activemerchant 1.93.0 → 1.98.0

data/lib/active_merchant/billing/gateways/spreedly_core.rb

@@ -35,19 +35,13 @@ module ActiveMerchant #:nodoc:
       # Public: Run a purchase transaction.
       #
       # money          - The monetary amount of the transaction in cents.
-      # payment_method - The CreditCard or the Spreedly payment method token.
+      # payment_method - The CreditCard or Check or the Spreedly payment method token.
       # options        - A hash of options:
       #                  :store - Retain the payment method if the purchase
       #                           succeeds.  Defaults to false.  (optional)
       def purchase(money, payment_method, options = {})
-        if payment_method.is_a?(String)
-          purchase_with_token(money, payment_method, options)
-        else
-          MultiResponse.run do |r|
-            r.process { save_card(options[:store], payment_method, options) }
-            r.process { purchase_with_token(money, r.authorization, options) }
-          end
-        end
+        request = build_transaction_request(money, payment_method, options)
+        commit("gateways/#{options[:gateway_token] || @options[:gateway_token]}/purchase.xml", request)
       end
 
       # Public: Run an authorize transaction.
@@ -58,14 +52,8 @@ module ActiveMerchant #:nodoc:
       #                  :store - Retain the payment method if the authorize
       #                           succeeds.  Defaults to false.  (optional)
       def authorize(money, payment_method, options = {})
-        if payment_method.is_a?(String)
-          authorize_with_token(money, payment_method, options)
-        else
-          MultiResponse.run do |r|
-            r.process { save_card(options[:store], payment_method, options) }
-            r.process { authorize_with_token(money, r.authorization, options) }
-          end
-        end
+        request = build_transaction_request(money, payment_method, options)
+        commit("gateways/#{@options[:gateway_token]}/authorize.xml", request)
       end
 
       def capture(money, authorization, options={})
@@ -79,6 +67,7 @@ module ActiveMerchant #:nodoc:
       def refund(money, authorization, options={})
         request = build_xml_request('transaction') do |doc|
           add_invoice(doc, money, options)
+          add_extra_options(:gateway_specific_fields, doc, options)
         end
 
         commit("transactions/#{authorization}/credit.xml", request)
@@ -155,32 +144,25 @@ module ActiveMerchant #:nodoc:
       end
 
       def purchase_with_token(money, payment_method_token, options)
-        request = auth_purchase_request(money, payment_method_token, options)
+        request = build_transaction_request(money, payment_method_token, options)
         commit("gateways/#{options[:gateway_token] || @options[:gateway_token]}/purchase.xml", request)
       end
 
       def authorize_with_token(money, payment_method_token, options)
-        request = auth_purchase_request(money, payment_method_token, options)
+        request = build_transaction_request(money, payment_method_token, options)
         commit("gateways/#{@options[:gateway_token]}/authorize.xml", request)
       end
 
       def verify_with_token(payment_method_token, options)
-        request = build_xml_request('transaction') do |doc|
-          add_invoice(doc, nil, options)
-          doc.payment_method_token(payment_method_token)
-          doc.retain_on_success(true) if options[:store]
-          add_extra_options(:gateway_specific_fields, doc, options)
-        end
-
+        request = build_transaction_request(nil, payment_method_token, options)
         commit("gateways/#{@options[:gateway_token]}/verify.xml", request)
       end
 
-      def auth_purchase_request(money, payment_method_token, options)
+      def build_transaction_request(money, payment_method, options)
         build_xml_request('transaction') do |doc|
           add_invoice(doc, money, options)
+          add_payment_method(doc, payment_method, options)
           add_extra_options(:gateway_specific_fields, doc, options)
-          doc.payment_method_token(payment_method_token)
-          doc.retain_on_success(true) if options[:store]
         end
       end
 
@@ -190,6 +172,27 @@ module ActiveMerchant #:nodoc:
         doc.order_id(options[:order_id])
         doc.ip(options[:ip]) if options[:ip]
         doc.description(options[:description]) if options[:description]
+
+        if options[:merchant_name_descriptor]
+          doc.merchant_name_descriptor(options[:merchant_name_descriptor])
+        end
+        if options[:merchant_location_descriptor]
+          doc.merchant_location_descriptor(options[:merchant_location_descriptor])
+        end
+      end
+
+      def add_payment_method(doc, payment_method, options)
+        doc.retain_on_success(true) if options[:store]
+
+        if payment_method.is_a?(String)
+          doc.payment_method_token(payment_method)
+        elsif payment_method.is_a?(CreditCard)
+          add_credit_card(doc, payment_method, options)
+        elsif payment_method.is_a?(Check)
+          add_bank_account(doc, payment_method, options)
+        else
+          raise TypeError, 'Payment method not supported'
+        end
       end
 
       def add_credit_card(doc, credit_card, options)
@@ -210,6 +213,17 @@ module ActiveMerchant #:nodoc:
         end
       end
 
+      def add_bank_account(doc, bank_account, options)
+        doc.bank_account do
+          doc.first_name(bank_account.first_name)
+          doc.last_name(bank_account.last_name)
+          doc.bank_routing_number(bank_account.routing_number)
+          doc.bank_account_number(bank_account.account_number)
+          doc.bank_account_type(bank_account.account_type)
+          doc.bank_account_holder_type(bank_account.account_holder_type)
+        end
+      end
+
       def add_extra_options(type, doc, options)
         doc.send(type) do
           extra_options_to_doc(doc, options[type])

data/lib/active_merchant/billing/gateways/stripe.rb

@@ -2,6 +2,8 @@ require 'active_support/core_ext/hash/slice'
 
 module ActiveMerchant #:nodoc:
   module Billing #:nodoc:
+    # This gateway uses an older version of the Stripe API.
+    # To utilize the updated {Payment Intents API}[https://stripe.com/docs/api/payment_intents], integrate with the StripePaymentIntents gateway
     class StripeGateway < Gateway
       self.live_url = 'https://api.stripe.com/v1/'
 
@@ -21,6 +23,8 @@ module ActiveMerchant #:nodoc:
         'unchecked' => 'P'
       }
 
+      DEFAULT_API_VERSION = '2015-04-07'
+
       self.supported_countries = %w(AT AU BE BR CA CH DE DK ES FI FR GB HK IE IT JP LU MX NL NO NZ PT SE SG US)
       self.default_currency = 'USD'
       self.money_format = :cents
@@ -152,7 +156,7 @@ module ActiveMerchant #:nodoc:
 
         response = commit(:post, "charges/#{CGI.escape(identification)}/refunds", post, options)
 
-        if options[:refund_fee_amount] && options[:refund_fee_amount].to_s != '0'
+        if response.success? && options[:refund_fee_amount] && options[:refund_fee_amount].to_s != '0'
           charge = api_request(:get, "charges/#{CGI.escape(identification)}", nil, options)
 
           if application_fee = charge['application_fee']
@@ -300,8 +304,8 @@ module ActiveMerchant #:nodoc:
         add_amount(post, money, options, true)
         post[:type] = type
         if type == 'card'
-          add_creditcard(post, payment, options)
-          post[:card].delete(:name)
+          add_creditcard(post, payment, options, true)
+          add_source_owner(post, payment, options)
         elsif type == 'three_d_secure'
           post[:three_d_secure] = {card: payment}
           post[:redirect] = {return_url: options[:redirect_url]}
@@ -309,6 +313,10 @@ module ActiveMerchant #:nodoc:
         commit(:post, 'sources', post, options)
       end
 
+      def show_source(source_id, options)
+        commit(:get, "sources/#{source_id}", nil, options)
+      end
+
       def create_webhook_endpoint(options, events)
         post = {}
         post[:url] = options[:callback_url]
@@ -322,6 +330,18 @@ module ActiveMerchant #:nodoc:
         commit(:delete, "webhook_endpoints/#{options[:webhook_id]}", {}, options)
       end
 
+      def show_webhook_endpoint(options)
+        options.delete(:stripe_account)
+        commit(:get, "webhook_endpoints/#{options[:webhook_id]}", nil, options)
+      end
+
+      def list_webhook_endpoints(options)
+        params = {}
+        params[:limit] = options[:limit] if options[:limit]
+        options.delete(:stripe_account)
+        commit(:get, "webhook_endpoints?#{post_data(params)}", nil, options)
+      end
+
       def create_post_for_auth_or_purchase(money, payment, options)
         post = {}
 
@@ -331,6 +351,12 @@ module ActiveMerchant #:nodoc:
           add_creditcard(post, payment, options)
         end
 
+        add_charge_details(post, money, payment, options)
+        post
+      end
+
+      # Used internally by Spreedly to populate the charge object for 3DS 1.0 transactions
+      def add_charge_details(post, money, payment, options)
         if emv_payment?(payment)
           add_statement_address(post, options)
           add_emv_metadata(post, payment)
@@ -433,7 +459,7 @@ module ActiveMerchant #:nodoc:
         post[:statement_address][:state] = statement_address[:state]
       end
 
-      def add_creditcard(post, creditcard, options)
+      def add_creditcard(post, creditcard, options, use_sources = false)
         card = {}
         if emv_payment?(creditcard)
           add_emv_creditcard(post, creditcard.icc_data)
@@ -456,7 +482,7 @@ module ActiveMerchant #:nodoc:
             card[:exp_month] = creditcard.month
             card[:exp_year] = creditcard.year
             card[:cvc] = creditcard.verification_value if creditcard.verification_value?
-            card[:name] = creditcard.name if creditcard.name
+            card[:name] = creditcard.name if creditcard.name && !use_sources
           end
 
           if creditcard.is_a?(NetworkTokenizationCreditCard)
@@ -466,7 +492,7 @@ module ActiveMerchant #:nodoc:
           end
           post[:card] = card
 
-          add_address(post, options)
+          add_address(post, options) unless use_sources
         elsif creditcard.kind_of?(String)
           if options[:track_data]
             card[:swipe_data] = options[:track_data]
@@ -514,6 +540,25 @@ module ActiveMerchant #:nodoc:
         post[:metadata][:card_read_method] = creditcard.read_method if creditcard.respond_to?(:read_method)
       end
 
+      def add_source_owner(post, creditcard, options)
+        post[:owner] = {}
+        post[:owner][:name] = creditcard.name if creditcard.name
+        post[:owner][:email] = options[:email] if options[:email]
+
+        if address = options[:billing_address] || options[:address]
+          owner_address = {}
+          owner_address[:line1] = address[:address1] if address[:address1]
+          owner_address[:line2] = address[:address2] if address[:address2]
+          owner_address[:country] = address[:country] if address[:country]
+          owner_address[:postal_code] = address[:zip] if address[:zip]
+          owner_address[:state] = address[:state] if address[:state]
+          owner_address[:city] = address[:city] if address[:city]
+
+          post[:owner][:phone] = address[:phone] if address[:phone]
+          post[:owner][:address] = owner_address
+        end
+      end
+
       def parse(body)
         JSON.parse(body)
       end
@@ -573,7 +618,7 @@ module ActiveMerchant #:nodoc:
       end
 
       def api_version(options)
-        options[:version] || @options[:version] || '2015-04-07'
+        options[:version] || @options[:version] || self.class::DEFAULT_API_VERSION
       end
 
       def api_request(method, endpoint, parameters = nil, options = {})
@@ -616,8 +661,8 @@ module ActiveMerchant #:nodoc:
         return response.fetch('error', {})['charge'] unless success
 
         if url == 'customers'
-          [response['id'], response['sources']['data'].first['id']].join('|')
-        elsif method == :post && url.match(/customers\/.*\/cards/)
+          [response['id'], response.dig('sources', 'data').first&.dig('id')].join('|')
+        elsif method == :post && (url.match(/customers\/.*\/cards/) || url.match(/payment_methods\/.*\/attach/))
           [response['customer'], response['id']].join('|')
         else
           response['id']

data/lib/active_merchant/billing/gateways/stripe_payment_intents.rb

@@ -0,0 +1,267 @@
+require 'active_support/core_ext/hash/slice'
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    # This gateway uses the current Stripe {Payment Intents API}[https://stripe.com/docs/api/payment_intents].
+    # For the legacy API, see the Stripe gateway
+    class StripePaymentIntentsGateway < StripeGateway
+
+      self.supported_countries = %w(AT AU BE BR CA CH DE DK ES FI FR GB HK IE IT JP LU MX NL NO NZ PT SE SG US)
+
+      ALLOWED_METHOD_STATES = %w[automatic manual].freeze
+      ALLOWED_CANCELLATION_REASONS = %w[duplicate fraudulent requested_by_customer abandoned].freeze
+      CREATE_INTENT_ATTRIBUTES = %i[description statement_descriptor receipt_email save_payment_method]
+      CONFIRM_INTENT_ATTRIBUTES = %i[receipt_email return_url save_payment_method setup_future_usage off_session]
+      UPDATE_INTENT_ATTRIBUTES = %i[description statement_descriptor receipt_email setup_future_usage]
+      DEFAULT_API_VERSION = '2019-05-16'
+
+      def create_intent(money, payment_method, options = {})
+        post = {}
+        add_amount(post, money, options, true)
+        add_capture_method(post, options)
+        add_confirmation_method(post, options)
+        add_customer(post, options)
+        add_payment_method_token(post, payment_method, options)
+        add_metadata(post, options)
+        add_return_url(post, options)
+        add_connected_account(post, options)
+        add_shipping_address(post, options)
+        setup_future_usage(post, options)
+        add_exemption(post, options)
+
+        CREATE_INTENT_ATTRIBUTES.each do |attribute|
+          add_whitelisted_attribute(post, options, attribute)
+        end
+
+        commit(:post, 'payment_intents', post, options)
+      end
+
+      def show_intent(intent_id, options)
+        commit(:get, "payment_intents/#{intent_id}", nil, options)
+      end
+
+      def confirm_intent(intent_id, payment_method, options = {})
+        post = {}
+        add_payment_method_token(post, payment_method, options)
+        CONFIRM_INTENT_ATTRIBUTES.each do |attribute|
+          add_whitelisted_attribute(post, options, attribute)
+        end
+
+        commit(:post, "payment_intents/#{intent_id}/confirm", post, options)
+      end
+
+      def create_payment_method(payment_method, options = {})
+        post = {}
+        post[:type] = 'card'
+        post[:card] = {}
+        post[:card][:number] = payment_method.number
+        post[:card][:exp_month] = payment_method.month
+        post[:card][:exp_year] = payment_method.year
+        post[:card][:cvc] = payment_method.verification_value if payment_method.verification_value
+        add_billing_address(post, options)
+
+        commit(:post, 'payment_methods', post, options)
+      end
+
+      def update_intent(money, intent_id, payment_method, options = {})
+        post = {}
+        post[:amount] = money if money
+
+        add_payment_method_token(post, payment_method, options)
+        add_payment_method_types(post, options)
+        add_customer(post, options)
+        add_metadata(post, options)
+        add_shipping_address(post, options)
+        add_connected_account(post, options)
+
+        UPDATE_INTENT_ATTRIBUTES.each do |attribute|
+          add_whitelisted_attribute(post, options, attribute)
+        end
+
+        commit(:post, "payment_intents/#{intent_id}", post, options)
+      end
+
+      def authorize(money, payment_method, options = {})
+        create_intent(money, payment_method, options.merge!(confirm: true, capture_method: 'manual'))
+      end
+
+      def purchase(money, payment_method, options = {})
+        create_intent(money, payment_method, options.merge!(confirm: true, capture_method: 'automatic'))
+      end
+
+      def capture(money, intent_id, options = {})
+        post = {}
+        post[:amount_to_capture] = money
+        add_connected_account(post, options)
+        commit(:post, "payment_intents/#{intent_id}/capture", post, options)
+      end
+
+      def void(intent_id, options = {})
+        post = {}
+        post[:cancellation_reason] = options[:cancellation_reason] if ALLOWED_CANCELLATION_REASONS.include?(options[:cancellation_reason])
+        commit(:post, "payment_intents/#{intent_id}/cancel", post, options)
+      end
+
+      def refund(money, intent_id, options = {})
+        intent = commit(:get, "payment_intents/#{intent_id}", nil, options)
+        charge_id = intent.params.dig('charges', 'data')[0].dig('id')
+        super(money, charge_id, options)
+      end
+
+      # Note: Not all payment methods are currently supported by the {Payment Methods API}[https://stripe.com/docs/payments/payment-methods]
+      # Current implementation will create a PaymentMethod object if the method is a token or credit card
+      # All other types will default to legacy Stripe store
+      def store(payment_method, options = {})
+        params = {}
+        post = {}
+
+        # If customer option is provided, create a payment method and attach to customer id
+        # Otherwise, create a customer, then attach
+        if payment_method.is_a?(StripePaymentToken) || payment_method.is_a?(ActiveMerchant::Billing::CreditCard)
+          add_payment_method_token(params, payment_method, options)
+          if options[:customer]
+            customer_id = options[:customer]
+          else
+            post[:validate] = options[:validate] unless options[:validate].nil?
+            post[:description] = options[:description] if options[:description]
+            post[:email] = options[:email] if options[:email]
+            customer = commit(:post, 'customers', post, options)
+            customer_id = customer.params['id']
+          end
+          commit(:post, "payment_methods/#{params[:payment_method]}/attach", { customer: customer_id }, options)
+        else
+          super(payment, options)
+        end
+      end
+
+      def unstore(identification, options = {}, deprecated_options = {})
+        if identification.include?('pm_')
+          _, payment_method = identification.split('|')
+          commit(:post, "payment_methods/#{payment_method}/detach", nil, options)
+        else
+          super(identification, options, deprecated_options)
+        end
+      end
+
+      private
+
+      def add_whitelisted_attribute(post, options, attribute)
+        post[attribute] = options[attribute] if options[attribute]
+        post
+      end
+
+      def add_capture_method(post, options)
+        capture_method = options[:capture_method].to_s
+        post[:capture_method] = capture_method if ALLOWED_METHOD_STATES.include?(capture_method)
+        post
+      end
+
+      def add_confirmation_method(post, options)
+        confirmation_method = options[:confirmation_method].to_s
+        post[:confirmation_method] = confirmation_method if ALLOWED_METHOD_STATES.include?(confirmation_method)
+        post
+      end
+
+      def add_customer(post, options)
+        customer = options[:customer].to_s
+        post[:customer] = customer if customer.start_with?('cus_')
+        post
+      end
+
+      def add_return_url(post, options)
+        return unless options[:confirm]
+        post[:confirm] = options[:confirm]
+        post[:return_url] = options[:return_url] if options[:return_url]
+        post
+      end
+
+      def add_payment_method_token(post, payment_method, options)
+        return if payment_method.nil?
+
+        if payment_method.is_a?(ActiveMerchant::Billing::CreditCard)
+          p = create_payment_method(payment_method, options)
+          payment_method = p.params['id']
+        end
+
+        if payment_method.is_a?(StripePaymentToken)
+          post[:payment_method] = payment_method.payment_data['id']
+        elsif payment_method.is_a?(String)
+          if payment_method.include?('|')
+            customer_id, payment_method_id = payment_method.split('|')
+            token = payment_method_id
+            post[:customer] = customer_id
+          else
+            token = payment_method
+          end
+          post[:payment_method] = token
+        end
+      end
+
+      def add_payment_method_types(post, options)
+        payment_method_types = options[:payment_method_types] if options[:payment_method_types]
+        return if payment_method_types.nil?
+
+        post[:payment_method_types] = Array(payment_method_types)
+        post
+      end
+
+      def add_exemption(post, options = {})
+        return unless options[:confirm]
+        post[:payment_method_options] ||= {}
+        post[:payment_method_options][:card] ||= {}
+        post[:payment_method_options][:card][:moto] = true if options[:moto]
+      end
+
+      def setup_future_usage(post, options = {})
+        post[:setup_future_usage] = options[:setup_future_usage] if %w( on_session off_session ).include?(options[:setup_future_usage])
+        post[:off_session] = options[:off_session] if options[:off_session] && options[:confirm] == true
+        post
+      end
+
+      def add_connected_account(post, options = {})
+        return unless options[:transfer_destination]
+        post[:transfer_data] = {}
+        post[:transfer_data][:destination] = options[:transfer_destination]
+        post[:transfer_data][:amount] = options[:transfer_amount] if options[:transfer_amount]
+        post[:on_behalf_of] = options[:on_behalf_of] if options[:on_behalf_of]
+        post[:transfer_group] = options[:transfer_group] if options[:transfer_group]
+        post[:application_fee_amount] = options[:application_fee] if options[:application_fee]
+        post
+      end
+
+      def add_billing_address(post, options = {})
+        return unless billing = options[:billing_address] || options[:address]
+        post[:billing_details] = {}
+        post[:billing_details][:address] = {}
+        post[:billing_details][:address][:city] = billing[:city] if billing[:city]
+        post[:billing_details][:address][:country] = billing[:country] if billing[:country]
+        post[:billing_details][:address][:line1] = billing[:address1] if billing[:address1]
+        post[:billing_details][:address][:line2] = billing[:address2] if billing[:address2]
+        post[:billing_details][:address][:postal_code] = billing[:zip] if billing[:zip]
+        post[:billing_details][:address][:state] = billing[:state] if billing[:state]
+        post[:billing_details][:email] = billing[:email] if billing[:email]
+        post[:billing_details][:name] = billing[:name] if billing[:name]
+        post[:billing_details][:phone] = billing[:phone] if billing[:phone]
+        post
+      end
+
+      def add_shipping_address(post, options = {})
+        return unless shipping = options[:shipping]
+        post[:shipping] = {}
+        post[:shipping][:address] = {}
+        post[:shipping][:address][:line1] = shipping[:address][:line1]
+        post[:shipping][:address][:city] = shipping[:address][:city] if shipping[:address][:city]
+        post[:shipping][:address][:country] = shipping[:address][:country] if shipping[:address][:country]
+        post[:shipping][:address][:line2] = shipping[:address][:line2] if shipping[:address][:line2]
+        post[:shipping][:address][:postal_code] = shipping[:address][:postal_code] if shipping[:address][:postal_code]
+        post[:shipping][:address][:state] = shipping[:address][:state] if shipping[:address][:state]
+
+        post[:shipping][:name] = shipping[:name]
+        post[:shipping][:carrier] = shipping[:carrier] if shipping[:carrier]
+        post[:shipping][:phone] = shipping[:phone] if shipping[:phone]
+        post[:shipping][:tracking_number] = shipping[:tracking_number] if shipping[:tracking_number]
+        post
+      end
+    end
+  end
+end