activemerchant 1.56.0 → 1.66.0

data/lib/active_merchant/billing/gateways/world_net.rb

@@ -0,0 +1,344 @@
+require 'nokogiri'
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    # See https://helpdesk.worldnettps.com/support/solutions/articles/1000167298-integrator-guide
+    class WorldNetGateway < Gateway
+      self.test_url = 'https://testpayments.worldnettps.com/merchant/xmlpayment'
+      self.live_url = 'https://payments.worldnettps.com/merchant/xmlpayment'
+
+      self.homepage_url = 'http://worldnettps.com/'
+      self.display_name = 'WorldNet'
+
+      self.supported_countries = %w(IE GB US)
+      self.default_currency = 'EUR'
+
+      CARD_TYPES = {
+        visa:             'VISA',
+        master:           'MASTERCARD',
+        discover:         'DISCOVER',
+        american_express: 'AMEX',
+        maestro:          'MAESTRO',
+        diners_club:      'DINERS',
+        jcb:              'JCB',
+        secure_card:      'SECURECARD'
+      }.freeze
+      self.supported_cardtypes = CARD_TYPES.keys
+
+      def initialize(options = {})
+        requires!(options, :terminal_id, :secret)
+        options[:terminal_type] ||= 2 # eCommerce
+        super
+      end
+
+      def purchase(money, payment, options = {})
+        requires!(options, :order_id)
+
+        post = {}
+        add_invoice(post, money, options)
+        add_payment(post, payment)
+        add_address(post, payment, options)
+        add_customer_data(post, options)
+
+        commit('PAYMENT', post)
+      end
+
+      def authorize(money, payment, options = {})
+        requires!(options, :order_id)
+
+        post = {}
+        add_invoice(post, money, options)
+        add_payment(post, payment)
+        add_address(post, payment, options)
+        add_customer_data(post, options)
+
+        commit('PREAUTH', post)
+      end
+
+      def capture(money, authorization, options = {})
+        post = {}
+        add_invoice(post, money, options)
+        post[:uniqueref] = authorization
+
+        commit('PREAUTHCOMPLETION', post)
+      end
+
+      def refund(money, authorization, options = {})
+        requires!(options, :operator, :reason)
+
+        post = {}
+        post[:uniqueref] = authorization
+        add_invoice(post, money, options)
+        post[:operator] = options[:operator]
+        post[:reason] = options[:reason]
+
+        commit('REFUND', post)
+      end
+
+      def void(authorization, _options = {})
+        post = {}
+        post[:uniqueref] = authorization
+        commit('VOID', post)
+      end
+
+      def verify(credit_card, options = {})
+        MultiResponse.run(:use_first_response) do |r|
+          r.process { authorize(100, credit_card, options) }
+          r.process(:ignore_result) { void(r.authorization, options) }
+        end
+      end
+
+      def store(payment, options = {})
+        requires!(options, :order_id)
+
+        post = {}
+        post[:merchantref] = options[:order_id]
+        add_payment(post, payment)
+
+        commit('SECURECARDREGISTRATION', post)
+      end
+
+      def unstore(payment, options = {})
+        requires!(options, :order_id)
+
+        post = {}
+        post[:merchantref] = options[:order_id]
+        add_card_reference(post, payment)
+
+        commit('SECURECARDREMOVAL', post)
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript
+          .gsub(%r{(<CARDNUMBER>\d{6})\d+(\d{4}</CARDNUMBER>)}, '\1...\2')
+          .gsub(%r{(<CVV>)\d+(</CVV)}, '\1...\2')
+      end
+
+      private
+
+      def add_customer_data(post, options)
+        post[:email] = options[:email]
+        post[:ipaddress] = options[:ip]
+      end
+
+      def add_address(post, _creditcard, options)
+        address = options[:billing_address] || options[:address]
+        return unless address
+        post[:address1] = address[:address1]
+        post[:address2] = address[:address2]
+        post[:city]     = address[:city]
+        post[:country]  = address[:country] # ISO 3166-1-alpha-2 code.
+        post[:postcode] = address[:zip]
+      end
+
+      def add_invoice(post, money, options)
+        post[:orderid] = options[:order_id]
+        post[:amount] = amount(money)
+        post[:currency] = (options[:currency] || currency(money))
+        post[:description] = options[:description]
+      end
+
+      def add_payment(post, payment)
+        # a payment triggered with a secure_card (tokenised card) will not
+        # respond to `:number`
+        if payment.respond_to?(:number)
+          post[:cardholdername] = cardholdername(payment)
+          post[:cardtype]       = CARD_TYPES[payment.brand.to_sym]
+          post[:cardnumber]     = payment.number
+          post[:cvv]            = payment.verification_value if payment.verification_value
+          post[:cardexpiry]     = expdate(payment)
+        else
+          post[:cardtype]       = CARD_TYPES[:secure_card]
+          post[:cardnumber]     = payment
+        end
+      end
+
+      def add_card_reference(post, payment)
+        post[:cardreference] = payment
+      end
+
+      def cardholdername(payment)
+        [payment.first_name, payment.last_name].join(' ').slice(0, 60)
+      end
+
+      def parse(action, body)
+        results = {}
+        xml = Nokogiri::XML(body)
+        resp = xml.xpath("//#{action}RESPONSE | //ERROR")
+        resp.children.each do |element|
+          results[element.name.downcase.to_sym] = element.text
+        end
+        results
+      end
+
+      def commit(action, parameters)
+        url = (test? ? test_url : live_url)
+        response = parse(action, ssl_post(url, post_data(action, parameters)))
+
+        Response.new(
+          success_from(action, response),
+          message_from(response),
+          response,
+          authorization: authorization_from(action, response),
+          avs_result: AVSResult.new(code: response[:avs_response]),
+          cvv_result: CVVResult.new(response[:cvv_response]),
+          test: test?,
+          error_code: success_from(action, response) ? nil : message_to_standard_error_code_from(response)
+        )
+      end
+
+      def success_from(action, response)
+        case action
+        when 'SECURECARDREGISTRATION'
+          response[:cardreference].present?
+        when 'SECURECARDREMOVAL'
+          response[:datetime].present? && response[:hash].present?
+        else
+          response[:responsecode] == 'A'
+        end
+      end
+
+      def message_to_standard_error_code_from(response)
+        case message_from(response)
+        when /DECLINED/
+          STANDARD_ERROR_CODE[:card_declined]
+        when /CVV FAILURE/
+          STANDARD_ERROR_CODE[:incorrect_cvc]
+        when /Invalid CARDEXPIRY field/
+          STANDARD_ERROR_CODE[:invalid_expiry_date]
+        else
+          STANDARD_ERROR_CODE[:processing_error]
+        end
+      end
+
+      def message_from(response)
+        response[:responsetext] || response[:errorstring]
+      end
+
+      def authorization_from(action, response)
+        case action
+        when 'SECURECARDREGISTRATION'
+          response[:cardreference]
+        else
+          response[:uniqueref]
+        end
+      end
+
+      def post_data(action, parameters = {})
+        parameters[:terminalid]       = @options[:terminal_id]
+        parameters[:terminaltype]     = @options[:terminal_type]
+        parameters[:transactiontype]  = 7 # eCommerce
+        parameters[:datetime]         = create_time_stamp
+        parameters[:hash]             = case action
+                                        when 'SECURECARDREGISTRATION'
+                                          build_store_signature(parameters)
+                                        when 'SECURECARDREMOVAL'
+                                          build_unstore_signature(parameters)
+                                        else
+                                          build_signature(parameters)
+                                        end
+        build_xml_request(action, fields(action), parameters)
+      end
+
+      def create_time_stamp
+        Time.now.gmtime.strftime('%d-%m-%Y:%H:%M:%S:%L')
+      end
+
+      def build_signature(parameters)
+        str = parameters[:terminalid]
+        str += (parameters[:uniqueref] || parameters[:orderid])
+        str += (parameters[:amount].to_s + parameters[:datetime])
+        Digest::MD5.hexdigest(str + @options[:secret])
+      end
+
+      def build_store_signature(parameters)
+        str = parameters[:terminalid]
+        str += parameters[:merchantref]
+        str += parameters[:datetime]
+        str += parameters[:cardnumber]
+        str += parameters[:cardexpiry]
+        str += parameters[:cardtype]
+        str += parameters[:cardholdername]
+        Digest::MD5.hexdigest(str + @options[:secret])
+      end
+
+      def build_unstore_signature(parameters)
+        str = parameters[:terminalid]
+        str += parameters[:merchantref]
+        str += parameters[:datetime]
+        str += parameters[:cardreference]
+        Digest::MD5.hexdigest(str + @options[:secret])
+      end
+
+      def fields(action)
+        # Gateway expects fields in fixed order below.
+        case action
+        when 'PAYMENT', 'PREAUTH'
+          [
+            :orderid,
+            :terminalid,
+            :amount,
+            :datetime,
+            :cardnumber, :cardtype, :cardexpiry, :cardholdername,
+            :hash,
+            :currency,
+            :terminaltype,
+            :transactiontype,
+            :email,
+            :cvv,
+            :address1, :address2,
+            :postcode,
+            :description,
+            :city, :country,
+            :ipaddress
+          ]
+        when 'PREAUTHCOMPLETION'
+          [:uniqueref, :terminalid, :amount, :datetime, :hash]
+        when 'REFUND'
+          [:uniqueref, :terminalid, :amount, :datetime, :hash,
+           :operator, :reason]
+        when 'VOID'
+          [:uniqueref]
+        when 'SECURECARDREGISTRATION'
+          [
+            :merchantref,
+            :terminalid,
+            :datetime,
+            :cardnumber, :cardexpiry, :cardtype, :cardholdername,
+            :hash,
+            :dontchecksecurity,
+            :cvv,
+            :issueno
+          ]
+        when 'SECURECARDREMOVAL'
+          [
+            :merchantref,
+            :cardreference,
+            :terminalid,
+            :datetime,
+            :hash
+          ]
+        end
+      end
+
+      def build_xml_request(action, fields, data)
+        xml = Builder::XmlMarkup.new indent: 2
+        xml.instruct!(:xml, version: '1.0', encoding: 'utf-8')
+        xml.tag!(action) do
+          fields.each do |field|
+            xml.tag!(field.to_s.upcase, data[field]) if data[field]
+          end
+        end
+        xml.target!
+      end
+
+      def expdate(credit_card)
+        sprintf('%02d%02d', credit_card.month, credit_card.year % 100)
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/worldpay.rb

@@ -8,6 +8,7 @@ module ActiveMerchant #:nodoc:
       self.money_format = :cents
       self.supported_countries = %w(HK GB AU AD BE CH CY CZ DE DK ES FI FR GI GR HU IE IL IT LI LU MC MT NL NO NZ PL PT SE SG SI SM TR UM VA)
       self.supported_cardtypes = [:visa, :master, :american_express, :discover, :jcb, :maestro, :laser, :switch]
+      self.currencies_without_fractions = %w(HUF IDR ISK JPY KRW)
       self.homepage_url = 'http://www.worldpay.com/'
       self.display_name = 'Worldpay Global'
 
@@ -59,9 +60,21 @@ module ActiveMerchant #:nodoc:
       end
 
       def refund(money, authorization, options = {})
-        MultiResponse.run do |r|
-          r.process{inquire_request(authorization, options, "CAPTURED", "SETTLED", "SETTLED_BY_MERCHANT")}
-          r.process{refund_request(money, authorization, options)}
+        response = MultiResponse.run do |r|
+          r.process { inquire_request(authorization, options, "CAPTURED", "SETTLED", "SETTLED_BY_MERCHANT") }
+          r.process { refund_request(money, authorization, options) }
+        end
+
+        return response if response.success?
+        return response unless options[:force_full_refund_if_unsettled]
+
+        void(authorization, options ) if response.params["last_event"] == "AUTHORISED"
+      end
+
+      def verify(credit_card, options={})
+        MultiResponse.run(:use_first_response) do |r|
+          r.process { authorize(100, credit_card, options) }
+          r.process(:ignore_result) { void(r.authorization, options) }
         end
       end
 
@@ -129,7 +142,7 @@ module ActiveMerchant #:nodoc:
       def build_authorization_request(money, payment_method, options)
         build_request do |xml|
           xml.tag! 'submit' do
-            xml.tag! 'order', {'orderCode' => options[:order_id], 'installationId' => @options[:inst_id]}.reject{|_,v| !v} do
+            xml.tag! 'order', order_tag_attributes(options) do
               xml.description(options[:description].blank? ? "Purchase" : options[:description])
               add_amount(xml, money, options)
               if options[:order_content]
@@ -139,11 +152,18 @@ module ActiveMerchant #:nodoc:
               end
               add_payment_method(xml, money, payment_method, options)
               add_email(xml, options)
+              if options[:hcg_additional_data]
+                add_hcg_additional_data(xml, options)
+              end
             end
           end
         end
       end
 
+      def order_tag_attributes(options)
+        { 'orderCode' => options[:order_id], 'installationId' => options[:inst_id] || @options[:inst_id] }.reject{|_,v| !v}
+      end
+
       def build_capture_request(money, authorization, options)
         build_order_modify_request(authorization) do |xml|
           xml.tag! 'capture' do
@@ -170,12 +190,11 @@ module ActiveMerchant #:nodoc:
 
       def add_amount(xml, money, options)
         currency = options[:currency] || currency(money)
-        amount   = localized_amount(money, currency)
 
         amount_hash = {
-          :value => amount,
+          :value => localized_amount(money, currency),
           'currencyCode' => currency,
-          'exponent' => 2
+          'exponent' => non_fractional_currency?(currency) ? 0 : 2
         }
 
         if options[:debit_credit_indicator]
@@ -209,8 +228,11 @@ module ActiveMerchant #:nodoc:
 
               add_address(xml, (options[:billing_address] || options[:address]))
             end
-            if options[:ip]
-              xml.tag! 'session', 'shopperIPAddress' => options[:ip]
+            if options[:ip] && options[:session_id]
+              xml.tag! 'session', 'shopperIPAddress' => options[:ip], 'id' => options[:session_id]
+            else
+              xml.tag! 'session', 'shopperIPAddress' => options[:ip] if options[:ip]
+              xml.tag! 'session', 'id' => options[:session_id] if options[:session_id]
             end
           end
         end
@@ -224,6 +246,8 @@ module ActiveMerchant #:nodoc:
       end
 
       def add_address(xml, address)
+        return unless address
+
         address = address_with_defaults(address)
 
         xml.tag! 'cardAddress' do
@@ -243,6 +267,14 @@ module ActiveMerchant #:nodoc:
         end
       end
 
+      def add_hcg_additional_data(xml, options)
+        xml.tag! 'hcgAdditionalData' do
+          options[:hcg_additional_data].each do |k, v|
+            xml.tag! "param", {name: k.to_s}, v
+          end
+        end
+      end
+
       def address_with_defaults(address)
         address ||= {}
         address.delete_if { |_, v| v.blank? }
@@ -286,6 +318,7 @@ module ActiveMerchant #:nodoc:
           message,
           raw,
           :authorization => authorization_from(raw),
+          :error_code => error_code_from(success, raw),
           :test => test?)
 
       rescue ActiveMerchant::ResponseError => e
@@ -315,6 +348,12 @@ module ActiveMerchant #:nodoc:
         [ success, message ]
       end
 
+      def error_code_from(success, raw)
+        unless success == "SUCCESS"
+          raw[:iso8583_return_code_code] || raw[:error_code] || nil
+        end
+      end
+
       def required_status_message(raw, success_criteria)
         if(!success_criteria.include?(raw[:last_event]))
           "A transaction status of #{success_criteria.collect{|c| "'#{c}'"}.join(" or ")} is required."
@@ -330,13 +369,6 @@ module ActiveMerchant #:nodoc:
         credentials = "#{@options[:login]}:#{@options[:password]}"
         "Basic #{[credentials].pack('m').strip}"
       end
-
-      def localized_amount(money, currency)
-        amount = amount(money)
-        return amount unless CURRENCIES_WITHOUT_FRACTIONS.include?(currency.to_s)
-
-        amount.to_i / 100 * 100
-      end
     end
   end
 end

data/lib/active_merchant/billing/network_tokenization_credit_card.rb

@@ -15,6 +15,21 @@ module ActiveMerchant #:nodoc:
       self.require_name = false
 
       attr_accessor :payment_cryptogram, :eci, :transaction_id
+      attr_writer :source
+
+      SOURCES = [:apple_pay, :android_pay]
+
+      def source
+        if defined?(@source) && SOURCES.include?(@source)
+          @source
+        else
+          :apple_pay
+        end
+      end
+
+      def credit_card?
+        true
+      end
 
       def type
         "network_tokenization"

data/lib/active_merchant/country.rb

@@ -72,6 +72,7 @@ module ActiveMerchant #:nodoc:
       { alpha2: 'AD', name: 'Andorra', alpha3: 'AND', numeric: '020' },
       { alpha2: 'AO', name: 'Angola', alpha3: 'AGO', numeric: '024' },
       { alpha2: 'AI', name: 'Anguilla', alpha3: 'AIA', numeric: '660' },
+      { alpha2: 'AQ', name: 'Antarctica', alpha3: 'ATA', numeric: '010' },
       { alpha2: 'AG', name: 'Antigua and Barbuda', alpha3: 'ATG', numeric: '028' },
       { alpha2: 'AR', name: 'Argentina', alpha3: 'ARG', numeric: '032' },
       { alpha2: 'AM', name: 'Armenia', alpha3: 'ARM', numeric: '051' },
@@ -90,6 +91,7 @@ module ActiveMerchant #:nodoc:
       { alpha2: 'BM', name: 'Bermuda', alpha3: 'BMU', numeric: '060' },
       { alpha2: 'BT', name: 'Bhutan', alpha3: 'BTN', numeric: '064' },
       { alpha2: 'BO', name: 'Bolivia', alpha3: 'BOL', numeric: '068' },
+      { alpha2: 'BQ', name: 'Bonaire, Sint Eustatius and Saba', alpha3: 'BES', numeric: '535' },
       { alpha2: 'BA', name: 'Bosnia and Herzegovina', alpha3: 'BIH', numeric: '070' },
       { alpha2: 'BW', name: 'Botswana', alpha3: 'BWA', numeric: '072' },
       { alpha2: 'BV', name: 'Bouvet Island', alpha3: 'BVD', numeric: '074' },
@@ -181,7 +183,6 @@ module ActiveMerchant #:nodoc:
       { alpha2: 'KI', name: 'Kiribati', alpha3: 'KIR', numeric: '296' },
       { alpha2: 'KP', name: 'Korea, Democratic People\'s Republic of', alpha3: 'PRK', numeric: '408' },
       { alpha2: 'KR', name: 'Korea, Republic of', alpha3: 'KOR', numeric: '410' },
-      { alpha2: 'KV', name: 'Kosovo', alpha3: 'KSV', numeric: '377' },
       { alpha2: 'KW', name: 'Kuwait', alpha3: 'KWT', numeric: '414' },
       { alpha2: 'KG', name: 'Kyrgyzstan', alpha3: 'KGZ', numeric: '417' },
       { alpha2: 'LA', name: 'Lao People\'s Democratic Republic', alpha3: 'LAO', numeric: '418' },
@@ -220,7 +221,6 @@ module ActiveMerchant #:nodoc:
       { alpha2: 'NR', name: 'Nauru', alpha3: 'NRU', numeric: '520' },
       { alpha2: 'NP', name: 'Nepal', alpha3: 'NPL', numeric: '524' },
       { alpha2: 'NL', name: 'Netherlands', alpha3: 'NLD', numeric: '528' },
-      { alpha2: 'AN', name: 'Netherlands Antilles', alpha3: 'ANT', numeric: '530' },
       { alpha2: 'NC', name: 'New Caledonia', alpha3: 'NCL', numeric: '540' },
       { alpha2: 'NZ', name: 'New Zealand', alpha3: 'NZL', numeric: '554' },
       { alpha2: 'NI', name: 'Nicaragua', alpha3: 'NIC', numeric: '558' },
@@ -264,15 +264,17 @@ module ActiveMerchant #:nodoc:
       { alpha2: 'SC', name: 'Seychelles', alpha3: 'SYC', numeric: '690' },
       { alpha2: 'SL', name: 'Sierra Leone', alpha3: 'SLE', numeric: '694' },
       { alpha2: 'SG', name: 'Singapore', alpha3: 'SGP', numeric: '702' },
+      { alpha2: 'SX', name: 'Sint Maarten', alpha3: 'SXM', numeric: '534' },
       { alpha2: 'SK', name: 'Slovakia', alpha3: 'SVK', numeric: '703' },
       { alpha2: 'SI', name: 'Slovenia', alpha3: 'SVN', numeric: '705' },
       { alpha2: 'SB', name: 'Solomon Islands', alpha3: 'SLB', numeric: '090' },
       { alpha2: 'SO', name: 'Somalia', alpha3: 'SOM', numeric: '706' },
       { alpha2: 'ZA', name: 'South Africa', alpha3: 'ZAF', numeric: '710' },
       { alpha2: 'GS', name: 'South Georgia and the South Sandwich Islands', alpha3: 'SGS', numeric: '239' },
+      { alpha2: 'SS', name: 'South Sudan', alpha3: 'SSD', numeric: '728' },
       { alpha2: 'ES', name: 'Spain', alpha3: 'ESP', numeric: '724' },
       { alpha2: 'LK', name: 'Sri Lanka', alpha3: 'LKA', numeric: '144' },
-      { alpha2: 'SD', name: 'Sudan', alpha3: 'SDN', numeric: '736' },
+      { alpha2: 'SD', name: 'Sudan', alpha3: 'SDN', numeric: '729' },
       { alpha2: 'SR', name: 'Suriname', alpha3: 'SUR', numeric: '740' },
       { alpha2: 'SJ', name: 'Svalbard and Jan Mayen', alpha3: 'SJM', numeric: '744' },
       { alpha2: 'SZ', name: 'Swaziland', alpha3: 'SWZ', numeric: '748' },
@@ -323,7 +325,7 @@ module ActiveMerchant #:nodoc:
         country_code = CountryCode.new(name)
         country = COUNTRIES.detect{|c| c[country_code.format] == upcase_name }
       else
-        country = COUNTRIES.detect{|c| c[:name] == name }
+        country = COUNTRIES.detect{|c| c[:name].upcase == name.upcase }
       end
       raise InvalidCountryCodeError, "No country could be found for the country #{name}" if country.nil?
       Country.new(country.dup)

data/lib/active_merchant/posts_data.rb

@@ -41,7 +41,7 @@ module ActiveMerchant #:nodoc:
 
     def raw_ssl_request(method, endpoint, data, headers = {})
       logger.warn "#{self.class} using ssl_strict=false, which is insecure" if logger unless ssl_strict
-      logger.warn "#{self.class} posting to plaintext endpoint, which is insecure" if logger unless endpoint =~ /^https:/
+      logger.warn "#{self.class} posting to plaintext endpoint, which is insecure" if logger unless endpoint.to_s =~ /^https:/
 
       connection = new_connection(endpoint)
       connection.open_timeout = open_timeout

data/lib/active_merchant/version.rb

@@ -1,3 +1,3 @@
 module ActiveMerchant
-  VERSION = "1.56.0"
+  VERSION = "1.66.0"
 end