activemerchant 1.78.0 → 1.79.0

data/lib/active_merchant/billing/gateways/paystation.rb

@@ -88,6 +88,16 @@ module ActiveMerchant #:nodoc:
         authorize(0, credit_card, options)
       end
 
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((pstn_cn=)\d*), '\1[FILTERED]').
+          gsub(%r((pstn_cc=)\d*), '\1[FILTERED]')
+      end
+
       private
 
         def new_request

data/lib/active_merchant/billing/gateways/psigate.rb

@@ -86,6 +86,17 @@ module ActiveMerchant #:nodoc:
         commit(nil, nil, options)
       end
 
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((<Passphrase>)[^<]*(</Passphrase>))i, '\1[FILTERED]\2').
+          gsub(%r((<CardNumber>)[^<]*(</CardNumber>))i, '\1[FILTERED]\2').
+          gsub(%r((<CardIDNumber>)[^<]*(</CardIDNumber>))i, '\1[FILTERED]\2')
+      end
+
       private
 
       def commit(money, creditcard, options = {})

data/lib/active_merchant/billing/gateways/qbms.rb

@@ -113,6 +113,17 @@ module ActiveMerchant #:nodoc:
         commit(:query, nil, {})
       end
 
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((<ConnectionTicket>)[^<]*(</ConnectionTicket>))i, '\1[FILTERED]\2').
+          gsub(%r((<CreditCardNumber>)[^<]*(</CreditCardNumber>))i, '\1[FILTERED]\2').
+          gsub(%r((<CardSecurityCode>)[^<]*(</CardSecurityCode>))i, '\1[FILTERED]\2')
+      end
+
       private
 
       def hosted?

data/lib/active_merchant/billing/gateways/realex.rb

@@ -35,7 +35,7 @@ module ActiveMerchant
       self.money_format = :cents
       self.default_currency = 'EUR'
       self.supported_cardtypes = [ :visa, :master, :american_express, :diners_club, :switch, :solo, :laser ]
-      self.supported_countries = %w(IE GB FR BE NL LU IT)
+      self.supported_countries = %w(IE GB FR BE NL LU IT US CA ES)
       self.homepage_url = 'http://www.realexpayments.com/'
       self.display_name = 'Realex'
 
@@ -140,6 +140,7 @@ module ActiveMerchant
           add_card(xml, credit_card)
           xml.tag! 'autosettle', 'flag' => auto_settle_flag(action)
           add_signed_digest(xml, timestamp, @options[:login], sanitize_order_id(options[:order_id]), amount(money), (options[:currency] || currency(money)), credit_card.number)
+          add_network_tokenization_card(xml, credit_card) if credit_card.is_a?(NetworkTokenizationCreditCard)
           add_comments(xml, options)
           add_address_and_customer_info(xml, options)
         end
@@ -251,6 +252,18 @@ module ActiveMerchant
         end
       end
 
+      def add_network_tokenization_card(xml, payment)
+        xml.tag! 'mpi' do
+          xml.tag! 'cavv', payment.payment_cryptogram
+          xml.tag! 'eci', payment.eci
+        end
+        xml.tag! 'supplementarydata' do
+          xml.tag! 'item', 'type' => 'mobile' do
+            xml.tag! 'field01', payment.source.to_s.gsub('_','-')
+          end
+        end
+      end
+
       def format_address_code(address)
         code = [address[:zip].to_s, address[:address1].to_s + address[:address2].to_s]
         code.collect{|e| e.gsub(/\D/, "")}.reject{|e| e.empty?}.join("|")

data/lib/active_merchant/billing/gateways/redsys.rb

@@ -75,7 +75,7 @@ module ActiveMerchant #:nodoc:
         "NOK" => '578',
         "NZD" => '554',
         "PEN" => '604',
-        "PLN" => '616',
+        "PLN" => '985',
         "RUB" => '643',
         "SAR" => '682',
         "SEK" => '752',

data/lib/active_merchant/billing/gateways/safe_charge.rb

@@ -25,7 +25,7 @@ module ActiveMerchant #:nodoc:
         post[:sg_APIType] = 1 if options[:three_d_secure]
         trans_type = options[:three_d_secure] ? "Sale3D" : "Sale"
         add_transaction_data(trans_type, post, money, options)
-        add_payment(post, payment)
+        add_payment(post, payment, options)
         add_customer_details(post, payment, options)
 
         commit(post)
@@ -34,7 +34,7 @@ module ActiveMerchant #:nodoc:
       def authorize(money, payment, options={})
         post = {}
         add_transaction_data("Auth", post, money, options)
-        add_payment(post, payment)
+        add_payment(post, payment, options)
         add_customer_details(post, payment, options)
 
         commit(post)
@@ -69,7 +69,7 @@ module ActiveMerchant #:nodoc:
 
       def credit(money, payment, options={})
         post = {}
-        add_payment(post, payment)
+        add_payment(post, payment, options)
         add_transaction_data("Credit", post, money, options)
         post[:sg_CreditType] = 1
 
@@ -125,14 +125,18 @@ module ActiveMerchant #:nodoc:
         post[:sg_WebsiteID] = options[:website_id] if options[:website_id]
         post[:sg_IPAddress] = options[:ip] if options[:ip]
         post[:sg_VendorID] = options[:vendor_id] if options[:vendor_id]
+        post[:sg_Descriptor] = options[:merchant_descriptor] if options[:merchant_descriptor]
+        post[:sg_MerchantPhoneNumber] = options[:merchant_phone_number] if options[:merchant_phone_number]
+        post[:sg_MerchantName] = options[:merchant_name] if options[:merchant_name]
       end
 
-      def add_payment(post, payment)
+      def add_payment(post, payment, options={})
         post[:sg_NameOnCard] = payment.name
         post[:sg_CardNumber] = payment.number
         post[:sg_ExpMonth] = format(payment.month, :two_digits)
         post[:sg_ExpYear] = format(payment.year, :two_digits)
         post[:sg_CVV2] = payment.verification_value
+        post[:sg_StoredCredentialMode] = (options[:stored_credential_mode] == true ? 1 : 0)
       end
 
       def add_customer_details(post, payment, options)

data/lib/active_merchant/billing/gateways/smart_ps.rb

@@ -229,7 +229,7 @@ module ActiveMerchant #:nodoc:
       end
 
       def commit(action, money, parameters)
-        parameters[:amount]  = amount(money) if money
+        parameters[:amount]  = localized_amount(money, parameters[:currency] || default_currency) if money
         response = parse( ssl_post(self.live_url, post_data(action,parameters)) )
         Response.new(response["response"] == "1", message_from(response), response,
           :authorization => (response["transactionid"] || response["customer_vault_id"]),

data/lib/active_merchant/billing/gateways/spreedly_core.rb

@@ -44,7 +44,7 @@ module ActiveMerchant #:nodoc:
           purchase_with_token(money, payment_method, options)
         else
           MultiResponse.run do |r|
-            r.process { save_card(false, payment_method, options) }
+            r.process { save_card(options[:store], payment_method, options) }
             r.process { purchase_with_token(money, r.authorization, options) }
           end
         end
@@ -62,7 +62,7 @@ module ActiveMerchant #:nodoc:
           authorize_with_token(money, payment_method, options)
         else
           MultiResponse.run do |r|
-            r.process { save_card(false, payment_method, options) }
+            r.process { save_card(options[:store], payment_method, options) }
             r.process { authorize_with_token(money, r.authorization, options) }
           end
         end
@@ -88,6 +88,24 @@ module ActiveMerchant #:nodoc:
         commit("transactions/#{authorization}/void.xml", '')
       end
 
+
+      # Public: Determine whether a credit card is chargeable card and available for purchases.
+      #
+      # payment_method - The CreditCard or the Spreedly payment method token.
+      # options        - A hash of options:
+      #                  :store - Retain the payment method if the verify
+      #                           succeeds.  Defaults to false.  (optional)
+      def verify(payment_method, options = {})
+        if payment_method.is_a?(String)
+          verify_with_token(payment_method, options)
+        else
+          MultiResponse.run do |r|
+            r.process { save_card(options[:store], payment_method, options) }
+            r.process { verify_with_token(r.authorization, options) }
+          end
+        end
+      end
+
       # Public: Store a credit card in the Spreedly vault and retain it.
       #
       # credit_card    - The CreditCard to store
@@ -106,6 +124,13 @@ module ActiveMerchant #:nodoc:
         commit("payment_methods/#{authorization}/redact.xml", '', :put)
       end
 
+      # Public: Get the transaction with the given token.
+      def find(transaction_token)
+        commit("transactions/#{transaction_token}.xml", nil, :get)
+      end
+
+      alias_method :status, :find
+
       def supports_scrubbing?
         true
       end
@@ -140,10 +165,20 @@ module ActiveMerchant #:nodoc:
         commit("gateways/#{@options[:gateway_token]}/authorize.xml", request)
       end
 
+      def verify_with_token(payment_method_token, options)
+        request = build_xml_request('transaction') do |doc|
+          add_invoice(doc, nil, options)
+          doc.payment_method_token(payment_method_token)
+          doc.retain_on_success(true) if options[:store]
+          add_extra_options(:gateway_specific_fields, doc, options)
+        end
+
+        commit("gateways/#{@options[:gateway_token]}/verify.xml", request)
+      end
+
       def auth_purchase_request(money, payment_method_token, options)
         build_xml_request('transaction') do |doc|
           add_invoice(doc, money, options)
-          doc.ip(options[:ip])
           add_extra_options(:gateway_specific_fields, doc, options)
           doc.payment_method_token(payment_method_token)
           doc.retain_on_success(true) if options[:store]
@@ -151,11 +186,11 @@ module ActiveMerchant #:nodoc:
       end
 
       def add_invoice(doc, money, options)
-        doc.amount amount(money)
+        doc.amount amount(money) unless money.nil?
         doc.currency_code(options[:currency] || currency(money) || default_currency)
         doc.order_id(options[:order_id])
-        doc.ip(options[:ip])
-        doc.description(options[:description])
+        doc.ip(options[:ip]) if options[:ip]
+        doc.description(options[:description]) if options[:description]
       end
 
       def add_credit_card(doc, credit_card, options)

data/lib/active_merchant/billing/gateways/stripe.rb

@@ -25,7 +25,7 @@ module ActiveMerchant #:nodoc:
       self.default_currency = 'USD'
       self.money_format = :cents
       self.supported_cardtypes = [:visa, :master, :american_express, :discover, :jcb, :diners_club, :maestro]
-      self.currencies_without_fractions = %w(BIF CLP DJF GNF JPY KMF KRW MGA PYG RWF VND VUV XAF XOF XPF)
+      self.currencies_without_fractions = %w(BIF CLP DJF GNF JPY KMF KRW MGA PYG RWF VND VUV XAF XOF XPF UGX)
 
       self.homepage_url = 'https://stripe.com/'
       self.display_name = 'Stripe'
@@ -549,14 +549,14 @@ module ActiveMerchant #:nodoc:
         add_expand_parameters(parameters, options) if parameters
         response = api_request(method, url, parameters, options)
 
-        success = !response.key?("error")
+        success = success_from(response)
 
         card = card_from_response(response)
         avs_code = AVS_CODE_TRANSLATOR["line1: #{card["address_line1_check"]}, zip: #{card["address_zip_check"]}"]
         cvc_code = CVC_CODE_TRANSLATOR[card["cvc_check"]]
 
         Response.new(success,
-          success ? "Transaction approved" : response["error"]["message"],
+          message_from(success, response),
           response,
           :test => response_is_test?(response),
           :authorization => authorization_from(success, url, method, response),
@@ -568,7 +568,7 @@ module ActiveMerchant #:nodoc:
       end
 
       def authorization_from(success, url, method, response)
-        return response["error"]["charge"] unless success
+        return response.fetch("error", {})["charge"] unless success
 
         if url == "customers"
           [response["id"], response["sources"]["data"].first["id"]].join("|")
@@ -579,6 +579,14 @@ module ActiveMerchant #:nodoc:
         end
       end
 
+      def message_from(success, response)
+        success ? "Transaction approved" : response.fetch("error", {"message" => "No error details"})["message"]
+      end
+
+      def success_from(response)
+        !response.key?("error") && response["status"] != "failed"
+      end
+
       def response_error(raw_response)
         begin
           parse(raw_response)
@@ -626,6 +634,8 @@ module ActiveMerchant #:nodoc:
       end
 
       def error_code_from(response)
+        return STANDARD_ERROR_CODE_MAPPING['processing_error'] unless response['error']
+
         code = response['error']['code']
         decline_code = response['error']['decline_code'] if code == 'card_declined'
 

data/lib/active_merchant/billing/gateways/usa_epay_transaction.rb

@@ -140,7 +140,12 @@ module ActiveMerchant #:nodoc:
 
         if options.has_key? :email
           post[:custemail] = options[:email]
-          post[:custreceipt] = 'No'
+          if options[:cust_receipt]
+            post[:custreceipt] = options[:cust_receipt]
+            post[:custreceiptname] = options[:cust_receipt_name] if options[:cust_receipt_name]
+          else
+            post[:custreceipt] = 'No'
+          end
         end
 
         if options.has_key? :customer

data/lib/active_merchant/billing/gateways/worldpay.rb

@@ -6,7 +6,7 @@ module ActiveMerchant #:nodoc:
 
       self.default_currency = 'GBP'
       self.money_format = :cents
-      self.supported_countries = %w(HK GB AU AD BE CH CY CZ DE DK ES FI FR GI GR HU IE IT LI LU MC MT NL NO NZ PL PT SE SG SI SM TR UM VA)
+      self.supported_countries = %w(HK GB AU AD AR BE BR CA CH CN CO CR CY CZ DE DK ES FI FR GI GR HU IE IN IT JP LI LU MC MT MY MX NL NO NZ PA PE PL PT SE SG SI SM TR UM VA)
       self.supported_cardtypes = [:visa, :master, :american_express, :discover, :jcb, :maestro, :laser, :switch]
       self.currencies_without_fractions = %w(HUF IDR ISK JPY KRW)
       self.currencies_with_three_decimal_places = %w(BHD KWD OMR RSD TND)
@@ -55,7 +55,7 @@ module ActiveMerchant #:nodoc:
 
       def void(authorization, options = {})
         MultiResponse.run do |r|
-          r.process{inquire_request(authorization, options, "AUTHORISED")}
+          r.process{inquire_request(authorization, options, "AUTHORISED")} unless options[:authorization_validated]
           r.process{cancel_request(authorization, options)}
         end
       end
@@ -83,7 +83,7 @@ module ActiveMerchant #:nodoc:
       def verify(credit_card, options={})
         MultiResponse.run(:use_first_response) do |r|
           r.process { authorize(100, credit_card, options) }
-          r.process(:ignore_result) { void(r.authorization, options) }
+          r.process(:ignore_result) { void(r.authorization, options.merge(:authorization_validated => true)) }
         end
       end
 
@@ -101,27 +101,27 @@ module ActiveMerchant #:nodoc:
       private
 
       def authorize_request(money, payment_method, options)
-        commit('authorize', build_authorization_request(money, payment_method, options), "AUTHORISED")
+        commit('authorize', build_authorization_request(money, payment_method, options), "AUTHORISED", options)
       end
 
       def capture_request(money, authorization, options)
-        commit('capture', build_capture_request(money, authorization, options), :ok)
+        commit('capture', build_capture_request(money, authorization, options), :ok, options)
       end
 
       def cancel_request(authorization, options)
-        commit('cancel', build_void_request(authorization, options), :ok)
+        commit('cancel', build_void_request(authorization, options), :ok, options)
       end
 
       def inquire_request(authorization, options, *success_criteria)
-        commit('inquiry', build_order_inquiry_request(authorization, options), *success_criteria)
+        commit('inquiry', build_order_inquiry_request(authorization, options), *success_criteria, options)
       end
 
       def refund_request(money, authorization, options)
-        commit('refund', build_refund_request(money, authorization, options), :ok)
+        commit('refund', build_refund_request(money, authorization, options), :ok, options)
       end
 
       def credit_request(money, payment_method, options)
-        commit('credit', build_authorization_request(money, payment_method, options), :ok)
+        commit('credit', build_authorization_request(money, payment_method, options), :ok, options)
       end
 
       def build_request
@@ -252,9 +252,13 @@ module ActiveMerchant #:nodoc:
       end
 
       def add_email(xml, options)
-        return unless options[:email]
+        return unless options[:execute_threed] || options[:email]
         xml.tag! 'shopper' do
-          xml.tag! 'shopperEmailAddress', options[:email]
+          xml.tag! 'shopperEmailAddress', options[:email] if  options[:email]
+          xml.tag! 'browser' do
+            xml.tag! 'acceptHeader', options[:accept_header]
+            xml.tag! 'userAgentHeader', options[:user_agent]
+          end
         end
       end
 
@@ -321,9 +325,24 @@ module ActiveMerchant #:nodoc:
         raw
       end
 
-      def commit(action, request, *success_criteria)
-        xmr = ssl_post(url, request, 'Content-Type' => 'text/xml', 'Authorization' => encoded_credentials)
-        raw = parse(action, xmr)
+      def headers(options)
+        headers = {
+          'Content-Type' => 'text/xml',
+          'Authorization' => encoded_credentials
+        }
+        if options[:cookie]
+          headers.merge!('Set-Cookie' => options[:cookie]) if options[:cookie]
+        end
+        headers
+      end
+
+      def commit(action, request, *success_criteria, options)
+        xml = ssl_post(url, request, headers(options))
+        raw = parse(action, xml)
+        if options[:execute_threed]
+          raw[:cookie] = @cookie
+          raw[:session_id] = options[:session_id]
+        end
         success, message = success_and_message_from(raw, success_criteria)
 
         Response.new(
@@ -346,6 +365,18 @@ module ActiveMerchant #:nodoc:
         test? ? self.test_url : self.live_url
       end
 
+      # Override the regular handle response so we can access the headers
+      # Set-Cookie value is needed for 3DS transactions
+      def handle_response(response)
+        case response.code.to_i
+        when 200...300
+          @cookie = response.response['Set-Cookie']
+          response.body
+        else
+          raise ResponseError.new(response)
+        end
+      end
+
       # success_criteria can be:
       #   - a string or an array of strings (if one of many responses)
       #   - An array of strings if one of many responses could be considered a

data/lib/active_merchant/connection.rb

@@ -5,6 +5,7 @@ require 'benchmark'
 
 module ActiveMerchant
   class Connection
+    using NetHttpSslConnection
     include NetworkConnectionRetries
 
     MAX_RETRIES = 3
@@ -21,6 +22,11 @@ module ActiveMerchant
     attr_accessor :read_timeout
     attr_accessor :verify_peer
     attr_accessor :ssl_version
+    if Net::HTTP.instance_methods.include?(:min_version=)
+      attr_accessor :min_version
+      attr_accessor :max_version
+    end
+    attr_reader :ssl_connection
     attr_accessor :ca_file
     attr_accessor :ca_path
     attr_accessor :pem
@@ -44,7 +50,12 @@ module ActiveMerchant
       @max_retries  = MAX_RETRIES
       @ignore_http_status = false
       @ssl_version = nil
-      @proxy_address = nil
+      if Net::HTTP.instance_methods.include?(:min_version=)
+        @min_version = nil
+        @max_version = nil
+      end
+      @ssl_connection = {}
+      @proxy_address = :ENV
       @proxy_port = nil
     end
 
@@ -63,6 +74,10 @@ module ActiveMerchant
           result = nil
 
           realtime = Benchmark.realtime do
+            http.start unless http.started?
+            @ssl_connection = http.ssl_connection
+            info "connection_ssl_version=#{ssl_connection[:version]} connection_ssl_cipher=#{ssl_connection[:cipher]}", tag
+
             result = case method
             when :get
               raise ArgumentError, "GET requests do not support a request body" if body
@@ -80,8 +95,14 @@ module ActiveMerchant
               # It's kind of ambiguous whether the RFC allows bodies
               # for DELETE requests. But Net::HTTP's delete method
               # very unambiguously does not.
-              raise ArgumentError, "DELETE requests do not support a request body" if body
-              http.delete(endpoint.request_uri, headers)
+              if body
+                debug body
+                req = Net::HTTP::Delete.new(endpoint.request_uri, headers)
+                req.body = body
+                http.request(req)
+              else
+                http.delete(endpoint.request_uri, headers)
+              end
             else
               raise ArgumentError, "Unsupported request method #{method.to_s.upcase}"
             end
@@ -95,16 +116,20 @@ module ActiveMerchant
 
     ensure
       info "connection_request_total_time=%.4fs" % [Process.clock_gettime(Process::CLOCK_MONOTONIC) - request_start], tag
+      http.finish if http.started?
     end
 
     private
+
     def http
-      http = Net::HTTP.new(endpoint.host, endpoint.port, proxy_address, proxy_port)
-      configure_debugging(http)
-      configure_timeouts(http)
-      configure_ssl(http)
-      configure_cert(http)
-      http
+      @http ||= begin
+        http = Net::HTTP.new(endpoint.host, endpoint.port, proxy_address, proxy_port)
+        configure_debugging(http)
+        configure_timeouts(http)
+        configure_ssl(http)
+        configure_cert(http)
+        http
+      end
     end
 
     def configure_debugging(http)
@@ -121,6 +146,10 @@ module ActiveMerchant
 
       http.use_ssl = true
       http.ssl_version = ssl_version if ssl_version
+      if http.respond_to?(:min_version=)
+        http.min_version = min_version if min_version
+        http.max_version = max_version if max_version
+      end
 
       if verify_peer
         http.verify_mode = OpenSSL::SSL::VERIFY_PEER