
-                end
-              end
-            end
-          end
+        if options[:customer_profile_id]
+          create_customer_payment_profile(credit_card, options)
+        else
+          create_customer_profile(credit_card, options)
         end
       end
 
+      def unstore(authorization)
+        customer_profile_id, _, _ = split_authorization(authorization)
+
+        delete_customer_profile(customer_profile_id)
+      end
+
+      def verify_credentials
+        response = commit(:verify_credentials) { }
+        response.success?
+      end
+
       def supports_scrubbing?
         true
       end
@@ -336,9 +360,13 @@ module ActiveMerchant #:nodoc:
         end
       end
 
+      def camel_case_lower(key)
+        String(key).split('_').inject([]){ |buffer,e| buffer.push(buffer.empty? ? e : e.capitalize) }.join
+      end
+
       def add_settings(xml, source, options)
         xml.transactionSettings do
-          if !source.is_a?(String) && card_brand(source) == "check" && options[:recurring]
+          if options[:recurring]
             xml.setting do
               xml.settingName("recurringBilling")
               xml.settingValue("true")
@@ -356,6 +384,18 @@ module ActiveMerchant #:nodoc:
             ActiveMerchant.deprecated "Using the duplicate_window class_attribute is deprecated. Use the transaction options hash instead."
             set_duplicate_window(xml, self.class.duplicate_window)
           end
+          if options[:email_customer]
+            xml.setting do
+              xml.settingName("emailCustomer")
+              xml.settingValue("true")
+            end
+          end
+          if options[:header_email_receipt]
+            xml.setting do
+              xml.settingName("headerEmailReceipt")
+              xml.settingValue(options[:header_email_receipt])
+            end
+          end
         end
       end
 
@@ -374,7 +414,7 @@ module ActiveMerchant #:nodoc:
               xml.value(currency)
             end
           end
-          if application_id.present? && application_id != "ActiveMerchant"
+          if application_id.present?
             xml.userField do
               xml.name("x_solution_id")
               xml.value(application_id)
@@ -459,8 +499,7 @@ module ActiveMerchant #:nodoc:
           xml.bankAccount do
             xml.routingNumber(check.routing_number)
             xml.accountNumber(check.account_number)
-            xml.nameOnAccount(check.name)
-            xml.echeckType("WEB")
+            xml.nameOnAccount(truncate(check.name, 22))
             xml.bankName(check.bank_name)
             xml.checkNumber(check.number)
           end
@@ -536,6 +575,64 @@ module ActiveMerchant #:nodoc:
           xml.invoiceNumber(truncate(options[:order_id], 20))
           xml.description(truncate(options[:description], 255))
         end
+
+        # Authorize.net API requires lineItems to be placed directly after order tag
+        if options[:line_items]
+          xml.lineItems do
+            options[:line_items].each do |line_item|
+              xml.lineItem do
+                line_item.each do |key, value|
+                  xml.send(camel_case_lower(key), value)
+                end
+              end
+            end
+          end
+        end
+      end
+
+      def create_customer_payment_profile(credit_card, options)
+        commit(:cim_store_update) do |xml|
+          xml.customerProfileId options[:customer_profile_id]
+          xml.paymentProfile do
+            add_billing_address(xml, credit_card, options)
+            xml.payment do
+              xml.creditCard do
+                xml.cardNumber(truncate(credit_card.number, 16))
+                xml.expirationDate(format(credit_card.year, :four_digits) + '-' + format(credit_card.month, :two_digits))
+                xml.cardCode(credit_card.verification_value) if credit_card.verification_value
+              end
+            end
+          end
+        end
+      end
+
+      def create_customer_profile(credit_card, options)
+        commit(:cim_store) do |xml|
+          xml.profile do
+            xml.merchantCustomerId(truncate(options[:merchant_customer_id], 20) || SecureRandom.hex(10))
+            xml.description(truncate(options[:description], 255)) unless empty?(options[:description])
+            xml.email(options[:email]) unless empty?(options[:email])
+
+            xml.paymentProfiles do
+              xml.customerType("individual")
+              add_billing_address(xml, credit_card, options)
+              add_shipping_address(xml, options, "shipToList")
+              xml.payment do
+                xml.creditCard do
+                  xml.cardNumber(truncate(credit_card.number, 16))
+                  xml.expirationDate(format(credit_card.year, :four_digits) + '-' + format(credit_card.month, :two_digits))
+                  xml.cardCode(credit_card.verification_value) if credit_card.verification_value
+                end
+              end
+            end
+          end
+        end
+      end
+
+      def delete_customer_profile(customer_profile_id)
+        commit(:cim_store_delete_customer) do |xml|
+          xml.customerProfileId(customer_profile_id)
+        end
       end
 
       def names_from(payment_source, address, options)
@@ -556,7 +653,7 @@ module ActiveMerchant #:nodoc:
       end
 
       def parse(action, raw_response)
-        if is_cim_action?(action)
+        if is_cim_action?(action) || action == :verify_credentials
           parse_cim(raw_response)
         else
           parse_normal(action, raw_response)
@@ -567,7 +664,8 @@ module ActiveMerchant #:nodoc:
         raw_response = ssl_post(url, post_data(action, &payload), headers)
         response = parse(action, raw_response)
 
-        avs_result = AVSResult.new(code: response[:avs_result_code])
+        avs_result_code = response[:avs_result_code].upcase if response[:avs_result_code]
+        avs_result = AVSResult.new(code: STANDARD_AVS_CODE_MAPPING[avs_result_code])
         cvv_result = CVVResult.new(response[:card_code])
         if using_live_gateway_in_test_mode?(response)
           Response.new(false, "Using a live Authorize.net account in Test Mode is not permitted.")
@@ -602,6 +700,12 @@ module ActiveMerchant #:nodoc:
       def root_for(action)
         if action == :cim_store
           "createCustomerProfileRequest"
+        elsif action == :cim_store_update
+          "createCustomerPaymentProfileRequest"
+        elsif action == :cim_store_delete_customer
+          "deleteCustomerProfileRequest"
+        elsif action == :verify_credentials
+          "authenticateTestRequest"
         elsif is_cim_action?(action)
           "createCustomerProfileTransactionRequest"
         else
@@ -697,6 +801,11 @@ module ActiveMerchant #:nodoc:
           (empty?(element.content) ? nil : element.content)
         end
 
+        response[:customer_payment_profile_id] = if(element = doc.at_xpath("//customerPaymentProfileIdList/numericString") ||
+                                                              doc.at_xpath("//customerPaymentProfileId"))
+          (empty?(element.content) ? nil : element.content)
+        end
+
         response[:direct_response] = if(element = doc.at_xpath("//directResponse"))
           (empty?(element.content) ? nil : element.content)
         end
@@ -707,7 +816,7 @@ module ActiveMerchant #:nodoc:
       end
 
       def success_from(action, response)
-        if action == :cim_store
+        if cim?(action) || (action == :verify_credentials)
           response[:result_code] == "Ok"
         else
           response[:response_code] == APPROVED && TRANSACTION_ALREADY_ACTIONED.exclude?(response[:response_reason_code])
@@ -727,7 +836,7 @@ module ActiveMerchant #:nodoc:
       end
 
       def authorization_from(action, response)
-        if action == :cim_store
+        if cim?(action)
           [response[:customer_profile_id], response[:customer_payment_profile_id], action].join("#")
         else
           [response[:transaction_id], response[:account_number], action].join("#")
@@ -738,6 +847,10 @@ module ActiveMerchant #:nodoc:
         authorization.split("#")
       end
 
+      def cim?(action)
+        (action == :cim_store) || (action == :cim_store_update) || (action == :cim_store_delete_customer)
+      end
+
       def transaction_id_from(authorization)
         transaction_id, _, _ = split_authorization(authorization)
         transaction_id

data/lib/active_merchant/billing/gateways/authorize_net_cim.rb

@@ -574,6 +574,7 @@ module ActiveMerchant #:nodoc:
       def build_get_customer_payment_profile_request(xml, options)
         xml.tag!('customerProfileId', options[:customer_profile_id])
         xml.tag!('customerPaymentProfileId', options[:customer_payment_profile_id])
+        xml.tag!('unmaskExpirationDate', options[:unmask_expiration_date]) if options[:unmask_expiration_date]
         xml.target!
       end
 
@@ -863,10 +864,12 @@ module ActiveMerchant #:nodoc:
         response_params['direct_response'] = parse_direct_response(response_params['direct_response']) if response_params['direct_response']
         transaction_id = response_params['direct_response']['transaction_id'] if response_params['direct_response']
 
-        Response.new(success, message, response_params,
-          :test => test_mode,
-          :authorization => transaction_id || response_params['customer_profile_id'] || (response_params['profile'] ? response_params['profile']['customer_profile_id'] : nil)
-        )
+        response_options = {}
+        response_options[:test] = test_mode
+        response_options[:authorization] = transaction_id || response_params['customer_profile_id'] || (response_params['profile'] ? response_params['profile']['customer_profile_id'] : nil)
+        response_options[:error_code] = response_params['messages']['message']['code'] unless success
+
+        Response.new(success, message, response_params, response_options)
       end
 
       def tag_unless_blank(xml, tag_name, data)