activemerchant 1.94.0 → 1.99.0

data/lib/active_merchant/billing/gateways/qvalent.rb

@@ -27,6 +27,7 @@ module ActiveMerchant #:nodoc:
         add_order_number(post, options)
         add_payment_method(post, payment_method)
         add_verification_value(post, payment_method)
+        add_stored_credential_data(post, payment_method, options)
         add_customer_data(post, options)
         add_soft_descriptors(post, options)
 
@@ -39,6 +40,7 @@ module ActiveMerchant #:nodoc:
         add_order_number(post, options)
         add_payment_method(post, payment_method)
         add_verification_value(post, payment_method)
+        add_stored_credential_data(post, payment_method, options)
         add_customer_data(post, options)
         add_soft_descriptors(post, options)
 
@@ -61,6 +63,7 @@ module ActiveMerchant #:nodoc:
         add_reference(post, authorization, options)
         add_customer_data(post, options)
         add_soft_descriptors(post, options)
+        post['order.ECI'] = options[:eci] || 'SSL'
 
         commit('refund', post)
       end
@@ -124,7 +127,6 @@ module ActiveMerchant #:nodoc:
       def add_invoice(post, money, options)
         post['order.amount'] = amount(money)
         post['card.currency'] = CURRENCY_CODES[options[:currency] || currency(money)]
-        post['order.ECI'] = options[:eci] || 'SSL'
       end
 
       def add_payment_method(post, payment_method)
@@ -134,6 +136,46 @@ module ActiveMerchant #:nodoc:
         post['card.expiryMonth'] = format(payment_method.month, :two_digits)
       end
 
+      def add_stored_credential_data(post, payment_method, options)
+        post['order.ECI'] = options[:eci] || eci(options)
+        if (stored_credential = options[:stored_credential]) && %w(visa master).include?(payment_method.brand)
+          post['card.posEntryMode'] = stored_credential[:initial_transaction] ? 'MANUAL' : 'STORED_CREDENTIAL'
+          stored_credential_usage(post, payment_method, options) unless stored_credential[:initiator] && stored_credential[:initiator] == 'cardholder'
+          post['order.authTraceId'] = stored_credential[:network_transaction_id] if stored_credential[:network_transaction_id]
+        end
+      end
+
+      def stored_credential_usage(post, payment_method, options)
+        return unless payment_method.brand == 'visa'
+        stored_credential = options[:stored_credential]
+        if stored_credential[:initial_transaction]
+          post['card.storedCredentialUsage'] = 'INITIAL_STORAGE'
+        elsif stored_credential[:reason_type] == ('recurring' || 'installment')
+          post['card.storedCredentialUsage'] = 'RECURRING'
+        elsif stored_credential[:reason_type] == 'unscheduled'
+          post['card.storedCredentialUsage'] = 'UNSCHEDULED'
+        end
+      end
+
+      def eci(options)
+        if options.dig(:stored_credential, :initial_transaction)
+          'SSL'
+        elsif options.dig(:stored_credential, :initiator) && options[:stored_credential][:initiator] == 'cardholder'
+          'MTO'
+        elsif options.dig(:stored_credential, :reason_type)
+          case options[:stored_credential][:reason_type]
+          when 'recurring'
+            'REC'
+          when 'installment'
+            'INS'
+          when 'unscheduled'
+            'MTO'
+          end
+        else
+          'SSL'
+        end
+      end
+
       def add_verification_value(post, payment_method)
         post['card.CVN'] = payment_method.verification_value
       end

data/lib/active_merchant/billing/gateways/realex.rb

@@ -42,7 +42,8 @@ module ActiveMerchant
 
       def initialize(options = {})
         requires!(options, :login, :password)
-        options[:refund_hash] = Digest::SHA1.hexdigest(options[:rebate_secret]) if options.has_key?(:rebate_secret)
+        options[:refund_hash] = Digest::SHA1.hexdigest(options[:rebate_secret]) if options[:rebate_secret].present?
+        options[:credit_hash] = Digest::SHA1.hexdigest(options[:refund_secret]) if options[:refund_secret].present?
         super
       end
 
@@ -70,9 +71,9 @@ module ActiveMerchant
         commit(request)
       end
 
-      def credit(money, authorization, options = {})
-        ActiveMerchant.deprecated CREDIT_DEPRECATION_MESSAGE
-        refund(money, authorization, options)
+      def credit(money, creditcard, options = {})
+        request = build_credit_request(money, creditcard, options)
+        commit(request)
       end
 
       def void(authorization, options = {})
@@ -184,6 +185,22 @@ module ActiveMerchant
         xml.target!
       end
 
+      def build_credit_request(money, credit_card, options)
+        timestamp = new_timestamp
+        xml = Builder::XmlMarkup.new :indent => 2
+        xml.tag! 'request', 'timestamp' => timestamp, 'type' => 'credit' do
+          add_merchant_details(xml, options)
+          xml.tag! 'orderid', sanitize_order_id(options[:order_id])
+          add_amount(xml, money, options)
+          add_card(xml, credit_card)
+          xml.tag! 'refundhash', @options[:credit_hash] if @options[:credit_hash]
+          xml.tag! 'autosettle', 'flag' => 1
+          add_comments(xml, options)
+          add_signed_digest(xml, timestamp, @options[:login], sanitize_order_id(options[:order_id]), amount(money), (options[:currency] || currency(money)), credit_card.number)
+        end
+        xml.target!
+      end
+
       def build_void_request(authorization, options)
         timestamp = new_timestamp
         xml = Builder::XmlMarkup.new :indent => 2
@@ -289,12 +306,18 @@ module ActiveMerchant
       end
 
       def add_three_d_secure(xml, options)
-        if options[:three_d_secure]
-          xml.tag! 'mpi' do
-            xml.tag! 'cavv', options[:three_d_secure][:cavv]
-            xml.tag! 'eci', options[:three_d_secure][:eci]
-            xml.tag! 'xid', options[:three_d_secure][:xid]
+        return unless three_d_secure = options[:three_d_secure]
+        version = three_d_secure.fetch(:version, '')
+        xml.tag! 'mpi' do
+          if version =~ /^2/
+            xml.tag! 'authentication_value', three_d_secure[:cavv]
+            xml.tag! 'ds_trans_id', three_d_secure[:ds_transaction_id]
+          else
+            xml.tag! 'cavv', three_d_secure[:cavv]
+            xml.tag! 'xid', three_d_secure[:xid]
           end
+          xml.tag! 'eci', three_d_secure[:eci]
+          xml.tag! 'message_version', version
         end
       end
 

data/lib/active_merchant/billing/gateways/redsys.rb

@@ -193,28 +193,32 @@ module ActiveMerchant #:nodoc:
         requires!(options, :order_id)
 
         data = {}
-        add_action(data, :purchase)
+        add_action(data, :purchase, options)
         add_amount(data, money, options)
         add_order(data, options[:order_id])
         add_payment(data, payment)
+        add_threeds(data, options) if options[:execute_threed]
         data[:description] = options[:description]
         data[:store_in_vault] = options[:store]
+        data[:sca_exemption] = options[:sca_exemption]
 
-        commit data
+        commit data, options
       end
 
       def authorize(money, payment, options = {})
         requires!(options, :order_id)
 
         data = {}
-        add_action(data, :authorize)
+        add_action(data, :authorize, options)
         add_amount(data, money, options)
         add_order(data, options[:order_id])
         add_payment(data, payment)
+        add_threeds(data, options) if options[:execute_threed]
         data[:description] = options[:description]
         data[:store_in_vault] = options[:store]
+        data[:sca_exemption] = options[:sca_exemption]
 
-        commit data
+        commit data, options
       end
 
       def capture(money, authorization, options = {})
@@ -225,7 +229,7 @@ module ActiveMerchant #:nodoc:
         add_order(data, order_id)
         data[:description] = options[:description]
 
-        commit data
+        commit data, options
       end
 
       def void(authorization, options = {})
@@ -236,7 +240,7 @@ module ActiveMerchant #:nodoc:
         add_order(data, order_id)
         data[:description] = options[:description]
 
-        commit data
+        commit data, options
       end
 
       def refund(money, authorization, options = {})
@@ -247,7 +251,7 @@ module ActiveMerchant #:nodoc:
         add_order(data, order_id)
         data[:description] = options[:description]
 
-        commit data
+        commit data, options
       end
 
       def verify(creditcard, options = {})
@@ -278,8 +282,8 @@ module ActiveMerchant #:nodoc:
 
       private
 
-      def add_action(data, action)
-        data[:action] = transaction_code(action)
+      def add_action(data, action, options = {})
+        data[:action] = options[:execute_threed].present? ? '0' : transaction_code(action)
       end
 
       def add_amount(data, money, options)
@@ -295,6 +299,10 @@ module ActiveMerchant #:nodoc:
         test? ? test_url : live_url
       end
 
+      def threeds_url
+        test? ? 'https://sis-t.redsys.es:25443/sis/services/SerClsWSEntradaV2': 'https://sis.redsys.es/sis/services/SerClsWSEntradaV2'
+      end
+
       def add_payment(data, card)
         if card.is_a?(String)
           data[:credit_card_token] = card
@@ -311,21 +319,57 @@ module ActiveMerchant #:nodoc:
         end
       end
 
-      def commit(data)
-        parse(ssl_post(url, "entrada=#{CGI.escape(xml_request_from(data))}", headers))
+      def add_threeds(data, options)
+        if options[:execute_threed] == true
+          data[:threeds] = {threeDSInfo: 'CardData'}
+        end
+      end
+
+      def determine_3ds_action(threeds_hash)
+        return 'iniciaPeticion' if threeds_hash[:threeDSInfo] == 'CardData'
+        return 'trataPeticion' if threeds_hash[:threeDSInfo] == 'AuthenticationData' ||
+                                  threeds_hash[:threeDSInfo] == 'ChallengeResponse'
+      end
+
+      def commit(data, options = {})
+        if data[:threeds]
+          action = determine_3ds_action(data[:threeds])
+          request = <<-EOS
+            <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:apachesoap="http://xml.apache.org/xml-soap" xmlns:impl="http://webservice.sis.sermepa.es" xmlns:intf="http://webservice.sis.sermepa.es" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:wsdlsoap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" >
+            <soapenv:Header/>
+            <soapenv:Body>
+              <intf:#{action} xmlns:intf="http://webservice.sis.sermepa.es">
+                <intf:datoEntrada>
+                <![CDATA[#{xml_request_from(data, options)}]]>
+                </intf:datoEntrada>
+              </intf:#{action}>
+            </soapenv:Body>
+          </soapenv:Envelope>
+          EOS
+          parse(ssl_post(threeds_url, request, headers(action)), action)
+        else
+          parse(ssl_post(url, "entrada=#{CGI.escape(xml_request_from(data, options))}", headers), action)
+        end
       end
 
-      def headers
-        {
-          'Content-Type' => 'application/x-www-form-urlencoded'
-        }
+      def headers(action=nil)
+        if action
+          {
+            'Content-Type' => 'text/xml',
+            'SOAPAction'    => action
+          }
+        else
+          {
+            'Content-Type' => 'application/x-www-form-urlencoded'
+          }
+        end
       end
 
-      def xml_request_from(data)
+      def xml_request_from(data, options = {})
         if sha256_authentication?
-          build_sha256_xml_request(data)
+          build_sha256_xml_request(data, options)
         else
-          build_sha1_xml_request(data)
+          build_sha1_xml_request(data, options)
         end
       end
 
@@ -351,30 +395,30 @@ module ActiveMerchant #:nodoc:
         Digest::SHA1.hexdigest(str)
       end
 
-      def build_sha256_xml_request(data)
+      def build_sha256_xml_request(data, options = {})
         xml = Builder::XmlMarkup.new
         xml.instruct!
         xml.REQUEST do
-          build_merchant_data(xml, data)
+          build_merchant_data(xml, data, options)
           xml.DS_SIGNATUREVERSION 'HMAC_SHA256_V1'
-          xml.DS_SIGNATURE sign_request(merchant_data_xml(data), data[:order_id])
+          xml.DS_SIGNATURE sign_request(merchant_data_xml(data, options), data[:order_id])
         end
         xml.target!
       end
 
-      def build_sha1_xml_request(data)
+      def build_sha1_xml_request(data, options = {})
         xml = Builder::XmlMarkup.new :indent => 2
-        build_merchant_data(xml, data)
+        build_merchant_data(xml, data, options)
         xml.target!
       end
 
-      def merchant_data_xml(data)
+      def merchant_data_xml(data, options = {})
         xml = Builder::XmlMarkup.new
-        build_merchant_data(xml, data)
+        build_merchant_data(xml, data, options)
         xml.target!
       end
 
-      def build_merchant_data(xml, data)
+      def build_merchant_data(xml, data, options = {})
         xml.DATOSENTRADA do
           # Basic elements
           xml.DS_Version 0.1
@@ -383,9 +427,10 @@ module ActiveMerchant #:nodoc:
           xml.DS_MERCHANT_ORDER              data[:order_id]
           xml.DS_MERCHANT_TRANSACTIONTYPE    data[:action]
           xml.DS_MERCHANT_PRODUCTDESCRIPTION data[:description]
-          xml.DS_MERCHANT_TERMINAL           @options[:terminal]
+          xml.DS_MERCHANT_TERMINAL           options[:terminal] || @options[:terminal]
           xml.DS_MERCHANT_MERCHANTCODE       @options[:login]
           xml.DS_MERCHANT_MERCHANTSIGNATURE  build_signature(data) unless sha256_authentication?
+          xml.DS_MERCHANT_EXCEP_SCA          data[:sca_exemption] if data[:sca_exemption]
 
           # Only when card is present
           if data[:card]
@@ -398,22 +443,42 @@ module ActiveMerchant #:nodoc:
             xml.DS_MERCHANT_IDENTIFIER data[:credit_card_token]
             xml.DS_MERCHANT_DIRECTPAYMENT 'true'
           end
+
+          # Set moto flag only if explicitly requested via moto field
+          # Requires account configuration to be able to use
+          if options.dig(:moto) && options.dig(:metadata, :manual_entry)
+            xml.DS_MERCHANT_DIRECTPAYMENT 'moto'
+          end
+
+          if data[:threeds]
+            xml.DS_MERCHANT_EMV3DS data[:threeds].to_json
+          end
         end
       end
 
-      def parse(data)
+      def parse(data, action)
         params  = {}
         success = false
         message = ''
         options = @options.merge(:test => test?)
         xml     = Nokogiri::XML(data)
         code    = xml.xpath('//RETORNOXML/CODIGO').text
-        if code == '0'
+
+        if ['iniciaPeticion', 'trataPeticion'].include?(action)
+          vxml = Nokogiri::XML(data).remove_namespaces!.xpath("//Envelope/Body/#{action}Response/#{action}Return").inner_text
+          xml = Nokogiri::XML(vxml)
+          node = (action == 'iniciaPeticion' ? 'INFOTARJETA' : 'OPERACION')
+          op = xml.xpath("//RETORNOXML/#{node}")
+          op.children.each do |element|
+            params[element.name.downcase.to_sym] = element.text
+          end
+          message = response_text_3ds(xml, params)
+          success = params.size > 0 && is_success_response?(params[:ds_response])
+        elsif code == '0'
           op = xml.xpath('//RETORNOXML/OPERACION')
           op.children.each do |element|
             params[element.name.downcase.to_sym] = element.text
           end
-
           if validate_signature(params)
             message = response_text(params[:ds_response])
             options[:authorization] = build_authorization(params)
@@ -474,6 +539,20 @@ module ActiveMerchant #:nodoc:
         RESPONSE_TEXTS[code] || 'Unkown code, please check in manual'
       end
 
+      def response_text_3ds(xml, params)
+        code = xml.xpath('//RETORNOXML/CODIGO').text
+        message = ''
+        if code != '0'
+          message = "#{code} ERROR"
+        elsif params[:ds_emv3ds]
+          three_ds_data = JSON.parse(params[:ds_emv3ds])
+          message = three_ds_data['threeDSInfo']
+        elsif params[:ds_response]
+          message = response_text(params[:ds_response])
+        end
+        message
+      end
+
       def is_success_response?(code)
         (code.to_i < 100) || [400, 481, 500, 900].include?(code.to_i)
       end
@@ -523,6 +602,10 @@ module ActiveMerchant #:nodoc:
           xml_signed_fields += data[:ds_cardnumber]
         end
 
+        if data[:ds_emv3ds]
+          xml_signed_fields += data[:ds_emv3ds]
+        end
+
         xml_signed_fields + data[:ds_transactiontype] + data[:ds_securepayment]
       end
 

data/lib/active_merchant/billing/gateways/spreedly_core.rb

@@ -35,19 +35,13 @@ module ActiveMerchant #:nodoc:
       # Public: Run a purchase transaction.
       #
       # money          - The monetary amount of the transaction in cents.
-      # payment_method - The CreditCard or the Spreedly payment method token.
+      # payment_method - The CreditCard or Check or the Spreedly payment method token.
       # options        - A hash of options:
       #                  :store - Retain the payment method if the purchase
       #                           succeeds.  Defaults to false.  (optional)
       def purchase(money, payment_method, options = {})
-        if payment_method.is_a?(String)
-          purchase_with_token(money, payment_method, options)
-        else
-          MultiResponse.run do |r|
-            r.process { save_card(options[:store], payment_method, options) }
-            r.process { purchase_with_token(money, r.authorization, options) }
-          end
-        end
+        request = build_transaction_request(money, payment_method, options)
+        commit("gateways/#{options[:gateway_token] || @options[:gateway_token]}/purchase.xml", request)
       end
 
       # Public: Run an authorize transaction.
@@ -58,14 +52,8 @@ module ActiveMerchant #:nodoc:
       #                  :store - Retain the payment method if the authorize
       #                           succeeds.  Defaults to false.  (optional)
       def authorize(money, payment_method, options = {})
-        if payment_method.is_a?(String)
-          authorize_with_token(money, payment_method, options)
-        else
-          MultiResponse.run do |r|
-            r.process { save_card(options[:store], payment_method, options) }
-            r.process { authorize_with_token(money, r.authorization, options) }
-          end
-        end
+        request = build_transaction_request(money, payment_method, options)
+        commit("gateways/#{@options[:gateway_token]}/authorize.xml", request)
       end
 
       def capture(money, authorization, options={})
@@ -79,6 +67,7 @@ module ActiveMerchant #:nodoc:
       def refund(money, authorization, options={})
         request = build_xml_request('transaction') do |doc|
           add_invoice(doc, money, options)
+          add_extra_options(:gateway_specific_fields, doc, options)
         end
 
         commit("transactions/#{authorization}/credit.xml", request)
@@ -155,32 +144,25 @@ module ActiveMerchant #:nodoc:
       end
 
       def purchase_with_token(money, payment_method_token, options)
-        request = auth_purchase_request(money, payment_method_token, options)
+        request = build_transaction_request(money, payment_method_token, options)
         commit("gateways/#{options[:gateway_token] || @options[:gateway_token]}/purchase.xml", request)
       end
 
       def authorize_with_token(money, payment_method_token, options)
-        request = auth_purchase_request(money, payment_method_token, options)
+        request = build_transaction_request(money, payment_method_token, options)
         commit("gateways/#{@options[:gateway_token]}/authorize.xml", request)
       end
 
       def verify_with_token(payment_method_token, options)
-        request = build_xml_request('transaction') do |doc|
-          add_invoice(doc, nil, options)
-          doc.payment_method_token(payment_method_token)
-          doc.retain_on_success(true) if options[:store]
-          add_extra_options(:gateway_specific_fields, doc, options)
-        end
-
+        request = build_transaction_request(nil, payment_method_token, options)
         commit("gateways/#{@options[:gateway_token]}/verify.xml", request)
       end
 
-      def auth_purchase_request(money, payment_method_token, options)
+      def build_transaction_request(money, payment_method, options)
         build_xml_request('transaction') do |doc|
           add_invoice(doc, money, options)
+          add_payment_method(doc, payment_method, options)
           add_extra_options(:gateway_specific_fields, doc, options)
-          doc.payment_method_token(payment_method_token)
-          doc.retain_on_success(true) if options[:store]
         end
       end
 
@@ -190,6 +172,27 @@ module ActiveMerchant #:nodoc:
         doc.order_id(options[:order_id])
         doc.ip(options[:ip]) if options[:ip]
         doc.description(options[:description]) if options[:description]
+
+        if options[:merchant_name_descriptor]
+          doc.merchant_name_descriptor(options[:merchant_name_descriptor])
+        end
+        if options[:merchant_location_descriptor]
+          doc.merchant_location_descriptor(options[:merchant_location_descriptor])
+        end
+      end
+
+      def add_payment_method(doc, payment_method, options)
+        doc.retain_on_success(true) if options[:store]
+
+        if payment_method.is_a?(String)
+          doc.payment_method_token(payment_method)
+        elsif payment_method.is_a?(CreditCard)
+          add_credit_card(doc, payment_method, options)
+        elsif payment_method.is_a?(Check)
+          add_bank_account(doc, payment_method, options)
+        else
+          raise TypeError, 'Payment method not supported'
+        end
       end
 
       def add_credit_card(doc, credit_card, options)
@@ -210,6 +213,17 @@ module ActiveMerchant #:nodoc:
         end
       end
 
+      def add_bank_account(doc, bank_account, options)
+        doc.bank_account do
+          doc.first_name(bank_account.first_name)
+          doc.last_name(bank_account.last_name)
+          doc.bank_routing_number(bank_account.routing_number)
+          doc.bank_account_number(bank_account.account_number)
+          doc.bank_account_type(bank_account.account_type)
+          doc.bank_account_holder_type(bank_account.account_holder_type)
+        end
+      end
+
       def add_extra_options(type, doc, options)
         doc.send(type) do
           extra_options_to_doc(doc, options[type])