RubyGems - activemerchant - Versions diffs - 1.8.0 → 1.9.0 - Mend

activemerchant 1.8.0 → 1.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (30) hide show

data/lib/active_merchant/billing/integrations/direc_pay/notification.rb ADDED

@@ -0,0 +1,76 @@
+require 'net/http'
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    module Integrations #:nodoc:
+      module DirecPay
+        class Notification < ActiveMerchant::Billing::Integrations::Notification
+          RESPONSE_PARAMS = ['DirecPay Reference ID', 'Flag', 'Country', 'Currency', 'Other Details', 'Merchant Order No', 'Amount']
+          def acknowledge
+            true
+          end
+          def complete?
+            status == 'Completed' || status == 'Pending'
+          end
+          def status
+            case params['Flag']
+            when 'SUCCESS'
+              'Completed'
+            when 'PENDING'
+              'Pending'
+            when 'FAIL'
+              'Failed'
+            else
+              'Error'
+            end
+          end
+          def item_id
+            params['Merchant Order No']
+          end
+          def transaction_id
+            params['DirecPay Reference ID']
+          end
+          # the money amount we received in X.2 decimal
+          def gross
+            params['Amount']
+          end
+          def currency
+            params['Currency']
+          end
+          def country
+            params['Country']
+          end
+          def other_details
+            params['Other Details']
+          end
+          def test?
+            false
+          end
+          # Take the posted data and move the relevant data into a hash
+          def parse(post)
+            super
+            values = params['responseparams'].to_s.split('|')
+            response_params = values.size == 3 ? ['DirecPay Reference ID', 'Flag', 'Error message'] : RESPONSE_PARAMS
+            response_params.each_with_index do |name, index|
+              params[name] = values[index]
+            end
+            params
+          end
+        end
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/integrations/direc_pay/return.rb ADDED

@@ -0,0 +1,32 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    module Integrations #:nodoc:
+      module DirecPay
+        class Return < ActiveMerchant::Billing::Integrations::Return
+          def initialize(post_data, options = {})
+            @notification = Notification.new(treat_failure_as_pending(post_data), options)
+          end
+          def success?
+            notification.complete?
+          end
+          def message
+            notification.status
+          end
+          private
+          # Work around the issue that the initial return from DirecPay is always either SUCCESS or FAIL, there is no PENDING
+          def treat_failure_as_pending(post_data)
+            post_data.sub(/FAIL/, 'PENDING')
+          end
+        end
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/integrations/direc_pay/status.rb ADDED

@@ -0,0 +1,37 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    module Integrations #:nodoc:
+      module DirecPay
+        class Status
+          include PostsData
+          STATUS_TEST_URL = 'https://test.timesofmoney.com/direcpay/secure/dpPullMerchAtrnDtls.jsp'
+          STATUS_LIVE_URL = 'https://www.timesofmoney.com/direcpay/secure/dpPullMerchAtrnDtls.jsp'
+          attr_reader :account, :options
+          def initialize(account, options = {})
+            @account, @options = account, options
+          end
+          # Use this method to manually request a status update to the provided notification_url
+          def update(authorization, notification_url)
+            url = test? ? STATUS_TEST_URL : STATUS_LIVE_URL
+            parameters = [ authorization, account, notification_url ]
+            data = PostData.new
+            data[:requestparams] = parameters.join('|')
+            response = ssl_get("#{url}?#{data.to_post_data}")
+          end
+          def test?
+            ActiveMerchant::Billing::Base.integration_mode == :test || options[:test]
+          end
+        end
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/integrations/gestpay.rb CHANGED

@@ -16,7 +16,7 @@ module ActiveMerchant #:nodoc:
           Notification.new(post)
         end
-        def self.return(query_string)
+        def self.return(query_string, options = {})
           Return.new(query_string)
         end
       end

data/lib/active_merchant/billing/integrations/helper.rb CHANGED

@@ -14,12 +14,15 @@ module ActiveMerchant #:nodoc:
         self.application_id = 'ActiveMerchant'
         def initialize(order, account, options = {})
-          options.assert_valid_keys([:amount, :currency, :test])
+          options.assert_valid_keys([:amount, :currency, :test, :credential2, :credential3, :credential4])
           @fields = {}
-          self.order = order
-          self.account = account
-          self.amount = options[:amount]
-          self.currency = options[:currency]
+          self.order       = order
+          self.account     = account
+          self.amount      = options[:amount]
+          self.currency    = options[:currency]
+          self.credential2 = options[:credential2]
+          self.credential3 = options[:credential3]
+          self.credential4 = options[:credential4]
         end
         def self.mapping(attribute, options = {})

data/lib/active_merchant/billing/integrations/hi_trust.rb CHANGED

@@ -18,7 +18,7 @@ module ActiveMerchant #:nodoc:
           Notification.new(post)
         end
-        def self.return(query_string)
+        def self.return(query_string, options = {})
           Return.new(query_string)
         end
       end

data/lib/active_merchant/billing/integrations/nochex.rb CHANGED

@@ -79,7 +79,7 @@ module ActiveMerchant #:nodoc:
           Notification.new(post)
         end
-        def self.return(query_string)
+        def self.return(query_string, options = {})
           Return.new(query_string)
         end
       end

data/lib/active_merchant/billing/integrations/paypal.rb CHANGED

@@ -30,7 +30,7 @@ module ActiveMerchant #:nodoc:
           Notification.new(post)
         end
-        def self.return(query_string)
+        def self.return(query_string, options = {})
           Return.new(query_string)
         end
       end

data/lib/active_merchant/billing/integrations/return.rb CHANGED

@@ -3,9 +3,11 @@ module ActiveMerchant #:nodoc:
     module Integrations #:nodoc:
       class Return
         attr_accessor :params
+        attr_reader :notification
-        def initialize(query_string)
-          @params = parse(query_string)
+        def initialize(query_string, options = {})
+          @params  = parse(query_string)
+          @options = options
         end
         # Successful by default. Overridden in the child class

data/lib/active_merchant/billing/integrations/sage_pay_form.rb ADDED

@@ -0,0 +1,37 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    module Integrations #:nodoc:
+      module SagePayForm
+        autoload :Helper,       File.dirname(__FILE__) + '/sage_pay_form/helper.rb'
+        autoload :Return,       File.dirname(__FILE__) + '/sage_pay_form/return.rb'
+        autoload :Notification, File.dirname(__FILE__) + '/sage_pay_form/notification.rb'
+        autoload :Encryption,   File.dirname(__FILE__) + '/sage_pay_form/encryption.rb'
+        mattr_accessor :production_url
+        mattr_accessor :test_url
+        mattr_accessor :simulate_url
+        self.production_url = 'https://live.sagepay.com/gateway/service/vspform-register.vsp'
+        self.test_url       = 'https://test.sagepay.com/gateway/service/vspform-register.vsp'
+        self.simulate_url   = 'https://test.sagepay.com/Simulator/VSPFormGateway.asp'
+        def self.return(query_string, options = {})
+          Return.new(query_string, options)
+        end
+        def self.service_url
+          mode = ActiveMerchant::Billing::Base.integration_mode
+          case mode
+          when :production
+            self.production_url
+          when :test
+            self.test_url
+          when :simulate
+            self.simulate_url
+          else
+            raise StandardError, "Integration mode set to an invalid value: #{mode}"
+          end
+        end
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/integrations/sage_pay_form/encryption.rb ADDED

@@ -0,0 +1,33 @@
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    module Integrations #:nodoc:
+      module SagePayForm
+        module Encryption
+          def sage_encrypt(plaintext, key)
+            ActiveSupport::Base64.encode64s(sage_encrypt_xor(plaintext, key))
+          end
+          def sage_decrypt(ciphertext, key)
+            sage_encrypt_xor(ActiveSupport::Base64.decode64(ciphertext), key)
+          end
+          def sage_encrypt_salt(min, max)
+            length = rand(max - min + 1) + min
+            SecureRandom.base64(length + 4)[0, length]
+          end
+          private
+          def sage_encrypt_xor(data, key)
+            raise 'No key provided' if key.blank?
+            key *= (data.length.to_f / key.length.to_f).ceil
+            key = key[0, data.length]
+            data.bytes.zip(key.bytes).map { |b1, b2| (b1 ^ b2).chr }.join
+          end
+        end
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/integrations/sage_pay_form/helper.rb ADDED

@@ -0,0 +1,109 @@
+require 'uri'
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    module Integrations #:nodoc:
+      module SagePayForm
+        class Helper < ActiveMerchant::Billing::Integrations::Helper
+          include Encryption
+          mapping :credential2, 'EncryptKey'
+          mapping :account, 'Vendor'
+          mapping :amount, 'Amount'
+          mapping :currency, 'Currency'
+          mapping :order, 'VendorTxCode'
+          mapping :customer,
+            :first_name => 'BillingFirstnames',
+            :last_name  => 'BillingSurname',
+            :email      => 'CustomerEMail',
+            :phone      => 'BillingPhone'
+          mapping :billing_address,
+            :city     => 'BillingCity',
+            :address1 => 'BillingAddress1',
+            :address2 => 'BillingAddress2',
+            :state    => 'BillingState',
+            :zip      => 'BillingPostCode',
+            :country  => 'BillingCountry'
+          mapping :shipping_address,
+            :city     => 'DeliveryCity',
+            :address1 => 'DeliveryAddress1',
+            :address2 => 'DeliveryAddress2',
+            :state    => 'DeliveryState',
+            :zip      => 'DeliveryPostCode',
+            :country  => 'DeliveryCountry'
+          mapping :return_url, 'SuccessURL'
+          mapping :description, 'Description'
+          def form_fields
+            fields['DeliveryFirstnames'] ||= fields['BillingFirstnames']
+            fields['DeliverySurname']    ||= fields['BillingSurname']
+            fields['FailureURL'] ||= fields['SuccessURL']
+            crypt_skip = ['Vendor', 'EncryptKey']
+            crypt_skip << 'BillingState'  unless fields['BillingCountry']  == 'US'
+            crypt_skip << 'DeliveryState' unless fields['DeliveryCountry'] == 'US'
+            key = fields['EncryptKey']
+            @crypt ||= create_crypt_field(fields.except(*crypt_skip), key)
+            {
+              'VPSProtocol' => '2.23',
+              'TxType' => 'PAYMENT',
+              'Vendor' => @fields['Vendor'],
+              'Crypt'  => @crypt
+            }
+          end
+          private
+          def create_crypt_field(fields, key)
+            parts = fields.map { |k, v| "#{k}=#{sanitize(k, v)}" unless v.nil? }.compact.shuffle
+            parts.unshift(sage_encrypt_salt(key.length, key.length * 2))
+            sage_encrypt(parts.join('&'), key)
+          end
+          def sanitize(key, value)
+            reject = exact = nil
+            case key
+            when /URL$/
+              # allow all
+            when 'VendorTxCode'
+              reject = /[^A-Za-z0-9{}._-]+/
+            when /[Nn]ames?$/
+              reject = %r{[^[:alpha:] /\\.'-]+}
+            when /(?:Address[12]|City)$/
+              reject = %r{[^[:alnum:] +'/\\:,.\n()-]+}
+            when /PostCode$/
+              reject = /[^A-Za-z0-9 -]+/
+            when /Phone$/
+              reject = /[^0-9A-Za-z+ ()-]+/
+            when 'Currency'
+              exact = /^[A-Z]{3}$/
+            when /State$/
+              exact = /^[A-Z]{2}$/
+            else
+              reject = /&+/
+            end
+            if exact
+              raise ArgumentError, "Invalid value for #{key}: #{value.inspect}" unless value =~ exact
+              value
+            elsif reject
+              value.gsub(reject, ' ')
+            else
+              value
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/active_merchant/billing/integrations/sage_pay_form/notification.rb ADDED

@@ -0,0 +1,204 @@
+require 'net/http'
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    module Integrations #:nodoc:
+      module SagePayForm
+        class Notification < ActiveMerchant::Billing::Integrations::Notification
+          class CryptError < StandardError; end
+          include Encryption
+          def initialize(post_data, options)
+            super
+            load_crypt_params(params['crypt'], options[:credential2])
+          end
+          # Was the transaction complete?
+          def complete?
+            status_code == 'OK'
+          end
+          # Text version of #complete?, since we don't support Pending.
+          def status
+            complete? ? 'Completed' : 'Failed'
+          end
+          # Status of transaction. List of possible values:
+          # <tt>OK</tt>:: Transaction completed successfully.
+          # <tt>NOTAUTHED</tt>:: Incorrect card details / insufficient funds.
+          # <tt>MALFORMED</tt>:: Invalid input data.
+          # <tt>INVALID</tt>:: Valid input data, but some fields are incorrect.
+          # <tt>ABORT</tt>:: User hit cancel button or went idle for 15+ minutes.
+          # <tt>REJECTED</tt>:: Rejected by account fraud screening rules.
+          # <tt>AUTHENTICATED</tt>:: Authenticated card details secured at SagePay.
+          # <tt>REGISTERED</tt>:: Non-authenticated card details secured at SagePay.
+          # <tt>ERROR</tt>:: Problem internal to SagePay.
+          def status_code
+            params['Status']
+          end
+          # Check this if #completed? is false.
+          def message
+            params['StatusDetail']
+          end
+          # Vendor-supplied code (:order mapping).
+          def item_id
+            params['VendorTxCode']
+          end
+          # Internal SagePay code, typically "{LONG-UUID}".
+          def transaction_id
+            params['VPSTxId']
+          end
+          # Authorization number (only if #completed?).
+          def auth_id
+            params['TxAuthNo']
+          end
+          # Total amount (no fees).
+          def gross
+            params['Amount']
+          end
+          # AVS and CV2 check results.  Possible values:
+          # <tt>ALL MATCH</tt>::
+          # <tt>SECURITY CODE MATCH ONLY</tt>::
+          # <tt>ADDRESS MATCH ONLY</tt>::
+          # <tt>NO DATA MATCHES</tt>::
+          # <tt>DATA NOT CHECKED</tt>::
+          def avs_cv2_result
+            params['AVSCV2']
+          end
+          # Numeric address check.  Possible values:
+          # <tt>NOTPROVIDED</tt>::
+          # <tt>NOTCHECKED</tt>::
+          # <tt>MATCHED</tt>::
+          # <tt>NOTMATCHED</tt>::
+          def address_result
+            params['AddressResult']
+          end
+          # Post code check.  Possible values:
+          # <tt>NOTPROVIDED</tt>::
+          # <tt>NOTCHECKED</tt>::
+          # <tt>MATCHED</tt>::
+          # <tt>NOTMATCHED</tt>::
+          def post_code_result
+            params['PostCodeResult']
+          end
+          # CV2 code check.  Possible values:
+          # <tt>NOTPROVIDED</tt>::
+          # <tt>NOTCHECKED</tt>::
+          # <tt>MATCHED</tt>::
+          # <tt>NOTMATCHED</tt>::
+          def cv2_result
+            params['CV2Result']
+          end
+          # Was the Gift Aid box checked?
+          def gift_aid?
+            params['GiftAid'] == '1'
+          end
+          # Result of 3D Secure checks.  Possible values:
+          # <tt>OK</tt>:: Authenticated correctly.
+          # <tt>NOTCHECKED</tt>:: Authentication not performed.
+          # <tt>NOTAVAILABLE</tt>:: Card not auth-capable, or auth is otherwise impossible.
+          # <tt>NOTAUTHED</tt>:: User failed authentication.
+          # <tt>INCOMPLETE</tt>:: Authentication unable to complete.
+          # <tt>ERROR</tt>:: Unable to attempt authentication due to data / service errors.
+          def buyer_auth_result
+            params['3DSecureStatus']
+          end
+          # Encoded 3D Secure result code.
+          def buyer_auth_result_code
+            params['CAVV']
+          end
+          # Address confirmation status.  PayPal only.  Possible values:
+          # <tt>NONE</tt>::
+          # <tt>CONFIRMED</tt>::
+          # <tt>UNCONFIRMED</tt>::
+          def address_status
+            params['AddressStatus']
+          end
+          # Payer verification.  Undocumented.
+          def payer_verified?
+            params['PayerStatus'] == 'VERIFIED'
+          end
+          # Credit card type.  Possible values:
+          # <tt>VISA</tt>:: Visa
+          # <tt>MC</tt>:: MasterCard
+          # <tt>DELTA</tt>:: Delta
+          # <tt>SOLO</tt>:: Solo
+          # <tt>MAESTRO</tt>:: Maestro (UK and International)
+          # <tt>UKE</tt>:: Visa Electron
+          # <tt>AMEX</tt>:: American Express
+          # <tt>DC</tt>:: Diners Club
+          # <tt>JCB</tt>:: JCB
+          # <tt>LASER</tt>:: Laser
+          # <tt>PAYPAL</tt>:: PayPal
+          def credit_card_type
+            params['CardType']
+          end
+          # Last four digits of credit card.
+          def credit_card_last_4_digits
+            params['Last4Digits']
+          end
+          # Used by composition methods, but not supplied by SagePay.
+          def currency
+            nil
+          end
+          def test?
+            false
+          end
+          def acknowledge
+            true
+          end
+          private
+          def load_crypt_params(crypt, key)
+            raise MissingCryptData if crypt.blank?
+            raise MissingCryptKey  if key.blank?
+            crypt_data = sage_decrypt(crypt.gsub(' ', '+'), key)
+            raise InvalidCryptData unless crypt_data =~ /(^|&)Status=/
+            params.clear
+            parse(crypt_data)
+          end
+          class MissingCryptKey  < CryptError
+            def message
+              'No merchant decryption key supplied'
+            end
+          end
+          class MissingCryptData < CryptError
+            def message
+              'No data received from SagePay'
+            end
+          end
+          class InvalidCryptData < CryptError
+            def message
+              'Invalid data received from SagePay'
+            end
+          end
+        end
+      end
+    end
+  end
+end