activemerchant 1.56.0 → 1.66.0

data/lib/active_merchant/billing/gateways/credorax.rb

@@ -0,0 +1,310 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class CredoraxGateway < Gateway
+      class_attribute :test_url, :live_na_url, :live_eu_url
+
+      self.display_name = "Credorax Gateway"
+      self.homepage_url = "https://www.credorax.com/"
+
+      self.test_url = "https://intconsole.credorax.com/intenv/service/gateway"
+
+      # The live URL is assigned on a per merchant basis once certification has passed
+      # See the Credorax remote tests for the full certification test suite
+      #
+      # Once you have your assigned subdomain, you can override the live URL in your application via:
+      # ActiveMerchant::Billing::CredoraxGateway.live_url = "https://assigned-subdomain.credorax.net/crax_gate/service/gateway"
+      self.live_url = 'https://assigned-subdomain.credorax.net/crax_gate/service/gateway'
+
+      self.supported_countries = %w(DE GB FR IT ES PL NL BE GR CZ PT SE HU RS AT CH BG DK FI SK NO IE HR BA AL LT MK SI LV EE ME LU MT IS AD MC LI SM)
+      self.default_currency = "EUR"
+      self.money_format = :cents
+      self.supported_cardtypes = [:visa, :master, :maestro]
+
+      RESPONSE_MESSAGES = {
+        "00" => "Approved or completed successfully",
+        "01" => "Refer to card issuer",
+        "02" => "Refer to card issuer special condition",
+        "03" => "Invalid merchant",
+        "04" => "Pick up card",
+        "05" => "Do not Honour",
+        "06" => "Invalid Transaction for Terminal",
+        "07" => "Pick up card special condition",
+        "08" => "Time-Out",
+        "09" => "No Original",
+        "10" => "Approved for partial amount",
+        "11" => "Partial Approval",
+        "12" => "Invalid transaction card / issuer / acquirer",
+        "13" => "Invalid amount",
+        "14" => "Invalid card number",
+        "17" => "Invalid Capture date (terminal business date)",
+        "19" => "System Error; Re-enter transaction",
+        "20" => "No From Account",
+        "21" => "No To Account",
+        "22" => "No Checking Account",
+        "23" => "No Saving Account",
+        "24" => "No Credit Account",
+        "30" => "Format error",
+        "34" => "Implausible card data",
+        "39" => "Transaction Not Allowed",
+        "41" => "Lost Card, Pickup",
+        "42" => "Special Pickup",
+        "43" => "Hot Card, Pickup (if possible)",
+        "44" => "Pickup Card",
+        "51" => "Not sufficient funds",
+        "52" => "No checking Account",
+        "53" => "No savings account",
+        "54" => "Expired card",
+        "55" => "Pin incorrect",
+        "57" => "Transaction not allowed for cardholder",
+        "58" => "Transaction not allowed for merchant",
+        "59" => "Suspected Fraud",
+        "61" => "Exceeds withdrawal amount limit",
+        "62" => "Restricted card",
+        "63" => "MAC Key Error",
+        "65" => "Activity count limit exceeded",
+        "66" => "Exceeds Acquirer Limit",
+        "67" => "Retain Card; no reason specified",
+        "68" => "Response received too late",
+        "75" => "Pin tries exceeded",
+        "76" => "Invalid Account",
+        "77" => "Issuer Does Not Participate In The Service",
+        "78" => "Function Not Available",
+        "79" => "Key Validation Error",
+        "80" => "Approval for Purchase Amount Only",
+        "81" => "Unable to Verify PIN",
+        "82" => "Time out at issuer system",
+        "83" => "Not declined (Valid for all zero amount transactions)",
+        "84" => "Invalid Life Cycle of transaction",
+        "85" => "Not declined",
+        "86" => "Cannot verify pin",
+        "87" => "Purchase amount only, no cashback allowed",
+        "88" => "MAC sync Error",
+        "89" => "Security Violation",
+        "91" => "Issuer not available",
+        "92" => "Unable to route at acquirer Module",
+        "93" => "Transaction cannot be completed",
+        "94" => "Duplicate transaction",
+        "95" => "Contact Acquirer",
+        "96" => "System malfunction",
+        "97" => "No Funds Transfer",
+        "98" => "Duplicate Reversal",
+        "99" => "Duplicate Transaction",
+        "N3" => "Cash Service Not Available",
+        "N4" => "Cash Back Request Exceeds Issuer Limit",
+        "N7" => "N7 (visa), Decline CVV2 failure",
+        "R0" => "Stop Payment Order",
+        "R1" => "Revocation of Authorisation Order",
+        "R3" => "Revocation of all Authorisations Order"
+      }
+
+      def initialize(options={})
+        requires!(options, :merchant_id, :cipher_key)
+        super
+      end
+
+      def purchase(amount, payment_method, options={})
+        post = {}
+        add_invoice(post, amount, options)
+        add_payment_method(post, payment_method)
+        add_customer_data(post, options)
+        add_email(post, options)
+        add_echo(post, options)
+
+        commit(:purchase, post)
+      end
+
+      def authorize(amount, payment_method, options={})
+        post = {}
+        add_invoice(post, amount, options)
+        add_payment_method(post, payment_method)
+        add_customer_data(post, options)
+        add_email(post, options)
+        add_echo(post, options)
+
+        commit(:authorize, post)
+      end
+
+      def capture(amount, authorization, options={})
+        post = {}
+        add_invoice(post, amount, options)
+        add_reference(post, authorization)
+        add_customer_data(post, options)
+        add_echo(post, options)
+
+        commit(:capture, post)
+      end
+
+      def void(authorization, options={})
+        post = {}
+        add_customer_data(post, options)
+        reference_action = add_reference(post, authorization)
+        add_echo(post, options)
+        post[:a1] = generate_unique_id
+
+        commit(:void, post, reference_action)
+      end
+
+      def refund(amount, authorization, options={})
+        post = {}
+        add_invoice(post, amount, options)
+        add_reference(post, authorization)
+        add_customer_data(post, options)
+        add_echo(post, options)
+
+        commit(:refund, post)
+      end
+
+      def credit(amount, payment_method, options={})
+        post = {}
+        add_invoice(post, amount, options)
+        add_payment_method(post, payment_method)
+        add_customer_data(post, options)
+        add_email(post, options)
+        add_echo(post, options)
+
+        commit(:credit, post)
+      end
+
+      def verify(credit_card, options={})
+        MultiResponse.run(:use_first_response) do |r|
+          r.process { authorize(100, credit_card, options) }
+          r.process(:ignore_result) { void(r.authorization, options) }
+        end
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((b1=)\d+), '\1[FILTERED]').
+          gsub(%r((b5=)\d+), '\1[FILTERED]')
+      end
+
+      private
+
+      def add_invoice(post, money, options)
+        post[:a4] = amount(money)
+        post[:a1] = generate_unique_id
+        post[:a5] = options[:currency] || currency(money)
+        post[:h9] = options[:order_id]
+      end
+
+      CARD_TYPES = {
+        "visa" => '1',
+        "mastercard" => '2',
+        "maestro" => '9'
+      }
+
+      def add_payment_method(post, payment_method)
+        post[:c1] = payment_method.name
+        post[:b2] = CARD_TYPES[payment_method.brand] || ''
+        post[:b1] = payment_method.number
+        post[:b5] = payment_method.verification_value
+        post[:b4] = format(payment_method.year, :two_digits)
+        post[:b3] = format(payment_method.month, :two_digits)
+      end
+
+      def add_customer_data(post, options)
+        post[:d1] = options[:ip] || '127.0.0.1'
+        if (billing_address = options[:billing_address])
+          post[:c5] = billing_address[:address1]
+          post[:c7] = billing_address[:city]
+          post[:c10] = billing_address[:zip]
+          post[:c8] = billing_address[:state]
+          post[:c9] = billing_address[:country]
+          post[:c2] = billing_address[:phone]
+        end
+      end
+
+      def add_reference(post, authorization)
+        response_id, authorization_code, request_id, action = authorization.split(";")
+        post[:g2] = response_id
+        post[:g3] = authorization_code
+        post[:g4] = request_id
+        action || :authorize
+      end
+
+      def add_email(post, options)
+        post[:c3] = options[:email] || 'unspecified@example.com'
+      end
+
+      def add_echo(post, options)
+        # The d2 parameter is used during the certification process
+        # See remote tests for full certification test suite
+        post[:d2] = options[:echo] unless options[:echo].blank?
+      end
+
+      ACTIONS = {
+        purchase: '1',
+        authorize: '2',
+        capture: '3',
+        authorize_void:'4',
+        refund: '5',
+        credit: '6',
+        purchase_void: '7',
+        refund_void: '8',
+        capture_void: '9'
+      }
+
+      def commit(action, params, reference_action = nil)
+        raw_response = ssl_post(url, post_data(action, params, reference_action))
+        response = parse(raw_response)
+
+        Response.new(
+          success_from(response),
+          message_from(response),
+          response,
+          authorization: "#{response["Z1"]};#{response["Z4"]};#{response["A1"]};#{action}",
+          avs_result: AVSResult.new(code: response["Z9"]),
+          cvv_result: CVVResult.new(response["Z14"]),
+          test: test?
+        )
+      end
+
+      def sign_request(params)
+        params = params.sort
+        params.each { |param| param[1].gsub!(/[<>()\\]/, ' ') }
+        values = params.map { |param| param[1].strip }
+        Digest::MD5.hexdigest(values.join + @options[:cipher_key])
+      end
+
+      def post_data(action, params, reference_action)
+        params.keys.each { |key| params[key] = params[key].to_s}
+        params[:M] = @options[:merchant_id]
+        params[:O] = request_action(action, reference_action)
+        params[:K] = sign_request(params)
+        params.map {|k, v| "#{k}=#{CGI.escape(v.to_s)}"}.join('&')
+      end
+
+      def request_action(action, reference_action)
+        if reference_action
+          ACTIONS["#{reference_action}_#{action}".to_sym]
+        else
+          ACTIONS[action]
+        end
+      end
+
+      def url
+        test? ? test_url : live_url
+      end
+
+      def parse(body)
+        Hash[CGI::parse(body).map{|k,v| [k.upcase,v.first]}]
+      end
+
+      def success_from(response)
+        response["Z2"] == "0"
+      end
+
+      def message_from(response)
+        if success_from(response)
+          "Succeeded"
+        else
+          RESPONSE_MESSAGES[response["Z6"]] || response["Z3"] || "Unable to read error message"
+        end
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/culqi.rb

@@ -0,0 +1,279 @@
+require 'digest/md5'
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    # Important note:
+    # ===
+    # Culqi merchant accounts are configured for either purchase or auth/capture
+    # modes. This is configured by Culqi when setting up a merchant account and
+    # largely depends on the transaction acquiring bank. Be sure to understand how
+    # your account was configured prior to using this gateway.
+    class CulqiGateway < Gateway
+      self.display_name = "Culqi"
+      self.homepage_url = "https://www.culqi.com"
+
+      self.test_url = "https://staging.paymentz.com/transaction/"
+      self.live_url = "https://secure.culqi.com/transaction/"
+
+      self.supported_countries = ["PE"]
+      self.default_currency = "PEN"
+      self.money_format = :dollars
+      self.supported_cardtypes = [:visa, :master, :diners_club, :american_express]
+
+      def initialize(options={})
+        requires!(options, :merchant_id, :terminal_id, :secret_key)
+        super
+      end
+
+      def purchase(amount, payment_method, options={})
+        authorize(amount, payment_method, options)
+      end
+
+      def authorize(amount, payment_method, options={})
+        if payment_method.is_a?(String)
+          action = :tokenpay
+        else
+          action = :authorize
+        end
+        post = {}
+        add_credentials(post)
+        add_invoice(action, post, amount, options)
+        add_payment_method(post, payment_method, action, options)
+        add_customer_data(post, options)
+        add_checksum(action, post)
+
+        commit(action, post)
+      end
+
+      def capture(amount, authorization, options={})
+        action = :capture
+        post = {}
+        add_credentials(post)
+        add_invoice(action, post, amount, options)
+        add_reference(post, authorization)
+        add_checksum(action, post)
+
+        commit(action, post)
+      end
+
+      def void(authorization, options={})
+        action = :void
+        post = {}
+        add_credentials(post)
+        add_invoice(action, post, nil, options)
+        add_reference(post, authorization)
+        add_checksum(action, post)
+
+        commit(action, post)
+      end
+
+      def refund(amount, authorization, options={})
+        action = :refund
+        post = {}
+        add_credentials(post)
+        add_invoice(action, post, amount, options)
+        add_reference(post, authorization)
+        add_checksum(action, post)
+
+        commit(action, post)
+      end
+
+      def verify(credit_card, options={})
+        MultiResponse.run(:use_first_response) do |r|
+          r.process { authorize(1000, credit_card, options) }
+          r.process(:ignore_result) { void(r.authorization, options) }
+        end
+      end
+
+      def verify_credentials
+        response = void("0", order_id: "0")
+        response.message.include? "Transaction not found"
+      end
+
+      def store(credit_card, options={})
+        action = :tokenize
+        post = {}
+        post[:partnerid] = options[:partner_id] if options[:partner_id]
+        post[:cardholderid] = options[:cardholder_id] if options[:cardholder_id]
+        add_credentials(post)
+        add_payment_method(post, credit_card, action, options)
+        add_customer_data(post, options)
+        add_checksum(action, post)
+
+        commit(action, post)
+      end
+
+      def invalidate(authorization, options={})
+        action = :invalidate
+        post = {}
+        post[:partnerid] = options[:partner_id] if options[:partner_id]
+        add_credentials(post)
+        post[:token] = authorization
+        add_checksum(action, post)
+
+        commit(action, post)
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((cardnumber=)\d+), '\1[FILTERED]').
+          gsub(%r((cvv=)\d+), '\1[FILTERED]')
+      end
+
+      private
+
+      def add_credentials(post)
+        post[:toid] = @options[:merchant_id]
+        post[:totype] = 'Culqi'
+        post[:terminalid] = @options[:terminal_id]
+        post[:language] = 'ENG'
+      end
+
+      def add_invoice(action, post, money, options)
+        case action
+        when :capture
+          post[:captureamount] = amount(money)
+        when :refund
+          post[:refundamount] = amount(money)
+          post[:reason] = 'none'
+        else
+          post[:amount] = amount(money)
+        end
+
+        post[:description] = options[:order_id]
+        post[:redirecturl] = options[:redirect_url] || 'http://www.example.com'
+      end
+
+      def add_payment_method(post, payment_method, action, options)
+        if payment_method.is_a?(String)
+          post[:token] = payment_method
+          post[:cvv] = options[:cvv] if options[:cvv]
+        else
+          post[:cardnumber] = payment_method.number
+          post[:cvv] = payment_method.verification_value
+          post[:firstname], post[:lastname] = payment_method.name.split(' ')
+          if action == :tokenize
+            post[:expirymonth] = format(payment_method.month, :two_digits)
+            post[:expiryyear] = format(payment_method.year, :four_digits)
+          else
+            post[:expiry_month] = format(payment_method.month, :two_digits)
+            post[:expiry_year] = format(payment_method.year, :four_digits)
+          end
+        end
+      end
+
+      def add_customer_data(post, options)
+        post[:emailaddr] = options[:email] || 'unspecified@example.com'
+        if (billing_address = options[:billing_address] || options[:address])
+          post[:street] = [billing_address[:address1], billing_address[:address2]].join(' ')
+          post[:city] = billing_address[:city]
+          post[:state] = billing_address[:state]
+          post[:countrycode] = billing_address[:country]
+          post[:zip]    = billing_address[:zip]
+          post[:telno] = billing_address[:phone]
+          post[:telnocc] = options[:telephone_country_code] || '051'
+        end
+      end
+
+      def add_checksum(action, post)
+        checksum_elements = case action
+        when :capture;  [post[:toid], post[:trackingid], post[:captureamount], @options[:secret_key]]
+        when :void;     [post[:toid], post[:description], post[:trackingid], @options[:secret_key]]
+        when :refund;   [post[:toid], post[:trackingid], post[:refundamount], @options[:secret_key]]
+        when :tokenize; [post[:partnerid], post[:cardnumber], post[:cvv], @options[:secret_key]]
+        when :invalidate; [post[:partnerid], post[:token], @options[:secret_key]]
+        else [post[:toid], post[:totype], post[:amount], post[:description], post[:redirecturl],
+              post[:cardnumber] || post[:token], @options[:secret_key]]
+        end
+
+        post[:checksum] = Digest::MD5.hexdigest(checksum_elements.compact.join('|'))
+      end
+
+      def add_reference(post, authorization)
+        post[:trackingid] = authorization
+      end
+
+      ACTIONS = {
+        authorize: "SingleCallGenericServlet",
+        capture: "SingleCallGenericCaptureServlet",
+        void: "SingleCallGenericVoid",
+        refund: "SingleCallGenericReverse",
+        tokenize: "SingleCallTokenServlet",
+        invalidate: "SingleCallInvalidateToken",
+        tokenpay: "SingleCallTokenTransaction",
+      }
+
+      def commit(action, params)
+        response = begin
+          parse(ssl_post(url + ACTIONS[action], post_data(action, params), headers))
+        rescue ResponseError => e
+          parse(e.response.body)
+        end
+
+        success = success_from(response)
+
+        Response.new(
+          success,
+          message_from(response),
+          response,
+          authorization: success ? authorization_from(response) : nil,
+          cvv_result: success ? cvvresult_from(response) : nil,
+          error_code: success ? nil : error_from(response),
+          test: test?
+        )
+      end
+
+      def headers
+        {
+          "Accept"  => "application/json",
+          "Content-Type"  => "application/x-www-form-urlencoded;charset=UTF-8"
+        }
+      end
+
+      def post_data(action, params)
+        params.map {|k, v| "#{k}=#{CGI.escape(v.to_s)}"}.join('&')
+      end
+
+      def url
+        test? ? test_url : live_url
+      end
+
+      def parse(body)
+        begin
+          JSON.parse(body)
+        rescue JSON::ParserError
+          message = "Invalid JSON response received from CulqiGateway. Please contact CulqiGateway if you continue to receive this message."
+          message += "(The raw response returned by the API was #{body.inspect})"
+          {
+            "status" => "N",
+            "statusdescription" => message
+          }
+        end
+      end
+
+      def success_from(response)
+        response['status'] == 'Y'
+      end
+
+      def message_from(response)
+        response['statusdescription'] || response['statusDescription']
+      end
+
+      def authorization_from(response)
+        response['trackingid'] || response['token']
+      end
+
+      def cvvresult_from(response)
+        CVVResult.new(response['cvvresult'])
+      end
+
+      def error_from(response)
+        response['resultcode']
+      end
+    end
+  end
+end